diff --git a/server/src/uds/dispatchers/guacamole/views.py b/server/src/uds/dispatchers/guacamole/views.py index ca21d903..4048c1d9 100644 --- a/server/src/uds/dispatchers/guacamole/views.py +++ b/server/src/uds/dispatchers/guacamole/views.py @@ -104,7 +104,6 @@ def guacamole(request: ExtendedHttpRequestWithUser, tunnelId: str) -> HttpRespon return HttpResponse(response, content_type=CONTENT_TYPE) -@auth.trustedSourceRequired def guacamole_authenticated(request: ExtendedHttpRequestWithUser, token: str, tunnelId: str) -> HttpResponse: if not TunnelToken.validateToken(token): logger.error('Invalid token %s from %s', token, request.ip) diff --git a/server/src/uds/transports/HTML5RDP/html5rdp.py b/server/src/uds/transports/HTML5RDP/html5rdp.py index cb91357f..6dfa4047 100644 --- a/server/src/uds/transports/HTML5RDP/html5rdp.py +++ b/server/src/uds/transports/HTML5RDP/html5rdp.py @@ -240,6 +240,15 @@ class HTML5RDPTransport(transports.Transport): defvalue='any', tab=gui.PARAMETERS_TAB, ) + rdpPort = gui.NumericField( + order=29, + length=5, # That is, max allowed value is 65535 + label=_('RDP Port'), + tooltip=_('Use this port as RDP port. Defaults to 3389.'), + tab=gui.PARAMETERS_TAB, + required=True, #: Numeric fields have always a value, so this not really needed + defvalue='3389', + ) ticketValidity = gui.NumericField( length=3, @@ -314,7 +323,7 @@ class HTML5RDPTransport(transports.Transport): ready = self.cache.get(ip) if not ready: # Check again for readyness - if self.testServer(userService, ip, '3389') is True: + if self.testServer(userService, ip, self.rdpPort.num()) is True: self.cache.put(ip, 'Y', READY_CACHE_TIMEOUT) return True self.cache.put(ip, 'N', READY_CACHE_TIMEOUT) @@ -397,6 +406,7 @@ class HTML5RDPTransport(transports.Transport): params = { 'protocol': 'rdp', 'hostname': ip, + 'port': self.rdpPort.num(), 'username': username, 'password': passwordCrypted, 'resize-method': 'display-update', diff --git a/server/src/uds/transports/RDP/rdp.py b/server/src/uds/transports/RDP/rdp.py index df128731..65aff7f9 100644 --- a/server/src/uds/transports/RDP/rdp.py +++ b/server/src/uds/transports/RDP/rdp.py @@ -77,6 +77,7 @@ class RDPTransport(BaseRDPTransport): smooth = BaseRDPTransport.smooth showConnectionBar = BaseRDPTransport.showConnectionBar credssp = BaseRDPTransport.credssp + rdpPort = BaseRDPTransport.rdpPort screenSize = BaseRDPTransport.screenSize colorDepth = BaseRDPTransport.colorDepth @@ -115,7 +116,7 @@ class RDPTransport(BaseRDPTransport): r = RDPFile(width == '-1' or height == '-1', width, height, depth, target=os['OS']) r.enablecredsspsupport = ci.get('sso') == 'True' or self.credssp.isTrue() - r.address = '{}:{}'.format(ip, 3389) + r.address = '{}:{}'.format(ip, self.rdpPort.value) r.username = username r.password = password r.domain = domain @@ -154,7 +155,7 @@ class RDPTransport(BaseRDPTransport): 'password': password, 'this_server': request.build_absolute_uri('/'), 'ip': ip, - 'port': '3389', + 'port': self.rdpPort.value, # As string, because we need to use it in the template 'address': r.address, } diff --git a/server/src/uds/transports/RDP/rdp_base.py b/server/src/uds/transports/RDP/rdp_base.py index f6b3925a..72a24643 100644 --- a/server/src/uds/transports/RDP/rdp_base.py +++ b/server/src/uds/transports/RDP/rdp_base.py @@ -39,7 +39,7 @@ from uds.core.ui import gui from uds.core import transports from uds.models import UserService -# TODO: do this +# TODO: implement this finally? def createADUser(): try: from . import AD # type: ignore @@ -167,6 +167,15 @@ class BaseRDPTransport(transports.Transport): tab=gui.PARAMETERS_TAB, defvalue=gui.TRUE, ) + rdpPort = gui.NumericField(order = 29, + length = 5, # That is, max allowed value is 65535 + label=_('RDP Port'), + tooltip=_('Use this port as RDP port. Defaults to 3389.'), + tab=gui.PARAMETERS_TAB, + required = True, #: Numeric fields have always a value, so this not really needed + defvalue = '3389', + ) + screenSize = gui.ChoiceField( label=_('Screen Size'), @@ -315,7 +324,7 @@ class BaseRDPTransport(transports.Transport): ready = self.cache.get(ip) if ready is None: # Check again for ready - if self.testServer(userService, ip, '3389') is True: + if self.testServer(userService, ip, self.rdpPort.num()) is True: self.cache.put(ip, 'Y', READY_CACHE_TIMEOUT) return True else: diff --git a/server/src/uds/transports/RDP/rdptunnel.py b/server/src/uds/transports/RDP/rdptunnel.py index a0801783..9264cb3b 100644 --- a/server/src/uds/transports/RDP/rdptunnel.py +++ b/server/src/uds/transports/RDP/rdptunnel.py @@ -115,6 +115,7 @@ class TRDPTransport(BaseRDPTransport): smooth = BaseRDPTransport.smooth showConnectionBar = BaseRDPTransport.showConnectionBar credssp = BaseRDPTransport.credssp + rdpPort = BaseRDPTransport.rdpPort screenSize = BaseRDPTransport.screenSize colorDepth = BaseRDPTransport.colorDepth @@ -160,7 +161,7 @@ class TRDPTransport(BaseRDPTransport): ticket = TicketStore.create_for_tunnel( userService=userService, - port=3389, + port=self.rdpPort.num(), validity=self.tunnelWait.num() + 60, # Ticket overtime ) diff --git a/tunnel-server/src/uds_tunnel/consts.py b/tunnel-server/src/uds_tunnel/consts.py index a3591689..218b6df5 100644 --- a/tunnel-server/src/uds_tunnel/consts.py +++ b/tunnel-server/src/uds_tunnel/consts.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright (c) 2020 Virtual Cable S.L.U. +# Copyright (c) 2021 Virtual Cable S.L.U. # All rights reserved. # # Redistribution and use in source and binary forms, with or without modification, @@ -43,7 +43,7 @@ BUFFER_SIZE = 1024 * 16 HANDSHAKE_V1 = b'\x5AMGB\xA5\x01\x00' # Ticket length TICKET_LENGTH = 48 -# Admin password length, (size of an hex sha256) +# Max Admin password length (stats basically right now) PASSWORD_LENGTH = 64 # Bandwidth calc time lapse BANDWIDTH_TIME = 10