From 709220836e10f559a11c2b70177f6d58d9b7a0a1 Mon Sep 17 00:00:00 2001
From: "kali kaneko (leap communications)" <kali@leap.se>
Date: Wed, 19 Aug 2020 17:40:36 +0200
Subject: [debug] improve error handling for geolocation

---
 pkg/vpn/bonafide/auth_sip.go    |  1 -
 pkg/vpn/bonafide/bonafide.go    | 19 ++++++++++++++++---
 pkg/vpn/bonafide/eip_service.go | 13 ++++++++++++-
 3 files changed, 28 insertions(+), 5 deletions(-)

(limited to 'pkg/vpn/bonafide')

diff --git a/pkg/vpn/bonafide/auth_sip.go b/pkg/vpn/bonafide/auth_sip.go
index e00252f..0c8ee4f 100644
--- a/pkg/vpn/bonafide/auth_sip.go
+++ b/pkg/vpn/bonafide/auth_sip.go
@@ -40,7 +40,6 @@ func (a *sipAuthentication) needsCredentials() bool {
 func (a *sipAuthentication) getToken(user, password string) ([]byte, error) {
 	/* TODO refresh session token periodically */
 	if hasRecentToken() {
-		log.Println("Got cached token")
 		return readToken()
 	}
 	credJSON, err := formatCredentials(user, password)
diff --git a/pkg/vpn/bonafide/bonafide.go b/pkg/vpn/bonafide/bonafide.go
index b81fd84..9963448 100644
--- a/pkg/vpn/bonafide/bonafide.go
+++ b/pkg/vpn/bonafide/bonafide.go
@@ -232,23 +232,36 @@ func (b *Bonafide) GetOpenvpnArgs() ([]string, error) {
 }
 
 func (b *Bonafide) fetchGeolocation() ([]string, error) {
+	/* FIXME in float deployments, geolocation is served on gemyip.domain/json, with a LE certificate.
+	So this is a workaround until we streamline that behavior */
 	resp, err := b.client.Post(config.GeolocationAPI, "", nil)
 	if err != nil {
-		return nil, err
+		client := &http.Client{}
+		_resp, err := client.Post(config.GeolocationAPI, "", nil)
+		if err != nil {
+			log.Println("ERROR: could not fetch geolocation:", fmt.Errorf("%s", err))
+			return nil, err
+		}
+		resp = _resp
 	}
+
 	defer resp.Body.Close()
 	if resp.StatusCode != 200 {
-		return nil, fmt.Errorf("get geolocation failed with status: %s", resp.Status)
+		log.Println("ERROR: bad status code while fetching geolocation:", fmt.Errorf("%s", resp.Status))
+		return nil, fmt.Errorf("Get geolocation failed with status: %s", resp.Status)
 	}
 
 	geo := &geoLocation{}
 	dataJSON, err := ioutil.ReadAll(resp.Body)
 	err = json.Unmarshal(dataJSON, &geo)
 	if err != nil {
-		_ = fmt.Errorf("get vpn cert has failed with status: %s", resp.Status)
+		log.Println("ERROR: cannot parse geolocation json", fmt.Errorf("%s", err))
+		log.Println(string(dataJSON))
+		_ = fmt.Errorf("bad json")
 		return nil, err
 	}
 
+	log.Println("Got sorted gateways:", geo.SortedGateways)
 	return geo.SortedGateways, nil
 
 }
diff --git a/pkg/vpn/bonafide/eip_service.go b/pkg/vpn/bonafide/eip_service.go
index ff73da9..49f4bb1 100644
--- a/pkg/vpn/bonafide/eip_service.go
+++ b/pkg/vpn/bonafide/eip_service.go
@@ -214,6 +214,7 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
 			}
 		}
 	}
+
 	for _, host := range geolocatedGateways {
 		for _, gw := range eip.Gateways {
 			if gw.Host == host {
@@ -221,7 +222,17 @@ func (eip *eipService) sortGatewaysByGeolocation(geolocatedGateways []string) {
 			}
 		}
 	}
-	eip.Gateways = gws
+
+	if len(gws) == 0 {
+		log.Println("ERROR: avoiding to replace eip.Gateways will null list. Is the geolocation service properly configured?")
+	} else {
+		if len(gws) > 2 {
+			eip.Gateways = gws[:3]
+		} else {
+			eip.Gateways = gws
+		}
+		log.Println("Picked best gateways for location:", eip.Gateways)
+	}
 }
 
 type gatewayDistance struct {
-- 
cgit v1.2.3