• R/O
  • HTTP
  • SSH
  • HTTPS

packages: Commit

Community maintained packages for ImmortalWrt.


Commit MetaInfo

Révisiona430932a7d3d017c536c218803aae59dd77df1de (tree)
l'heure2022-01-20 21:57:46
AuteurNick Hainke <vincent@syst...>
CommiterNick Hainke

Message de Log

wg-installer: check if a key is already inserted

Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit da48bc3792705b12fc104459ed9f5f1b73544d17)

Change Summary

Modification

--- a/net/wg-installer/wg-client/lib/rpcd_ubus.sh
+++ b/net/wg-installer/wg-client/lib/rpcd_ubus.sh
@@ -95,6 +95,15 @@ wg_rpcd_get_usage () {
9595 echo "num_interfaces: ${num_interfaces}"
9696 }
9797
98+wg_error_handling () {
99+ local response_code=$1
100+
101+ case "$response_code" in
102+ 1) logger -t "wginstaller" "Server rejected request since the public key is already used!" ;;
103+ *) logger -t "wginstaller" "Unknown Error Code!";;
104+ esac
105+}
106+
98107 wg_rpcd_register () {
99108 local token=$5
100109 local ip=$6
@@ -123,6 +132,11 @@ wg_rpcd_register () {
123132 json_get_vars result result
124133 json_select result
125134 json_select 2
135+ json_get_var response_code response_code
136+ if [ "$response_code" -ne 0 ]; then
137+ wg_error_handling "$response_code"
138+ return 1
139+ fi
126140 json_get_var gw_pubkey gw_pubkey
127141 json_get_var gw_ipv4 gw_ipv4
128142 json_get_var gw_ipv6 gw_ipv6
--- a/net/wg-installer/wg-server/lib/wg_functions.sh
+++ b/net/wg-installer/wg-server/lib/wg_functions.sh
@@ -3,6 +3,12 @@
33 . /usr/share/libubox/jshn.sh
44 . /usr/share/wginstaller/wg.sh
55
6+wg_key_exists () {
7+ local key=$1
8+
9+ wg show | grep -q "$key"
10+}
11+
612 wg_timeout () {
713 local int=$1
814
@@ -42,6 +48,14 @@ wg_register () {
4248 local mtu=$2
4349 local public_key=$3
4450
51+ if wg_key_exists $public_key; then
52+ logger -t "wginstaller" "Rejecting request since the public key is already used!" "$public_key"
53+ json_init
54+ json_add_int "response_code" 1
55+ json_dump
56+ return 1
57+ fi
58+
4559 base_prefix_ipv6=$(uci get wgserver.@server[0].base_prefix_ipv6)
4660 port_start=$(uci get wgserver.@server[0].port_start)
4761 port_end=$(uci get wgserver.@server[0].port_end)
@@ -82,6 +96,7 @@ wg_register () {
8296
8397 # craft return address
8498 json_init
99+ json_add_int "response_code" 0
85100 json_add_string "gw_pubkey" "$wg_server_pubkey"
86101 if test -n "${gw_ipv4_assign-}"; then
87102 json_add_string "gw_ipv4" "$gw_ipv4_assign"
Afficher sur ancien navigateur de dépôt.