From da48bc3792705b12fc104459ed9f5f1b73544d17 Mon Sep 17 00:00:00 2001 From: Nick Hainke Date: Tue, 18 Jan 2022 18:31:46 +0100 Subject: [PATCH] wg-installer: check if a key is already inserted Check if a peer is already existing with a given public key. Introduce a response code for signaling why the server rejected the request. Signed-off-by: Nick Hainke --- net/wg-installer/wg-client/lib/rpcd_ubus.sh | 14 ++++++++++++++ net/wg-installer/wg-server/lib/wg_functions.sh | 15 +++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/net/wg-installer/wg-client/lib/rpcd_ubus.sh b/net/wg-installer/wg-client/lib/rpcd_ubus.sh index 08024d476..581e2f1b2 100644 --- a/net/wg-installer/wg-client/lib/rpcd_ubus.sh +++ b/net/wg-installer/wg-client/lib/rpcd_ubus.sh @@ -95,6 +95,15 @@ wg_rpcd_get_usage () { echo "num_interfaces: ${num_interfaces}" } +wg_error_handling () { + local response_code=$1 + + case "$response_code" in + 1) logger -t "wginstaller" "Server rejected request since the public key is already used!" ;; + *) logger -t "wginstaller" "Unknown Error Code!";; + esac +} + wg_rpcd_register () { local token=$5 local ip=$6 @@ -123,6 +132,11 @@ wg_rpcd_register () { json_get_vars result result json_select result json_select 2 + json_get_var response_code response_code + if [ "$response_code" -ne 0 ]; then + wg_error_handling "$response_code" + return 1 + fi json_get_var gw_pubkey gw_pubkey json_get_var gw_ipv4 gw_ipv4 json_get_var gw_ipv6 gw_ipv6 diff --git a/net/wg-installer/wg-server/lib/wg_functions.sh b/net/wg-installer/wg-server/lib/wg_functions.sh index ab8f40e96..98f823324 100644 --- a/net/wg-installer/wg-server/lib/wg_functions.sh +++ b/net/wg-installer/wg-server/lib/wg_functions.sh @@ -3,6 +3,12 @@ . /usr/share/libubox/jshn.sh . /usr/share/wginstaller/wg.sh +wg_key_exists () { + local key=$1 + + wg show | grep -q "$key" +} + wg_timeout () { local int=$1 @@ -42,6 +48,14 @@ wg_register () { local mtu=$2 local public_key=$3 + if wg_key_exists $public_key; then + logger -t "wginstaller" "Rejecting request since the public key is already used!" "$public_key" + json_init + json_add_int "response_code" 1 + json_dump + return 1 + fi + base_prefix_ipv6=$(uci get wgserver.@server[0].base_prefix_ipv6) port_start=$(uci get wgserver.@server[0].port_start) port_end=$(uci get wgserver.@server[0].port_end) @@ -82,6 +96,7 @@ wg_register () { # craft return address json_init + json_add_int "response_code" 0 json_add_string "gw_pubkey" "$wg_server_pubkey" if test -n "${gw_ipv4_assign-}"; then json_add_string "gw_ipv4" "$gw_ipv4_assign"