2018-08-30 14:25:33 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"errors"
|
2019-01-29 17:41:57 +00:00
|
|
|
"fmt"
|
2018-08-30 14:25:33 +00:00
|
|
|
"io"
|
2018-10-29 23:17:24 +00:00
|
|
|
"io/ioutil"
|
2019-01-29 17:41:57 +00:00
|
|
|
"net"
|
2018-08-30 14:25:33 +00:00
|
|
|
"net/http"
|
2018-09-26 14:47:23 +00:00
|
|
|
"os"
|
2018-09-14 13:50:56 +00:00
|
|
|
"path"
|
2018-10-29 23:17:24 +00:00
|
|
|
"path/filepath"
|
2018-09-14 13:50:56 +00:00
|
|
|
"runtime"
|
2018-08-30 14:25:33 +00:00
|
|
|
"strings"
|
2019-01-29 17:41:57 +00:00
|
|
|
|
|
|
|
"github.com/hmage/golibs/log"
|
2018-08-30 14:25:33 +00:00
|
|
|
)
|
|
|
|
|
2018-10-29 23:17:24 +00:00
|
|
|
// ----------------------------------
|
|
|
|
// helper functions for working with files
|
|
|
|
// ----------------------------------
|
|
|
|
|
|
|
|
// Writes data first to a temporary file and then renames it to what's specified in path
|
2018-11-27 17:39:59 +00:00
|
|
|
func safeWriteFile(path string, data []byte) error {
|
2018-10-29 23:17:24 +00:00
|
|
|
dir := filepath.Dir(path)
|
|
|
|
err := os.MkdirAll(dir, 0755)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
tmpPath := path + ".tmp"
|
|
|
|
err = ioutil.WriteFile(tmpPath, data, 0644)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
2018-08-30 14:25:33 +00:00
|
|
|
}
|
2018-11-28 10:37:42 +00:00
|
|
|
return os.Rename(tmpPath, path)
|
2018-08-30 14:25:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ----------------------------------
|
|
|
|
// helper functions for HTTP handlers
|
|
|
|
// ----------------------------------
|
|
|
|
func ensure(method string, handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if r.Method != method {
|
2019-01-25 13:01:27 +00:00
|
|
|
http.Error(w, "This request must be "+method, http.StatusMethodNotAllowed)
|
2018-08-30 14:25:33 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
handler(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensurePOST(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return ensure("POST", handler)
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensureGET(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return ensure("GET", handler)
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensurePUT(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return ensure("PUT", handler)
|
|
|
|
}
|
|
|
|
|
|
|
|
func ensureDELETE(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return ensure("DELETE", handler)
|
|
|
|
}
|
|
|
|
|
2018-09-18 17:59:41 +00:00
|
|
|
func optionalAuth(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if config.AuthName == "" || config.AuthPass == "" {
|
|
|
|
handler(w, r)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
user, pass, ok := r.BasicAuth()
|
|
|
|
if !ok || user != config.AuthName || pass != config.AuthPass {
|
|
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="dnsfilter"`)
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
w.Write([]byte("Unauthorised.\n"))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
handler(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type authHandler struct {
|
|
|
|
handler http.Handler
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
2019-01-29 17:41:57 +00:00
|
|
|
optionalAuth(a.handler.ServeHTTP)(w, r)
|
2018-09-18 17:59:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func optionalAuthHandler(handler http.Handler) http.Handler {
|
|
|
|
return &authHandler{handler}
|
|
|
|
}
|
|
|
|
|
2019-01-29 17:41:57 +00:00
|
|
|
// -------------------
|
|
|
|
// first run / install
|
|
|
|
// -------------------
|
|
|
|
func detectFirstRun() bool {
|
|
|
|
configfile := config.ourConfigFilename
|
|
|
|
if !filepath.IsAbs(configfile) {
|
|
|
|
configfile = filepath.Join(config.ourBinaryDir, config.ourConfigFilename)
|
|
|
|
}
|
|
|
|
_, err := os.Stat(configfile)
|
|
|
|
if !os.IsNotExist(err) {
|
|
|
|
// do nothing, file exists
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// preInstall lets the handler run only if firstRun is true, no redirects
|
|
|
|
func preInstall(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if !config.firstRun {
|
|
|
|
// if it's not first run, don't let users access it (for example /install.html when configuration is done)
|
|
|
|
http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
handler(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// preInstallStruct wraps preInstall into a struct that can be returned as an interface where neccessary
|
|
|
|
type preInstallHandlerStruct struct {
|
|
|
|
handler http.Handler
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *preInstallHandlerStruct) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
preInstall(p.handler.ServeHTTP)(w, r)
|
|
|
|
}
|
|
|
|
|
|
|
|
// preInstallHandler returns http.Handler interface for preInstall wrapper
|
|
|
|
func preInstallHandler(handler http.Handler) http.Handler {
|
|
|
|
return &preInstallHandlerStruct{handler}
|
|
|
|
}
|
|
|
|
|
|
|
|
// postInstall lets the handler run only if firstRun is false, and redirects to /install.html otherwise
|
|
|
|
func postInstall(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if config.firstRun && !strings.HasPrefix(r.URL.Path, "/install.") {
|
|
|
|
http.Redirect(w, r, "/install.html", http.StatusSeeOther) // should not be cacheable
|
|
|
|
return
|
|
|
|
}
|
|
|
|
handler(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type postInstallHandlerStruct struct {
|
|
|
|
handler http.Handler
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *postInstallHandlerStruct) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
postInstall(p.handler.ServeHTTP)(w, r)
|
|
|
|
}
|
|
|
|
|
|
|
|
func postInstallHandler(handler http.Handler) http.Handler {
|
|
|
|
return &postInstallHandlerStruct{handler}
|
|
|
|
}
|
|
|
|
|
2018-08-30 14:25:33 +00:00
|
|
|
// -------------------------------------------------
|
|
|
|
// helper functions for parsing parameters from body
|
|
|
|
// -------------------------------------------------
|
|
|
|
func parseParametersFromBody(r io.Reader) (map[string]string, error) {
|
|
|
|
parameters := map[string]string{}
|
|
|
|
|
|
|
|
scanner := bufio.NewScanner(r)
|
|
|
|
for scanner.Scan() {
|
|
|
|
line := scanner.Text()
|
|
|
|
if len(line) == 0 {
|
|
|
|
// skip empty lines
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
parts := strings.SplitN(line, "=", 2)
|
|
|
|
if len(parts) != 2 {
|
|
|
|
return parameters, errors.New("Got invalid request body")
|
|
|
|
}
|
|
|
|
parameters[strings.TrimSpace(parts[0])] = strings.TrimSpace(parts[1])
|
|
|
|
}
|
|
|
|
|
|
|
|
return parameters, nil
|
|
|
|
}
|
2018-09-14 13:50:56 +00:00
|
|
|
|
2019-01-29 17:41:57 +00:00
|
|
|
// ------------------
|
|
|
|
// network interfaces
|
|
|
|
// ------------------
|
|
|
|
type netInterface struct {
|
|
|
|
Name string `json:"name"`
|
|
|
|
MTU int `json:"mtu"`
|
|
|
|
HardwareAddr string `json:"hardware_address"`
|
|
|
|
Addresses []string `json:"ip_addresses"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// getValidNetInterfaces() returns interfaces that are eligible for DNS and/or DHCP
|
|
|
|
// invalid interface is either a loopback, ppp interface, or the one that doesn't allow broadcasts
|
|
|
|
func getValidNetInterfaces() ([]netInterface, error) {
|
|
|
|
ifaces, err := net.Interfaces()
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("Couldn't get list of interfaces: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
netIfaces := []netInterface{}
|
|
|
|
|
|
|
|
for i := range ifaces {
|
|
|
|
if ifaces[i].Flags&net.FlagLoopback != 0 {
|
|
|
|
// it's a loopback, skip it
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if ifaces[i].Flags&net.FlagBroadcast == 0 {
|
|
|
|
// this interface doesn't support broadcast, skip it
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if ifaces[i].Flags&net.FlagPointToPoint != 0 {
|
|
|
|
// this interface is ppp, don't do dhcp over it
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
iface := netInterface{
|
|
|
|
Name: ifaces[i].Name,
|
|
|
|
MTU: ifaces[i].MTU,
|
|
|
|
HardwareAddr: ifaces[i].HardwareAddr.String(),
|
|
|
|
}
|
|
|
|
|
|
|
|
addrs, err := ifaces[i].Addrs()
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("Failed to get addresses for interface %v: %s", ifaces[i].Name, err)
|
|
|
|
}
|
|
|
|
for _, addr := range addrs {
|
|
|
|
iface.Addresses = append(iface.Addresses, addr.String())
|
|
|
|
}
|
|
|
|
if len(iface.Addresses) == 0 {
|
|
|
|
// this interface has no addresses, skip it
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
netIfaces = append(netIfaces, iface)
|
|
|
|
}
|
|
|
|
|
|
|
|
return netIfaces, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func findIPv4IfaceAddr(ifaces []netInterface) string {
|
|
|
|
for _, iface := range ifaces {
|
|
|
|
for _, addr := range iface.Addresses {
|
|
|
|
ip, _, err := net.ParseCIDR(addr)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf("SHOULD NOT HAPPEN: got iface.Addresses element that's not a parseable CIDR: %s", addr)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if ip.To4() == nil {
|
|
|
|
log.Tracef("Ignoring IP that isn't IPv4: %s", ip)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
return ip.To4().String()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
2018-09-14 13:50:56 +00:00
|
|
|
// ---------------------
|
|
|
|
// debug logging helpers
|
|
|
|
// ---------------------
|
2018-11-28 10:21:39 +00:00
|
|
|
func _Func() string {
|
|
|
|
pc := make([]uintptr, 10) // at least 1 entry needed
|
|
|
|
runtime.Callers(2, pc)
|
|
|
|
f := runtime.FuncForPC(pc[0])
|
|
|
|
return path.Base(f.Name())
|
|
|
|
}
|