feat(openvpn): add support for openvpn 2.6
This commit is contained in:
Quentin McGaw
@@ -200,6 +200,9 @@ EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp
|
||||
HEALTHCHECK --interval=5s --timeout=5s --start-period=10s --retries=1 CMD /gluetun-entrypoint healthcheck
|
||||
ARG TARGETPLATFORM
|
||||
RUN apk add --no-cache --update -l wget && \
|
||||
apk add --no-cache --update -X "https://dl-cdn.alpinelinux.org/alpine/v3.18/main" openvpn\~2.6 && \
|
||||
mv /usr/sbin/openvpn /usr/sbin/openvpn2.6 && \
|
||||
apk del openvpn && \
|
||||
apk add --no-cache --update openvpn ca-certificates iptables ip6tables unbound tzdata && \
|
||||
mv /usr/sbin/openvpn /usr/sbin/openvpn2.5 && \
|
||||
# Fix vulnerability issue
|
||||
|
||||
@@ -57,7 +57,7 @@ Lightweight swiss-knife-like VPN client to multiple VPN service providers
|
||||
|
||||
## Features
|
||||
|
||||
- Based on Alpine 3.17 for a small Docker image of 39.1MB
|
||||
- Based on Alpine 3.17 for a small Docker image of 39.8MB
|
||||
- Supports: **AirVPN**, **Cyberghost**, **ExpressVPN**, **FastestVPN**, **HideMyAss**, **IPVanish**, **IVPN**, **Mullvad**, **NordVPN**, **Perfect Privacy**, **Privado**, **Private Internet Access**, **PrivateVPN**, **ProtonVPN**, **PureVPN**, **SlickVPN**, **Surfshark**, **TorGuard**, **VPNSecure.me**, **VPNUnlimited**, **Vyprvpn**, **WeVPN**, **Windscribe** servers
|
||||
- Supports OpenVPN for all providers listed
|
||||
- Supports Wireguard both kernelspace and userspace
|
||||
|
||||
@@ -265,6 +265,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
|
||||
err = printVersions(ctx, logger, []printVersionElement{
|
||||
{name: "Alpine", getVersion: alpineConf.Version},
|
||||
{name: "OpenVPN 2.5", getVersion: ovpnConf.Version25},
|
||||
{name: "OpenVPN 2.6", getVersion: ovpnConf.Version26},
|
||||
{name: "Unbound", getVersion: dnsConf.Version},
|
||||
{name: "IPtables", getVersion: func(ctx context.Context) (version string, err error) {
|
||||
return firewall.Version(ctx, cmder)
|
||||
|
||||
@@ -17,7 +17,7 @@ import (
|
||||
// OpenVPN contains settings to configure the OpenVPN client.
|
||||
type OpenVPN struct {
|
||||
// Version is the OpenVPN version to run.
|
||||
// It can only be "2.5".
|
||||
// It can only be "2.5" or "2.6".
|
||||
Version string
|
||||
// User is the OpenVPN authentication username.
|
||||
// It cannot be nil in the internal state if OpenVPN is used.
|
||||
@@ -88,7 +88,7 @@ var ivpnAccountID = regexp.MustCompile(`^(i|ivpn)\-[a-zA-Z0-9]{4}\-[a-zA-Z0-9]{4
|
||||
|
||||
func (o OpenVPN) validate(vpnProvider string) (err error) {
|
||||
// Validate version
|
||||
validVersions := []string{openvpn.Openvpn25}
|
||||
validVersions := []string{openvpn.Openvpn25, openvpn.Openvpn26}
|
||||
if !helpers.IsOneOf(o.Version, validVersions...) {
|
||||
return fmt.Errorf("%w: %q can only be one of %s",
|
||||
ErrOpenVPNVersionIsNotValid, o.Version, strings.Join(validVersions, ", "))
|
||||
|
||||
@@ -2,4 +2,5 @@ package openvpn
|
||||
|
||||
const (
|
||||
Openvpn25 = "2.5"
|
||||
Openvpn26 = "2.6"
|
||||
)
|
||||
|
||||
@@ -15,6 +15,7 @@ var ErrVersionUnknown = errors.New("OpenVPN version is unknown")
|
||||
|
||||
const (
|
||||
binOpenvpn25 = "openvpn2.5"
|
||||
binOpenvpn26 = "openvpn2.6"
|
||||
)
|
||||
|
||||
func start(ctx context.Context, starter command.Starter, version string, flags []string) (
|
||||
@@ -23,6 +24,8 @@ func start(ctx context.Context, starter command.Starter, version string, flags [
|
||||
switch version {
|
||||
case openvpn.Openvpn25:
|
||||
bin = binOpenvpn25
|
||||
case openvpn.Openvpn26:
|
||||
bin = binOpenvpn26
|
||||
default:
|
||||
return nil, nil, nil, fmt.Errorf("%w: %s", ErrVersionUnknown, version)
|
||||
}
|
||||
|
||||
@@ -12,6 +12,10 @@ func (c *Configurator) Version25(ctx context.Context) (version string, err error
|
||||
return c.version(ctx, binOpenvpn25)
|
||||
}
|
||||
|
||||
func (c *Configurator) Version26(ctx context.Context) (version string, err error) {
|
||||
return c.version(ctx, binOpenvpn26)
|
||||
}
|
||||
|
||||
var ErrVersionTooShort = errors.New("version output is too short")
|
||||
|
||||
func (c *Configurator) version(ctx context.Context, binName string) (version string, err error) {
|
||||
|
||||
@@ -24,7 +24,7 @@ func (p *Provider) OpenVPNConfig(connection models.Connection,
|
||||
}
|
||||
|
||||
switch settings.Version {
|
||||
case openvpn.Openvpn25:
|
||||
case openvpn.Openvpn25, openvpn.Openvpn26:
|
||||
providerSettings.Ciphers = []string{
|
||||
openvpn.AES256gcm, openvpn.AES256cbc, openvpn.AES192gcm,
|
||||
openvpn.AES192cbc, openvpn.AES128gcm, openvpn.AES128cbc,
|
||||
|
||||
Reference in New Issue
Block a user