2020-07-08 13:14:39 +00:00
|
|
|
package openvpn
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2020-10-12 10:55:08 -04:00
|
|
|
"net"
|
|
|
|
|
"net/http"
|
2020-07-08 23:36:02 +00:00
|
|
|
"sync"
|
2020-07-08 13:14:39 +00:00
|
|
|
"time"
|
|
|
|
|
|
2020-07-26 12:07:06 +00:00
|
|
|
"github.com/qdm12/gluetun/internal/constants"
|
|
|
|
|
"github.com/qdm12/gluetun/internal/firewall"
|
|
|
|
|
"github.com/qdm12/gluetun/internal/models"
|
|
|
|
|
"github.com/qdm12/gluetun/internal/provider"
|
2020-10-12 10:55:08 -04:00
|
|
|
"github.com/qdm12/gluetun/internal/routing"
|
2020-07-26 12:07:06 +00:00
|
|
|
"github.com/qdm12/gluetun/internal/settings"
|
2020-07-08 13:14:39 +00:00
|
|
|
"github.com/qdm12/golibs/command"
|
2020-07-11 21:03:55 +00:00
|
|
|
"github.com/qdm12/golibs/files"
|
2020-07-08 13:14:39 +00:00
|
|
|
"github.com/qdm12/golibs/logging"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Looper interface {
|
2020-07-15 01:34:46 +00:00
|
|
|
Run(ctx context.Context, wg *sync.WaitGroup)
|
|
|
|
|
Restart()
|
2020-10-12 10:55:08 -04:00
|
|
|
PortForward(vpnGatewayIP net.IP)
|
2020-07-16 01:26:37 +00:00
|
|
|
GetSettings() (settings settings.OpenVPN)
|
|
|
|
|
SetSettings(settings settings.OpenVPN)
|
2020-07-19 14:22:23 +00:00
|
|
|
GetPortForwarded() (portForwarded uint16)
|
2020-09-12 14:04:54 -04:00
|
|
|
SetAllServers(allServers models.AllServers)
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type looper struct {
|
2020-07-11 21:03:55 +00:00
|
|
|
// Variable parameters
|
2020-07-19 14:22:23 +00:00
|
|
|
provider models.VPNProvider
|
|
|
|
|
settings settings.OpenVPN
|
|
|
|
|
settingsMutex sync.RWMutex
|
|
|
|
|
portForwarded uint16
|
|
|
|
|
portForwardedMutex sync.RWMutex
|
2020-09-12 14:04:54 -04:00
|
|
|
allServers models.AllServers
|
|
|
|
|
allServersMutex sync.RWMutex
|
2020-07-11 21:03:55 +00:00
|
|
|
// Fixed parameters
|
2020-09-12 14:04:54 -04:00
|
|
|
uid int
|
|
|
|
|
gid int
|
2020-07-11 21:03:55 +00:00
|
|
|
// Configurators
|
2020-10-12 10:55:08 -04:00
|
|
|
conf Configurator
|
|
|
|
|
fw firewall.Configurator
|
|
|
|
|
routing routing.Routing
|
2020-07-11 21:03:55 +00:00
|
|
|
// Other objects
|
2020-10-12 10:55:08 -04:00
|
|
|
logger, pfLogger logging.Logger
|
|
|
|
|
client *http.Client
|
|
|
|
|
fileManager files.FileManager
|
|
|
|
|
streamMerger command.StreamMerger
|
|
|
|
|
cancel context.CancelFunc
|
2020-07-15 01:34:46 +00:00
|
|
|
// Internal channels
|
|
|
|
|
restart chan struct{}
|
2020-10-12 10:55:08 -04:00
|
|
|
portForwardSignals chan net.IP
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
2020-07-11 21:03:55 +00:00
|
|
|
func NewLooper(provider models.VPNProvider, settings settings.OpenVPN,
|
2020-08-25 19:38:50 -04:00
|
|
|
uid, gid int, allServers models.AllServers,
|
2020-10-12 10:55:08 -04:00
|
|
|
conf Configurator, fw firewall.Configurator, routing routing.Routing,
|
|
|
|
|
logger logging.Logger, client *http.Client, fileManager files.FileManager,
|
2020-08-27 22:59:58 +00:00
|
|
|
streamMerger command.StreamMerger, cancel context.CancelFunc) Looper {
|
2020-07-08 13:14:39 +00:00
|
|
|
return &looper{
|
2020-07-15 01:34:46 +00:00
|
|
|
provider: provider,
|
|
|
|
|
settings: settings,
|
|
|
|
|
uid: uid,
|
|
|
|
|
gid: gid,
|
2020-08-25 19:38:50 -04:00
|
|
|
allServers: allServers,
|
2020-07-15 01:34:46 +00:00
|
|
|
conf: conf,
|
|
|
|
|
fw: fw,
|
2020-10-12 10:55:08 -04:00
|
|
|
routing: routing,
|
2020-07-15 01:34:46 +00:00
|
|
|
logger: logger.WithPrefix("openvpn: "),
|
2020-10-12 10:55:08 -04:00
|
|
|
pfLogger: logger.WithPrefix("port forwarding: "),
|
2020-07-15 01:34:46 +00:00
|
|
|
client: client,
|
|
|
|
|
fileManager: fileManager,
|
|
|
|
|
streamMerger: streamMerger,
|
2020-08-27 22:59:58 +00:00
|
|
|
cancel: cancel,
|
2020-07-15 01:34:46 +00:00
|
|
|
restart: make(chan struct{}),
|
2020-10-12 10:55:08 -04:00
|
|
|
portForwardSignals: make(chan net.IP),
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-12 10:55:08 -04:00
|
|
|
func (l *looper) Restart() { l.restart <- struct{}{} }
|
|
|
|
|
func (l *looper) PortForward(vpnGateway net.IP) { l.portForwardSignals <- vpnGateway }
|
2020-07-15 01:34:46 +00:00
|
|
|
|
2020-07-16 01:26:37 +00:00
|
|
|
func (l *looper) GetSettings() (settings settings.OpenVPN) {
|
|
|
|
|
l.settingsMutex.RLock()
|
|
|
|
|
defer l.settingsMutex.RUnlock()
|
|
|
|
|
return l.settings
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *looper) SetSettings(settings settings.OpenVPN) {
|
|
|
|
|
l.settingsMutex.Lock()
|
|
|
|
|
defer l.settingsMutex.Unlock()
|
|
|
|
|
l.settings = settings
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-12 14:04:54 -04:00
|
|
|
func (l *looper) SetAllServers(allServers models.AllServers) {
|
|
|
|
|
l.allServersMutex.Lock()
|
|
|
|
|
defer l.allServersMutex.Unlock()
|
|
|
|
|
l.allServers = allServers
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-15 01:34:46 +00:00
|
|
|
func (l *looper) Run(ctx context.Context, wg *sync.WaitGroup) {
|
2020-07-08 23:36:02 +00:00
|
|
|
defer wg.Done()
|
2020-07-08 13:14:39 +00:00
|
|
|
select {
|
2020-07-15 01:34:46 +00:00
|
|
|
case <-l.restart:
|
2020-07-08 13:14:39 +00:00
|
|
|
case <-ctx.Done():
|
|
|
|
|
return
|
|
|
|
|
}
|
2020-07-11 21:03:55 +00:00
|
|
|
defer l.logger.Warn("loop exited")
|
|
|
|
|
|
|
|
|
|
for ctx.Err() == nil {
|
2020-07-16 01:26:37 +00:00
|
|
|
settings := l.GetSettings()
|
2020-09-12 14:04:54 -04:00
|
|
|
l.allServersMutex.RLock()
|
2020-10-12 15:29:58 -04:00
|
|
|
providerConf := provider.New(l.provider, l.allServers, time.Now)
|
2020-09-12 14:04:54 -04:00
|
|
|
l.allServersMutex.RUnlock()
|
2020-10-12 15:29:58 -04:00
|
|
|
connection, err := providerConf.GetOpenVPNConnection(settings.Provider.ServerSelection)
|
2020-07-23 02:15:37 +00:00
|
|
|
if err != nil {
|
2020-08-27 22:59:58 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
l.cancel()
|
2020-07-23 02:15:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
2020-07-13 23:34:03 +00:00
|
|
|
lines := providerConf.BuildConf(
|
2020-10-12 15:29:58 -04:00
|
|
|
connection,
|
2020-07-16 01:26:37 +00:00
|
|
|
settings.Verbosity,
|
2020-07-08 22:11:23 +00:00
|
|
|
l.uid,
|
|
|
|
|
l.gid,
|
2020-07-16 01:26:37 +00:00
|
|
|
settings.Root,
|
|
|
|
|
settings.Cipher,
|
|
|
|
|
settings.Auth,
|
|
|
|
|
settings.Provider.ExtraConfigOptions,
|
2020-07-08 22:11:23 +00:00
|
|
|
)
|
2020-10-20 02:45:28 +00:00
|
|
|
if err := l.fileManager.WriteLinesToFile(string(constants.OpenVPNConf), lines,
|
|
|
|
|
files.Ownership(l.uid, l.gid), files.Permissions(constants.UserReadPermission)); err != nil {
|
2020-08-27 22:59:58 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
l.cancel()
|
2020-07-23 02:15:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
2020-07-11 21:03:55 +00:00
|
|
|
|
2020-07-23 02:15:37 +00:00
|
|
|
if err := l.conf.WriteAuthFile(settings.User, settings.Password, l.uid, l.gid); err != nil {
|
2020-08-27 22:59:58 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
l.cancel()
|
2020-07-23 02:15:37 +00:00
|
|
|
return
|
|
|
|
|
}
|
2020-07-11 21:03:55 +00:00
|
|
|
|
2020-10-12 15:29:58 -04:00
|
|
|
if err := l.fw.SetVPNConnection(ctx, connection); err != nil {
|
2020-08-27 22:59:58 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
l.cancel()
|
2020-07-23 02:15:37 +00:00
|
|
|
return
|
2020-07-11 21:03:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
openvpnCtx, openvpnCancel := context.WithCancel(context.Background())
|
|
|
|
|
|
|
|
|
|
stream, waitFn, err := l.conf.Start(openvpnCtx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
openvpnCancel()
|
|
|
|
|
l.logAndWait(ctx, err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-12 19:17:19 +00:00
|
|
|
// Needs the stream line from main.go to know when the tunnel is up
|
2020-07-11 21:03:55 +00:00
|
|
|
go func(ctx context.Context) {
|
|
|
|
|
for {
|
|
|
|
|
select {
|
2020-10-12 10:55:08 -04:00
|
|
|
// TODO have a way to disable pf with a context
|
2020-07-11 21:03:55 +00:00
|
|
|
case <-ctx.Done():
|
|
|
|
|
return
|
2020-10-12 10:55:08 -04:00
|
|
|
case gateway := <-l.portForwardSignals:
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
go l.portForward(ctx, wg, providerConf, l.client, gateway)
|
2020-07-11 21:03:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}(openvpnCtx)
|
|
|
|
|
|
2020-07-12 21:19:44 -04:00
|
|
|
go l.streamMerger.Merge(openvpnCtx, stream, command.MergeName("openvpn"))
|
2020-07-08 13:14:39 +00:00
|
|
|
waitError := make(chan error)
|
|
|
|
|
go func() {
|
|
|
|
|
err := waitFn() // blocking
|
2020-07-08 23:42:54 +00:00
|
|
|
waitError <- err
|
2020-07-08 13:14:39 +00:00
|
|
|
}()
|
|
|
|
|
select {
|
|
|
|
|
case <-ctx.Done():
|
|
|
|
|
l.logger.Warn("context canceled: exiting loop")
|
|
|
|
|
openvpnCancel()
|
2020-07-08 23:42:54 +00:00
|
|
|
<-waitError
|
2020-07-08 13:14:39 +00:00
|
|
|
close(waitError)
|
|
|
|
|
return
|
2020-07-15 01:34:46 +00:00
|
|
|
case <-l.restart: // triggered restart
|
2020-07-08 13:14:39 +00:00
|
|
|
l.logger.Info("restarting")
|
|
|
|
|
openvpnCancel()
|
2020-07-11 21:03:55 +00:00
|
|
|
<-waitError
|
2020-07-08 13:14:39 +00:00
|
|
|
close(waitError)
|
|
|
|
|
case err := <-waitError: // unexpected error
|
|
|
|
|
openvpnCancel()
|
|
|
|
|
close(waitError)
|
2020-07-11 21:03:55 +00:00
|
|
|
l.logAndWait(ctx, err)
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-07-11 21:03:55 +00:00
|
|
|
|
|
|
|
|
func (l *looper) logAndWait(ctx context.Context, err error) {
|
|
|
|
|
l.logger.Error(err)
|
2020-10-20 02:45:28 +00:00
|
|
|
const waitTime = 30 * time.Second
|
|
|
|
|
l.logger.Info("retrying in %s", waitTime)
|
|
|
|
|
timer := time.NewTimer(waitTime)
|
|
|
|
|
select {
|
|
|
|
|
case <-timer.C:
|
|
|
|
|
case <-ctx.Done():
|
|
|
|
|
if !timer.Stop() {
|
|
|
|
|
<-timer.C
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-07-11 21:03:55 +00:00
|
|
|
}
|
|
|
|
|
|
2020-10-12 10:55:08 -04:00
|
|
|
// portForward is a blocking operation which may or may not be infinite.
|
2020-10-20 02:45:28 +00:00
|
|
|
// You should therefore always call it in a goroutine.
|
2020-10-12 10:55:08 -04:00
|
|
|
func (l *looper) portForward(ctx context.Context, wg *sync.WaitGroup,
|
|
|
|
|
providerConf provider.Provider, client *http.Client, gateway net.IP) {
|
|
|
|
|
defer wg.Done()
|
2020-07-16 01:26:37 +00:00
|
|
|
settings := l.GetSettings()
|
|
|
|
|
if !settings.Provider.PortForwarding.Enabled {
|
2020-07-11 21:03:55 +00:00
|
|
|
return
|
|
|
|
|
}
|
2020-10-12 10:55:08 -04:00
|
|
|
syncState := func(port uint16) (pfFilepath models.Filepath) {
|
|
|
|
|
l.portForwardedMutex.Lock()
|
|
|
|
|
l.portForwarded = port
|
|
|
|
|
l.portForwardedMutex.Unlock()
|
|
|
|
|
settings := l.GetSettings()
|
|
|
|
|
return settings.Provider.PortForwarding.Filepath
|
2020-07-11 21:03:55 +00:00
|
|
|
}
|
2020-10-12 10:55:08 -04:00
|
|
|
providerConf.PortForward(ctx,
|
|
|
|
|
client, l.fileManager, l.pfLogger,
|
|
|
|
|
gateway, l.fw, syncState)
|
2020-07-11 21:03:55 +00:00
|
|
|
}
|
2020-07-19 14:22:23 +00:00
|
|
|
|
|
|
|
|
func (l *looper) GetPortForwarded() (portForwarded uint16) {
|
|
|
|
|
l.portForwardedMutex.RLock()
|
|
|
|
|
defer l.portForwardedMutex.RUnlock()
|
|
|
|
|
return l.portForwarded
|
|
|
|
|
}
|
