internal/openvpn/auth.go

package openvpn

import (
	"fmt"
	"os"
	"strings"
)

// WriteAuthFile writes the OpenVPN auth file to disk with the right permissions.
func (c *Configurator) WriteAuthFile(user, password string) error {
	content := strings.Join([]string{user, password}, "\n")
	return writeIfDifferent(c.authFilePath, content, c.puid, c.pgid)
}

// WriteAskPassFile writes the OpenVPN askpass file to disk with the right permissions.
func (c *Configurator) WriteAskPassFile(passphrase string) error {
	return writeIfDifferent(c.askPassPath, passphrase, c.puid, c.pgid)
}

func writeIfDifferent(path, content string, puid, pgid int) (err error) {
	fileStat, err := os.Stat(path)
	if err != nil && !os.IsNotExist(err) {
		return fmt.Errorf("obtaining file information: %w", err)
	}

	const perm = os.FileMode(0400)
	var writeData, setChown bool
	if os.IsNotExist(err) {
		writeData = true
		setChown = true
	} else {
		data, err := os.ReadFile(path)
		if err != nil {
			return fmt.Errorf("reading file: %w", err)
		}
		writeData = string(data) != content
		setChown = fileStat.Mode().Perm() != perm
	}

	if writeData {
		err = os.WriteFile(path, []byte(content), perm)
		if err != nil {
			return fmt.Errorf("writing file: %w", err)
		}
	}

	if setChown {
		err = os.Chown(path, puid, pgid)
		if err != nil {
			return fmt.Errorf("setting file permissions: %w", err)
		}
	}

	return nil
}
Maint: move Openvpn package files - Move internal/openvpn/config/*.go to internal/openvpn/ - Move internal/openvpn/setup.go to internal/vpn/openvpn.go 2021-08-19 13:31:12 +00:00			`package openvpn`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00
			`import (`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`"fmt"`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`"os"`
Support for username and password changes 2020-07-12 14:55:03 +00:00			`"strings"`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`)`

Add linters and fix lint issues 2020-10-20 02:45:28 +00:00			`// WriteAuthFile writes the OpenVPN auth file to disk with the right permissions.`
Maint: minor changes to openvpn/config package - Constructor returns concrete struct instead of interface - Rename conf to openvpnConf in openvpn loop 2021-08-18 20:28:42 +00:00			`func (c *Configurator) WriteAuthFile(user, password string) error {`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`content := strings.Join([]string{user, password}, "\n")`
			`return writeIfDifferent(c.authFilePath, content, c.puid, c.pgid)`
			`}`

			`// WriteAskPassFile writes the OpenVPN askpass file to disk with the right permissions.`
			`func (c *Configurator) WriteAskPassFile(passphrase string) error {`
			`return writeIfDifferent(c.askPassPath, passphrase, c.puid, c.pgid)`
			`}`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`func writeIfDifferent(path, content string, puid, pgid int) (err error) {`
			`fileStat, err := os.Stat(path)`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`if err != nil && !os.IsNotExist(err) {`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`return fmt.Errorf("obtaining file information: %w", err)`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`}`

feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`const perm = os.FileMode(0400)`
			`var writeData, setChown bool`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`if os.IsNotExist(err) {`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`writeData = true`
			`setChown = true`
			`} else {`
			`data, err := os.ReadFile(path)`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`if err != nil {`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`return fmt.Errorf("reading file: %w", err)`
Support for username and password changes 2020-07-12 14:55:03 +00:00			`}`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`writeData = string(data) != content`
			`setChown = fileStat.Mode().Perm() != perm`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`}`

feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`if writeData {`
chore(all): remove deprecated `io/ioutil` import 2022-08-24 19:39:55 +00:00			`err = os.WriteFile(path, []byte(content), perm)`
feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`if err != nil {`
			`return fmt.Errorf("writing file: %w", err)`
			`}`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`}`

feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`if setChown {`
			`err = os.Chown(path, puid, pgid)`
			`if err != nil {`
			`return fmt.Errorf("setting file permissions: %w", err)`
			`}`
Code maintenance: OS package for file system - OS custom internal package for file system interaction - Remove fileManager external dependency - Closer API to Go's native API on the OS - Create directories at startup - Better testability - Move Unsetenv to os interface 2020-12-29 00:55:31 +00:00			`}`

feat: add VPNsecure.me support (#848) - `OPENVPN_ENCRYPTED_KEY` environment variable - `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable - `OPENVPN_KEY_PASSPHRASE` environment variable - `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable - `PREMIUM_ONLY` environment variable - OpenVPN user and password not required for vpnsecure provider 2022-08-15 19:54:58 -04:00			`return nil`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`}`