openvpn-mgt/vpnsession.go

package main

import (
	"encoding/base64"
	"encoding/json"
	"os"
	"regexp"
	"strconv"
	"strings"
	"time"
)

type vpnSession struct {
	Time        time.Time `json:"time"`
	Login       string    `json:"username"`
	Operation   string    `json:"operation"`
	Status      string    `json:"status"`
	Profile     string    `json:"profile"`
	TwoFA       bool      `json:"2fa_auth"`
	IP          string    `json:"client_ip"`
	PrivIP      string    `json:"private_ip"`
	AsNumber    string    `json:"as_number"`
	AsName      string    `json:"as_name"`
	NewAS       bool      `json:"as_new"`
	PwnedPasswd bool      `json:"pwned_passwd"`
	Hostname    string    `json:"hostname"`
	TooMuchPwn  bool      `json:"too_much_pwn"`
	Mail        string    `json:"-"`
	cID         int       `json:"-"`
	kID         int       `json:"-"`
	port        int       `json:"-"`
	dev         string    `json:"-"`
	password    string    `json:"-"`
	otpCode     string    `json:"-"`
	localIP     string    `json:"-"`
}

func NewVPNSession(operation string) *vpnSession {
	v := vpnSession{
		Time:      time.Now().Round(time.Second),
		Status:    "system failure",
		Operation: operation,
	}
	v.Hostname, _ = os.Hostname()

	return &v
}

func (c *vpnSession) b64Login() string {
	return base64.StdEncoding.EncodeToString([]byte(c.Login))
}

func (c *vpnSession) ParseSessionId(line string) error {
	var err error
	client_id := strings.Split(strings.Replace(line, ">CLIENT:CONNECT,", "", 1), ",")
	if c.cID, err = strconv.Atoi(client_id[0]); err != nil {
		return err
	}
	if c.kID, err = strconv.Atoi(client_id[1]); err != nil {
		return err
	}
	return nil
}

func (c *vpnSession) ParseEnv(infos *[]string) error {
	var err error
	r := regexp.MustCompile("[^a-zA-Z0-9./_@-]")

	for _, line := range *infos {
		p := strings.Split(strings.Replace(line, ">CLIENT:ENV,", "", 1), "=")
		switch p[0] {
		case "trusted_port":
			if c.port, err = strconv.Atoi(r.ReplaceAllString(p[1], "")); err != nil {
				return err
			}
		case "untrusted_port":
			if c.port, err = strconv.Atoi(r.ReplaceAllString(p[1], "")); err != nil {
				return err
			}
		case "trusted_ip":
			c.IP = r.ReplaceAllString(p[1], "")
		case "untrusted_ip":
			c.IP = r.ReplaceAllString(p[1], "")
		case "ifconfig_local":
			c.localIP = r.ReplaceAllString(p[1], "")
		case "password":
			switch {
			case strings.HasPrefix(p[1], "CRV1"):
				split := strings.Split(p[1], ":")
				if len(split) != 5 {
					break
				}
				c.password = split[2]
				c.otpCode = split[4]

			case strings.HasPrefix(p[1], "SCRV1"):
				split := strings.Split(p[1], ":")
				if len(split) != 3 {
					break
				}
				data, err := base64.StdEncoding.DecodeString(split[1])
				if err != nil {
					break
				}
				c.password = string(data)

				data, err = base64.StdEncoding.DecodeString(split[2])
				if err != nil {
					break
				}
				c.otpCode = string(data)

			default:
				c.password = p[1]
				c.otpCode = "***"
			}

		case "username":
			c.Login = r.ReplaceAllString(p[1], "")
		case "dev":
			c.dev = r.ReplaceAllString(p[1], "")
		}
	}
	return nil
}

func (c *vpnSession) String() string {
	if res, err := json.MarshalIndent(c, " ", "  "); err == nil {
		return string(res)
	}
	return ""
}
save work in progress 2019-07-08 16:41:04 +00:00			`package main`

			`import (`
			`"encoding/base64"`
			`"encoding/json"`
			`"os"`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`"regexp"`
save work in progress 2019-07-08 16:41:04 +00:00			`"strconv"`
			`"strings"`
			`"time"`
			`)`

			`type vpnSession struct {`
			Time time.Time `json:"time"`
			Login string `json:"username"`
			Operation string `json:"operation"`
			Status string `json:"status"`
			Profile string `json:"profile"`
			TwoFA bool `json:"2fa_auth"`
			IP string `json:"client_ip"`
			PrivIP string `json:"private_ip"`
			AsNumber string `json:"as_number"`
			AsName string `json:"as_name"`
			NewAS bool `json:"as_new"`
			PwnedPasswd bool `json:"pwned_passwd"`
			Hostname string `json:"hostname"`
			TooMuchPwn bool `json:"too_much_pwn"`
			Mail string `json:"-"`
			cID int `json:"-"`
			kID int `json:"-"`
			port int `json:"-"`
			dev string `json:"-"`
			password string `json:"-"`
			otpCode string `json:"-"`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			localIP string `json:"-"`
save work in progress 2019-07-08 16:41:04 +00:00			`}`

			`func NewVPNSession(operation string) *vpnSession {`
			`v := vpnSession{`
			`Time: time.Now().Round(time.Second),`
			`Status: "system failure",`
			`Operation: operation,`
			`}`
			`v.Hostname, _ = os.Hostname()`

			`return &v`
			`}`

working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`func (c *vpnSession) b64Login() string {`
			`return base64.StdEncoding.EncodeToString([]byte(c.Login))`
			`}`

save work in progress 2019-07-08 16:41:04 +00:00			`func (c *vpnSession) ParseSessionId(line string) error {`
			`var err error`
			`client_id := strings.Split(strings.Replace(line, ">CLIENT:CONNECT,", "", 1), ",")`
			`if c.cID, err = strconv.Atoi(client_id[0]); err != nil {`
			`return err`
			`}`
			`if c.kID, err = strconv.Atoi(client_id[1]); err != nil {`
			`return err`
			`}`
			`return nil`
			`}`

working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`func (c vpnSession) ParseEnv(infos []string) error {`
			`var err error`
			`r := regexp.MustCompile("[^a-zA-Z0-9./_@-]")`

save work in progress 2019-07-08 16:41:04 +00:00			`for _, line := range *infos {`
			`p := strings.Split(strings.Replace(line, ">CLIENT:ENV,", "", 1), "=")`
			`switch p[0] {`
			`case "trusted_port":`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`if c.port, err = strconv.Atoi(r.ReplaceAllString(p[1], "")); err != nil {`
			`return err`
			`}`
save work in progress 2019-07-08 16:41:04 +00:00			`case "untrusted_port":`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`if c.port, err = strconv.Atoi(r.ReplaceAllString(p[1], "")); err != nil {`
			`return err`
			`}`
			`case "trusted_ip":`
			`c.IP = r.ReplaceAllString(p[1], "")`
save work in progress 2019-07-08 16:41:04 +00:00			`case "untrusted_ip":`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`c.IP = r.ReplaceAllString(p[1], "")`
			`case "ifconfig_local":`
			`c.localIP = r.ReplaceAllString(p[1], "")`
save work in progress 2019-07-08 16:41:04 +00:00			`case "password":`
			`switch {`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`case strings.HasPrefix(p[1], "CRV1"):`
			`split := strings.Split(p[1], ":")`
save work in progress 2019-07-08 16:41:04 +00:00			`if len(split) != 5 {`
			`break`
			`}`
			`c.password = split[2]`
			`c.otpCode = split[4]`

working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`case strings.HasPrefix(p[1], "SCRV1"):`
			`split := strings.Split(p[1], ":")`
save work in progress 2019-07-08 16:41:04 +00:00			`if len(split) != 3 {`
			`break`
			`}`
			`data, err := base64.StdEncoding.DecodeString(split[1])`
			`if err != nil {`
			`break`
			`}`
			`c.password = string(data)`

			`data, err = base64.StdEncoding.DecodeString(split[2])`
			`if err != nil {`
			`break`
			`}`
			`c.otpCode = string(data)`

			`default:`
			`c.password = p[1]`
			`c.otpCode = "***"`
			`}`

			`case "username":`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`c.Login = r.ReplaceAllString(p[1], "")`
save work in progress 2019-07-08 16:41:04 +00:00			`case "dev":`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`c.dev = r.ReplaceAllString(p[1], "")`
save work in progress 2019-07-08 16:41:04 +00:00			`}`
			`}`
working prototype can push OTP request can push routes 2019-07-09 21:37:37 +00:00			`return nil`
save work in progress 2019-07-08 16:41:04 +00:00			`}`

			`func (c *vpnSession) String() string {`
			`if res, err := json.MarshalIndent(c, " ", " "); err == nil {`
			`return string(res)`
			`}`
			`return ""`
			`}`