1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
/* SPDX-License-Identifier: MIT
*
* Copyright (C) 2019-2020 WireGuard LLC. All Rights Reserved.
*/
package tunnel
import (
"bufio"
"fmt"
"log"
"os"
"path/filepath"
"syscall"
"golang.org/x/sys/windows"
"golang.zx2c4.com/wireguard/windows/conf"
)
func runScriptCommand(command, interfaceName string) error {
if len(command) == 0 {
return nil
}
if !conf.AdminBool("DangerousScriptExecution") {
log.Printf("Skipping execution of script, because dangerous script execution is safely disabled: %#q", command)
return nil
}
log.Printf("Executing: %#q", command)
comspec, _ := os.LookupEnv("COMSPEC")
if len(comspec) == 0 {
system32, err := windows.GetSystemDirectory()
if err != nil {
return err
}
comspec = filepath.Join(system32, "cmd.exe")
}
devNull, err := os.OpenFile(os.DevNull, os.O_RDWR, 0)
if err != nil {
return err
}
defer devNull.Close()
reader, writer, err := os.Pipe()
if err != nil {
return err
}
process, err := os.StartProcess(comspec, nil /* CmdLine below */, &os.ProcAttr{
Files: []*os.File{devNull, writer, writer},
Env: append(os.Environ(), "WIREGUARD_TUNNEL_NAME="+interfaceName),
Sys: &syscall.SysProcAttr{
HideWindow: true,
CmdLine: fmt.Sprintf("cmd /c %s", command),
},
})
writer.Close()
if err != nil {
reader.Close()
return err
}
go func() {
scanner := bufio.NewScanner(reader)
for scanner.Scan() {
log.Printf("cmd> %s", scanner.Text())
}
}()
state, err := process.Wait()
reader.Close()
if err != nil {
return err
}
if state.ExitCode() == 0 {
return nil
}
log.Printf("Command error exit status: %d", state.ExitCode())
return windows.ERROR_GENERIC_COMMAND_FAILED
}
|
