diff --git a/README.md b/README.md index 191f4c5..0c1c745 100644 --- a/README.md +++ b/README.md @@ -88,9 +88,26 @@ docker run --name webssh2 -d -p 2222:2222 -v `pwd`/app/config.json:/usr/src/conf ## POST request vars (in main branch for testing) * **username** - _string_ - username to log into ssh with + * **userpassword** _string_ password to log into ssh with -TODO: Add the vars from the GET requests below as well. +* **port=** - _integer_ - port of SSH server (defaults to 22) + +* **header=** - _string_ - optional header to display on page + +* **headerBackground=** - _string_ - optional background color of header to display on page + +* **sshterm=** - _string_ - optional specify terminal emulation to use, defaults to `ssh.term` in `config.json` or `vt100` if that is null + +* **readyTimeout=** - _integer_ - How long (in milliseconds) to wait for the SSH handshake to complete. **Default:** 20000. **Enforced Values:** Min: 1, Max: 300000 + +* **cursorBlink** - _boolean_ - Cursor blinks (true), does not (false) **Default:** true. + +* **scrollback** - _integer_ - Lines in the scrollback buffer. **Default:** 10000. **Enforced Values:** Min: 1, Max: 200000 + +* **tabStopWidth** - _integer_ - Tab stops at _n_ characters **Default:** 8. **Enforced Values:** Min: 1, Max: 100 + +* **bellStyle** - _string_ - Style of terminal bell: ("sound"|"none"). **Default:** "sound". **Enforced Values:** "sound", "none" ## GET request vars @@ -98,10 +115,10 @@ TODO: Add the vars from the GET requests below as well. * **header=** - _string_ - optional header to display on page -* **sshterm=** - _string_ - optional specify terminal emulation to use, defaults to `ssh.term` in `config.json` or `vt100` if that is null - * **headerBackground=** - _string_ - optional background color of header to display on page +* **sshterm=** - _string_ - optional specify terminal emulation to use, defaults to `ssh.term` in `config.json` or `vt100` if that is null + * **readyTimeout=** - _integer_ - How long (in milliseconds) to wait for the SSH handshake to complete. **Default:** 20000. **Enforced Values:** Min: 1, Max: 300000 * **cursorBlink** - _boolean_ - Cursor blinks (true), does not (false) **Default:** true. diff --git a/app/server/routes.js b/app/server/routes.js index 392cd0c..c7bf2da 100644 --- a/app/server/routes.js +++ b/app/server/routes.js @@ -8,6 +8,7 @@ const nodeRoot = path.dirname(require.main.filename); const publicPath = path.join(nodeRoot, 'client', 'public'); const { parseBool } = require('./util'); const config = require('./config'); +const { query } = require('express'); exports.reauth = function reauth(req, res) { let { referer } = req.headers; @@ -27,50 +28,97 @@ exports.reauth = function reauth(req, res) { exports.connect = function connect(req, res) { res.sendFile(path.join(path.join(publicPath, 'client.htm'))); - if (req.method === 'POST' && req.body.username && req.body.userpassword) { - req.session.username = req.body.username; - req.session.userpassword = req.body.userpassword; - } + let { host, port } = config.ssh; + let { text: header, background: headerBackground } = config.header; + let { term: sshterm, readyTimeout } = config.ssh; + let { cursorBlink, scrollback, tabStopWidth, bellStyle } = config.terminal; // capture, assign, and validate variables + + if (req.params?.host) { + if ( + validator.isIP(`${req.params.host}`) || + validator.isFQDN(req.params.host) || + /^(([a-z]|[A-Z]|\d|[!^(){}\-_~])+)?\w$/.test(req.params.host) + ) { + host = req.params.host; + } + } + + if (req.method === 'POST' && req.body?.username && req.body?.userpassword) { + req.session.username = req.body.username; + req.session.userpassword = req.body.userpassword; + + if (req.body?.port && validator.isInt(`${req.body.port}`, { min: 1, max: 65535 })) + port = req.body.port; + if (req.body?.header) header = req.body.header; + if (req.body?.headerBackground) { + headerBackground = req.body.headerBackground; + console.log(`background: ${req.body.headerBackground}`); + }; + if (req.body?.sshterm && /^(([a-z]|[A-Z]|\d|[!^(){}\-_~])+)?\w$/.test(req.body.sshterm)) + sshterm = req.body.sshterm; + if (req.body?.cursorBlink && validator.isBoolean(`${req.body.cursorBlink}`)) cursorBlink = parseBool(req.body.cursorBlink); + if (req.body?.scrollback && validator.isInt(`${req.body.scrollback}`, { min: 1, max: 200000 })) + scrollback = req.body.scrollback; if (req.body?.tabStopWidth) tabStopWidth = req.body.tabStopWidth; + if (req.body?.tabStopWidth && validator.isInt(`${req.body.tabStopWidth}`, { min: 1, max: 100 })) + tabStopWidth = req.body.tabStopWidth; + if (req.body?.bellStyle && ['sound', 'none'].indexOf(req.body.bellStyle) > -1) + bellStyle = req.body.bellStyle; + if ( + req.body?.readyTimeout && + validator.isInt(`${req.body.readyTimeout}`, { min: 1, max: 300000 }) + ) + readyTimeout = req.body.readyTimeout; + } + + if (req.method === 'GET') { + if (req.query?.port && validator.isInt(`${req.query.port}`, { min: 1, max: 65535 })) + port = req.query.port; + if (req.query?.header) header = req.query.header; + if (req.query?.headerBackground) headerBackground = req.query.headerBackground; + if (req.query?.sshterm && /^(([a-z]|[A-Z]|\d|[!^(){}\-_~])+)?\w$/.test(req.query.sshterm)) + sshterm = req.query.sshterm; + if (req.query?.cursorBlink && validator.isBoolean(`${req.query.cursorBlink}`)) + cursorBlink = parseBool(req.query.cursorBlink); + if ( + req.query?.scrollback && + validator.isInt(`${req.query.scrollback}`, { min: 1, max: 200000 }) + ) + scrollback = req.query.scrollback; + if ( + req.query?.tabStopWidth && + validator.isInt(`${req.query.tabStopWidth}`, { min: 1, max: 100 }) + ) + tabStopWidth = req.query.tabStopWidth; + if (req.query?.bellStyle && ['sound', 'none'].indexOf(req.query.bellStyle) > -1) + bellStyle = req.query.bellStyle; + if ( + req.query?.readyTimeout && + validator.isInt(`${req.query.readyTimeout}`, { min: 1, max: 300000 }) + ) + readyTimeout = req.query.readyTimeout; + } + req.session.ssh = { - host: - config.ssh.host || - (validator.isIP(`${req.params.host}`) && req.params.host) || - (validator.isFQDN(req.params.host) && req.params.host) || - (/^(([a-z]|[A-Z]|\d|[!^(){}\-_~])+)?\w$/.test(req.params.host) && req.params.host), - port: - (validator.isInt(`${req.query.port}`, { min: 1, max: 65535 }) && req.query.port) || - config.ssh.port, + host, + port, localAddress: config.ssh.localAddress, localPort: config.ssh.localPort, header: { - name: req.query.header || config.header.text, - background: req.query.headerBackground || config.header.background, + name: header, + background: headerBackground, }, algorithms: config.algorithms, keepaliveInterval: config.ssh.keepaliveInterval, keepaliveCountMax: config.ssh.keepaliveCountMax, allowedSubnets: config.ssh.allowedSubnets, - term: - (/^(([a-z]|[A-Z]|\d|[!^(){}\-_~])+)?\w$/.test(req.query.sshterm) && req.query.sshterm) || - config.ssh.term, + term: sshterm, terminal: { - cursorBlink: validator.isBoolean(`${req.query.cursorBlink}`) - ? parseBool(req.query.cursorBlink) - : config.terminal.cursorBlink, - scrollback: - validator.isInt(`${req.query.scrollback}`, { min: 1, max: 200000 }) && req.query.scrollback - ? req.query.scrollback - : config.terminal.scrollback, - tabStopWidth: - validator.isInt(`${req.query.tabStopWidth}`, { min: 1, max: 100 }) && req.query.tabStopWidth - ? req.query.tabStopWidth - : config.terminal.tabStopWidth, - bellStyle: - req.query.bellStyle && ['sound', 'none'].indexOf(req.query.bellStyle) > -1 - ? req.query.bellStyle - : config.terminal.bellStyle, + cursorBlink, + scrollback, + tabStopWidth, + bellStyle, }, allowreplay: config.options.challengeButton || @@ -86,10 +134,7 @@ exports.connect = function connect(req, res) { client: config.serverlog.client || false, server: config.serverlog.server || false, }, - readyTimeout: - (validator.isInt(`${req.query.readyTimeout}`, { min: 1, max: 300000 }) && - req.query.readyTimeout) || - config.ssh.readyTimeout, + readyTimeout, }; if (req.session.ssh.header.name) validator.escape(req.session.ssh.header.name); if (req.session.ssh.header.background) validator.escape(req.session.ssh.header.background);