* Contribute at https://github.com/jvaubourg/hotspot_ynh * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ function moulinette_get($var) { return htmlspecialchars(exec('sudo yunohost app setting hotspot '.escapeshellarg($var))); } function moulinette_set($var, $value) { return exec('sudo yunohost app setting hotspot '.escapeshellarg($var).' -v '.escapeshellarg($value)); } function stop_service() { exec('sudo service ynh-hotspot stop'); } function start_service() { exec('sudo service ynh-hotspot start', $output, $retcode); return $retcode; } function service_status() { exec('sudo service ynh-hotspot status', $output); return $output; } function service_faststatus() { exec('sudo service hostapd status', $output, $retcode); return $retcode; } function ipv6_expanded($ip) { exec('ipv6_expanded '.escapeshellarg($ip), $output); return $output[0]; } function ipv6_compressed($ip) { exec('ipv6_compressed '.escapeshellarg($ip), $output); return $output[0]; } function iw_multissid($nic) { exec('sudo iw_multissid '.escapeshellarg($nic), $output); return $output[0]; } function iw_devices() { exec('sudo iw_devices', $output); return getArray($output[0]); } function getArray($str) { return explode('|', $str); } function noneValue($str) { return ($str == 'none') ? '' : $str; } function is_connected_through_hotspot($ip6_net, $ip4_nat_prefix) { $ip = $_SERVER['REMOTE_ADDR']; $ip6_regex = '/^'.preg_quote(preg_replace('/::$/', '', $ip6_net)).':/'; $ip4_regex = '/^'.preg_quote($ip4_nat_prefix).'\./'; return (preg_match($ip6_regex, $ip) || preg_match($ip4_regex, $ip)); } dispatch('/', function() { $ssids = array(); $devs = iw_devices(); $devs_list = ''; $wifi_device = moulinette_get('wifi_device'); $multissid = moulinette_get('multissid'); $wifi_channel = moulinette_get('wifi_channel'); foreach($devs AS $dev) { $dev_multissid = iw_multissid($dev); $active = ($dev == $wifi_device) ? 'class="active"' : ''; $devs_list .= "
  • $dev
  • \n"; } $wifi_ssid = getArray(moulinette_get('wifi_ssid')); $wifi_secure = getArray(moulinette_get('wifi_secure')); $wifi_passphrase = getArray(moulinette_get('wifi_passphrase')); $ip6_net = getArray(moulinette_get('ip6_net')); $ip6_dns0 = getArray(moulinette_get('ip6_dns0')); $ip6_dns1 = getArray(moulinette_get('ip6_dns1')); $ip4_nat_prefix = getArray(moulinette_get('ip4_nat_prefix')); $ip4_dns0 = getArray(moulinette_get('ip4_dns0')); $ip4_dns1 = getArray(moulinette_get('ip4_dns1')); for($i = 0; $i < $multissid; $i++) { $ssid = [ 'id' => $i, 'wifi_ssid' => noneValue($wifi_ssid[$i]), 'wifi_secure' => noneValue($wifi_secure[$i]), 'wifi_passphrase' => noneValue($wifi_passphrase[$i]), 'ip6_net' => noneValue($ip6_net[$i]), 'ip6_dns0' => noneValue($ip6_dns0[$i]), 'ip6_dns1' => noneValue($ip6_dns1[$i]), 'ip4_nat_prefix' => noneValue($ip4_nat_prefix[$i]), 'ip4_dns0' => noneValue($ip4_dns0[$i]), 'ip4_dns1' => noneValue($ip4_dns1[$i]), ]; array_push($ssids, $ssid); } $ip6_net = moulinette_get('ip6_net'); $ip6_net = ($ip6_net == 'none') ? '' : $ip6_net; $ip4_nat_prefix = moulinette_get('ip4_nat_prefix'); set('service_enabled', moulinette_get('service_enabled')); set('ssids', $ssids); set('wifi_device', $wifi_device); set('wifi_channel', $wifi_channel); set('wifi_device_list', $devs_list); set('faststatus', service_faststatus() == 0); set('is_connected_through_hotspot', is_connected_through_hotspot($ip6_net, $ip4_nat_prefix)); return render('settings.html.php'); }); dispatch_put('/settings', function() { exec('ip link show '.escapeshellarg($_POST['wifi_device']), $output, $retcode); $wifi_device_exists = ($retcode == 0); $service_enabled = isset($_POST['service_enabled']) ? 1 : 0; $wifi_ssid_uniqueness = array(); $ip4_nat_prefix_uniqueness = array(); $ip6_net_uniqueness = array(); $ssids = array(); $id = 0; if($service_enabled == 1) { try { foreach($_POST['ssid'] as $key => $ssid) { $id = $key + 1; $ssid['ip6_net'] = empty($ssid['ip6_net']) ? 'none' : $ssid['ip6_net']; $ssid['ip6_addr'] = 'none'; $ssid['wifi_secure'] = isset($ssid['wifi_secure']) ? 1 : 0; if(!$ssid['wifi_secure']) { $ssid['wifi_passphrase'] = 'none'; } if(in_array($ssid['wifi_ssid'], $wifi_ssid_uniqueness)) { throw new Exception(T_('All Wifi names must be unique')); } else { array_push($wifi_ssid_uniqueness, $ssid['wifi_ssid']); } if(in_array($ssid['ip4_nat_prefix'], $ip4_nat_prefix_uniqueness)) { throw new Exception(T_('All IPv4 NAT prefixes must be unique')); } else { array_push($ip4_nat_prefix_uniqueness, $ssid['ip4_nat_prefix']); } if($ssid['ip6_net'] != 'none' && in_array($ssid['ip6_net'], $ip6_net_uniqueness)) { throw new Exception(T_('All IPv6 delegated prefixes must be unique')); } else { array_push($ip6_net_uniqueness, $ssid['ip6_net']); } if(empty($ssid['wifi_ssid']) || empty($ssid['wifi_passphrase'])) { throw new Exception(T_('Your Wifi Hotspot needs a name and a password')); } if($ssid['wifi_secure'] && (strlen($ssid['wifi_passphrase']) < 8 || strlen($ssid['wifi_passphrase']) > 63)) { throw new Exception(T_('Your password must from 8 to 63 characters (WPA2 passphrase)')); } if($ssid['wifi_secure'] && preg_match('/[^[:print:]]/', $ssid['wifi_passphrase'])) { throw new Exception(T_('Only printable ASCII characters are permitted in your password')); } if(!$wifi_device_exists) { throw new Exception(T_('The wifi antenna interface seems not exist on the system')); } if($ssid['ip6_net'] != 'none') { $ssid['ip6_net'] = ipv6_expanded($ssid['ip6_net']); if(empty($ssid['ip6_net'])) { throw new Exception(T_('The IPv6 Delegated Prefix format looks bad')); } $ip6_blocs = explode(':', $ssid['ip6_net']); $ssid['ip6_addr'] = "${ip6_blocs[0]}:${ip6_blocs[1]}:${ip6_blocs[2]}:${ip6_blocs[3]}:${ip6_blocs[4]}:${ip6_blocs[5]}:${ip6_blocs[6]}:42"; $ssid['ip6_net'] = ipv6_compressed($ssid['ip6_net']); $ssid['ip6_addr'] = ipv6_compressed($ssid['ip6_addr']); } if(!empty($ssid['ip6_dns0'])) { $ssid['ip6_dns0'] = ipv6_expanded($ssid['ip6_dns0']); if(empty($ssid['ip6_dns0'])) { throw new Exception(T_('The format of the first IPv6 DNS Resolver looks bad')); } $ssid['ip6_dns0'] = ipv6_compressed($ssid['ip6_dns0']); if(!empty($ssid['ip6_dns1'])) { $ssid['ip6_dns1'] = ipv6_expanded($ssid['ip6_dns1']); if(empty($ssid['ip6_dns1'])) { throw new Exception(T_('The format of the second IPv6 DNS Resolver looks bad')); } $ssid['ip6_dns1'] = ipv6_compressed($ssid['ip6_dns1']); } } if(inet_pton($ssid['ip4_dns0']) === false) { throw new Exception(T_('The format of the first IPv4 DNS Resolver looks bad')); } if(inet_pton($ssid['ip4_dns1']) === false) { throw new Exception(T_('The format of the second IPv4 DNS Resolver looks bad')); } if(inet_pton("${ssid['ip4_nat_prefix']}.0") === false) { throw new Exception(T_('The format of the IPv4 NAT Prefix (/24) looks bad : x.x.x expected)')); } if(filter_var("${ssid['ip4_nat_prefix']}.0", FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) !== false) { throw new Exception(T_('The IPv4 NAT Prefix must be from a private range')); } array_push($ssids, $ssid); } } catch(Exception $e) { flash('error', T_('Hotspot')." $id: ".$e->getMessage().' ('.T_('configuration not updated').').'); goto redirect; } } stop_service(); moulinette_set('service_enabled', $service_enabled); $settings = array(); if($service_enabled == 1) { foreach($ssids as $ssid) { foreach($ssid as $setting => $value) { $settings[$setting] .= "$value|"; } } moulinette_set('multissid', count($ssids)); moulinette_set('wifi_device', $_POST['wifi_device']); moulinette_set('wifi_channel', $_POST['wifi_channel']); foreach($settings as $setting => $value) { moulinette_set($setting, preg_replace('/\|$/', '', $value)); } $retcode = start_service(); if($retcode == 0) { flash('success', T_('Configuration updated and service successfully reloaded')); } else { flash('error', T_('Configuration updated but service reload failed')); } } else { flash('success', T_('Service successfully disabled')); } redirect: redirect_to('/'); }); dispatch('/status', function() { $status_lines = service_status(); $status_list = ''; foreach($status_lines AS $status_line) { if(preg_match('/^\[INFO\]/', $status_line)) { $status_list .= '
  • '.htmlspecialchars($status_line).'
  • '; } elseif(preg_match('/^\[OK\]/', $status_line)) { $status_list .= '
  • '.htmlspecialchars($status_line).'
  • '; } elseif(preg_match('/^\[WARN\]/', $status_line)) { $status_list .= '
  • '.htmlspecialchars($status_line).'
  • '; } elseif(preg_match('/^\[ERR\]/', $status_line)) { $status_list .= '
  • '.htmlspecialchars($status_line).'
  • '; } } echo $status_list; }); dispatch('/lang/:locale', function($locale = 'en') { switch ($locale) { case 'fr': $_SESSION['locale'] = 'fr'; break; default: $_SESSION['locale'] = 'en'; } if(!empty($_GET['redirect_to'])) { redirect_to($_GET['redirect_to']); } else { redirect_to('/'); } });