Added check to see that federated server is in servers file
parent
aa35d5c31a
commit
16acd0987f
|
@ -5,6 +5,7 @@
|
|||
# QUERYSTRING: ?pubkey=$pubkey&psk=$psk&ips=$allowedips
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
|
@ -21,14 +22,17 @@ pubkey="$(<<<"${qs}" grep -oP 'pubkey=(.*)' | sed 's/^pubkey//' | xargs)"
|
|||
psk="$(<<<"${qs}" grep -oP 'psk=(.*)' | sed 's/^psk//' | xargs)"
|
||||
allowedips="$(<<<"${qs}" grep -oP 'ips=(.*)' | sed 's/^ips//' | xargs)"
|
||||
|
||||
# TODO: Check that ${ip} is on the list
|
||||
# Check that requesting ip is in the servers file
|
||||
if ! cat "${SERVERS_FILE}" | sed '/^#/d' | cut -f2,3 | grep -w "${ip}"; then
|
||||
printf "ERROR! Federated server %s requested to create new peer but isn't in servers file!/n" "${ip}" >&2
|
||||
"${LIB_DIR}/http_res" 403; exit
|
||||
fi
|
||||
|
||||
# Add peer to wireguard
|
||||
if "${LIB_DIR}/wg_peer_add" "${pubkey}" "${server_psk}" "${allowedips}"; then
|
||||
printf 'Added %s to local wireguard server.\n' "${pubkey}" >&2
|
||||
else
|
||||
printf 'ERROR! Failed to add %s to wireguard server!\n' "${pubkey}" >&2
|
||||
# TODO: clear existing progress
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
"${LIB_DIR}/http_res" 200
|
||||
|
|
Loading…
Reference in New Issue