diff --git a/pkg/wg/ask.sh b/pkg/wg/ask.sh index 7202dbd..5702926 100755 --- a/pkg/wg/ask.sh +++ b/pkg/wg/ask.sh @@ -18,7 +18,7 @@ cmdline() { [ -f "/etc/wireguard/adlin.conf" ] && WGPRVKEY=$(sed 's/^.*PrivateKey *= *//p;d' /etc/wireguard/adlin.conf) [ -z "${WGPRVKEY}" ] && WGPRVKEY=$(/usr/bin/wg genkey) WGPUBKEY=$(echo $WGPRVKEY | /usr/bin/wg pubkey) -while ! { echo -e "[Interface]\nPrivateKey = ${WGPRVKEY}"; /usr/bin/curl -f -d '{"pubkey": "'$WGPUBKEY'"}' https://adlin.nemunai.re/api/wg/$(echo -n "$WGTOKEN" | /usr/bin/sha512sum | /usr/bin/cut -d ' ' -f 1); } > /etc/wireguard/adlin.conf +while ! { echo -e "[Interface]\nPrivateKey = ${WGPRVKEY}"; /usr/bin/wget -O - --header "X-WG-pubkey: $WGPUBKEY" https://adlin.nemunai.re/api/wg/$(echo -n "$WGTOKEN" | /usr/bin/sha512sum | /usr/bin/cut -d ' ' -f 1); } > /etc/wireguard/adlin.conf do exit 1 done diff --git a/token-validator/wg.go b/token-validator/wg.go index 95ecfef..d56ef12 100644 --- a/token-validator/wg.go +++ b/token-validator/wg.go @@ -31,6 +31,7 @@ func init() { return getTunnelInfo(student.Id), nil })) router.POST("/api/wg/", apiAuthHandler(genWgToken)) + router.GET("/api/wg/:token", getWgTunnelInfo) router.POST("/api/wg/:token", getWgTunnelInfo) } @@ -97,8 +98,15 @@ func getWgTunnelInfo(w http.ResponseWriter, r *http.Request, ps httprouter.Param } var pt PubTunnel - if err := json.NewDecoder(r.Body).Decode(&pt); err != nil { - http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest) + if r.Method == "POST" { + if err := json.NewDecoder(r.Body).Decode(&pt); err != nil { + http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest) + return + } + } else if pubkey := r.Header.Get("X-WG-PubKey"); pubkey != "" { + pt.PubKey, _ = base64.StdEncoding.DecodeString(pubkey) + } else { + http.Error(w, fmt.Sprintf("{errmsg:\"No public key given\"}", err), http.StatusBadRequest) return } @@ -113,6 +121,13 @@ func getWgTunnelInfo(w http.ResponseWriter, r *http.Request, ps httprouter.Param tinfo := getTunnelInfo(token.IdStudent) + var student adlin.Student + student, err = adlin.GetStudent(int(token.IdStudent)) + if err != nil { + http.Error(w, fmt.Sprintf("{errmsg:%q}", err), http.StatusBadRequest) + return + } + w.Header().Set("Content-Type", "text/plain") w.Write([]byte(fmt.Sprintf(`[Peer] PublicKey = %s @@ -122,7 +137,8 @@ PersistentKeepalive = 5 # MyIPv6=%s1/%d # MyNetwork=%s/%d # GWIPv6=%s -`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6))) +# MyLogin=%s +`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6, student.Login))) } func GenWGConfig(w io.Writer) error {