Git-Mirrors/rnsh
1
0
Fork 0
mirror of https://github.com/markqvist/rnsh.git synced 2025-06-20 20:14:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Implemented an allowed_identities file for more convenient access management

Browse source
This commit is contained in:
Mark Qvist 2023-09-18 17:58:44 +02:00
parent 3b71b197ae
commit e0ba3d11ba
4 changed files with 52 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

3
rnsh/session.py
View file

@ -69,6 +69,7 @@ class LSOutletBase(ABC):
class ListenerSession:
sessions: List[ListenerSession] = []
allowed_identity_hashes: [any] = []
allowed_file_identity_hashes: [any] = []
allow_all: bool = False
allow_remote_command: bool = False
default_command: [str] = []
@ -183,7 +184,7 @@ class ListenerSession:
if self.state not in [LSState.LSSTATE_WAIT_IDENT, LSState.LSSTATE_WAIT_VERS]:
self._protocol_error(LSState.LSSTATE_WAIT_IDENT.name)
if not self.allow_all and identity.hash not in self.allowed_identity_hashes:
if not self.allow_all and identity.hash not in self.allowed_identity_hashes and identity.hash not in self.allowed_file_identity_hashes:
self.terminate("Identity is not allowed.")
self.remote_identity = identity