Single connection written to openvpn configuration (#258)
- From now only a single OpenVPN connection is written to the OpenVPN configuration file - If multiple connections are matched given the user parameters (i.e. city, region), it is picked at pseudo random using the current time as the pseudo random seed. - Not relying on Openvpn picking a random remote address, may refer to #229 - Program is aware of which connection is to be used, in order to use its matching CN for port forwarding TLS verification with PIA v4 servers, see #236 - Simplified firewall mechanisms
This commit is contained in:
Quentin McGaw
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type cyberghost struct {
|
||||
servers []models.CyberghostServer
|
||||
servers []models.CyberghostServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newCyberghost(servers []models.CyberghostServer) *cyberghost {
|
||||
func newCyberghost(servers []models.CyberghostServer, timeNow timeNowFunc) *cyberghost {
|
||||
return &cyberghost{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -39,17 +42,18 @@ func (c *cyberghost) filterServers(region, group string) (servers []models.Cyber
|
||||
return servers
|
||||
}
|
||||
|
||||
func (c *cyberghost) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
func (c *cyberghost) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := c.filterServers(selection.Region, selection.Group)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q and group %q", selection.Region, selection.Group)
|
||||
return connection, fmt.Errorf("no server found for region %q and group %q", selection.Region, selection.Group)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: 443, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: 443, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: 443, Protocol: selection.Protocol})
|
||||
@@ -58,17 +62,13 @@ func (c *cyberghost) GetOpenVPNConnections(selection models.ServerSelection) (co
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, c.randSource), nil
|
||||
}
|
||||
|
||||
func (c *cyberghost) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
func (c *cyberghost) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -102,7 +102,8 @@ func (c *cyberghost) BuildConf(connections []models.OpenVPNConnection, verbosity
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
@@ -112,9 +113,6 @@ func (c *cyberghost) BuildConf(connections []models.OpenVPNConnection, verbosity
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type mullvad struct {
|
||||
servers []models.MullvadServer
|
||||
servers []models.MullvadServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newMullvad(servers []models.MullvadServer) *mullvad {
|
||||
func newMullvad(servers []models.MullvadServer, timeNow timeNowFunc) *mullvad {
|
||||
return &mullvad{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,10 +47,10 @@ func (m *mullvad) filterServers(country, city, isp string) (servers []models.Mul
|
||||
return servers
|
||||
}
|
||||
|
||||
func (m *mullvad) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
func (m *mullvad) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := m.filterServers(selection.Country, selection.City, selection.ISP)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for country %q, city %q and ISP %q", selection.Country, selection.City, selection.ISP)
|
||||
return connection, fmt.Errorf("no server found for country %q, city %q and ISP %q", selection.Country, selection.City, selection.ISP)
|
||||
}
|
||||
|
||||
var defaultPort uint16 = 1194
|
||||
@@ -55,6 +58,7 @@ func (m *mullvad) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
defaultPort = 443
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
port := defaultPort
|
||||
if selection.CustomPort > 0 {
|
||||
@@ -63,7 +67,7 @@ func (m *mullvad) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -72,17 +76,13 @@ func (m *mullvad) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP address %q not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP address %q not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, m.randSource), nil
|
||||
}
|
||||
|
||||
func (m *mullvad) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
func (m *mullvad) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -113,7 +113,8 @@ func (m *mullvad) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
}
|
||||
if extras.OpenVPNIPv6 {
|
||||
@@ -125,9 +126,6 @@ func (m *mullvad) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type nordvpn struct {
|
||||
servers []models.NordvpnServer
|
||||
servers []models.NordvpnServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newNordvpn(servers []models.NordvpnServer) *nordvpn {
|
||||
func newNordvpn(servers []models.NordvpnServer, timeNow timeNowFunc) *nordvpn {
|
||||
return &nordvpn{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,10 +48,10 @@ func (n *nordvpn) filterServers(region string, protocol models.NetworkProtocol,
|
||||
return servers
|
||||
}
|
||||
|
||||
func (n *nordvpn) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
func (n *nordvpn) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
servers := n.filterServers(selection.Region, selection.Protocol, selection.Number)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q, protocol %s and number %d", selection.Region, selection.Protocol, selection.Number)
|
||||
return connection, fmt.Errorf("no server found for region %q, protocol %s and number %d", selection.Region, selection.Protocol, selection.Number)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
@@ -58,13 +61,14 @@ func (n *nordvpn) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
case selection.Protocol == constants.TCP:
|
||||
port = 443
|
||||
default:
|
||||
return nil, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
return connection, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(server.IP) {
|
||||
return []models.OpenVPNConnection{{IP: server.IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: server.IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: server.IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -72,17 +76,13 @@ func (n *nordvpn) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, n.randSource), nil
|
||||
}
|
||||
|
||||
func (n *nordvpn) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
func (n *nordvpn) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -119,16 +119,14 @@ func (n *nordvpn) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", string(connections[0].Protocol)),
|
||||
fmt.Sprintf("proto %s", string(connection.Protocol)),
|
||||
fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
@@ -8,7 +8,7 @@ import (
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
)
|
||||
|
||||
func buildPIAConf(connections []models.OpenVPNConnection, verbosity int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
func buildPIAConf(connection models.OpenVPNConnection, verbosity int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
var X509CRL, certificate string
|
||||
if extras.EncryptionPreset == constants.PIAEncryptionPresetNormal {
|
||||
if len(cipher) == 0 {
|
||||
@@ -52,7 +52,8 @@ func buildPIAConf(connections []models.OpenVPNConnection, verbosity int, root bo
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
@@ -62,9 +63,6 @@ func buildPIAConf(connections []models.OpenVPNConnection, verbosity int, root bo
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<crl-verify>",
|
||||
"-----BEGIN X509 CRL-----",
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -13,38 +14,84 @@ import (
|
||||
"github.com/qdm12/gluetun/internal/constants"
|
||||
"github.com/qdm12/gluetun/internal/firewall"
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/golibs/crypto/random"
|
||||
"github.com/qdm12/golibs/files"
|
||||
"github.com/qdm12/golibs/logging"
|
||||
)
|
||||
|
||||
type piaV3 struct {
|
||||
random random.Random
|
||||
servers []models.PIAOldServer
|
||||
servers []models.PIAOldServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newPrivateInternetAccessV3(servers []models.PIAOldServer) *piaV3 {
|
||||
func newPrivateInternetAccessV3(servers []models.PIAOldServer, timeNow timeNowFunc) *piaV3 {
|
||||
return &piaV3{
|
||||
random: random.NewRandom(),
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
func (p *piaV3) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
return getPIAOldOpenVPNConnections(p.servers, selection)
|
||||
func (p *piaV3) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := filterPIAOldServers(p.servers, selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return connection, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
switch selection.Protocol {
|
||||
case constants.TCP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 502
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 501
|
||||
}
|
||||
case constants.UDP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 1198
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 1197
|
||||
}
|
||||
}
|
||||
if port == 0 {
|
||||
return connection, fmt.Errorf("combination of protocol %q and encryption %q does not yield any port number", selection.Protocol, selection.EncryptionPreset)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
return pickRandomConnection(connections, p.randSource), nil
|
||||
}
|
||||
|
||||
func (p *piaV3) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
return buildPIAConf(connections, verbosity, root, cipher, auth, extras)
|
||||
func (p *piaV3) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
return buildPIAConf(connection, verbosity, root, cipher, auth, extras)
|
||||
}
|
||||
|
||||
func (p *piaV3) PortForward(ctx context.Context, client *http.Client,
|
||||
fileManager files.FileManager, pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
|
||||
syncState func(port uint16) (pfFilepath models.Filepath)) {
|
||||
b, err := p.random.GenerateRandomBytes(32)
|
||||
b := make([]byte, 32)
|
||||
n, err := rand.New(p.randSource).Read(b) //nolint:gosec
|
||||
if err != nil {
|
||||
pfLogger.Error(err)
|
||||
return
|
||||
} else if n != 32 {
|
||||
pfLogger.Error("only read %d bytes instead of 32", n)
|
||||
return
|
||||
}
|
||||
clientID := hex.EncodeToString(b)
|
||||
url := fmt.Sprintf("%s/?client_id=%s", constants.PIAPortForwardURL, clientID)
|
||||
@@ -105,53 +152,3 @@ func filterPIAOldServers(servers []models.PIAOldServer, region string) (filtered
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func getPIAOldOpenVPNConnections(allServers []models.PIAOldServer, selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
servers := filterPIAOldServers(allServers, selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
switch selection.Protocol {
|
||||
case constants.TCP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 502
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 501
|
||||
}
|
||||
case constants.UDP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 1198
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 1197
|
||||
}
|
||||
}
|
||||
if port == 0 {
|
||||
return nil, fmt.Errorf("combination of protocol %q and encryption %q does not yield any port number", selection.Protocol, selection.EncryptionPreset)
|
||||
}
|
||||
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
}
|
||||
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/url"
|
||||
@@ -23,23 +24,72 @@ import (
|
||||
)
|
||||
|
||||
type piaV4 struct {
|
||||
servers []models.PIAServer
|
||||
timeNow func() time.Time
|
||||
servers []models.PIAServer
|
||||
timeNow timeNowFunc
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newPrivateInternetAccessV4(servers []models.PIAServer) *piaV4 {
|
||||
func newPrivateInternetAccessV4(servers []models.PIAServer, timeNow timeNowFunc) *piaV4 {
|
||||
return &piaV4{
|
||||
servers: servers,
|
||||
timeNow: time.Now,
|
||||
servers: servers,
|
||||
timeNow: timeNow,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
func (p *piaV4) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
return getPIAOpenVPNConnections(p.servers, selection)
|
||||
func (p *piaV4) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := filterPIAServers(p.servers, selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return connection, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
switch selection.Protocol {
|
||||
case constants.TCP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 502
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 501
|
||||
}
|
||||
case constants.UDP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 1198
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 1197
|
||||
}
|
||||
}
|
||||
if port == 0 {
|
||||
return connection, fmt.Errorf("combination of protocol %q and encryption %q does not yield any port number", selection.Protocol, selection.EncryptionPreset)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
IPs := server.OpenvpnUDP.IPs
|
||||
if selection.Protocol == constants.TCP {
|
||||
IPs = server.OpenvpnTCP.IPs
|
||||
}
|
||||
for _, IP := range IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
return pickRandomConnection(connections, p.randSource), nil
|
||||
}
|
||||
|
||||
func (p *piaV4) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
return buildPIAConf(connections, verbosity, root, cipher, auth, extras)
|
||||
func (p *piaV4) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
return buildPIAConf(connection, verbosity, root, cipher, auth, extras)
|
||||
}
|
||||
|
||||
//nolint:gocognit
|
||||
@@ -173,59 +223,6 @@ func filterPIAServers(servers []models.PIAServer, region string) (filtered []mod
|
||||
return nil
|
||||
}
|
||||
|
||||
func getPIAOpenVPNConnections(allServers []models.PIAServer, selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
servers := filterPIAServers(allServers, selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
switch selection.Protocol {
|
||||
case constants.TCP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 502
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 501
|
||||
}
|
||||
case constants.UDP:
|
||||
switch selection.EncryptionPreset {
|
||||
case constants.PIAEncryptionPresetNormal:
|
||||
port = 1198
|
||||
case constants.PIAEncryptionPresetStrong:
|
||||
port = 1197
|
||||
}
|
||||
}
|
||||
if port == 0 {
|
||||
return nil, fmt.Errorf("combination of protocol %q and encryption %q does not yield any port number", selection.Protocol, selection.EncryptionPreset)
|
||||
}
|
||||
for _, server := range servers {
|
||||
IPs := server.OpenvpnUDP.IPs
|
||||
if selection.Protocol == constants.TCP {
|
||||
IPs = server.OpenvpnTCP.IPs
|
||||
}
|
||||
for _, IP := range IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
}
|
||||
|
||||
func newPIAv4HTTPClient() (client *http.Client, err error) {
|
||||
certificateBytes, err := base64.StdEncoding.DecodeString(constants.PIACertificateStrong)
|
||||
if err != nil {
|
||||
|
||||
@@ -14,33 +14,33 @@ import (
|
||||
|
||||
// Provider contains methods to read and modify the openvpn configuration to connect as a client
|
||||
type Provider interface {
|
||||
GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error)
|
||||
BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string)
|
||||
GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error)
|
||||
BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string)
|
||||
PortForward(ctx context.Context, client *http.Client,
|
||||
fileManager files.FileManager, pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
|
||||
syncState func(port uint16) (pfFilepath models.Filepath))
|
||||
}
|
||||
|
||||
func New(provider models.VPNProvider, allServers models.AllServers) Provider {
|
||||
func New(provider models.VPNProvider, allServers models.AllServers, timeNow timeNowFunc) Provider {
|
||||
switch provider {
|
||||
case constants.PrivateInternetAccess:
|
||||
return newPrivateInternetAccessV4(allServers.Pia.Servers)
|
||||
return newPrivateInternetAccessV4(allServers.Pia.Servers, timeNow)
|
||||
case constants.PrivateInternetAccessOld:
|
||||
return newPrivateInternetAccessV3(allServers.PiaOld.Servers)
|
||||
return newPrivateInternetAccessV3(allServers.PiaOld.Servers, timeNow)
|
||||
case constants.Mullvad:
|
||||
return newMullvad(allServers.Mullvad.Servers)
|
||||
return newMullvad(allServers.Mullvad.Servers, timeNow)
|
||||
case constants.Windscribe:
|
||||
return newWindscribe(allServers.Windscribe.Servers)
|
||||
return newWindscribe(allServers.Windscribe.Servers, timeNow)
|
||||
case constants.Surfshark:
|
||||
return newSurfshark(allServers.Surfshark.Servers)
|
||||
return newSurfshark(allServers.Surfshark.Servers, timeNow)
|
||||
case constants.Cyberghost:
|
||||
return newCyberghost(allServers.Cyberghost.Servers)
|
||||
return newCyberghost(allServers.Cyberghost.Servers, timeNow)
|
||||
case constants.Vyprvpn:
|
||||
return newVyprvpn(allServers.Vyprvpn.Servers)
|
||||
return newVyprvpn(allServers.Vyprvpn.Servers, timeNow)
|
||||
case constants.Nordvpn:
|
||||
return newNordvpn(allServers.Nordvpn.Servers)
|
||||
return newNordvpn(allServers.Nordvpn.Servers, timeNow)
|
||||
case constants.Purevpn:
|
||||
return newPurevpn(allServers.Purevpn.Servers)
|
||||
return newPurevpn(allServers.Purevpn.Servers, timeNow)
|
||||
default:
|
||||
return nil // should never occur
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type purevpn struct {
|
||||
servers []models.PurevpnServer
|
||||
servers []models.PurevpnServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newPurevpn(servers []models.PurevpnServer) *purevpn {
|
||||
func newPurevpn(servers []models.PurevpnServer, timeNow timeNowFunc) *purevpn {
|
||||
return &purevpn{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,10 +47,10 @@ func (p *purevpn) filterServers(region, country, city string) (servers []models.
|
||||
return servers
|
||||
}
|
||||
|
||||
func (p *purevpn) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
func (p *purevpn) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
servers := p.filterServers(selection.Region, selection.Country, selection.City)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q, country %q and city %q", selection.Region, selection.Country, selection.City)
|
||||
return connection, fmt.Errorf("no server found for region %q, country %q and city %q", selection.Region, selection.Country, selection.City)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
@@ -57,14 +60,15 @@ func (p *purevpn) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
case selection.Protocol == constants.TCP:
|
||||
port = 80
|
||||
default:
|
||||
return nil, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
return connection, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if IP.Equal(selection.TargetIP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -73,17 +77,13 @@ func (p *purevpn) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP address %q not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP address %q not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, p.randSource), nil
|
||||
}
|
||||
|
||||
func (p *purevpn) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
func (p *purevpn) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -114,15 +114,13 @@ func (p *purevpn) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", string(connections[0].Protocol)),
|
||||
fmt.Sprintf("proto %s", string(connection.Protocol)),
|
||||
fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
}
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
@@ -156,7 +154,7 @@ func (p *purevpn) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
if len(auth) > 0 {
|
||||
lines = append(lines, "auth "+auth)
|
||||
}
|
||||
if connections[0].Protocol == constants.UDP {
|
||||
if connection.Protocol == constants.UDP {
|
||||
lines = append(lines, "explicit-exit-notify")
|
||||
}
|
||||
return lines
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type surfshark struct {
|
||||
servers []models.SurfsharkServer
|
||||
servers []models.SurfsharkServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newSurfshark(servers []models.SurfsharkServer) *surfshark {
|
||||
func newSurfshark(servers []models.SurfsharkServer, timeNow timeNowFunc) *surfshark {
|
||||
return &surfshark{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,10 +39,10 @@ func (s *surfshark) filterServers(region string) (servers []models.SurfsharkServ
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *surfshark) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
func (s *surfshark) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) { //nolint:dupl
|
||||
servers := s.filterServers(selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
return connection, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
@@ -49,14 +52,15 @@ func (s *surfshark) GetOpenVPNConnections(selection models.ServerSelection) (con
|
||||
case selection.Protocol == constants.UDP:
|
||||
port = 1194
|
||||
default:
|
||||
return nil, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
return connection, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -65,17 +69,13 @@ func (s *surfshark) GetOpenVPNConnections(selection models.ServerSelection) (con
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, s.randSource), nil
|
||||
}
|
||||
|
||||
func (s *surfshark) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
func (s *surfshark) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) { //nolint:dupl
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -112,16 +112,14 @@ func (s *surfshark) BuildConf(connections []models.OpenVPNConnection, verbosity,
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
@@ -2,11 +2,15 @@ package provider
|
||||
|
||||
import (
|
||||
"context"
|
||||
"math/rand"
|
||||
"time"
|
||||
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/golibs/logging"
|
||||
)
|
||||
|
||||
type timeNowFunc func() time.Time
|
||||
|
||||
func tryUntilSuccessful(ctx context.Context, logger logging.Logger, fn func() error) {
|
||||
const retryPeriod = 10 * time.Second
|
||||
for {
|
||||
@@ -27,3 +31,7 @@ func tryUntilSuccessful(ctx context.Context, logger logging.Logger, fn func() er
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func pickRandomConnection(connections []models.OpenVPNConnection, source rand.Source) models.OpenVPNConnection {
|
||||
return connections[rand.New(source).Intn(len(connections))] //nolint:gosec
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type vyprvpn struct {
|
||||
servers []models.VyprvpnServer
|
||||
servers []models.VyprvpnServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newVyprvpn(servers []models.VyprvpnServer) *vyprvpn {
|
||||
func newVyprvpn(servers []models.VyprvpnServer, timeNow timeNowFunc) *vyprvpn {
|
||||
return &vyprvpn{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,27 +39,28 @@ func (v *vyprvpn) filterServers(region string) (servers []models.VyprvpnServer)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (v *vyprvpn) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
func (v *vyprvpn) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := v.filterServers(selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
return connection, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
switch {
|
||||
case selection.Protocol == constants.TCP:
|
||||
return nil, fmt.Errorf("TCP protocol not supported by this VPN provider")
|
||||
return connection, fmt.Errorf("TCP protocol not supported by this VPN provider")
|
||||
case selection.Protocol == constants.UDP:
|
||||
port = 443
|
||||
default:
|
||||
return nil, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
return connection, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -65,17 +69,13 @@ func (v *vyprvpn) GetOpenVPNConnections(selection models.ServerSelection) (conne
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, v.randSource), nil
|
||||
}
|
||||
|
||||
func (v *vyprvpn) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
func (v *vyprvpn) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -106,16 +106,14 @@ func (v *vyprvpn) BuildConf(connections []models.OpenVPNConnection, verbosity, u
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
@@ -3,6 +3,7 @@ package provider
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -15,12 +16,14 @@ import (
|
||||
)
|
||||
|
||||
type windscribe struct {
|
||||
servers []models.WindscribeServer
|
||||
servers []models.WindscribeServer
|
||||
randSource rand.Source
|
||||
}
|
||||
|
||||
func newWindscribe(servers []models.WindscribeServer) *windscribe {
|
||||
func newWindscribe(servers []models.WindscribeServer, timeNow timeNowFunc) *windscribe {
|
||||
return &windscribe{
|
||||
servers: servers,
|
||||
servers: servers,
|
||||
randSource: rand.NewSource(timeNow().UnixNano()),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,10 +39,10 @@ func (w *windscribe) filterServers(region string) (servers []models.WindscribeSe
|
||||
return nil
|
||||
}
|
||||
|
||||
func (w *windscribe) GetOpenVPNConnections(selection models.ServerSelection) (connections []models.OpenVPNConnection, err error) {
|
||||
func (w *windscribe) GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error) {
|
||||
servers := w.filterServers(selection.Region)
|
||||
if len(servers) == 0 {
|
||||
return nil, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
return connection, fmt.Errorf("no server found for region %q", selection.Region)
|
||||
}
|
||||
|
||||
var port uint16
|
||||
@@ -51,14 +54,15 @@ func (w *windscribe) GetOpenVPNConnections(selection models.ServerSelection) (co
|
||||
case selection.Protocol == constants.UDP:
|
||||
port = 443
|
||||
default:
|
||||
return nil, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
return connection, fmt.Errorf("protocol %q is unknown", selection.Protocol)
|
||||
}
|
||||
|
||||
var connections []models.OpenVPNConnection
|
||||
for _, server := range servers {
|
||||
for _, IP := range server.IPs {
|
||||
if selection.TargetIP != nil {
|
||||
if selection.TargetIP.Equal(IP) {
|
||||
return []models.OpenVPNConnection{{IP: IP, Port: port, Protocol: selection.Protocol}}, nil
|
||||
return models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol}, nil
|
||||
}
|
||||
} else {
|
||||
connections = append(connections, models.OpenVPNConnection{IP: IP, Port: port, Protocol: selection.Protocol})
|
||||
@@ -67,17 +71,13 @@ func (w *windscribe) GetOpenVPNConnections(selection models.ServerSelection) (co
|
||||
}
|
||||
|
||||
if selection.TargetIP != nil {
|
||||
return nil, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
return connection, fmt.Errorf("target IP %s not found in IP addresses", selection.TargetIP)
|
||||
}
|
||||
|
||||
if len(connections) > 64 {
|
||||
connections = connections[:64]
|
||||
}
|
||||
|
||||
return connections, nil
|
||||
return pickRandomConnection(connections, w.randSource), nil
|
||||
}
|
||||
|
||||
func (w *windscribe) BuildConf(connections []models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
func (w *windscribe) BuildConf(connection models.OpenVPNConnection, verbosity, uid, gid int, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
|
||||
if len(cipher) == 0 {
|
||||
cipher = aes256cbc
|
||||
}
|
||||
@@ -107,7 +107,8 @@ func (w *windscribe) BuildConf(connections []models.OpenVPNConnection, verbosity
|
||||
// Modified variables
|
||||
fmt.Sprintf("verb %d", verbosity),
|
||||
fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
|
||||
fmt.Sprintf("proto %s", connections[0].Protocol),
|
||||
fmt.Sprintf("proto %s", connection.Protocol),
|
||||
fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
|
||||
fmt.Sprintf("cipher %s", cipher),
|
||||
fmt.Sprintf("auth %s", auth),
|
||||
}
|
||||
@@ -117,9 +118,6 @@ func (w *windscribe) BuildConf(connections []models.OpenVPNConnection, verbosity
|
||||
if !root {
|
||||
lines = append(lines, "user nonrootuser")
|
||||
}
|
||||
for _, connection := range connections {
|
||||
lines = append(lines, fmt.Sprintf("remote %s %d", connection.IP, connection.Port))
|
||||
}
|
||||
lines = append(lines, []string{
|
||||
"<ca>",
|
||||
"-----BEGIN CERTIFICATE-----",
|
||||
|
||||
Reference in New Issue
Block a user