Domů Procházet Nápověda
Přihlásit se
OWEALs
/
luci
zrcadlo https://git.openwrt.org/project/luci.git
2
0
Rozštěpit 0
Soubory Úkoly 4 Wiki
Strom: 98662b0834
Větve Značky
luci
/
protocols
/
luci-proto-wireguard
/
root
/
usr
/
share
/
rpcd
/
ucode
/
luci.wireguard

luci.wireguard 2.7 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. // Copyright 2022 Jo-Philipp Wich <jo@mein.io>
    2. 

  2. // Licensed to the public under the Apache License 2.0.
    3. 

  3. 

  4. 'use strict';
    5. 

  5. 

  6. import { cursor } from 'uci';
    7. 

  7. import { popen } from 'fs';
    8. 

  8. 

  9. 

  10. function shellquote(s) {
    11. 

  11. 	return `'${replace(s ?? '', "'", "'\\''")}'`;
    12. 

  12. }
    13. 

  13. 

  14. function command(cmd) {
    15. 

  15. 	return trim(popen(cmd)?.read?.('all'));
    16. 

  16. }
    17. 

  17. 

  18. function checkPeerHost(configHost, configPort, wgHost) {
    19. 

  19. 	const ips = popen(`resolveip ${configHost} 2>/dev/null`);
    20. 

  20. 	if (ips) {
    21. 

  21. 		for (let line = ips.read('line'); length(line); line = ips.read('line')) {
    22. 

  22. 			const ip =  rtrim(line, '\n');
    23. 

  23. 			if (ip + ":" + configPort == wgHost) {
    24. 

  24. 				return true;
    25. 

  25. 			}
    26. 

  26. 		}
    27. 

  27. 	}
    28. 

  28. 	return false;
    29. 

  29. }
    30. 

  30. 

  31. 

  32. const methods = {
    33. 

  33. 	generatePsk: {
    34. 

  34. 		call: function() {
    35. 

  35. 			return { psk: command('wg genpsk 2>/dev/null') };
    36. 

  36. 		}
    37. 

  37. 	},
    38. 

  38. 

  39. 	generateKeyPair: {
    40. 

  40. 		call: function() {
    41. 

  41. 			const priv = command('wg genkey 2>/dev/null');
    42. 

  42. 			const pub = command(`echo ${shellquote(priv)} | wg pubkey 2>/dev/null`);
    43. 

  43. 

  44. 			return { keys: { priv, pub } };
    45. 

  45. 		}
    46. 

  46. 	},
    47. 

  47. 

  48. 	getPublicAndPrivateKeyFromPrivate: {
    49. 

  49. 		args: { privkey: "privkey" },
    50. 

  50. 		call: function(req) {
    51. 

  51. 			const priv = req.args?.privkey;
    52. 

  52. 			const pub = command(`echo ${shellquote(priv)} | wg pubkey 2>/dev/null`);
    53. 

  53. 

  54. 			return { keys: { priv, pub } };
    55. 

  55. 		}
    56. 

  56. 	},
    57. 

  57. 

  58. 	getWgInstances: {
    59. 

  59. 		call: function() {
    60. 

  60. 			const data = {};
    61. 

  61. 			let last_device;
    62. 

  62. 			let qr_pubkey = {};
    63. 

  63. 

  64. 			const uci = cursor();
    65. 

  65. 			const wg_dump = popen("wg show all dump 2>/dev/null");
    66. 

  66. 

  67. 			if (wg_dump) {
    68. 

  68. 				uci.load("network");
    69. 

  69. 

  70. 				for (let line = wg_dump.read('line'); length(line); line = wg_dump.read('line')) {
    71. 

  71. 					const record = split(rtrim(line, '\n'), '\t');
    72. 

  72. 

  73. 					if (last_device != record[0]) {
    74. 

  74. 						last_device = record[0];
    75. 

  75. 						data[last_device] = {
    76. 

  76. 							name: last_device,
    77. 

  77. 							public_key: record[2],
    78. 

  78. 							listen_port: record[3],
    79. 

  79. 							fwmark: record[4],
    80. 

  80. 							peers: []
    81. 

  81. 						};
    82. 

  82. 

  83. 						if (!length(record[2]) || record[2] == '(none)')
    84. 

  84. 							qr_pubkey[last_device] = '';
    85. 

  85. 						else
    86. 

  86. 							qr_pubkey[last_device] = `PublicKey = ${record[2]}`;
    87. 

  87. 					}
    88. 

  88. 					else {
    89. 

  89. 						let peer_name;
    90. 

  90. 

  91. 						uci.foreach('network', `wireguard_${last_device}`, (s) => {
    92. 

  92. 							if (!s.disabled && s.public_key == record[1] && (!s.endpoint_host || checkPeerHost(s.endpoint_host, s.endpoint_port, record[3])))
    93. 

  93. 								peer_name = s.description;
    94. 

  94. 						});
    95. 

  95. 

  96. 						const peer = {
    97. 

  97. 							name: peer_name,
    98. 

  98. 							public_key: record[1],
    99. 

  99. 							endpoint: record[3],
    100. 

  100. 							allowed_ips: [],
    101. 

  101. 							latest_handshake: record[5],
    102. 

  102. 							transfer_rx: record[6],
    103. 

  103. 							transfer_tx: record[7],
    104. 

  104. 							persistent_keepalive: record[8]
    105. 

  105. 						};
    106. 

  106. 

  107. 						if (record[3] != '(none)' && length(record[4]))
    108. 

  108. 							push(peer.allowed_ips, ...split(record[4], ','));
    109. 

  109. 

  110. 						push(data[last_device].peers, peer);
    111. 

  111. 					}
    112. 

  112. 				}
    113. 

  113. 			}
    114. 

  114. 

  115. 			return data;
    116. 

  116. 		}
    117. 

  117. 	}
    118. 

  118. };
    119. 

  119. 

  120. return { 'luci.wireguard': methods };
    121.