2024-08-30 05:13:05 +02:00
|
|
|
/*
|
|
|
|
* This file is part of nftables-http-api.
|
|
|
|
* Copyright (C) 2024 Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
|
|
|
|
*
|
|
|
|
* The nftables-http-api program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
|
|
|
|
|
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
|
|
|
2024-08-30 06:44:37 +02:00
|
|
|
* You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
|
2024-08-30 05:13:05 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2024-08-30 06:44:37 +02:00
|
|
|
"errors"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
2024-08-30 05:13:05 +02:00
|
|
|
"log"
|
2024-08-30 06:44:37 +02:00
|
|
|
"net"
|
2024-08-30 05:13:05 +02:00
|
|
|
"net/http"
|
|
|
|
)
|
|
|
|
|
|
|
|
type Response struct {
|
2024-08-30 06:44:37 +02:00
|
|
|
RError string `json:"error,omitempty"`
|
2024-08-30 05:13:05 +02:00
|
|
|
RResult string `json:"result,omitempty"`
|
|
|
|
}
|
|
|
|
|
2024-08-30 18:26:57 +02:00
|
|
|
type ResponseSet struct {
|
|
|
|
RError string `json:"error,omitempty"`
|
|
|
|
RResult []string `json:"result,omitempty"`
|
|
|
|
}
|
|
|
|
|
2024-08-30 05:13:05 +02:00
|
|
|
func doReturn(w http.ResponseWriter, status int, text string) {
|
|
|
|
var response any
|
2024-08-30 20:12:17 +02:00
|
|
|
if status == http.StatusOK || status == http.StatusCreated {
|
2024-08-30 05:13:05 +02:00
|
|
|
response = Response{RResult: text}
|
|
|
|
} else {
|
|
|
|
response = Response{RError: text}
|
|
|
|
}
|
|
|
|
j, err := json.Marshal(response)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("Failed to marshal JSON: %s", err)
|
|
|
|
}
|
|
|
|
w.WriteHeader(status)
|
|
|
|
w.Write(j)
|
2024-08-30 18:26:57 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func doReturnSet(w http.ResponseWriter, status int, text string, elements []string) {
|
|
|
|
var response any
|
|
|
|
if status == http.StatusOK {
|
|
|
|
response = ResponseSet{RResult: elements}
|
|
|
|
} else {
|
|
|
|
response = Response{RError: text}
|
|
|
|
}
|
|
|
|
j, err := json.Marshal(response)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("Failed to marshal JSON: %s", err)
|
|
|
|
}
|
|
|
|
w.WriteHeader(status)
|
|
|
|
w.Write(j)
|
2024-08-30 05:13:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func doCheckToken(token string, hash string) bool {
|
|
|
|
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(token))
|
|
|
|
if err == nil {
|
|
|
|
return true
|
|
|
|
} else {
|
|
|
|
log.Printf("Token check failed: %s", err)
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
2024-08-30 06:44:37 +02:00
|
|
|
|
|
|
|
func parseIPAddress(straddress string) (net.IP, string) {
|
|
|
|
parsedaddress := net.ParseIP(straddress)
|
|
|
|
var address net.IP
|
|
|
|
family, err := getIPAddressFamily(straddress)
|
|
|
|
if err == nil {
|
|
|
|
if family == "ipv4" {
|
|
|
|
address = parsedaddress.To4()
|
|
|
|
} else if family == "ipv6" {
|
|
|
|
address = parsedaddress.To16()
|
|
|
|
} else {
|
|
|
|
log.Println("unknown family, this should not happen")
|
|
|
|
return nil, family
|
|
|
|
}
|
|
|
|
return address, family
|
|
|
|
}
|
|
|
|
log.Println("address parsing failed:", err)
|
|
|
|
return nil, ""
|
|
|
|
}
|
|
|
|
|
|
|
|
func getIPAddressFamily(ip string) (string, error) {
|
|
|
|
if net.ParseIP(ip) == nil {
|
|
|
|
return "", errors.New("Not an IP address")
|
|
|
|
}
|
|
|
|
for i := 0; i < len(ip); i++ {
|
|
|
|
switch ip[i] {
|
|
|
|
case '.':
|
|
|
|
return "ipv4", nil
|
|
|
|
case ':':
|
|
|
|
return "ipv6", nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return "", errors.New("unknown error")
|
|
|
|
}
|