summaryrefslogtreecommitdiffstats
path: root/modules-available/remoteaccess/api.inc.php
blob: 7983bd4452e6a3e294dabdf4098f70d4149058c5 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php

$ip = $_SERVER['REMOTE_ADDR'];
if (substr($ip, 0, 7) === '::ffff:') $ip = substr($ip, 7);

$password = Request::post('password', false, 'string');
if ($password !== false) {
	$c = Database::queryFirst("SELECT machineuuid FROM machine WHERE clientip = :ip", ['ip' => $ip]);
	if ($c !== false) {
		$vncport = Request::post('vncport', 5900, 'int');
		Database::exec("INSERT INTO remoteaccess_machine (machineuuid, password, vncport)
				VALUES (:uuid, :passwd, :vncport)
				ON DUPLICATE KEY UPDATE
					password = VALUES(password), vncport = VALUES(vncport)",
			['uuid' => $c['machineuuid'], 'passwd' => $password, 'vncport' => $vncport]);
	}
	exit;
}

$range = IpUtil::parseCidr(Property::get(RemoteAccess::PROP_ALLOWED_VNC_NET));
if ($range === false) {
	die('No allowed IP defined');
}
$iplong = ip2long($ip);
if (PHP_INT_SIZE === 4) {
	$iplong = sprintf('%u', $iplong);
}
if ($iplong < $range['start'] || $iplong > $range['end']) {
	die('Access denied');
}

$headers = getallheaders();
$version = false;
if (!empty($headers['Bwlp-Plugin-Build-Revision'])) {
	$version = $headers['Bwlp-Plugin-Build-Revision'];
	if (!empty($headers['Bwlp-Plugin-Build-Timestamp'])) {
		$version .= ' (' . $headers['Bwlp-Plugin-Build-Timestamp'] . ')';
	}
}
Property::set(RemoteAccess::PROP_PLUGIN_VERSION,  $version, 2880);

Header('Content-Type: application/json');

$remoteLocations = RemoteAccess::getEnabledLocations();

if (empty($remoteLocations)) {
	$rows = [];
} else {
// TODO fail-counter for WOL, so we can ignore machines that apparently can't be woken up
// -> Reset counter in our ~poweron hook, but only if the time roughly matches a WOL attempt (within ~5 minutes)
	$rows = Database::queryAll("SELECT m.clientip, m.locationid, m.state, ram.password, ram.vncport, ram.woltime FROM machine m
	LEFT JOIN remoteaccess_machine ram ON (ram.machineuuid = m.machineuuid AND (ram.password IS NOT NULL OR m.state <> 'IDLE'))
	LEFT JOIN runmode r ON (r.machineuuid = m.machineuuid)
	WHERE m.locationid IN (:locs)
		AND r.machineuuid IS NULL",
		['locs' => $remoteLocations]);

	$wolCut = time() - 90;
	foreach ($rows as &$row) {
		if (($row['state'] === 'OFFLINE' || $row['state'] === 'STANDBY') && $row['woltime'] > $wolCut) {
			$row['wol_in_progress'] = true;
		}
		settype($row['locationid'], 'int');
		settype($row['vncport'], 'int');
		unset($row['woltime']);
	}
}

$groups = Database::queryAll("SELECT g.groupid AS id, g.groupname AS name,
       GROUP_CONCAT(l.locationid) AS locationids, g.passwd AS password
	FROM remoteaccess_group g INNER JOIN remoteaccess_x_location l USING (groupid)
	WHERE g.active = 1
	GROUP BY g.groupid");
foreach ($groups as &$group) {
	$group['locationids'] = explode(',', $group['locationids']);
	if (empty($group['password'])) {
		unset($group['password']);
	}
	settype($group['id'], 'int');
	foreach ($group['locationids'] as &$lid) {
		settype($lid, 'int');
	}
}

$fakeid = 100000;
echo json_encode(['clients' => $rows, 'locations' => $groups]);

// WTF, this makes the server return a 500 -.-
//fastcgi_finish_request();

RemoteAccess::ensureMachinesRunning();