Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Z
z-push
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Björn Fischer
z-push
Commits
40304b53
Commit
40304b53
authored
Oct 27, 2016
by
Manfred Kutas
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ZP-672 Always require authentication info.
Released under the Affero GNU General Public License (AGPL) version 3.
parent
f02caf31
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
10 additions
and
5 deletions
+10
-5
index.php
src/index.php
+10
-5
No files found.
src/index.php
View file @
40304b53
...
...
@@ -69,6 +69,10 @@ include_once(ZPUSH_CONFIG);
sprintf
(
"cmd='%s' devType='%s' devId='%s' getUser='%s' from='%s' version='%s' method='%s'"
,
Request
::
GetCommand
(),
Request
::
GetDeviceType
(),
Request
::
GetDeviceID
(),
Request
::
GetGETUser
(),
Request
::
GetRemoteAddr
(),
@
constant
(
'ZPUSH_VERSION'
),
Request
::
GetMethod
()
));
// always request the authorization header
if
(
!
Request
::
HasAuthenticationInfo
()
||
!
Request
::
GetGETUser
())
throw
new
AuthenticationRequiredException
(
"Access denied. Please send authorisation information"
);
// Stop here if this is an OPTIONS request
if
(
Request
::
IsMethodOPTIONS
())
throw
new
NoPostRequestException
(
"Options request"
,
NoPostRequestException
::
OPTIONS_REQUEST
);
...
...
@@ -85,10 +89,6 @@ include_once(ZPUSH_CONFIG);
// Load the backend
$backend
=
ZPush
::
GetBackend
();
// always request the authorization header
if
(
!
Request
::
HasAuthenticationInfo
()
||
!
Request
::
GetGETUser
())
throw
new
AuthenticationRequiredException
(
"Access denied. Please send authorisation information"
);
// check the provisioning information
if
(
PROVISIONING
===
true
&&
Request
::
IsMethodPOST
()
&&
ZPush
::
CommandNeedsProvisioning
(
Request
::
GetCommandCode
())
&&
((
Request
::
WasPolicyKeySent
()
&&
Request
::
GetPolicyKey
()
==
0
)
||
ZPush
::
GetDeviceManager
()
->
ProvisioningRequired
(
Request
::
GetPolicyKey
()))
&&
...
...
@@ -198,7 +198,12 @@ include_once(ZPUSH_CONFIG);
}
if
(
$ex
instanceof
AuthenticationRequiredException
)
{
ZPush
::
PrintZPushLegal
(
$exclass
,
sprintf
(
'<pre>%s</pre>'
,
$ex
->
getMessage
()));
// Only print ZPush legal message for GET requests because
// some devices send unauthorized OPTIONS requests
// and don't expect anything in the response body
if
(
Request
::
IsMethodGET
())
{
ZPush
::
PrintZPushLegal
(
$exclass
,
sprintf
(
'<pre>%s</pre>'
,
$ex
->
getMessage
()));
}
// log the failed login attemt e.g. for fail2ban
if
(
defined
(
'LOGAUTHFAIL'
)
&&
LOGAUTHFAIL
!=
false
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
