/[smecontribs]/rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11771-Delete-previous-network-records-when-server-ip-updated-validate-server-ip.patch
ViewVC logotype

Annotation of /rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11771-Delete-previous-network-records-when-server-ip-updated-validate-server-ip.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Thu Nov 25 10:10:24 2021 UTC (3 years ago) by brianr
Branch: MAIN
CVS Tags: smeserver-wireguard-1_0-14_el7_sme, smeserver-wireguard-1_0-19_el7_sme, smeserver-wireguard-1_0-17_el7_sme, smeserver-wireguard-1_0-13_el7_sme, smeserver-wireguard-1_0-16_el7_sme, smeserver-wireguard-1_0-20_el7_sme, smeserver-wireguard-1_0-15_el7_sme, smeserver-wireguard-1_0-18_el7_sme, HEAD 
* Thu Nov 25 2021 Brian Read <brianr@bjsystems.co.uk> 1.0-13.sme
- Delete old networkdb records when server ip updated [SME: 11771]
- Validate Server Ip range to be private in SM panel
1 brianr 1.1 diff -urN smeserver-wireguard-1.0.old/root/etc/e-smith/events/actions/wireguard-network smeserver-wireguard-1.0/root/etc/e-smith/events/actions/wireguard-network
2     --- smeserver-wireguard-1.0.old/root/etc/e-smith/events/actions/wireguard-network 2021-10-27 04:15:11.000000000 +0100
3     +++ smeserver-wireguard-1.0/root/etc/e-smith/events/actions/wireguard-network 2021-11-24 10:54:47.552659023 +0000
4     @@ -24,6 +24,12 @@
5     my $ip = $block->base;
6     my $mask = $block->mask;
7    
8     +#First delete any already there.
9     +my @wg = $netdb->get_all_by_prop(Wireguard=>"wg0");
10     +foreach my $netwg (@wg) {
11     + $netwg->delete();
12     +}
13     +# and then create one from the wireguard server ip
14     my $iswg=$netdb->get($ip);
15     unless ($iswg) {
16     $netdb->new_record("$ip",{ type => "network",
17     @@ -35,4 +41,3 @@
18     exit;
19     }
20    
21     -
22     diff -urN smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm
23     --- smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-24 09:43:05.057196197 +0000
24     +++ smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-25 09:18:50.980936582 +0000
25     @@ -441,13 +441,18 @@
26     );
27    
28     $cdb->get('wg-quick@wg0')->merge_props(%props)
29     - or $msg = "Error occurred while modifying pseudonym in database.";
30     -
31     - # Untaint before use in system()
32     - ($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
33     - system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",)
34     - == 0 or $msg = "Error occurred while modifying wireguard conf.";
35     + or $msg = "Error occurred while modifying server details.";
36    
37     + # Test Ip is inside CIDR
38     + if (!test_for_private_ip($ip,$mask)) {$msg = "IP must be in private range";}
39     + #else {$msg = "Ip is inside range $ip / $mask";}
40     +
41     + unless ($msg eq "OK"){
42     + # Untaint before use in system()
43     + ($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
44     + system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",)
45     + == 0 or $msg = "Error occurred while modifying wireguard conf.";
46     + }
47     if ($msg eq "OK")
48     {
49     $q->delete('ip');
50     @@ -612,4 +617,15 @@
51     return $ip;
52     }
53    
54     +sub test_for_private_ip {
55     + use NetAddr::IP;
56     + $_ = shift;
57     + my $mask = shift;
58     + return unless /(\d+\.\d+\.\d+\.\d+)/;
59     + my $iprange = NetAddr::IP->new($1,"$mask");
60     + return unless $iprange;
61     + return ($iprange->first()->is_rfc1918() and $iprange->last()->is_rfc1918());
62     +}
63     +
64     +
65     1;
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed