encless = flag.Bool("encless", false, "Encryptionless mode")
cpr = flag.Int("cpr", 0, "Enable constant KiB/sec out traffic rate")
egdPath = flag.String("egd", "", "Optional path to EGD socket")
+ syslog = flag.Bool("syslog", false, "Enable logging to syslog")
warranty = flag.Bool("warranty", false, "Print warranty information")
conf *govpn.PeerConf
go govpn.StatsProcessor(statsPort, &knownPeers)
}
+ if *syslog {
+ govpn.SyslogEnable()
+ }
+
termSignal := make(chan os.Signal, 1)
signal.Notify(termSignal, os.Interrupt, os.Kill)
}
select {
case <-termSignal:
- log.Fatalln("Finishing")
+ log.Println("Finishing")
+ govpn.Println("Finishing")
termination <- struct{}{}
break MainCycle
case <-timeouted:
"log"
"net"
"net/http"
+
+ "cypherpunks.ru/govpn"
)
func proxyTCP(timeouted, rehandshaking, termination chan struct{}) {
if err != nil || resp.StatusCode != http.StatusOK {
log.Fatalln("Unexpected response from proxy")
}
- log.Println("Connected to proxy:", *proxyAddr)
+ govpn.Println("Connected to proxy:", *proxyAddr)
go handleTCP(conn, timeouted, rehandshaking, termination)
}
if err != nil {
log.Fatalln("Can not connect to address:", err)
}
- log.Println("Connected to TCP:" + *remoteAddr)
+ govpn.Println("Connected to TCP:" + *remoteAddr)
handleTCP(conn, timeouted, rehandshaking, termination)
}
default:
}
if prev == len(buf) {
- log.Println("Timeouted waiting for the packet")
+ govpn.Println("Timeouted waiting for the packet")
timeouted <- struct{}{}
break HandshakeCycle
}
conn.SetReadDeadline(time.Now().Add(time.Duration(timeout) * time.Second))
n, err = conn.Read(buf[prev:])
if err != nil {
- log.Println("Connection timeouted")
+ govpn.Println("Connection timeouted")
timeouted <- struct{}{}
break HandshakeCycle
}
if peer == nil {
continue
}
- log.Println("Handshake completed")
+ govpn.Println("Handshake completed")
knownPeers = govpn.KnownPeers(map[string]**govpn.Peer{*remoteAddr: &peer})
if firstUpCall {
go govpn.ScriptCall(*upPath, *ifaceName, *remoteAddr)
default:
}
if prev == len(buf) {
- log.Println("Timeouted waiting for the packet")
+ govpn.Println("Timeouted waiting for the packet")
timeouted <- struct{}{}
break TransportCycle
}
conn.SetReadDeadline(time.Now().Add(time.Duration(timeout) * time.Second))
n, err = conn.Read(buf[prev:])
if err != nil {
- log.Println("Connection timeouted")
+ govpn.Println("Connection timeouted")
timeouted <- struct{}{}
break TransportCycle
}
continue
}
if !peer.PktProcess(buf[:i+govpn.NonceSize], tap, false) {
- log.Println("Unauthenticated packet, dropping connection")
+ govpn.Println("Unauthenticated packet, dropping connection")
timeouted <- struct{}{}
break TransportCycle
}
if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey {
- log.Println("Need rehandshake")
+ govpn.Println("Need rehandshake")
rehandshaking <- struct{}{}
break TransportCycle
}
if err != nil {
log.Fatalln("Can not listen on UDP:", err)
}
- log.Println("Connected to UDP:" + *remoteAddr)
+ govpn.Println("Connected to UDP:" + *remoteAddr)
hs := govpn.HandshakeStart(*remoteAddr, conn, conf)
buf := make([]byte, *mtu*2)
conn.SetReadDeadline(time.Now().Add(time.Second))
n, err = conn.Read(buf)
if timeouts == timeout {
- log.Println("Timeouted")
+ govpn.Println("Timeouted")
timeouted <- struct{}{}
break
}
if peer.PktProcess(buf[:n], tap, true) {
timeouts = 0
} else {
- log.Println("Unauthenticated packet")
+ govpn.Println("Unauthenticated packet")
timeouts++
}
if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey {
- log.Println("Need rehandshake")
+ govpn.Println("Need rehandshake")
rehandshaking <- struct{}{}
break MainCycle
}
continue
}
if idsCache.Find(buf[:n]) == nil {
- log.Println("Invalid identity in handshake packet")
+ govpn.Println("Invalid identity in handshake packet")
continue
}
timeouts = 0
if peer == nil {
continue
}
- log.Println("Handshake completed")
+ govpn.Println("Handshake completed")
knownPeers = govpn.KnownPeers(map[string]**govpn.Peer{*remoteAddr: &peer})
if firstUpCall {
go govpn.ScriptCall(*upPath, *ifaceName, *remoteAddr)
import (
"bytes"
- "log"
"sync"
"time"
if confs[*peerId].Up != "" {
result, err := govpn.ScriptCall(confs[*peerId].Up, ifaceName, remoteAddr)
if err != nil {
- log.Println("Script", confs[*peerId].Up, "call failed", err)
+ govpn.Println("Script", confs[*peerId].Up, "call failed", err)
return "", err
}
if ifaceName == "" {
}
}
if ifaceName == "" {
- log.Println("Can not obtain interface name for", *peerId)
+ govpn.Println("Can not obtain interface name for", *peerId)
}
return ifaceName, nil
}
pc.MTU = govpn.MTUDefault
}
if pc.MTU > govpn.MTUMax {
- log.Println("MTU value", pc.MTU, "is too high, overriding to", govpn.MTUMax)
+ govpn.Println("MTU value", pc.MTU, "is too high, overriding to", govpn.MTUMax)
pc.MTU = govpn.MTUMax
}
conf := govpn.PeerConf{
func confRefresh() error {
newConfs, err := confRead()
if err != nil {
- log.Println("Unable to parse peers configuration:", err)
+ govpn.Println("Unable to parse peers configuration:", err)
return err
}
confs = *newConfs
stats = flag.String("stats", "", "Enable stats retrieving on host:port")
proxy = flag.String("proxy", "", "Enable HTTP proxy on host:port")
egdPath = flag.String("egd", "", "Optional path to EGD socket")
+ syslog = flag.Bool("syslog", false, "Enable logging to syslog")
warranty = flag.Bool("warranty", false, "Print warranty information")
)
if *proxy != "" {
go proxyStart()
}
+
+ if *syslog {
+ govpn.SyslogEnable()
+ }
log.Println("Server started")
+ govpn.Println("Server started")
var needsDeletion bool
MainCycle:
select {
case <-termSignal:
log.Println("Terminating")
+ govpn.Println("Terminating")
for _, ps := range peers {
govpn.ScriptCall(
confs[*ps.peer.Id].Down,
hsLock.Lock()
for addr, hs := range handshakes {
if hs.LastPing.Add(timeout).Before(now) {
- log.Println("Deleting handshake state", addr)
+ govpn.Println("Deleting handshake state", addr)
hs.Zero()
delete(handshakes, addr)
}
needsDeletion = ps.peer.LastPing.Add(timeout).Before(now)
ps.peer.BusyR.Unlock()
if needsDeletion {
- log.Println("Deleting peer", ps.peer)
+ govpn.Println("Deleting peer", ps.peer)
delete(peers, addr)
delete(knownPeers, addr)
delete(peersById, *ps.peer.Id)
import (
"log"
"net/http"
+
+ "cypherpunks.ru/govpn"
)
type proxyHandler struct{}
func (p proxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
conn, _, err := w.(http.Hijacker).Hijack()
if err != nil {
- log.Println("Hijacking failed:", err.Error())
+ govpn.Println("Hijacking failed:", err.Error())
return
}
conn.Write([]byte("HTTP/1.0 200 OK\n\n"))
func proxyStart() {
log.Println("HTTP proxy listening on:" + *proxy)
+ govpn.Println("HTTP proxy listening on:" + *proxy)
s := &http.Server{
Addr: *proxy,
Handler: proxyHandler{},
}
log.Println("HTTP proxy result:", s.ListenAndServe())
+ govpn.Println("HTTP proxy result:", s.ListenAndServe())
}
log.Fatalln("Can not listen on TCP:", err)
}
log.Println("Listening on TCP:" + *bindAddr)
+ govpn.Println("Listening on TCP:" + *bindAddr)
go func() {
for {
conn, err := listener.AcceptTCP()
if err != nil {
- log.Println("Error accepting TCP:", err)
+ govpn.Println("Error accepting TCP:", err)
continue
}
go handleTCP(conn)
if hs == nil {
conf = confs[*peerId]
if conf == nil {
- log.Println("Can not get peer configuration:", peerId.String())
+ govpn.Println("Can not get peer configuration:", peerId.String())
break
}
hs = govpn.NewHandshake(addr, conn, conf)
continue
}
hs.Zero()
- log.Println("Peer handshake finished:", addr, peer.Id.String())
+ govpn.Println("Peer handshake finished:", addr, peer.Id.String())
peersByIdLock.RLock()
addrPrev, exists := peersById[*peer.Id]
peersByIdLock.RUnlock()
peersLock.Unlock()
peersByIdLock.Unlock()
kpLock.Unlock()
- log.Println("Rehandshake processed:", peer.Id.String())
+ govpn.Println("Rehandshake processed:", peer.Id.String())
} else {
ifaceName, err := callUp(peer.Id, peer.Addr)
if err != nil {
}
tap, err = govpn.TAPListen(ifaceName, peer.MTU)
if err != nil {
- log.Println("Unable to create TAP:", err)
+ govpn.Println("Unable to create TAP:", err)
peer = nil
break
}
peersLock.Unlock()
peersByIdLock.Unlock()
kpLock.Unlock()
- log.Println("Peer created:", peer.Id.String())
+ govpn.Println("Peer created:", peer.Id.String())
}
break
}
continue
}
if !peer.PktProcess(buf[:i+govpn.NonceSize], tap, false) {
- log.Println(
+ govpn.Println(
"Unauthenticated packet, dropping connection",
addr, peer.Id.String(),
)
log.Fatalln("Can not listen on UDP:", err)
}
log.Println("Listening on UDP:" + *bindAddr)
+ govpn.Println("Listening on UDP:" + *bindAddr)
udpBufs <- make([]byte, govpn.MTUMax)
go func() {
buf = <-udpBufs
n, raddr, err = conn.ReadFromUDP(buf)
if err != nil {
- log.Println("Unexpected error when receiving", err)
+ govpn.Println("Unexpected error when receiving", err)
break
}
addr = raddr.String()
goto Finished
}
- log.Println("Peer handshake finished:", addr, peer.Id.String())
+ govpn.Println("Peer handshake finished:", addr, peer.Id.String())
hs.Zero()
hsLock.Lock()
delete(handshakes, addr)
peersLock.Unlock()
peersByIdLock.Unlock()
kpLock.Unlock()
- log.Println("Rehandshake processed:", peer.Id.String())
+ govpn.Println("Rehandshake processed:", peer.Id.String())
} else {
go func(addr string, peer *govpn.Peer) {
ifaceName, err := callUp(peer.Id, peer.Addr)
}
tap, err := govpn.TAPListen(ifaceName, peer.MTU)
if err != nil {
- log.Println("Unable to create TAP:", err)
+ govpn.Println("Unable to create TAP:", err)
return
}
ps = &PeerState{
peersLock.Unlock()
peersByIdLock.Unlock()
kpLock.Unlock()
- log.Println("Peer created:", peer.Id.String())
+ govpn.Println("Peer created:", peer.Id.String())
}(addr, peer)
}
goto Finished
CheckID:
peerId = idsCache.Find(buf[:n])
if peerId == nil {
- log.Println("Unknown identity from:", addr)
+ govpn.Println("Unknown identity from:", addr)
goto Finished
}
conf = confs[*peerId]
if conf == nil {
- log.Println("Unable to get peer configuration:", peerId.String())
+ govpn.Println("Unable to get peer configuration:", peerId.String())
goto Finished
}
hs = govpn.NewHandshake(
--- /dev/null
+/*
+GoVPN -- simple secure free software virtual private network daemon
+Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package govpn
+
+import (
+ "log"
+ "log/syslog"
+)
+
+var (
+ sysloger *log.Logger
+)
+
+// Enable logging to syslog, instead of default stdout log.
+func SyslogEnable() {
+ var err error
+ sysloger, err = syslog.NewLogger(syslog.LOG_INFO, 0)
+ if err != nil {
+ log.Fatalln(err)
+ }
+}
+
+// Call either syslog-related logger.Println if SyslogEnabled,
+// default log.Println otherwise.
+func Println(v ...interface{}) {
+ if sysloger == nil {
+ log.Println(v...)
+ } else {
+ sysloger.Println(v...)
+ }
+}