bbs/clrghouz
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Only auth AKAs in the same domain as us

Browse Source
This commit is contained in:
Deon George 2024-05-18 12:26:00 +10:00
parent 59ec5f5a0c
commit 46f52dd56d
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Classes/Protocol/Binkp.php
View File

@ -696,8 +696,13 @@ final class Binkp extends BaseProtocol
$this->node->ftn_other = $rem_aka; $this->node->ftn_other = $rem_aka;
continue; continue;
// If we only present limited AKAs dont validate password against akas outside of the domains we present
} elseif (is_null(our_address($o))) {
Log::alert(sprintf('%s:/ AKA domain [%s] is not in our domain(s) [%s] - ignoring',self::LOGKEY,$o->zone->domain->name,our_address()->pluck('zone.domain.name')->unique()->join(',')));
continue;
} elseif (! $o->active) { } elseif (! $o->active) {
Log::alert(sprintf('%s:/ AKA is not active [%s], ignoring',self::LOGKEY,$rem_aka)); Log::alert(sprintf('%s:/ AKA is not active [%s] - ignoring',self::LOGKEY,$rem_aka));
continue; continue;
} else { } else {
@ -705,7 +710,7 @@ final class Binkp extends BaseProtocol
} }
} catch (InvalidFTNException $e) { } catch (InvalidFTNException $e) {
Log::error(sprintf('%s:! AKA is INVALID [%s] (%s), ignoring',self::LOGKEY,$rem_aka,$e->getMessage())); Log::error(sprintf('%s:! AKA is INVALID [%s] (%s) - ignoring',self::LOGKEY,$rem_aka,$e->getMessage()));
continue; continue;

14
app/Classes/Protocol/EMSI.php
View File

@ -319,11 +319,23 @@ final class EMSI extends BaseProtocol implements CRCInterface,ZmodemInterface
Log::debug(sprintf('%s: - Parsing AKA [%s]',self::LOGKEY,$rem_aka)); Log::debug(sprintf('%s: - Parsing AKA [%s]',self::LOGKEY,$rem_aka));
try { try {
if (! ($o = Address::findFTN($rem_aka))) { if (! ($o = Address::findFTN($rem_aka,TRUE))) {
Log::debug(sprintf('%s: ? AKA is UNKNOWN [%s]',self::LOGKEY,$rem_aka)); Log::debug(sprintf('%s: ? AKA is UNKNOWN [%s]',self::LOGKEY,$rem_aka));
$this->node->ftn_other = $rem_aka; $this->node->ftn_other = $rem_aka;
continue; continue;
// If we only present limited AKAs dont validate password against akas outside of the domains we present
} elseif (is_null(our_address($o))) {
Log::alert(sprintf('%s:/ AKA domain [%s] is not in our domain(s) [%s] - ignoring',self::LOGKEY,$o->zone->domain->name,our_address()->pluck('zone.domain.name')->unique()->join(',')));
continue;
} elseif (! $o->active) {
Log::alert(sprintf('%s:/ AKA is not active [%s] - ignoring',self::LOGKEY,$rem_aka));
continue;
} else {
Log::info(sprintf('%s:- Got AKA [%s]',self::LOGKEY,$rem_aka));
} }
} catch (InvalidFTNException $e) { } catch (InvalidFTNException $e) {