WIP

eduvpn · Oct 28, 2024 · b615c02 · b615c02
1 parent 0076386
commit b615c02
Show file tree

Hide file tree

Showing 15 changed files with 224 additions and 236 deletions.
diff --git a/client/client.go b/client/client.go
@@ -49,9 +49,6 @@ type Client struct {
 	// cfg is the config
 	cfg *config.Config
 
-	// proxy is proxyguard
-	proxy Proxy
-
 	mu sync.Mutex
 
 	discoMan *discovery.Manager
@@ -557,11 +554,6 @@ func (c *Client) retrieveTokens(sid string, t srvtypes.Type) (*eduoauth.Token, e
 // Cleanup cleans up the VPN connection by sending a /disconnect
 func (c *Client) Cleanup(ck *cookie.Cookie) error {
 	defer c.TrySave()
-	// cleanup proxyguard
-	cerr := c.proxy.Cancel()
-	if cerr != nil {
-		log.Logger.Debugf("ProxyGuard cancel gave an error: %v", cerr)
-	}
 	srv, err := c.Servers.CurrentServer()
 	if err != nil {
 		return i18nerr.WrapInternal(err, "The current server was not found when cleaning up the connection")

diff --git a/client/proxy.go b/client/proxy.go
diff --git a/client/proxy_test.go b/client/proxy_test.go
diff --git a/exports/exports.go b/exports/exports.go
@@ -29,6 +29,7 @@ import (
 	"github.com/eduvpn/eduvpn-common/client"
 	"github.com/eduvpn/eduvpn-common/i18nerr"
 	"github.com/eduvpn/eduvpn-common/internal/log"
+	"github.com/eduvpn/eduvpn-common/proxy"
 	"github.com/eduvpn/eduvpn-common/types/cookie"
 	errtypes "github.com/eduvpn/eduvpn-common/types/error"
 	srvtypes "github.com/eduvpn/eduvpn-common/types/server"
@@ -876,50 +877,85 @@ func StartFailover(c C.uintptr_t, gateway *C.char, mtu C.int, readRxBytes C.Read
 	return droppedC, nil
 }
 
-// StartProxyguard starts the 'proxyguard' procedure in eduvpn-common.
+// NewProxyguard creates the 'proxyguard' procedure in eduvpn-common.
 // eduvpn-common currently also cleans up the running ProxyGuard process in `cleanup`.
-// If the proxy cannot be started it returns an error.
+// If the proxy cannot be created it returns an error.
 //
 // This function proxies WireGuard UDP connections over HTTP: [ProxyGuard on Codeberg](https://codeberg.org/eduvpn/proxyguard).
 //
 // These input variables can be gotten from the configuration that is retrieved using the `proxy` JSON key
 //
 //   - `c` is the cookie. Note that if you cancel/delete the cookie, ProxyGuard gets cleaned up. Common automatically cleans up ProxyGuard when `Cleanup` is called, but it is good to cleanup yourself too.
-//   - `listen` is the `ip:port` of the local udp connection, this is what is set to the WireGuard endpoint
+//   - `lp` is the `port` of the local udp ProxyGuard connection, this is what is set to the WireGuard endpoint
 //   - `tcpsp` is the TCP source port. Pass 0 if you do not route based on source port, so far only the Linux client has to pass non-zero.
 //   - `peer` is the `ip:port` of the remote server
 //   - `proxySetup` is a callback which is called when the socket is setting up, this can be used for configuring routing in the client. It takes two arguments: the file descriptor (integer) and a JSON list of IPs the client connects to
-//   - `proxyReady` is a callback when the proxy is ready to be used. This is only called when the client is not connected yet. Use this to determine when the actual wireguard connection can be started. This callback returns and takes no arguments
 //
-// Example Input: ```StartProxyGuard(myCookie, "127.0.0.1:1337", 0, "5.5.5.5:51820", proxySetupCB, proxyReadyCB)```
+// Example Input: ```StartProxyGuard(myCookie, 1337, 0, "5.5.5.5:51820", proxySetupCB)```
 //
 // Example Output: ```null```
 //
-//export StartProxyguard
-func StartProxyguard(c C.uintptr_t, listen *C.char, tcpsp C.int, peer *C.char, proxySetup C.ProxySetup, proxyReady C.ProxyReady) *C.char {
-	state, stateErr := getVPNState()
-	if stateErr != nil {
-		return getCError(stateErr)
-	}
+//export NewProxyguard
+func NewProxyguard(c C.uintptr_t, lp C.int, tcpsp C.int, peer *C.char, proxySetup C.ProxySetup) (C.uintptr_t, *C.char) {
 	ck, err := getCookie(c)
 	if err != nil {
-		return getCError(err)
+		return 0, getCError(err)
 	}
-
-	proxyErr := state.StartProxyguard(ck, C.GoString(listen), int(tcpsp), C.GoString(peer), func(fd int, pips string) {
+	proxy, proxyErr := proxy.NewProxyguard(ck.Context(), int(lp), int(tcpsp), C.GoString(peer), func(fd int) {
 		if proxySetup == nil {
 			return
 		}
-		cpip := C.CString(pips)
-		C.call_proxy_setup(proxySetup, C.int(fd), cpip)
-		FreeString(cpip)
-	}, func() {
-		if proxyReady == nil {
-			return
-		}
-		C.call_proxy_ready(proxyReady)
+		C.call_proxy_setup(proxySetup, C.int(fd))
 	})
-	return getCError(proxyErr)
+	if proxyErr != nil {
+		return 0, getCError(proxyErr)
+	}
+	return C.uintptr_t(cgo.NewHandle(proxy)), nil
+}
+
+func getProxy(proxyH C.uintptr_t) (*proxy.Proxy, error) {
+	h := cgo.Handle(proxyH)
+	v, ok := h.Value().(*proxy.Proxy)
+	if !ok {
+		return nil, i18nerr.NewInternal("value is not a proxyguard wrapper")
+	}
+	return v, nil
+}
+
+//export ProxyguardTunnel
+func ProxyguardTunnel(c C.uintptr_t, proxyH C.uintptr_t, wglisten C.int) *C.char {
+	ck, err := getCookie(c)
+	if err != nil {
+		return getCError(err)
+	}
+	pr, err := getProxy(proxyH)
+	if err != nil {
+		return getCError(err)
+	}
+	tunnelErr := pr.Tunnel(ck.Context(), int(wglisten))
+
+	// after tunneling is done, the handle should be deleted
+	cgo.Handle(proxyH).Delete()
+	return getCError(tunnelErr)
+}
+
+//export ProxyguardPeerIPs
+func ProxyguardPeerIPs(proxyH C.uintptr_t) (*C.char, *C.char) {
+	pr, err := getProxy(proxyH)
+	if err != nil {
+		return nil, getCError(err)
+	}
+	pips := pr.PeerIPS
+
+	b, err := json.Marshal(pips)
+	if err != nil {
+		return nil, getCError(i18nerr.WrapInternal(err, "failed converting Peer IPs to JSON"))
+	}
+	ret, err := getReturnData(string(b))
+	if err != nil {
+		return nil, getCError(err)
+	}
+	return C.CString(ret), nil
 }
 
 // SetState sets the state of the state machine.

diff --git a/exports/exports.h b/exports/exports.h
@@ -11,8 +11,7 @@ typedef int (*StateCB)(int oldstate, int newstate, void* data);
 typedef void (*RefreshList)();
 typedef void (*TokenGetter)(const char* server_id, int server_type, char* out, size_t len);
 typedef void (*TokenSetter)(const char* server_id, int server_type, const char* tokens);
-typedef void (*ProxySetup)(int fd, const char* peer_ips);
-typedef void (*ProxyReady)();
+typedef void (*ProxySetup)(int fd);
 
 static long long int get_read_rx_bytes(ReadRxBytes read)
 {
@@ -34,13 +33,9 @@ static void call_token_setter(TokenSetter setter, const char* server_id, int ser
 {
     setter(server_id, server_type, tokens);
 }
-static void call_proxy_setup(ProxySetup proxysetup, int fd, const char* peer_ips)
+static void call_proxy_setup(ProxySetup proxysetup, int fd)
 {
-    proxysetup(fd, peer_ips);
-}
-static void call_proxy_ready(ProxyReady ready)
-{
-    ready();
+    proxysetup(fd);
 }
 
 #endif /* EXPORTS_H */
diff --git a/go.mod b/go.mod
@@ -3,11 +3,11 @@ module github.com/eduvpn/eduvpn-common
 go 1.18
 
 require (
-	codeberg.org/eduVPN/proxyguard v0.0.0-20240924084349-c0250730030d
+	codeberg.org/eduVPN/proxyguard v0.0.0-20241028155505-e9ee8522373e
 	github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267
 	github.com/jwijenbergh/eduoauth-go v1.1.1
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c
-	golang.org/x/text v0.18.0
+	golang.org/x/text v0.19.0
 	golang.zx2c4.com/wireguard/wgctrl v0.0.0-20230429144221-925a1e7659e6
 )
 
@@ -18,7 +18,7 @@ require (
 )
 
 require (
-	golang.org/x/crypto v0.27.0 // indirect
-	golang.org/x/net v0.29.0
-	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/crypto v0.28.0 // indirect
+	golang.org/x/net v0.30.0
+	golang.org/x/sys v0.26.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -12,6 +12,8 @@ codeberg.org/eduVPN/proxyguard v0.0.0-20240723101427-d0b2383c372c h1:C+CRKtZb8pE
 codeberg.org/eduVPN/proxyguard v0.0.0-20240723101427-d0b2383c372c/go.mod h1:fc7DsdgdLmrO7DN45HNp+ekVewlRcikSOkAvUeGUvWk=
 codeberg.org/eduVPN/proxyguard v0.0.0-20240924084349-c0250730030d h1:Vgak68rEnG1+dbarzckv3yvQeHI+tlGIvKy7opS5DKs=
 codeberg.org/eduVPN/proxyguard v0.0.0-20240924084349-c0250730030d/go.mod h1:fc7DsdgdLmrO7DN45HNp+ekVewlRcikSOkAvUeGUvWk=
+codeberg.org/eduVPN/proxyguard v0.0.0-20241028155505-e9ee8522373e h1:YdupOqJKsVGJf9cgjGbMk8/DDQZp/YdlsYB7sTX7iMs=
+codeberg.org/eduVPN/proxyguard v0.0.0-20241028155505-e9ee8522373e/go.mod h1:fc7DsdgdLmrO7DN45HNp+ekVewlRcikSOkAvUeGUvWk=
 github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267 h1:TMtDYDHKYY15rFihtRfck/bfFqNfvcabqvXAFQfAUpY=
 github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267/go.mod h1:h1nSAbGFqGVzn6Jyl1R/iCcBUHN4g+gW1u9CoBTrb9E=
 github.com/jwijenbergh/eduoauth-go v0.0.0-20240315135955-9f1f5b2fd78e h1:KOWbMxOd6qRF6Zw7PfDwUy0HFhks1KXU/7ai98WKFVY=
@@ -40,6 +42,8 @@ golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
 golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
 golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
 golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
+golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
 golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
@@ -56,6 +60,8 @@ golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
 golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
 golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
 golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
@@ -70,6 +76,8 @@ golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
 golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
 golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
@@ -78,6 +86,8 @@ golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
 golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
+golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=