Add AllowNoIPv6NetworkConfiguration

- Allows IPv4 test to start and run on hosts that have
  IPv6 completely disabled (*.disable_ipv6=1) such that
  tun IPv6 network config would fail

psiphon/common/tun/tun.go

@@ -164,6 +164,16 @@ type ServerConfig struct {
 	// the implementation for the appropriate platform.
 	SudoNetworkConfigCommands bool
 
+	// AllowNoIPv6NetworkConfiguration indicates that failures while
+	// configuring tun interfaces and routing for IPv6 are to be
+	// logged as warnings only. This option is intended to support
+	// test cases on hosts without IPv6 and is not for production use;
+	// the packet tunnel server will still accept IPv6 packets and
+	// replay them to the tun device.
+	// AllowNoIPv6NetworkConfiguration may not be supported on all
+	// platforms.
+	AllowNoIPv6NetworkConfiguration bool
+
 	// EgressInterface is the interface to which client traffic is
 	// masqueraded/NATed. For example, "eth0". If blank, a platform-
 	// appropriate default is used.
@@ -1227,6 +1237,12 @@ type ClientConfig struct {
 	// for ServerConfig.SudoNetworkConfigCommands.
 	SudoNetworkConfigCommands bool
 
+	// AllowNoIPv6NetworkConfiguration indicates that failures while
+	// configuring tun interfaces and routing for IPv6 are to be
+	// logged as warnings only. See description for
+	// ServerConfig.AllowNoIPv6NetworkConfiguration.
+	AllowNoIPv6NetworkConfiguration bool
+
 	// MTU is the packet MTU value to use; this value
 	// should be obtained from the packet tunnel server.
 	// When MTU is 0, a default value is used.

psiphon/common/tun/tun_linux.go

@@ -215,7 +215,14 @@ func configureServerInterface(
 		tunDeviceName,
 		"add", serverIPv6AddressCIDR)
 	if err != nil {
-		return common.ContextError(err)
+		if config.AllowNoIPv6NetworkConfiguration {
+			config.Logger.WithContextFields(
+				common.LogFields{
+					"error": err}).Warning(
+				"assign IPv6 address failed")
+		} else {
+			return common.ContextError(err)
+		}
 	}
 
 	egressInterface := config.EgressInterface
@@ -242,7 +249,14 @@ func configureServerInterface(
 		"sysctl",
 		"net.ipv6.conf.all.forwarding=1")
 	if err != nil {
-		return common.ContextError(err)
+		if config.AllowNoIPv6NetworkConfiguration {
+			config.Logger.WithContextFields(
+				common.LogFields{
+					"error": err}).Warning(
+				"allow IPv6 forwarding failed")
+		} else {
+			return common.ContextError(err)
+		}
 	}
 
 	// To avoid duplicates, first try to drop existing rule, then add
@@ -272,7 +286,14 @@ func configureServerInterface(
 			"-o", egressInterface,
 			"-j", "MASQUERADE")
 		if mode != "-D" && err != nil {
-			return common.ContextError(err)
+			if config.AllowNoIPv6NetworkConfiguration {
+				config.Logger.WithContextFields(
+					common.LogFields{
+						"error": err}).Warning(
+					"configure IPv6 masquerading failed")
+			} else {
+				return common.ContextError(err)
+			}
 		}
 	}
 
@@ -310,7 +331,14 @@ func configureClientInterface(
 		tunDeviceName,
 		"add", config.IPv6AddressCIDR)
 	if err != nil {
-		return common.ContextError(err)
+		if config.AllowNoIPv6NetworkConfiguration {
+			config.Logger.WithContextFields(
+				common.LogFields{
+					"error": err}).Warning(
+				"assign IPv6 address failed")
+		} else {
+			return common.ContextError(err)
+		}
 	}
 
 	// Set routing. Routes set here should automatically
@@ -346,7 +374,13 @@ func configureClientInterface(
 			destination,
 			"dev", tunDeviceName)
 		if err != nil {
-			return common.ContextError(err)
+			if config.AllowNoIPv6NetworkConfiguration {
+				config.Logger.WithContextFields(
+					common.LogFields{
+						"error": err}).Warning("add IPv6 route failed")
+			} else {
+				return common.ContextError(err)
+			}
 		}
 	}
 

psiphon/common/tun/tun_test.go

@@ -101,7 +101,7 @@ func testTunneledTCP(t *testing.T, useIPv6 bool) {
 		t.Fatalf("startTestTCPServer failed: %s", err)
 	}
 
-	testServer, err := startTestServer(MTU)
+	testServer, err := startTestServer(useIPv6, MTU)
 	if err != nil {
 		t.Fatalf("startTestServer failed: %s", err)
 	}
@@ -112,7 +112,7 @@ func testTunneledTCP(t *testing.T, useIPv6 bool) {
 		go func() {
 
 			testClient, err := startTestClient(
-				MTU, []string{testTCPServer.getListenerIPAddress()})
+				useIPv6, MTU, []string{testTCPServer.getListenerIPAddress()})
 			if err != nil {
 				results <- fmt.Errorf("startTestClient failed: %s", err)
 				return
@@ -240,7 +240,7 @@ type testServer struct {
 	workers      *sync.WaitGroup
 }
 
-func startTestServer(MTU int) (*testServer, error) {
+func startTestServer(useIPv6 bool, MTU int) (*testServer, error) {
 
 	logger := newTestLogger(true)
 
@@ -248,10 +248,11 @@ func startTestServer(MTU int) (*testServer, error) {
 
 	config := &ServerConfig{
 		Logger: logger,
-		GetDNSResolverIPv4Addresses: noDNSResolvers,
-		GetDNSResolverIPv6Addresses: noDNSResolvers,
+		SudoNetworkConfigCommands:       os.Getenv("TUN_TEST_SUDO") != "",
+		AllowNoIPv6NetworkConfiguration: !useIPv6,
+		GetDNSResolverIPv4Addresses:     noDNSResolvers,
+		GetDNSResolverIPv6Addresses:     noDNSResolvers,
 		MTU: MTU,
-		SudoNetworkConfigCommands: os.Getenv("TUN_TEST_SUDO") != "",
 	}
 
 	tunServer, err := NewServer(config)
@@ -379,6 +380,7 @@ type testClient struct {
 }
 
 func startTestClient(
+	useIPv6 bool,
 	MTU int,
 	routeDestinations []string) (*testClient, error) {
 
@@ -392,12 +394,14 @@ func startTestClient(
 	// Assumes IP addresses are available on test host
 
 	config := &ClientConfig{
-		Logger:            logger,
-		IPv4AddressCIDR:   "172.16.0.1/24",
-		IPv6AddressCIDR:   "fd26:b6a6:4454:310a:0000:0000:0000:0001/64",
-		RouteDestinations: routeDestinations,
-		Transport:         unixConn,
-		MTU:               MTU,
+		Logger: logger,
+		SudoNetworkConfigCommands:       os.Getenv("TUN_TEST_SUDO") != "",
+		AllowNoIPv6NetworkConfiguration: !useIPv6,
+		IPv4AddressCIDR:                 "172.16.0.1/24",
+		IPv6AddressCIDR:                 "fd26:b6a6:4454:310a:0000:0000:0000:0001/64",
+		RouteDestinations:               routeDestinations,
+		Transport:                       unixConn,
+		MTU:                             MTU,
 	}
 
 	tunClient, err := NewClient(config)