path = src/gopkg.in/yaml.v2
url = https://github.com/go-yaml/yaml.git
branch = v2
+[submodule "src/golang.org/x/sys"]
+ path = src/golang.org/x/sys
+ url = https://go.googlesource.com/sys
GoVPN is free software: see the file COPYING for copying conditions.
Home page: http://www.govpn.info/
-also available as Tor hidden service: http://2wir2p7ibeu72jk3.onion/
+Also available as I2P service:
+http://zy2qxyziqzledqqb5vcq5unfxnn2csv6revteliybd7qxb64dpxq.b32.i2p/
Please send questions regarding the use of GoVPN, bug reports and
patches to govpn-devel mailing list:
https://lists.cypherpunks.ru/pipermail/govpn-devel/
Development Git source code repository currently is located here:
-http://git.cypherpunks.ru/cgit.cgi/govpn.git/
+https://git.cypherpunks.ru/cgit.cgi/govpn.git/
For further information please read either doc/govpn.info or doc/govpn.texi.
находятся в файле COPYING.
Домашняя страница: http://www.govpn.info/
-также доступна как скрытый сервис Tor: http://2wir2p7ibeu72jk3.onion/
+Также доступная как I2P сервис:
+http://zy2qxyziqzledqqb5vcq5unfxnn2csv6revteliybd7qxb64dpxq.b32.i2p/
Пожалуйста все вопросы касающиеся использования GoVPN, отчёты об ошибках
и патчи отправляйте в govpn-devel почтовую рассылку:
https://lists.cypherpunks.ru/pipermail/govpn-devel/
Исходный код для разработчика находится в Git репозитории:
-http://git.cypherpunks.ru/cgit.cgi/govpn.git/
+https://git.cypherpunks.ru/cgit.cgi/govpn.git/
-Ð\97а болÑ\8cÑ\88ей инÑ\84оÑ\80маÑ\86ией пожалÑ\83йÑ\81Ñ\82а пÑ\80оÑ\87Ñ\82иÑ\82е или doc/govpn.info или
-doc/govpn.texi.
+Ð\94лÑ\8f дополниÑ\82елÑ\8cной инÑ\84оÑ\80маÑ\86ии пожалÑ\83йÑ\81Ñ\82а Ñ\87иÑ\82айÑ\82е или doc/govpn.info
+или doc/govpn.texi.
* Zhuoyun Wei <wzyboy at wzyboy dot org> for AUR port maintaining and
his documentation related fixes.
* Bruno Clermont <bruno at robotinfra dot com> for finding serious bugs
- and code refactoring
+ and code refactoring.
cp -f utils/newclient.sh $(SHAREDIR)
chmod 755 $(SHAREDIR)/newclient.sh
mkdir -p $(DOCDIR)
- cp -f -L AUTHORS INSTALL NEWS README README.RU THANKS $(DOCDIR)
+ cp -f -L AUTHORS INSTALL NEWS NEWS.RU README README.RU THANKS $(DOCDIR)
chmod 644 $(DOCDIR)/*
install-strip: install
@url{https://www.gnu.org/philosophy/free-sw.ru.html, Свободное программное
обеспечение}, @url{https://www.gnu.org/philosophy/pragmatic.ru.html, копилефт}:
лицензировано под условиями @url{https://www.gnu.org/licenses/gpl-3.0.ru.html,
-GPLv3+}.
+GNU GPLv3+}.
@item
Быстрый сильный @ref{PAKE, аутентифицируемый по парольной фразе}
@item
@url{https://www.gnu.org/philosophy/pragmatic.html, Copylefted}
@url{https://www.gnu.org/philosophy/free-sw.html, free software}:
-licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
+licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3+}.
@item
Fast strong @ref{PAKE, passphrase authenticated} augmented
@url{https://lists.cypherpunks.ru/pipermail/govpn-devel/, govpn-devel}
mailing list. Announcements also go to this mailing list.
-Official website is @url{http://www.govpn.info/}, also available via
-@url{https://www.govpn.info/, HTTPS} and as
-@url{https://www.torproject.org/, Tor} hidden service:
-@url{http://2wir2p7ibeu72jk3.onion/}.
+Official website is @url{http://www.govpn.info/}, also available as
+@url{https://geti2p.net/en/, I2P} service
+@url{http://zy2qxyziqzledqqb5vcq5unfxnn2csv6revteliybd7qxb64dpxq.b32.i2p/}.
@node Tarballs
@section Prepared tarballs
-You can obtain releases source code prepared tarballs from the links below
-(or use @url{https://sourceforge.net/projects/govpn/files/, Sourceforge mirror}).
+You can obtain releases source code prepared tarballs from the links below.
Do not forget to check tarball @ref{Integrity, integrity}.
Tarballs include all necessary required libraries:
@multitable @columnfractions .40 .20 .40
@headitem Library @tab Platform @tab Licence
+@item @code{cypherpunks.ru/balloon} @tab All @tab GNU LGPLv3+
@item @code{github.com/agl/ed25519} @tab All @tab BSD 3-Clause
@item @code{github.com/bigeagle/water} @tab GNU/Linux @tab BSD 3-Clause
@item @code{github.com/go-yaml/yaml} @tab All @tab Apache License 2.0 and MIT
@item @code{golang.org/x/crypto} @tab All @tab BSD 3-Clause
+@item @code{golang.org/x/sys} @tab All @tab BSD 3-Clause
@end multitable
@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
@headitem Version @tab Size @tab Tarball @tab SHA256 checksum
+@item @ref{Release 7.3, 7.3} @tab 289 KiB
+@tab @url{download/govpn-7.3.tar.xz, link} @url{download/govpn-7.3.tar.xz.sig, sign}
+@tab @code{C3A27353 4A448112 09C4CB1D CA26EBFE 56644D5A D51C8216 BA22EC18 150A4EE8}
+
@item @ref{Release 7.2, 7.2} @tab 289 KiB
@tab @url{download/govpn-7.2.tar.xz, link} @url{download/govpn-7.2.tar.xz.sig, sign}
@tab @code{8C787DCD 6FFB718E 850F287E 959FCB45 7880A8A1 1C417BCA 17A86346 AC9BAAEE}
@end multitable
-Also you can try its @ref{Contacts, .onion} version.
+Also you can try its @ref{Contacts, .i2p} version.
@end itemize
GoVPN is written on @url{https://golang.org/, Go} programming language
-and you have to install Go compiler (1.5+ version is highly recommended,
-1.4 is the minimal sufficient): @code{lang/go} port in FreeBSD and
-@code{golang} package in most GNU/Linux distributions. @emph{Make} (BSD
-and GNU ones are fine) is recommended for convenient building.
-@url{https://www.gnu.org/software/texinfo/, Texinfo} (6.1+ version is
-recommended) is used for building documentation. Possibly you also need
-to install TUN/TAP interface utilities (depending on your operating
-system): @command{uml-utilities} package in most GNU/Linux distributions.
+and you have to install Go compiler 1.9+ version: @code{lang/go} port in
+FreeBSD and @code{golang} package in most GNU/Linux distributions.
+@emph{Make} (BSD and GNU ones are fine) is recommended for convenient
+building. @url{https://www.gnu.org/software/texinfo/, Texinfo} (6.1+
+version is recommended) is used for building documentation. Possibly you
+also need to install TUN/TAP interface utilities (depending on your
+operating system): @command{uml-utilities} package in most GNU/Linux
+distributions.
Get @ref{Tarballs, the tarball}, check its
@ref{Integrity, integrity and authenticity} and run @command{make}.
@node Новости
@section Новости
+@node Релиз 7.4
+@subsection Релиз 7.4
+@itemize
+@item Маленький рефакторинг. Минимальная необходимая версия Go 1.9.
+@item Обновлены зависимые криптографические библиотеки.
+@end itemize
+
@node Релиз 7.3
@subsection Релиз 7.3
@itemize
See also this page @ref{Новости, on russian}.
+@node Release 7.4
+@section Release 7.4
+@itemize
+@item Tiny refactoring. Go 1.9 is minimal required version.
+@item Dependant cryptographic libraries are updated.
+@end itemize
+
@node Release 7.3
@section Release 7.3
@itemize
to use @ref{Tarballs, tarballs} instead.
You can obtain it by cloning @url{http://git-scm.com/, Git}
-@url{http://git.cypherpunks.ru/cgit.cgi/govpn.git/log/, repository}
+@url{https://git.cypherpunks.ru/cgit.cgi/govpn.git/log/, repository}
and fetching dependent libraries source code as git submodules:
@verbatim
@multitable @columnfractions .50 .50
@headitem Software/library @tab Mirror
-@item @code{cypherpunks.ru/govpn} @tab @url{https://github.com/stargrave/govpn.git}
@item @code{github.com/agl/ed25519} @tab @url{git://git.cypherpunks.ru/ed25519.git}
@item @code{github.com/bigeagle/water} @tab @url{git://git.cypherpunks.ru/water.git}
@item @code{github.com/go-yaml/yaml} @tab @url{git://git.cypherpunks.ru/yaml.git}
# $FreeBSD$
PORTNAME= govpn
-PORTVERSION= 7.3
+PORTVERSION= 7.4
CATEGORIES= security
-MASTER_SITES= http://www.govpn.info/download/ \
- http://sourceforge.net/projects/govpn/files/
+MASTER_SITES= http://www.govpn.info/download/
MAINTAINER= stargrave@stargrave.org
COMMENT= Simple secure, DPI-resistant VPN daemon
USES= tar:xz
MAKEFILE= BSDmakefile
-PORTDOCS= AUTHORS INSTALL NEWS README THANKS README.RU
+PORTDOCS= AUTHORS INSTALL NEWS NEWS.RU README README.RU THANKS
INFO= govpn
INSTALL_TARGET= install-strip
-Subproject commit 9e7f63092012aa91a6690d93f00f5bc476e4d3b5
+Subproject commit 3cd3006ad829a0afc7ca3d964ff333ef068464bd
"fmt"
"net"
"os"
+ "sync"
"time"
"github.com/agl/ed25519"
type Client struct {
idsCache *govpn.MACCache
tap *govpn.TAP
- knownPeers govpn.KnownPeers
+ knownPeers sync.Map
statsPort net.Listener
timeouted chan struct{}
rehandshaking chan struct{}
c.Error <- fmt.Errorf("Can't listen on stats port: %s", err.Error())
return
}
- c.knownPeers = govpn.KnownPeers(make(map[string]**govpn.Peer))
go govpn.StatsProcessor(c.statsPort, &c.knownPeers)
}
continue
}
govpn.Printf(`[handshake-completed remote="%s"]`, c.config.RemoteAddress)
- c.knownPeers = govpn.KnownPeers(map[string]**govpn.Peer{c.config.RemoteAddress: &peer})
+ c.knownPeers.Store(c.config.RemoteAddress, &peer)
if c.firstUpCall {
go govpn.ScriptCall(c.config.UpPath, c.config.InterfaceName, c.config.RemoteAddress)
c.firstUpCall = false
continue
}
govpn.Printf(`[handshake-completed remote="%s"]`, c.config.RemoteAddress)
- c.knownPeers = govpn.KnownPeers(map[string]**govpn.Peer{c.config.RemoteAddress: &peer})
+ c.knownPeers.Store(c.config.RemoteAddress, &peer)
if c.firstUpCall {
go govpn.ScriptCall(c.config.UpPath, c.config.InterfaceName, c.config.RemoteAddress)
c.firstUpCall = false
}
var (
- handshakes map[string]*govpn.Handshake = make(map[string]*govpn.Handshake)
- hsLock sync.RWMutex
-
- peers = make(map[string]*PeerState)
- peersLock sync.RWMutex
-
- peersByID = make(map[govpn.PeerID]string)
- peersByIDLock sync.RWMutex
-
- knownPeers govpn.KnownPeers
- kpLock sync.RWMutex
+ handshakes sync.Map
+ peers sync.Map
+ peersByID sync.Map
+ knownPeers sync.Map
)
func callUp(peerID *govpn.PeerID, remoteAddr string) (string, error) {
log.Println(govpn.VersionGet())
confInit()
- knownPeers = govpn.KnownPeers(make(map[string]**govpn.Peer))
if *egdPath != "" {
log.Println("Using", *egdPath, "EGD")
select {
case <-termSignal:
govpn.BothPrintf(`[terminating bind="%s"]`, *bindAddr)
- for _, ps := range peers {
+ peers.Range(func(_, psI interface{}) bool {
+ ps := psI.(*PeerState)
govpn.ScriptCall(
confs[*ps.peer.ID].Down,
ps.tap.Name,
ps.peer.Addr,
)
- }
+ return true
+ })
break MainCycle
case <-hsHeartbeat:
now := time.Now()
- hsLock.Lock()
- for addr, hs := range handshakes {
+
+ handshakes.Range(func(addrI, hsI interface{}) bool {
+ addr := addrI.(string)
+ hs := hsI.(*govpn.Handshake)
if hs.LastPing.Add(timeout).Before(now) {
govpn.Printf(`[handshake-delete bind="%s" addr="%s"]`, *bindAddr, addr)
hs.Zero()
- delete(handshakes, addr)
+ handshakes.Delete(addr)
}
- }
- peersLock.Lock()
- peersByIDLock.Lock()
- kpLock.Lock()
- for addr, ps := range peers {
+ return true
+ })
+
+ peers.Range(func(addrI, psI interface{}) bool {
+ addr := addrI.(string)
+ ps := psI.(*PeerState)
ps.peer.BusyR.Lock()
needsDeletion = ps.peer.LastPing.Add(timeout).Before(now)
ps.peer.BusyR.Unlock()
*bindAddr,
ps.peer.ID.String(),
)
- delete(peers, addr)
- delete(knownPeers, addr)
- delete(peersByID, *ps.peer.ID)
+ peers.Delete(addr)
+ knownPeers.Delete(addr)
+ peersByID.Delete(*ps.peer.ID)
go govpn.ScriptCall(
confs[*ps.peer.ID].Down,
ps.tap.Name,
)
ps.terminator <- struct{}{}
}
- }
- hsLock.Unlock()
- peersLock.Unlock()
- peersByIDLock.Unlock()
- kpLock.Unlock()
+ return true
+ })
}
}
}
var peer *govpn.Peer
var tap *govpn.TAP
var conf *govpn.PeerConf
+ var addrPrev string
+ var peerPrevI interface{}
+ var peerPrev *PeerState
for {
if prev == len(buf) {
break
`[handshake-completed bind="%s" addr="%s" peer="%s"]`,
*bindAddr, addr, peerID.String(),
)
- peersByIDLock.RLock()
- addrPrev, exists := peersByID[*peer.ID]
- peersByIDLock.RUnlock()
- var peerPrev *PeerState
+ addrPrevI, exists := peersByID.Load(*peer.ID)
if exists {
- peersLock.Lock()
- peerPrev = peers[addrPrev]
- if peerPrev == nil {
- exists = false
- peersLock.Unlock()
+ addrPrev = addrPrevI.(string)
+ peerPrevI, exists = peers.Load(addrPrev)
+ if exists {
+ peerPrev = peerPrevI.(*PeerState)
+ exists = peerPrev == nil
}
}
if exists {
terminator: make(chan struct{}),
}
go govpn.PeerTapProcessor(ps.peer, ps.tap, ps.terminator)
- peersByIDLock.Lock()
- kpLock.Lock()
- delete(peers, addrPrev)
- delete(knownPeers, addrPrev)
- peers[addr] = ps
- knownPeers[addr] = &peer
- peersByID[*peer.ID] = addr
- peersLock.Unlock()
- peersByIDLock.Unlock()
- kpLock.Unlock()
+ peers.Delete(addrPrev)
+ peers.Store(addr, ps)
+ knownPeers.Delete(addrPrev)
+ knownPeers.Store(addr, &peer)
+ peersByID.Store(*peer.ID, addr)
govpn.Printf(
`[rehandshake-completed bind="%s" peer="%s"]`,
*bindAddr, peerID.String(),
terminator: make(chan struct{}, 1),
}
go govpn.PeerTapProcessor(ps.peer, ps.tap, ps.terminator)
- peersLock.Lock()
- peersByIDLock.Lock()
- kpLock.Lock()
- peers[addr] = ps
- peersByID[*peer.ID] = addr
- knownPeers[addr] = &peer
- peersLock.Unlock()
- peersByIDLock.Unlock()
- kpLock.Unlock()
+ peers.Store(addr, ps)
+ peersByID.Store(*peer.ID, addr)
+ knownPeers.Store(addr, &peer)
govpn.Printf(`[peer-created bind="%s" peer="%s"]`, *bindAddr, peerID.String())
}
break
var addr string
var n int
var err error
+ var exists bool
+ var psI interface{}
var ps *PeerState
+ var hsI interface{}
var hs *govpn.Handshake
+ var addrPrevI interface{}
var addrPrev string
- var exists bool
+ var peerPrevI interface{}
+ var peerPrev *PeerState
var peerID *govpn.PeerID
var conf *govpn.PeerConf
for {
}
addr = raddr.String()
- peersLock.RLock()
- ps, exists = peers[addr]
- peersLock.RUnlock()
+ psI, exists = peers.Load(addr)
if exists {
+ ps = psI.(*PeerState)
go func(peer *govpn.Peer, tap *govpn.TAP, buf []byte, n int) {
peer.PktProcess(buf[:n], tap, true)
udpBufs <- buf
continue
}
- hsLock.RLock()
- hs, exists = handshakes[addr]
- hsLock.RUnlock()
+ hsI, exists = handshakes.Load(addr)
if !exists {
peerID = idsCache.Find(buf[:n])
if peerID == nil {
)
hs.Server(buf[:n])
udpBufs <- buf
- hsLock.Lock()
- handshakes[addr] = hs
- hsLock.Unlock()
+ handshakes.Store(addr, hs)
continue
}
+ hs = hsI.(*govpn.Handshake)
peer := hs.Server(buf[:n])
if peer == nil {
udpBufs <- buf
*bindAddr, addr, peerID.String(),
)
hs.Zero()
- hsLock.Lock()
- delete(handshakes, addr)
- hsLock.Unlock()
+ handshakes.Delete(addr)
go func() {
udpBufs <- make([]byte, govpn.MTUMax)
udpBufs <- make([]byte, govpn.MTUMax)
}()
- peersByIDLock.RLock()
- addrPrev, exists = peersByID[*peer.ID]
- peersByIDLock.RUnlock()
- var peerPrev *PeerState
+ addrPrevI, exists = peersByID.Load(*peer.ID)
if exists {
- peersLock.Lock()
- peerPrev = peers[addrPrev]
- if peerPrev == nil {
- exists = false
- peersLock.Unlock()
+ addrPrev = addrPrevI.(string)
+ peerPrevI, exists = peers.Load(addrPrev)
+ if exists {
+ peerPrev = peerPrevI.(*PeerState)
+ exists = peerPrev == nil
}
}
if exists {
<-udpBufs
<-udpBufs
}(psNew.peer, psNew.tap, psNew.terminator)
- peersByIDLock.Lock()
- kpLock.Lock()
- delete(peers, addrPrev)
- delete(knownPeers, addrPrev)
- peers[addr] = psNew
- knownPeers[addr] = &peer
- peersByID[*peer.ID] = addr
- peersLock.Unlock()
- peersByIDLock.Unlock()
- kpLock.Unlock()
+ peers.Delete(addrPrev)
+ peers.Store(addr, psNew)
+ knownPeers.Delete(addrPrev)
+ knownPeers.Store(addr, &peer)
+ peersByID.Store(*peer.ID, addr)
govpn.Printf(
`[rehandshake-completed bind="%s" peer="%s"]`,
*bindAddr, peer.ID.String(),
<-udpBufs
<-udpBufs
}(psNew.peer, psNew.tap, psNew.terminator)
- peersLock.Lock()
- peersByIDLock.Lock()
- kpLock.Lock()
- peers[addr] = psNew
- knownPeers[addr] = &peer
- peersByID[*peer.ID] = addr
- peersLock.Unlock()
- peersByIDLock.Unlock()
- kpLock.Unlock()
+ peers.Store(addr, psNew)
+ knownPeers.Store(addr, &peer)
+ peersByID.Store(*peer.ID, addr)
govpn.Printf(
`[peer-created bind="%s" peer="%s"]`,
*bindAddr,
"encoding/json"
"log"
"net"
+ "sync"
"time"
)
RWTimeout = 10 * time.Second
)
-type KnownPeers map[string]**Peer
-
// StatsProcessor is assumed to be run in background. It accepts
// connection on statsPort, reads anything one send to them and show
// information about known peers in serialized JSON format. peers
// argument is a reference to the map with references to the peers as
// values. Map is used here because of ease of adding and removing
// elements in it.
-func StatsProcessor(statsPort net.Listener, peers *KnownPeers) {
+func StatsProcessor(statsPort net.Listener, peers *sync.Map) {
var conn net.Conn
var err error
var data []byte
conn.Read(buf)
conn.Write([]byte("HTTP/1.0 200 OK\r\nContent-Type: application/json\r\n\r\n"))
var peersList []*Peer
- for _, peer := range *peers {
- peersList = append(peersList, *peer)
- }
+ peers.Range(func(_, peerI interface{}) bool {
+ peersList = append(peersList, *peerI.(**Peer))
+ return true
+ })
data, err = json.Marshal(peersList)
if err != nil {
panic(err)
var err error
var pass string
if path == "" {
- os.Stderr.Write([]byte("Passphrase:"))
+ os.Stderr.WriteString("Passphrase:")
p, err = terminal.ReadPassword(0)
- os.Stderr.Write([]byte("\n"))
+ os.Stderr.WriteString("\n")
pass = string(p)
} else {
p, err = ioutil.ReadFile(path)
-Subproject commit 573951cbe80bb6352881271bb276f48749eab6f4
+Subproject commit 81e90905daefcd6fd217b62423c0908922eadb30
--- /dev/null
+Subproject commit 2d6f6f883a06fc0d5f4b14a81e4c28705ea64c15
src/github.com/bigeagle/water
src/gopkg.in/yaml.v2
src/golang.org/x/crypto
+ src/golang.org/x/sys
"
for repo in $repos; do
git clone $repo $tmp/govpn-$release/$repo
golang.org/x/crypto/CONTRIBUTORS
golang.org/x/crypto/LICENSE
golang.org/x/crypto/PATENTS
-golang.org/x/crypto/README
+golang.org/x/crypto/README.md
golang.org/x/crypto/blake2b
golang.org/x/crypto/chacha20poly1305/internal/chacha20
golang.org/x/crypto/curve25519
golang.org/x/crypto/poly1305
golang.org/x/crypto/ssh/terminal
+golang.org/x/sys/AUTHORS
+golang.org/x/sys/CONTRIBUTORS
+golang.org/x/sys/LICENSE
+golang.org/x/sys/PATENTS
+golang.org/x/sys/README
+golang.org/x/sys/unix
EOF
tar cfCI - src $tmp/includes | tar xfC - $tmp
rm -fr src/golang.org
------------------------ >8 ------------------------
GoVPN's home page is: http://www.govpn.info/
-also available as Tor hidden service: http://2wir2p7ibeu72jk3.onion/
+Also available as I2P service:
+http://zy2qxyziqzledqqb5vcq5unfxnn2csv6revteliybd7qxb64dpxq.b32.i2p/
Source code and its signature for that version can be found here:
------------------------ >8 ------------------------
Домашняя страница GoVPN: http://www.govpn.info/
-также доступна как скрытый сервис Tor: http://2wir2p7ibeu72jk3.onion/
+Также доступная как I2P сервис:
+http://zy2qxyziqzledqqb5vcq5unfxnn2csv6revteliybd7qxb64dpxq.b32.i2p/
Коротко о демоне: http://www.govpn.info/O-demone.html
-Исходный код и его подпись для этой версии находится здесь:
+Исходный код и его подпись для этой версии находятся здесь:
http://www.govpn.info/download/govpn-${release}.tar.xz ($size KiB)
http://www.govpn.info/download/govpn-${release}.tar.xz.sig