hyung-hwan/hodu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allowed to bypass authentication for a specific endpoint to be accessed from ssh client

Browse Source
This commit is contained in:
hyung-hwan 2025-02-14 12:45:54 +09:00
parent 3dc5d9c91e
commit d5108e9859
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server-ctl.go
View File

@ -46,6 +46,7 @@ type json_out_server_stats struct {
type server_ctl struct { type server_ctl struct {
s *Server s *Server
id string id string
noauth bool // override the auth configuration if true
} }
type server_ctl_token struct { type server_ctl_token struct {
@ -83,7 +84,7 @@ func (ctl *server_ctl) Cors(req *http.Request) bool {
} }
func (ctl *server_ctl) Authenticate(req *http.Request) (int, string) { func (ctl *server_ctl) Authenticate(req *http.Request) (int, string) {
if ctl.s.cfg.CtlAuth == nil { return http.StatusOK, "" } if ctl.noauth || ctl.s.cfg.CtlAuth == nil { return http.StatusOK, "" }
return ctl.s.cfg.CtlAuth.Authenticate(req) return ctl.s.cfg.CtlAuth.Authenticate(req)
} }

6
server.go
View File

@ -1104,7 +1104,7 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
s.pxy_mux.Handle("/_ssh-ws/{conn_id}/{route_id}", s.pxy_mux.Handle("/_ssh-ws/{conn_id}/{route_id}",
websocket.Handler(func(ws *websocket.Conn) { s.pxy_ws.ServeWebsocket(ws) })) websocket.Handler(func(ws *websocket.Conn) { s.pxy_ws.ServeWebsocket(ws) }))
s.pxy_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}", s.pxy_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}",
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_PXY}})) s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_PXY, noauth: true}}))
s.pxy_mux.Handle("/_ssh/{conn_id}/", s.pxy_mux.Handle("/_ssh/{conn_id}/",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_redirect"})) s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_redirect"}))
s.pxy_mux.Handle("/_ssh/{conn_id}/{route_id}/", s.pxy_mux.Handle("/_ssh/{conn_id}/{route_id}/",
@ -1119,6 +1119,8 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"})) s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/favicon.ico", s.pxy_mux.Handle("/favicon.ico",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"})) s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/favicon.ico/",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, file: "_forbidden"}))
s.pxy_mux.Handle("/_http/{conn_id}/{route_id}/{trailer...}", s.pxy_mux.Handle("/_http/{conn_id}/{route_id}/{trailer...}",
s.wrap_http_handler(&server_proxy_http_main{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, prefix: "/_http"})) s.wrap_http_handler(&server_proxy_http_main{server_proxy: server_proxy{s: &s, id: HS_ID_PXY}, prefix: "/_http"}))
@ -1145,7 +1147,7 @@ func NewServer(ctx context.Context, name string, logger Logger, cfg *ServerConfi
websocket.Handler(func(ws *websocket.Conn) { s.wpx_ws.ServeWebsocket(ws) })) websocket.Handler(func(ws *websocket.Conn) { s.wpx_ws.ServeWebsocket(ws) }))
s.wpx_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}", s.wpx_mux.Handle("/_ssh/server-conns/{conn_id}/routes/{route_id}",
s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_WPX}})) s.wrap_http_handler(&server_ctl_server_conns_id_routes_id{server_ctl{s: &s, id: HS_ID_WPX, noauth: true}}))
s.wpx_mux.Handle("/_ssh/xterm.js", s.wpx_mux.Handle("/_ssh/xterm.js",
s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_WPX}, file: "xterm.js"})) s.wrap_http_handler(&server_proxy_xterm_file{server_proxy: server_proxy{s: &s, id: HS_ID_WPX}, file: "xterm.js"}))
s.wpx_mux.Handle("/_ssh/xterm-addon-fit.js", s.wpx_mux.Handle("/_ssh/xterm-addon-fit.js",