admin/nexus-terminal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Baobhan Sith
2025-04-28 11:21:40 +08:00
parent 9e47ea3746
commit ab1ce21c01
2 changed files with 32 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/frontend/src/components/RemoteDesktopModal.vue
+13 -5
View File
@@ -70,7 +70,7 @@ const connectRdp = async () => { // Removed useInputValues parameter
if (rdpContainerRef.value) { if (rdpContainerRef.value) {
// Use clientWidth/clientHeight as they represent the inner dimensions available for content // Use clientWidth/clientHeight as they represent the inner dimensions available for content
widthToSend = rdpContainerRef.value.clientWidth; widthToSend = rdpContainerRef.value.clientWidth;
heightToSend = rdpContainerRef.value.clientHeight + 1; // Subtract 1 based on feedback heightToSend = rdpContainerRef.value.clientHeight - 1; // Subtract 1 based on feedback
// Ensure minimum dimensions, adjust if necessary based on backend requirements // Ensure minimum dimensions, adjust if necessary based on backend requirements
widthToSend = Math.max(100, widthToSend); widthToSend = Math.max(100, widthToSend);
heightToSend = Math.max(100, heightToSend); heightToSend = Math.max(100, heightToSend);
@@ -358,7 +358,7 @@ const computedModalStyle = computed(() => {
id="modal-width" id="modal-width"
type="number" type="number"
v-model="desiredModalWidth" v-model="desiredModalWidth"
min="200" min="1024"
step="10" step="10"
class="w-16 px-1 py-0.5 text-xs border border-border rounded bg-input text-foreground focus:outline-none focus:ring-1 focus:ring-primary" class="w-16 px-1 py-0.5 text-xs border border-border rounded bg-input text-foreground focus:outline-none focus:ring-1 focus:ring-primary"
/> />
@@ -367,12 +367,20 @@ const computedModalStyle = computed(() => {
id="modal-height" id="modal-height"
type="number" type="number"
v-model="desiredModalHeight" v-model="desiredModalHeight"
min="200" min="768"
step="10" step="10"
class="w-16 px-1 py-0.5 text-xs border border-border rounded bg-input text-foreground focus:outline-none focus:ring-1 focus:ring-primary" class="w-16 px-1 py-0.5 text-xs border border-border rounded bg-input text-foreground focus:outline-none focus:ring-1 focus:ring-primary"
/> />
<!-- Add Reconnect Button -->
<!-- RDP Width/Height inputs and Reconnect button removed --> <button
@click="connectRdp"
:disabled="connectionStatus === 'connecting'"
class="px-2 py-0.5 bg-secondary text-white rounded text-xs hover:bg-secondary-dark disabled:opacity-50 disabled:cursor-not-allowed"
:title="t('remoteDesktopModal.reconnectTooltip')"
>
<i class="fas fa-sync-alt mr-1"></i>
{{ t('common.reconnect') }}
</button>
</div> </div>
</div> </div>
</div> </div>
packages/rdp/src/server.ts
+19 -11
View File
@@ -41,7 +41,9 @@ const websocketOptions = {
const clientOptions = { const clientOptions = {
crypt: { crypt: {
key: ENCRYPTION_KEY_STRING // GuacamoleLite expects the string key // Pass the actual key Buffer to guacamole-lite for its internal crypto operations
key: ENCRYPTION_KEY_BUFFER,
cypher: 'aes-256-cbc' // Ensure cipher matches between encryption and decryption
}, },
}; };
@@ -78,20 +80,26 @@ try {
process.exit(1); process.exit(1);
} }
// Updated encryptToken to use the validated Buffer key and AES-GCM // Updated encryptToken to match guacamole-lite's expected format (aes-256-cbc and specific JSON structure)
// Now accepts the key Buffer directly for correct crypto operation
const encryptToken = (data: string, keyBuffer: Buffer): string => { const encryptToken = (data: string, keyBuffer: Buffer): string => {
try { try {
const iv = crypto.randomBytes(12); // GCM recommended IV size is 12 bytes const iv = crypto.randomBytes(16); // AES-CBC typically uses a 16-byte IV
const cipher = crypto.createCipheriv('aes-256-gcm', keyBuffer, iv); // Use the key Buffer for Node.js crypto operations
const cipher = crypto.createCipheriv('aes-256-cbc', keyBuffer, iv);
const encryptedBuffer = Buffer.concat([cipher.update(data, 'utf8'), cipher.final()]); let encrypted = cipher.update(data, 'utf8', 'base64');
const tag = cipher.getAuthTag(); // Get the authentication tag encrypted += cipher.final('base64');
// Combine IV, encrypted data, and tag for storage/transmission // Construct the JSON object expected by guacamole-lite's decrypt function
// Using a format like IV:TAG:ENCRYPTED_DATA (Base64 encoded) is common const output = {
const combined = Buffer.concat([iv, tag, encryptedBuffer]); iv: iv.toString('base64'),
value: encrypted
};
return combined.toString('base64'); // Stringify the JSON and then Base64 encode the entire string
const jsonString = JSON.stringify(output);
return Buffer.from(jsonString).toString('base64');
} catch (e) { } catch (e) {
console.error("Token encryption failed:", e); // Log the actual error console.error("Token encryption failed:", e); // Log the actual error
@@ -148,7 +156,7 @@ app.get('/api/get-token', (req: any, res: any) => {
try { try {
const tokenData = JSON.stringify(connectionParams); const tokenData = JSON.stringify(connectionParams);
// Use the validated key buffer for encryption // Use the validated key buffer for encryption
// Use the validated key buffer for encryption // Use the key Buffer for encryption
const encryptedToken = encryptToken(tokenData, ENCRYPTION_KEY_BUFFER); const encryptedToken = encryptToken(tokenData, ENCRYPTION_KEY_BUFFER);
res.json({ token: encryptedToken }); res.json({ token: encryptedToken });
} catch (error) { } catch (error) {