Documentation ¶
Index ¶
- Constants
- Variables
- func CliDimensions() ([]string, error)
- func Columns(input []string) (string, error)
- func Contains[T comparable](l []T, element T) bool
- func DBUSSessionBusAddress(id int64) (string, error)
- func Decrypt(data []byte, passphrase string) ([]byte, error)
- func Encrypt(data []byte, passphrase string) ([]byte, error)
- func EnsureDir(path string) error
- func FileCopy(src, dst string) error
- func FileCreate(path string, permissions os.FileMode) (*os.File, error)
- func FileCreateForUser(path string, permissions os.FileMode, uid int, gid int) (*os.File, error)
- func FileDelete(path string) error
- func FileExists(path string) bool
- func FileLock(filepath string) error
- func FileRead(file string) ([]byte, error)
- func FileSha256(filepath string) (sum []byte, err error)
- func FileTemp(name string, content []byte) (*os.File, error)
- func FileUnlock(filepath string) error
- func FileWritable(path string) bool
- func FileWrite(path string, contents []byte, permissions os.FileMode) error
- func Filter[E any](s []E, f func(E) bool) []E
- func Find[T comparable](l []T, element T) *T
- func GetConfigDirPath(homeDirectory string) (string, error)
- func GetFilesharedPid(uid int) string
- func GetNorduserSocketFork(uid int) string
- func GetNorduserSocketSnap(uid uint32) string
- func GetNorduserdLogPath(uid string) string
- func GetNorduserdSocket(uid int) string
- func GetNordvpnGid() (int, error)
- func GetSignalChan() <-chan os.Signal
- func GetSupportedIPTables() []string
- func IntsToStrings(numbers []int) []string
- func IsCommandAvailable(command string) bool
- func IsDevEnv(env string) bool
- func IsNetworkLinkUnmanaged(link string) bool
- func IsProdEnv(env string) bool
- func IsServiceActive(service string) bool
- func MachineID() uuid.UUID
- func ManualListener(socket string, perm fs.FileMode) func() (net.Listener, error)
- func ManualListenerIfNotInUse(socket string, perm fs.FileMode, pidfile string) func() (net.Listener, error)
- func Obfuscate(text string) string
- func PrefixCommonPath(p string) string
- func PrefixDataPath(p string) string
- func PrefixStaticPath(p string) string
- func SnakeCase(name string) string
- func StringToUcred(ucredStr string) (unix.Ucred, error)
- func StringsContains(haystack []string, needle string) bool
- func StringsGetNext(haystack []string, needle string) string
- func StringsToInterfaces(strings []string) []interface{}
- func SystemDListener() (net.Listener, error)
- func SystemUsers() ([]string, error)
- func SystemUsersIDs() ([]int64, error)
- func Timezone() string
- func Title(name string) string
- func UpdateFilePermissions(name string, mode os.FileMode)
- func WaitSignal()
- type DaemonAuthenticator
- type Environment
- type FileshareAuthenticator
- type LimitListener
- type NetLink
- type SocketAuthenticator
- type UcredAuth
- type UnixSocketCredentials
- func (cr *UnixSocketCredentials) ClientHandshake(_ context.Context, _ string, c net.Conn) (net.Conn, credentials.AuthInfo, error)
- func (cr *UnixSocketCredentials) Clone() credentials.TransportCredentials
- func (cr *UnixSocketCredentials) Info() credentials.ProtocolInfo
- func (cr *UnixSocketCredentials) OverrideServerName(string) error
- func (cr *UnixSocketCredentials) ServerHandshake(c net.Conn) (net.Conn, credentials.AuthInfo, error)
Constants ¶
const ( // Success CodeSuccess int64 = 1000 CodeConnecting int64 = 1001 CodeConnected int64 = 1002 CodeDisconnected int64 = 1003 CodeInteraction int64 = 1004 CodeProxyNone int64 = 1005 CodeSuccessWithArg int64 = 1006 CodeSuccessWithoutAC int64 = 1007 // Warning CodeNothingToDo int64 = 2000 CodeVPNRunning int64 = 2002 CodeVPNNotRunning int64 = 2003 CodeUFWDisabled int64 = 2004 CodeTokenInvalidated int64 = 2005 // Error CodeFailure int64 = 3000 CodeFormatError int64 = 3003 // CodeConfigError is returned when config loading and/or saving fails. CodeConfigError int64 = 3004 CodeEmptyPayloadError int64 = 3005 CodeOffline int64 = 3007 CodeAccountExpired int64 = 3008 CodeVPNMisconfig int64 = 3010 CodeDaemonOffline int64 = 3013 CodeGatewayError int64 = 3014 CodeOutdated int64 = 3015 CodeDependencyError int64 = 3017 CodeNoNewDataError int64 = 3019 CodeNoVPNService int64 = 3020 CodeExpiredRenewToken int64 = 3021 CodeTokenRenewError int64 = 3022 CodeKillSwitchError int64 = 3023 CodeBadRequest int64 = 3024 CodeConflict int64 = 3025 CodeInternalError int64 = 3026 CodeOpenVPNAccountExpired int64 = 3031 CodeTagNonexisting int64 = 3033 CodeDoubleGroupError int64 = 3034 CodeTokenLoginFailure int64 = 3035 CodeGroupNonexisting int64 = 3036 CodeAutoConnectServerNotObfuscated int64 = 3037 CodeAutoConnectServerObfuscated int64 = 3038 CodeTokenInvalid int64 = 3039 CodePrivateSubnetLANDiscovery int64 = 3040 )
const ( // ListenPID defines process id env key ListenPID = "LISTEN_PID" // ListenFDS defines systemDFile descriptors env key ListenFDS = "LISTEN_FDS" // ListenFDNames defines systemDFile descriptors names env key ListenFDNames = "LISTEN_FDNAMES" // Proto defines protocol to be used Proto = "unix" // TmpDir defines temporary storage directory TmpDir = "/tmp/" // NordvpnGroup that can access daemon socket NordvpnGroup = "nordvpn" // PermUserRWX user permission type to read write and execute PermUserRWX = 0700 // PermUserRW user permission type to read and write PermUserRW = 0600 // PermUserRWGroupRW permission type for user and group to read and write, everyone else - no access. PermUserRWGroupRW = 0660 // PermUserRWGroupROthersR user permission type for user to read and write to it, everyone else can only read it. PermUserRWGroupROthersR = 0644 // PermUserRWGroupROthersR allows user and group to read and write, other only read PermUserRWGroupRWOthersR = 0664 // PermUserRWGroupROthersR user permission type for everyone to read and write to it. PermUserRWGroupRWOthersRW = 0666 // PermUserRWXGroupRXOthersRX forbidding group and others to write to it PermUserRWXGroupRXOthersRX = 0755 // ChattrExec is the chattr command executable name ChattrExec = "chattr" // Column is a tool to format data into columns for neater display in CLI ColumnExec = "column" // SttyExec is a tool to change or print CLI settings SttyExec = "stty" // SystemctlExec defines system controller executable SystemctlExec = "systemctl" // NetworkctlExec defines network controller executable NetworkctlExec = "networkctl" // ServerDateFormat defines api date format ServerDateFormat = "2006-01-02 15:04:05" Fileshare = "nordfileshare" Norduser = "norduser" Norduserd = "norduserd" NorduserLogFile = "norduser" + LogFileExtension FileshareHistoryFile = "fileshare_history.db" LogFileExtension = ".log" )
const ( // Development defines development environment Development Environment = "dev" // QA defines qa environment QA = "qa" // Production defines production environment Production = "prod" // Downloader modifies configs and servers jobs Downloader = "downloader" )
const ( ConnectSuccess = "You are connected to %s (%s)!" ReconnectSuccess = "You have been reconnected to %s (%s)" DisconnectSuccess = "You are disconnected from NordVPN." ProtocolErrorMessage = "protocol: failed to parse %s" TechnologyErrorMessage = "technology: failed to parse %s" DaemonConnRefusedErrorMessage = "Cannot reach System Daemon." TagNonexistentErrorMessage = "The specified server does not exist." GroupNonexistentErrorMessage = "The specified group does not exist." FilterNonExistentErrorMessage = "The specified filter does not exist." DoubleGroupErrorMessage = "You cannot connect to a group and set the group option at the same time." DebugPrefix = "[Debug]" // DeferPrefix is used when logging errors in deferred or cleanup code. DeferPrefix = "[Defer]" // ErrorPrefix is used when logging errors, which impact control flow. ErrorPrefix = "[Error]" // WarningPrefix is used when logging errors, which don't impact control flow. WarningPrefix = "[Warning]" InfoPrefix = "[Info]" // UnhandledMessage represents the default message for unhandled errors UnhandledMessage = "Something went wrong. Please try again. If the problem persists, contact our customer support." )
const ( NotificationConnected = 0000 NotificationReconnected = 0001 NotificationDisconnected = 0002 )
Variables ¶
var ( PlatformSupportsIPv4 = true PlatformSupportsIPv6 = true )
var ( // RunDir defines default socket directory RunDir = PrefixCommonPath("/run/nordvpn") // LogPath defines where logs are located if systemd isn't used LogPath = PrefixDataPath("/var/log/nordvpn") // AppDataPath defines path where app data is stored AppDataPath = PrefixDataPath("/var/lib/nordvpn") // AppDataPathCommon defines path where common app data files are stored. These files may // be removed after every app update AppDataPathCommon = PrefixCommonPath("/var/lib/nordvpn") // AppDataPathStatic defines path where static app data (such as helper executables) are // stored. Normally it is the same as AppDataPath AppDataPathStatic = PrefixStaticPath("/var/lib/nordvpn") DatFilesPath = filepath.Join(AppDataPath, "data") DatFilesPathCommon = filepath.Join(AppDataPathCommon, "data") BakFilesPath = filepath.Join(AppDataPath, "backup") // OvpnTemplatePath defines filename of ovpn template file OvpnTemplatePath = filepath.Join(DatFilesPathCommon, "ovpn_template.xslt") // OvpnObfsTemplatePath defines filename of ovpn obfuscated template file OvpnObfsTemplatePath = filepath.Join(DatFilesPathCommon, "ovpn_xor_template.xslt") // ConfigDirectory is used for configuration files storage. Hardcoded only for nordfileshared, in // other cases consider using os.UserConfigDir instead. ConfigDirectory = filepath.Join(".config", "nordvpn") // LogFilePath defines CLI log path LogFilePath = filepath.Join("nordvpn", "cli.log") // DaemonSocket defines system daemon socket file location DaemonSocket = filepath.Join(RunDir, "/nordvpnd.sock") // DaemonPid defines daemon PID file location DaemonPid = filepath.Join(RunDir, "/nordvpnd.pid") NorduserBinaryPath = filepath.Join(AppDataPathStatic, Norduserd) )
var ( ErrDaemonConnectionRefused = errors.New(DaemonConnRefusedErrorMessage) ErrSocketAccessDenied = errors.New("Permission denied accessing " + DaemonSocket) ErrSocketNotFound = errors.New(DaemonSocket + " not found") ErrUnhandled = errors.New(UnhandledMessage) ErrGateway = errors.New("can't find gateway") ErrStdin = errors.New("Stdin: missing argument") ErrTagDoesNotExist = errors.New(TagNonexistentErrorMessage) ErrGroupDoesNotExist = errors.New(GroupNonexistentErrorMessage) ErrDoubleGroup = errors.New(DoubleGroupErrorMessage) // ErrAlreadyLoggedIn is returned on repeated logins ErrAlreadyLoggedIn = errors.New("you are already logged in") // ErrNotLoggedIn is returned when the caller is expected to be logged in // but is not ErrNotLoggedIn = errors.New("you are not logged in") )
var ErrNoPermission error = fmt.Errorf("requesting user does not have permissions")
Functions ¶
func Contains ¶
func Contains[T comparable](l []T, element T) bool
func DBUSSessionBusAddress ¶
DBUSSessionBusAddress finds user dbus session bus address
func FileCreate ¶
FileCreate with the given permissions, but leave the closing to the caller.
func FileCreateForUser ¶
FileCreateForUser but leave closing to the caller.
func FileExists ¶
FileExists checks if the given file exists or not
func FileSha256 ¶
func FileTemp ¶
FileTemp creates temp file, writes given content to it and returns path to temp file
func FileUnlock ¶
FileUnlock removes ia attributes from a file
func FileWritable ¶
FileWritable checks if the given file exists and is writable by its owner
func Find ¶
func Find[T comparable](l []T, element T) *T
func GetConfigDirPath ¶
GetConfigDirPath returns the directory used to store local user config and logs
func GetFilesharedPid ¶
GetFilesharedPid to save fileshare daemon pid
func GetNorduserSocketFork ¶
func GetNorduserSocketSnap ¶
func GetNorduserdLogPath ¶
GetNorduserdLogPath when logs aren't handled by systemd
func GetNorduserdSocket ¶
GetNorduserdSocket to communicate with norduser daemon
func GetNordvpnGid ¶
GetNordvpnGid returns id of group defined in NordvpnGroup
func GetSignalChan ¶
func GetSupportedIPTables ¶
func GetSupportedIPTables() []string
func IntsToStrings ¶
func IsNetworkLinkUnmanaged ¶
func IsServiceActive ¶
IsServiceActive check if given service is active
func ManualListener ¶
ManualListener returns manually created listener with provided permissions
func ManualListenerIfNotInUse ¶
func ManualListenerIfNotInUse(socket string, perm fs.FileMode, pidfile string) func() (net.Listener, error)
ManualListenerIfNotInUse returns manually created listener with provided permissions, it also detects if this socket is in use by another process, and returns an appropriate error if it is.
func PrefixCommonPath ¶
PrefixCommonPath is supposed to be used for files which are version specific and not persistent
func PrefixDataPath ¶
PrefixDataPath is supposed to be used for files which are non version specific and persistent
func PrefixStaticPath ¶
PrefixStaticPath is supposed to be used for files which are version specific and persistent
func StringToUcred ¶
StringToUcred to convert string received from AuthType back to unix.Ucred
func StringsContains ¶
func StringsGetNext ¶
func StringsToInterfaces ¶
func StringsToInterfaces(strings []string) []interface{}
func SystemDListener ¶
SystemDListener returns systemd defined, socket activated listener
func SystemUsersIDs ¶
SystemUsersIDs returns all non-root user ids
func UpdateFilePermissions ¶
UpdateFilePermissions sets permissions of a given file if it exists and logs the error to stdout
Types ¶
type DaemonAuthenticator ¶
type DaemonAuthenticator struct{}
func NewDaemonAuthenticator ¶
func NewDaemonAuthenticator() DaemonAuthenticator
func (DaemonAuthenticator) Authenticate ¶
func (DaemonAuthenticator) Authenticate(ucred *unix.Ucred) error
type Environment ¶
type Environment string
type FileshareAuthenticator ¶
type FileshareAuthenticator struct { // contains filtered or unexported fields }
func NewFileshareAuthenticator ¶
func NewFileshareAuthenticator(controlingUserUUID uint32) FileshareAuthenticator
func (FileshareAuthenticator) Authenticate ¶
func (f FileshareAuthenticator) Authenticate(ucred *unix.Ucred) error
type LimitListener ¶
LimitListener customized limiting listener
func NewLimitListener ¶
func NewLimitListener(ol net.Listener) *LimitListener
type NetLink ¶
func NetworkLinks ¶
type SocketAuthenticator ¶
SocketAuthenticator provides abstraction over various authentication types.
type UnixSocketCredentials ¶
type UnixSocketCredentials struct {
// contains filtered or unexported fields
}
UnixSocketCredentials is used to retrieve linux user ID from unix socket connection between client and daemon Implements credentials.TransportCredentials to be passed to gRPC server initialization
func NewUnixSocketCredentials ¶
func NewUnixSocketCredentials(authenticator SocketAuthenticator) *UnixSocketCredentials
func (*UnixSocketCredentials) ClientHandshake ¶
func (cr *UnixSocketCredentials) ClientHandshake(_ context.Context, _ string, c net.Conn) (net.Conn, credentials.AuthInfo, error)
ClientHandshake is a stub to implement credentials.TransportCredentials
func (*UnixSocketCredentials) Clone ¶
func (cr *UnixSocketCredentials) Clone() credentials.TransportCredentials
Clone is a stub to implement credentials.TransportCredentials
func (*UnixSocketCredentials) Info ¶
func (cr *UnixSocketCredentials) Info() credentials.ProtocolInfo
Info is a stub to implement credentials.TransportCredentials
func (*UnixSocketCredentials) OverrideServerName ¶
func (cr *UnixSocketCredentials) OverrideServerName(string) error
OverrideServerName is a stub to implement credentials.TransportCredentials
func (*UnixSocketCredentials) ServerHandshake ¶
func (cr *UnixSocketCredentials) ServerHandshake(c net.Conn) (net.Conn, credentials.AuthInfo, error)
ServerHandshake is called when client connects to daemon. We retrieve user ID which opened the client here.