Feat: Perfect privacy support (#606)

internal/provider/perfectprivacy/connection.go

@@ -0,0 +1,37 @@
+package perfectprivacy
+
+import (
+	"github.com/qdm12/gluetun/internal/configuration"
+	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/provider/utils"
+)
+
+func (p *Perfectprivacy) GetConnection(selection configuration.ServerSelection) (
+	connection models.Connection, err error) {
+	const defaultPort uint16 = 443
+	port := defaultPort
+	if selection.OpenVPN.CustomPort > 0 {
+		port = selection.OpenVPN.CustomPort
+	}
+	protocol := utils.GetProtocol(selection)
+
+	servers, err := p.filterServers(selection)
+	if err != nil {
+		return connection, err
+	}
+
+	var connections []models.Connection
+	for _, server := range servers {
+		for _, IP := range server.IPs {
+			connection := models.Connection{
+				Type:     selection.VPN,
+				IP:       IP,
+				Port:     port,
+				Protocol: protocol,
+			}
+			connections = append(connections, connection)
+		}
+	}
+
+	return utils.PickConnection(connections, selection, p.randSource)
+}

internal/provider/perfectprivacy/filter.go

@@ -0,0 +1,26 @@
+package perfectprivacy
+
+import (
+	"github.com/qdm12/gluetun/internal/configuration"
+	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/provider/utils"
+)
+
+func (p *Perfectprivacy) filterServers(selection configuration.ServerSelection) (
+	servers []models.PerfectprivacyServer, err error) {
+	for _, server := range p.servers {
+		switch {
+		case
+			utils.FilterByPossibilities(server.City, selection.Cities),
+			utils.FilterByProtocol(selection, server.TCP, server.UDP):
+		default:
+			servers = append(servers, server)
+		}
+	}
+
+	if len(servers) == 0 {
+		return nil, utils.NoServerFoundError(selection)
+	}
+
+	return servers, nil
+}

internal/provider/perfectprivacy/openvpnconf.go

@@ -0,0 +1,89 @@
+package perfectprivacy
+
+import (
+	"strconv"
+
+	"github.com/qdm12/gluetun/internal/configuration"
+	"github.com/qdm12/gluetun/internal/constants"
+	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/provider/utils"
+)
+
+func (p *Perfectprivacy) BuildConf(connection models.Connection,
+	settings configuration.OpenVPN) (lines []string, err error) {
+	if settings.Cipher == "" {
+		// TODO add AES 256 GCM
+		settings.Cipher = constants.AES256cbc
+	}
+
+	if settings.Auth == "" {
+		settings.Auth = constants.SHA512
+	}
+
+	if settings.MSSFix == 0 {
+		settings.MSSFix = 1450
+	}
+
+	lines = []string{
+		"client",
+		"nobind",
+		"tls-exit",
+		"dev " + settings.Interface,
+		"verb " + strconv.Itoa(settings.Verbosity),
+
+		// Perfect Privacy specific
+		"ping 5",
+		"tun-mtu 1500",
+		"tun-mtu-extra 32",
+		"mssfix " + strconv.Itoa(int(settings.MSSFix)),
+		"reneg-sec 3600",
+		"key-direction 1",
+		"tls-cipher TLS_CHACHA20_POLY1305_SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS_AES_256_GCM_SHA384:TLS-RSA-WITH-AES-256-CBC-SHA", //nolint:lll
+		"auth-user-pass " + constants.OpenVPNAuthConf,
+		"auth " + settings.Auth,
+
+		// Added constant values
+		"auth-nocache",
+		"mute-replay-warnings",
+		"pull-filter ignore \"auth-token\"", // prevent auth failed loops
+		"auth-retry nointeract",
+		"suppress-timestamps",
+
+		// Modified variables
+		connection.OpenVPNProtoLine(),
+		connection.OpenVPNRemoteLine(),
+	}
+
+	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)
+
+	if connection.Protocol == constants.UDP {
+		lines = append(lines, "explicit-exit-notify")
+	}
+
+	if !settings.Root {
+		lines = append(lines, "user "+settings.ProcUser)
+		lines = append(lines, "persist-tun")
+		lines = append(lines, "persist-key")
+	}
+
+	if !settings.IPv6 {
+		lines = append(lines, `pull-filter ignore "route-ipv6"`)
+		lines = append(lines, `pull-filter ignore "ifconfig-ipv6"`)
+		// Perfect Privacy specific IPv6
+		lines = append(lines, "redirect-gateway def1")
+		lines = append(lines, `pull-filter ignore "redirect-gateway def1 ipv6"`)
+	}
+
+	lines = append(lines, utils.WrapOpenvpnCA(
+		constants.PerfectprivacyCA)...)
+	lines = append(lines, utils.WrapOpenvpnCert(
+		constants.PerfectprivacyCert)...)
+	lines = append(lines, utils.WrapOpenvpnKey(
+		constants.PerfectprivacyPrivateKey)...)
+	lines = append(lines, utils.WrapOpenvpnTLSCrypt(
+		constants.PerfectprivacyTLSCryptOpenvpnStaticKeyV1)...)
+
+	lines = append(lines, "")
+
+	return lines, nil
+}

internal/provider/perfectprivacy/provider.go

@@ -0,0 +1,23 @@
+package perfectprivacy
+
+import (
+	"math/rand"
+
+	"github.com/qdm12/gluetun/internal/constants"
+	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/provider/utils"
+)
+
+type Perfectprivacy struct {
+	servers    []models.PerfectprivacyServer
+	randSource rand.Source
+	utils.NoPortForwarder
+}
+
+func New(servers []models.PerfectprivacyServer, randSource rand.Source) *Perfectprivacy {
+	return &Perfectprivacy{
+		servers:         servers,
+		randSource:      randSource,
+		NoPortForwarder: utils.NewNoPortForwarding(constants.Perfectprivacy),
+	}
+}

internal/provider/provider.go

@@ -20,6 +20,7 @@ import (
 	"github.com/qdm12/gluetun/internal/provider/ivpn"
 	"github.com/qdm12/gluetun/internal/provider/mullvad"
 	"github.com/qdm12/gluetun/internal/provider/nordvpn"
+	"github.com/qdm12/gluetun/internal/provider/perfectprivacy"
 	"github.com/qdm12/gluetun/internal/provider/privado"
 	"github.com/qdm12/gluetun/internal/provider/privateinternetaccess"
 	"github.com/qdm12/gluetun/internal/provider/privatevpn"
@@ -70,6 +71,8 @@ func New(provider string, allServers models.AllServers, timeNow func() time.Time
 		return mullvad.New(allServers.Mullvad.Servers, randSource)
 	case constants.Nordvpn:
 		return nordvpn.New(allServers.Nordvpn.Servers, randSource)
+	case constants.Perfectprivacy:
+		return perfectprivacy.New(allServers.Perfectprivacy.Servers, randSource)
 	case constants.Privado:
 		return privado.New(allServers.Privado.Servers, randSource)
 	case constants.PrivateInternetAccess: