mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-12-26 01:59:53 +03:00
Cedar/Admin: Implement RPC methods to add/delete/list WireGuard keys
This commit is contained in:
parent
dd1eebdbed
commit
6115f1c713
@ -1509,6 +1509,9 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p)
|
||||
DECLARE_RPC_EX("GetServerCipherList", RPC_STR, StGetServerCipherList, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_RPC_EX("GetServerCipher", RPC_STR, StGetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_RPC_EX("SetServerCipher", RPC_STR, StSetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_RPC_EX("AddWgk", RPC_WGK, StAddWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_RPC_EX("DeleteWgk", RPC_WGK, StDeleteWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_RPC_EX("EnumWgk", RPC_WGK, StEnumWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_RPC("CreateHub", RPC_CREATE_HUB, StCreateHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
DECLARE_RPC("SetHub", RPC_CREATE_HUB, StSetHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
DECLARE_RPC("GetHub", RPC_CREATE_HUB, StGetHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
@ -1693,6 +1696,9 @@ DECLARE_SC_EX("GetServerCert", RPC_KEY_PAIR, ScGetServerCert, InRpcKeyPair, OutR
|
||||
DECLARE_SC_EX("GetServerCipherList", RPC_STR, ScGetServerCipherList, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_SC_EX("GetServerCipher", RPC_STR, ScGetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_SC_EX("SetServerCipher", RPC_STR, ScSetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
|
||||
DECLARE_SC_EX("AddWgk", RPC_WGK, ScAddWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_SC_EX("DeleteWgk", RPC_WGK, ScDeleteWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_SC_EX("EnumWgk", RPC_WGK, ScEnumWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
|
||||
DECLARE_SC("CreateHub", RPC_CREATE_HUB, ScCreateHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
DECLARE_SC("SetHub", RPC_CREATE_HUB, ScSetHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
DECLARE_SC("GetHub", RPC_CREATE_HUB, ScGetHub, InRpcCreateHub, OutRpcCreateHub)
|
||||
@ -9503,6 +9509,144 @@ UINT StSetServerCert(ADMIN *a, RPC_KEY_PAIR *t)
|
||||
return ERR_NO_ERROR;
|
||||
}
|
||||
|
||||
// Add a WireGuard key to the allowed key list
|
||||
UINT StAddWgk(ADMIN *a, RPC_WGK *t)
|
||||
{
|
||||
UINT ret = ERR_NO_ERROR;
|
||||
SERVER *s = a->Server;
|
||||
CEDAR *c = s->Cedar;
|
||||
LIST *to_add;
|
||||
|
||||
SERVER_ADMIN_ONLY;
|
||||
|
||||
to_add = NewListFast(NULL);
|
||||
|
||||
LockList(c->WgkList);
|
||||
{
|
||||
UINT i;
|
||||
for (i = 0; i < t->Num; ++i)
|
||||
{
|
||||
WGK *rpc_wgk = &t->Wgks[i];
|
||||
WGK *wgk;
|
||||
|
||||
if (IsEmptyStr(rpc_wgk->Key))
|
||||
{
|
||||
ret = ERR_INVALID_PARAMETER;
|
||||
break;
|
||||
}
|
||||
|
||||
if (Search(c->WgkList, rpc_wgk) != NULL)
|
||||
{
|
||||
ret = ERR_OBJECT_EXISTS;
|
||||
break;
|
||||
}
|
||||
|
||||
wgk = Malloc(sizeof(WGK));
|
||||
StrCpy(wgk->Key, sizeof(wgk->Key), rpc_wgk->Key);
|
||||
StrCpy(wgk->Hub, sizeof(wgk->Hub), rpc_wgk->Hub);
|
||||
StrCpy(wgk->User, sizeof(wgk->User), rpc_wgk->User);
|
||||
|
||||
Add(to_add, wgk);
|
||||
}
|
||||
|
||||
for (i = 0; i < LIST_NUM(to_add); ++i)
|
||||
{
|
||||
WGK *wgk = LIST_DATA(to_add, i);
|
||||
ret == ERR_NO_ERROR ? Add(c->WgkList, wgk) : Free(wgk);
|
||||
}
|
||||
}
|
||||
UnlockList(c->WgkList);
|
||||
|
||||
if (ret == ERR_NO_ERROR)
|
||||
{
|
||||
ALog(a, NULL, "LA_ADD_WGK", LIST_NUM(to_add));
|
||||
IncrementServerConfigRevision(a->Server);
|
||||
}
|
||||
|
||||
ReleaseList(to_add);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
// Delete a WireGuard key from the allowed key list
|
||||
UINT StDeleteWgk(ADMIN *a, RPC_WGK *t)
|
||||
{
|
||||
UINT ret = ERR_NO_ERROR;
|
||||
SERVER *s = a->Server;
|
||||
CEDAR *c = s->Cedar;
|
||||
LIST *to_delete;
|
||||
|
||||
SERVER_ADMIN_ONLY;
|
||||
|
||||
to_delete = NewListFast(NULL);
|
||||
|
||||
LockList(c->WgkList);
|
||||
{
|
||||
UINT i;
|
||||
for (i = 0; i < t->Num; ++i)
|
||||
{
|
||||
WGK *wgk = Search(c->WgkList, &t->Wgks[i]);
|
||||
if (wgk == NULL)
|
||||
{
|
||||
ret = ERR_OBJECT_NOT_FOUND;
|
||||
break;
|
||||
}
|
||||
|
||||
Add(to_delete, wgk);
|
||||
}
|
||||
|
||||
if (ret == ERR_NO_ERROR)
|
||||
{
|
||||
for (i = 0; i < LIST_NUM(to_delete); ++i)
|
||||
{
|
||||
WGK *wgk = LIST_DATA(to_delete, i);
|
||||
Delete(c->WgkList, wgk);
|
||||
Free(wgk);
|
||||
}
|
||||
}
|
||||
}
|
||||
UnlockList(c->WgkList);
|
||||
|
||||
if (ret == ERR_NO_ERROR)
|
||||
{
|
||||
ALog(a, NULL, "LA_DELETE_WGK", LIST_NUM(to_delete));
|
||||
IncrementServerConfigRevision(a->Server);
|
||||
}
|
||||
|
||||
ReleaseList(to_delete);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
// List the allowed WireGuard keys
|
||||
UINT StEnumWgk(ADMIN *a, RPC_WGK *t)
|
||||
{
|
||||
SERVER *s = a->Server;
|
||||
CEDAR *c = s->Cedar;
|
||||
|
||||
SERVER_ADMIN_ONLY;
|
||||
|
||||
LockList(c->WgkList);
|
||||
{
|
||||
UINT i;
|
||||
t->Num = LIST_NUM(c->WgkList);
|
||||
t->Wgks = Malloc(sizeof(WGK) * t->Num);
|
||||
|
||||
for (i = 0; i < t->Num; ++i)
|
||||
{
|
||||
WGK *wgk = LIST_DATA(c->WgkList, i);
|
||||
WGK *rpc_wgk = &t->Wgks[i];
|
||||
|
||||
StrCpy(rpc_wgk->Key, sizeof(rpc_wgk->Key), wgk->Key);
|
||||
StrCpy(rpc_wgk->Hub, sizeof(rpc_wgk->Hub), wgk->Hub);
|
||||
StrCpy(rpc_wgk->User, sizeof(rpc_wgk->User), wgk->User);
|
||||
}
|
||||
}
|
||||
UnlockList(c->WgkList);
|
||||
|
||||
return ERR_NO_ERROR;
|
||||
}
|
||||
|
||||
// Get status of connection to cluster controller
|
||||
UINT StGetFarmConnectionStatus(ADMIN *a, RPC_FARM_CONNECTION_STATUS *t)
|
||||
{
|
||||
@ -14465,6 +14609,64 @@ void FreeRpcKeyPair(RPC_KEY_PAIR *t)
|
||||
FreeK(t->Key);
|
||||
}
|
||||
|
||||
// RPC_WGK
|
||||
void InRpcWgk(RPC_WGK *t, PACK *p)
|
||||
{
|
||||
UINT i;
|
||||
// Validate arguments
|
||||
if (t == NULL || p == NULL)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
Zero(t, sizeof(RPC_WGK));
|
||||
|
||||
t->Num = PackGetIndexCount(p, "Key");
|
||||
if (t->Num == 0)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
t->Wgks = ZeroMalloc(sizeof(WGK) * t->Num);
|
||||
|
||||
for (i = 0; i < t->Num; ++i)
|
||||
{
|
||||
WGK *wgk = &t->Wgks[i];
|
||||
|
||||
PackGetStrEx(p, "Key", wgk->Key, sizeof(wgk->Key), i);
|
||||
PackGetStrEx(p, "Hub", wgk->Hub, sizeof(wgk->Hub), i);
|
||||
PackGetStrEx(p, "User", wgk->User, sizeof(wgk->User), i);
|
||||
}
|
||||
}
|
||||
void OutRpcWgk(PACK *p, RPC_WGK *t)
|
||||
{
|
||||
UINT i;
|
||||
// Validate arguments
|
||||
if (t == NULL || p == NULL)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < t->Num; ++i)
|
||||
{
|
||||
WGK *wgk = &t->Wgks[i];
|
||||
|
||||
PackAddStrEx(p, "Key", wgk->Key, i, t->Num);
|
||||
PackAddStrEx(p, "Hub", wgk->Hub, i, t->Num);
|
||||
PackAddStrEx(p, "User", wgk->User, i, t->Num);
|
||||
}
|
||||
}
|
||||
void FreeRpcWgk(RPC_WGK *t)
|
||||
{
|
||||
// Validate arguments
|
||||
if (t == NULL)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
Free(t->Wgks);
|
||||
}
|
||||
|
||||
// NODE_INFO
|
||||
void InRpcNodeInfo(NODE_INFO *t, PACK *p)
|
||||
{
|
||||
|
@ -226,6 +226,13 @@ struct RPC_KEY_PAIR
|
||||
UINT Flag1; // Flag1
|
||||
};
|
||||
|
||||
// WireGuard keys
|
||||
struct RPC_WGK
|
||||
{
|
||||
UINT Num; // Number of keys
|
||||
WGK *Wgks; // Keys
|
||||
};
|
||||
|
||||
// HUB option
|
||||
struct RPC_HUB_OPTION
|
||||
{
|
||||
@ -989,6 +996,9 @@ UINT StGetServerCert(ADMIN *a, RPC_KEY_PAIR *t);
|
||||
UINT StGetServerCipherList(ADMIN *a, RPC_STR *t);
|
||||
UINT StGetServerCipher(ADMIN *a, RPC_STR *t);
|
||||
UINT StSetServerCipher(ADMIN *a, RPC_STR *t);
|
||||
UINT StAddWgk(ADMIN *a, RPC_WGK *t);
|
||||
UINT StDeleteWgk(ADMIN *a, RPC_WGK *t);
|
||||
UINT StEnumWgk(ADMIN *a, RPC_WGK *t);
|
||||
UINT StCreateHub(ADMIN *a, RPC_CREATE_HUB *t);
|
||||
UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t);
|
||||
UINT StGetHub(ADMIN *a, RPC_CREATE_HUB *t);
|
||||
@ -1137,6 +1147,9 @@ UINT ScGetServerCert(RPC *r, RPC_KEY_PAIR *t);
|
||||
UINT ScGetServerCipherList(RPC *r, RPC_STR *t);
|
||||
UINT ScGetServerCipher(RPC *r, RPC_STR *t);
|
||||
UINT ScSetServerCipher(RPC *r, RPC_STR *t);
|
||||
UINT ScAddWgk(RPC *r, RPC_WGK *t);
|
||||
UINT ScDeleteWgk(RPC *r, RPC_WGK *t);
|
||||
UINT ScEnumWgk(RPC *r, RPC_WGK *t);
|
||||
UINT ScCreateHub(RPC *r, RPC_CREATE_HUB *t);
|
||||
UINT ScSetHub(RPC *r, RPC_CREATE_HUB *t);
|
||||
UINT ScGetHub(RPC *r, RPC_CREATE_HUB *t);
|
||||
@ -1394,6 +1407,9 @@ void OutRpcMemInfo(PACK *p, MEMINFO *t);
|
||||
void InRpcKeyPair(RPC_KEY_PAIR *t, PACK *p);
|
||||
void OutRpcKeyPair(PACK *p, RPC_KEY_PAIR *t);
|
||||
void FreeRpcKeyPair(RPC_KEY_PAIR *t);
|
||||
void InRpcWgk(RPC_WGK *t, PACK *p);
|
||||
void OutRpcWgk(PACK *p, RPC_WGK *t);
|
||||
void FreeRpcWgk(RPC_WGK *t);
|
||||
void InRpcAddAccess(RPC_ADD_ACCESS *t, PACK *p);
|
||||
void OutRpcAddAccess(PACK *p, RPC_ADD_ACCESS *t);
|
||||
void InRpcDeleteAccess(RPC_DELETE_ACCESS *t, PACK *p);
|
||||
|
@ -300,6 +300,7 @@ typedef struct RPC_ENUM_FARM_ITEM RPC_ENUM_FARM_ITEM;
|
||||
typedef struct RPC_ENUM_FARM RPC_ENUM_FARM;
|
||||
typedef struct RPC_FARM_CONNECTION_STATUS RPC_FARM_CONNECTION_STATUS;
|
||||
typedef struct RPC_KEY_PAIR RPC_KEY_PAIR;
|
||||
typedef struct RPC_WGK RPC_WGK;
|
||||
typedef struct RPC_HUB_OPTION RPC_HUB_OPTION;
|
||||
typedef struct RPC_RADIUS RPC_RADIUS;
|
||||
typedef struct RPC_HUB RPC_HUB;
|
||||
|
@ -2028,6 +2028,8 @@ LA_SET_FARM_SETTING 群集设置变更完成。
|
||||
LA_SET_SERVER_CERT 服务端证书设定完成。
|
||||
LA_REGENERATE_SERVER_CERT 服务器证书再次生成。新 CN:"%S"
|
||||
LA_SET_SERVER_CIPHER 服务端的新加密算法名设定完成。新加密算法为 "%S"。
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB 已创建新虚拟 HUB "%S"。
|
||||
LA_SET_HUB 已变更虚拟 HUB 设置。
|
||||
LA_DELETE_HUB 已删除虚拟 HUB "%S"。
|
||||
|
@ -2011,6 +2011,8 @@ LA_SET_FARM_SETTING The clustering setting has been changed.
|
||||
LA_SET_SERVER_CERT The server certificates have been set.
|
||||
LA_REGENERATE_SERVER_CERT The server certificate has been re-generated. The new CN: "%S"
|
||||
LA_SET_SERVER_CIPHER A new encryption algorithm name for the server has been set. The new encryption algorithm name is "%S".
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB A new Virtual Hub "%S" has been created.
|
||||
LA_SET_HUB The Virtual Hub setting has been changed.
|
||||
LA_DELETE_HUB The Virtual Hub "%S" has been deleted.
|
||||
|
@ -2015,6 +2015,8 @@ LA_SET_FARM_SETTING クラスタリング設定を変更しました。
|
||||
LA_SET_SERVER_CERT サーバー証明書を設定しました。
|
||||
LA_REGENERATE_SERVER_CERT サーバー証明書を再生成しました。新しい CN: "%S"
|
||||
LA_SET_SERVER_CIPHER サーバーの新しい暗号化アルゴリズム名を設定しました。新しい暗号化アルゴリズム名は "%S" です。
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB 新しい仮想 HUB "%S" を作成しました。
|
||||
LA_SET_HUB 仮想 HUB の設定を変更しました。
|
||||
LA_DELETE_HUB 仮想 HUB "%S" を削除しました。
|
||||
|
@ -1993,6 +1993,8 @@ LA_SET_FARM_SETTING 클러스터링 설정을 변경했습니다.
|
||||
LA_SET_SERVER_CERT 서버 인증서를 설정했습니다.
|
||||
LA_REGENERATE_SERVER_CERT 서버 인증서를 다시 생성했습니다. 새로운 CN:"%S"
|
||||
LA_SET_SERVER_CIPHER 서버의 새로운 암호화 알고리즘 명을 설정했습니다. 새로운 암호화 알고리즘 명은 "%S"입니다.
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB 새로운 가상 HUB "%S"를 만들었습니다.
|
||||
LA_SET_HUB 가상 HUB의 설정을 변경했습니다.
|
||||
LA_DELETE_HUB 가상 HUB "%S"를 삭제했습니다.
|
||||
|
@ -2011,6 +2011,8 @@ LA_SET_FARM_SETTING The clustering setting has been changed.
|
||||
LA_SET_SERVER_CERT The server certificates have been set.
|
||||
LA_REGENERATE_SERVER_CERT The server certificate has been re-generated. The new CN: "%S"
|
||||
LA_SET_SERVER_CIPHER A new encryption algorithm name for the server has been set. The new encryption algorithm name is "%S".
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB A new Virtual Hub "%S" has been created.
|
||||
LA_SET_HUB The Virtual Hub setting has been changed.
|
||||
LA_DELETE_HUB The Virtual Hub "%S" has been deleted.
|
||||
|
@ -2011,6 +2011,8 @@ LA_SET_FARM_SETTING The clustering setting has been changed.
|
||||
LA_SET_SERVER_CERT The server certificates have been set.
|
||||
LA_REGENERATE_SERVER_CERT The server certificate has been re-generated. The new CN: "%S"
|
||||
LA_SET_SERVER_CIPHER A new encryption algorithm name for the server has been set. The new encryption algorithm name is "%S".
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB A new Virtual Hub "%S" has been created.
|
||||
LA_SET_HUB The Virtual Hub setting has been changed.
|
||||
LA_DELETE_HUB The Virtual Hub "%S" has been deleted.
|
||||
|
@ -2031,6 +2031,8 @@ LA_SET_FARM_SETTING 群集設置變更完成。
|
||||
LA_SET_SERVER_CERT 服務端證書設定完成。
|
||||
LA_REGENERATE_SERVER_CERT 伺服器憑證再次生成。新 CN:"%S"
|
||||
LA_SET_SERVER_CIPHER 服務端的新加密演算法名設定完成。新加密演算法為 "%S"。
|
||||
LA_ADD_WGK Added %u WireGuard key(s).
|
||||
LA_DELETE_WGK Deleted %u WireGuard key(s).
|
||||
LA_CREATE_HUB 已創建新虛擬 HUB "%S"。
|
||||
LA_SET_HUB 已變更虛擬 HUB 設置。
|
||||
LA_DELETE_HUB 已刪除虛擬 HUB "%S"。
|
||||
|
Loading…
Reference in New Issue
Block a user