zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

close socket if SSID is not valid

Browse Source
This commit is contained in:
zefie
2024-05-04 12:39:25 -04:00
parent ae93620b7a
commit 95bd52d673
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
zefie_wtvp_minisrv/app.js
View File

@@ -1471,6 +1471,11 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (!headers) return; if (!headers) return;
if (headers["wtv-client-serial-number"] != null && socket.ssid == null) { if (headers["wtv-client-serial-number"] != null && socket.ssid == null) {
if (!wtvshared.checkSSID(headers["wtv-client-serial-number"])) {
// close socket for invalid ssid
cleanupSocket(socket)
return;
}
socket.ssid = wtvshared.makeSafeSSID(headers["wtv-client-serial-number"]); socket.ssid = wtvshared.makeSafeSSID(headers["wtv-client-serial-number"]);
if (socket.ssid != null) { if (socket.ssid != null) {
if (!ssid_sessions[socket.ssid]) { if (!ssid_sessions[socket.ssid]) {

7
zefie_wtvp_minisrv/includes/classes/WTVShared.js
View File

@@ -69,6 +69,13 @@ class WTVShared {
return crc.toString(16).padStart(2, '0'); return crc.toString(16).padStart(2, '0');
} }
// check if the SSID has a valid checksum
checkSSID(ssid) {
if (ssid.slice(-2) == this.getSSIDCRC(ssid))
return true;
return false;
}
parseConfigVars(s) { parseConfigVars(s) {
if (s.indexOf("%ServiceDeps%") >= 0) { if (s.indexOf("%ServiceDeps%") >= 0) {