diff options
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/backend/api.go | 4 | ||||
-rw-r--r-- | pkg/backend/status.go | 3 | ||||
-rw-r--r-- | pkg/backend/webapi.go | 50 | ||||
-rw-r--r-- | pkg/bitmask/bitmask.go | 2 | ||||
-rw-r--r-- | pkg/vpn/openvpn.go | 59 |
5 files changed, 87 insertions, 31 deletions
diff --git a/pkg/backend/api.go b/pkg/backend/api.go index 0db26ae..e96c65b 100644 --- a/pkg/backend/api.go +++ b/pkg/backend/api.go @@ -83,6 +83,10 @@ func UseTransport(label string) { ctx.bm.UseTransport(label) } +func GetTransport() *C.char { + return C.CString(ctx.bm.GetTransport()) +} + func Quit() { if ctx.autostart != nil { ctx.autostart.Disable() diff --git a/pkg/backend/status.go b/pkg/backend/status.go index bdbdd35..1ec5c4f 100644 --- a/pkg/backend/status.go +++ b/pkg/backend/status.go @@ -57,7 +57,8 @@ type connectionCtx struct { func (c *connectionCtx) toJson() ([]byte, error) { statusMutex.Lock() if c.bm != nil { - c.Locations = c.bm.ListLocationFullness("openvpn") + transport := c.bm.GetTransport() + c.Locations = c.bm.ListLocationFullness(transport) c.CurrentGateway = c.bm.GetCurrentGateway() c.CurrentLocation = c.bm.GetCurrentLocation() c.CurrentCountry = c.bm.GetCurrentCountry() diff --git a/pkg/backend/webapi.go b/pkg/backend/webapi.go index 903112e..a14974e 100644 --- a/pkg/backend/webapi.go +++ b/pkg/backend/webapi.go @@ -49,7 +49,7 @@ func webGatewaySet(w http.ResponseWriter, r *http.Request) { fmt.Fprintf(w, "ParseForm() err: %v", err) return } - gwLabel := r.FormValue("gw") + gwLabel := r.FormValue("transport") fmt.Fprintf(w, "selected gateway: %s\n", gwLabel) ctx.bm.UseGateway(gwLabel) // TODO make sure we don't tear the fw down on reconnect... @@ -63,23 +63,48 @@ func webGatewaySet(w http.ResponseWriter, r *http.Request) { } func webGatewayList(w http.ResponseWriter, r *http.Request) { - locationJson, err := json.Marshal(ctx.bm.ListLocationFullness("openvpn")) + transport := ctx.bm.GetTransport() + locationJson, err := json.Marshal(ctx.bm.ListLocationFullness(transport)) if err != nil { fmt.Fprintf(w, "Error converting json: %v", err) } fmt.Fprintf(w, string(locationJson)) } -// TODO func webTransportGet(w http.ResponseWriter, r *http.Request) { + t, err := json.Marshal(ctx.bm.GetTransport()) + if err != nil { + fmt.Fprintf(w, "Error converting json: %v", err) + } + fmt.Fprintf(w, string(t)) + } -// TODO func webTransportSet(w http.ResponseWriter, r *http.Request) { + switch r.Method { + case "POST": + if err := r.ParseForm(); err != nil { + fmt.Fprintf(w, "ParseForm() err: %v", err) + return + } + t := r.FormValue("transport") + if isValidTransport(t) { + fmt.Fprintf(w, "Selected transport: %s\n", t) + go ctx.bm.SetTransport(string(t)) + } else { + fmt.Fprintf(w, "Unknown transport: %s\n", t) + } + default: + fmt.Fprintf(w, "Only POST supported.") + } } -// TODO func webTransportList(w http.ResponseWriter, r *http.Request) { + t, err := json.Marshal([]string{"openvpn", "obfs4"}) + if err != nil { + fmt.Fprintf(w, "Error converting json: %v", err) + } + fmt.Fprintf(w, string(t)) } func webQuit(w http.ResponseWriter, r *http.Request) { @@ -97,10 +122,19 @@ func enableWebAPI(port int) { http.Handle("/vpn/gw/get", CheckAuth(http.HandlerFunc(webGatewayGet), token)) http.Handle("/vpn/gw/set", CheckAuth(http.HandlerFunc(webGatewaySet), token)) http.Handle("/vpn/gw/list", CheckAuth(http.HandlerFunc(webGatewayList), token)) - //http.Handle("/vpn/transport/get", CheckAuth(http.HandlerFunc(webTransportGet), token)) - //http.Handle("/vpn/transport/set", CheckAuth(http.HandlerFunc(webTransportSet), token)) - //http.Handle("/vpn/transport/list", CheckAuth(http.HandlerFunc(webTransportList), token)) + http.Handle("/vpn/transport/get", CheckAuth(http.HandlerFunc(webTransportGet), token)) + http.Handle("/vpn/transport/set", CheckAuth(http.HandlerFunc(webTransportSet), token)) + http.Handle("/vpn/transport/list", CheckAuth(http.HandlerFunc(webTransportList), token)) http.Handle("/vpn/status", CheckAuth(http.HandlerFunc(webStatus), token)) http.Handle("/vpn/quit", CheckAuth(http.HandlerFunc(webQuit), token)) http.ListenAndServe(":"+strconv.Itoa(port), nil) } + +func isValidTransport(t string) bool { + for _, b := range []string{"openvpn", "obfs4"} { + if b == t { + return true + } + } + return false +} diff --git a/pkg/bitmask/bitmask.go b/pkg/bitmask/bitmask.go index 3f484e8..b430808 100644 --- a/pkg/bitmask/bitmask.go +++ b/pkg/bitmask/bitmask.go @@ -30,6 +30,8 @@ type Bitmask interface { ListLocationFullness(protocol string) map[string]float64 UseGateway(name string) UseAutomaticGateway() + GetTransport() string + SetTransport(string) error GetCurrentGateway() string GetCurrentLocation() string GetCurrentCountry() string diff --git a/pkg/vpn/openvpn.go b/pkg/vpn/openvpn.go index 244195b..d69f4e6 100644 --- a/pkg/vpn/openvpn.go +++ b/pkg/vpn/openvpn.go @@ -121,26 +121,8 @@ func (b *Bitmask) listenShapeErr() { func (b *Bitmask) startOpenVPN() error { arg := []string{} - // Empty transport means we get only the openvpn gateways - if b.transport == "" { - arg = b.openvpnArgs - gateways, err := b.bonafide.GetGateways("openvpn") - if err != nil { - return err - } - err = b.launch.firewallStart(gateways) - if err != nil { - return err - } - - for _, gw := range gateways { - for _, port := range gw.Ports { - arg = append(arg, "--remote", gw.IPAddress, port, "tcp4") - } - } - } else { - // For now, obf4 is the only supported Pluggable Transport - gateways, err := b.bonafide.GetGateways(b.transport) + if b.GetTransport() == "obfs4" { + gateways, err := b.bonafide.GetGateways("obfs4") if err != nil { return err } @@ -164,6 +146,22 @@ func (b *Bitmask) startOpenVPN() error { proxyArgs := strings.Split(proxy, ":") arg = append(arg, "--remote", proxyArgs[0], proxyArgs[1], "tcp4") arg = append(arg, "--route", gw.IPAddress, "255.255.255.255", "net_gateway") + } else { + arg = b.openvpnArgs + gateways, err := b.bonafide.GetGateways("openvpn") + if err != nil { + return err + } + err = b.launch.firewallStart(gateways) + if err != nil { + return err + } + + for _, gw := range gateways { + for _, port := range gw.Ports { + arg = append(arg, "--remote", gw.IPAddress, port, "tcp4") + } + } } arg = append(arg, "--verb", "3", @@ -171,8 +169,8 @@ func (b *Bitmask) startOpenVPN() error { "--management", openvpnManagementAddr, openvpnManagementPort, "--ca", b.getTempCaCertPath(), "--cert", b.certPemPath, - "--key", b.certPemPath, - "--persist-tun") + "--key", b.certPemPath) + //"--persist-tun") return b.launch.openvpnStart(arg...) } @@ -330,6 +328,23 @@ func (b *Bitmask) UseTransport(transport string) error { return nil } +func (b *Bitmask) GetTransport() string { + if b.transport == "obfs4" { + return "obfs4" + } else { + return "openvpn" + } +} + +func (b *Bitmask) SetTransport(t string) error { + if t != "openvpn" && t != "obfs4" { + return errors.New("Transport not supported: " + t) + } + log.Println("Setting transport to", t) + b.transport = t + return nil +} + func (b *Bitmask) getTempCertPemPath() string { return path.Join(b.tempdir, "openvpn.pem") } |