func applyClientConfig(client *client.Client, cfg *config.Config) {
cfgMutex.Lock()
defer cfgMutex.Unlock()
autoupdate.Configure(cfg)
logging.Configure(cfg.Addr, cfg.CloudConfigCA, cfg.InstanceId,
version, revisionDate)
settings.Configure(cfg, version, revisionDate, buildDate)
proxiedsites.Configure(cfg.ProxiedSites)
analytics.Configure(cfg, version)
log.Debugf("Proxy all traffic or not: %v", cfg.Client.ProxyAll)
ServeProxyAllPacFile(cfg.Client.ProxyAll)
// Note - we deliberately ignore the error from statreporter.Configure here
_ = statreporter.Configure(cfg.Stats)
// Update client configuration and get the highest QOS dialer available.
hqfd := client.Configure(cfg.Client)
if hqfd == nil {
log.Errorf("No fronted dialer available, not enabling geolocation, config lookup, or stats")
} else {
// Give everyone their own *http.Client that uses the highest QOS dialer. Separate
// clients for everyone avoids data races configuring those clients.
config.Configure(hqfd.NewDirectDomainFronter())
geolookup.Configure(hqfd.NewDirectDomainFronter())
statserver.Configure(hqfd.NewDirectDomainFronter())
// Note we don't call Configure on analytics here, as that would
// result in an extra analytics call and double counting.
}
}
func doMain() error {
if err := logging.Init(); err != nil {
return err
}
// Schedule cleanup actions
handleSignals()
addExitFunc(func() {
if err := logging.Close(); err != nil {
log.Debugf("Error closing log: %v", err)
}
})
addExitFunc(quitSystray)
i18nInit()
if showui {
if err := configureSystemTray(); err != nil {
return err
}
}
displayVersion()
parseFlags()
cfg, err := config.Init(packageVersion)
if err != nil {
return fmt.Errorf("Unable to initialize configuration: %v", err)
}
go func() {
err := config.Run(func(updated *config.Config) {
configUpdates <- updated
})
if err != nil {
exit(err)
}
}()
if *help || cfg.Addr == "" || (cfg.Role != "server" && cfg.Role != "client") {
flag.Usage()
return fmt.Errorf("Wrong arguments")
}
finishProfiling := profiling.Start(cfg.CpuProfile, cfg.MemProfile)
defer finishProfiling()
// Configure stats initially
if err := statreporter.Configure(cfg.Stats); err != nil {
return err
}
log.Debug("Running proxy")
if cfg.IsDownstream() {
// This will open a proxy on the address and port given by -addr
go runClientProxy(cfg)
} else {
go runServerProxy(cfg)
}
return waitForExit()
}
// Runs the server-side proxy
func runServerProxy(cfg *config.Config) {
useAllCores()
pkFile, err := config.InConfigDir("proxypk.pem")
if err != nil {
log.Fatal(err)
}
certFile, err := config.InConfigDir("servercert.pem")
if err != nil {
log.Fatal(err)
}
updateServerSideConfigClient(cfg)
srv := &server.Server{
Addr: cfg.Addr,
ReadTimeout: 0, // don't timeout
WriteTimeout: 0,
CertContext: &fronted.CertContext{
PKFile: pkFile,
ServerCertFile: certFile,
},
AllowedPorts: []int{80, 443, 8080, 8443, 5222, 5223, 5228},
// We've observed high resource consumption from these countries for
// purposes unrelated to Lantern's mission, so we disallow them.
BannedCountries: []string{"PH"},
}
srv.Configure(cfg.Server)
// Continually poll for config updates and update server accordingly
go func() {
for {
cfg := <-configUpdates
updateServerSideConfigClient(cfg)
if err := statreporter.Configure(cfg.Stats); err != nil {
log.Debugf("Error configuring statreporter: %v", err)
}
srv.Configure(cfg.Server)
}
}()
err = srv.ListenAndServe(func(update func(*server.ServerConfig) error) {
err := config.Update(func(cfg *config.Config) error {
return update(cfg.Server)
})
if err != nil {
log.Errorf("Error while trying to update: %v", err)
}
})
if err != nil {
log.Fatalf("Unable to run server proxy: %s", err)
}
}
// Runs the server-side proxy
func runServerProxy(cfg *config.Config) {
useAllCores()
pkFile, err := config.InConfigDir("proxypk.pem")
if err != nil {
log.Fatal(err)
}
certFile, err := config.InConfigDir("servercert.pem")
if err != nil {
log.Fatal(err)
}
updateServerSideConfigClient(cfg)
srv := &server.Server{
Addr: cfg.Addr,
ReadTimeout: 0, // don't timeout
WriteTimeout: 0,
CertContext: &fronted.CertContext{
PKFile: pkFile,
ServerCertFile: certFile,
},
AllowedPorts: []int{80, 443, 8080, 8443, 5222, 5223, 5228},
// We allow all censored countries plus us, es, mx, and gb because we do work
// and testing from those countries.
AllowedCountries: []string{"US", "ES", "MX", "GB", "CN", "VN", "IN", "IQ", "IR", "CU", "SY", "SA", "BH", "ET", "ER", "UZ", "TM", "PK", "TR", "VE"},
}
srv.Configure(cfg.Server)
// Continually poll for config updates and update server accordingly
go func() {
for {
cfg := <-configUpdates
updateServerSideConfigClient(cfg)
statreporter.Configure(cfg.Stats)
srv.Configure(cfg.Server)
}
}()
err = srv.ListenAndServe(func(update func(*server.ServerConfig) error) {
err := config.Update(func(cfg *config.Config) error {
return update(cfg.Server)
})
if err != nil {
log.Errorf("Error while trying to update: %v", err)
}
})
if err != nil {
log.Fatalf("Unable to run server proxy: %s", err)
}
}