Compare commits
	
		
			5 Commits
		
	
	
		
			1.0-21
			...
			1_0-25_el8
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 2e7e5047d8 | |||
| bd88797db8 | |||
| 03a5304866 | |||
| 12516e2505 | |||
| f053c60040 | 
							
								
								
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -2,3 +2,4 @@ | ||||
| *.log | ||||
| *spec-20* | ||||
| *.0.tgz | ||||
| *.0.tar.xz | ||||
|   | ||||
| @@ -6,7 +6,14 @@ SMEServer Koozali developed git repo for smeserver-wireguard smecontribs | ||||
| <br />https://wiki.koozali.org/Wireguard | ||||
|  | ||||
| ## Bugzilla | ||||
| Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=smeserver-wireguard&product=SME%20Contribs&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED) | ||||
| Show list of outstanding bugs: | ||||
| [All](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=UNCONFIRMED&bug_status=CONFIRMED&bug_status=NEEDINFO&bug_status=IN_PROGRESS&bug_status=RESOLVED&bug_status=VERIFIED&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [Confirmed](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=CONFIRMED&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [Unconfirmed](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=UNCONFIRMED&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [Need Info](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=NEEDINFO&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [In Progress](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=IN_PROGRESS&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [Verified](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=VERIFIED&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
| [Resolved](https://bugs.koozali.org/buglist.cgi?action=wrap&bug_status=RESOLVED&classification=Contribs&component=smeserver-wireguard&list_id=105781&order=changeddate+DESC%2Ccomponent%2Cpriority%2Cbug_severity&product=SME+Contribs&query_format=advanced)   | ||||
|  | ||||
| ## Description | ||||
|  | ||||
|   | ||||
| @@ -1,23 +0,0 @@ | ||||
| #!/usr/bin/perl -w | ||||
|  | ||||
| use esmith::Build::CreateLinks qw(:all); | ||||
|  | ||||
| panel_link("webhosting", "manager"); | ||||
|  | ||||
| for  my $event (qw( | ||||
|     webhosting-modify smeserver-webhosting-update | ||||
|     )) | ||||
| { | ||||
|     #we can avoid those 2 as we are tricking ourself as ibay-modify and it will do those and php  | ||||
|     #templates2events("/etc/httpd/conf/httpd.conf", $event); | ||||
|     #safe_symlink("sigusr1", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); | ||||
|     event_link("webhosting-php-expand", $event, "05"); | ||||
|     event_link("webhosting-php-adjust", $event, "90"); | ||||
| } | ||||
| $event="smeserver-webhosting-update"; | ||||
| event_link("navigation-conf", $event, "70"); | ||||
| # for smeserver-manager | ||||
| safe_symlink('restart', "root/etc/e-smith/events/$event/services2adjust/smanager"); | ||||
| event_link('navigation2-conf', "$event", '80'); | ||||
| event_link('routes2-conf', "$event", '80'); | ||||
| event_link('locales2-conf', "$event", '80'); | ||||
| @@ -15,75 +15,67 @@ package SrvMngr::Controller::Wireguard; | ||||
| use strict; | ||||
| use warnings; | ||||
| use Mojo::Base 'Mojolicious::Controller'; | ||||
|  | ||||
| use Locale::gettext; | ||||
| use SrvMngr::I18N; | ||||
| use SrvMngr qw( theme_list init_session is_normal_password ); | ||||
|  | ||||
| use esmith::ConfigDB; | ||||
| use Net::IP; | ||||
|  | ||||
| our $adb = esmith::AccountsDB->open() || die "Couldn't open accounts DB\ndb"; | ||||
| our $cdb = esmith::ConfigDB->open() || die "Couldn't open config DB\n"; | ||||
| our $wdb = esmith::ConfigDB->open('wireguard') || esmith::ConfigDB->create('wireguard'); | ||||
| our $ndb = esmith::NetworksDB->open_ro || die "Error opening networks DB\n"; | ||||
|  | ||||
| my $adb; | ||||
| my $cdb; | ||||
| my $wdb; | ||||
| my $ndb; | ||||
|  | ||||
| sub main { | ||||
|  | ||||
|     my $c = shift; | ||||
|     $c->app->log->info($c->log_req); | ||||
|  | ||||
|     my %wrg_datas = (); | ||||
|     $wdb = esmith::ConfigDB->open('wireguard') || esmith::ConfigDB->create('wireguard'); | ||||
|     my $title = $c->l('wrg_FORM_TITLE'); | ||||
|  | ||||
|     $wrg_datas{'trt'} = 'LST'; | ||||
|  | ||||
|     $cdb = esmith::ConfigDB->open() || die "Couldn't open config DB\n"; | ||||
|     my $wg = $cdb->get('wg-quick@wg0'); | ||||
|  | ||||
|     $wrg_datas{'wgpub'}   = $wg->prop('public'); | ||||
|     $wrg_datas{'wgip'}    = $wg->prop('ip'); | ||||
|     $wrg_datas{'wgmask'}  = $wg->prop('mask'); | ||||
|     $wrg_datas{'wgport'}  = $wg->prop('UDPPort'); | ||||
|     $wrg_datas{'sstatus'} = $wg->prop('status'); | ||||
|  | ||||
|     my @wgstatus = `/usr/bin/wg show wg0 dump`; | ||||
|  | ||||
|     my $type     = 'wg0'; | ||||
|     my @wgconf = $wdb->get_all_by_prop(type=>$type); | ||||
|  | ||||
|     $c->stash( title => $title, wrg_datas => \%wrg_datas, | ||||
| 	 wgstatus => \@wgstatus,  wgconf => \@wgconf ); | ||||
|  | ||||
|     my @wgconf   = $wdb->get_all_by_prop(type => $type); | ||||
|     $c->stash( | ||||
|         title     => $title, | ||||
|         wrg_datas => \%wrg_datas, | ||||
|         wgstatus  => \@wgstatus, | ||||
|         wgconf    => \@wgconf | ||||
|     ); | ||||
|     $c->render(template => 'wireguard'); | ||||
|  | ||||
| }; | ||||
|  | ||||
| } ## end sub main | ||||
|  | ||||
| sub do_display { | ||||
|  | ||||
|     my $c = shift; | ||||
|     $c->app->log->info($c->log_req); | ||||
|  | ||||
|     my $rt        = $c->current_route; | ||||
|     my $trt       = ($c->param('trt') || ''); | ||||
|     my $wgconf    = $c->param('Wgconf') || ''; | ||||
|  | ||||
|     my %wrg_datas = (); | ||||
|     my $title     = $c->l('wrg_FORM_TITLE'); | ||||
|     my $modul     = ''; | ||||
|     $adb = esmith::AccountsDB->open()          || die "Couldn't open accounts DB\ndb"; | ||||
|     $cdb = esmith::ConfigDB->open()            || die "Couldn't open config DB\n"; | ||||
|     $wdb = esmith::ConfigDB->open('wireguard') || esmith::ConfigDB->create('wireguard'); | ||||
|  | ||||
|     #$ndb = esmith::NetworksDB->open_ro || die "Error opening networks DB\n"; | ||||
|     $wrg_datas{'trt'} = $trt; | ||||
|  | ||||
|         if ( $trt eq 'QRC' ) { | ||||
|     if ($trt eq 'QRC') { | ||||
|         $wrg_datas{'wgconf'} = $wgconf; | ||||
|     } | ||||
|  | ||||
|         if ( $trt eq 'MOD' ) { | ||||
|     if ($trt eq 'MOD') { | ||||
|         $wrg_datas{'wgconf'} = $wgconf; | ||||
|         my $rec = $wdb->get($wgconf); | ||||
| 	    if ( $rec ) { | ||||
|  | ||||
|         if ($rec) { | ||||
|             $wrg_datas{'info'}       = $rec->prop('info')       || ''; | ||||
|             $wrg_datas{'allowedips'} = $rec->prop('allowedips') || ''; | ||||
|             $wrg_datas{'private'}    = $rec->prop('private')    || ''; | ||||
| @@ -91,148 +83,150 @@ sub do_display { | ||||
|             $wrg_datas{'account'}    = $rec->prop('user')       || ''; | ||||
|             $wrg_datas{'status'}     = $rec->prop('status')     || ''; | ||||
|             $wrg_datas{'dns'}        = $rec->prop('dns')        || ''; | ||||
| 	    } | ||||
| 	} | ||||
|         } ## end if ($rec) | ||||
|     } ## end if ($trt eq 'MOD') | ||||
|  | ||||
|         if ( $trt eq 'REM' ) { | ||||
|     if ($trt eq 'REM') { | ||||
|         $wrg_datas{'wgconf'} = $wgconf; | ||||
|         my $rec = $wdb->get($wgconf); | ||||
|         $wrg_datas{'wgcomment'} = $rec->prop('info') || ''; | ||||
|     } | ||||
|  | ||||
|         if ( $trt eq 'NEW' ) { | ||||
|     if ($trt eq 'NEW') { | ||||
|  | ||||
|         # nothing for a new client | ||||
|     } | ||||
|  | ||||
|         if ( $trt eq 'UPD' ) { | ||||
|     if ($trt eq 'UPD') { | ||||
|         my $wg = $cdb->get('wg-quick@wg0'); | ||||
|         $wrg_datas{'ip'}      = $wg->prop('ip'); | ||||
|         $wrg_datas{'mask'}    = $wg->prop('mask'); | ||||
|         $wrg_datas{'private'} = $wg->prop('private'); | ||||
|         $wrg_datas{'public'}  = $wg->prop('public'); | ||||
|         $wrg_datas{'status'}  = $wg->prop('status'); | ||||
|         } | ||||
|     } ## end if ($trt eq 'UPD') | ||||
|  | ||||
|         if ( $trt eq 'LST' ) { | ||||
|     if ($trt eq 'LST') { | ||||
|         my @wgss = $adb->wgss(); | ||||
|             $c->stash( wgss => \@wgss ); | ||||
|         $c->stash(wgss => \@wgss); | ||||
|     } | ||||
|  | ||||
|     $c->stash( title => $title, modul => $modul, wrg_datas => \%wrg_datas ); | ||||
|     $c->render( template => 'wireguard' ); | ||||
|  | ||||
| }; | ||||
|  | ||||
|     $c->stash(title => $title, modul => $modul, wrg_datas => \%wrg_datas); | ||||
|     $c->render(template => 'wireguard'); | ||||
| } ## end sub do_display | ||||
|  | ||||
| sub do_action { | ||||
|  | ||||
|     my $c = shift; | ||||
|     $c->app->log->info($c->log_req); | ||||
|  | ||||
|     my $rt        = $c->current_route; | ||||
|     my $trt       = ($c->param('trt') || ''); | ||||
|  | ||||
|     my %wrg_datas = (); | ||||
|     my $title     = $c->l('wrg_FORM_TITLE'); | ||||
|  | ||||
|     $wrg_datas{'trt'} = $trt; | ||||
|  | ||||
|     my $result = ''; | ||||
|     my $res    = ''; | ||||
|     $adb = esmith::AccountsDB->open()          || die "Couldn't open accounts DB\ndb"; | ||||
|     $cdb = esmith::ConfigDB->open()            || die "Couldn't open config DB\n"; | ||||
|     $wdb = esmith::ConfigDB->open('wireguard') || esmith::ConfigDB->create('wireguard'); | ||||
|     $ndb = esmith::NetworksDB->open_ro         || die "Error opening networks DB\n"; | ||||
|  | ||||
|     if ($trt eq 'QRC') { | ||||
|  | ||||
|     if ( $trt eq 'QRC' ) { | ||||
|         #	NEVER | ||||
|     } | ||||
|  | ||||
|     if ( $trt eq 'LST' ) { | ||||
|     if ($trt eq 'LST') { | ||||
|  | ||||
|         #	NEVER | ||||
|     } | ||||
|  | ||||
|     if ( $trt eq 'MOD' ) { | ||||
|     if ($trt eq 'MOD') { | ||||
|         $wrg_datas{'wgconf'} = $c->param('Wgconf'); | ||||
|  | ||||
|         # controls | ||||
|         $res = 'OK';    # no controls here... | ||||
|         $result .= $res unless $res eq 'OK'; | ||||
| 	if ( ! $result ) { | ||||
| 	    $res = performModifyClient( $c );  | ||||
|  | ||||
|         if (!$result) { | ||||
|             $res = performModifyClient($c); | ||||
|             $result .= $res unless $res eq 'OK'; | ||||
| 	    if ( ! $result ) {  | ||||
|  | ||||
|             if (!$result) { | ||||
|                 $result = $c->l('wrg_SUCCESSFULLY_MODIFIED_CONF'); | ||||
|             } | ||||
| 	} | ||||
|     } | ||||
|         } ## end if (!$result) | ||||
|     } ## end if ($trt eq 'MOD') | ||||
|  | ||||
|     if ( $trt eq 'REM' ) { | ||||
|     if ($trt eq 'REM') { | ||||
|         if ($c->param("cancel")) { | ||||
| 	    $c->stash( error => $c->l('wrg_CANCELLED') ); | ||||
|             $c->stash(error => $c->l('wrg_CANCELLED')); | ||||
|             $c->redirect_to('/wireguard'); | ||||
|         } | ||||
|  | ||||
|         # controls | ||||
|         $res = 'OK';    # no controls here... | ||||
|         $result .= $res unless $res eq 'OK'; | ||||
| 	if ( ! $result ) { | ||||
| 	    $res = performRemoveClient( $c );  | ||||
|  | ||||
|         if (!$result) { | ||||
|             $res = performRemoveClient($c); | ||||
|             $result .= $res unless $res eq 'OK'; | ||||
| 	    if ( ! $result ) {  | ||||
|  | ||||
|             if (!$result) { | ||||
|                 $result = $c->l('wrg_SUCCESSFULLY_REMOVED_CONF'); | ||||
|             } | ||||
| 	} | ||||
|     } | ||||
|         } ## end if (!$result) | ||||
|     } ## end if ($trt eq 'REM') | ||||
|  | ||||
|     if ( $trt eq 'NEW' ) { | ||||
|     if ($trt eq 'NEW') { | ||||
|  | ||||
|         # controls | ||||
|         $res = 'OK';    # no controls here... | ||||
|         $result .= $res unless $res eq 'OK'; | ||||
| 	if ( ! $result ) { | ||||
| 	    $res = performCreateClient( $c );  | ||||
|  | ||||
|         if (!$result) { | ||||
|             $res = performCreateClient($c); | ||||
|             $result .= $res unless $res eq 'OK'; | ||||
| 	    if ( ! $result ) {  | ||||
|  | ||||
|             if (!$result) { | ||||
|                 $result = $c->l('wrg_SUCCESSFULLY_ADDED_CONF'); | ||||
|             } | ||||
| 	} | ||||
|     } | ||||
|         } ## end if (!$result) | ||||
|     } ## end if ($trt eq 'NEW') | ||||
|  | ||||
|     if ( $trt eq 'UPD' ) { | ||||
|     if ($trt eq 'UPD') { | ||||
|  | ||||
|         # controls | ||||
|         $res = 'OK';    # no controls here... | ||||
|         $result .= $res unless $res eq 'OK'; | ||||
| 	if ( ! $result ) { | ||||
| 	    $res = performUpdateConfig( $c );  | ||||
|  | ||||
|         if (!$result) { | ||||
|             $res = performUpdateConfig($c); | ||||
|             $result .= $res unless $res eq 'OK'; | ||||
| 	    if ( ! $result ) {  | ||||
|  | ||||
|             if (!$result) { | ||||
|                 $result = $c->l('wrg_SUCCESSFULLY_UPDATED_CONF'); | ||||
|             } | ||||
| 	} | ||||
|     } | ||||
|  | ||||
|         } ## end if (!$result) | ||||
|     } ## end if ($trt eq 'UPD') | ||||
|  | ||||
|     # common parts | ||||
|  | ||||
|     if ($res ne 'OK') { | ||||
| 	$c->stash( error => $result ); | ||||
| 	$c->stash( title => $title, wrg_datas => \%wrg_datas ); | ||||
|         $c->stash(error => $result); | ||||
|         $c->stash(title => $title, wrg_datas => \%wrg_datas); | ||||
|         return $c->render('wireguard'); | ||||
|     } | ||||
|  | ||||
|     #force reload as successfull (for Main) | ||||
|     $wdb = esmith::ConfigDB->open('wireguard'); | ||||
|  | ||||
|     my $message = "'Wireguard' update ($trt) DONE"; | ||||
|     $c->app->log->info($message); | ||||
|     $c->flash( success => $result ); | ||||
|  | ||||
|     $c->flash(success => $result); | ||||
|     $c->redirect_to('/wireguard'); | ||||
| } | ||||
|  | ||||
| } ## end sub do_action | ||||
|  | ||||
| # action for 'MOD' | ||||
| sub performModifyClient{ | ||||
|  | ||||
| sub performModifyClient { | ||||
|     my $c          = shift; | ||||
|     my $msg        = "OK"; | ||||
|  | ||||
|     my $wgacc      = $c->param('Wgconf'); | ||||
|     my $account    = $c->param('Account'); | ||||
|     my $private    = $c->param('Private') || ''; | ||||
| @@ -242,52 +236,44 @@ sub performModifyClient{ | ||||
|     my $allowedips = $c->param('Allowedips') || ''; | ||||
|  | ||||
|     #todo validate fields | ||||
|  | ||||
| # Untaint info and account before use in system() | ||||
|     # Untaint info and account before use in system() | ||||
|     ($info) = $info =~ /([A-Za-z0-9_\-. ]+)/; | ||||
| #	trim both ends | ||||
|  | ||||
|     #	trim both ends | ||||
|     $info =~ s/^ +| +$//g; | ||||
|     ($account) = $account =~ /([A-Za-z0-9_-]+)/; | ||||
|  | ||||
|     return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($account and $info); | ||||
|  | ||||
|     my %props = ('user' =>  $account | ||||
| 		,'private' => $private | ||||
| 		,'public' => $public | ||||
| 		,'info' => $info | ||||
| 		,'status' => $status | ||||
| 		,'allowedips' => $allowedips | ||||
|     my %props = ( | ||||
|         'user'       => $account, | ||||
|         'private'    => $private, | ||||
|         'public'     => $public, | ||||
|         'info'       => $info, | ||||
|         'status'     => $status, | ||||
|         'allowedips' => $allowedips | ||||
|     ); | ||||
|  | ||||
|     $wdb->get($wgacc)->merge_props(%props) | ||||
|         or $msg = "Error occurred while modifying pseudonym in database."; | ||||
|  | ||||
|     # Untaint before use in system() | ||||
|     ($wgacc) = ($wgacc =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/); | ||||
|     system( "/sbin/e-smith/signal-event", "wireguard-user-modify", "$wgacc",) | ||||
|         == 0 or $msg = "Error occurred while modifying wirequard account."; | ||||
|  | ||||
|     return "$msg" | ||||
|  | ||||
| } | ||||
|  | ||||
|     system("/sbin/e-smith/signal-event", "wireguard-user-modify", "$wgacc",) == 0 | ||||
|         or $msg = "Error occurred while modifying wirequard account."; | ||||
|     return "$msg"; | ||||
| } ## end sub performModifyClient | ||||
|  | ||||
| # action for 'NEW' | ||||
| sub performCreateClient { | ||||
|  | ||||
|     my $c        = shift; | ||||
|     my $type     = shift; | ||||
|  | ||||
|     my $username = $c->param('Account'); | ||||
|     my $info     = $c->param('Info'); | ||||
|  | ||||
| # Untaint info and account before use in system() | ||||
|     # Untaint info and account before use in system() | ||||
|     ($info) = $info =~ /([A-Za-z0-9_\-. ]+)/; | ||||
| #	trim both ends | ||||
|  | ||||
|     #	trim both ends | ||||
|     $info =~ s/^ +| +$//g; | ||||
|  | ||||
|     ($username) = $username =~ /([A-Za-z0-9_-]+)/; | ||||
|  | ||||
|     return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($username and $info); | ||||
|  | ||||
|     #get username | ||||
| @@ -296,20 +282,16 @@ sub performCreateClient { | ||||
|     $username = $user->key; | ||||
|  | ||||
|     # execute the event wireguard-user-create username info | ||||
|     unless ( system ("/sbin/e-smith/signal-event", "wireguard-user-create", "$username" , "$info") == 0 ){ | ||||
|     unless (system("/sbin/e-smith/signal-event", "wireguard-user-create", "$username", "$info") == 0) { | ||||
|         return $c->error('wrg_ERROR_OCCURED'); | ||||
|     } | ||||
|  | ||||
|     return 'OK'; | ||||
| } | ||||
|  | ||||
| } ## end sub performCreateClient | ||||
|  | ||||
| # action for 'UPD' | ||||
| sub performUpdateConfig { | ||||
|  | ||||
|     my $c       = shift; | ||||
|     my $msg     = "OK"; | ||||
|  | ||||
|     my $ip      = $c->param('Ip'); | ||||
|     my $mask    = $c->param('Mask'); | ||||
|     my $private = $c->param('Private'); | ||||
| @@ -317,122 +299,108 @@ sub performUpdateConfig { | ||||
|     my $status  = $c->param('Status'); | ||||
|  | ||||
|     unless (defined $private) { | ||||
|     	$private =`/usr/bin/wg genkey`; | ||||
|         $private = `/usr/bin/wg genkey`; | ||||
|         ($private) = ($private =~ /(\w+)/); | ||||
|         $public = `/usr/bin/echo $private | /usr/bin/wg pubkey`; | ||||
|     } | ||||
|  | ||||
|     # we get number of entries in wireguard db | ||||
|     my @num=$wdb->get_all_by_prop(type=>"wg0");  | ||||
|     if ( scalar @num >0 ) { | ||||
|     my @num = $wdb->get_all_by_prop(type => "wg0"); | ||||
|  | ||||
|     if (scalar @num > 0) { | ||||
|  | ||||
|         # we get current values | ||||
| 	my $pprivate=$cdb->get('wg-quick@wg0')->prop('private'); | ||||
| 	my $ppublic=$cdb->get('wg-quick@wg0')->prop('public'); | ||||
| 	my $pip=$cdb->get('wg-quick@wg0')->prop('ip'); | ||||
|         my $pmask=$cdb->get('wg-quick@wg0')->prop('mask'); | ||||
|         my $pprivate = $cdb->get('wg-quick@wg0')->prop('private'); | ||||
|         my $ppublic  = $cdb->get('wg-quick@wg0')->prop('public'); | ||||
|         my $pip      = $cdb->get('wg-quick@wg0')->prop('ip'); | ||||
|         my $pmask    = $cdb->get('wg-quick@wg0')->prop('mask'); | ||||
|  | ||||
|         # if  # entries >0 and private  |public | ip is chnaged then we push an error and stop | ||||
|         if ($pprivate ne $private || $ppublic ne $public || $pip ne $ip || $mask ne $pmask) { | ||||
|             return $c->l('wrg_CLIENTS_ALREADY_CONFIGURED'); | ||||
|         } | ||||
| 	} | ||||
|     } ## end if (scalar @num > 0) | ||||
|  | ||||
|     #todo validate fields | ||||
|  | ||||
|     my %props = ('ip' =>  $ip | ||||
| 		,'mask' => $mask | ||||
|                 ,'private' => $private | ||||
|                 ,'public' => $public | ||||
|                 ,'status' => $status | ||||
|     my %props = ( | ||||
|         'ip'      => $ip, | ||||
|         'mask'    => $mask, | ||||
|         'private' => $private, | ||||
|         'public'  => $public, | ||||
|         'status'  => $status | ||||
|     ); | ||||
|  | ||||
|     # Test Ip is inside CIDR | ||||
|     if (!test_for_private_ip($ip,$mask)) { | ||||
|     if (!test_for_private_ip($ip, $mask)) { | ||||
|         $msg = "IP must be in private range"; | ||||
|  | ||||
|         #$fm->error($msg);return; | ||||
|     } | ||||
|  | ||||
|     $cdb->get('wg-quick@wg0')->merge_props(%props) | ||||
|         or $msg = "Error occurred while modifying server details."; | ||||
|  | ||||
|     if ($msg eq "OK") { | ||||
|  | ||||
|     if ($msg eq "OK"){ | ||||
|         # Untaint before use in system() | ||||
|         ($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/); | ||||
| 		system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",) | ||||
| 			== 0 or $msg = "Error occurred while modifying wireguard conf."; | ||||
|     } | ||||
|  | ||||
|         system("/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",) == 0 | ||||
|             or $msg = "Error occurred while modifying wireguard conf."; | ||||
|     } ## end if ($msg eq "OK") | ||||
|     return "$msg"; | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub performUpdateConfig | ||||
|  | ||||
| # action for 'REM' | ||||
| sub performRemoveClient{ | ||||
|  | ||||
| sub performRemoveClient { | ||||
|     my ($c) = @_; | ||||
|  | ||||
|     my $conf = $c->param('Wgconf'); | ||||
|     if ($c->param("remove")){ | ||||
|         unless ($wdb->get($conf)->delete()){ | ||||
|  | ||||
|     if ($c->param("remove")) { | ||||
|         unless ($wdb->get($conf)->delete()) { | ||||
|             return $c->l('wrg_ERROR_OCCURED'); | ||||
|         } | ||||
|         unless (system ("/sbin/e-smith/signal-event", "wireguard-user-delete") == 0 ){ | ||||
|  | ||||
|         unless (system("/sbin/e-smith/signal-event", "wireguard-user-delete") == 0) { | ||||
|             return $c->l('wrg_ERROR_OCCURED'); | ||||
|         } | ||||
|         return 'OK'; | ||||
|     } | ||||
|     } ## end if ($c->param("remove"...)) | ||||
|     return $c->l('wrg_CANCELLED'); | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub performRemoveClient | ||||
|  | ||||
| # called from templates | ||||
| sub get_existing_accounts { | ||||
|  | ||||
|     my $c                = shift; | ||||
|     my @existingAccounts = ('Administrator'); | ||||
|  | ||||
|     foreach my $account ($adb->get_all_by_prop(type=>'user')) { | ||||
|     foreach my $account ($adb->get_all_by_prop(type => 'user')) { | ||||
|         push @existingAccounts, $account->key; | ||||
|     } | ||||
|     return \@existingAccounts; | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub get_existing_accounts | ||||
|  | ||||
| # called from templates | ||||
| sub get_wgs_info { | ||||
|  | ||||
|     my ($c, $attr, $data) = @_; | ||||
|  | ||||
|     return undef if ( not defined $attr or not defined $data ); | ||||
|  | ||||
|     return undef if (not defined $attr or not defined $data); | ||||
|     my $value; | ||||
|     $value = $wdb->get("$data")->prop('info') if ( $attr eq 'info' and $wdb->get("$data") ); | ||||
|     $value = $wdb->get("$data")->prop('user') if ( $attr eq 'user' and $wdb->get("$data") ); | ||||
|  | ||||
|     $value = $wdb->get("$data")->prop('info') if ($attr eq 'info' and $wdb->get("$data")); | ||||
|     $value = $wdb->get("$data")->prop('user') if ($attr eq 'user' and $wdb->get("$data")); | ||||
|     return $value; | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub get_wgs_info | ||||
|  | ||||
| # called from templates | ||||
| sub get_conf_info { | ||||
|  | ||||
|     my ( $c, $ipacc ) = @_; | ||||
|     my ($c, $ipacc) = @_; | ||||
|     ##my $ipacc = $c->param('Wgconf'); | ||||
|  | ||||
|     #untaint | ||||
|     ($ipacc) = $ipacc =~ /(\d+\.\d+\.\d+\.\d+\/\d+)/; | ||||
|     #get from db | ||||
|  | ||||
|     #get from db | ||||
|     # return if does not exist | ||||
|     my $acc = $wdb->get($ipacc) or return undef; | ||||
|  | ||||
|     # return if current user is not admin or the user | ||||
|     return undef unless $c->is_admin; | ||||
|  | ||||
|     my $key        = $acc->key; | ||||
|     my $info       = $acc->prop('info'); | ||||
|     my $private    = $acc->prop('private'); | ||||
| @@ -449,9 +417,8 @@ sub get_conf_info { | ||||
|  | ||||
|     #DNS | ||||
|     my $IPAddress = $cdb->get('InternalInterface')->prop('IPAddress'); | ||||
|     my $dns = ($allowedips =~ /0.0.0.0\/0/)? "DNS = $IPAddress" : "" ; | ||||
|  | ||||
|     my $fulltext ="#configuration for $key $info | ||||
|     my $dns       = ($allowedips =~ /0.0.0.0\/0/) ? "DNS = $IPAddress" : ""; | ||||
|     my $fulltext  = "#configuration for $key $info | ||||
| [Interface] | ||||
| PrivateKey = $private | ||||
| Address = $key | ||||
| @@ -462,25 +429,17 @@ PublicKey = $ServPublic | ||||
| AllowedIPs = $allowedips | ||||
| Endpoint = $ExternalIP:$Port | ||||
| "; | ||||
|     my @fulltext = split( "\n", $fulltext); | ||||
|  | ||||
|     my @fulltext = split("\n", $fulltext); | ||||
|     return \@fulltext; | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub get_conf_info | ||||
|  | ||||
| # called from templates | ||||
| sub get_conf_qr { | ||||
|  | ||||
|     my ( $c, $fulltext, $type) = @_; | ||||
|  | ||||
|     my $qr=`echo "$fulltext" |qrencode -t PNG -o - |base64`; | ||||
|  | ||||
|     my ($c, $fulltext, $type) = @_; | ||||
|     my $qr = `echo "$fulltext" |qrencode -t PNG -o - |base64`; | ||||
|     return $qr; | ||||
|  | ||||
| } | ||||
|  | ||||
|  | ||||
| sub get_internet_ip_address { | ||||
|  | ||||
|     #we could use DNS to do this faster but some provider will block DNS | ||||
| @@ -489,32 +448,29 @@ sub get_internet_ip_address { | ||||
|     #here a list of available site with https | ||||
|     use Net::DNS; | ||||
|     use LWP::Simple; | ||||
|   my $timeout=1; | ||||
|  | ||||
|   my @httpslist=qw( | ||||
| checkip.amazonaws.com | ||||
| myexternalip.com/raw | ||||
| ifconfig.me/ | ||||
| icanhazip.com/ | ||||
| ident.me/ | ||||
| tnx.nl/ip | ||||
| ipecho.net/plain | ||||
| wgetip.com/ | ||||
| ip.tyk.nu/ | ||||
| bot.whatismyipaddress.com/ | ||||
| ipof.in/txt | ||||
| l2.io/ip | ||||
| eth0.me/ ); | ||||
|     my $timeout   = 1; | ||||
|     my @httpslist = qw( | ||||
|         checkip.amazonaws.com | ||||
|         myexternalip.com/raw | ||||
|         ifconfig.me/ | ||||
|         icanhazip.com/ | ||||
|         ident.me/ | ||||
|         tnx.nl/ip | ||||
|         ipecho.net/plain | ||||
|         wgetip.com/ | ||||
|         ip.tyk.nu/ | ||||
|         bot.whatismyipaddress.com/ | ||||
|         ipof.in/txt | ||||
|         l2.io/ip | ||||
|         eth0.me/ ); | ||||
|     my @dns = ( | ||||
|         ['myip.opendns.com', 'resolver1.opendns.com', 'A'], | ||||
|         ['myip.opendns.com', 'resolver2.opendns.com', 'A'], | ||||
|         ['myip.opendns.com', 'resolver3.opendns.com', 'A'], | ||||
|         ['myip.opendns.com', 'resolver4.opendns.com', 'A'], | ||||
|         ['whoami.akamai.net', 'ns1-1.akamaitech.net', 'A'], | ||||
|         ['o-o.myaddr.l.google.com', 'ns1.google.com', 'TXT'] | ||||
|  | ||||
|         [ 'myip.opendns.com',        'resolver1.opendns.com', 'A' ], | ||||
|         [ 'myip.opendns.com',        'resolver2.opendns.com', 'A' ], | ||||
|         [ 'myip.opendns.com',        'resolver3.opendns.com', 'A' ], | ||||
|         [ 'myip.opendns.com',        'resolver4.opendns.com', 'A' ], | ||||
|         [ 'whoami.akamai.net',       'ns1-1.akamaitech.net',  'A' ], | ||||
|         [ 'o-o.myaddr.l.google.com', 'ns1.google.com',        'TXT' ] | ||||
|     ); | ||||
|  | ||||
|     my $ip; | ||||
|  | ||||
|     #foreach my $i ( 0 .. $#dns) { | ||||
| @@ -525,51 +481,47 @@ eth0.me/ ); | ||||
|         udp_timeout => $timeout, | ||||
|         tcp_timeout => $timeout | ||||
|     ); | ||||
|  | ||||
|     my $reply = $res->search($dns[$i][0], $dns[$i][2]); | ||||
|  | ||||
|     if ($reply) { | ||||
|         foreach my $rr ($reply->answer) { | ||||
|         $ip= $rr->txtdata if $rr->can("txtdata"); | ||||
|         $ip= $rr->address if $rr->can("address"); | ||||
|             $ip = $rr->txtdata if $rr->can("txtdata"); | ||||
|             $ip = $rr->address if $rr->can("address"); | ||||
|  | ||||
|             # untaint, dns output is tainted | ||||
|             ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; | ||||
|             return $ip if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; | ||||
|     } | ||||
|         } ## end foreach my $rr ($reply->answer) | ||||
|     } else { | ||||
|         warn "query failed: ", $res->errorstring, "\n"; | ||||
|     } | ||||
|   #} | ||||
|  | ||||
|     #} | ||||
|     # https calls | ||||
|   my $ii=0; | ||||
|     my $ii = 0; | ||||
|     my $service; | ||||
|   while ( $ii <5 ) {  | ||||
|     $service=$httpslist[rand(@httpslist)]; | ||||
|     $ip = (get "https://$service" ); | ||||
|  | ||||
|     while ($ii < 5) { | ||||
|         $service = $httpslist[ rand(@httpslist) ]; | ||||
|         $ip      = (get "https://$service"); | ||||
|         chomp $ip; | ||||
|         $ii++; | ||||
|         last if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; | ||||
|   } | ||||
|     } ## end while ($ii < 5) | ||||
|  | ||||
|     # not needed but in case, untaint | ||||
|     ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; | ||||
|     return $ip; | ||||
|  | ||||
| } | ||||
|  | ||||
| } ## end sub get_internet_ip_address | ||||
|  | ||||
| sub test_for_private_ip { | ||||
|  | ||||
|     use NetAddr::IP; | ||||
|     $_ = shift; | ||||
|     my $mask = shift; | ||||
|     return unless /(\d+\.\d+\.\d+\.\d+)/; | ||||
|      my $iprange = NetAddr::IP->new($1,"$mask"); | ||||
|     my $iprange = NetAddr::IP->new($1, "$mask"); | ||||
|     return unless $iprange; | ||||
|     return ($iprange->first()->is_rfc1918() and $iprange->last()->is_rfc1918()); | ||||
|  | ||||
| } | ||||
|  | ||||
|  | ||||
| } ## end sub test_for_private_ip | ||||
| 1 | ||||
|  | ||||
| __END__ | ||||
| @@ -8,7 +8,7 @@ | ||||
| 	<p><br><span class=label> | ||||
| 	%=l 'wrg_CONF_NAME' | ||||
| 	</span> | ||||
| 	%= $wrg_datas->{wgconf} | ||||
| 	%= $wrg_datas->{account} | ||||
| 	<br></p> | ||||
|  | ||||
| 	<p><span class=label> | ||||
| @@ -17,13 +17,13 @@ | ||||
| 	%= $wrg_datas->{wgcomment} | ||||
| 	<br></p> | ||||
|  | ||||
| 	<div class='center'> | ||||
| 	%= submit_button l('CANCEL'), name => 'cancel', class => 'action' | ||||
| 	%= submit_button l('REMOVE'), name => 'remove', class => 'action' | ||||
| 	</div> | ||||
| <div class="center"> | ||||
|   %= submit_button l('REMOVE'), name => 'remove', class => 'action left-btn' | ||||
|   %= submit_button l('CANCEL'), name => 'cancel', class => 'action center-btn' | ||||
| </div> | ||||
|  | ||||
| 	%= hidden_field 'trt' => $wrg_datas->{trt} | ||||
|     	%= hidden_field 'Wgconf' => $wrg_datas->{wgconf} | ||||
|     	%= hidden_field 'Wgconf' => $wrg_datas->{account} | ||||
| 	 | ||||
|     % end | ||||
|  | ||||
|   | ||||
| @@ -3,7 +3,7 @@ | ||||
| % content_for 'module' => begin | ||||
| <div id='module' class='module wireguard-panel'> | ||||
|  | ||||
|     % if ($config->{debug} == 1) { | ||||
|     % if (config->{debug} == 1) { | ||||
| 	<p> | ||||
| 	%= dumper $c->current_route | ||||
| 	%= dumper $wrg_datas | ||||
|   | ||||
| @@ -1,5 +1,6 @@ | ||||
| %define release 21 | ||||
| %define release 25 | ||||
| %define version 1.0 | ||||
| %define debug_package %{nil} | ||||
|  | ||||
| Name: smeserver-wireguard		 | ||||
| Version: %{version}	 | ||||
| @@ -11,14 +12,14 @@ License: GPL | ||||
| URL: https://wiki.koozali.org/Wireguard		 | ||||
| Source0: smeserver-wireguard-1.0.tar.xz	 | ||||
|  | ||||
| BuildRequires:	e-smith-devtools | ||||
| BuildRequires:	smeserver-devtools | ||||
| Requires: wireguard-tools | ||||
| Requires: kmod-wireguard | ||||
| Requires: smeserver-release >= 10 | ||||
| Requires: qrencode | ||||
| Requires: perl-Net-Netmask | ||||
| Requires: e-smith-base >= 5.8.1-2 | ||||
| Requires: e-smith-lib >= 2.6.0-15 | ||||
| Requires: smeserver-base >= 5.8.1-2 | ||||
| Requires: smeserver-lib >= 2.6.0-15 | ||||
|  | ||||
| AutoReqProv: no | ||||
|  | ||||
| @@ -36,7 +37,7 @@ This package provides the Koozali SME SERVER configuration for controlling WireG | ||||
| %setup -q | ||||
|  | ||||
| %build | ||||
| perl createlink | ||||
| perl createlinks | ||||
|  | ||||
|  | ||||
| %install | ||||
| @@ -60,6 +61,19 @@ fi | ||||
|  | ||||
|  | ||||
| %changelog | ||||
| * Thu Sep 25 2025 Brian Read <brianr@koozali.org> 1.0-25.sme | ||||
| - Sort outy Remove panel placement and operation of buttons [SME: 13168] | ||||
|  | ||||
| * Wed Sep 24 2025 Brian Read <brianr@koozali.org> 1.0-24.sme | ||||
| - Sort out access to DB vis a vis caching [SME: 13168] | ||||
|  | ||||
| * Mon Sep 22 2025 Brian Read <brianr@koozali.org> 1.0-23.sme | ||||
| - add debuginfo define to suppress it [SME: 13168] | ||||
| - Fix config call in layout [SME: 13168] | ||||
|  | ||||
| * Sun Sep 08 2024 Brian Read <brianr@koozali.org> 1.0-22.sme | ||||
| - Map e-smith package names to smeserver  | ||||
|  | ||||
| * Sat Sep 07 2024 cvs2git.sh aka Brian Read <brianr@koozali.org> 1.0-21.sme | ||||
| - Roll up patches and move to git repo [SME: 12338] | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user