along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-// Simple secure free software virtual private network daemon.
+// Simple secure free software virtual private network daemon client.
package main
import (
"net"
"os"
"os/signal"
+ "time"
"govpn"
)
remoteAddr = flag.String("remote", "", "Remote server address")
ifaceName = flag.String("iface", "tap0", "TAP network interface")
IDRaw = flag.String("id", "", "Client identification")
- keyPath = flag.String("key", "", "Path to authentication key file")
+ keyPath = flag.String("key", "", "Path to passphrase file")
upPath = flag.String("up", "", "Path to up-script")
downPath = flag.String("down", "", "Path to down-script")
stats = flag.String("stats", "", "Enable stats retrieving on host:port")
- mtu = flag.Int("mtu", 1500, "MTU")
+ mtu = flag.Int("mtu", 1452, "MTU for outgoing packets")
nonceDiff = flag.Int("noncediff", 1, "Allow nonce difference")
timeoutP = flag.Int("timeout", 60, "Timeout seconds")
+ noisy = flag.Bool("noise", false, "Enable noise appending")
+ cpr = flag.Int("cpr", 0, "Enable constant KiB/sec out traffic rate")
)
func main() {
log.SetFlags(log.Ldate | log.Lmicroseconds | log.Lshortfile)
govpn.MTU = *mtu
- govpn.Timeout = timeout
- govpn.Noncediff = *nonceDiff
id := govpn.IDDecode(*IDRaw)
- govpn.PeersInitDummy(id)
- key := govpn.KeyRead(*keyPath)
if id == nil {
panic("ID is not specified")
}
+ pub, priv := govpn.NewVerifier(id, govpn.StringFromFile(*keyPath))
+ conf := &govpn.PeerConf{
+ Id: id,
+ Timeout: time.Second * time.Duration(timeout),
+ Noncediff: *nonceDiff,
+ NoiseEnable: *noisy,
+ CPR: *cpr,
+ DSAPub: pub,
+ DSAPriv: priv,
+ }
+ govpn.PeersInitDummy(id, conf)
+
bind, err := net.ResolveUDPAddr("udp", "0.0.0.0:0")
if err != nil {
panic(err)
panic(err)
}
- tap, ethSink, ethReady, _, err := govpn.TAPListen(*ifaceName)
+ tap, ethSink, ethReady, _, err := govpn.TAPListen(
+ *ifaceName,
+ time.Second*time.Duration(timeout),
+ *cpr,
+ )
if err != nil {
panic(err)
}
knownPeers := govpn.KnownPeers(map[string]**govpn.Peer{remote.String(): &peer})
log.Println(govpn.VersionGet())
+ log.Println("Max MTU on TAP interface:", govpn.TAPMaxMTU())
if *stats != "" {
log.Println("Stats are going to listen on", *stats)
statsPort, err := net.Listen("tcp", *stats)
signal.Notify(termSignal, os.Interrupt, os.Kill)
log.Println("Starting handshake")
- handshake := govpn.HandshakeStart(conn, remote, id, key)
+ handshake := govpn.HandshakeStart(conf, conn, remote)
MainCycle:
for {
if peer != nil && (peer.BytesIn+peer.BytesOut) > govpn.MaxBytesPerKey {
peer.Zero()
peer = nil
- handshake = govpn.HandshakeStart(conn, remote, id, key)
+ handshake = govpn.HandshakeStart(conf, conn, remote)
log.Println("Rehandshaking")
}
select {
udpReady <- struct{}{}
continue
}
- if p := handshake.Client(id, conn, key, udpPktData); p != nil {
+ if p := handshake.Client(conn, udpPktData); p != nil {
log.Println("Handshake completed")
if firstUpCall {
go govpn.ScriptCall(*upPath, *ifaceName)