VPNSP value custom for OpenVPN custom config files (#621)

- Retro-compatibility: `OPENVPN_CUSTOM_CONFIG` set implies `VPNSP=custom` - Change: `up` and `down` options are not filtered out - Change: `OPENVPN_INTERFACE` overrides the network interface defined in the configuration file - Change: `PORT` overrides any port found in the configuration file - Feat: config file is read when building the OpenVPN configuration, so it's effectively reloaded on VPN restarts - Feat: extract values from custom file at start to log out valid settings - Maint: `internal/openvpn/extract` package instead of `internal/openvpn/custom` package - Maint: All providers' `BuildConf` method return an error - Maint: rename `CustomConfig` to `ConfFile` in Settings structures
2021-09-13 11:30:14 -04:00
parent 11af6c10f1
commit f807f756eb
43 changed files with 328 additions and 296 deletions
--- a/internal/openvpn/extract/data.go
+++ b/internal/openvpn/extract/data.go
@@ -0,0 +1,29 @@
+package extract
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/qdm12/gluetun/internal/models"
+)
+
+var (
+	ErrRead              = errors.New("cannot read file")
+	ErrExtractConnection = errors.New("cannot extract connection from file")
+)
+
+// Data extracts the lines and connection from the OpenVPN configuration file.
+func (e *Extractor) Data(filepath string) (lines []string,
+	connection models.Connection, err error) {
+	lines, err = readCustomConfigLines(filepath)
+	if err != nil {
+		return nil, connection, fmt.Errorf("%w: %s", ErrRead, err)
+	}
+
+	connection, err = extractDataFromLines(lines)
+	if err != nil {
+		return nil, connection, fmt.Errorf("%w: %s", ErrExtractConnection, err)
+	}
+
+	return lines, connection, nil
+}
--- a/internal/openvpn/extract/extract.go
+++ b/internal/openvpn/extract/extract.go
@@ -0,0 +1,140 @@
+package extract
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"strconv"
+	"strings"
+
+	"github.com/qdm12/gluetun/internal/constants"
+	"github.com/qdm12/gluetun/internal/models"
+)
+
+var (
+	errRemoteLineNotFound = errors.New("remote line not found")
+)
+
+func extractDataFromLines(lines []string) (
+	connection models.Connection, err error) {
+	for i, line := range lines {
+		ip, port, protocol, err := extractDataFromLine(line)
+		if err != nil {
+			return connection, fmt.Errorf("on line %d: %w", i+1, err)
+		}
+
+		connection.UpdateEmptyWith(ip, port, protocol)
+
+		if connection.Protocol != "" && connection.IP != nil {
+			break
+		}
+	}
+
+	if connection.IP == nil {
+		return connection, errRemoteLineNotFound
+	}
+
+	if connection.Protocol == "" {
+		connection.Protocol = constants.UDP
+	}
+
+	if connection.Port == 0 {
+		connection.Port = 1194
+		if connection.Protocol == constants.TCP {
+			connection.Port = 443
+		}
+	}
+
+	return connection, nil
+}
+
+var (
+	errExtractProto  = errors.New("failed extracting protocol from proto line")
+	errExtractRemote = errors.New("failed extracting from remote line")
+)
+
+func extractDataFromLine(line string) (
+	ip net.IP, port uint16, protocol string, err error) {
+	switch {
+	case strings.HasPrefix(line, "proto "):
+		protocol, err = extractProto(line)
+		if err != nil {
+			return nil, 0, "", fmt.Errorf("%w: %s", errExtractProto, err)
+		}
+		return nil, 0, protocol, nil
+
+	case strings.HasPrefix(line, "remote "):
+		ip, port, protocol, err = extractRemote(line)
+		if err != nil {
+			return nil, 0, "", fmt.Errorf("%w: %s", errExtractRemote, err)
+		}
+		return ip, port, protocol, nil
+	}
+
+	return nil, 0, "", nil
+}
+
+var (
+	errProtoLineFieldsCount = errors.New("proto line has not 2 fields as expected")
+	errProtocolNotSupported = errors.New("network protocol not supported")
+)
+
+func extractProto(line string) (protocol string, err error) {
+	fields := strings.Fields(line)
+	if len(fields) != 2 { //nolint:gomnd
+		return "", fmt.Errorf("%w: %s", errProtoLineFieldsCount, line)
+	}
+
+	switch fields[1] {
+	case "tcp", "udp":
+	default:
+		return "", fmt.Errorf("%w: %s", errProtocolNotSupported, fields[1])
+	}
+
+	return fields[1], nil
+}
+
+var (
+	errRemoteLineFieldsCount = errors.New("remote line has not 2 fields as expected")
+	errHostNotIP             = errors.New("host is not an an IP address")
+	errPortNotValid          = errors.New("port is not valid")
+)
+
+func extractRemote(line string) (ip net.IP, port uint16,
+	protocol string, err error) {
+	fields := strings.Fields(line)
+	n := len(fields)
+
+	if n < 2 || n > 4 {
+		return nil, 0, "", fmt.Errorf("%w: %s", errRemoteLineFieldsCount, line)
+	}
+
+	host := fields[1]
+	ip = net.ParseIP(host)
+	if ip == nil {
+		return nil, 0, "", fmt.Errorf("%w: %s", errHostNotIP, host)
+		// TODO resolve hostname once there is an option to allow it through
+		// the firewall before the VPN is up.
+	}
+
+	if n > 2 { //nolint:gomnd
+		portInt, err := strconv.Atoi(fields[2])
+		if err != nil {
+			return nil, 0, "", fmt.Errorf("%w: %s", errPortNotValid, line)
+		} else if portInt < 1 || portInt > 65535 {
+			return nil, 0, "", fmt.Errorf("%w: not between 1 and 65535: %d", errPortNotValid, portInt)
+		}
+		port = uint16(portInt)
+	}
+
+	if n > 3 { //nolint:gomnd
+		switch fields[3] {
+		case "tcp", "udp":
+			protocol = fields[3]
+		default:
+			return nil, 0, "", fmt.Errorf("%w: %s", errProtocolNotSupported, fields[3])
+		}
+	}
+
+	return ip, port, protocol, nil
+}
--- a/internal/openvpn/extract/extract_test.go
+++ b/internal/openvpn/extract/extract_test.go
@@ -0,0 +1,262 @@
+package extract
+
+import (
+	"errors"
+	"net"
+	"testing"
+
+	"github.com/qdm12/gluetun/internal/constants"
+	"github.com/qdm12/gluetun/internal/models"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func Test_extractDataFromLines(t *testing.T) {
+	t.Parallel()
+
+	testCases := map[string]struct {
+		lines      []string
+		connection models.Connection
+		err        error
+	}{
+		"success": {
+			lines: []string{"bla bla", "proto tcp", "remote 1.2.3.4 1194 tcp", "dev tun6"},
+			connection: models.Connection{
+				IP:       net.IPv4(1, 2, 3, 4),
+				Port:     1194,
+				Protocol: constants.TCP,
+			},
+		},
+		"extraction error": {
+			lines: []string{"bla bla", "proto bad", "remote 1.2.3.4 1194 tcp"},
+			err:   errors.New("on line 2: failed extracting protocol from proto line: network protocol not supported: bad"),
+		},
+		"only use first values found": {
+			lines: []string{"proto udp", "proto tcp", "remote 1.2.3.4 443 tcp", "remote 5.2.3.4 1194 udp"},
+			connection: models.Connection{
+				IP:       net.IPv4(1, 2, 3, 4),
+				Port:     443,
+				Protocol: constants.UDP,
+			},
+		},
+		"no IP found": {
+			lines: []string{"proto tcp"},
+			connection: models.Connection{
+				Protocol: constants.TCP,
+			},
+			err: errRemoteLineNotFound,
+		},
+		"default TCP port": {
+			lines: []string{"remote 1.2.3.4", "proto tcp"},
+			connection: models.Connection{
+				IP:       net.IPv4(1, 2, 3, 4),
+				Port:     443,
+				Protocol: constants.TCP,
+			},
+		},
+		"default UDP port": {
+			lines: []string{"remote 1.2.3.4", "proto udp"},
+			connection: models.Connection{
+				IP:       net.IPv4(1, 2, 3, 4),
+				Port:     1194,
+				Protocol: constants.UDP,
+			},
+		},
+	}
+
+	for name, testCase := range testCases {
+		testCase := testCase
+		t.Run(name, func(t *testing.T) {
+			t.Parallel()
+
+			connection, err := extractDataFromLines(testCase.lines)
+
+			if testCase.err != nil {
+				require.Error(t, err)
+				assert.Equal(t, testCase.err.Error(), err.Error())
+			} else {
+				assert.NoError(t, err)
+			}
+
+			assert.Equal(t, testCase.connection, connection)
+		})
+	}
+}
+
+func Test_extractDataFromLine(t *testing.T) {
+	t.Parallel()
+
+	testCases := map[string]struct {
+		line     string
+		ip       net.IP
+		port     uint16
+		protocol string
+		isErr    error
+	}{
+		"irrelevant line": {
+			line: "bla bla",
+		},
+		"extract proto error": {
+			line:  "proto bad",
+			isErr: errExtractProto,
+		},
+		"extract proto success": {
+			line:     "proto tcp",
+			protocol: constants.TCP,
+		},
+		"extract remote error": {
+			line:  "remote bad",
+			isErr: errExtractRemote,
+		},
+		"extract remote success": {
+			line:     "remote 1.2.3.4 1194 udp",
+			ip:       net.IPv4(1, 2, 3, 4),
+			port:     1194,
+			protocol: constants.UDP,
+		},
+	}
+
+	for name, testCase := range testCases {
+		testCase := testCase
+		t.Run(name, func(t *testing.T) {
+			t.Parallel()
+
+			ip, port, protocol, err := extractDataFromLine(testCase.line)
+
+			if testCase.isErr != nil {
+				assert.ErrorIs(t, err, testCase.isErr)
+			} else {
+				assert.NoError(t, err)
+			}
+
+			assert.Equal(t, testCase.ip, ip)
+			assert.Equal(t, testCase.port, port)
+			assert.Equal(t, testCase.protocol, protocol)
+		})
+	}
+}
+
+func Test_extractProto(t *testing.T) {
+	t.Parallel()
+
+	testCases := map[string]struct {
+		line     string
+		protocol string
+		err      error
+	}{
+		"fields error": {
+			line: "proto one two",
+			err:  errors.New("proto line has not 2 fields as expected: proto one two"),
+		},
+		"bad protocol": {
+			line: "proto bad",
+			err:  errors.New("network protocol not supported: bad"),
+		},
+		"udp": {
+			line:     "proto udp",
+			protocol: constants.UDP,
+		},
+		"tcp": {
+			line:     "proto tcp",
+			protocol: constants.TCP,
+		},
+	}
+
+	for name, testCase := range testCases {
+		testCase := testCase
+		t.Run(name, func(t *testing.T) {
+			t.Parallel()
+
+			protocol, err := extractProto(testCase.line)
+
+			if testCase.err != nil {
+				require.Error(t, err)
+				assert.Equal(t, testCase.err.Error(), err.Error())
+			} else {
+				assert.NoError(t, err)
+			}
+
+			assert.Equal(t, testCase.protocol, protocol)
+		})
+	}
+}
+
+func Test_extractRemote(t *testing.T) {
+	t.Parallel()
+
+	testCases := map[string]struct {
+		line     string
+		ip       net.IP
+		port     uint16
+		protocol string
+		err      error
+	}{
+		"not enough fields": {
+			line: "remote",
+			err:  errors.New("remote line has not 2 fields as expected: remote"),
+		},
+		"too many fields": {
+			line: "remote one two three four",
+			err:  errors.New("remote line has not 2 fields as expected: remote one two three four"),
+		},
+		"host is not an IP": {
+			line: "remote somehost.com",
+			err:  errors.New("host is not an an IP address: somehost.com"),
+		},
+		"only IP host": {
+			line: "remote 1.2.3.4",
+			ip:   net.IPv4(1, 2, 3, 4),
+		},
+		"port not an integer": {
+			line: "remote 1.2.3.4 bad",
+			err:  errors.New("port is not valid: remote 1.2.3.4 bad"),
+		},
+		"port is zero": {
+			line: "remote 1.2.3.4 0",
+			err:  errors.New("port is not valid: not between 1 and 65535: 0"),
+		},
+		"port is minus one": {
+			line: "remote 1.2.3.4 -1",
+			err:  errors.New("port is not valid: not between 1 and 65535: -1"),
+		},
+		"port is over 65535": {
+			line: "remote 1.2.3.4 65536",
+			err:  errors.New("port is not valid: not between 1 and 65535: 65536"),
+		},
+		"IP host and port": {
+			line: "remote 1.2.3.4 8000",
+			ip:   net.IPv4(1, 2, 3, 4),
+			port: 8000,
+		},
+		"invalid protocol": {
+			line: "remote 1.2.3.4 8000 bad",
+			err:  errors.New("network protocol not supported: bad"),
+		},
+		"IP host and port and protocol": {
+			line:     "remote 1.2.3.4 8000 udp",
+			ip:       net.IPv4(1, 2, 3, 4),
+			port:     8000,
+			protocol: constants.UDP,
+		},
+	}
+
+	for name, testCase := range testCases {
+		testCase := testCase
+		t.Run(name, func(t *testing.T) {
+			t.Parallel()
+
+			ip, port, protocol, err := extractRemote(testCase.line)
+
+			if testCase.err != nil {
+				require.Error(t, err)
+				assert.Equal(t, testCase.err.Error(), err.Error())
+			} else {
+				assert.NoError(t, err)
+			}
+
+			assert.Equal(t, testCase.ip, ip)
+			assert.Equal(t, testCase.port, port)
+			assert.Equal(t, testCase.protocol, protocol)
+		})
+	}
+}
--- a/internal/openvpn/extract/extractor.go
+++ b/internal/openvpn/extract/extractor.go
@@ -0,0 +1,18 @@
+package extract
+
+import (
+	"github.com/qdm12/gluetun/internal/models"
+)
+
+var _ Interface = (*Extractor)(nil)
+
+type Interface interface {
+	Data(filepath string) (lines []string,
+		connection models.Connection, err error)
+}
+
+type Extractor struct{}
+
+func New() *Extractor {
+	return new(Extractor)
+}
--- a/internal/openvpn/extract/helpers_test.go
+++ b/internal/openvpn/extract/helpers_test.go
@@ -0,0 +1,14 @@
+package extract
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func removeFile(t *testing.T, filename string) {
+	t.Helper()
+	err := os.RemoveAll(filename)
+	require.NoError(t, err)
+}
--- a/internal/openvpn/extract/read.go
+++ b/internal/openvpn/extract/read.go
@@ -0,0 +1,27 @@
+package extract
+
+import (
+	"io"
+	"os"
+	"strings"
+)
+
+func readCustomConfigLines(filepath string) (
+	lines []string, err error) {
+	file, err := os.Open(filepath)
+	if err != nil {
+		return nil, err
+	}
+
+	b, err := io.ReadAll(file)
+	if err != nil {
+		_ = file.Close()
+		return nil, err
+	}
+
+	if err := file.Close(); err != nil {
+		return nil, err
+	}
+
+	return strings.Split(string(b), "\n"), nil
+}
--- a/internal/openvpn/extract/read_test.go
+++ b/internal/openvpn/extract/read_test.go
@@ -0,0 +1,32 @@
+package extract
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func Test_readCustomConfigLines(t *testing.T) {
+	t.Parallel()
+
+	file, err := os.CreateTemp("", "")
+	require.NoError(t, err)
+	defer removeFile(t, file.Name())
+	defer file.Close()
+
+	_, err = file.WriteString("line one\nline two\nline three\n")
+	require.NoError(t, err)
+
+	err = file.Close()
+	require.NoError(t, err)
+
+	lines, err := readCustomConfigLines(file.Name())
+	assert.NoError(t, err)
+
+	expectedLines := []string{
+		"line one", "line two", "line three", "",
+	}
+	assert.Equal(t, expectedLines, lines)
+}