dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

fix: translations

Browse Source
This commit is contained in:
LukeGus
2025-12-30 19:00:33 -06:00
parent b025befd08
commit 7ed8ac625a
33 changed files with 197 additions and 59673 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
src/backend/ssh/docker.ts
View File

@@ -472,6 +472,14 @@ app.post("/docker/ssh/connect", async (req, res) => {
cleanupSession(sessionId);
}
// Clean up any stale pending TOTP sessions
if (pendingTOTPSessions[sessionId]) {
try {
pendingTOTPSessions[sessionId].client.end();
} catch {}
delete pendingTOTPSessions[sessionId];
}
let resolvedCredentials: any = {
password: host.password,
sshKey: host.key,
@@ -552,9 +560,7 @@ app.post("/docker/ssh/connect", async (req, res) => {
host: host.ip,
port: host.port || 22,
username: host.username,
tryKeyboard:
resolvedCredentials.authType === "none" ||
forceKeyboardInteractive === true,
tryKeyboard: true,
keepaliveInterval: 30000,
keepaliveCountMax: 3,
readyTimeout: 60000,
@@ -564,7 +570,7 @@ app.post("/docker/ssh/connect", async (req, res) => {
if (resolvedCredentials.authType === "none") {
} else if (resolvedCredentials.authType === "password") {
if (!forceKeyboardInteractive && resolvedCredentials.password) {
if (resolvedCredentials.password) {
config.password = resolvedCredentials.password;
}
} else if (
@@ -689,37 +695,29 @@ app.post("/docker/ssh/connect", async (req, res) => {
);
if (totpPromptIndex !== -1) {
if (pendingTOTPSessions[sessionId]) {
const existingSession = pendingTOTPSessions[sessionId];
if (existingSession.totpAttempts >= 3) {
if (!responseSent) {
responseSent = true;
delete pendingTOTPSessions[sessionId];
client.end();
res.status(401).json({
error: "Maximum TOTP attempts reached",
code: "TOTP_MAX_ATTEMPTS",
});
}
return;
}
existingSession.totpAttempts++;
if (!responseSent) {
responseSent = true;
res.json({
requires_totp: true,
sessionId,
prompt: prompts[totpPromptIndex].prompt,
attempts_remaining: 3 - existingSession.totpAttempts,
});
}
return;
}
if (responseSent) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
responseSent = true;
if (pendingTOTPSessions[sessionId]) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
keyboardInteractiveResponded = true;
pendingTOTPSessions[sessionId] = {
@@ -768,36 +766,35 @@ app.post("/docker/ssh/connect", async (req, res) => {
resolvedCredentials.authType !== "none";
if (!hasStoredPassword && passwordPromptIndex !== -1) {
if (pendingTOTPSessions[sessionId]) {
const existingSession = pendingTOTPSessions[sessionId];
if (existingSession.totpAttempts >= 3) {
if (!responseSent) {
responseSent = true;
delete pendingTOTPSessions[sessionId];
client.end();
res.status(401).json({
error: "Maximum password attempts reached",
code: "PASSWORD_MAX_ATTEMPTS",
});
if (responseSent) {
const responses = prompts.map((p) => {
if (
/password/i.test(p.prompt) &&
resolvedCredentials.password
) {
return resolvedCredentials.password;
}
return;
}
existingSession.totpAttempts++;
if (!responseSent) {
responseSent = true;
res.json({
requires_totp: true,
sessionId,
prompt: prompts[passwordPromptIndex].prompt,
isPassword: true,
attempts_remaining: 3 - existingSession.totpAttempts,
});
}
return "";
});
finish(responses);
return;
}
responseSent = true;
if (pendingTOTPSessions[sessionId]) {
const responses = prompts.map((p) => {
if (
/password/i.test(p.prompt) &&
resolvedCredentials.password
) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
if (responseSent) return;
responseSent = true;
keyboardInteractiveResponded = true;
pendingTOTPSessions[sessionId] = {

110
src/backend/ssh/file-manager.ts
View File

@@ -390,6 +390,15 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
if (sshSessions[sessionId]?.isConnected) {
cleanupSession(sessionId);
}
// Clean up any stale pending TOTP sessions
if (pendingTOTPSessions[sessionId]) {
try {
pendingTOTPSessions[sessionId].client.end();
} catch {}
delete pendingTOTPSessions[sessionId];
}
const client = new SSHClient();
let resolvedCredentials = { password, sshKey, keyPassword, authType };
@@ -450,9 +459,7 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
host: ip,
port,
username,
tryKeyboard:
resolvedCredentials.authType === "none" ||
forceKeyboardInteractive === true,
tryKeyboard: true,
keepaliveInterval: 30000,
keepaliveCountMax: 3,
readyTimeout: 60000,
@@ -555,9 +562,7 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
.json({ error: "Password required for password authentication" });
}
if (!forceKeyboardInteractive) {
config.password = resolvedCredentials.password;
}
config.password = resolvedCredentials.password;
} else if (resolvedCredentials.authType === "none") {
} else {
fileLogger.warn(
@@ -684,37 +689,29 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
);
if (totpPromptIndex !== -1) {
if (pendingTOTPSessions[sessionId]) {
const existingSession = pendingTOTPSessions[sessionId];
if (existingSession.totpAttempts >= 3) {
if (!responseSent) {
responseSent = true;
delete pendingTOTPSessions[sessionId];
client.end();
res.status(401).json({
error: "Maximum TOTP attempts reached",
code: "TOTP_MAX_ATTEMPTS",
});
}
return;
}
existingSession.totpAttempts++;
if (!responseSent) {
responseSent = true;
res.json({
requires_totp: true,
sessionId,
prompt: prompts[totpPromptIndex].prompt,
attempts_remaining: 3 - existingSession.totpAttempts,
});
}
return;
}
if (responseSent) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
responseSent = true;
if (pendingTOTPSessions[sessionId]) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
keyboardInteractiveResponded = true;
pendingTOTPSessions[sessionId] = {
@@ -765,38 +762,29 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
}
if (!hasStoredPassword && passwordPromptIndex !== -1) {
if (pendingTOTPSessions[sessionId]) {
const existingSession = pendingTOTPSessions[sessionId];
if (existingSession.totpAttempts >= 3) {
if (!responseSent) {
responseSent = true;
delete pendingTOTPSessions[sessionId];
client.end();
res.status(401).json({
error: "Maximum password attempts reached",
code: "PASSWORD_MAX_ATTEMPTS",
});
}
return;
}
existingSession.totpAttempts++;
if (!responseSent) {
responseSent = true;
res.json({
requires_totp: true,
sessionId,
prompt: prompts[passwordPromptIndex].prompt,
isPassword: true,
attempts_remaining: 3 - existingSession.totpAttempts,
});
}
return;
}
if (responseSent) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
responseSent = true;
if (pendingTOTPSessions[sessionId]) {
const responses = prompts.map((p) => {
if (/password/i.test(p.prompt) && resolvedCredentials.password) {
return resolvedCredentials.password;
}
return "";
});
finish(responses);
return;
}
keyboardInteractiveResponded = true;
pendingTOTPSessions[sessionId] = {

79
src/backend/ssh/terminal.ts
View File

@@ -456,6 +456,8 @@ wss.on("connection", async (ws: WebSocket, req) => {
const totpCode = totpData.code;
totpAttempts++;
keyboardInteractiveFinish([totpCode]);
keyboardInteractiveFinish = null;
totpPromptSent = false;
} else {
sshLogger.warn("TOTP response received but no callback available", {
operation: "totp_response_error",
@@ -482,6 +484,7 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
const password = passwordData.code;
keyboardInteractiveFinish([password]);
keyboardInteractiveFinish = null;
} else {
sshLogger.warn(
"Password response received but no callback available",
@@ -988,29 +991,11 @@ wss.on("connection", async (ws: WebSocket, req) => {
if (totpPromptIndex !== -1) {
if (totpPromptSent) {
if (totpAttempts >= 3) {
sshLogger.error("TOTP maximum attempts reached", {
operation: "ssh_keyboard_interactive_totp_max_attempts",
hostId: id,
attempts: totpAttempts,
});
ws.send(
JSON.stringify({
type: "error",
message: "Maximum TOTP attempts reached",
code: "TOTP_MAX_ATTEMPTS",
}),
);
cleanupSSH();
return;
}
ws.send(
JSON.stringify({
type: "totp_retry",
attempts_remaining: 3 - totpAttempts,
prompt: prompts[totpPromptIndex].prompt,
}),
);
sshLogger.warn("TOTP prompt asked again - ignoring duplicate", {
operation: "ssh_keyboard_interactive_totp_duplicate",
hostId: id,
prompts: promptTexts,
});
return;
}
totpPromptSent = true;
@@ -1032,19 +1017,22 @@ wss.on("connection", async (ws: WebSocket, req) => {
finish(responses);
};
// Set timeout for TOTP response
totpTimeout = setTimeout(() => {
if (keyboardInteractiveFinish) {
keyboardInteractiveFinish = null;
totpPromptSent = false;
totpAttempts = 0;
sshLogger.warn("TOTP prompt timeout", {
operation: "totp_timeout",
hostId: id,
});
ws.send(
JSON.stringify({
type: "error",
message: "TOTP verification timeout",
code: "TOTP_TIMEOUT",
message: "TOTP verification timeout. Please reconnect.",
}),
);
cleanupSSH();
cleanupSSH(connectionTimeout);
}
}, 180000);
@@ -1082,6 +1070,25 @@ wss.on("connection", async (ws: WebSocket, req) => {
finish(responses);
};
// Set timeout for password response
totpTimeout = setTimeout(() => {
if (keyboardInteractiveFinish) {
keyboardInteractiveFinish = null;
keyboardInteractiveResponded = false;
sshLogger.warn("Password prompt timeout", {
operation: "password_timeout",
hostId: id,
});
ws.send(
JSON.stringify({
type: "error",
message: "Password verification timeout. Please reconnect.",
}),
);
cleanupSSH(connectionTimeout);
}
}, 180000);
ws.send(
JSON.stringify({
type: "password_required",
@@ -1107,9 +1114,7 @@ wss.on("connection", async (ws: WebSocket, req) => {
host: ip,
port,
username,
tryKeyboard:
resolvedCredentials.authType === "none" ||
hostConfig.forceKeyboardInteractive === true,
tryKeyboard: true,
keepaliveInterval: 30000,
keepaliveCountMax: 3,
readyTimeout: 30000,
@@ -1191,9 +1196,7 @@ wss.on("connection", async (ws: WebSocket, req) => {
return;
}
if (!hostConfig.forceKeyboardInteractive) {
connectConfig.password = resolvedCredentials.password;
}
connectConfig.password = resolvedCredentials.password;
} else if (
resolvedCredentials.authType === "key" &&
resolvedCredentials.key
@@ -1385,6 +1388,11 @@ wss.on("connection", async (ws: WebSocket, req) => {
clearTimeout(timeoutId);
}
if (totpTimeout) {
clearTimeout(totpTimeout);
totpTimeout = null;
}
if (sshStream) {
try {
sshStream.end();
@@ -1409,11 +1417,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
sshConn = null;
}
if (totpTimeout) {
clearTimeout(totpTimeout);
totpTimeout = null;
}
totpPromptSent = false;
totpAttempts = 0;
isKeyboardInteractive = false;