diff --git a/Makefile b/Makefile index 0703b12..48608be 100755 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ SHELL := /bin/bash ## version LSB = $(shell lsb_release -i -s)$(shell lsb_release -r -s) -VER = $(shell cat VERSION) +VER = $(shell ./dist/version.sh) ARCH = $(shell uname -m) ## declare directory @@ -185,4 +185,4 @@ cover: env ## execute unit test and output coverage go tool cover -html=coverage.out -o coverage.html clean: ## clean cache - rm -rvf ./build \ No newline at end of file + rm -rvf ./build diff --git a/VERSION b/VERSION deleted file mode 100755 index e7e11c4..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -23.09.18 diff --git a/dist/version.sh b/dist/version.sh new file mode 100755 index 0000000..8b8b6b7 --- /dev/null +++ b/dist/version.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +if [ -e "VERSION" ]; then + cat VERSION + exit 0 +fi + +ver=$(git describe --tags --abbrev=0 --match 'v*') +if [ $? -eq 0 ]; then + echo $ver + exit 0 +fi + +date +%y%m%d diff --git a/pkg/api/network.go b/pkg/api/network.go index e149744..d9f0f31 100755 --- a/pkg/api/network.go +++ b/pkg/api/network.go @@ -1,12 +1,13 @@ package api import ( + "net/http" + "strings" + "github.com/gorilla/mux" "github.com/luscis/openlan/pkg/cache" "github.com/luscis/openlan/pkg/models" "github.com/luscis/openlan/pkg/schema" - "net/http" - "strings" ) type Network struct { @@ -15,7 +16,7 @@ type Network struct { func (h Network) Router(router *mux.Router) { router.HandleFunc("/api/network", h.List).Methods("GET") router.HandleFunc("/api/network/{id}", h.Get).Methods("GET") - router.HandleFunc("/get/network/{id}/{ie}.ovpn", h.Profile).Methods("GET") + router.HandleFunc("/get/network/{id}/ovpn", h.Profile).Methods("GET") } func (h Network) List(w http.ResponseWriter, r *http.Request) { @@ -42,7 +43,7 @@ func (h Network) Get(w http.ResponseWriter, r *http.Request) { func (h Network) Profile(w http.ResponseWriter, r *http.Request) { server := strings.SplitN(r.Host, ":", 2)[0] vars := mux.Vars(r) - data, err := cache.VPNClient.GetClientProfile(vars["id"], vars["ie"], server) + data, err := cache.VPNClient.GetClientProfile(vars["id"], server) if err == nil { _, _ = w.Write([]byte(data)) } else { diff --git a/pkg/api/user.go b/pkg/api/user.go index f8dd787..e00a67e 100755 --- a/pkg/api/user.go +++ b/pkg/api/user.go @@ -72,14 +72,25 @@ func (h User) Del(w http.ResponseWriter, r *http.Request) { ResponseMsg(w, 0, "") } +func UserCheck(user, pass string) error { + model := &models.User{ + Name: user, + Password: pass, + } + if _, err := cache.User.Check(model); err == nil { + return nil + } else { + return err + } +} + func (h User) Check(w http.ResponseWriter, r *http.Request) { user := &schema.User{} if err := GetData(r, user); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } - model := models.SchemaToUserModel(user) - if _, err := cache.User.Check(model); err == nil { + if err := UserCheck(user.Name, user.Password); err == nil { ResponseMsg(w, 0, "success") } else { http.Error(w, err.Error(), http.StatusUnauthorized) diff --git a/pkg/cache/openvpn.go b/pkg/cache/openvpn.go index c022f6d..c9ba41f 100755 --- a/pkg/cache/openvpn.go +++ b/pkg/cache/openvpn.go @@ -2,9 +2,6 @@ package cache import ( "bufio" - "github.com/luscis/openlan/pkg/config" - "github.com/luscis/openlan/pkg/libol" - "github.com/luscis/openlan/pkg/schema" "io" "os" "path/filepath" @@ -12,6 +9,10 @@ import ( "strings" "time" "unicode" + + "github.com/luscis/openlan/pkg/config" + "github.com/luscis/openlan/pkg/libol" + "github.com/luscis/openlan/pkg/schema" ) type vpnClient struct { @@ -156,9 +157,15 @@ func (o *vpnClient) List(name string) <-chan *schema.VPNClient { return c } -func (o *vpnClient) GetClientProfile(network, client, remote string) (string, error) { - file := o.Dir(network, client+"client.ovpn") - reader, err := os.Open(file) +func (o *vpnClient) clientFile(name string) string { + files, _ := filepath.Glob(o.Dir(name, "*client.ovpn")) + if len(files) > 0 { + return files[0] + } + return "" +} +func (o *vpnClient) GetClientProfile(network, remote string) (string, error) { + reader, err := os.Open(o.clientFile(network)) if err != nil { return "", err } @@ -166,8 +173,9 @@ func (o *vpnClient) GetClientProfile(network, client, remote string) (string, er scanner := bufio.NewScanner(reader) for scanner.Scan() { line := scanner.Text() - if strings.HasPrefix(line, "remote 0.0.0.0") { - profile += strings.Replace(line, "0.0.0.0", remote, 1) + elements := strings.SplitN(line, " ", 3) + if len(elements) == 3 && elements[0] == "remote" { + profile += "remote " + remote + " " + elements[2] } else { profile += line } diff --git a/pkg/models/user.go b/pkg/models/user.go index 01e8c06..b62992f 100755 --- a/pkg/models/user.go +++ b/pkg/models/user.go @@ -2,10 +2,11 @@ package models import ( "fmt" - "github.com/luscis/openlan/pkg/libol" "runtime" "strings" "time" + + "github.com/luscis/openlan/pkg/libol" ) type User struct { @@ -56,5 +57,8 @@ func (u *User) Update() { } func (u *User) Id() string { + if u.Network == "" { + return u.Name + } return u.Name + "@" + u.Network } diff --git a/pkg/switch/http.go b/pkg/switch/http.go index a550629..d6de67e 100755 --- a/pkg/switch/http.go +++ b/pkg/switch/http.go @@ -2,16 +2,7 @@ package _switch import ( "context" - "crypto/md5" - "encoding/hex" "fmt" - "github.com/gorilla/mux" - "github.com/luscis/openlan/pkg/api" - "github.com/luscis/openlan/pkg/cache" - co "github.com/luscis/openlan/pkg/config" - "github.com/luscis/openlan/pkg/libol" - "github.com/luscis/openlan/pkg/models" - "github.com/luscis/openlan/pkg/schema" "io/ioutil" "net/http" "net/http/pprof" @@ -21,13 +12,20 @@ import ( "strings" "text/template" "time" + + "github.com/gorilla/mux" + "github.com/luscis/openlan/pkg/api" + "github.com/luscis/openlan/pkg/cache" + co "github.com/luscis/openlan/pkg/config" + "github.com/luscis/openlan/pkg/libol" + "github.com/luscis/openlan/pkg/models" + "github.com/luscis/openlan/pkg/schema" ) type Http struct { switcher api.Switcher listen string adminToken string - guestToken string adminFile string server *http.Server crtFile string @@ -141,9 +139,7 @@ func (h *Http) LoadToken() { } func (h *Http) SetToken(value string) { - sum := md5.Sum([]byte(value)) h.adminToken = value - h.guestToken = hex.EncodeToString(sum[:16])[:12] } func (h *Http) Start() { @@ -182,16 +178,27 @@ func (h *Http) Shutdown() { func (h *Http) IsAuth(w http.ResponseWriter, r *http.Request) bool { token, pass, ok := r.BasicAuth() libol.Debug("Http.IsAuth token: %s, pass: %s", token, pass) - if strings.HasPrefix(r.URL.Path, "/api/") { - if !ok || token != h.adminToken { - return false - } - } else if strings.HasPrefix(r.URL.Path, "/get/") { - if !ok || token != h.guestToken { - return false + if !ok { + return false + } + if token == h.adminToken { + return true + } + + elements := strings.SplitN(r.URL.Path, "/", 8) + if len(elements) > 3 { + if elements[2] == "network" { + zone := elements[3] + if !strings.HasSuffix(token, "@"+zone) { + return false + } + if api.UserCheck(token, pass) == nil { + return true + } } } - return true + + return false } func (h *Http) getFile(name string) string {