dab0a9d87a
Close #1853 Squashed commit of the following: commit 3730cafabe8fa1dbf2bf75915079d2effe4ff9a3 Merge: 533ae3c26b134469
Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 19:21:08 2020 +0300 Merge remote-tracking branch 'origin/master' into 1853-glinet commit 533ae3c2678cd6cfd26bf9560bee4eb5a015a615 Merge: 3521992b21dfb5ff
Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 19:14:45 2020 +0300 Merge remote-tracking branch 'origin/master' into 1853-glinet commit 3521992b4609fa3400942c89f7a7546dade459bc Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 18:04:53 2020 +0300 logs commit 3e0258782b1a14c08156fe65940ae7b661a42b54 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 17:11:47 2020 +0300 fix commit bb814db9df1c770d0ea02eafd12bedd122bef894 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 16:58:37 2020 +0300 minor commit b161bbc5749ce76b16600e0153120935ad20077e Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jul 3 16:53:22 2020 +0300 move code commit c506e81265bdee140c0f61255f927c13738efc1a Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Jul 2 10:50:56 2020 +0300 test commit c09f201cbd88498a2328be332197e4d96e5fb115 Author: Simon Zolin <s.zolin@adguard.com> Date: Thu Jul 2 10:42:23 2020 +0300 + "--glinet" command-line argument: Run in GL-Inet compatibility mode
103 lines
2.0 KiB
Go
103 lines
2.0 KiB
Go
package home
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/binary"
|
|
"io/ioutil"
|
|
"net"
|
|
"net/http"
|
|
"os"
|
|
"time"
|
|
"unsafe"
|
|
|
|
"github.com/AdguardTeam/golibs/log"
|
|
)
|
|
|
|
// GLMode - enable GL-Inet compatibility mode
|
|
var GLMode bool
|
|
|
|
var glFilePrefix = "/tmp/gl_token_"
|
|
|
|
const glTokenTimeoutSeconds = 3600
|
|
const glCookieName = "Admin-Token"
|
|
|
|
func glProcessRedirect(w http.ResponseWriter, r *http.Request) bool {
|
|
if !GLMode {
|
|
return false
|
|
}
|
|
// redirect to gl-inet login
|
|
host, _, _ := net.SplitHostPort(r.Host)
|
|
url := "http://" + host
|
|
log.Debug("Auth: redirecting to %s", url)
|
|
http.Redirect(w, r, url, http.StatusFound)
|
|
return true
|
|
}
|
|
|
|
func glProcessCookie(r *http.Request) bool {
|
|
if !GLMode {
|
|
return false
|
|
}
|
|
|
|
glCookie, glerr := r.Cookie(glCookieName)
|
|
if glerr != nil {
|
|
return false
|
|
}
|
|
|
|
log.Debug("Auth: GL cookie value: %s", glCookie.Value)
|
|
if glCheckToken(glCookie.Value) {
|
|
return true
|
|
}
|
|
log.Info("Auth: invalid GL cookie value: %s", glCookie)
|
|
return false
|
|
}
|
|
|
|
func glCheckToken(sess string) bool {
|
|
tokenName := glFilePrefix + sess
|
|
_, err := os.Stat(tokenName)
|
|
if err != nil {
|
|
log.Error("os.Stat: %s", err)
|
|
return false
|
|
}
|
|
tokenDate := glGetTokenDate(tokenName)
|
|
now := uint32(time.Now().UTC().Unix())
|
|
return now <= (tokenDate + glTokenTimeoutSeconds)
|
|
}
|
|
|
|
func archIsLittleEndian() bool {
|
|
var i int32 = 0x01020304
|
|
u := unsafe.Pointer(&i)
|
|
pb := (*byte)(u)
|
|
b := *pb
|
|
return (b == 0x04)
|
|
}
|
|
|
|
func glGetTokenDate(file string) uint32 {
|
|
f, err := os.Open(file)
|
|
if err != nil {
|
|
log.Error("os.Open: %s", err)
|
|
return 0
|
|
}
|
|
var dateToken uint32
|
|
bs, err := ioutil.ReadAll(f)
|
|
if err != nil {
|
|
log.Error("ioutil.ReadAll: %s", err)
|
|
return 0
|
|
}
|
|
buf := bytes.NewBuffer(bs)
|
|
|
|
if archIsLittleEndian() {
|
|
err := binary.Read(buf, binary.LittleEndian, &dateToken)
|
|
if err != nil {
|
|
log.Error("binary.Read: %s", err)
|
|
return 0
|
|
}
|
|
} else {
|
|
err := binary.Read(buf, binary.BigEndian, &dateToken)
|
|
if err != nil {
|
|
log.Error("binary.Read: %s", err)
|
|
return 0
|
|
}
|
|
}
|
|
return dateToken
|
|
}
|