internal

package
v0.0.0-...-3f3d8d1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 4, 2025 License: GPL-3.0 Imports: 30 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Success
	CodeSuccess          int64 = 1000
	CodeConnecting       int64 = 1001
	CodeConnected        int64 = 1002
	CodeDisconnected     int64 = 1003
	CodeInteraction      int64 = 1004
	CodeProxyNone        int64 = 1005
	CodeSuccessWithArg   int64 = 1006
	CodeSuccessWithoutAC int64 = 1007

	// Warning
	CodeNothingToDo      int64 = 2000
	CodeVPNRunning       int64 = 2002
	CodeVPNNotRunning    int64 = 2003
	CodeUFWDisabled      int64 = 2004
	CodeTokenInvalidated int64 = 2005

	// Error
	CodeFailure      int64 = 3000
	CodeUnauthorized int64 = 3001
	CodeFormatError  int64 = 3003
	// CodeConfigError is returned when config loading and/or saving fails.
	CodeConfigError                    int64 = 3004
	CodeEmptyPayloadError              int64 = 3005
	CodeOffline                        int64 = 3007
	CodeAccountExpired                 int64 = 3008
	CodeVPNMisconfig                   int64 = 3010
	CodeDaemonOffline                  int64 = 3013
	CodeGatewayError                   int64 = 3014
	CodeOutdated                       int64 = 3015
	CodeDependencyError                int64 = 3017
	CodeNoNewDataError                 int64 = 3019
	CodeNoService                      int64 = 3020
	CodeExpiredRenewToken              int64 = 3021
	CodeTokenRenewError                int64 = 3022
	CodeKillSwitchError                int64 = 3023
	CodeBadRequest                     int64 = 3024
	CodeConflict                       int64 = 3025
	CodeInternalError                  int64 = 3026
	CodeOpenVPNAccountExpired          int64 = 3031
	CodeServerUnavailable              int64 = 3032
	CodeTagNonexisting                 int64 = 3033
	CodeDoubleGroupError               int64 = 3034
	CodeTokenLoginFailure              int64 = 3035
	CodeGroupNonexisting               int64 = 3036
	CodeAutoConnectServerNotObfuscated int64 = 3037
	CodeAutoConnectServerObfuscated    int64 = 3038
	CodeTokenInvalid                   int64 = 3039
	CodePrivateSubnetLANDiscovery      int64 = 3040
	CodeDedicatedIPRenewError          int64 = 3041
	CodeDedicatedIPNoServer            int64 = 3042
	CodeDedicatedIPServiceButNoServers int64 = 3043
	CodeAllowlistInvalidSubnet         int64 = 3044
	CodeAllowlistSubnetNoop            int64 = 3045
	CodeAllowlistPortOutOfRange        int64 = 3046
	CodeAllowlistPortNoop              int64 = 3047
	CodePqAndMeshnetSimultaneously     int64 = 3048
	CodePqWithoutNordlynx              int64 = 3049
	CodeFeatureHidden                  int64 = 3050
	CodeTechnologyDisabled             int64 = 3051
)
View Source 
const (
	// ListenPID defines process id env key
	ListenPID = "LISTEN_PID"

	// ListenFDS defines systemDFile descriptors env key
	ListenFDS = "LISTEN_FDS"

	// ListenFDNames defines systemDFile descriptors names env key
	ListenFDNames = "LISTEN_FDNAMES"

	// Proto defines protocol to be used
	Proto = "unix"

	// TmpDir defines temporary storage directory
	TmpDir = "/tmp/"

	// NordvpnGroup that can access daemon socket
	NordvpnGroup = "nordvpn"

	// PermUserRWX user permission type to read write and execute
	PermUserRWX = 0700

	// PermUserRW user permission type to read and write
	PermUserRW = 0600

	// PermUserRWGroupRW permission type for user and group to read and write, everyone else - no access.
	PermUserRWGroupRW = 0660

	// PermUserRWGroupROthersR user permission type for user to read and write to it, everyone else can only read it.
	PermUserRWGroupROthersR = 0644

	// PermUserRWGroupROthersR allows user and group to read and write, other only read
	PermUserRWGroupRWOthersR = 0664

	// PermUserRWGroupROthersR user permission type for everyone to read and write to it.
	PermUserRWGroupRWOthersRW = 0666

	// PermUserRWXGroupRXOthersRX forbidding group and others to write to it
	PermUserRWXGroupRXOthersRX = 0755

	// ChattrExec is the chattr command executable name
	ChattrExec = "chattr"

	// LsattrExec is the lsattr command executable name
	LsattrExec = "lsattr"

	// SttyExec is a tool to change or print CLI settings
	SttyExec = "stty"

	// SystemctlExec defines system controller executable
	SystemctlExec = "systemctl"

	// NetworkctlExec defines network controller executable
	NetworkctlExec = "networkctl"

	// ServerDateFormat defines api date format
	ServerDateFormat = "2006-01-02 15:04:05"

	// Date format to include only the year and the month
	YearMonthDateFormat = "2006-01"

	// Fileshared defines filesharing process name
	Fileshare = "nordfileshare"

	Norduserd = "norduserd"

	NorduserdLogFileName = "norduserd" + LogFileExtension

	// FileshareHistoryFile is the storage file used by libdrop
	FileshareHistoryFileName = "fileshare_history.db"

	FileshareSocket = TmpDir + "fileshare.sock"

	FileshareLogFileName = "nordfileshare" + LogFileExtension

	LogFileExtension = ".log"

	SecondsToWaitForIptablesLock = "5" // use string to easier concatenate into the command args

	// MFAEnabledStatusName is a string value used to denote enabled multifactor authentication in a response to the
	// /v1/users/oauth/mfa/status by the core API
	MFAEnabledStatusName = "enabled"
	// AllowlistMinPort defines min port which can be allowlisted
	AllowlistMinPort = 1
	// AllowlistMaxPort defines max port which can be allowlisted
	AllowlistMaxPort = 65535

	NordWhisperInterfaceName = "qtun"
)
View Source 
const (
	// Development defines development environment
	Development Environment = "dev"
	// QA defines qa environment
	QA = "qa"
	// Production defines production environment
	Production = "prod"
	// Downloader modifies configs and servers jobs
	Downloader = "downloader"
)
View Source 
const (
	ConnectSuccess    = "You are connected to %s (%s)%s!"
	ReconnectSuccess  = "You have been reconnected to %s (%s)"
	DisconnectSuccess = "You are disconnected from NordVPN."

	ProtocolErrorMessage   = "protocol: failed to parse %s"
	TechnologyErrorMessage = "technology: failed to parse %s"

	DaemonConnRefusedErrorMessage = "Cannot reach System Daemon."

	ServerUnavailableErrorMessage = "The specified server is not available at the moment or does not support your connection settings."
	TagNonexistentErrorMessage    = "The specified server does not exist."
	GroupNonexistentErrorMessage  = "The specified group does not exist."
	FilterNonExistentErrorMessage = "The specified filter does not exist."
	DoubleGroupErrorMessage       = "You cannot connect to a group and set the group option at the same time."

	DebugPrefix = "[Debug]"
	// DeferPrefix is used when logging errors in deferred or cleanup code.
	DeferPrefix = "[Defer]"
	// ErrorPrefix is used when logging errors, which impact control flow.
	ErrorPrefix = "[Error]"
	// WarningPrefix is used when logging errors, which don't impact control flow.
	WarningPrefix = "[Warning]"
	InfoPrefix    = "[Info]"

	// UnhandledMessage represents the default message for unhandled errors
	UnhandledMessage = "Something went wrong. Please try again. If the problem persists, contact our customer support."

	// Error message when the server is a virtual location, but user has virtual-location off
	SpecifiedServerIsVirtualLocation = "Please enable virtual location access to connect to this server."
)
View Source 
const (
	NotificationConnected    = 0000
	NotificationReconnected  = 0001
	NotificationDisconnected = 0002
)

Variables

View Source 
var (
	PlatformSupportsIPv4 = true
	PlatformSupportsIPv6 = true
)
View Source 
var (
	// RunDir defines default socket directory
	RunDir = PrefixCommonPath("/run/nordvpn")

	// LogPath defines where logs are located if systemd isn't used
	LogPath = PrefixDataPath("/var/log/nordvpn")

	// AppDataPath defines path where app data is stored
	AppDataPath = PrefixDataPath("/var/lib/nordvpn")

	// AppDataPathCommon defines path where common app data files are stored. These files may
	// be removed after every app update
	AppDataPathCommon = PrefixCommonPath("/var/lib/nordvpn")

	// AppDataPathStatic defines path where static app data (such as helper executables) are stored
	AppDataPathStatic = PrefixStaticPath("/usr/lib/nordvpn")

	DatFilesPath = filepath.Join(AppDataPath, "data")

	DatFilesPathCommon = filepath.Join(AppDataPathCommon, "data")

	BakFilesPath = filepath.Join(AppDataPath, "backup")

	// OvpnTemplatePath defines filename of ovpn template file
	OvpnTemplatePath = filepath.Join(DatFilesPathCommon, "ovpn_template.xslt")

	// OvpnObfsTemplatePath defines filename of ovpn obfuscated template file
	OvpnObfsTemplatePath = filepath.Join(DatFilesPathCommon, "ovpn_xor_template.xslt")

	// DaemonSocket defines system daemon socket file location
	DaemonSocket = filepath.Join(RunDir, "/nordvpnd.sock")

	// DaemonPid defines daemon PID file location
	DaemonPid = filepath.Join(RunDir, "/nordvpnd.pid")

	FileshareBinaryPath = filepath.Join(AppDataPathStatic, Fileshare)

	NorduserdBinaryPath = filepath.Join(AppDataPathStatic, Norduserd)
)
View Source 
var (
	ErrDaemonConnectionRefused = errors.New(DaemonConnRefusedErrorMessage)
	ErrSocketAccessDenied      = errors.New("Permission denied accessing " + DaemonSocket)
	ErrSocketNotFound          = errors.New(DaemonSocket + " not found")
	ErrUnhandled               = errors.New(UnhandledMessage)
	ErrGateway                 = errors.New("can't find gateway")
	ErrStdin                   = errors.New("Stdin: missing argument")
	ErrServerIsUnavailable     = errors.New(ServerUnavailableErrorMessage)
	ErrTagDoesNotExist         = errors.New(TagNonexistentErrorMessage)
	ErrGroupDoesNotExist       = errors.New(GroupNonexistentErrorMessage)
	ErrDoubleGroup             = errors.New(DoubleGroupErrorMessage)
	// ErrAlreadyLoggedIn is returned on repeated logins
	ErrAlreadyLoggedIn = errors.New("you are already logged in")
	// ErrNotLoggedIn is returned when the caller is expected to be logged in
	// but is not
	ErrNotLoggedIn           = errors.New("you are not logged in")
	ErrVirtualServerSelected = errors.New(SpecifiedServerIsVirtualLocation)
)
View Source 
var ErrNoPermission error = fmt.Errorf("requesting user does not have permissions")

Functions

func Contains 

func Contains[T comparable](l []T, element T) bool

func CopyStringSlice 

func CopyStringSlice(src []string) []string

func Decrypt 

func Decrypt(data []byte, passphrase string) ([]byte, error)

func Encrypt 

func Encrypt(data []byte, passphrase string) ([]byte, error)

func EnsureDir 

func EnsureDir(path string) error

EnsureDir creates all directories along the path excluding the last element.

func EnsureDirFull 

func EnsureDirFull(path string) error

EnsureDirAll creates all directories along the path.

func FileCopy 

func FileCopy(src, dst string) error

FileCopy copies a file in path src to path dst

func FileCreate 

func FileCreate(path string, permissions os.FileMode) (*os.File, error)

FileCreate with the given permissions, but leave the closing to the caller.

func FileDelete 

func FileDelete(path string) error

FileDelete deletes file from system

func FileExists 

func FileExists(path string) bool

FileExists checks if the given file exists or not

func FileLock 

func FileLock(filepath string) error

FileLock adds i attribute from a file

func FileRead 

func FileRead(file string) ([]byte, error)

FileRead reads all file

func FileSha256 

func FileSha256(filepath string) (sum []byte, err error)

func FileTemp 

func FileTemp(name string, content []byte) (*os.File, error)

FileTemp creates temp file, writes given content to it and returns path to temp file

func FileUnlock 

func FileUnlock(filepath string) error

FileUnlock removes ia attributes from a file

func FileWritable 

func FileWritable(path string) bool

FileWritable checks if the given file exists and is writable by its owner

func FileWrite 

func FileWrite(path string, contents []byte, permissions os.FileMode) error

FileWrite writes the given string array to file, previously flushing it clean

func Filter 

func Filter[E any](s []E, f func(E) bool) []E

Filter returns a new slice with only the elements, for which f returned true.

func Find 

func Find[T comparable](l []T, element T) *T

func GetCacheDirPath 

func GetCacheDirPath(homeDirectory string) (string, error)

GetCacheDirPath returns the directory used to store local user logs

func GetConfigDirPath 

func GetConfigDirPath(homeDirectory string) (string, error)

GetConfigDirPath returns the directory used to store local user config

func GetNorduserSocketFork 

func GetNorduserSocketFork(uid int) string

func GetNorduserSocketSnap 

func GetNorduserSocketSnap(uid int) string

func GetNorduserdSocket 

func GetNorduserdSocket(uid int) string

GetNorduserdSocket to communicate with norduser daemon

func GetNordvpnGid 

func GetNordvpnGid() (int, error)

GetNordvpnGid returns id of group defined in NordvpnGroup

func GetSignalChan 

func GetSignalChan() <-chan os.Signal

func GetSupportedIPTables 

func GetSupportedIPTables() []string

func IntsToStrings 

func IntsToStrings(numbers []int) []string

func IsCommandAvailable 

func IsCommandAvailable(command string) bool

checks if command is in PATH

func IsDevEnv 

func IsDevEnv(env string) bool

IsDevEnv short hand of condition check, for clear reading

func IsFile 

func IsFile(fileName string) bool

func IsFileLocked 

func IsFileLocked(filepath string) bool

IsFileLocked checks if file is immutable

func IsNetworkLinkUnmanaged 

func IsNetworkLinkUnmanaged(link string) bool

func IsProcessRunning 

func IsProcessRunning(execPath string) bool

IsProcessRunning returns `true` if the executable specified as an argument is being executed, `false` otherwise.

func IsProdEnv 

func IsProdEnv(env string) bool

IsProdEnv short hand of condition check, for clear reading

func IsServiceActive 

func IsServiceActive(service string) bool

IsServiceActive check if given service is active 

func IsSymLink(fileName string) bool

IsSymLink check if file name is sym link

func IsSystemShutdown 

func IsSystemShutdown() bool

IsSystemShutdown detect if system is being shutdown

func IsSystemd 

func IsSystemd() bool

IsSystemd detect if system is running systemd

func ManualListener 

func ManualListener(socket string, perm fs.FileMode) func() (net.Listener, error)

ManualListener returns manually created listener with provided permissions

func ManualListenerIfNotInUse 

func ManualListenerIfNotInUse(socket string, perm fs.FileMode, pidfile string) func() (net.Listener, error)

ManualListenerIfNotInUse returns manually created listener with provided permissions, it also detects if this socket is in use by another process, and returns an appropriate error if it is.

func NewErrorWithCode 

func NewErrorWithCode(code int64) error

func OpenOrCreateRegularFile 

func OpenOrCreateRegularFile(fileName string, flags int, permission fs.FileMode) (*os.File, error)

Will open or create the given file. If a file already exists with the given name but is not a regular file, e.g. a symlink, it will be deleted and a regular file re-created instead

func PrefixCommonPath 

func PrefixCommonPath(p string) string

PrefixCommonPath is supposed to be used for files which are version specific and not persistent

func PrefixDataPath 

func PrefixDataPath(p string) string

PrefixDataPath is supposed to be used for files which are non version specific and persistent

func PrefixStaticPath 

func PrefixStaticPath(p string) string

PrefixStaticPath is supposed to be used for files which are version specific and persistent

func RemoveNonAlphanumeric 

func RemoveNonAlphanumeric(name string) string

func SnakeCase 

func SnakeCase(name string) string

func StringToUcred 

func StringToUcred(ucredStr string) (unix.Ucred, error)

StringToUcred to convert string received from AuthType back to unix.Ucred

func StringsContains 

func StringsContains(haystack []string, needle string) bool

func StringsGetNext 

func StringsGetNext(haystack []string, needle string) string

func StringsToInterfaces 

func StringsToInterfaces(strings []string) []interface{}

func SystemDListener 

func SystemDListener() (net.Listener, error)

SystemDListener returns systemd defined, socket activated listener

func Timezone 

func Timezone() string

Timezone returns system timezone

func Title 

func Title(name string) string

func UpdateFilePermissions 

func UpdateFilePermissions(name string, mode os.FileMode)

UpdateFilePermissions sets permissions of a given file if it exists and logs the error to stdout

func WaitSignal 

func WaitSignal()

WaitSignal for app to shutdown

Types

type DaemonAuthenticator 

type DaemonAuthenticator struct{}

func NewDaemonAuthenticator 

func NewDaemonAuthenticator() DaemonAuthenticator

func (DaemonAuthenticator) Authenticate 

func (DaemonAuthenticator) Authenticate(ucred *unix.Ucred) error

type Environment 

type Environment string

type ErrorWithCode 

type ErrorWithCode struct {
	Code int64
}

func (*ErrorWithCode) Error 

func (e *ErrorWithCode) Error() string

type FileshareAuthenticator 

type FileshareAuthenticator struct {
	DaemonAuthenticator
	// contains filtered or unexported fields
}

func NewFileshareAuthenticator 

func NewFileshareAuthenticator(controlingUserUUID uint32) FileshareAuthenticator

func (FileshareAuthenticator) Authenticate 

func (f FileshareAuthenticator) Authenticate(ucred *unix.Ucred) error
type NetLink struct {
	Name    string
	Address string
	Index   int
}
func NetworkLinks() ([]NetLink, error)

type SocketAuthenticator 

type SocketAuthenticator interface {
	Authenticate(ucred *unix.Ucred) error
}

SocketAuthenticator provides abstraction over various authentication types.

type UcredAuth 

type UcredAuth unix.Ucred

UcredAuth is a wrapper to use unix.Ucred as gRPC credentials.AuthInfo

func (UcredAuth) AuthType 

func (u UcredAuth) AuthType() string

AuthType returns "pid:uid:gid", for example "5555:1000:1000" Use StringToUcred to convert string back to unix.Ucred

type UnixSocketCredentials 

type UnixSocketCredentials struct {
	// contains filtered or unexported fields
}

UnixSocketCredentials is used to retrieve linux user ID from unix socket connection between client and daemon Implements credentials.TransportCredentials to be passed to gRPC server initialization

func NewUnixSocketCredentials 

func NewUnixSocketCredentials(authenticator SocketAuthenticator) *UnixSocketCredentials

func (*UnixSocketCredentials) ClientHandshake 

func (cr *UnixSocketCredentials) ClientHandshake(_ context.Context, _ string, c net.Conn) (net.Conn, credentials.AuthInfo, error)

ClientHandshake is a stub to implement credentials.TransportCredentials

func (*UnixSocketCredentials) Clone 

func (cr *UnixSocketCredentials) Clone() credentials.TransportCredentials

Clone is a stub to implement credentials.TransportCredentials

func (*UnixSocketCredentials) Info 

func (cr *UnixSocketCredentials) Info() credentials.ProtocolInfo

Info is a stub to implement credentials.TransportCredentials

func (*UnixSocketCredentials) OverrideServerName 

func (cr *UnixSocketCredentials) OverrideServerName(string) error

OverrideServerName is a stub to implement credentials.TransportCredentials

func (*UnixSocketCredentials) ServerHandshake 

func (cr *UnixSocketCredentials) ServerHandshake(c net.Conn) (net.Conn, credentials.AuthInfo, error)

ServerHandshake is called when client connects to daemon. We retrieve user ID which opened the client here.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.