From 223213857f323bc0ff92a89b30a7cd71404288ba Mon Sep 17 00:00:00 2001 From: "nicolas.dorier" Date: Fri, 1 Mar 2019 16:41:36 +0900 Subject: [PATCH] Do not expose internal IP on SSH connection settings --- BTCPayServer/BTCPayServer.csproj | 2 +- BTCPayServer/Controllers/ServerController.cs | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/BTCPayServer/BTCPayServer.csproj b/BTCPayServer/BTCPayServer.csproj index 03269fec5..c6a7a8417 100644 --- a/BTCPayServer/BTCPayServer.csproj +++ b/BTCPayServer/BTCPayServer.csproj @@ -2,7 +2,7 @@ Exe netcoreapp2.1 - 1.0.3.76 + 1.0.3.77 NU1701,CA1816,CA1308,CA1810,CA2208 diff --git a/BTCPayServer/Controllers/ServerController.cs b/BTCPayServer/Controllers/ServerController.cs index e4e1cb3f7..c72366ebe 100644 --- a/BTCPayServer/Controllers/ServerController.cs +++ b/BTCPayServer/Controllers/ServerController.cs @@ -658,15 +658,24 @@ namespace BTCPayServer.Controllers return NotFound(); return File(System.IO.File.ReadAllBytes(settings.KeyFile), "application/octet-stream", "id_rsa"); } + + var server = IsLocalNetwork(settings.Server) ? this.Request.Host.Host: settings.Server; SSHServiceViewModel vm = new SSHServiceViewModel(); string port = settings.Port == 22 ? "" : $" -p {settings.Port}"; - vm.CommandLine = $"ssh {settings.Username}@{settings.Server}{port}"; + vm.CommandLine = $"ssh {settings.Username}@{server}{port}"; vm.Password = settings.Password; vm.KeyFilePassword = settings.KeyFilePassword; vm.HasKeyFile = !string.IsNullOrEmpty(settings.KeyFile); return View(vm); } + private static bool IsLocalNetwork(string server) + { + return server.EndsWith(".internal", StringComparison.OrdinalIgnoreCase) || + server.Equals("127.0.0.1", StringComparison.OrdinalIgnoreCase) || + server.Equals("localhost", StringComparison.OrdinalIgnoreCase); + } + [Route("server/theme")] public async Task Theme() {