From 762a034cc1af55d09dc0a174947356e36bf15569 Mon Sep 17 00:00:00 2001 From: jwijenbergh Date: Tue, 4 Oct 2022 14:53:58 +0200 Subject: Server: Implement `prefer_tcp` according to spec --- internal/server/api.go | 15 ++++++++++++++- internal/server/common.go | 19 ++++++------------- 2 files changed, 20 insertions(+), 14 deletions(-) (limited to 'internal') diff --git a/internal/server/api.go b/internal/server/api.go index 4648a8f..0c1a0f5 100644 --- a/internal/server/api.go +++ b/internal/server/api.go @@ -131,10 +131,19 @@ func APIInfo(server Server) error { return nil } +// see https://github.com/eduvpn/documentation/blob/v3/API.md#request-1 +func GetPreferTCPString(preferTCP bool) string { + if preferTCP { + return "yes" + } + return "no" +} + func APIConnectWireguard( server Server, profile_id string, pubkey string, + preferTCP bool, supportsOpenVPN bool, ) (string, string, time.Time, error) { errorMessage := "failed obtaining a WireGuard configuration" @@ -143,6 +152,8 @@ func APIConnectWireguard( "accept": {"application/x-wireguard-profile"}, } + // This profile also supports OpenVPN + // Indicate that we also accept OpenVPN profiles if supportsOpenVPN { headers.Add("accept", "application/x-openvpn-profile") } @@ -150,6 +161,7 @@ func APIConnectWireguard( urlForm := url.Values{ "profile_id": {profile_id}, "public_key": {pubkey}, + "prefer_tcp": {GetPreferTCPString(preferTCP)}, } header, connectBody, connectErr := apiAuthorizedRetry( server, @@ -180,7 +192,7 @@ func APIConnectWireguard( return string(connectBody), content, pTime, nil } -func APIConnectOpenVPN(server Server, profile_id string) (string, time.Time, error) { +func APIConnectOpenVPN(server Server, profile_id string, preferTCP bool) (string, time.Time, error) { errorMessage := "failed obtaining an OpenVPN configuration" headers := http.Header{ "content-type": {"application/x-www-form-urlencoded"}, @@ -189,6 +201,7 @@ func APIConnectOpenVPN(server Server, profile_id string) (string, time.Time, err urlForm := url.Values{ "profile_id": {profile_id}, + "prefer_tcp": {GetPreferTCPString(preferTCP)}, } header, connectBody, connectErr := apiAuthorizedRetry( diff --git a/internal/server/common.go b/internal/server/common.go index 36dba32..6f57c7f 100644 --- a/internal/server/common.go +++ b/internal/server/common.go @@ -324,7 +324,7 @@ func getCurrentProfile(server Server) (*ServerProfile, error) { } } -func wireguardGetConfig(server Server, supportsOpenVPN bool) (string, string, error) { +func wireguardGetConfig(server Server, preferTCP bool, supportsOpenVPN bool) (string, string, error) { errorMessage := "failed getting server WireGuard configuration" base, baseErr := server.GetBase() @@ -344,6 +344,7 @@ func wireguardGetConfig(server Server, supportsOpenVPN bool) (string, string, er server, profile_id, wireguardPublicKey, + preferTCP, supportsOpenVPN, ) @@ -366,7 +367,7 @@ func wireguardGetConfig(server Server, supportsOpenVPN bool) (string, string, er return config, content, nil } -func openVPNGetConfig(server Server) (string, string, error) { +func openVPNGetConfig(server Server, preferTCP bool) (string, string, error) { errorMessage := "failed getting server OpenVPN configuration" base, baseErr := server.GetBase() @@ -374,7 +375,7 @@ func openVPNGetConfig(server Server) (string, string, error) { return "", "", &types.WrappedErrorMessage{Message: errorMessage, Err: baseErr} } profile_id := base.Profiles.Current - configOpenVPN, expires, configErr := APIConnectOpenVPN(server, profile_id) + configOpenVPN, expires, configErr := APIConnectOpenVPN(server, profile_id, preferTCP) // Store start and end time base.StartTime = util.GetCurrentTime() @@ -433,14 +434,6 @@ func GetConfig(server Server, preferTCP bool) (string, string, error) { supportsOpenVPN := profile.supportsOpenVPN() supportsWireguard := profile.supportsWireguard() - // If preferTCP we must be able to get a config with OpenVPN - if preferTCP && supportsOpenVPN { - return "", "", &types.WrappedErrorMessage{ - Message: errorMessage, - Err: &ServerGetConfigForceTCPError{}, - } - } - var config string var configType string var configErr error @@ -448,9 +441,9 @@ func GetConfig(server Server, preferTCP bool) (string, string, error) { if supportsWireguard { // A wireguard connect call needs to generate a wireguard key and add it to the config // Also the server could send back an OpenVPN config if it supports OpenVPN - config, configType, configErr = wireguardGetConfig(server, supportsOpenVPN) + config, configType, configErr = wireguardGetConfig(server, preferTCP, supportsOpenVPN) } else { - config, configType, configErr = openVPNGetConfig(server) + config, configType, configErr = openVPNGetConfig(server, preferTCP) } if configErr != nil { -- cgit v1.2.3