admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove cipher and auth restrictive checks

Browse Source
This commit is contained in:
Quentin McGaw
2020-05-29 12:01:45 +00:00
parent 96e57d2c32
commit 263368af89
1 changed files with 1 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
internal/settings/settings.go
View File

@@ -49,11 +49,9 @@ func (s *Settings) String() string {
}, "\n") }, "\n")
} }
const aes256cbc = "aes-256-cbc"
// GetAllSettings obtains all settings for the program and returns an error as soon // GetAllSettings obtains all settings for the program and returns an error as soon
// as an error is encountered reading them. // as an error is encountered reading them.
func GetAllSettings(paramsReader params.Reader) (settings Settings, err error) { //nolint:gocyclo func GetAllSettings(paramsReader params.Reader) (settings Settings, err error) {
settings.VPNSP, err = paramsReader.GetVPNSP() settings.VPNSP, err = paramsReader.GetVPNSP()
if err != nil { if err != nil {
return settings, err return settings, err
@@ -64,52 +62,12 @@ func GetAllSettings(paramsReader params.Reader) (settings Settings, err error) {
} }
switch settings.VPNSP { switch settings.VPNSP {
case constants.PrivateInternetAccess: case constants.PrivateInternetAccess:
switch settings.OpenVPN.Cipher {
case "", "aes-128-cbc", aes256cbc, "aes-128-gcm", "aes-256-gcm":
default:
return settings, fmt.Errorf("cipher %q is not supported by Private Internet Access", settings.OpenVPN.Cipher)
}
switch settings.OpenVPN.Auth {
case "", "sha1", "sha256":
default:
return settings, fmt.Errorf("auth algorithm %q is not supported by Private Internet Access", settings.OpenVPN.Auth)
}
settings.PIA, err = GetPIASettings(paramsReader) settings.PIA, err = GetPIASettings(paramsReader)
case constants.Mullvad: case constants.Mullvad:
switch settings.OpenVPN.Cipher {
case "":
default:
return settings, fmt.Errorf("cipher %q is not supported by Mullvad", settings.OpenVPN.Cipher)
}
switch settings.OpenVPN.Auth {
case "":
default:
return settings, fmt.Errorf("auth algorithm %q is not supported by Mullvad (not using auth at all)", settings.OpenVPN.Auth)
}
settings.Mullvad, err = GetMullvadSettings(paramsReader) settings.Mullvad, err = GetMullvadSettings(paramsReader)
case constants.Windscribe: case constants.Windscribe:
switch settings.OpenVPN.Cipher {
case "", aes256cbc, "aes-256-gcm": // TODO check inside params getters
default:
return settings, fmt.Errorf("cipher %q is not supported by Windscribe", settings.OpenVPN.Cipher)
}
switch settings.OpenVPN.Auth {
case "", "sha512":
default:
return settings, fmt.Errorf("auth algorithm %q is not supported by Windscribe", settings.OpenVPN.Auth)
}
settings.Windscribe, err = GetWindscribeSettings(paramsReader, settings.OpenVPN.NetworkProtocol) settings.Windscribe, err = GetWindscribeSettings(paramsReader, settings.OpenVPN.NetworkProtocol)
case constants.Surfshark: case constants.Surfshark:
switch settings.OpenVPN.Cipher {
case "", aes256cbc: // TODO check inside params getters
default:
return settings, fmt.Errorf("cipher %q is not supported by Surfshark", settings.OpenVPN.Cipher)
}
switch settings.OpenVPN.Auth {
case "", "sha512":
default:
return settings, fmt.Errorf("auth algorithm %q is not supported by Surfshark", settings.OpenVPN.Auth)
}
settings.Surfshark, err = GetSurfsharkSettings(paramsReader) settings.Surfshark, err = GetSurfsharkSettings(paramsReader)
default: default:
err = fmt.Errorf("VPN service provider %q is not valid", settings.VPNSP) err = fmt.Errorf("VPN service provider %q is not valid", settings.VPNSP)
@@ -117,9 +75,6 @@ func GetAllSettings(paramsReader params.Reader) (settings Settings, err error) {
if err != nil { if err != nil {
return settings, err return settings, err
} }
if err != nil {
return settings, err
}
settings.DNS, err = GetDNSSettings(paramsReader) settings.DNS, err = GetDNSSettings(paramsReader)
if err != nil { if err != nil {
return settings, err return settings, err