VPNSP value custom for OpenVPN custom config files (#621)

- Retro-compatibility: `OPENVPN_CUSTOM_CONFIG` set implies `VPNSP=custom` - Change: `up` and `down` options are not filtered out - Change: `OPENVPN_INTERFACE` overrides the network interface defined in the configuration file - Change: `PORT` overrides any port found in the configuration file - Feat: config file is read when building the OpenVPN configuration, so it's effectively reloaded on VPN restarts - Feat: extract values from custom file at start to log out valid settings - Maint: `internal/openvpn/extract` package instead of `internal/openvpn/custom` package - Maint: All providers' `BuildConf` method return an error - Maint: rename `CustomConfig` to `ConfFile` in Settings structures
2021-09-13 11:30:14 -04:00
parent 11af6c10f1
commit f807f756eb
43 changed files with 328 additions and 296 deletions
--- a/internal/openvpn/custom/custom.go
+++ b/internal/openvpn/custom/custom.go
@@ -1,35 +0,0 @@
-package custom
-
-import (
-	"errors"
-	"fmt"
-
-	"github.com/qdm12/gluetun/internal/configuration"
-	"github.com/qdm12/gluetun/internal/models"
-)
-
-var (
-	ErrReadCustomConfig  = errors.New("cannot read custom configuration file")
-	ErrExtractConnection = errors.New("cannot extract connection from custom configuration file")
-)
-
-func BuildConfig(settings configuration.OpenVPN) (
-	lines []string, connection models.Connection, intf string, err error) {
-	lines, err = readCustomConfigLines(settings.Config)
-	if err != nil {
-		return nil, connection, "", fmt.Errorf("%w: %s", ErrReadCustomConfig, err)
-	}
-
-	connection, intf, err = extractDataFromLines(lines)
-	if err != nil {
-		return nil, connection, "", fmt.Errorf("%w: %s", ErrExtractConnection, err)
-	}
-
-	if intf == "" {
-		intf = settings.Interface
-	}
-
-	lines = modifyCustomConfig(lines, settings, connection, intf)
-
-	return lines, connection, intf, nil
-}
--- a/internal/openvpn/custom/custom_test.go
+++ b/internal/openvpn/custom/custom_test.go
@@ -1,67 +0,0 @@
-package custom
-
-import (
-	"net"
-	"os"
-	"testing"
-
-	"github.com/qdm12/gluetun/internal/configuration"
-	"github.com/qdm12/gluetun/internal/constants"
-	"github.com/qdm12/gluetun/internal/models"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func Test_BuildConfig(t *testing.T) {
-	t.Parallel()
-
-	file, err := os.CreateTemp("", "")
-	require.NoError(t, err)
-	defer removeFile(t, file.Name())
-	defer file.Close()
-
-	_, err = file.WriteString("remote 1.9.8.7\nkeep me\ncipher remove")
-	require.NoError(t, err)
-
-	err = file.Close()
-	require.NoError(t, err)
-
-	settings := configuration.OpenVPN{
-		Cipher:    "cipher",
-		MSSFix:    999,
-		Config:    file.Name(),
-		Interface: "tun0",
-	}
-
-	lines, connection, intf, err := BuildConfig(settings)
-	assert.NoError(t, err)
-
-	expectedLines := []string{
-		"keep me",
-		"proto udp",
-		"remote 1.9.8.7 1194",
-		"dev tun0",
-		"mute-replay-warnings",
-		"auth-nocache",
-		"pull-filter ignore \"auth-token\"",
-		"auth-retry nointeract",
-		"suppress-timestamps",
-		"verb 0",
-		"data-ciphers-fallback cipher",
-		"data-ciphers cipher",
-		"mssfix 999",
-		"pull-filter ignore \"route-ipv6\"",
-		"pull-filter ignore \"ifconfig-ipv6\"",
-		"user ",
-	}
-	assert.Equal(t, expectedLines, lines)
-
-	expectedConnection := models.Connection{
-		IP:       net.IPv4(1, 9, 8, 7),
-		Port:     1194,
-		Protocol: constants.UDP,
-	}
-	assert.Equal(t, expectedConnection, connection)
-
-	assert.Equal(t, "tun0", intf)
-}
--- a/internal/openvpn/custom/modify.go
+++ b/internal/openvpn/custom/modify.go
@@ -1,67 +0,0 @@
-package custom
-
-import (
-	"strconv"
-	"strings"
-
-	"github.com/qdm12/gluetun/internal/configuration"
-	"github.com/qdm12/gluetun/internal/constants"
-	"github.com/qdm12/gluetun/internal/models"
-	"github.com/qdm12/gluetun/internal/provider/utils"
-)
-
-func modifyCustomConfig(lines []string, settings configuration.OpenVPN,
-	connection models.Connection, intf string) (modified []string) {
-	// Remove some lines
-	for _, line := range lines {
-		switch {
-		case strings.HasPrefix(line, "up "),
-			strings.HasPrefix(line, "down "),
-			strings.HasPrefix(line, "verb "),
-			strings.HasPrefix(line, "auth-user-pass "),
-			strings.HasPrefix(line, "user "),
-			strings.HasPrefix(line, "proto "),
-			strings.HasPrefix(line, "remote "),
-			strings.HasPrefix(line, "dev "),
-			settings.Cipher != "" && strings.HasPrefix(line, "cipher "),
-			settings.Cipher != "" && strings.HasPrefix(line, "data-ciphers "),
-			settings.Auth != "" && strings.HasPrefix(line, "auth "),
-			settings.MSSFix > 0 && strings.HasPrefix(line, "mssfix "),
-			!settings.IPv6 && strings.HasPrefix(line, "tun-ipv6"):
-		default:
-			modified = append(modified, line)
-		}
-	}
-
-	// Add values
-	modified = append(modified, connection.OpenVPNProtoLine())
-	modified = append(modified, connection.OpenVPNRemoteLine())
-	modified = append(modified, "dev "+intf)
-	modified = append(modified, "mute-replay-warnings")
-	modified = append(modified, "auth-nocache")
-	modified = append(modified, "pull-filter ignore \"auth-token\"") // prevent auth failed loop
-	modified = append(modified, "auth-retry nointeract")
-	modified = append(modified, "suppress-timestamps")
-	if settings.User != "" {
-		modified = append(modified, "auth-user-pass "+constants.OpenVPNAuthConf)
-	}
-	modified = append(modified, "verb "+strconv.Itoa(settings.Verbosity))
-	if settings.Cipher != "" {
-		modified = append(modified, utils.CipherLines(settings.Cipher, settings.Version)...)
-	}
-	if settings.Auth != "" {
-		modified = append(modified, "auth "+settings.Auth)
-	}
-	if settings.MSSFix > 0 {
-		modified = append(modified, "mssfix "+strconv.Itoa(int(settings.MSSFix)))
-	}
-	if !settings.IPv6 {
-		modified = append(modified, `pull-filter ignore "route-ipv6"`)
-		modified = append(modified, `pull-filter ignore "ifconfig-ipv6"`)
-	}
-	if !settings.Root {
-		modified = append(modified, "user "+settings.ProcUser)
-	}
-
-	return modified
-}
--- a/internal/openvpn/custom/modify_test.go
+++ b/internal/openvpn/custom/modify_test.go
@@ -1,80 +0,0 @@
-package custom
-
-import (
-	"net"
-	"testing"
-
-	"github.com/qdm12/gluetun/internal/configuration"
-	"github.com/qdm12/gluetun/internal/constants"
-	"github.com/qdm12/gluetun/internal/models"
-	"github.com/stretchr/testify/assert"
-)
-
-func Test_modifyCustomConfig(t *testing.T) {
-	t.Parallel()
-
-	testCases := map[string]struct {
-		lines      []string
-		settings   configuration.OpenVPN
-		connection models.Connection
-		intf       string
-		modified   []string
-	}{
-		"mixed": {
-			lines: []string{
-				"up bla",
-				"proto tcp",
-				"remote 5.5.5.5",
-				"cipher bla",
-				"tun-ipv6",
-				"keep me here",
-				"auth bla",
-			},
-			settings: configuration.OpenVPN{
-				User:     "user",
-				Cipher:   "cipher",
-				Auth:     "auth",
-				MSSFix:   1000,
-				ProcUser: "procuser",
-			},
-			connection: models.Connection{
-				IP:       net.IPv4(1, 2, 3, 4),
-				Port:     1194,
-				Protocol: constants.UDP,
-			},
-			intf: "tun3",
-			modified: []string{
-				"keep me here",
-				"proto udp",
-				"remote 1.2.3.4 1194",
-				"dev tun3",
-				"mute-replay-warnings",
-				"auth-nocache",
-				"pull-filter ignore \"auth-token\"",
-				"auth-retry nointeract",
-				"suppress-timestamps",
-				"auth-user-pass /etc/openvpn/auth.conf",
-				"verb 0",
-				"data-ciphers-fallback cipher",
-				"data-ciphers cipher",
-				"auth auth",
-				"mssfix 1000",
-				"pull-filter ignore \"route-ipv6\"",
-				"pull-filter ignore \"ifconfig-ipv6\"",
-				"user procuser",
-			},
-		},
-	}
-
-	for name, testCase := range testCases {
-		testCase := testCase
-		t.Run(name, func(t *testing.T) {
-			t.Parallel()
-
-			modified := modifyCustomConfig(testCase.lines,
-				testCase.settings, testCase.connection, testCase.intf)
-
-			assert.Equal(t, testCase.modified, modified)
-		})
-	}
-}
--- a/internal/openvpn/extract/data.go
+++ b/internal/openvpn/extract/data.go
@@ -0,0 +1,29 @@
+package extract
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/qdm12/gluetun/internal/models"
+)
+
+var (
+	ErrRead              = errors.New("cannot read file")
+	ErrExtractConnection = errors.New("cannot extract connection from file")
+)
+
+// Data extracts the lines and connection from the OpenVPN configuration file.
+func (e *Extractor) Data(filepath string) (lines []string,
+	connection models.Connection, err error) {
+	lines, err = readCustomConfigLines(filepath)
+	if err != nil {
+		return nil, connection, fmt.Errorf("%w: %s", ErrRead, err)
+	}
+
+	connection, err = extractDataFromLines(lines)
+	if err != nil {
+		return nil, connection, fmt.Errorf("%w: %s", ErrExtractConnection, err)
+	}
+
+	return lines, connection, nil
+}
--- a/internal/openvpn/extract/extract.go
+++ b/internal/openvpn/extract/extract.go
@@ -1,4 +1,4 @@
-package custom
+package extract

 import (
 	"errors"
@@ -16,23 +16,22 @@ var (
 )

 func extractDataFromLines(lines []string) (
-	connection models.Connection, intf string, err error) {
+	connection models.Connection, err error) {
 	for i, line := range lines {
-		ip, port, protocol, intfFound, err := extractDataFromLine(line)
+		ip, port, protocol, err := extractDataFromLine(line)
 		if err != nil {
-			return connection, "", fmt.Errorf("on line %d: %w", i+1, err)
+			return connection, fmt.Errorf("on line %d: %w", i+1, err)
 		}

-		intf = intfFound
 		connection.UpdateEmptyWith(ip, port, protocol)

-		if connection.Protocol != "" && connection.IP != nil && intf != "" {
+		if connection.Protocol != "" && connection.IP != nil {
 			break
 		}
 	}

 	if connection.IP == nil {
-		return connection, "", errRemoteLineNotFound
+		return connection, errRemoteLineNotFound
 	}

 	if connection.Protocol == "" {
@@ -46,41 +45,33 @@ func extractDataFromLines(lines []string) (
 		}
 	}

-	return connection, intf, nil
+	return connection, nil
 }

 var (
 	errExtractProto  = errors.New("failed extracting protocol from proto line")
 	errExtractRemote = errors.New("failed extracting from remote line")
-	errExtractDev    = errors.New("failed extracting network interface from dev line")
 )

 func extractDataFromLine(line string) (
-	ip net.IP, port uint16, protocol, intf string, err error) {
+	ip net.IP, port uint16, protocol string, err error) {
 	switch {
 	case strings.HasPrefix(line, "proto "):
 		protocol, err = extractProto(line)
 		if err != nil {
-			return nil, 0, "", "", fmt.Errorf("%w: %s", errExtractProto, err)
+			return nil, 0, "", fmt.Errorf("%w: %s", errExtractProto, err)
 		}
-		return nil, 0, protocol, "", nil
+		return nil, 0, protocol, nil

 	case strings.HasPrefix(line, "remote "):
 		ip, port, protocol, err = extractRemote(line)
 		if err != nil {
-			return nil, 0, "", "", fmt.Errorf("%w: %s", errExtractRemote, err)
+			return nil, 0, "", fmt.Errorf("%w: %s", errExtractRemote, err)
 		}
-		return ip, port, protocol, "", nil
-
-	case strings.HasPrefix(line, "dev "):
-		intf, err = extractInterfaceFromLine(line)
-		if err != nil {
-			return nil, 0, "", "", fmt.Errorf("%w: %s", errExtractDev, err)
-		}
-		return nil, 0, "", intf, nil
+		return ip, port, protocol, nil
 	}

-	return nil, 0, "", "", nil
+	return nil, 0, "", nil
 }

 var (
@@ -147,16 +138,3 @@ func extractRemote(line string) (ip net.IP, port uint16,

 	return ip, port, protocol, nil
 }
-
-var (
-	errDevLineFieldsCount = errors.New("dev line has not 2 fields as expected")
-)
-
-func extractInterfaceFromLine(line string) (intf string, err error) {
-	fields := strings.Fields(line)
-	if len(fields) != 2 { //nolint:gomnd
-		return "", fmt.Errorf("%w: %s", errDevLineFieldsCount, line)
-	}
-
-	return fields[1], nil
-}
--- a/internal/openvpn/extract/extract_test.go
+++ b/internal/openvpn/extract/extract_test.go
@@ -1,4 +1,4 @@
-package custom
+package extract

 import (
 	"errors"
@@ -17,7 +17,6 @@ func Test_extractDataFromLines(t *testing.T) {
 	testCases := map[string]struct {
 		lines      []string
 		connection models.Connection
-		intf       string
 		err        error
 	}{
 		"success": {
@@ -27,7 +26,6 @@ func Test_extractDataFromLines(t *testing.T) {
 				Port:     1194,
 				Protocol: constants.TCP,
 			},
-			intf: "tun6",
 		},
 		"extraction error": {
 			lines: []string{"bla bla", "proto bad", "remote 1.2.3.4 1194 tcp"},
@@ -71,7 +69,7 @@ func Test_extractDataFromLines(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()

-			connection, intf, err := extractDataFromLines(testCase.lines)
+			connection, err := extractDataFromLines(testCase.lines)

 			if testCase.err != nil {
 				require.Error(t, err)
@@ -81,7 +79,6 @@ func Test_extractDataFromLines(t *testing.T) {
 			}

 			assert.Equal(t, testCase.connection, connection)
-			assert.Equal(t, testCase.intf, intf)
 		})
 	}
 }
@@ -94,7 +91,6 @@ func Test_extractDataFromLine(t *testing.T) {
 		ip       net.IP
 		port     uint16
 		protocol string
-		intf     string
 		isErr    error
 	}{
 		"irrelevant line": {
@@ -108,14 +104,6 @@ func Test_extractDataFromLine(t *testing.T) {
 			line:     "proto tcp",
 			protocol: constants.TCP,
 		},
-		"extract intf error": {
-			line:  "dev ",
-			isErr: errExtractDev,
-		},
-		"extract intf success": {
-			line: "dev tun3",
-			intf: "tun3",
-		},
 		"extract remote error": {
 			line:  "remote bad",
 			isErr: errExtractRemote,
@@ -133,7 +121,7 @@ func Test_extractDataFromLine(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()

-			ip, port, protocol, intf, err := extractDataFromLine(testCase.line)
+			ip, port, protocol, err := extractDataFromLine(testCase.line)

 			if testCase.isErr != nil {
 				assert.ErrorIs(t, err, testCase.isErr)
@@ -144,7 +132,6 @@ func Test_extractDataFromLine(t *testing.T) {
 			assert.Equal(t, testCase.ip, ip)
 			assert.Equal(t, testCase.port, port)
 			assert.Equal(t, testCase.protocol, protocol)
-			assert.Equal(t, testCase.intf, intf)
 		})
 	}
 }
@@ -273,44 +260,3 @@ func Test_extractRemote(t *testing.T) {
 		})
 	}
 }
-
-func Test_extractInterface(t *testing.T) {
-	t.Parallel()
-
-	testCases := map[string]struct {
-		line string
-		intf string
-		err  error
-	}{
-		"found": {
-			line: "dev tun3",
-			intf: "tun3",
-		},
-		"not enough fields": {
-			line: "dev ",
-			err:  errors.New("dev line has not 2 fields as expected: dev "),
-		},
-		"too many fields": {
-			line: "dev one two",
-			err:  errors.New("dev line has not 2 fields as expected: dev one two"),
-		},
-	}
-
-	for name, testCase := range testCases {
-		testCase := testCase
-		t.Run(name, func(t *testing.T) {
-			t.Parallel()
-
-			intf, err := extractInterfaceFromLine(testCase.line)
-
-			if testCase.err != nil {
-				require.Error(t, err)
-				assert.Equal(t, testCase.err.Error(), err.Error())
-			} else {
-				assert.NoError(t, err)
-			}
-
-			assert.Equal(t, testCase.intf, intf)
-		})
-	}
-}
--- a/internal/openvpn/extract/extractor.go
+++ b/internal/openvpn/extract/extractor.go
@@ -0,0 +1,18 @@
+package extract
+
+import (
+	"github.com/qdm12/gluetun/internal/models"
+)
+
+var _ Interface = (*Extractor)(nil)
+
+type Interface interface {
+	Data(filepath string) (lines []string,
+		connection models.Connection, err error)
+}
+
+type Extractor struct{}
+
+func New() *Extractor {
+	return new(Extractor)
+}
--- a/internal/openvpn/extract/helpers_test.go
+++ b/internal/openvpn/extract/helpers_test.go
@@ -1,4 +1,4 @@
-package custom
+package extract

 import (
 	"os"
--- a/internal/openvpn/extract/read.go
+++ b/internal/openvpn/extract/read.go
@@ -1,4 +1,4 @@
-package custom
+package extract

 import (
 	"io"
--- a/internal/openvpn/extract/read_test.go
+++ b/internal/openvpn/extract/read_test.go
@@ -1,4 +1,4 @@
-package custom
+package extract

 import (
 	"os"