Add logging, including the json one
get infos from I've been pwned and the API on install.dm.gg/vpn-log.php and send mail if there is anything strange
This commit is contained in:
Xavier Henner
53
vpnserver.go
53
vpnserver.go
@@ -71,12 +71,12 @@ func (s *OpenVpnMgt) Run() {
|
||||
}
|
||||
}
|
||||
|
||||
// send a command to the server. Set the channel to receive the response
|
||||
func (s *OpenVpnMgt) sendCommand(msg []string, remote string) (error, []string) {
|
||||
if len(s.buf) == 0 {
|
||||
return errors.New("No openvpn server present"), nil
|
||||
}
|
||||
for _, line := range msg {
|
||||
log.Println(line)
|
||||
if _, err := s.buf[remote].WriteString(line + "\r\n"); err != nil {
|
||||
return err, nil
|
||||
}
|
||||
@@ -91,6 +91,7 @@ func (s *OpenVpnMgt) sendCommand(msg []string, remote string) (error, []string)
|
||||
return nil, ret
|
||||
}
|
||||
|
||||
// send the help command on all vpn servers. Kind of useless
|
||||
func (s *OpenVpnMgt) Help() (error, map[string]map[string]string) {
|
||||
ret := make(map[string]map[string]string)
|
||||
re := regexp.MustCompile("^(.*[^ ]) *: (.*)$")
|
||||
@@ -112,6 +113,7 @@ func (s *OpenVpnMgt) Help() (error, map[string]map[string]string) {
|
||||
return nil, ret
|
||||
}
|
||||
|
||||
// send the verson command on all vpn servers. Kind of useless
|
||||
func (s *OpenVpnMgt) Version() (error, map[string][]string) {
|
||||
ret := make(map[string][]string)
|
||||
for remote := range s.buf {
|
||||
@@ -124,20 +126,34 @@ func (s *OpenVpnMgt) Version() (error, map[string][]string) {
|
||||
return nil, ret
|
||||
}
|
||||
|
||||
// internal DHCP
|
||||
func (s *OpenVpnMgt) getIP(c *vpnSession) (string, error) {
|
||||
// TODO implement
|
||||
ip := s.ldap[c.Profile].ipMin
|
||||
|
||||
return ip.String(), nil
|
||||
}
|
||||
|
||||
// called after a client is confirmed connected and authenticated
|
||||
func (s *OpenVpnMgt) ClientValidated(line, remote string) {
|
||||
err, c := s.getClient(line, remote)
|
||||
if err != nil {
|
||||
log.Println(err, line)
|
||||
return
|
||||
}
|
||||
<-s.ret
|
||||
|
||||
c.Status = "success"
|
||||
infos := <-s.ret
|
||||
|
||||
log.Println(c)
|
||||
if err := c.ParseEnv(&infos); err != nil {
|
||||
log.Println(err)
|
||||
}
|
||||
|
||||
s.Log(c)
|
||||
}
|
||||
|
||||
// called after a client is disconnected, including for auth issues
|
||||
func (s *OpenVpnMgt) ClientDisconnect(line, remote string) {
|
||||
//TODO free the IP
|
||||
err, c := s.getClient(line, remote)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
@@ -153,31 +169,25 @@ func (s *OpenVpnMgt) ClientDisconnect(line, remote string) {
|
||||
|
||||
// Don't log the initial auth failure due to absence of OTP code
|
||||
if c.Status != "Need OTP Code" {
|
||||
c.Log()
|
||||
s.Log(c)
|
||||
}
|
||||
|
||||
defer delete(s.clients[remote], c.cID)
|
||||
}
|
||||
|
||||
func (s *OpenVpnMgt) getIP(c *vpnSession) (string, error) {
|
||||
// TODO implement
|
||||
ip := s.ldap[c.Profile].ipMin
|
||||
|
||||
return ip.String(), nil
|
||||
}
|
||||
|
||||
// called at the initial connexion
|
||||
func (s *OpenVpnMgt) ClientConnect(line, remote string) {
|
||||
client := NewVPNSession("log in")
|
||||
client.vpnserver = remote
|
||||
client.ParseSessionId(line)
|
||||
s.clients[remote][client.cID] = client
|
||||
c := NewVPNSession("log in")
|
||||
c.vpnserver = remote
|
||||
c.ParseSessionId(line)
|
||||
s.clients[remote][c.cID] = c
|
||||
infos := <-s.ret
|
||||
if err := client.ParseEnv(&infos); err != nil {
|
||||
if err := c.ParseEnv(&infos); err != nil {
|
||||
log.Println(err)
|
||||
return
|
||||
}
|
||||
|
||||
client.Auth(s)
|
||||
c.Auth(s)
|
||||
}
|
||||
|
||||
// find a client among all registered sessions
|
||||
@@ -200,6 +210,7 @@ func (s *OpenVpnMgt) getClient(line, remote string) (error, *vpnSession) {
|
||||
return errors.New("unknown vpn client"), nil
|
||||
}
|
||||
|
||||
// main loop for a given openvpn server
|
||||
func (s *OpenVpnMgt) handleConn(conn net.Conn) {
|
||||
remote := conn.RemoteAddr().String()
|
||||
|
||||
@@ -207,6 +218,8 @@ func (s *OpenVpnMgt) handleConn(conn net.Conn) {
|
||||
defer delete(s.buf, remote)
|
||||
defer delete(s.clients, remote)
|
||||
|
||||
// TODO : free all IPs if disconnected
|
||||
|
||||
// we store the buffer pointer in the struct, to be accessed from other methods
|
||||
s.buf[remote] = bufio.NewReadWriter(bufio.NewReader(conn), bufio.NewWriter(conn))
|
||||
s.clients[remote] = make(map[int]*vpnSession)
|
||||
@@ -240,7 +253,7 @@ func (s *OpenVpnMgt) handleConn(conn net.Conn) {
|
||||
return
|
||||
}
|
||||
|
||||
log.Println("Valid openvpn connected from %s", remote)
|
||||
log.Printf("Valid openvpn connected from %s\n", remote)
|
||||
|
||||
for {
|
||||
line, err := s.buf[remote].ReadString('\n')
|
||||
@@ -299,7 +312,7 @@ func (s *OpenVpnMgt) handleConn(conn net.Conn) {
|
||||
response = append(response, line)
|
||||
}
|
||||
// TODO remove this
|
||||
if strings.Index(line, "password") == -1 {
|
||||
if false && strings.Index(line, "password") == -1 {
|
||||
log.Print(line)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user