2 GoVPN -- simple secure free software virtual private network daemon
3 Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
28 "github.com/agl/ed25519"
30 "cypherpunks.ru/govpn"
33 // Protocol is a GoVPN supported protocol: either UDP, TCP or both
37 // ProtocolUDP is UDP transport protocol
38 ProtocolUDP Protocol = iota
39 // ProtocolTCP is TCP transport protocol
43 // Configuration holds GoVPN client configuration
44 type Configuration struct {
45 PrivateKey *[ed25519.PrivateKeySize]byte
50 ProxyAuthentication string
59 // Validate returns an error if a configuration is invalid
60 func (c *Configuration) Validate() error {
61 if c.MTU > govpn.MTUMax {
62 return fmt.Errorf("Invalid MTU %d, maximum allowable is %d", c.MTU, govpn.MTUMax)
64 if len(c.RemoteAddress) == 0 {
65 return errors.New("Missing RemoteAddress")
67 if len(c.InterfaceName) == 0 {
68 return errors.New("Missing InterfaceName")
73 func (c *Configuration) isProxy() bool {
74 return len(c.ProxyAddress) > 0
77 // Client is a GoVPN client
79 idsCache *govpn.MACCache
81 knownPeers govpn.KnownPeers
82 statsPort net.Listener
83 timeouted chan struct{}
84 rehandshaking chan struct{}
85 termination chan struct{}
87 termSignal chan os.Signal
90 // Error channel receives any kind of routine errors
94 // MainCycle main loop of a connecting/connected client
95 func (c *Client) MainCycle() {
97 c.tap, err = govpn.TAPListen(c.config.InterfaceName, c.config.MTU)
99 c.Error <- fmt.Errorf("Can not listen on TUN/TAP interface: %s", err.Error())
103 if len(c.config.StatsAddress) > 0 {
104 c.statsPort, err = net.Listen("tcp", c.config.StatsAddress)
106 c.Error <- fmt.Errorf("Can't listen on stats port: %s", err.Error())
109 c.knownPeers = govpn.KnownPeers(make(map[string]**govpn.Peer))
110 go govpn.StatsProcessor(c.statsPort, &c.knownPeers)
115 c.timeouted = make(chan struct{})
116 c.rehandshaking = make(chan struct{})
117 c.termination = make(chan struct{})
118 switch c.config.Protocol {
122 if c.config.isProxy() {
130 govpn.BothPrintf(`[finish remote="%s"]`, c.config.RemoteAddress)
131 c.termination <- struct{}{}
132 // empty value signals that everything is fine
136 if c.config.NoReconnect {
139 govpn.BothPrintf(`[sleep seconds="%d"]`, c.config.Peer.Timeout/time.Second)
140 time.Sleep(c.config.Peer.Timeout)
141 case <-c.rehandshaking:
144 close(c.rehandshaking)
147 if _, err = govpn.ScriptCall(
149 c.config.InterfaceName,
150 c.config.RemoteAddress,
156 // NewClient returns a configured GoVPN client, to trigger connection
157 // MainCycle must be executed.
158 func NewClient(conf Configuration, verifier *govpn.Verifier, termSignal chan os.Signal) *Client {
160 idsCache: govpn.NewMACCache(),
163 termSignal: termSignal,
164 Error: make(chan error, 1),
166 confs := map[govpn.PeerID]*govpn.PeerConf{*verifier.ID: conf.Peer}
167 client.idsCache.Update(&confs)