From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 6 Dec 2024 19:06:19 +0000 (+0100)
Subject: wireguard.cgi: Merge both functions to generate a peer configuration
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9b57b59a411fe3e82c173becad8f0edc538aafe6;p=people%2Fstevee%2Fipfire-2.x.git

wireguard.cgi: Merge both functions to generate a peer configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/cfgroot/wireguard-functions.pl b/config/cfgroot/wireguard-functions.pl
index 553169af9..ced6fd2a8 100644
--- a/config/cfgroot/wireguard-functions.pl
+++ b/config/cfgroot/wireguard-functions.pl
@@ -350,10 +350,12 @@ sub free_pool_addresses($$) {
 	return @free_addresses;
 }
 
-sub generate_net_configuration($$) {
+sub generate_peer_configuration($$) {
 	my $key = shift;
 	my $private_key = shift;
 
+	my @conf = ();
+
 	# Load the peer
 	my %peer = &load_peer($key);
 
@@ -379,83 +381,54 @@ sub generate_net_configuration($$) {
 	# Fetch the endpoint
 	my $endpoint = &get_endpoint();
 
-	# Derive our own public key
-	my $public_key = &derive_public_key($peer{'PRIVATE_KEY'});
-
-	my @conf = (
-		"[Interface]",
-		"PrivateKey = $private_key",
-		"Port = $peer{'ENDPOINT_PORT'}",
-		"",
-		"[Peer]",
-		"Endpoint = ${endpoint}:$peer{'PORT'}",
-		"PublicKey = $public_key",
-		"PresharedKey = $peer{'PSK'}",
-		"AllowedIPs = " . join(", ", @allowed_ips),
-		"PersistentKeepalive = $peer{'KEEPALIVE'}",
-	);
-
-	return join("\n", @conf);
-}
-
-sub generate_host_configuration($) {
-	my $key = shift;
-	my $private_key = shift;
-
-	# Load the peer
-	my %peer = &load_peer($key);
-
-	# Return if we could not find the peer
-	return undef unless (%peer);
-
-	# Return if this is not a roadwarrior peer
-	return undef unless ($peer{'TYPE'} eq 'host');
-
-	my @allowed_ips = ();
-
-	# Convert all subnets into CIDR notation
-	foreach my $subnet ($peer{'LOCAL_SUBNETS'}) {
-		my $netaddress = &Network::get_netaddress($subnet);
-		my $prefix     = &Network::get_prefix($subnet);
-
-		# Skip invalid subnets
-		next if (!defined $netaddress || !defined $prefix);
-
-		push(@allowed_ips, "${netaddress}/${prefix}");
-	}
-
-	# Fetch the endpoint
-	my $endpoint = &get_endpoint();
-
-	my $port = $settings{'PORT'};
-
-	# Fetch any DNS servers for hosts
-	my @dns = split(/\|/, $settings{'CLIENT_DNS'});
-
-	my @conf = (
-		"[Interface]",
-		"PrivateKey = $private_key",
-		"Address = $peer{'CLIENT_ADDRESS'}",
-	);
+	# Net-2-Net
+	if ($peer{'TYPE'} eq "net") {
+		# Derive our own public key
+		my $public_key = &derive_public_key($peer{'PRIVATE_KEY'});
+
+		push(@conf,
+			"[Interface]",
+			"PrivateKey = $private_key",
+			"Port = $peer{'ENDPOINT_PORT'}",
+			"",
+			"[Peer]",
+			"Endpoint = ${endpoint}:$peer{'PORT'}",
+			"PublicKey = $public_key",
+			"PresharedKey = $peer{'PSK'}",
+			"AllowedIPs = " . join(", ", @allowed_ips),
+			"PersistentKeepalive = $peer{'KEEPALIVE'}",
+		);
+
+	# Host-2-Net
+	} elsif ($peer{'TYPE'} eq "host") {
+		# Fetch any DNS servers for hosts
+		my @dns = split(/\|/, $settings{'CLIENT_DNS'});
+
+		push(@conf,
+			"[Interface]",
+			"PrivateKey = $private_key",
+			"Address = $peer{'CLIENT_ADDRESS'}",
+		);
+
+		# Optionally add DNS servers
+		if (scalar @dns) {
+			push(@conf, "DNS = " . join(", ", @dns));
+		}
 
-	# Optionally add DNS servers
-	if (scalar @dns) {
-		push(@conf, "DNS = " . join(", ", @dns));
+		# Finish the [Interface] section
+		push(@conf, "");
+
+		# Add peer configuration
+		push(@conf, (
+			"[Peer]",
+			"Endpoint = ${endpoint}:$settings{'PORT'}",
+			"PublicKey = $settings{'PUBLIC_KEY'}",
+			"PresharedKey = $peer{'PSK'}",
+			"AllowedIPs = " . join(", ", @allowed_ips),
+			"PersistentKeepalive = $DEFAULT_KEEPALIVE",
+		));
 	}
 
-	# Finish the [Interface] section
-	push(@conf, "");
-
-	# Add peer configuration
-	push(@conf, (
-		"[Peer]",
-		"Endpoint = ${endpoint}:${port}",
-		"PublicKey = $settings{'PUBLIC_KEY'}",
-		"PresharedKey = $peer{'PSK'}",
-		"AllowedIPs = " . join(", ", @allowed_ips),
-		"PersistentKeepalive = $DEFAULT_KEEPALIVE",
-	));
-
 	return join("\n", @conf);
 }
 
diff --git a/html/cgi-bin/wireguard.cgi b/html/cgi-bin/wireguard.cgi
index cbde99b0a..f34fdef8b 100644
--- a/html/cgi-bin/wireguard.cgi
+++ b/html/cgi-bin/wireguard.cgi
@@ -288,7 +288,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) {
 	&Header::openpage($Lang::tr{'wireguard'}, 1, '');
 
 	# Generate the client configuration
-	my $config = &Wireguard::generate_net_configuration($key, $remote_private_key);
+	my $config = &Wireguard::generate_peer_configuration($key, $remote_private_key);
 
 	# Encode the configuration as Base64
 	$config = &MIME::Base64::encode_base64($config);
@@ -626,7 +626,7 @@ END
 	my $filename = &Header::normalize($peer{'NAME'}) . ".conf";
 
 	# Generate the client configuration
-	my $config = &Wireguard::generate_host_configuration($key);
+	my $config = &Wireguard::generate_peer_configuration($key);
 
 	# Send the configuration
 	if (defined $config) {
@@ -1377,7 +1377,7 @@ sub show_peer_configuration($$) {
 	my %peer = &Wireguard::load_peer($key);
 
 	# Generate the client configuration
-	my $config = &Wireguard::generate_host_configuration($key, $private_key);
+	my $config = &Wireguard::generate_peer_configuration($key, $private_key);
 
 	# Create a QR code generator
 	my $qrgen = Imager::QRCode->new(