From 66546a360704717be03ffa12ff80137cccbab90a Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 30 Sep 2024 19:00:40 +0200 Subject: [PATCH] wireguard.cgi: Store the private key for RW peers, too We have so much key material stored that it does not make much sense to drop a bit of it when it makes life so much harder. Signed-off-by: Michael Tremer --- html/cgi-bin/wireguard.cgi | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/html/cgi-bin/wireguard.cgi b/html/cgi-bin/wireguard.cgi index a27245974..d0105b34f 100644 --- a/html/cgi-bin/wireguard.cgi +++ b/html/cgi-bin/wireguard.cgi @@ -298,7 +298,6 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { } elsif ($cgiparams{"ACTION"} eq "SAVE-PEER-HOST") { my @free_addresses = (); my @local_subnets = (); - my $private_key; # Fetch or allocate a new key my $key = $cgiparams{'KEY'} || &General::findhasharraykey(\%Wireguard::peers); @@ -349,10 +348,10 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { # Generate things for a new peer if ($is_new) { # Generate a new private key - $private_key = &Wireguard::generate_private_key(); + $cgiparams{"PRIVATE_KEY"} = &Wireguard::generate_private_key(); # Derive the public key - $cgiparams{"PUBLIC_KEY"} = &Wireguard::derive_public_key($private_key); + $cgiparams{"PUBLIC_KEY"} = &Wireguard::derive_public_key($cgiparams{"PRIVATE_KEY"}); # Generate a new PSK $cgiparams{"PSK"} = &Wireguard::generate_private_key(); @@ -366,6 +365,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { # Fetch some configuration parts } else { $cgiparams{"PUBLIC_KEY"} = $Wireguard::peers{$key}[3]; + $cgiparams{"PRIVATE_KEY"} = $Wireguard::peers{$key}[4]; $cgiparams{'CLIENT_ADDRESS'} = $Wireguard::peers{$key}[8]; $cgiparams{"PSK"} = $Wireguard::peers{$key}[11]; } @@ -381,7 +381,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { # 3 = Public Key $cgiparams{"PUBLIC_KEY"}, # 4 = Private Key - "", + $cgiparams{"PRIVATE_KEY"}, # 5 = Port "", # 6 = Endpoint Address @@ -409,7 +409,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { } # Show the client configuration when creating a new peer - &show_peer_configuration($key, $private_key) if ($is_new); + &show_peer_configuration($key) if ($is_new); } elsif ($cgiparams{"ACTION"} eq $Lang::tr{'add'}) { if ($cgiparams{"TYPE"} eq "net") { @@ -1016,9 +1016,8 @@ END exit(0); -sub show_peer_configuration($$) { +sub show_peer_configuration($) { my $key = shift; - my $private_key = shift; # The generated QR code my $qrcode; @@ -1033,12 +1032,10 @@ sub show_peer_configuration($$) { my %peer = ( "NAME" => $Wireguard::peers{$key}[2], "PUBLIC_KEY" => $Wireguard::peers{$key}[3], + "PRIVATE_KEY" => $Wireguard::peers{$key}[4], "CLIENT_ADDRESS" => $Wireguard::peers{$key}[8], "LOCAL_SUBNETS" => &Wireguard::decode_subnets($Wireguard::peers{$key}[10]), "PSK" => $Wireguard::peers{$key}[11], - - # Other stuff - "PRIVATE_KEY" => $private_key, ); # Generate the client configuration @@ -1090,10 +1087,6 @@ sub show_peer_configuration($$) {

-

- $Lang::tr{'wg warning configuration only shown once'} -

-

-- 2.39.5