wireguard.cgi: Merge both functions to generate a peer configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/cfgroot/wireguard-functions.pl b/config/cfgroot/wireguard-functions.pl
index 553169af9067f7c72d4605551f48f7185ec45991..ced6fd2a85051bf282e9b562ad56fe7a960edb38 100644 (file)
--- a/config/cfgroot/wireguard-functions.pl
+++ b/config/cfgroot/wireguard-functions.pl
@@ -350,10 +350,12 @@ sub free_pool_addresses($$) {
        return @free_addresses;
 }
 
-sub generate_net_configuration($$) {
+sub generate_peer_configuration($$) {
        my $key = shift;
        my $private_key = shift;
 
+       my @conf = ();
+
        # Load the peer
        my %peer = &load_peer($key);
 
@@ -379,83 +381,54 @@ sub generate_net_configuration($$) {
        # Fetch the endpoint
        my $endpoint = &get_endpoint();
 
-       # Derive our own public key
-       my $public_key = &derive_public_key($peer{'PRIVATE_KEY'});
-
-       my @conf = (
-               "[Interface]",
-               "PrivateKey = $private_key",
-               "Port = $peer{'ENDPOINT_PORT'}",
-               "",
-               "[Peer]",
-               "Endpoint = ${endpoint}:$peer{'PORT'}",
-               "PublicKey = $public_key",
-               "PresharedKey = $peer{'PSK'}",
-               "AllowedIPs = " . join(", ", @allowed_ips),
-               "PersistentKeepalive = $peer{'KEEPALIVE'}",
-       );
-
-       return join("\n", @conf);
-}
-
-sub generate_host_configuration($) {
-       my $key = shift;
-       my $private_key = shift;
-
-       # Load the peer
-       my %peer = &load_peer($key);
-
-       # Return if we could not find the peer
-       return undef unless (%peer);
-
-       # Return if this is not a roadwarrior peer
-       return undef unless ($peer{'TYPE'} eq 'host');
-
-       my @allowed_ips = ();
-
-       # Convert all subnets into CIDR notation
-       foreach my $subnet ($peer{'LOCAL_SUBNETS'}) {
-               my $netaddress = &Network::get_netaddress($subnet);
-               my $prefix     = &Network::get_prefix($subnet);
-
-               # Skip invalid subnets
-               next if (!defined $netaddress || !defined $prefix);
-
-               push(@allowed_ips, "${netaddress}/${prefix}");
-       }
-
-       # Fetch the endpoint
-       my $endpoint = &get_endpoint();
-
-       my $port = $settings{'PORT'};
-
-       # Fetch any DNS servers for hosts
-       my @dns = split(/\|/, $settings{'CLIENT_DNS'});
-
-       my @conf = (
-               "[Interface]",
-               "PrivateKey = $private_key",
-               "Address = $peer{'CLIENT_ADDRESS'}",
-       );
+       # Net-2-Net
+       if ($peer{'TYPE'} eq "net") {
+               # Derive our own public key
+               my $public_key = &derive_public_key($peer{'PRIVATE_KEY'});
+
+               push(@conf,
+                       "[Interface]",
+                       "PrivateKey = $private_key",
+                       "Port = $peer{'ENDPOINT_PORT'}",
+                       "",
+                       "[Peer]",
+                       "Endpoint = ${endpoint}:$peer{'PORT'}",
+                       "PublicKey = $public_key",
+                       "PresharedKey = $peer{'PSK'}",
+                       "AllowedIPs = " . join(", ", @allowed_ips),
+                       "PersistentKeepalive = $peer{'KEEPALIVE'}",
+               );
+
+       # Host-2-Net
+       } elsif ($peer{'TYPE'} eq "host") {
+               # Fetch any DNS servers for hosts
+               my @dns = split(/\|/, $settings{'CLIENT_DNS'});
+
+               push(@conf,
+                       "[Interface]",
+                       "PrivateKey = $private_key",
+                       "Address = $peer{'CLIENT_ADDRESS'}",
+               );
+
+               # Optionally add DNS servers
+               if (scalar @dns) {
+                       push(@conf, "DNS = " . join(", ", @dns));
+               }
 
-       # Optionally add DNS servers
-       if (scalar @dns) {
-               push(@conf, "DNS = " . join(", ", @dns));
+               # Finish the [Interface] section
+               push(@conf, "");
+
+               # Add peer configuration
+               push(@conf, (
+                       "[Peer]",
+                       "Endpoint = ${endpoint}:$settings{'PORT'}",
+                       "PublicKey = $settings{'PUBLIC_KEY'}",
+                       "PresharedKey = $peer{'PSK'}",
+                       "AllowedIPs = " . join(", ", @allowed_ips),
+                       "PersistentKeepalive = $DEFAULT_KEEPALIVE",
+               ));
        }
 
-       # Finish the [Interface] section
-       push(@conf, "");
-
-       # Add peer configuration
-       push(@conf, (
-               "[Peer]",
-               "Endpoint = ${endpoint}:${port}",
-               "PublicKey = $settings{'PUBLIC_KEY'}",
-               "PresharedKey = $peer{'PSK'}",
-               "AllowedIPs = " . join(", ", @allowed_ips),
-               "PersistentKeepalive = $DEFAULT_KEEPALIVE",
-       ));
-
        return join("\n", @conf);
 }
 

diff --git a/html/cgi-bin/wireguard.cgi b/html/cgi-bin/wireguard.cgi
index cbde99b0a1ea0a4979d23cf2aba5ffa4f3e2e74b..f34fdef8bd649d25bf36d2dba09d39c3b78eb00c 100644 (file)
--- a/html/cgi-bin/wireguard.cgi
+++ b/html/cgi-bin/wireguard.cgi
@@ -288,7 +288,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) {
        &Header::openpage($Lang::tr{'wireguard'}, 1, '');
 
        # Generate the client configuration
-       my $config = &Wireguard::generate_net_configuration($key, $remote_private_key);
+       my $config = &Wireguard::generate_peer_configuration($key, $remote_private_key);
 
        # Encode the configuration as Base64
        $config = &MIME::Base64::encode_base64($config);
@@ -626,7 +626,7 @@ END
        my $filename = &Header::normalize($peer{'NAME'}) . ".conf";
 
        # Generate the client configuration
-       my $config = &Wireguard::generate_host_configuration($key);
+       my $config = &Wireguard::generate_peer_configuration($key);
 
        # Send the configuration
        if (defined $config) {
@@ -1377,7 +1377,7 @@ sub show_peer_configuration($$) {
        my %peer = &Wireguard::load_peer($key);
 
        # Generate the client configuration
-       my $config = &Wireguard::generate_host_configuration($key, $private_key);
+       my $config = &Wireguard::generate_peer_configuration($key, $private_key);
 
        # Create a QR code generator
        my $qrgen = Imager::QRCode->new(