diff --git a/example/config.jsonc b/example/config.jsonc index 97218c8..9994b6d 100644 --- a/example/config.jsonc +++ b/example/config.jsonc @@ -71,6 +71,10 @@ // If enabled, specific requests that look like git HTTP(s) clones will be let through. "git_host": false, + // If enabled, fingerprinting is ignored and any IP will be able to use + // the cached token as long as it is still valid. + "ignore_fingerprinting": false, + // Traffic logging to a .csv file "logging": { "log_traffic": false, diff --git a/src/config/Config.hpp b/src/config/Config.hpp index ccb8e43..2592975 100644 --- a/src/config/Config.hpp +++ b/src/config/Config.hpp @@ -36,6 +36,7 @@ class CConfig { std::vector rules = {}; int default_challenge_difficulty = 4; int token_valid_for = 3600; + bool ignore_fingerprinting = false; bool async_proxy = true; std::vector proxy_rules; diff --git a/src/core/Handler.cpp b/src/core/Handler.cpp index ddd0774..d590509 100644 --- a/src/core/Handler.cpp +++ b/src/core/Handler.cpp @@ -215,7 +215,7 @@ void CServerHandler::onRequest(const Pistache::Http::Request& req, Pistache::Htt if (TOKEN.valid()) { const auto AGE = std::chrono::duration_cast(std::chrono::system_clock::now().time_since_epoch()).count() - std::chrono::duration_cast(TOKEN.issued().time_since_epoch()).count(); - if (AGE <= g_pConfig->m_config.token_valid_for * 1000 && TOKEN.fingerprint() == NRequestUtils::fingerprintForRequest(req)) { + if (AGE <= g_pConfig->m_config.token_valid_for * 1000 && (TOKEN.fingerprint() == NRequestUtils::fingerprintForRequest(req) || g_pConfig->m_config.ignore_fingerprinting)) { Debug::log(LOG, " | Action: PASS (token)"); g_pTrafficLogger->logTraffic(req, "PASS (token)"); proxyPass(req, response);