raspap-webgui/includes/functions.php

<?php
/* Functions for Networking */

function mask2cidr($mask)
{
    $long = ip2long($mask);
    $base = ip2long('255.255.255.255');
    return 32-log(($long ^ $base)+1, 2);
}

/* Functions to write ini files */

function write_php_ini($array, $file)
{
    $res = array();
    foreach ($array as $key => $val) {
        if (is_array($val)) {
            $res[] = "[$key]";
            foreach ($val as $skey => $sval) {
                $res[] = "$skey = $sval";
            }
        } else {
            $res[] = "$key = $val";
        }
    }
    if (safefilerewrite($file, implode(PHP_EOL, $res))) {
        return true;
    } else {
        return false;
    }
}

function safefilerewrite($fileName, $dataToSave)
{
    if ($fp = fopen($fileName, 'w')) {
        $startTime = microtime(true);
        do {
            $canWrite = flock($fp, LOCK_EX);
            // If lock not obtained sleep for 0 - 100 milliseconds, to avoid collision and CPU load
            if (!$canWrite) {
                usleep(round(rand(0, 100)*1000));
            }
        } while ((!$canWrite)and((microtime(true)-$startTime) < 5));

        //file was locked so now we can store information
        if ($canWrite) {
            fwrite($fp, $dataToSave.PHP_EOL);
            flock($fp, LOCK_UN);
        }
        fclose($fp);
        return true;
    } else {
        return false;
    }
}

/**
* Saves a CSRF token in the session
*/
function ensureCSRFSessionToken()
{
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}

/**
*
* Add CSRF Token to form
*
*/
function CSRFTokenFieldTag()
{
    $token = htmlspecialchars($_SESSION['csrf_token']);
    return '<input type="hidden" name="csrf_token" value="' . $token . '">';
}

/**
* Retuns a CSRF meta tag (for use with xhr, for example)
*/
function CSRFMetaTag()
{
    $token = htmlspecialchars($_SESSION['csrf_token']);
    return '<meta name="csrf_token" content="' . $token . '">';
}

/**
*
* Validate CSRF Token
*
*/
function CSRFValidate()
{
    $post_token   = $_POST['csrf_token'];
    $header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];

    if (empty($post_token) && empty($header_token)) {
        return false;
    }

    $request_token = $post_token;
    if (empty($post_token)) {
        $request_token = $header_token;
    }

    if (hash_equals($_SESSION['csrf_token'], $request_token)) {
        return true;
    } else {
        error_log('CSRF violation');
        return false;
    }
}

/**
* Should the request be CSRF-validated?
*/
function csrfValidateRequest()
{
  $request_method = strtolower($_SERVER['REQUEST_METHOD']);
  return in_array($request_method, [ "post", "put", "patch", "delete" ]);
}

/**
* Handle invalid CSRF
*/
function handleInvalidCSRFToken()
{
    header('HTTP/1.1 500 Internal Server Error');
    header('Content-Type: text/plain');
    echo 'Invalid CSRF token';
    exit;
}

/**
* Test whether array is associative
*/
function isAssoc($arr)
{
    return array_keys($arr) !== range(0, count($arr) - 1);
}

/**
*
* Display a selector field for a form. Arguments are:
*   $name:     Field name
*   $options:  Array of options
*   $selected: Selected option (optional)
*       If $options is an associative array this should be the key
*
*/
function SelectorOptions($name, $options, $selected = null, $id = null)
{
    echo '<select class="form-control" name="'.htmlspecialchars($name, ENT_QUOTES).'"';
    if (isset($id)) {
        echo ' id="' . htmlspecialchars($id, ENT_QUOTES) .'"';
    }

    echo '>' , PHP_EOL;
    foreach ($options as $opt => $label) {
        $select = '';
        $key = isAssoc($options) ? $opt : $label;
        if ($key == $selected) {
            $select = ' selected="selected"';
        }

        echo '<option value="'.htmlspecialchars($key, ENT_QUOTES).'"'.$select.'>'.
            htmlspecialchars($label, ENT_QUOTES).'</option>' , PHP_EOL;
    }

    echo '</select>' , PHP_EOL;
}

/**
*
* @param string $input
* @param string $string
* @param int $offset
* @param string $separator
* @return $string
*/
function GetDistString($input, $string, $offset, $separator)
{
    $string = substr($input, strpos($input, $string)+$offset, strpos(substr($input, strpos($input, $string)+$offset), $separator));
    return $string;
}

/**
*
* @param array $arrConfig
* @return $config
*/
function ParseConfig($arrConfig)
{
    $config = array();
    foreach ($arrConfig as $line) {
        $line = trim($line);
        if ($line == "" || $line[0] == "#") { continue; }

        list($option, $value) = array_map("trim", explode("=", $line, 2));

        if (empty($config[$option])) {
            $config[$option] = $value ?: true;
        } else {
            if (!is_array($config[$option])) {
                $config[$option] = [ $config[$option] ];
            }
            $config[$option][] = $value;
        }
    }
    return $config;
}

/**
*
* @param string $freq
* @return $channel
*/
function ConvertToChannel($freq)
{
    if ($freq >= 2412 && $freq <= 2484) {
        $channel = ($freq - 2407)/5;
    } elseif ($freq >= 4915 && $freq <= 4980) {
        $channel = ($freq - 4910)/5 + 182;
    } elseif ($freq >= 5035 && $freq <= 5865) {
        $channel = ($freq - 5030)/5 + 6;
    } else {
        $channel = -1;
    }
    if ($channel >= 1 && $channel <= 196) {
        return $channel;
    } else {
        return 'Invalid Channel';
    }
}

/**
* Converts WPA security string to readable format
* @param string $security
* @return string
*/
function ConvertToSecurity($security)
{
    $options = array();
    preg_match_all('/\[([^\]]+)\]/s', $security, $matches);
    foreach ($matches[1] as $match) {
        if (preg_match('/^(WPA\d?)/', $match, $protocol_match)) {
            $protocol = $protocol_match[1];
            $matchArr = explode('-', $match);
            if (count($matchArr) > 2) {
                $options[] = htmlspecialchars($protocol . ' ('. $matchArr[2] .')', ENT_QUOTES);
            } else {
                $options[] = htmlspecialchars($protocol, ENT_QUOTES);
            }
        }
    }

    if (count($options) === 0) {
        // This could also be WEP but wpa_supplicant doesn't have a way to determine
        // this.
        // And you shouldn't be using WEP these days anyway.
        return 'Open';
    } else {
        return implode('<br />', $options);
    }
}

/**
*
*
*/
function DisplayOpenVPNConfig()
{

    exec('cat '. RASPI_OPENVPN_CLIENT_CONFIG, $returnClient);
    exec('cat '. RASPI_OPENVPN_SERVER_CONFIG, $returnServer);
    exec('pidof openvpn | wc -l', $openvpnstatus);

    if ($openvpnstatus[0] == 0) {
        $status = '<div class="alert alert-warning alert-dismissable">OpenVPN is not running
					<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button></div>';
    } else {
        $status = '<div class="alert alert-success alert-dismissable">OpenVPN is running
					<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button></div>';
    }

    // parse client settings
    foreach ($returnClient as $a) {
        if ($a[0] != "#") {
            $arrLine = explode(" ", $a) ;
            $arrClientConfig[$arrLine[0]]=$arrLine[1];
        }
    }

    // parse server settings
    foreach ($returnServer as $a) {
        if ($a[0] != "#") {
            $arrLine = explode(" ", $a) ;
            $arrServerConfig[$arrLine[0]]=$arrLine[1];
        }
    }
    ?>
    <div class="row">
    <div class="col-lg-12">
        <div class="panel panel-primary">
            <div class="panel-heading"><i class="fa fa-lock fa-fw"></i> Configure OpenVPN </div>
        <!-- /.panel-heading -->
        <div class="panel-body">
            <!-- Nav tabs -->
            <ul class="nav nav-tabs">
                <li class="active"><a href="#openvpnclient" data-toggle="tab">Client settings</a></li>
                <li><a href="#openvpnserver" data-toggle="tab">Server settings</a></li>
            </ul>
            <!-- Tab panes -->
            <div class="tab-content">
                <p><?php echo $status; ?></p>
                <div class="tab-pane fade in active" id="openvpnclient">

                    <h4>Client settings</h4>
                    <form role="form" action="?page=save_hostapd_conf" method="POST">
                    <?php echo CSRFTokenFieldTag() ?>

                    <div class="row">
                        <div class="form-group col-md-4">
                            <label>Select OpenVPN configuration file (.ovpn)</label>
                            <input type="file" name="openvpn-config">
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">Client Log</label>
                            <input type="text" class="form-control" id="disabledInput" name="log-append" type="text" placeholder="<?php echo htmlspecialchars($arrClientConfig['log-append'], ENT_QUOTES); ?>" disabled="disabled" />
                        </div>
                    </div>
                </div>
                <div class="tab-pane fade" id="openvpnserver">
                    <h4>Server settings</h4>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Port</label> 
                        <input type="text" class="form-control" name="openvpn_port" value="<?php echo htmlspecialchars($arrServerConfig['port'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Protocol</label>
                        <input type="text" class="form-control" name="openvpn_proto" value="<?php echo htmlspecialchars($arrServerConfig['proto'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Root CA certificate</label>
                        <input type="text" class="form-control" name="openvpn_rootca" placeholder="<?php echo htmlspecialchars($arrServerConfig['ca'], ENT_QUOTES); ?>" disabled="disabled" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Server certificate</label>
                        <input type="text" class="form-control" name="openvpn_cert" placeholder="<?php echo htmlspecialchars($arrServerConfig['cert'], ENT_QUOTES); ?>" disabled="disabled" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Diffie Hellman parameters</label>
                        <input type="text" class="form-control" name="openvpn_dh" placeholder="<?php echo htmlspecialchars($arrServerConfig['dh'], ENT_QUOTES); ?>" disabled="disabled" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">KeepAlive</label>
                        <input type="text" class="form-control" name="openvpn_keepalive" value="<?php echo htmlspecialchars($arrServerConfig['keepalive'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                        <label for="code">Server log</label>
                        <input type="text" class="form-control" name="openvpn_status" placeholder="<?php echo htmlspecialchars($arrServerConfig['status'], ENT_QUOTES); ?>" disabled="disabled" />
                        </div>
                    </div>
                </div>
                <input type="submit" class="btn btn-outline btn-primary" name="SaveOpenVPNSettings" value="Save settings" />
                <?php
                if ($hostapdstatus[0] == 0) {
                    echo '<input type="submit" class="btn btn-success" name="StartOpenVPN" value="Start OpenVPN" />' , PHP_EOL;
                } else {
                    echo '<input type="submit" class="btn btn-warning" name="StopOpenVPN" value="Stop OpenVPN" />' , PHP_EOL;
                }
?>
                </form>
        </div><!-- /.panel-body -->
    </div><!-- /.panel-primary -->
    <div class="panel-footer"> Information provided by openvpn</div>
</div><!-- /.col-lg-12 -->
</div><!-- /.row -->
<?php
}

/**
*
*
*/
function DisplayTorProxyConfig()
{

    exec('cat '. RASPI_TORPROXY_CONFIG, $return);
    exec('pidof tor | wc -l', $torproxystatus);

    if ($torproxystatus[0] == 0) {
        $status = '<div class="alert alert-warning alert-dismissable">TOR is not running
					<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button></div>';
    } else {
        $status = '<div class="alert alert-success alert-dismissable">TOR is running
					<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button></div>';
    }

    $arrConfig = array();
    foreach ($return as $a) {
        if ($a[0] != "#") {
            $arrLine = explode(" ", $a) ;
            $arrConfig[$arrLine[0]]=$arrLine[1];
        }
    }

?>
    <div class="row">
    <div class="col-lg-12">
        <div class="panel panel-primary">
            <div class="panel-heading"><i class="fa fa-eye-slash fa-fw"></i> Configure TOR proxy</div>
        <!-- /.panel-heading -->
        <div class="panel-body">
            <!-- Nav tabs -->
            <ul class="nav nav-tabs">
                <li class="active"><a href="#basic" data-toggle="tab">Basic</a>
                </li>
                <li><a href="#relay" data-toggle="tab">Relay</a>
                </li>
            </ul>

            <!-- Tab panes -->
            <div class="tab-content">
                <p><?php echo $status; ?></p>

                <div class="tab-pane fade in active" id="basic">
                    <h4>Basic settings</h4>
                    <form role="form" action="?page=save_hostapd_conf" method="POST">
                    <?php echo CSRFTokenFieldTag() ?>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">VirtualAddrNetwork</label>
                            <input type="text" class="form-control" name="virtualaddrnetwork" value="<?php echo htmlspecialchars($arrConfig['VirtualAddrNetwork'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">AutomapHostsSuffixes</label>
                            <input type="text" class="form-control" name="automaphostssuffixes" value="<?php echo htmlspecialchars($arrConfig['AutomapHostsSuffixes'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">AutomapHostsOnResolve</label>
                            <input type="text" class="form-control" name="automaphostsonresolve" value="<?php echo htmlspecialchars($arrConfig['AutomapHostsOnResolve'], ENT_QUOTES); ?>" />
                        </div>
                    </div>  
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">TransListenAddress</label>
                            <input type="text" class="form-control" name="translistenaddress" value="<?php echo htmlspecialchars($arrConfig['TransListenAddress'], ENT_QUOTES); ?>" />
                        </div>
                    </div>  
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">DNSPort</label>
                            <input type="text" class="form-control" name="dnsport" value="<?php echo htmlspecialchars($arrConfig['DNSPort'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">DNSListenAddress</label>
                            <input type="text" class="form-control" name="dnslistenaddress" value="<?php echo htmlspecialchars($arrConfig['DNSListenAddress'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                </div>
                <div class="tab-pane fade" id="relay">
                    <h4>Relay settings</h4>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">ORPort</label>
                            <input type="text" class="form-control" name="orport" value="<?php echo htmlspecialchars($arrConfig['ORPort'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">ORListenAddress</label>
                            <input type="text" class="form-control" name="orlistenaddress" value="<?php echo htmlspecialchars($arrConfig['ORListenAddress'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">Nickname</label>
                            <input type="text" class="form-control" name="nickname" value="<?php echo htmlspecialchars($arrConfig['Nickname'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">Address</label>
                            <input type="text" class="form-control" name="address" value="<?php echo htmlspecialchars($arrConfig['Address'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">RelayBandwidthRate</label>
                            <input type="text" class="form-control" name="relaybandwidthrate" value="<?php echo htmlspecialchars($arrConfig['RelayBandwidthRate'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                    <div class="row">
                        <div class="form-group col-md-4">
                            <label for="code">RelayBandwidthBurst</label>
                            <input type="text" class="form-control" name="relaybandwidthburst" value="<?php echo htmlspecialchars($arrConfig['RelayBandwidthBurst'], ENT_QUOTES); ?>" />
                        </div>
                    </div>
                </div>

                <input type="submit" class="btn btn-outline btn-primary" name="SaveTORProxySettings" value="Save settings" />
                <?php
                if ($torproxystatus[0] == 0) {
                    echo '<input type="submit" class="btn btn-success" name="StartTOR" value="Start TOR" />' , PHP_EOL;
                } else {
                    echo '<input type="submit" class="btn btn-warning" name="StopTOR" value="Stop TOR" />' , PHP_EOL;
                };
                ?>
                </form>
            </div><!-- /.tab-content -->
        </div><!-- /.panel-body -->
        <div class="panel-footer"> Information provided by tor</div>
    </div><!-- /.panel-primary -->
</div><!-- /.col-lg-12 -->
</div><!-- /.row -->
<?php
}

/**
*
*
*/
function SaveTORAndVPNConfig()
{
    if (isset($_POST['SaveOpenVPNSettings'])) {
        // TODO
    } elseif (isset($_POST['SaveTORProxySettings'])) {
        // TODO
    } elseif (isset($_POST['StartOpenVPN'])) {
        echo "Attempting to start openvpn";
        exec('sudo /etc/init.d/openvpn start', $return);
        foreach ($return as $line) {
            echo htmlspecialchars($line, ENT_QUOTES).'<br />' , PHP_EOL;
        }
    } elseif (isset($_POST['StopOpenVPN'])) {
        echo "Attempting to stop openvpn";
        exec('sudo /etc/init.d/openvpn stop', $return);
        foreach ($return as $line) {
            echo htmlspecialchars($line, ENT_QUOTES).'<br />' , PHP_EOL;
        }
    } elseif (isset($_POST['StartTOR'])) {
        echo "Attempting to start TOR";
        exec('sudo /etc/init.d/tor start', $return);
        foreach ($return as $line) {
            echo htmlspecialchars($line, ENT_QUOTES).'<br />' , PHP_EOL;
        }
    } elseif (isset($_POST['StopTOR'])) {
        echo "Attempting to stop TOR";
        exec('sudo /etc/init.d/tor stop', $return);
        foreach ($return as $line) {
            echo htmlspecialchars($line, ENT_QUOTES).'<br />' , PHP_EOL;
        }
    }
}

/**
 * Renders a simple PHP template
 */
function renderTemplate($name, $data)
{
    $file = "../../templates/$name.php";
    if (!file_exists($file)) {
        return "template $name ($file) not found";
    }

    if (is_array($data)){
        extract($data);
    }

    ob_start();
    include $file;
    return ob_get_clean();
}

function expandCacheKey($key)
{
    return RASPI_CACHE_PATH . "/" . $key;
}

function hasCache($key)
{
    $cacheKey = expandCacheKey($key);
    return file_exists($cacheKey);
}

function readCache($key)
{
    $cacheKey = expandCacheKey($key);
    if (!file_exists($cacheKey)) {
        return null;
    }
    return file_get_contents($cacheKey);
}

function writeCache($key, $data)
{
    mkdir(RASPI_CACHE_PATH, 0777, true);
    $cacheKey = expandCacheKey($key);
    file_put_contents($cacheKey, $data);
}

function deleteCache($key)
{
    if (hasCache($key)) {
        $cacheKey = expandCacheKey($key);
        unlink($cacheKey);
    }
}

function cache($key, $callback)
{
    if (hasCache($key)) {
        return readCache($key);
    } else {
        $data = $callback();
        writeCache($key, $data);
        return $data;
    }
}