hyung-hwan/hodu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allowed to bypass authentication for a specific endpoint to be accessed from ssh client

Browse Source
This commit is contained in:
hyung-hwan 2025-02-14 12:45:54 +09:00
parent 3dc5d9c91e
commit d5108e9859
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server-ctl.go
View File

@ -46,6 +46,7 @@ type json_out_server_stats struct {
type server_ctl struct {
s *Server
id string
noauth bool // override the auth configuration if true
}
type server_ctl_token struct {
@ -83,7 +84,7 @@ func (ctl *server_ctl) Cors(req *http.Request) bool {
}
func (ctl *server_ctl) Authenticate(req *http.Request) (int, string) {
if ctl.s.cfg.CtlAuth == nil { return http.StatusOK, "" }
if ctl.noauth || ctl.s.cfg.CtlAuth == nil { return http.StatusOK, "" }
return ctl.s.cfg.CtlAuth.Authenticate(req)
}

6
server.go
View File

@ -1104,7 +1104,7 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
s.pxy_mux.Handle("/_ssh-ws/{conn_id}/{route_id}",
websocket.Handler(func(ws *websocket.Conn) { s.pxy_ws.ServeWebsocket(ws) }))
s.pxy_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}",
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_PXY}}))
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_PXY, noauth: true}}))
s.pxy_mux.Handle("/_ssh/{conn_id}/",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_redirect"}))
s.pxy_mux.Handle("/_ssh/{conn_id}/{route_id}/",
@ -1119,6 +1119,8 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/favicon.ico",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/favicon.ico/",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/_http/{conn_id}/{route_id}/{trailer...}",
s.wrap_http_handler(&server_proxy_http_main{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, prefix: "/_http"}))
@ -1145,7 +1147,7 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
websocket.Handler(func(ws *websocket.Conn) { s.wpx_ws.ServeWebsocket(ws) }))
s.wpx_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}",
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_WPX}}))
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_WPX, noauth: true}}))
s.wpx_mux.Handle("/_ssh/xterm.js",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_WPX}, file: "xterm.js"}))
s.wpx_mux.Handle("/_ssh/xterm-addon-fit.js",