summaryrefslogtreecommitdiff
path: root/pkg/vpn
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/vpn')
-rw-r--r--pkg/vpn/bonafide/auth_sip.go1
-rw-r--r--pkg/vpn/bonafide/bonafide.go19
-rw-r--r--pkg/vpn/bonafide/eip_service.go13
-rw-r--r--pkg/vpn/openvpn.go2
4 files changed, 29 insertions, 6 deletions
diff --git a/pkg/vpn/bonafide/auth_sip.go b/pkg/vpn/bonafide/auth_sip.go
index e00252f..0c8ee4f 100644
--- a/pkg/vpn/bonafide/auth_sip.go
+++ b/pkg/vpn/bonafide/auth_sip.go
@@ -40,7 +40,6 @@ func (a *sipAuthentication) needsCredentials() bool {
func (a *sipAuthentication) getToken(user, password string) ([]byte, error) {
/* TODO refresh session token periodically */
if hasRecentToken() {
- log.Println("Got cached token")
return readToken()
}
credJSON, err := formatCredentials(user, password)
diff --git a/pkg/vpn/bonafide/bonafide.go b/pkg/vpn/bonafide/bonafide.go
index b81fd84..9963448 100644
--- a/pkg/vpn/bonafide/bonafide.go
+++ b/pkg/vpn/bonafide/bonafide.go
@@ -232,23 +232,36 @@ func (b *Bonafide) GetOpenvpnArgs() ([]string, error) {
}
func (b *Bonafide) fetchGeolocation() ([]string, error) {
+ /* FIXME in float deployments, geolocation is served on gemyip.domain/json, with a LE certificate.
+ So this is a workaround until we streamline that behavior */
resp, err := b.client.Post(config.GeolocationAPI, "", nil)
if err != nil {
- return nil, err
+ client := &http.Client{}
+ _resp, err := client.Post(config.GeolocationAPI, "", nil)
+ if err != nil {
+ log.Println("ERROR: could not fetch geolocation:", fmt.Errorf("%s", err))
+ return nil, err
+ }
+ resp = _resp
}
+
defer resp.Body.Close()
if resp.StatusCode != 200 {
- return nil, fmt.Errorf("get geolocation failed with status: %s", resp.Status)
+ log.Println("ERROR: bad status code while fetching geolocation:", fmt.Errorf("%s", resp.Status))
+ return nil, fmt.Errorf("Get geolocation failed with status: %s", resp.Status)
}
geo := &geoLocation{}
dataJSON, err := ioutil.ReadAll(resp.Body)
err = json.Unmarshal(dataJSON, &geo)
if err != nil {
- _ = fmt.Errorf("get vpn cert has failed with status: %s", resp.Status)
+ log.Println("ERROR: cannot parse geolocation json", fmt.Errorf("%s", err))
+ log.Println(string(dataJSON))
+ _ = fmt.Errorf("bad json")
return nil, err
}
+ log.Println("Got sorted gateways:", geo.SortedGateways)
return geo.SortedGateways, nil
}
diff --git a/pkg/vpn/bonafide/eip_service.go b/pkg/vpn/bonafide/eip_service.go
index ff73da9..49f4bb1 100644
--- a/pkg/vpn/bonafide/eip_service.go
+++ b/pkg/vpn/bonafide/eip_service.go
@@ -214,6 +214,7 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
}
}
}
+
for _, host := range geolocatedGateways {
for _, gw := range eip.Gateways {
if gw.Host == host {
@@ -221,7 +222,17 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
}
}
}
- eip.Gateways = gws
+
+ if len(gws) == 0 {
+ log.Println("ERROR: avoiding to replace eip.Gateways will null list. Is the geolocation service properly configured?")
+ } else {
+ if len(gws) > 2 {
+ eip.Gateways = gws[:3]
+ } else {
+ eip.Gateways = gws
+ }
+ log.Println("Picked best gateways for location:", eip.Gateways)
+ }
}
type gatewayDistance struct {
diff --git a/pkg/vpn/openvpn.go b/pkg/vpn/openvpn.go
index 6055e6a..4997a34 100644
--- a/pkg/vpn/openvpn.go
+++ b/pkg/vpn/openvpn.go
@@ -158,7 +158,7 @@ func (b *Bitmask) getCert() (certPath string, err error) {
certPath = b.getCertPemPath()
if _, err := os.Stat(certPath); os.IsNotExist(err) {
- log.Println("Cert does not exist in ", certPath, "...fetching")
+ log.Println("Fetching certificate to", certPath)
cert, err := b.bonafide.GetPemCertificate()
if err != nil {
return "", err