From 07ca60371f6e4e31287edfbe227f58df9a68952c Mon Sep 17 00:00:00 2001 From: this-username-has-been-taken <119663930+this-username-has-been-taken@users.noreply.github.com> Date: Wed, 23 Oct 2024 13:15:33 +0300 Subject: [PATCH] luci-proto-wireguard: fixed bug with incorrect peer name detection Fixed bug with incorrect peer name detection on `Status -> WireGuard` page when more than one peer with the same public key exist: 1. Peers are now tested not only by public key, but also by enabled/disabled status, peer host (both IP and FQDN are supported) and port. 2. Added required `resolveip` dependency. Closes #7342 Signed-off-by: @this-username-has-been-taken Signed-off-by: Paul Donald (cherry picked from commit 7acea818735a9c5e8577d6b57f359996956f15e4) luci-proto-wireguard: follow-up fix for status overview follow-up to 7acea818735a9c5e8577d6b57f359996956f15e4 Closes #7347 Signed-off-by: Paul Donald (cherry picked from commit 760ac165fa76952161e82bd825d9c757a10e0436) --- protocols/luci-proto-wireguard/Makefile | 2 +- .../root/usr/share/rpcd/ucode/luci.wireguard | 15 ++++++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/protocols/luci-proto-wireguard/Makefile b/protocols/luci-proto-wireguard/Makefile index 10a68a0af6..af295d14f6 100644 --- a/protocols/luci-proto-wireguard/Makefile +++ b/protocols/luci-proto-wireguard/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Support for WireGuard VPN -LUCI_DEPENDS:=+wireguard-tools +ucode +luci-lib-uqr +LUCI_DEPENDS:=+wireguard-tools +ucode +luci-lib-uqr +resolveip LUCI_PKGARCH:=all PKG_PROVIDES:=luci-app-wireguard diff --git a/protocols/luci-proto-wireguard/root/usr/share/rpcd/ucode/luci.wireguard b/protocols/luci-proto-wireguard/root/usr/share/rpcd/ucode/luci.wireguard index add810c8ae..c177da4773 100644 --- a/protocols/luci-proto-wireguard/root/usr/share/rpcd/ucode/luci.wireguard +++ b/protocols/luci-proto-wireguard/root/usr/share/rpcd/ucode/luci.wireguard @@ -15,6 +15,19 @@ function command(cmd) { return trim(popen(cmd)?.read?.('all')); } +function checkPeerHost(configHost, configPort, wgHost) { + const ips = popen(`resolveip ${configHost} 2>/dev/null`); + if (ips) { + for (let line = ips.read('line'); length(line); line = ips.read('line')) { + const ip = rtrim(line, '\n'); + if (ip + ":" + configPort == wgHost) { + return true; + } + } + } + return false; +} + const methods = { generatePsk: { @@ -76,7 +89,7 @@ const methods = { let peer_name; uci.foreach('network', `wireguard_${last_device}`, (s) => { - if (s.public_key == record[1]) + if (!s.disabled && s.public_key == record[1] && (!s.endpoint_host || checkPeerHost(s.endpoint_host, s.endpoint_port, record[3]))) peer_name = s.description; }); -- 2.30.2