Add `mullvad proxy` command

The `proxy` subcommand will allow for adding/deleting/editing/showing different API access methods using the mullvad CLI.
author: Markus Pettersson <markus.pettersson@mullvad.net> 2023-08-28 10:10:46 +0200
committer: David Lönnhager <david.l@mullvad.net> 2023-10-09 14:39:59 +0200
commit: 44656b65922ee0b8c76db50a22f93e10158e8b59 (patch)
tree: fd00252e28d3f8561dc9be818e5f9a86d0bcf678 /mullvad-cli/src
parent: 2796dda1376e0d7b78fc274ada988a8a371101a2 (diff)
download: mullvadvpn-44656b65922ee0b8c76db50a22f93e10158e8b59.tar.xz
mullvadvpn-44656b65922ee0b8c76db50a22f93e10158e8b59.zip
3 files changed, 103 insertions, 0 deletions
diff --git a/mullvad-cli/src/cmds/mod.rs b/mullvad-cli/src/cmds/mod.rs
index c63a981133..cf715c9e9f 100644
--- a/mullvad-cli/src/cmds/mod.rs
+++ b/mullvad-cli/src/cmds/mod.rs
@@ -10,6 +10,7 @@ pub mod dns;
 pub mod lan;
 pub mod lockdown;
 pub mod obfuscation;
+pub mod proxy;
 pub mod relay;
 pub mod relay_constraints;
 pub mod reset;
diff --git a/mullvad-cli/src/cmds/proxy.rs b/mullvad-cli/src/cmds/proxy.rs
new file mode 100644
index 0000000000..c12aee3683
--- /dev/null
+++ b/mullvad-cli/src/cmds/proxy.rs
@@ -0,0 +1,95 @@
+use anyhow::Result;
+use mullvad_management_interface::MullvadProxyClient;
+use std::net::IpAddr;
+
+use clap::Subcommand;
+use talpid_types::net::openvpn::SHADOWSOCKS_CIPHERS;
+
+#[derive(Subcommand, Debug)]
+pub enum Proxy {
+    /// Get current api settings
+    #[clap(subcommand)]
+    Api(ApiCommands),
+}
+
+impl Proxy {
+    pub async fn handle(self) -> Result<()> {
+        match self {
+            Proxy::Api(cmd) => match cmd {
+                ApiCommands::List => {
+                    println!("Listing the API access methods: ..");
+                    Self::list().await?;
+                }
+                ApiCommands::Add(cmd) => match cmd {
+                    _ => println!("[NOT IMPEMENTLED YET] Adding custom proxy: {:?}", cmd),
+                },
+            },
+        };
+        Ok(())
+    }
+
+    /// Show all API access methods.
+    async fn list() -> Result<()> {
+        let mut rpc = MullvadProxyClient::new().await?;
+        println!("Calling [rpc::get_api_access_methods] ..");
+        for api_access_method in rpc.get_api_access_methods().await? {
+            println!("{:?}", api_access_method);
+        }
+        Ok(())
+    }
+}
+
+#[derive(Subcommand, Debug, Clone)]
+pub enum ApiCommands {
+    /// List the configured API proxies
+    List,
+
+    /// Add a custom API proxy
+    #[clap(subcommand)]
+    Add(AddCustomCommands),
+}
+
+#[derive(Subcommand, Debug, Clone)]
+pub enum AddCustomCommands {
+    /// Configure a local SOCKS5 proxy
+    Local {
+        /// The port that the server on localhost is listening on
+        local_port: u16,
+        /// The IP of the remote peer
+        remote_ip: IpAddr,
+        /// The port of the remote peer
+        remote_port: u16,
+    },
+
+    /// Configure a remote SOCKS5 proxy
+    Remote {
+        /// The IP of the remote proxy server
+        remote_ip: IpAddr,
+        /// The port of the remote proxy server
+        remote_port: u16,
+
+        /// Username for authentication
+        #[arg(requires = "password")]
+        username: Option<String>,
+        /// Password for authentication
+        #[arg(requires = "username")]
+        password: Option<String>,
+    },
+
+    /// Configure bundled Shadowsocks proxy
+    Shadowsocks {
+        /// The IP of the remote Shadowsocks server
+        remote_ip: IpAddr,
+        /// The port of the remote Shadowsocks server
+        #[arg(default_value = "443")]
+        remote_port: u16,
+
+        /// Password for authentication
+        #[arg(default_value = "mullvad")]
+        password: String,
+
+        /// Cipher to use
+        #[arg(value_parser = SHADOWSOCKS_CIPHERS, default_value = "aes-256-gcm")]
+        cipher: String,
+    },
+}
diff --git a/mullvad-cli/src/main.rs b/mullvad-cli/src/main.rs
index 41f1643970..057eb20dea 100644
--- a/mullvad-cli/src/main.rs
+++ b/mullvad-cli/src/main.rs
@@ -71,6 +71,12 @@ enum Cli {
     #[clap(subcommand)]
     Relay(relay::Relay),
 
+    /// Manage use of proxies (SOCKS proxies and Shadowsocks) for reaching the API.
+    /// Can make the daemon connect to the the Mullvad API via one of the
+    /// Mullvad bridge servers or a custom proxy.
+    #[clap(subcommand)]
+    Proxy(proxy::Proxy),
+
     /// Manage use of obfuscation protocols for WireGuard.
     /// Can make WireGuard traffic look like something else on the network.
     /// Helps circumvent censorship and to establish a tunnel when on restricted networks
@@ -134,6 +140,7 @@ async fn main() -> Result<()> {
         Cli::Dns(cmd) => cmd.handle().await,
         Cli::Lan(cmd) => cmd.handle().await,
         Cli::Obfuscation(cmd) => cmd.handle().await,
+        Cli::Proxy(cmd) => cmd.handle().await,
         Cli::Version => version::print().await,
         Cli::FactoryReset => reset::handle().await,
         Cli::Relay(cmd) => cmd.handle().await,
author	Markus Pettersson <markus.pettersson@mullvad.net>	2023-08-28 10:10:46 +0200
committer	David Lönnhager <david.l@mullvad.net>	2023-10-09 14:39:59 +0200
commit	44656b65922ee0b8c76db50a22f93e10158e8b59 (patch)
tree	fd00252e28d3f8561dc9be818e5f9a86d0bcf678 /mullvad-cli/src
parent	2796dda1376e0d7b78fc274ada988a8a371101a2 (diff)
download	mullvadvpn-44656b65922ee0b8c76db50a22f93e10158e8b59.tar.xz mullvadvpn-44656b65922ee0b8c76db50a22f93e10158e8b59.zip