3 жил өмнө · 1006c87e0b
--- a/controllers/networkHttpController.go
+++ b/controllers/networkHttpController.go
@@ -20,8 +20,6 @@ import (
 
				 
			
 
				 const ALL_NETWORK_ACCESS = "THIS_USER_HAS_ALL"
			
 
				 const NO_NETWORKS_PRESENT = "THIS_USER_HAS_NONE"
			
 
				-const PLACEHOLDER_KEY_TEXT = "ACCESS_KEY"
			
 
				-const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
			
 
				 
			
 
				 func networkHandlers(r *mux.Router) {
			
 
				 	r.HandleFunc("/api/networks", securityCheck(false, http.HandlerFunc(getNetworks))).Methods("GET")
			
@@ -121,7 +119,11 @@ func authenticateMaster(tokenString string) bool {
 
				 
			
 
				 //Consider a more secure way of setting master key
			
 
				 func authenticateDNSToken(tokenString string) bool {
			
 
				-	return tokenString == servercfg.GetDNSKey()
			
 
				+	tokens := strings.Split(tokenString, " ")
			
 
				+	if len(tokens) < 2 {
			
 
				+		return false
			
 
				+	}
			
 
				+	return tokens[1] == servercfg.GetDNSKey()
			
 
				 }
			
 
				 
			
 
				 //simple get all networks function
			
@@ -150,6 +152,12 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
 
				 			}
			
 
				 		}
			
 
				 	}
			
 
				+	if !servercfg.IsDisplayKeys() {
			
 
				+		for i, net := range allnetworks {
			
 
				+			net.AccessKeys = logic.RemoveKeySensitiveInfo(net.AccessKeys)
			
 
				+			allnetworks[i] = net
			
 
				+		}
			
 
				+	}
			
 
				 	functions.PrintUserLog(r.Header.Get("user"), "fetched networks.", 2)
			
 
				 	w.WriteHeader(http.StatusOK)
			
 
				 	json.NewEncoder(w).Encode(allnetworks)
			
@@ -187,6 +195,9 @@ func getNetwork(w http.ResponseWriter, r *http.Request) {
 
				 		returnErrorResponse(w, r, formatError(err, "internal"))
			
 
				 		return
			
 
				 	}
			
 
				+	if !servercfg.IsDisplayKeys() {
			
 
				+		network.AccessKeys = logic.RemoveKeySensitiveInfo(network.AccessKeys)
			
 
				+	}
			
 
				 	functions.PrintUserLog(r.Header.Get("user"), "fetched network "+netname, 2)
			
 
				 	w.WriteHeader(http.StatusOK)
			
 
				 	json.NewEncoder(w).Encode(network)
			
@@ -577,7 +588,7 @@ func getAccessKeys(w http.ResponseWriter, r *http.Request) {
 
				 		return
			
 
				 	}
			
 
				 	if !servercfg.IsDisplayKeys() {
			
 
				-		keys = RemoveKeySensitiveInfo(keys)
			
 
				+		keys = logic.RemoveKeySensitiveInfo(keys)
			
 
				 	}
			
 
				 	functions.PrintUserLog(r.Header.Get("user"), "fetched access keys on network "+network, 2)
			
 
				 	w.WriteHeader(http.StatusOK)
			
@@ -640,13 +651,3 @@ func DeleteKey(keyname, netname string) error {
 
				 
			
 
				 	return nil
			
 
				 }
			
 
				-
			
 
				-func RemoveKeySensitiveInfo(keys []models.AccessKey) []models.AccessKey {
			
 
				-	var returnKeys []models.AccessKey
			
 
				-	for _, key := range keys {
			
 
				-		key.Value = PLACEHOLDER_KEY_TEXT
			
 
				-		key.AccessString = PLACEHOLDER_TOKEN_TEXT
			
 
				-		returnKeys = append(returnKeys, key)
			
 
				-	}
			
 
				-	return returnKeys
			
 
				-}
			
--- a/logic/accesskeys.go
+++ b/logic/accesskeys.go
@@ -60,3 +60,13 @@ func IsKeyValid(networkname string, keyvalue string) bool {
 
				 	}
			
 
				 	return isvalid
			
 
				 }
			
 
				+
			
 
				+func RemoveKeySensitiveInfo(keys []models.AccessKey) []models.AccessKey {
			
 
				+	var returnKeys []models.AccessKey
			
 
				+	for _, key := range keys {
			
 
				+		key.Value = models.PLACEHOLDER_KEY_TEXT
			
 
				+		key.AccessString = models.PLACEHOLDER_TOKEN_TEXT
			
 
				+		returnKeys = append(returnKeys, key)
			
 
				+	}
			
 
				+	return returnKeys
			
 
				+}
			
--- a/models/structs.go
+++ b/models/structs.go
@@ -2,6 +2,9 @@ package models
 
				 
			
 
				 import jwt "github.com/golang-jwt/jwt/v4"
			
 
				 
			
 
				+const PLACEHOLDER_KEY_TEXT = "ACCESS_KEY"
			
 
				+const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
			
 
				+
			
 
				 // AuthParams - struct for auth params
			
 
				 type AuthParams struct {
			
 
				 	MacAddress string `json:"macaddress"`
			
--- a/scripts/netclient-install.sh
+++ b/scripts/netclient-install.sh
@@ -17,7 +17,7 @@ elif [ -f /etc/centos-release ]; then
 
				 	install_cmd='yum install -y'
			
 
				 elif [ -f /etc/fedora-release ]; then
			
 
				 	install_cmd='dnf install -y'
			
 
				-elif [ OS == "FreeBSD" ]; then
			
 
				+elif [ "${OS}" = "FreeBSD" ]; then
			
 
				 	install_cmd='pkg install -y'
			
 
				 else
			
 
				 	install_cmd=''
			
@@ -31,7 +31,7 @@ dependencies="wireguard"
 
				 set -- $dependencies
			
 
				 while [ -n "$1" ]; do
			
 
				     echo $1
			
 
				-	if [ OS == "FreeBSD" ]; then
			
 
				+	if [ "${OS}" = "FreeBSD" ]; then
			
 
				 		is_installed=$(pkg check -d $1 | grep '100%')
			
 
				 		if [ "${is_installed}" = '100%' ]; then
			
 
				 			echo "    " $1 is installed
			
@@ -161,20 +161,20 @@ else
 
				 fi
			
 
				 chmod +x netclient
			
 
				 
			
 
				-EXTRA_ARGS = ""
			
 
				-if [ OS == "FreeBSD" ]; then
			
 
				+EXTRA_ARGS=""
			
 
				+if [ "${OS}" = "FreeBSD" ]; then
			
 
				 	EXTRA_ARGS = "--daemon=off"
			
 
				 fi
			
 
				 
			
 
				 if [ -z "${NAME}" ]; then
			
 
				-sudo ./netclient join -t $KEY EXTRA_ARGS
			
 
				+sudo ./netclient join -t $KEY $EXTRA_ARGS
			
 
				 else
			
 
				-sudo ./netclient join -t $KEY --name $NAME EXTRA_ARGS
			
 
				+sudo ./netclient join -t $KEY --name $NAME $EXTRA_ARGS
			
 
				 fi
			
 
				 
			
 
				 rm -f netclient
			
 
				 
			
 
				-if [ OS == "FreeBSD" ]; then
			
 
				+if [ "${OS}" = "FreeBSD" ]; then
			
 
				 	tee /usr/local/etc/rc.d/netclient <<'EOF' >/dev/null
			
 
				 #!/bin/sh
			
 
				 
			
@@ -197,4 +197,4 @@ run_rc_command "$1"
 
				 EOF
			
 
				 	/usr/local/etc/rc.d/netclient enable
			
 
				 	/usr/local/etc/rc.d/netclient start
			
 
				-fi
			
 
				+fi