admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Maint: use OPENVPN_PORT instead of PORT

Browse Source 
with retro-compatibility
This commit is contained in:
Quentin McGaw (desktop)
2021-09-18 16:09:21 +00:00
parent e2e218c74b
commit b8356b60a6
8 changed files with 89 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@@ -84,7 +84,7 @@ ENV VPNSP=pia \
OPENVPN_IPV6=off \ OPENVPN_IPV6=off \
OPENVPN_CUSTOM_CONFIG= \ OPENVPN_CUSTOM_CONFIG= \
OPENVPN_INTERFACE=tun0 \ OPENVPN_INTERFACE=tun0 \
PORT= \ OPENVPN_PORT= \
# Wireguard # Wireguard
WIREGUARD_PRIVATE_KEY= \ WIREGUARD_PRIVATE_KEY= \
WIREGUARD_PRESHARED_KEY= \ WIREGUARD_PRESHARED_KEY= \

7
internal/configuration/ivpn.go
View File

@@ -50,8 +50,11 @@ func (settings *OpenVPNSelection) readIVPN(r reader) (err error) {
return err return err
} }
settings.CustomPort, err = readOpenVPNCustomPort(r.env, settings.TCP, settings.CustomPort, err = readOpenVPNCustomPort(r, openvpnPortValidation{
[]uint16{80, 443, 1443}, []uint16{53, 1194, 2049, 2050}) tcp: settings.TCP,
allowedTCP: []uint16{80, 443, 1443},
allowedUDP: []uint16{53, 1194, 2049, 2050},
})
if err != nil { if err != nil {
return err return err
} }

73
internal/configuration/ivpn_test.go
View File

@@ -40,17 +40,18 @@ func Test_Provider_readIvpn(t *testing.T) { //nolint:gocognit
} }
testCases := map[string]struct { testCases := map[string]struct {
targetIP singleStringCall targetIP singleStringCall
countries sliceStringCall countries sliceStringCall
cities sliceStringCall cities sliceStringCall
isps sliceStringCall isps sliceStringCall
hostnames sliceStringCall hostnames sliceStringCall
protocol singleStringCall protocol singleStringCall
ovpnPort portCall ovpnPort portCall
wgPort portCall ovpnOldPort portCall
wgOldPort portCall wgPort portCall
settings Provider wgOldPort portCall
err error settings Provider
err error
}{ }{
"target IP error": { "target IP error": {
targetIP: singleStringCall{call: true, value: "something", err: errDummy}, targetIP: singleStringCall{call: true, value: "something", err: errDummy},
@@ -120,32 +121,34 @@ func Test_Provider_readIvpn(t *testing.T) { //nolint:gocognit
settings: Provider{ settings: Provider{
Name: constants.Ivpn, Name: constants.Ivpn,
}, },
err: errors.New("environment variable PORT: dummy test error"), err: errors.New("environment variable OPENVPN_PORT: dummy test error"),
}, },
"wireguard custom port error": { "wireguard custom port error": {
targetIP: singleStringCall{call: true}, targetIP: singleStringCall{call: true},
countries: sliceStringCall{call: true}, countries: sliceStringCall{call: true},
cities: sliceStringCall{call: true}, cities: sliceStringCall{call: true},
isps: sliceStringCall{call: true}, isps: sliceStringCall{call: true},
hostnames: sliceStringCall{call: true}, hostnames: sliceStringCall{call: true},
protocol: singleStringCall{call: true}, protocol: singleStringCall{call: true},
ovpnPort: portCall{getCall: true, getValue: "0"}, ovpnPort: portCall{getCall: true, getValue: "0"},
wgPort: portCall{getCall: true, getErr: errDummy}, ovpnOldPort: portCall{getCall: true, getValue: "0"},
wgPort: portCall{getCall: true, getErr: errDummy},
settings: Provider{ settings: Provider{
Name: constants.Ivpn, Name: constants.Ivpn,
}, },
err: errors.New("environment variable WIREGUARD_ENDPOINT_PORT: dummy test error"), err: errors.New("environment variable WIREGUARD_ENDPOINT_PORT: dummy test error"),
}, },
"default settings": { "default settings": {
targetIP: singleStringCall{call: true}, targetIP: singleStringCall{call: true},
countries: sliceStringCall{call: true}, countries: sliceStringCall{call: true},
cities: sliceStringCall{call: true}, cities: sliceStringCall{call: true},
isps: sliceStringCall{call: true}, isps: sliceStringCall{call: true},
hostnames: sliceStringCall{call: true}, hostnames: sliceStringCall{call: true},
protocol: singleStringCall{call: true}, protocol: singleStringCall{call: true},
ovpnPort: portCall{getCall: true, getValue: "0"}, ovpnPort: portCall{getCall: true, getValue: "0"},
wgPort: portCall{getCall: true, getValue: "0"}, ovpnOldPort: portCall{getCall: true, getValue: "0"},
wgOldPort: portCall{getCall: true, getValue: "0"}, wgPort: portCall{getCall: true, getValue: "0"},
wgOldPort: portCall{getCall: true, getValue: "0"},
settings: Provider{ settings: Provider{
Name: constants.Ivpn, Name: constants.Ivpn,
}, },
@@ -218,13 +221,21 @@ func Test_Provider_readIvpn(t *testing.T) { //nolint:gocognit
Return(testCase.protocol.value, testCase.protocol.err) Return(testCase.protocol.value, testCase.protocol.err)
} }
if testCase.ovpnPort.getCall { if testCase.ovpnPort.getCall {
env.EXPECT().Get("PORT", gomock.Any()). env.EXPECT().Get("OPENVPN_PORT", gomock.Any()).
Return(testCase.ovpnPort.getValue, testCase.ovpnPort.getErr) Return(testCase.ovpnPort.getValue, testCase.ovpnPort.getErr)
} }
if testCase.ovpnPort.portCall { if testCase.ovpnPort.portCall {
env.EXPECT().Port("PORT"). env.EXPECT().Port("OPENVPN_PORT").
Return(testCase.ovpnPort.portValue, testCase.ovpnPort.portErr) Return(testCase.ovpnPort.portValue, testCase.ovpnPort.portErr)
} }
if testCase.ovpnOldPort.getCall {
env.EXPECT().Get("PORT", gomock.Any()).
Return(testCase.ovpnOldPort.getValue, testCase.ovpnOldPort.getErr)
}
if testCase.ovpnOldPort.portCall {
env.EXPECT().Port("PORT").
Return(testCase.ovpnOldPort.portValue, testCase.ovpnOldPort.portErr)
}
if testCase.wgPort.getCall { if testCase.wgPort.getCall {
env.EXPECT().Get("WIREGUARD_ENDPOINT_PORT", gomock.Any()). env.EXPECT().Get("WIREGUARD_ENDPOINT_PORT", gomock.Any()).
Return(testCase.wgPort.getValue, testCase.wgPort.getErr) Return(testCase.wgPort.getValue, testCase.wgPort.getErr)

7
internal/configuration/mullvad.go
View File

@@ -55,8 +55,11 @@ func (settings *OpenVPNSelection) readMullvad(r reader) (err error) {
return err return err
} }
settings.CustomPort, err = readOpenVPNCustomPort(r.env, settings.TCP, settings.CustomPort, err = readOpenVPNCustomPort(r, openvpnPortValidation{
[]uint16{80, 443, 1401}, []uint16{53, 1194, 1195, 1196, 1197, 1300, 1301, 1302, 1303, 1400}) tcp: settings.TCP,
allowedTCP: []uint16{80, 443, 1401},
allowedUDP: []uint16{53, 1194, 1195, 1196, 1197, 1300, 1301, 1302, 1303, 1400},
})
if err != nil { if err != nil {
return err return err
} }

4
internal/configuration/privateinternetaccess.go
View File

@@ -53,9 +53,9 @@ func (settings *OpenVPNSelection) readPrivateInternetAccess(r reader) (err error
return err return err
} }
settings.CustomPort, err = readPortOrZero(r.env, "PORT") settings.CustomPort, err = readOpenVPNCustomPort(r, openvpnPortValidation{allAllowed: true})
if err != nil { if err != nil {
return fmt.Errorf("environment variable PORT: %w", err) return err
} }
return nil return nil

40
internal/configuration/provider.go
View File

@@ -149,33 +149,49 @@ func readTargetIP(env params.Interface) (targetIP net.IP, err error) {
return targetIP, nil return targetIP, nil
} }
func readOpenVPNCustomPort(env params.Interface, tcp bool, type openvpnPortValidation struct {
allowedTCP, allowedUDP []uint16) (port uint16, err error) { allAllowed bool
port, err = readPortOrZero(env, "PORT") tcp bool
allowedTCP []uint16
allowedUDP []uint16
}
func readOpenVPNCustomPort(r reader, validation openvpnPortValidation) (
port uint16, err error) {
port, err = readPortOrZero(r.env, "OPENVPN_PORT")
if err != nil { if err != nil {
return 0, fmt.Errorf("environment variable PORT: %w", err) return 0, fmt.Errorf("environment variable OPENVPN_PORT: %w", err)
} else if port == 0 { } else if port == 0 {
return 0, nil // Try using old variable name
port, err = readPortOrZero(r.env, "PORT")
if err != nil {
r.onRetroActive("PORT", "OPENVPN_PORT")
return 0, fmt.Errorf("environment variable PORT: %w", err)
}
} }
if tcp { if port == 0 || validation.allAllowed {
for i := range allowedTCP { return port, nil
if allowedTCP[i] == port { }
if validation.tcp {
for _, allowedPort := range validation.allowedTCP {
if port == allowedPort {
return port, nil return port, nil
} }
} }
return 0, fmt.Errorf( return 0, fmt.Errorf(
"environment variable PORT: %w: port %d for TCP protocol, can only be one of %s", "environment variable PORT: %w: port %d for TCP protocol, can only be one of %s",
ErrInvalidPort, port, portsToString(allowedTCP)) ErrInvalidPort, port, portsToString(validation.allowedTCP))
} }
for i := range allowedUDP { for _, allowedPort := range validation.allowedUDP {
if allowedUDP[i] == port { if port == allowedPort {
return port, nil return port, nil
} }
} }
return 0, fmt.Errorf( return 0, fmt.Errorf(
"environment variable PORT: %w: port %d for UDP protocol, can only be one of %s", "environment variable PORT: %w: port %d for UDP protocol, can only be one of %s",
ErrInvalidPort, port, portsToString(allowedUDP)) ErrInvalidPort, port, portsToString(validation.allowedUDP))
} }
// note: set allowed to an empty slice to allow all valid ports // note: set allowed to an empty slice to allow all valid ports

2
internal/configuration/selection.go
View File

@@ -142,7 +142,7 @@ func (settings *OpenVPNSelection) readProtocolAndPort(r reader) (err error) {
return err return err
} }
settings.CustomPort, err = readPortOrZero(r.env, "PORT") settings.CustomPort, err = readOpenVPNCustomPort(r, openvpnPortValidation{allAllowed: true})
if err != nil { if err != nil {
return fmt.Errorf("environment variable PORT: %w", err) return fmt.Errorf("environment variable PORT: %w", err)
} }

8
internal/configuration/windscribe.go
View File

@@ -46,9 +46,11 @@ func (settings *OpenVPNSelection) readWindscribe(r reader) (err error) {
return err return err
} }
settings.CustomPort, err = readOpenVPNCustomPort(r.env, settings.TCP, settings.CustomPort, err = readOpenVPNCustomPort(r, openvpnPortValidation{
[]uint16{21, 22, 80, 123, 143, 443, 587, 1194, 3306, 8080, 54783}, tcp: settings.TCP,
[]uint16{53, 80, 123, 443, 1194, 54783}) allowedTCP: []uint16{21, 22, 80, 123, 143, 443, 587, 1194, 3306, 8080, 54783},
allowedUDP: []uint16{53, 80, 123, 443, 1194, 54783},
})
if err != nil { if err != nil {
return err return err
} }