diff options
author | kali kaneko (leap communications) <kali@leap.se> | 2021-05-28 12:26:11 +0200 |
---|---|---|
committer | kali kaneko (leap communications) <kali@leap.se> | 2021-06-01 12:31:48 +0200 |
commit | 1bd2637e3133d895d1e73931f8b3466a5761d9ef (patch) | |
tree | 1bd75f2a91f30d996030a8531fefbb29f7c41831 /pkg/vpn/openvpn.go | |
parent | c6c0209ad45fb7d2e45370ee3a39f2dd437603b0 (diff) |
[feat] expose set transport
webapi mainly for tests, but it's usable too
Diffstat (limited to 'pkg/vpn/openvpn.go')
-rw-r--r-- | pkg/vpn/openvpn.go | 59 |
1 files changed, 37 insertions, 22 deletions
diff --git a/pkg/vpn/openvpn.go b/pkg/vpn/openvpn.go index 244195b..d69f4e6 100644 --- a/pkg/vpn/openvpn.go +++ b/pkg/vpn/openvpn.go @@ -121,26 +121,8 @@ func (b *Bitmask) listenShapeErr() { func (b *Bitmask) startOpenVPN() error { arg := []string{} - // Empty transport means we get only the openvpn gateways - if b.transport == "" { - arg = b.openvpnArgs - gateways, err := b.bonafide.GetGateways("openvpn") - if err != nil { - return err - } - err = b.launch.firewallStart(gateways) - if err != nil { - return err - } - - for _, gw := range gateways { - for _, port := range gw.Ports { - arg = append(arg, "--remote", gw.IPAddress, port, "tcp4") - } - } - } else { - // For now, obf4 is the only supported Pluggable Transport - gateways, err := b.bonafide.GetGateways(b.transport) + if b.GetTransport() == "obfs4" { + gateways, err := b.bonafide.GetGateways("obfs4") if err != nil { return err } @@ -164,6 +146,22 @@ func (b *Bitmask) startOpenVPN() error { proxyArgs := strings.Split(proxy, ":") arg = append(arg, "--remote", proxyArgs[0], proxyArgs[1], "tcp4") arg = append(arg, "--route", gw.IPAddress, "255.255.255.255", "net_gateway") + } else { + arg = b.openvpnArgs + gateways, err := b.bonafide.GetGateways("openvpn") + if err != nil { + return err + } + err = b.launch.firewallStart(gateways) + if err != nil { + return err + } + + for _, gw := range gateways { + for _, port := range gw.Ports { + arg = append(arg, "--remote", gw.IPAddress, port, "tcp4") + } + } } arg = append(arg, "--verb", "3", @@ -171,8 +169,8 @@ func (b *Bitmask) startOpenVPN() error { "--management", openvpnManagementAddr, openvpnManagementPort, "--ca", b.getTempCaCertPath(), "--cert", b.certPemPath, - "--key", b.certPemPath, - "--persist-tun") + "--key", b.certPemPath) + //"--persist-tun") return b.launch.openvpnStart(arg...) } @@ -330,6 +328,23 @@ func (b *Bitmask) UseTransport(transport string) error { return nil } +func (b *Bitmask) GetTransport() string { + if b.transport == "obfs4" { + return "obfs4" + } else { + return "openvpn" + } +} + +func (b *Bitmask) SetTransport(t string) error { + if t != "openvpn" && t != "obfs4" { + return errors.New("Transport not supported: " + t) + } + log.Println("Setting transport to", t) + b.transport = t + return nil +} + func (b *Bitmask) getTempCertPemPath() string { return path.Join(b.tempdir, "openvpn.pem") } |