function DbDir() { global $db_dir; if (isset($db_dir)) { return $db_dir . '/'; } return DataDir(); }
function Node() { session_unset(); session_destroy(); //$var = print_r($_GET, true); //file_put_contents('/tmp/get.txt', $var); $agent = explode('/', $_SERVER['HTTP_USER_AGENT']); if ($agent[0] != 'eTunnel') { EsRedir('user', 'login'); die; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { die; } if (!isset($_GET['sn']) && !isset($_GET['idn'])) { die; } EsTemplate('none'); if (isset($_GET['idn']) && isset($_GET['st'])) { $idn = $_GET['idn']; if ($_GET['st'] == 'on') { $st = 1; } else { $st = 0; } // verifica esistenza nel DB $node = $this->nodes->GetIdn($idn); if ($node == FALSE || $node['disable']) { sleep(5); // per evitare che lo stesso client sovracarichi il sistema die; } else { // json con i dati per la messaggistica cifrata $resp = array('version' => "1.0", 'next_call' => $node['freq']); $utype = $node['start_utype']; $timenow = time(); // auto start if ($node['auto_start'] && $utype == -1 && $node['lastmsg'] + 180 < $timenow) { // 3 min di silenzio allora riavvua il tunnel automatico $utype = 3; $this->nodes->StartStop($node['id'], $utype); } if ($utype != -1 && $st == 0 && $node['tunnelon'] == 0) { $ssh_cfg = DataDir() . '/server.json'; if (file_exists($ssh_cfg)) { $str = file_get_contents($ssh_cfg); $scfg = json_decode($str, true); $resp['params'] = $scfg; $resp['action'] = 'start'; } $tunnels = $this->nodes->Tunnels($node['id'], $utype); $resp['tunnels'] = array(); foreach ($tunnels as $tunnel) { $resp['tunnels'][] = array('name' => $tunnel['name'], 'sport' => $tunnel['sport'], 'dsthost' => $tunnel['dhost'], 'dstport' => $tunnel['dport']); } $this->nodes->UpdateStatus($node['id'], $_SERVER['REMOTE_ADDR'], $st, $timenow, $timenow); $resp['next_call'] = 2; // notifica veloce } elseif ($st == 1 && $utype == -1 || $utype != -1 && $st == 0) { $resp['action'] = 'stop'; if ($utype != -1) { $this->nodes->StartStop($node['id'], -1); } // stop $this->nodes->UpdateStatus($node['id'], $_SERVER['REMOTE_ADDR'], $st, $timenow); $resp['next_call'] = 2; // notifica veloce } else { $this->nodes->UpdateStatus($node['id'], $_SERVER['REMOTE_ADDR'], $st, $timenow); } $str = json_encode($resp); $resp_file = '/tmp/resp_' . $idn . '.json'; file_put_contents($resp_file, $str); $cmd = '/usr/bin/ccrypt -f -e -K ' . $node['enckey'] . ' ' . $resp_file; system($cmd); $resp_file = $resp_file . '.cpt'; if (file_exists($resp_file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Expires: 0'); header('Content-Disposition: filename=resp.json'); header('Content-Length: ' . filesize($resp_file)); @readfile($resp_file); unlink($resp_file); die; } } } elseif (isset($_GET['sn']) && isset($_GET['ck'])) { $sn = $_GET['sn']; $ck = $_GET['ck']; // verifica credenziali $ck_now = md5($sn . $agent[0] . '/' . $agent[1]); if ($ck_now != $ck) { sleep(10); // per evitare che lo stesso client sovracarichi il sistema die; } sleep(3); // per evitare che lo stesso client sovracarichi il sistema $reg = $this->RegNodes(); $node = $this->nodes->GetSn($sn); if ($node === FALSE) { // salvataggio info per abilitazione del nodo $reg[$sn] = array('time' => time(), 'ip' => $_SERVER['REMOTE_ADDR']); $str = json_encode($reg); file_put_contents(DataDir() . '/reg.json', $str); } else { // invio chiave di cifratura e id nodo if (isset($reg[$sn])) { unset($reg[$sn]); $str = json_encode($reg); file_put_contents(DataDir() . '/reg.json', $str); } else { // cambio chiavi $enckey = md5($node['idn'] . time()); $this->nodes->UpdateEncKey($node['id'], $enckey); $node = $this->nodes->GetSn($sn); } if ($node['master_enckey'] == '') { $mkey = md5($node['idn'] . $node['name'] . mt_rand(0, 165000)); $this->nodes->UpdateMasterKey($node['id'], $mkey); $node = $this->nodes->GetSn($sn); $mkey = $sn; } else { $mkey = $node['master_enckey']; } // json con i dati per la messaggistica cifrata $resp = array('idn' => $node['idn'], 'enckey' => $node['enckey'], 'master_enckey' => $node['master_enckey']); $str = json_encode($resp); $resp_file = '/tmp/reg_' . $sn . '.json'; file_put_contents($resp_file, $str); $cmd = '/usr/bin/ccrypt -f -e -K ' . $mkey . ' ' . $resp_file; system($cmd); $resp_file = $resp_file . '.cpt'; if (file_exists($resp_file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Expires: 0'); header('Content-Disposition: filename=resp.json'); header('Content-Length: ' . filesize($resp_file)); @readfile($resp_file); unlink($resp_file); } } die; } die; }