zydronium/rdpgw
1
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2025-08-25 09:33:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

Make sure to validate the client's ip address

Browse source
This commit is contained in:
Bolke de Bruin 2020-07-25 21:00:58 +02:00
parent 5fc75ef877
commit 0b299619ff
6 changed files with 70 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

10
protocol/rdpgw.go
View file

@ -2,6 +2,7 @@ package protocol
import (
"context"
"github.com/bolkedebruin/rdpgw/client"
"github.com/bolkedebruin/rdpgw/transport"
"github.com/gorilla/websocket"
"github.com/patrickmn/go-cache"
@ -48,9 +49,8 @@ type SessionInfo struct {
ConnId string
TransportIn transport.Transport
TransportOut transport.Transport
RemoteAddress string
ProxyAddress string
RemoteServer string
ClientIp string
}
var upgrader = websocket.Upgrader{}
@ -118,7 +118,7 @@ func (g *Gateway) handleLegacyProtocol(w http.ResponseWriter, r *http.Request, s
log.Printf("cannot hijack connection to support RDG OUT data channel: %s", err)
return
}
log.Printf("Opening RDGOUT for client %s", out.Conn.RemoteAddr().String())
log.Printf("Opening RDGOUT for client %s", client.GetClientIp(r.Context()))
s.TransportOut = out
out.SendAccept(true)
@ -139,13 +139,13 @@ func (g *Gateway) handleLegacyProtocol(w http.ResponseWriter, r *http.Request, s
s.TransportIn = in
c.Set(s.ConnId, s, cache.DefaultExpiration)
log.Printf("Opening RDGIN for client %s", in.Conn.RemoteAddr().String())
log.Printf("Opening RDGIN for client %s", client.GetClientIp(r.Context()))
in.SendAccept(false)
// read some initial data
in.Drain()
log.Printf("Legacy handshake done for client %s", in.Conn.RemoteAddr().String())
log.Printf("Legacy handshake done for client %s", client.GetClientIp(r.Context()))
handler := NewHandler(s, g.HandlerConf)
handler.Process(r.Context())
}