[submodule "src/github.com/dchest/blake2b"]
path = src/github.com/dchest/blake2b
url = https://github.com/dchest/blake2b.git
+[submodule "src/github.com/go-yaml/yaml"]
+ path = src/github.com/go-yaml/yaml
+ url = https://github.com/go-yaml/yaml.git
статистики} о подключённых клиентах в режиме реального времени в
@url{http://json.org/, JSON} формате.
@item
+Сервер конфигурируется используя @url{http://yaml.org/, YAML} файл.
+@item
Написан на языке @url{https://golang.org/, Go} с простым кодом,
ориентированным на лёгкость чтения и анализа.
@item
@ref{Stats, statistics} information about known connected peers in
@url{http://json.org/, JSON} format.
@item
+Server is configured through the @url{http://yaml.org/, YAML} file.
+@item
Written on @url{https://golang.org/, Go} programming language with
simple code that can be read and reviewed.
@item
Enter passphrase:
Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
-Place the following JSON configuration entry on the server's side:
+Place the following YAML configuration entry on the server's side:
- "Alice": {
- "up": "/path/to/up.sh",
- "iface": "or TAP interface name",
- "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
- }
+ Alice:
+ up: /path/to/up.sh
+ iface: or TAP interface name
+ verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
Verifier was generated with:
govpn-verifier -key /tmp/passphrase
@end verbatim
-@strong{Prepare the server}. Add this entry to @code{peers.json}
+@strong{Prepare the server}. Add this entry to @code{peers.yaml}
configuration file:
@verbatim
-{
- "Alice": {
- "iface": "tap10",
- "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
- }
-}
+Alice:
+ iface: tap10
+ verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
@end verbatim
@strong{Prepare network on GNU/Linux IPv4 server}:
@multitable @columnfractions .40 .20 .40
@headitem Library @tab Platform @tab Licence
-@item @code{golang.org/x/crypto} @tab All @tab BSD 3-Clause
@item @code{github.com/agl/ed25519} @tab All @tab BSD 3-Clause
+@item @code{github.com/bigeagle/water} @tab GNU/Linux @tab BSD 3-Clause
@item @code{github.com/dchest/blake2b} @tab All @tab CC0 1.0
+@item @code{github.com/go-yaml/yaml} @tab All @tab LGPLv3 and MIT
@item @code{github.com/magical/argon2} @tab All @tab BSD 2-Clause
-@item @code{github.com/bigeagle/water} @tab GNU/Linux @tab BSD 3-Clause
+@item @code{golang.org/x/crypto} @tab All @tab BSD 3-Clause
@end multitable
Get @ref{Tarballs, the tarball}, check its
@table @strong
+@item Release 5.1
+@itemize
+@item Server is configured using @url{http://yaml.org/, YAML} file. It
+is very convenient to have comments and templates, comparing to JSON.
+@end itemize
+
@item Release 5.0
@itemize
@item New optional @ref{Encless, encryptionless mode} of operation.
Address (@code{host:port} format) we must bind to.
@item -conf
-Path to JSON file with the configuration.
+Path to YAML file with the configuration.
@item -proxy
Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
@end table
-Configuration file is JSON file with following example structure:
+Configuration file is YAML file with following example structure:
@verbatim
-{
- "stargrave": { <-- Peer human readable name
- "iface": "tap10", <-- OPTIONAL TAP interface name
- "mtu": 1514, <-- OPTIONAL overriden MTU
- "up": "./stargrave-up.sh", <-- OPTIONAL up-script
- "down": "./stargrave-down.sh", <-- OPTIONAL down-script
- "timeout": 60, <-- OPTIONAL overriden timeout
- "noise": true, <-- OPTIONAL noise enabler
- (default: false)
- "cpr": 64, <-- OPTIONAL constant packet
- rate in KiB/sec
- "encless": false, <-- OPTIONAL Encryptionless mode
- "verifier": "$argon2d..." <-- verifier received from client
- },
- [...]
-}
+stargrave: { <-- Peer human readable name
+ iface: tap10 <-- OPTIONAL TAP interface name
+ mtu: 1514 <-- OPTIONAL overriden MTU
+ up: ./stargrave-up.sh <-- OPTIONAL up-script
+ down: ./stargrave-down.sh <-- OPTIONAL down-script
+ timeout: 60 <-- OPTIONAL overriden timeout
+ noise: No <-- OPTIONAL noise enabler
+ cpr: 64 <-- OPTIONAL constant packet rate, KiB/sec
+ encless: No <-- OPTIONAL Encryptionless mode
+ verifier: $argon2d... <-- verifier received from client
+[...]
@end verbatim
At least one of either @code{iface} or @code{up} must be specified. If
[...]
Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
-Place the following JSON configuration entry on the server's side:
+Place the following YAML configuration entry on the server's side:
- "Alice": {
- "up": "/path/to/up.sh",
- "iface": "or TAP interface name",
- "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
- }
-[...]
+ Alice:
+ up: /path/to/up.sh
+ iface: or TAP interface name
+ verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+@end verbatim
+
+Example configuration file:
+@verbatim
+stargrave:
+ iface: tap0
+ verifier: $argon2d$m=4096,t=128,p=1$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY
+slow:
+ iface: tap1
+ encless: Yes
+ mtu: 9000
+ cpr: 384
+ verifier: $argon2d$m=4096,t=128,p=1$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U
@end verbatim
@item @code{github.com/agl/ed25519} @tab @url{git://git.cypherpunks.ru/ed25519.git}
@item @code{github.com/bigeagle/water} @tab @url{git://git.cypherpunks.ru/water.git}
@item @code{github.com/dchest/blake2b} @tab @url{git://git.cypherpunks.ru/blake2b.git}
+@item @code{github.com/go-yaml/yaml} @tab @url{git://git.cypherpunks.ru/yaml.git}
@item @code{github.com/magical/argon2} @tab @url{git://git.cypherpunks.ru/argon2.git}
@item @code{golang.org/x/crypto} @tab @url{git://git.cypherpunks.ru/crypto.git}
@end multitable
--- /dev/null
+Subproject commit f7716cbe52baa25d2e9b0d0da546fcf909fc16b4
package main
import (
- "encoding/json"
"errors"
"io/ioutil"
"log"
"time"
+ "github.com/go-yaml/yaml"
+
"govpn"
)
return nil, err
}
confsRaw := new(map[string]govpn.PeerConf)
- err = json.Unmarshal(data, confsRaw)
+ err = yaml.Unmarshal(data, confsRaw)
if err != nil {
return nil, err
}
var (
bindAddr = flag.String("bind", "[::]:1194", "Bind to address")
proto = flag.String("proto", "udp", "Protocol to use: udp, tcp or all")
- confPath = flag.String("conf", "peers.json", "Path to configuration JSON")
+ confPath = flag.String("conf", "peers.yaml", "Path to configuration YAML")
stats = flag.String("stats", "", "Enable stats retrieving on host:port")
proxy = flag.String("proxy", "", "Enable HTTP proxy on host:port")
egdPath = flag.String("egd", "", "Optional path to EGD socket")
)
type PeerConf struct {
- Id *PeerId `json:"-"`
- Name string `json:"name"`
- Iface string `json:"iface"`
- MTU int `json:"mtu"`
- Up string `json:"up"`
- Down string `json:"down"`
- TimeoutInt int `json:"timeout"`
- Timeout time.Duration `json:"-"`
- Noise bool `json:"noise"`
- CPR int `json:"cpr"`
- Encless bool `json:"encless"`
- VerifierRaw string `json:"verifier"`
+ Id *PeerId `yaml:"-"`
+ Name string `yaml:"name"`
+ Iface string `yaml:"iface"`
+ MTU int `yaml:"mtu"`
+ Up string `yaml:"up"`
+ Down string `yaml:"down"`
+ TimeoutInt int `yaml:"timeout"`
+ Timeout time.Duration `yaml:"-"`
+ Noise bool `yaml:"noise"`
+ CPR int `yaml:"cpr"`
+ Encless bool `yaml:"encless"`
+ VerifierRaw string `yaml:"verifier"`
// This is passphrase verifier
- Verifier *Verifier
+ Verifier *Verifier `yaml:"-"`
// This field exists only on client's side
- DSAPriv *[ed25519.PrivateKeySize]byte `json:"-"`
+ DSAPriv *[ed25519.PrivateKeySize]byte `yaml:"-"`
}
[ -n "$release" ]
git clone . $tmp/govpn-$release
-for repo in src/github.com/bigeagle/water src/github.com/agl/ed25519 src/github.com/magical/argon2 src/github.com/dchest/blake2b src/golang.org/x/crypto; do
+repos="
+ src/github.com/bigeagle/water
+ src/github.com/agl/ed25519
+ src/github.com/magical/argon2
+ src/github.com/dchest/blake2b
+ src/golang.org/x/crypto
+ src/github.com/go-yaml/yaml
+"
+for repo in $repos; do
git clone $repo $tmp/govpn-$release/$repo
done
cd $tmp/govpn-$release
cat <<EOF
Example script for creating new user peer for GoVPN.
It asks for passphrase, generates verifier and shows you example
-JSON entry for server configuration.
+YAML entry for server configuration.
Usage: $0 <username>
EOF
cat <<EOF
Your client verifier is: $verifierC
-Place the following JSON configuration entry on the server's side:
+Place the following YAML configuration entry on the server's side:
- "$username": {
- "up": "/path/to/up.sh",
- "iface": "or TAP interface name",
- "verifier": "$verifierS"
- }
+ $username:
+ up: /path/to/up.sh
+ iface: or TAP interface name
+ verifier: $verifierS
Verifier was generated with: