src/cypherpunks.ru/govpn/cmd/govpn-client/main.go

   1 /*
   2 GoVPN -- simple secure free software virtual private network daemon
   3 Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
   4
   5 This program is free software: you can redistribute it and/or modify
   6 it under the terms of the GNU General Public License as published by
   7 the Free Software Foundation, either version 3 of the License, or
   8 (at your option) any later version.
   9
  10 This program is distributed in the hope that it will be useful,
  11 but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 GNU General Public License for more details.
  14
  15 You should have received a copy of the GNU General Public License
  16 along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17 */
  18
  19 // Simple secure, DPI/censorship-resistant free software VPN daemon client.
  20 package main
  21
  22 import (
  23         "flag"
  24         "fmt"
  25         "time"
  26
  27         "github.com/Sirupsen/logrus"
  28
  29         "cypherpunks.ru/govpn"
  30         "cypherpunks.ru/govpn/client"
  31 )
  32
  33 func main() {
  34         var (
  35                 remoteAddr  = flag.String("remote", "", "Remote server address")
  36                 proto       = flag.String("proto", "udp", "Protocol to use: udp or tcp")
  37                 ifaceName   = flag.String("iface", "tap0", "TUN/TAP network interface")
  38                 verifierRaw = flag.String("verifier", "", "Verifier")
  39                 keyPath     = flag.String("key", "", "Path to passphrase file")
  40                 upPath      = flag.String("up", "", "Path to up-script")
  41                 downPath    = flag.String("down", "", "Path to down-script")
  42                 stats       = flag.String("stats", "", "Enable stats retrieving on host:port")
  43                 proxyAddr   = flag.String("proxy", "", "Use HTTP proxy on host:port")
  44                 proxyAuth   = flag.String("proxy-auth", "", "user:password Basic proxy auth")
  45                 mtu         = flag.Int("mtu", govpn.MTUDefault, "MTU of TUN/TAP interface")
  46                 timeoutP    = flag.Int("timeout", 60, "Timeout seconds")
  47                 timeSync    = flag.Int("timesync", 0, "Time synchronization requirement")
  48                 noreconnect = flag.Bool("noreconnect", false, "Disable reconnection after timeout")
  49                 noisy       = flag.Bool("noise", false, "Enable noise appending")
  50                 encless     = flag.Bool("encless", false, "Encryptionless mode")
  51                 cpr         = flag.Int("cpr", 0, "Enable constant KiB/sec out traffic rate")
  52                 egdPath     = flag.String("egd", "", "Optional path to EGD socket")
  53                 syslog      = flag.Bool("syslog", false, "Enable logging to syslog")
  54                 version     = flag.Bool("version", false, "Print version information")
  55                 warranty    = flag.Bool("warranty", false, "Print warranty information")
  56                 logLevel    = flag.String("log_level", "warning", "Log level")
  57                 protocol    govpn.Protocol
  58                 err         error
  59                 fields      = logrus.Fields{"func": "main"}
  60         )
  61
  62         flag.Parse()
  63         if *warranty {
  64                 fmt.Println(govpn.Warranty)
  65                 return
  66         }
  67         if *version {
  68                 fmt.Println(govpn.VersionGet())
  69                 return
  70         }
  71
  72         logger, err := govpn.NewLogger(*logLevel, *syslog)
  73         if err != nil {
  74                 logrus.WithFields(fields).WithError(err).Fatal("Can not initialize logging")
  75         }
  76
  77         if *egdPath != "" {
  78                 logger.WithField("egd_path", *egdPath).WithFields(fields).Debug("Init EGD")
  79                 govpn.EGDInit(*egdPath)
  80         }
  81
  82         if protocol, err = govpn.NewProtocolFromString(*proto); err != nil {
  83                 logger.WithError(
  84                         err,
  85                 ).WithFields(
  86                         fields,
  87                 ).WithField(
  88                         "proto", *proto,
  89                 ).Fatal("Invalid protocol")
  90         }
  91
  92         if *proxyAddr != "" && protocol == govpn.ProtocolUDP {
  93                 logrus.WithFields(fields).WithFields(logrus.Fields{
  94                         "proxy": *proxyAddr,
  95                         "proto": *proto,
  96                 }).Fatal("HTTP proxy is supported only in TCP mode")
  97         }
  98
  99         if *verifierRaw == "" {
 100                 logger.Fatalln("-verifier is required")
 101         }
 102         verifier, err := govpn.VerifierFromString(*verifierRaw)
 103         if err != nil {
 104                 logger.WithError(err).Fatal("Invalid -verifier")
 105         }
 106         key, err := govpn.KeyRead(*keyPath)
 107         if err != nil {
 108                 logger.WithError(err).Fatal("Invalid -key")
 109         }
 110         priv, err := verifier.PasswordApply(key)
 111         if err != nil {
 112                 logger.WithError(err).Fatal("Can not PasswordApply")
 113         }
 114         if *encless {
 115                 if protocol != govpn.ProtocolTCP {
 116                         logger.Fatal("Currently encryptionless mode works only with TCP")
 117                 }
 118                 *noisy = true
 119         }
 120         conf := client.Configuration{
 121                 PrivateKey: priv,
 122                 Peer: &govpn.PeerConf{
 123                         ID:       verifier.ID,
 124                         Iface:    *ifaceName,
 125                         MTU:      *mtu,
 126                         Timeout:  time.Second * time.Duration(*timeoutP),
 127                         TimeSync: *timeSync,
 128                         Noise:    *noisy,
 129                         CPR:      *cpr,
 130                         Encless:  *encless,
 131                         Verifier: verifier,
 132                         DSAPriv:  priv,
 133                         Up:       govpn.RunScriptAction(upPath),
 134                         Down:     govpn.RunScriptAction(downPath),
 135                 },
 136                 Protocol:            protocol,
 137                 ProxyAddress:        *proxyAddr,
 138                 ProxyAuthentication: *proxyAuth,
 139                 RemoteAddress:       *remoteAddr,
 140                 NoReconnect:         *noreconnect,
 141         }
 142         if err = conf.Validate(); err != nil {
 143                 logger.WithError(err).Fatal("Invalid settings")
 144         }
 145
 146         c, err := client.NewClient(conf, logger, govpn.CatchSignalShutdown())
 147         if err != nil {
 148                 logger.WithError(err).Fatal("Can not initialize client")
 149         }
 150
 151         if *stats != "" {
 152                 go govpn.StatsProcessor(*stats, c.KnownPeers())
 153         }
 154
 155         go c.MainCycle()
 156         if err = <-c.Error; err != nil {
 157                 logger.WithError(err).Fatal("Fatal error")
 158         }
 159 }