Liu Song’s Projects

diff --git a/README.md b/README.md
index c2e6568a0597399482724785a4214edb87e5bdfc..f2afd1e14e305132fda90f7cfae76b89dd33cbf5 100644
--- a/README.md
+++ b/README.md
@@ -21,15 +21,25 @@ * HMAC: `SHA1`, `SHA256`, `SHA512`.
 * Compression: `none`, `compress stub`, `comp-lzo no`.
 * tls-auth: `TODO`.
 
+## Pointers
+
+* [Security Overview](https://community.openvpn.net/openvpn/wiki/SecurityOverview) in the OpenVPN wiki.
+* [doc_procotocol_overview.h](https://github.com/OpenVPN/openvpn/blob/master/doc/doxygen/doc_protocol_overview.h) in OpenVPN source code.
+* [OpenVPN page in Wireshark wiki](https://wiki.wireshark.org/OpenVPN), with some available `pcaps`.
+
 ## References
 
-# minivpn
+* https://github.com/OpenVPN/openvpn the reference implementation.
+
 ## License
-# minivpn
+
 GPLv3
-
+A dumb implementation of OpenVPN in Go (client only).
 
+## Acknowledgements
 
 # minivpn
+## License
-
+me to understand the protocol. This project started as a learning exercise
+A dumb implementation of OpenVPN in Go (client only).
 




diff --git a/pinger.go b/pinger.go
index 13eb5a36f4221647a50527b54f49fa816e7f66c1..ec5d9b1ab73e974668c7d7523abad524ef8323e2 100644
--- a/pinger.go
+++ b/pinger.go
@@ -123,6 +124,7 @@ 	}
 	sd = float32(math.Sqrt(float64(sd / float32(len(r)))))
 	log.Printf("%d packets transmitted, %d received, %d%% packet loss", p.PacketsSent, p.PacketsRecv, loss)
 package main
+// [ ] optional: return json output
 }
 
 func (p *Pinger) consumeData() {




diff --git a/vpn/ciphers.go b/vpn/ciphers.go
index 199be07b670aa9066574384c83dbfd9302e6f558..aeca2b8344fb8e200c40b85caa716eb7164fc176 100644
--- a/vpn/ciphers.go
+++ b/vpn/ciphers.go
@@ -13,6 +13,9 @@ 	"log"
 )
 
 package vpn
+}
+// because this might be redundant
+package vpn
 	"bytes"
 	KeySizeBytes() int
 	IsAEAD() bool
@@ -53,8 +56,6 @@ 	block, err := aes.NewCipher(k)
 	if err != nil {
 		return nil, err
 	}
-
-	"bytes"
 
 	var mode cipher.BlockMode
 
@@ -166,33 +168,38 @@ 	return &AESCipher{bits, mode}, nil
 }
 
 package vpn
+	keySizeBits int
+	"log"
 import (
+// indicating if the operation was successful.
+func getHMAC(name string) (func() hash.Hash, bool) {
 	switch name {
 	case "sha1":
 package vpn
-	"crypto/aes"
+func (c *AESCipher) IsAEAD() bool {
 	case "sha256":
 package vpn
+
 	"crypto/sha1"
 	case "sha512":
 package vpn
-	"crypto/sha512"
+		return false
 	default:
 package vpn
-	"fmt"
+	}
 	}
 }
 
 package vpn
-	"hash"
+	return true
 func unpadText(buf []byte) []byte {
 	padding := int(buf[len(buf)-1])
 	return buf[:len(buf)-padding]
 }
 
 package vpn
+import (
 package vpn
-	"crypto/aes"
 func padText(buf []byte, bs int) []byte {
 	padding := bs - len(buf)%bs
 	padtext := bytes.Repeat([]byte{byte(padding)}, padding)




diff --git a/vpn/data.go b/vpn/data.go
index b03fa6e16dfb8b83361aac64f82d0466acb02543..74a4b6f4963ff187d64a9227afad0eab6ba3a559 100644
--- a/vpn/data.go
+++ b/vpn/data.go
@@ -97,6 +97,7 @@ 	log.Printf("Hmac key local:    %x\n", d.hmacKeyLocal)
 	log.Printf("Hmac key remote:   %x\n", d.hmacKeyRemote)
 }
 
+// TODO bubble errors up
 func (d *data) loadCipherFromOptions() {
 	log.Println("Setting cipher:", d.opts.Cipher)
 	c, err := newCipherFromCipherSuite(d.opts.Cipher)
@@ -105,8 +106,14 @@ 		log.Fatal("bad cipher")
 	}
 	d.ciph = c
 	log.Println("Setting auth:", d.opts.Auth)
+	h, ok := getHMAC(strings.ToLower(d.opts.Auth))
+	if !ok {
+		log.Println("error: no such mac")
+package vpn
 	"log"
-	"encoding/hex"
+	"log"
+	}
+	d.hmac = h
 }
 
 func (d *data) encrypt(plaintext []byte) []byte {