From 955e263d3979ebb85c26c94032bf74512cc72503 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Thu, 14 Mar 2019 07:12:24 +0100 Subject: [PATCH] maatma: add wg dump --- token-validator/wg.go | 57 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 56 insertions(+), 1 deletion(-) diff --git a/token-validator/wg.go b/token-validator/wg.go index 9e7158a..91368fa 100644 --- a/token-validator/wg.go +++ b/token-validator/wg.go @@ -10,6 +10,7 @@ import ( "io" "log" "net/http" + "os/exec" "strings" "time" @@ -118,8 +119,9 @@ Endpoint = %s:%d AllowedIPs = ::/0 PersistentKeepalive = 5 # MyIPv6=%s1/%d +# MyNetwork=%s/%d # GWIPv6=%s -`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, 64, tinfo.SrvGW6))) +`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6))) } @@ -129,10 +131,18 @@ type TunnelToken struct { IdStudent int64 PubKey []byte Time time.Time + Dump *WGDump } func GetTunnelToken(token []byte) (t TunnelToken, err error) { err = DBQueryRow("SELECT token, token_text, id_student, pubkey, time FROM student_tunnel_tokens WHERE token=? ORDER BY time DESC", token).Scan(&t.token, &t.TokenText, &t.IdStudent, &t.PubKey, &t.Time) + if err == nil && t.PubKey != nil { + if wgd, errr := readWgDump(); errr == nil { + if v, ok := wgd[base64.StdEncoding.EncodeToString(t.PubKey)]; ok { + t.Dump = &v + } + } + } return } @@ -158,6 +168,8 @@ func (student Student) NewTunnelToken() (t TunnelToken, err error) { func (student Student) GetTunnelTokens() (ts []TunnelToken, err error) { if rows, errr := DBQuery("SELECT token, token_text, id_student, pubkey, time FROM student_tunnel_tokens WHERE id_student = ? ORDER BY time DESC", student.Id); errr != nil { return nil, errr + } else if wgd, errr := readWgDump(); errr != nil { + return nil, errr } else { defer rows.Close() @@ -166,6 +178,11 @@ func (student Student) GetTunnelTokens() (ts []TunnelToken, err error) { if err = rows.Scan(&t.token, &t.TokenText, &t.IdStudent, &t.PubKey, &t.Time); err != nil { return } + if t.PubKey != nil { + if v, ok := wgd[base64.StdEncoding.EncodeToString(t.PubKey)]; ok { + t.Dump = &v + } + } ts = append(ts, t) } if err = rows.Err(); err != nil { @@ -178,6 +195,13 @@ func (student Student) GetTunnelTokens() (ts []TunnelToken, err error) { func (student Student) GetTunnelToken(token []byte) (t TunnelToken, err error) { err = DBQueryRow("SELECT token, token_text, id_student, pubkey, time FROM student_tunnel_tokens WHERE token = ? AND id_student = ? ORDER BY time DESC", token, student.Id).Scan(&t.token, &t.TokenText, &t.IdStudent, &t.PubKey, &t.Time) + if err == nil && t.PubKey != nil { + if wgd, errr := readWgDump(); errr == nil { + if v, ok := wgd[base64.StdEncoding.EncodeToString(t.PubKey)]; ok { + t.Dump = &v + } + } + } return } @@ -239,3 +263,34 @@ AllowedIPs = %s/%d return nil } + +type WGDump struct { + PubKey string + PSK string + Endpoint string + AllowedIPs string + LastHandS string + RX string + TX string + KeepAlive string +} + +func readWgDump() (wgd map[string]WGDump, err error) { + out, errr := exec.Command("wg", "show", "wg-adlin", "dump").Output() + + if errr != nil { + return nil, errr + } + + wgd = map[string]WGDump{} + for _, line := range strings.Split(string(out), "\n") { + cols := strings.Fields(line) + if len(cols) != 8 { + continue + } + + wgd[cols[0]] = WGDump{cols[0], cols[1], cols[2], cols[3], cols[4], cols[5], cols[6], cols[7]} + } + + return +}