summaryrefslogtreecommitdiff
path: root/pkg/vpn/bonafide
diff options
context:
space:
mode:
authorkali kaneko (leap communications) <kali@leap.se>2020-08-19 17:40:36 +0200
committerkali kaneko (leap communications) <kali@leap.se>2020-08-20 20:27:47 +0200
commit709220836e10f559a11c2b70177f6d58d9b7a0a1 (patch)
tree17edf8c6d0d20e133f5dcb2747ea4dc35533a4ea /pkg/vpn/bonafide
parentb9cae0b715ce34cfb0b7f85f023c31ef8ddd54d3 (diff)
[debug] improve error handling for geolocation
Diffstat (limited to 'pkg/vpn/bonafide')
-rw-r--r--pkg/vpn/bonafide/auth_sip.go1
-rw-r--r--pkg/vpn/bonafide/bonafide.go19
-rw-r--r--pkg/vpn/bonafide/eip_service.go13
3 files changed, 28 insertions, 5 deletions
diff --git a/pkg/vpn/bonafide/auth_sip.go b/pkg/vpn/bonafide/auth_sip.go
index e00252f..0c8ee4f 100644
--- a/pkg/vpn/bonafide/auth_sip.go
+++ b/pkg/vpn/bonafide/auth_sip.go
@@ -40,7 +40,6 @@ func (a *sipAuthentication) needsCredentials() bool {
func (a *sipAuthentication) getToken(user, password string) ([]byte, error) {
/* TODO refresh session token periodically */
if hasRecentToken() {
- log.Println("Got cached token")
return readToken()
}
credJSON, err := formatCredentials(user, password)
diff --git a/pkg/vpn/bonafide/bonafide.go b/pkg/vpn/bonafide/bonafide.go
index b81fd84..9963448 100644
--- a/pkg/vpn/bonafide/bonafide.go
+++ b/pkg/vpn/bonafide/bonafide.go
@@ -232,23 +232,36 @@ func (b *Bonafide) GetOpenvpnArgs() ([]string, error) {
}
func (b *Bonafide) fetchGeolocation() ([]string, error) {
+ /* FIXME in float deployments, geolocation is served on gemyip.domain/json, with a LE certificate.
+ So this is a workaround until we streamline that behavior */
resp, err := b.client.Post(config.GeolocationAPI, "", nil)
if err != nil {
- return nil, err
+ client := &http.Client{}
+ _resp, err := client.Post(config.GeolocationAPI, "", nil)
+ if err != nil {
+ log.Println("ERROR: could not fetch geolocation:", fmt.Errorf("%s", err))
+ return nil, err
+ }
+ resp = _resp
}
+
defer resp.Body.Close()
if resp.StatusCode != 200 {
- return nil, fmt.Errorf("get geolocation failed with status: %s", resp.Status)
+ log.Println("ERROR: bad status code while fetching geolocation:", fmt.Errorf("%s", resp.Status))
+ return nil, fmt.Errorf("Get geolocation failed with status: %s", resp.Status)
}
geo := &geoLocation{}
dataJSON, err := ioutil.ReadAll(resp.Body)
err = json.Unmarshal(dataJSON, &geo)
if err != nil {
- _ = fmt.Errorf("get vpn cert has failed with status: %s", resp.Status)
+ log.Println("ERROR: cannot parse geolocation json", fmt.Errorf("%s", err))
+ log.Println(string(dataJSON))
+ _ = fmt.Errorf("bad json")
return nil, err
}
+ log.Println("Got sorted gateways:", geo.SortedGateways)
return geo.SortedGateways, nil
}
diff --git a/pkg/vpn/bonafide/eip_service.go b/pkg/vpn/bonafide/eip_service.go
index ff73da9..49f4bb1 100644
--- a/pkg/vpn/bonafide/eip_service.go
+++ b/pkg/vpn/bonafide/eip_service.go
@@ -214,6 +214,7 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
}
}
}
+
for _, host := range geolocatedGateways {
for _, gw := range eip.Gateways {
if gw.Host == host {
@@ -221,7 +222,17 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
}
}
}
- eip.Gateways = gws
+
+ if len(gws) == 0 {
+ log.Println("ERROR: avoiding to replace eip.Gateways will null list. Is the geolocation service properly configured?")
+ } else {
+ if len(gws) > 2 {
+ eip.Gateways = gws[:3]
+ } else {
+ eip.Gateways = gws
+ }
+ log.Println("Picked best gateways for location:", eip.Gateways)
+ }
}
type gatewayDistance struct {