token-validator: fix IP assignation when > 254 (there is a lot of student this year)

This commit is contained in:
nemunaire 2021-02-20 19:13:33 +01:00
parent cc7e738932
commit 060831d9c2
3 changed files with 24 additions and 7 deletions

View File

@ -37,12 +37,16 @@ func registerUser(tplPath string, filename string, username string, ip net.IP) e
pkey := hmac.New(sha512.New512_224, []byte(loginSalt)) pkey := hmac.New(sha512.New512_224, []byte(loginSalt))
if len(ip.To4()) != 4 {
return fmt.Errorf("Unable to assign a protected IP.")
}
if pxeTmpl, err := template.New("pxeUser").Parse(string(pxeTplCnt)); err != nil { if pxeTmpl, err := template.New("pxeUser").Parse(string(pxeTplCnt)); err != nil {
return err return err
} else if err := pxeTmpl.Execute(userfd, map[string]string{ } else if err := pxeTmpl.Execute(userfd, map[string]string{
"username": username, "username": username,
"pkey": fmt.Sprintf("%x", pkey.Sum([]byte(username))), "pkey": fmt.Sprintf("%x", pkey.Sum([]byte(username))),
"ip": fmt.Sprintf("%d.%d.%d.%d", ip.To4()[0], ip.To4()[1], ip.To4()[2], ip.To4()[3]), "ip": ip.String(),
}); err != nil { }); err != nil {
return err return err
} }

View File

@ -2,6 +2,7 @@ package main
import ( import (
"fmt" "fmt"
"net"
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
@ -15,8 +16,19 @@ func init() {
}))) })))
} }
func IPSuffix(s adlin.Student) int64 { func IPSuffix(s adlin.Student, network net.IPNet) net.IP {
return s.Id*4 + 10 ipshift := s.Id*4 + 10
myIP := network.IP
if ipshift > 254 {
myIP[len(myIP)-2] += byte(ipshift / 254)
ipshift = ipshift % 254
}
myIP[len(myIP)-1] += byte(ipshift)
return myIP
} }
func showIPs(_ httprouter.Params, body []byte) (interface{}, error) { func showIPs(_ httprouter.Params, body []byte) (interface{}, error) {
@ -45,9 +57,9 @@ func showIPs(_ httprouter.Params, body []byte) (interface{}, error) {
func getStudentIPs(student adlin.Student) (r map[string]string) { func getStudentIPs(student adlin.Student) (r map[string]string) {
r = make(map[string]string) r = make(map[string]string)
r["vlan0"] = fmt.Sprintf("172.23.0.%d", IPSuffix(student)) r["vlan0"] = IPSuffix(student, net.IPNet{net.ParseIP("172.23.0.0"), net.CIDRMask(17, 32)}).String()
r["wg0"] = fmt.Sprintf("172.17.0.%d", IPSuffix(student)) r["wg0"] = IPSuffix(student, net.IPNet{net.ParseIP("172.17.0.0"), net.CIDRMask(16, 32)}).String()
r["vlan7"] = fmt.Sprintf("172.23.142.%d", IPSuffix(student)) r["vlan7"] = IPSuffix(student, net.IPNet{net.ParseIP("172.23.142.0"), net.CIDRMask(23, 32)}).String()
r["wg"] = adlin.StudentIP(student.Id).String() r["wg"] = adlin.StudentIP(student.Id).String()
r["adn"] = student.MyAssociatedDomain() r["adn"] = student.MyAssociatedDomain()
r["ddn"] = student.MyDelegatedDomain() r["ddn"] = student.MyDelegatedDomain()

View File

@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"log" "log"
"net"
"strings" "strings"
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
@ -89,7 +90,7 @@ func createStudent(_ httprouter.Params, body []byte) (interface{}, error) {
} }
exist.RegisterAccess(std.IP, std.MAC) exist.RegisterAccess(std.IP, std.MAC)
ip := fmt.Sprintf("172.23.0.%d", IPSuffix(exist)) ip := IPSuffix(exist, net.IPNet{net.ParseIP("172.23.0.0"), net.CIDRMask(17, 32)}).String()
exist.IP = &ip exist.IP = &ip
return exist, nil return exist, nil