tuto2: wg working

2019-03-14 06:46:09 +01:00 · 2019-03-14 06:46:09 +01:00 · 33f0698f1e
commit 33f0698f1e
parent cd848e3ff6
9 changed files with 196 additions and 30 deletions
--- a/token-validator/handler.go
+++ b/token-validator/handler.go
@ -92,7 +92,7 @@ func rawHandler(f func(*http.Request, httprouter.Params, []byte) (interface{}, e

 		// Read the body
 		if r.ContentLength < 0 || r.ContentLength > 6553600 {
-			http.Error(w, fmt.Sprintf("{errmsg:\"Request too large or request size unknown\"}", err), http.StatusRequestEntityTooLarge)
+			http.Error(w, "{errmsg:\"Request too large or request size unknown\"}", http.StatusRequestEntityTooLarge)
 			return
 		}
 		var body []byte
--- a/token-validator/wg.go
+++ b/token-validator/wg.go
@ -8,6 +8,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"log"
 	"net/http"
 	"strings"
 	"time"
@ -30,7 +31,7 @@ func init() {
 		return getTunnelInfo(student.Id), nil
 	}))
 	router.POST("/api/wg/", apiAuthHandler(genWgToken))
-	router.POST("/api/wg/:token", apiHandler(getWgTunnelInfo))
+	router.POST("/api/wg/:token", getWgTunnelInfo)
 }

 func showWgTunnel(student Student, ps httprouter.Params, body []byte) (interface{}, error) {
@ -68,32 +69,57 @@ type PubTunnel struct {
 	PubKey []byte
 }

-func getWgTunnelInfo(ps httprouter.Params, body []byte) (interface{}, error) {
+func getWgTunnelInfo(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+	if addr := r.Header.Get("X-Forwarded-For"); addr != "" {
+		r.RemoteAddr = addr
+	}
+	log.Printf("%s \"%s %s\" [%s]\n", r.RemoteAddr, r.Method, r.URL.Path, r.UserAgent())
+
+	// Read the body
+	if r.ContentLength < 0 || r.ContentLength > 6553600 {
+		http.Error(w, "{errmsg:\"Request too large or request size unknown\"}", http.StatusRequestEntityTooLarge)
+		return
+	}
+
 	// Access wg infos
 	tokenhex := []byte(ps.ByName("token"))
 	tokendec := make([]byte, hex.DecodedLen(len(tokenhex)))
 	n, err := hex.Decode(tokendec, tokenhex)
 	if err != nil {
-		return nil, err
+		http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest)
+		return
 	}

 	token, err := GetTunnelToken(tokendec[:n])
 	if err != nil {
-		return nil, err
+		http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest)
+		return
 	}

 	var pt PubTunnel
-	if err := json.Unmarshal(body, &pt); err != nil {
-		return nil, err
+	if err := json.NewDecoder(r.Body).Decode(&pt); err != nil {
+		http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest)
+		return
 	}

 	token.PubKey = pt.PubKey
 	_, err = token.Update()
 	if err != nil {
-		return nil, err
+		http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest)
+		return
 	}

-	return getTunnelInfo(token.IdStudent), nil
+	tinfo := getTunnelInfo(token.IdStudent)
+
+	w.Header().Set("Content-Type", "text/plain")
+	w.Write([]byte(fmt.Sprintf(`[Peer]
+PublicKey = %s
+Endpoint = %s:%d
+AllowedIPs = ::/0
+PersistentKeepalive = 5
+# MyIPv6=%s1/%d
+# GWIPv6=%s
+`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, 64, tinfo.SrvGW6)))
 }


@ -206,9 +232,9 @@ func GenWGConfig(w io.Writer) (error) {

 		w.Write([]byte(fmt.Sprintf(`[Peer]
 #IdStudent = %d
-#TokenText = %s
 PublicKey = %s
-AllowedIPs = %s/%d`, t.IdStudent, t.TokenText, base64.StdEncoding.EncodeToString(t.PubKey), studentIP(t.IdStudent), 80)))
+AllowedIPs = %s/%d
+`, t.IdStudent, base64.StdEncoding.EncodeToString(t.PubKey), studentIP(t.IdStudent), 80)))
 	}

 	return nil