bitmask-core

module

v0.0.0-...-5012d17 Latest Latest Go to latest Published: Apr 11, 2024 License: GPL-3.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

0xacab.org/leap/bitmask-core

Links

Open Source Insights

README ¶

bitmask-core

bitmask-core is a library to handle bootstrap for a LEAP provider in an unified way.

features

For the initial boostrap, use DoH or an arbitrary SOCKS5 proxy (for Tor/snowflake).
Handle a local registry of private bridges.
Handle a local registry of known introducers.

Prerequisites

Currently you should have (obfsvpn)[https://0xacab.org/leap/obfsvpn] cloned in the same base directory as bitmask-core (see go.work).

Compile

go build ./cmd/bitmaskcfg

Usage

bitmaskcfg is a CLI tool to fetch a working configuration 
from a LEAP VPN service.

This application can be used to generate an openvpn config file,
or to inspect the health of different endpoints.

Usage:
  bitmaskcfg [command]

Available Commands:
  bridge      Manage private bridges
  completion  Generate the autocompletion script for the specified shell
  config      Fetch and handle configuration
  help        Help about any command
  introducer  Manage obfuscated introducers
  locations   List all known locations

Flags:
      --config string   config file
  -v, --verbose         verbose output
  -h, --help            help for bitmaskcfg

Use "bitmaskcfg [command] --help" for more information about a command.

Examples

Fetching a list of locations

> go run ./cmd/bitmaskcfg --verbose locations ls --host localhost --port 8443 --notls
11:10AM INF Using host: localhost:8443 (ssl=false)
11:10AM DBG Disabling DNS over HTTP (not using SSL)
ID  location     
1   amsterdam    
2   miami        
3   montreal     
4   newyorkcity  
5   paris        
6   seattle

Picking the best location

This command will first fetch gateways for a subset of locations, ping them and then evaluate the best one based on the measured latency:

> go run ./cmd/bitmaskcfg --verbose locations best --host localhost --port 8443 --notls
11:12AM INF Picking best location...
11:12AM INF Using host: localhost:8443 (ssl=false)
11:12AM DBG Disabling DNS over HTTP (not using SSL)
11:12AM DBG 163.172.211.109: min: 10, loss:0.00
11:12AM DBG 163.172.58.132: min: 18, loss:0.00
11:12AM DBG 198.252.153.109: min: 159, loss:0.00
11:12AM DBG results: 3
11:12AM DBG no-loss: 3
Best: amsterdam (163.172.211.109)

Add an introducer

Add a new introducer:

❯ ./bitmaskcfg introducer add litteintroducer "obfsvpnintro://1.2.3.4:8443/?cert=neVUoIX/qGFP59HAz8M5XZAt9vbHIXPx5W68Bo6iZdHaqs9Ec3LTTGV8unhLJslVC0mmGA&kcp=1&fqdn=menshen.asdf.network"

Use the introducer to communicate with the API

After successfully adding an introducer to the database, it can be used to contact the API:

❯ ./bitmaskcfg introducer ls
ID  Selected  Name              Created       Last used
11            littleintroducer  1 min ago     never

❯ ./bitmaskcfg locations best --introducer littleintroducer
4:23PM INF Picking best location...
4:23PM INF using host: menshen.example.org
4:23PM WRN --host=menshen.example.org will be overriden with --fqdn=other.example.org because introducer has precedence
4:23PM INF Using obfuscated http client
Best: paris (163.172.83.106)

Persistent config

You can use $HOME/.bitmaskcfg for some common settings that will be picked by default:

❯ cat ~/.bitmaskcfg
host: menshen.example.org
#bridge: bridge-1
#introducer: littleintroducer

bitmask-linux tool

Additionally, refer to the documentation in cmd/bitmask-linux for an experimental linux client using openvpn3 and dbus.

Maintenance

For synchronized changes in the api, you need to install swag and use make to generate the Swagger client:

go install github.com/swaggo/swag/cmd/swag@latest
make client

Directories ¶

Path	Synopsis
cmd
bitmask-linux
bitmask-linux/cmd
bitmaskcfg
bitmaskcfg/cmd
models
pkg
bootstrap
client
client/provisioning
introducer introducer is a simple obfuscated proxy that points to an instance of the menshen API.	introducer is a simple obfuscated proxy that points to an instance of the menshen API.
latency latency offers functions to sort a list of gateways (or in the future, bridges) by latency from the client's point of view.	latency offers functions to sort a list of gateways (or in the future, bridges) by latency from the client's point of view.
localproxy
models models contains models that relate to client-only concepts, like objects we keep in the internal storage.	models contains models that relate to client-only concepts, like objects we keep in the internal storage.
storage storage provides an embeddable database that bitmask uses to persist a series of values.	storage provides an embeddable database that bitmask uses to persist a series of values.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL