finally more UDP refinements, but minor. WIP I2P-powered VPN. moving Encrypt/Decrypt keys to own lib, make easier to use soon.

Makefile

@@ -16,7 +16,12 @@ echo:
 	find . -path ./.go -prune -o -name "*.go" -exec gofmt -w {} \;
 	find . -path ./.go -prune -o -name "*.i2pkeys" -exec rm {} \;
 
-test: test-ntcp test-ssu test-config test-manager
+test: test-ntcp test-ssu test-vpn test-config test-manager
+
+full-test: test-serve test
+
+test-serve:
+	cd serve_test && go test
 
 test-ntcp:
 	go test
@@ -24,6 +29,9 @@ test-ntcp:
 test-ssu:
 	cd udp && go test
 
+test-vpn:
+	cd csvpn && go test
+
 test-config:
 	cd config && go test
 
@@ -41,8 +49,10 @@ gdb-web:
 refresh:
 
 deps:
+	go get -u github.com/songgao/water
 	go get -u github.com/gtank/cryptopasta
 	go get -u github.com/zieckey/goini
+	go get -u github.com/eyedeekay/udptunnel
 	go get -u github.com/eyedeekay/sam-forwarder
 	go get -u github.com/eyedeekay/sam-forwarder/udp
 	go get -u github.com/eyedeekay/sam-forwarder/config

README.md.asc

@@ -83,12 +83,12 @@ I'm eventually going to make the manager implement net.Conn. This won't be
 exposed in the default application probably though, but rather as a library.
 -----BEGIN PGP SIGNATURE-----
 
-iQEzBAEBCAAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAlwAiTIACgkQ11wDs5te
-FOHzzwgAighf8VTfPtzAy0V6JNKA10AE2dXSb49HI5Hrsi/XHrlGGVriwWAIbq5B
-4XK3Br+ribXGzac/j28/TnHqCpUhJleCYwnSerfMFwvjrKsyqhMrT+fG55RjX+k1
-VzeG1b7QNYNnx2abMMXQ+P0yamsdmMsphb3nxXpNLJyxwFEp6B0OwSX6De5dEL+0
-2ufelI6b5wMcDlwdGbeVmQQqr08qMTJGgu7e1S/Mfl9wlh+/KpHkvlgTTGejwM1t
-Pnx/UJVjHzR90wk9D2UFaRSmkHhNFQAYz6MCqBFyvb5gpsoutRHd9bK8mjKZDQwi
-JRZkuG4yvl3J8ZCzpQVn2n/qA5Udtw==
-=FL4H
+iQEzBAEBCAAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAlwCQB4ACgkQ11wDs5te
+FOGS9wf+Nd+xcruNib+9rHhMWfuDFw4v10Bj4SAR+XucZLfbRwPXEO83jDuxp1vM
+aoWX0K3DNLN7zj1kV+mtLoliYgG4/8RdbBP08O9ErdLWgT3lh5sUpD5i0JBaGo4U
+F1e5DAABsm4/uAPVGkq4vVm5goA55g3Izy20qApvrApaKhDVRy1WI21eeOX0qc0k
+xDc2eeMuqc/183kmQW2H6IbsEx4MQJ7kNTSLl5Mtv6Frg//1NxLGBhAdjjpt47dS
+WZnidyOJdV1yP57N+MaevrLLKGZXH9gzbZmkgpd4PH3OLt3r418dno7IMR8Z7wwN
+5X5e8pjPsEMWHbjxZJ6Vb57vEL0Chw==
+=zRKa
 -----END PGP SIGNATURE-----

csvpn/vpn.go

@@ -1 +1,161 @@
 package i2pvpn
+
+import (
+	"bytes"
+	"io"
+	"log"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/eyedeekay/sam-forwarder/udp"
+	"github.com/eyedeekay/sam3"
+	"github.com/eyedeekay/udptunnel/tunnel"
+)
+
+type SAMClientServerVPN struct {
+	// i2p tunnel
+	I2PTunnel samforwarderudp.SAMSSUForwarder
+	// VPN tunnel
+	VPNTunnel  udptunnel.Tunnel
+	ServerMode bool
+	samConn    *sam3.SAM
+	SamKeys    sam3.I2PKeys
+	SamHost    string
+	SamPort    string
+	TunName    string
+	Type       string
+
+	TargetHost string
+	TargetPort string
+
+	FilePath string
+	file     io.ReadWriter
+	save     bool
+
+	// samcatd options
+	passfile string
+
+	// I2CP options
+	encryptLeaseSet           string
+	leaseSetKey               string
+	leaseSetPrivateKey        string
+	leaseSetPrivateSigningKey string
+	inAllowZeroHop            string
+	outAllowZeroHop           string
+	inLength                  string
+	outLength                 string
+	inQuantity                string
+	outQuantity               string
+	inVariance                string
+	outVariance               string
+	inBackupQuantity          string
+	outBackupQuantity         string
+	fastRecieve               string
+	useCompression            string
+	messageReliability        string
+	closeIdle                 string
+	closeIdleTime             string
+	reduceIdle                string
+	reduceIdleTime            string
+	reduceIdleQuantity        string
+
+	//Streaming Library options
+	accessListType string
+	accessList     []string
+}
+
+func (f *SAMClientServerVPN) sam() string {
+	return f.SamHost + ":" + f.SamPort
+}
+
+// Target returns the host:port of the local service you want to forward to i2p
+func (f *SAMClientServerVPN) Target() string {
+	return f.TargetHost + ":" + f.TargetPort
+}
+
+func NewSAMClientServerVPNFromOptions(opts ...func(*SAMClientServerVPN) error) (*SAMClientServerVPN, error) {
+	var s SAMClientServerVPN
+	s.SamHost = "127.0.0.1"
+	s.SamPort = "7656"
+	s.FilePath = ""
+	s.save = false
+	s.TargetHost = "127.0.0.1"
+	s.TargetPort = "8081"
+	s.TunName = "samSSUForwarder"
+	s.inLength = "3"
+	s.outLength = "3"
+	s.inQuantity = "8"
+	s.outQuantity = "8"
+	s.inVariance = "1"
+	s.outVariance = "1"
+	s.inBackupQuantity = "3"
+	s.outBackupQuantity = "3"
+	s.inAllowZeroHop = "false"
+	s.outAllowZeroHop = "false"
+	s.fastRecieve = "false"
+	s.useCompression = "true"
+	s.encryptLeaseSet = "false"
+	s.leaseSetKey = ""
+	s.leaseSetPrivateKey = ""
+	s.leaseSetPrivateSigningKey = ""
+	s.reduceIdle = "false"
+	s.reduceIdleTime = "300000"
+	s.closeIdle = "false"
+	s.closeIdleTime = "300000"
+	s.reduceIdleQuantity = "4"
+	s.Type = "udpserver"
+	s.messageReliability = "none"
+	s.passfile = ""
+	for _, o := range opts {
+		if err := o(&s); err != nil {
+			return nil, err
+		}
+	}
+	var err error
+	if s.samConn, err = sam3.NewSAM(s.sam()); err != nil {
+		return nil, err
+	}
+	log.Println("SAM Bridge connection established.")
+	if s.SamKeys, err = s.samConn.NewKeys(); err != nil {
+		return nil, err
+	}
+	log.Println("Destination keys generated, tunnel name:", s.TunName)
+	if s.save {
+		if _, err := os.Stat(filepath.Join(s.FilePath, s.TunName+".i2pkeys")); os.IsNotExist(err) {
+			s.file, err = os.Create(filepath.Join(s.FilePath, s.TunName+".i2pkeys"))
+			if err != nil {
+				return nil, err
+			}
+			err = sam3.StoreKeysIncompat(s.SamKeys, s.file)
+			if err != nil {
+				return nil, err
+			}
+			err = Encrypt(filepath.Join(s.FilePath, s.TunName+".i2pkeys"), s.passfile)
+			if err != nil {
+				return nil, err
+			}
+		}
+		s.file, err = os.Open(filepath.Join(s.FilePath, s.TunName+".i2pkeys"))
+		if err != nil {
+			return nil, err
+		}
+		err = Decrypt(filepath.Join(s.FilePath, s.TunName+".i2pkeys"), s.passfile)
+		if err != nil {
+			return nil, err
+		}
+		s.SamKeys, err = sam3.LoadKeysIncompat(s.file)
+		if err != nil {
+			return nil, err
+		}
+		err = Encrypt(filepath.Join(s.FilePath, s.TunName+".i2pkeys"), s.passfile)
+		if err != nil {
+			return nil, err
+		}
+	}
+	var logBuf bytes.Buffer
+	Logger = log.New(io.MultiWriter(os.Stderr, &logBuf), "", log.Ldate|log.Ltime|log.Lshortfile)
+	s.VPNTunnel = udptunnel.NewTunnel(s.ServerMode, s.TunName, "10.76.0.2", s.Target(), "", []uint16{},
+		"i2pvpn", time.Duration(time.Second*300), Logger)
+	return &s, nil
+}

csvpn/vpn_options.go

@@ -0,0 +1,391 @@
+package i2pvpn
+
+import (
+	"fmt"
+	"strconv"
+)
+
+//Option is a SAMClientServerVPN Option
+type Option func(*SAMClientServerVPN) error
+
+//SetFilePath sets the host of the SAMClientServerVPN's SAM bridge
+func SetFilePath(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.FilePath = s
+		return nil
+	}
+}
+
+//SetIsServer tells the router to use an encrypted leaseset
+func SetIsServer(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.ServerMode = b
+		return nil
+	}
+}
+
+//SetSaveFile tells the router to use an encrypted leaseset
+func SetSaveFile(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.save = b
+		return nil
+	}
+}
+
+//SetHost sets the host of the SAMClientServerVPN's SAM bridge
+func SetHost(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.TargetHost = s
+		return nil
+	}
+}
+
+//SetPort sets the port of the SAMClientServerVPN's SAM bridge using a string
+func SetPort(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		port, err := strconv.Atoi(s)
+		if err != nil {
+			return fmt.Errorf("Invalid SSU Server Target Port %s; non-number ", s)
+		}
+		if port < 65536 && port > -1 {
+			c.TargetPort = s
+			return nil
+		}
+		return fmt.Errorf("Invalid port")
+	}
+}
+
+//SetSAMHost sets the host of the SAMClientServerVPN's SAM bridge
+func SetSAMHost(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.SamHost = s
+		return nil
+	}
+}
+
+//SetSAMPort sets the port of the SAMClientServerVPN's SAM bridge using a string
+func SetSAMPort(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		port, err := strconv.Atoi(s)
+		if err != nil {
+			return fmt.Errorf("Invalid SAM Port %s; non-number", s)
+		}
+		if port < 65536 && port > -1 {
+			c.SamPort = s
+			return nil
+		}
+		return fmt.Errorf("Invalid port")
+	}
+}
+
+//SetName sets the host of the SAMClientServerVPN's SAM bridge
+func SetName(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.TunName = s
+		return nil
+	}
+}
+
+//SetInLength sets the number of hops inbound
+func SetInLength(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u < 7 && u >= 0 {
+			c.inLength = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid inbound tunnel length")
+	}
+}
+
+//SetOutLength sets the number of hops outbound
+func SetOutLength(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u < 7 && u >= 0 {
+			c.outLength = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid outbound tunnel length")
+	}
+}
+
+//SetInVariance sets the variance of a number of hops inbound
+func SetInVariance(i int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if i < 7 && i > -7 {
+			c.inVariance = strconv.Itoa(i)
+			return nil
+		}
+		return fmt.Errorf("Invalid inbound tunnel length")
+	}
+}
+
+//SetOutVariance sets the variance of a number of hops outbound
+func SetOutVariance(i int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if i < 7 && i > -7 {
+			c.outVariance = strconv.Itoa(i)
+			return nil
+		}
+		return fmt.Errorf("Invalid outbound tunnel variance")
+	}
+}
+
+//SetInQuantity sets the inbound tunnel quantity
+func SetInQuantity(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u <= 16 && u > 0 {
+			c.inQuantity = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid inbound tunnel quantity")
+	}
+}
+
+//SetOutQuantity sets the outbound tunnel quantity
+func SetOutQuantity(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u <= 16 && u > 0 {
+			c.outQuantity = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid outbound tunnel quantity")
+	}
+}
+
+//SetInBackups sets the inbound tunnel backups
+func SetInBackups(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u < 6 && u >= 0 {
+			c.inBackupQuantity = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid inbound tunnel backup quantity")
+	}
+}
+
+//SetOutBackups sets the inbound tunnel backups
+func SetOutBackups(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u < 6 && u >= 0 {
+			c.outBackupQuantity = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid outbound tunnel backup quantity")
+	}
+}
+
+//SetEncrypt tells the router to use an encrypted leaseset
+func SetEncrypt(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.encryptLeaseSet = "true"
+			return nil
+		}
+		c.encryptLeaseSet = "false"
+		return nil
+	}
+}
+
+//SetLeaseSetKey sets
+func SetLeaseSetKey(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.leaseSetKey = s
+		return nil
+	}
+}
+
+//SetLeaseSetPrivateKey sets
+func SetLeaseSetPrivateKey(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.leaseSetPrivateKey = s
+		return nil
+	}
+}
+
+//SetLeaseSetPrivateSigningKey sets
+func SetLeaseSetPrivateSigningKey(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.leaseSetPrivateSigningKey = s
+		return nil
+	}
+}
+
+//SetMessageReliability sets
+func SetMessageReliability(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.messageReliability = s
+		return nil
+	}
+}
+
+//SetAllowZeroIn tells the tunnel to accept zero-hop peers
+func SetAllowZeroIn(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.inAllowZeroHop = "true"
+			return nil
+		}
+		c.inAllowZeroHop = "false"
+		return nil
+	}
+}
+
+//SetAllowZeroOut tells the tunnel to accept zero-hop peers
+func SetAllowZeroOut(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.outAllowZeroHop = "true"
+			return nil
+		}
+		c.outAllowZeroHop = "false"
+		return nil
+	}
+}
+
+//SetFastRecieve tells clients to use compression
+func SetFastRecieve(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.fastRecieve = "true"
+			return nil
+		}
+		c.fastRecieve = "false"
+		return nil
+	}
+}
+
+//SetCompress tells clients to use compression
+func SetCompress(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.useCompression = "true"
+			return nil
+		}
+		c.useCompression = "false"
+		return nil
+	}
+}
+
+//SetReduceIdle tells the connection to reduce it's tunnels during extended idle time.
+func SetReduceIdle(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.reduceIdle = "true"
+			return nil
+		}
+		c.reduceIdle = "false"
+		return nil
+	}
+}
+
+//SetReduceIdleTime sets the time to wait before reducing tunnels to idle levels
+func SetReduceIdleTime(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.reduceIdleTime = "300000"
+		if u >= 6 {
+			c.reduceIdleTime = strconv.Itoa((u * 60) * 1000)
+			return nil
+		}
+		return fmt.Errorf("Invalid close idle timeout(Measured in minutes) %v", u)
+	}
+}
+
+//SetReduceIdleTimeMs sets the time to wait before reducing tunnels to idle levels in milliseconds
+func SetReduceIdleTimeMs(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.reduceIdleTime = "300000"
+		if u >= 300000 {
+			c.reduceIdleTime = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid close idle timeout(Measured in milliseconds) %v", u)
+	}
+}
+
+//SetReduceIdleQuantity sets minimum number of tunnels to reduce to during idle time
+func SetReduceIdleQuantity(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if u < 5 {
+			c.reduceIdleQuantity = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid reduce tunnel quantity")
+	}
+}
+
+//SetCloseIdle tells the connection to close it's tunnels during extended idle time.
+func SetCloseIdle(b bool) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if b {
+			c.closeIdle = "true"
+			return nil
+		}
+		c.closeIdle = "false"
+		return nil
+	}
+}
+
+//SetCloseIdleTime sets the time to wait before closing tunnels to idle levels
+func SetCloseIdleTime(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.closeIdleTime = "300000"
+		if u >= 6 {
+			c.closeIdleTime = strconv.Itoa((u * 60) * 2000)
+			return nil
+		}
+		return fmt.Errorf("Invalid reduce idle timeout(Measured in minutes)")
+	}
+}
+
+//SetCloseIdleTimeMs sets the time to wait before closing tunnels to idle levels in milliseconds
+func SetCloseIdleTimeMs(u int) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.closeIdleTime = "300000"
+		if u >= 300000 {
+			c.closeIdleTime = strconv.Itoa(u)
+			return nil
+		}
+		return fmt.Errorf("Invalid reduce idle timeout(Measured in minutes)")
+	}
+}
+
+//SetAccessListType tells the system to treat the accessList as a whitelist
+func SetAccessListType(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if s == "whitelist" {
+			c.accessListType = "whitelist"
+			return nil
+		} else if s == "blacklist" {
+			c.accessListType = "blacklist"
+			return nil
+		} else if s == "none" {
+			c.accessListType = ""
+			return nil
+		} else if s == "" {
+			c.accessListType = ""
+			return nil
+		}
+		return fmt.Errorf("Invalid Access list type(whitelist, blacklist, none)")
+	}
+}
+
+//SetAccessList tells the system to treat the accessList as a whitelist
+func SetAccessList(s []string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		if len(s) > 0 {
+			for _, a := range s {
+				c.accessList = append(c.accessList, a)
+			}
+			return nil
+		}
+		return nil
+	}
+}
+
+//SetKeyFile sets
+func SetKeyFile(s string) func(*SAMClientServerVPN) error {
+	return func(c *SAMClientServerVPN) error {
+		c.passfile = s
+		return nil
+	}
+}

example/serve.go

@@ -3,7 +3,7 @@ package main
 /*
    WARNING: This is not the official version of eephttpd. It is an older
    verion I use to test new sam-forwarder features. It is not intended for
-   use in production.
+   use.
 */
 
 import (

forwarder-client.go

@@ -229,6 +229,15 @@ func (f *SAMClientForwarder) Serve() error {
 	}
 }
 
+//Close shuts the whole thing down.
+func (f *SAMClientForwarder) Close() error {
+    var err error
+    err = f.samConn.Close()
+	err = f.connectStream.Close()
+	err = f.publishConnection.Close()
+    return err
+}
+
 //NewSAMClientForwarder makes a new SAM forwarder with default options, accepts host:port arguments
 func NewSAMClientForwarder(host, port string) (*SAMClientForwarder, error) {
 	return NewSAMClientForwarderFromOptions(SetClientHost(host), SetClientPort(port))

forwarder.go

@@ -340,6 +340,16 @@ func (f *SAMForwarder) Serve() error {
 	}
 }
 
+//Close shuts the whole thing down.
+func (f *SAMForwarder) Close() error {
+    var err error
+    err = f.samConn.Close()
+	err = f.publishStream.Close()
+	err = f.publishListen.Close()
+	err = f.publishConnection.Close()
+    return err
+}
+
 //NewSAMForwarder makes a new SAM forwarder with default options, accepts host:port arguments
 func NewSAMForwarder(host, port string) (*SAMForwarder, error) {
 	return NewSAMForwarderFromOptions(SetHost(host), SetPort(port))

i2pkeys/common.go

@@ -0,0 +1,71 @@
+package i2pkeys
+
+import (
+	"github.com/gtank/cryptopasta"
+	"io/ioutil"
+	"os"
+)
+
+func bytes(k [32]byte) []byte {
+	var r []byte
+	for _, v := range k {
+		r = append(r, v)
+	}
+	return r
+}
+
+func key(k []byte) *[32]byte {
+	var r [32]byte
+	for i, v := range k {
+		r[i] = v
+	}
+	return &r
+}
+
+func Encrypt(i2pkeypath, aeskeypath string) error {
+	if aeskeypath != "" {
+		if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
+			return e
+		} else {
+			if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
+				key := cryptopasta.NewEncryptionKey()
+				ioutil.WriteFile(aeskeypath, bytes(*key), 644)
+			} else if err != nil {
+				return err
+			}
+			if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
+				return e
+			} else {
+				crypted, err := cryptopasta.Encrypt(r, key(ra))
+				if err != nil {
+					return err
+				}
+				ioutil.WriteFile(i2pkeypath, crypted, 644)
+			}
+		}
+	}
+	return nil
+}
+
+func Decrypt(i2pkeypath, aeskeypath string) error {
+	if aeskeypath != "" {
+		if r, e := ioutil.ReadFile(i2pkeypath); e != nil {
+			return e
+		} else {
+			if _, err := os.Stat(aeskeypath); os.IsNotExist(err) {
+				return err
+			}
+			if ra, re := ioutil.ReadFile(aeskeypath); re != nil {
+				return e
+			} else {
+				crypted, err := cryptopasta.Decrypt(r, key(ra))
+				if err != nil {
+					return err
+				}
+				ioutil.WriteFile(i2pkeypath, crypted, 644)
+			}
+			//crypted
+		}
+	}
+	return nil
+}

manager/manager_test.go

@@ -103,3 +103,4 @@ func TestOption5(t *testing.T) {
 	}
 	log.Println(client.List(""))
 }
+

serve_test/serve.go

@@ -0,0 +1,103 @@
+package samforwardertest
+
+import (
+	"flag"
+	"log"
+	"net/http"
+)
+
+import "github.com/eyedeekay/sam-forwarder"
+import "github.com/eyedeekay/sam-forwarder/udp"
+
+var (
+    port = "8100"
+    cport = "8101"
+    directory = "./www"
+    err error
+    forwarder *samforwarder.SAMForwarder
+    forwarderclient *samforwarder.SAMClientForwarder
+    ssuforwarder *samforwarderudp.SAMSSUForwarder
+    ssuforwarderclient *samforwarderudp.SAMSSUClientForwarder
+)
+
+func serve() {
+	flag.Parse()
+
+	forwarder, err = samforwarder.NewSAMForwarderFromOptions(
+		samforwarder.SetHost("127.0.0.1"),
+		samforwarder.SetPort(port),
+		samforwarder.SetSAMHost("127.0.0.1"),
+		samforwarder.SetSAMPort("7656"),
+		samforwarder.SetName("testserver"),
+	)
+	if err != nil {
+		log.Fatal(err.Error())
+	}
+	go forwarder.Serve()
+
+	http.Handle("/", http.FileServer(http.Dir(directory)))
+
+	log.Printf("Serving %s on HTTP port: %s %s %s\n", directory, port, "and on",
+		forwarder.Base32()+".b32.i2p")
+	log.Fatal(http.ListenAndServe("127.0.0.1:"+port, nil))
+}
+
+func client() {
+	flag.Parse()
+
+	forwarderclient, err = samforwarder.NewSAMClientForwarderFromOptions(
+		samforwarder.SetClientHost("127.0.0.1"),
+		samforwarder.SetClientPort(cport),
+		samforwarder.SetClientSAMHost("127.0.0.1"),
+		samforwarder.SetClientSAMPort("7656"),
+		samforwarder.SetClientName("testclient"),
+        samforwarder.SetClientDestination(forwarder.Base32()),
+	)
+    if err != nil {
+		log.Fatal(err.Error())
+	}
+    go forwarderclient.Serve()
+}
+
+
+
+func serveudp() {
+	flag.Parse()
+
+	ssuforwarder, err = samforwarderudp.NewSAMSSUForwarderFromOptions(
+		samforwarderudp.SetHost("127.0.0.1"),
+		samforwarderudp.SetPort(port),
+		samforwarderudp.SetSAMHost("127.0.0.1"),
+		samforwarderudp.SetSAMPort("7656"),
+		samforwarderudp.SetName("testserver"),
+	)
+	if err != nil {
+		log.Fatal(err.Error())
+	}
+	go forwarder.Serve()
+
+	http.Handle("/", http.FileServer(http.Dir(directory)))
+
+	log.Printf("Serving %s on HTTP port: %s %s %s\n", directory, port, "and on",
+		forwarder.Base32()+".b32.i2p")
+	log.Fatal(http.ListenAndServe("127.0.0.1:"+port, nil))
+}
+
+func clientudp() {
+	flag.Parse()
+
+	ssuforwarderclient, err = samforwarderudp.NewSAMSSUClientForwarderFromOptions(
+		samforwarderudp.SetClientHost("127.0.0.1"),
+		samforwarderudp.SetClientPort(cport),
+		samforwarderudp.SetClientSAMHost("127.0.0.1"),
+		samforwarderudp.SetClientSAMPort("7656"),
+		samforwarderudp.SetClientName("testclient"),
+        samforwarderudp.SetClientDestination(forwarder.Base32()),
+	)
+    if err != nil {
+		log.Fatal(err.Error())
+	}
+    go forwarderclient.Serve()
+}
+
+

serve_test/serve_test.go

@@ -0,0 +1,26 @@
+package samforwardertest
+
+import (
+    "testing"
+    "time"
+    "net/http"
+    "log"
+)
+
+func TestTCP(t *testing.T) {
+    go serve()
+    time.Sleep(time.Duration(60 * time.Second))
+    go client()
+    time.Sleep(time.Duration(60 * time.Second))
+    resp, err := http.Get("http://127.0.0.1:"+cport+"/test.html")
+    //defer forwarder.Close()
+    //defer forwarderclient.Close()
+    if err != nil {
+        t.Fatal(err)
+    }
+    log.Println(resp)
+}
+
+func TestUDP(t *testing.T){
+
+}

serve_test/www/test.html

@@ -0,0 +1 @@
+test