diff --git a/Dockerfile b/Dockerfile index ef1bbf7b..63ea1e86 100644 --- a/Dockerfile +++ b/Dockerfile @@ -200,6 +200,9 @@ EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp HEALTHCHECK --interval=5s --timeout=5s --start-period=10s --retries=1 CMD /gluetun-entrypoint healthcheck ARG TARGETPLATFORM RUN apk add --no-cache --update -l wget && \ + apk add --no-cache --update -X "https://dl-cdn.alpinelinux.org/alpine/v3.18/main" openvpn\~2.6 && \ + mv /usr/sbin/openvpn /usr/sbin/openvpn2.6 && \ + apk del openvpn && \ apk add --no-cache --update openvpn ca-certificates iptables ip6tables unbound tzdata && \ mv /usr/sbin/openvpn /usr/sbin/openvpn2.5 && \ # Fix vulnerability issue diff --git a/README.md b/README.md index e7faa7f0..c0789ebb 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ Lightweight swiss-knife-like VPN client to multiple VPN service providers ## Features -- Based on Alpine 3.17 for a small Docker image of 39.1MB +- Based on Alpine 3.17 for a small Docker image of 39.8MB - Supports: **AirVPN**, **Cyberghost**, **ExpressVPN**, **FastestVPN**, **HideMyAss**, **IPVanish**, **IVPN**, **Mullvad**, **NordVPN**, **Perfect Privacy**, **Privado**, **Private Internet Access**, **PrivateVPN**, **ProtonVPN**, **PureVPN**, **SlickVPN**, **Surfshark**, **TorGuard**, **VPNSecure.me**, **VPNUnlimited**, **Vyprvpn**, **WeVPN**, **Windscribe** servers - Supports OpenVPN for all providers listed - Supports Wireguard both kernelspace and userspace diff --git a/cmd/gluetun/main.go b/cmd/gluetun/main.go index 5b63194e..3e67e885 100644 --- a/cmd/gluetun/main.go +++ b/cmd/gluetun/main.go @@ -265,6 +265,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, err = printVersions(ctx, logger, []printVersionElement{ {name: "Alpine", getVersion: alpineConf.Version}, {name: "OpenVPN 2.5", getVersion: ovpnConf.Version25}, + {name: "OpenVPN 2.6", getVersion: ovpnConf.Version26}, {name: "Unbound", getVersion: dnsConf.Version}, {name: "IPtables", getVersion: func(ctx context.Context) (version string, err error) { return firewall.Version(ctx, cmder) diff --git a/internal/configuration/settings/openvpn.go b/internal/configuration/settings/openvpn.go index b4a3dad4..8fe6435a 100644 --- a/internal/configuration/settings/openvpn.go +++ b/internal/configuration/settings/openvpn.go @@ -17,7 +17,7 @@ import ( // OpenVPN contains settings to configure the OpenVPN client. type OpenVPN struct { // Version is the OpenVPN version to run. - // It can only be "2.5". + // It can only be "2.5" or "2.6". Version string // User is the OpenVPN authentication username. // It cannot be nil in the internal state if OpenVPN is used. @@ -88,7 +88,7 @@ var ivpnAccountID = regexp.MustCompile(`^(i|ivpn)\-[a-zA-Z0-9]{4}\-[a-zA-Z0-9]{4 func (o OpenVPN) validate(vpnProvider string) (err error) { // Validate version - validVersions := []string{openvpn.Openvpn25} + validVersions := []string{openvpn.Openvpn25, openvpn.Openvpn26} if !helpers.IsOneOf(o.Version, validVersions...) { return fmt.Errorf("%w: %q can only be one of %s", ErrOpenVPNVersionIsNotValid, o.Version, strings.Join(validVersions, ", ")) diff --git a/internal/constants/openvpn/versions.go b/internal/constants/openvpn/versions.go index 93789f5e..0b734c1d 100644 --- a/internal/constants/openvpn/versions.go +++ b/internal/constants/openvpn/versions.go @@ -2,4 +2,5 @@ package openvpn const ( Openvpn25 = "2.5" + Openvpn26 = "2.6" ) diff --git a/internal/openvpn/start.go b/internal/openvpn/start.go index a4b1a210..8ff7b99a 100644 --- a/internal/openvpn/start.go +++ b/internal/openvpn/start.go @@ -15,6 +15,7 @@ var ErrVersionUnknown = errors.New("OpenVPN version is unknown") const ( binOpenvpn25 = "openvpn2.5" + binOpenvpn26 = "openvpn2.6" ) func start(ctx context.Context, starter command.Starter, version string, flags []string) ( @@ -23,6 +24,8 @@ func start(ctx context.Context, starter command.Starter, version string, flags [ switch version { case openvpn.Openvpn25: bin = binOpenvpn25 + case openvpn.Openvpn26: + bin = binOpenvpn26 default: return nil, nil, nil, fmt.Errorf("%w: %s", ErrVersionUnknown, version) } diff --git a/internal/openvpn/version.go b/internal/openvpn/version.go index 7631cb9f..dd9d5493 100644 --- a/internal/openvpn/version.go +++ b/internal/openvpn/version.go @@ -12,6 +12,10 @@ func (c *Configurator) Version25(ctx context.Context) (version string, err error return c.version(ctx, binOpenvpn25) } +func (c *Configurator) Version26(ctx context.Context) (version string, err error) { + return c.version(ctx, binOpenvpn26) +} + var ErrVersionTooShort = errors.New("version output is too short") func (c *Configurator) version(ctx context.Context, binName string) (version string, err error) { diff --git a/internal/provider/airvpn/openvpnconf.go b/internal/provider/airvpn/openvpnconf.go index e1f04f86..e72b6c61 100644 --- a/internal/provider/airvpn/openvpnconf.go +++ b/internal/provider/airvpn/openvpnconf.go @@ -24,7 +24,7 @@ func (p *Provider) OpenVPNConfig(connection models.Connection, } switch settings.Version { - case openvpn.Openvpn25: + case openvpn.Openvpn25, openvpn.Openvpn26: providerSettings.Ciphers = []string{ openvpn.AES256gcm, openvpn.AES256cbc, openvpn.AES192gcm, openvpn.AES192cbc, openvpn.AES128gcm, openvpn.AES128cbc,