mirror of
https://github.com/kasmtech/KasmVNC.git
synced 2024-11-25 17:44:01 +01:00
Merge branch 'feature/KASM-2665_bad_pw_403' into 'master'
Return 403 for too large Auth headers (attack) Closes KASM-2665 See merge request kasm-technologies/internal/KasmVNC!44
This commit is contained in:
commit
330eb47142
@ -948,6 +948,16 @@ notfound:
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void send403(ws_ctx_t *ws_ctx) {
|
||||
const char response[] = "HTTP/1.1 403 Forbidden\r\n"
|
||||
"Server: KasmVNC/4.0\r\n"
|
||||
"Connection: close\r\n"
|
||||
"Content-type: text/plain\r\n"
|
||||
"\r\n"
|
||||
"403 Forbidden";
|
||||
ws_send(ws_ctx, response, strlen(response));
|
||||
}
|
||||
|
||||
static uint8_t ownerapi_post(ws_ctx_t *ws_ctx, const char *in) {
|
||||
char buf[4096], path[4096];
|
||||
uint8_t ret = 0; // 0 = continue checking
|
||||
@ -1622,8 +1632,9 @@ ws_ctx_t *do_handshake(int sock, char * const ip) {
|
||||
hdr += sizeof("Authorization: Basic ") - 1;
|
||||
const char *end = strchr(hdr, '\r');
|
||||
if (!end || end - hdr > 256) {
|
||||
handler_emsg("Client sent invalid BasicAuth, dropping connection\n");
|
||||
handler_emsg("Client sent invalid BasicAuth, 403 forbidden\n");
|
||||
bl_addFailure(ip);
|
||||
send403(ws_ctx);
|
||||
free_ws_ctx(ws_ctx);
|
||||
return NULL;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user