mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-06-20 09:08:35 +03:00
Compare commits
70 Commits
bugfix/hid
...
feature/up
| Author | SHA1 | Date | |
|---|---|---|---|
|
b03acc95c4 | ||
|
|
24759c92ad | ||
|
|
9e92ee020e | ||
|
|
7a4f6b628b | ||
|
|
7e2f223d7f | ||
|
|
eb48e4b668 | ||
|
|
0b0766ce8b | ||
|
|
26825c2898 | ||
|
|
9ace09a604 | ||
|
|
702735c2ca | ||
|
|
174f2ac3db | ||
|
|
e3b5b4a9d9 | ||
|
|
72ba012765 | ||
|
|
0f9bbcd060 | ||
|
|
a9d038d8bf | ||
|
|
bf67e3491e | ||
|
|
856bc23b5d | ||
|
|
54a6845315 | ||
|
|
0c7059a476 | ||
|
|
5bed92ab0b | ||
|
|
49a14785c6 | ||
|
|
2c78c06dda | ||
|
|
cf8a0efd0d | ||
|
|
5211cdd4c0 | ||
|
|
d10aa43d8b | ||
|
|
6b0f1ed429 | ||
|
|
4bde1ccb44 | ||
|
|
03c18c44e2 | ||
|
|
72ffc7ce6a | ||
|
|
87b738ef16 | ||
|
|
b868831bcb | ||
|
|
477d7214c5 | ||
|
|
f3cd3d4f06 | ||
|
|
aea4cc2389 | ||
|
|
245aa8eb8c | ||
|
|
f14a2add0f | ||
|
|
89703ba58f | ||
|
|
23715fca8b | ||
|
|
d90685600e | ||
|
|
f007e5eb5c | ||
|
|
a8ccea00c7 | ||
|
|
cd2ee00769 | ||
|
|
c98a418807 | ||
|
|
0e4ae26bae | ||
|
|
d50e7dd3f4 | ||
|
|
f0085f52eb | ||
|
|
5c19b08e5e | ||
|
|
79edbe52a3 | ||
|
|
0dd181bb5b | ||
|
|
d8682003fa | ||
|
|
f4a2cf9984 | ||
|
|
98e6358fd3 | ||
|
|
af90065d2e | ||
|
|
f372f4074b | ||
|
|
6a2e5f83a1 | ||
|
|
a2badd46c4 | ||
|
|
8623a983b8 | ||
|
|
151e662027 | ||
|
|
f588fe29db | ||
|
|
030b0351a2 | ||
|
|
d4453a5f38 | ||
|
|
2252905596 | ||
|
|
ec650a65f7 | ||
|
|
6953f8d814 | ||
|
|
624a84cbfb | ||
|
|
506d9793e1 | ||
|
|
ef52f6ab08 | ||
|
|
5312a6e885 | ||
|
|
fdd600794e | ||
|
|
7bfbdca72a |
2
.github/workflows/deploy.yml
vendored
2
.github/workflows/deploy.yml
vendored
@@ -233,7 +233,7 @@ jobs:
|
||||
- name: 'Setup xcode'
|
||||
uses: maxim-lobanov/setup-xcode@v1
|
||||
with:
|
||||
xcode-version: '13.4'
|
||||
xcode-version: '14.3.1'
|
||||
|
||||
- name: 'Install Qt'
|
||||
uses: jurplel/install-qt-action@v3
|
||||
|
||||
@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
|
||||
|
||||
set(PROJECT AmneziaVPN)
|
||||
|
||||
project(${PROJECT} VERSION 4.5.0.0
|
||||
project(${PROJECT} VERSION 4.5.3.0
|
||||
DESCRIPTION "AmneziaVPN"
|
||||
HOMEPAGE_URL "https://amnezia.org/"
|
||||
)
|
||||
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
|
||||
set(RELEASE_DATE "${CURRENT_DATE}")
|
||||
|
||||
set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
|
||||
set(APP_ANDROID_VERSION_CODE 50)
|
||||
set(APP_ANDROID_VERSION_CODE 52)
|
||||
|
||||
if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
|
||||
set(MZ_PLATFORM_NAME "linux")
|
||||
|
||||
Submodule client/3rd-prebuilt updated: ab4e6b680d...c969f28b84
2
client/3rd/OpenVPNAdapter
vendored
2
client/3rd/OpenVPNAdapter
vendored
Submodule client/3rd/OpenVPNAdapter updated: 6f71d0743d...7c821a8d5c
@@ -72,7 +72,7 @@ namespace QSimpleCrypto
|
||||
/// \param notAfter - X509 end date.
|
||||
/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
|
||||
///
|
||||
X509* generateSelfSignedCertificate(const RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
|
||||
X509* generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
|
||||
const QByteArray& certificateFileName = "", const EVP_MD* md = EVP_sha512(),
|
||||
const long& serialNumber = 1, const long& version = x509LastVersion,
|
||||
const long& notBefore = 0, const long& notAfter = oneYear);
|
||||
|
||||
@@ -139,7 +139,7 @@ X509* QSimpleCrypto::QX509::verifyCertificate(X509* x509, X509_STORE* store)
|
||||
/// \param notAfter - X509 end date.
|
||||
/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
|
||||
///
|
||||
X509* QSimpleCrypto::QX509::generateSelfSignedCertificate(const RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
|
||||
X509* QSimpleCrypto::QX509::generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
|
||||
const QByteArray& certificateFileName, const EVP_MD* md,
|
||||
const long& serialNumber, const long& version,
|
||||
const long& notBefore, const long& notAfter)
|
||||
|
||||
@@ -69,6 +69,8 @@ set(AMNEZIAVPN_TS_FILES
|
||||
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ar_EG.ts
|
||||
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_my_MM.ts
|
||||
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_uk_UA.ts
|
||||
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ur_PK.ts
|
||||
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_hi_IN.ts
|
||||
)
|
||||
|
||||
file(GLOB_RECURSE AMNEZIAVPN_TS_SOURCES *.qrc *.cpp *.h *.ui)
|
||||
|
||||
@@ -9,17 +9,16 @@
|
||||
#include <QTextDocument>
|
||||
#include <QTimer>
|
||||
#include <QTranslator>
|
||||
|
||||
#include <QQuickItem>
|
||||
|
||||
#include "logger.h"
|
||||
#include "version.h"
|
||||
#include "ui/models/installedAppsModel.h"
|
||||
#include "version.h"
|
||||
|
||||
#include "platforms/ios/QRCodeReaderBase.h"
|
||||
#if defined(Q_OS_ANDROID)
|
||||
#include "platforms/android/android_controller.h"
|
||||
#include "core/installedAppsImageProvider.h"
|
||||
#include "platforms/android/android_controller.h"
|
||||
#endif
|
||||
|
||||
#include "protocols/qml_register_protocols.h"
|
||||
@@ -32,8 +31,8 @@
|
||||
#if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
|
||||
AmneziaApplication::AmneziaApplication(int &argc, char *argv[]) : AMNEZIA_BASE_CLASS(argc, argv)
|
||||
#else
|
||||
AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecondary, SingleApplication::Options options,
|
||||
int timeout, const QString &userData)
|
||||
AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecondary, SingleApplication::Options options, int timeout,
|
||||
const QString &userData)
|
||||
: SingleApplication(argc, argv, allowSecondary, options, timeout, userData)
|
||||
#endif
|
||||
{
|
||||
@@ -46,12 +45,12 @@ AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecond
|
||||
s.setValue("permFixed", true);
|
||||
}
|
||||
|
||||
QString configLoc1 = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/"
|
||||
+ ORGANIZATION_NAME + "/" + APPLICATION_NAME + ".conf";
|
||||
QString configLoc1 = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/" + ORGANIZATION_NAME + "/"
|
||||
+ APPLICATION_NAME + ".conf";
|
||||
QFile::setPermissions(configLoc1, QFileDevice::ReadOwner | QFileDevice::WriteOwner);
|
||||
|
||||
QString configLoc2 = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/"
|
||||
+ ORGANIZATION_NAME + "/" + APPLICATION_NAME + "/" + APPLICATION_NAME + ".conf";
|
||||
QString configLoc2 = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/" + ORGANIZATION_NAME + "/"
|
||||
+ APPLICATION_NAME + "/" + APPLICATION_NAME + ".conf";
|
||||
QFile::setPermissions(configLoc2, QFileDevice::ReadOwner | QFileDevice::WriteOwner);
|
||||
#endif
|
||||
|
||||
@@ -100,20 +99,17 @@ void AmneziaApplication::init()
|
||||
connect(m_settings.get(), &Settings::saveLogsChanged, AndroidController::instance(), &AndroidController::setSaveLogs);
|
||||
|
||||
AndroidController::instance()->setScreenshotsEnabled(m_settings->isScreenshotsEnabled());
|
||||
connect(m_settings.get(), &Settings::screenshotsEnabledChanged, AndroidController::instance(),
|
||||
&AndroidController::setScreenshotsEnabled);
|
||||
connect(m_settings.get(), &Settings::screenshotsEnabledChanged, AndroidController::instance(), &AndroidController::setScreenshotsEnabled);
|
||||
|
||||
connect(m_settings.get(), &Settings::serverRemoved, AndroidController::instance(),
|
||||
&AndroidController::resetLastServer);
|
||||
connect(m_settings.get(), &Settings::serverRemoved, AndroidController::instance(), &AndroidController::resetLastServer);
|
||||
|
||||
connect(m_settings.get(), &Settings::settingsCleared, []() { AndroidController::instance()->resetLastServer(-1); });
|
||||
|
||||
connect(AndroidController::instance(), &AndroidController::initConnectionState, this,
|
||||
[this](Vpn::ConnectionState state) {
|
||||
m_connectionController->onConnectionStateChanged(state);
|
||||
if (m_vpnConnection)
|
||||
m_vpnConnection->restoreConnection();
|
||||
});
|
||||
connect(AndroidController::instance(), &AndroidController::initConnectionState, this, [this](Vpn::ConnectionState state) {
|
||||
m_connectionController->onConnectionStateChanged(state);
|
||||
if (m_vpnConnection)
|
||||
m_vpnConnection->restoreConnection();
|
||||
});
|
||||
if (!AndroidController::instance()->initialize()) {
|
||||
qFatal("Android controller initialization failed");
|
||||
}
|
||||
@@ -127,8 +123,6 @@ void AmneziaApplication::init()
|
||||
m_engine->addImageProvider(QLatin1String("installedAppImage"), new InstalledAppsImageProvider);
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
#ifdef Q_OS_IOS
|
||||
IosController::Instance()->initialize();
|
||||
connect(IosController::Instance(), &IosController::importConfigFromOutside, [this](QString data) {
|
||||
@@ -145,8 +139,7 @@ void AmneziaApplication::init()
|
||||
|
||||
QTimer::singleShot(0, this, [this]() { AmneziaVPN::toggleScreenshots(m_settings->isScreenshotsEnabled()); });
|
||||
|
||||
connect(m_settings.get(), &Settings::screenshotsEnabledChanged,
|
||||
[](bool enabled) { AmneziaVPN::toggleScreenshots(enabled); });
|
||||
connect(m_settings.get(), &Settings::screenshotsEnabledChanged, [](bool enabled) { AmneziaVPN::toggleScreenshots(enabled); });
|
||||
#endif
|
||||
|
||||
m_notificationHandler.reset(NotificationHandler::create(nullptr));
|
||||
@@ -154,14 +147,12 @@ void AmneziaApplication::init()
|
||||
connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, m_notificationHandler.get(),
|
||||
&NotificationHandler::setConnectionState);
|
||||
|
||||
connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(),
|
||||
&PageController::raiseMainWindow);
|
||||
connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(), &PageController::raiseMainWindow);
|
||||
connect(m_notificationHandler.get(), &NotificationHandler::connectRequested, m_connectionController.get(),
|
||||
&ConnectionController::openConnection);
|
||||
connect(m_notificationHandler.get(), &NotificationHandler::disconnectRequested, m_connectionController.get(),
|
||||
&ConnectionController::closeConnection);
|
||||
connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(),
|
||||
&NotificationHandler::onTranslationsUpdated);
|
||||
connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated);
|
||||
|
||||
m_engine->load(url);
|
||||
m_systemController->setQmlRoot(m_engine->rootObjects().value(0));
|
||||
@@ -312,8 +303,7 @@ void AmneziaApplication::initModels()
|
||||
|
||||
m_serversModel.reset(new ServersModel(m_settings, this));
|
||||
m_engine->rootContext()->setContextProperty("ServersModel", m_serversModel.get());
|
||||
connect(m_serversModel.get(), &ServersModel::containersUpdated, m_containersModel.get(),
|
||||
&ContainersModel::updateModel);
|
||||
connect(m_serversModel.get(), &ServersModel::containersUpdated, m_containersModel.get(), &ContainersModel::updateModel);
|
||||
connect(m_serversModel.get(), &ServersModel::defaultServerContainersUpdated, m_defaultServerContainersModel.get(),
|
||||
&ContainersModel::updateModel);
|
||||
m_serversModel->resetModel();
|
||||
@@ -366,26 +356,23 @@ void AmneziaApplication::initModels()
|
||||
|
||||
void AmneziaApplication::initControllers()
|
||||
{
|
||||
m_connectionController.reset(new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel,
|
||||
m_vpnConnection, m_settings));
|
||||
m_connectionController.reset(
|
||||
new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings));
|
||||
m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get());
|
||||
|
||||
connect(m_connectionController.get(), &ConnectionController::connectionErrorOccurred, this,
|
||||
[this](const QString &errorMessage) {
|
||||
emit m_pageController->showErrorMessage(errorMessage);
|
||||
emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
|
||||
});
|
||||
connect(m_connectionController.get(), &ConnectionController::connectionErrorOccurred, this, [this](const QString &errorMessage) {
|
||||
emit m_pageController->showErrorMessage(errorMessage);
|
||||
emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
|
||||
});
|
||||
connect(m_connectionController.get(), &ConnectionController::connectButtonClicked, m_connectionController.get(),
|
||||
&ConnectionController::toggleConnection, Qt::QueuedConnection);
|
||||
|
||||
connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(),
|
||||
&ConnectionController::onTranslationsUpdated);
|
||||
connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
|
||||
|
||||
m_pageController.reset(new PageController(m_serversModel, m_settings));
|
||||
m_engine->rootContext()->setContextProperty("PageController", m_pageController.get());
|
||||
|
||||
m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel,
|
||||
m_clientManagementModel, m_settings));
|
||||
m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, m_settings));
|
||||
m_engine->rootContext()->setContextProperty("InstallController", m_installController.get());
|
||||
connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(),
|
||||
&PageController::showPassphraseRequestDrawer);
|
||||
@@ -401,13 +388,12 @@ void AmneziaApplication::initControllers()
|
||||
m_engine->rootContext()->setContextProperty("ExportController", m_exportController.get());
|
||||
|
||||
m_settingsController.reset(
|
||||
new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_sitesModel, m_settings));
|
||||
new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_sitesModel, m_appSplitTunnelingModel, m_settings));
|
||||
m_engine->rootContext()->setContextProperty("SettingsController", m_settingsController.get());
|
||||
if (m_settingsController->isAutoConnectEnabled() && m_serversModel->getDefaultServerIndex() >= 0) {
|
||||
QTimer::singleShot(1000, this, [this]() { m_connectionController->openConnection(); });
|
||||
}
|
||||
connect(m_settingsController.get(), &SettingsController::amneziaDnsToggled, m_serversModel.get(),
|
||||
&ServersModel::toggleAmneziaDns);
|
||||
connect(m_settingsController.get(), &SettingsController::amneziaDnsToggled, m_serversModel.get(), &ServersModel::toggleAmneziaDns);
|
||||
|
||||
m_sitesController.reset(new SitesController(m_settings, m_vpnConnection, m_sitesModel));
|
||||
m_engine->rootContext()->setContextProperty("SitesController", m_sitesController.get());
|
||||
|
||||
@@ -14,8 +14,6 @@
|
||||
#include "settings.h"
|
||||
#include "vpnconnection.h"
|
||||
|
||||
#include "core/controllers/apiController.h"
|
||||
|
||||
#include "ui/controllers/connectionController.h"
|
||||
#include "ui/controllers/exportController.h"
|
||||
#include "ui/controllers/importController.h"
|
||||
@@ -125,7 +123,6 @@ private:
|
||||
QScopedPointer<SettingsController> m_settingsController;
|
||||
QScopedPointer<SitesController> m_sitesController;
|
||||
QScopedPointer<SystemController> m_systemController;
|
||||
QScopedPointer<ApiController> m_apiController;
|
||||
QScopedPointer<AppSplitTunnelingController> m_appSplitTunnelingController;
|
||||
};
|
||||
|
||||
|
||||
@@ -118,12 +118,12 @@ abstract class Protocol {
|
||||
}
|
||||
|
||||
for (app in config.includedApplications) {
|
||||
Log.d(TAG, "addAllowedApplication: $app")
|
||||
Log.d(TAG, "addAllowedApplication")
|
||||
vpnBuilder.addAllowedApplication(app)
|
||||
}
|
||||
|
||||
for (app in config.excludedApplications) {
|
||||
Log.d(TAG, "addDisallowedApplication: $app")
|
||||
Log.d(TAG, "addDisallowedApplication")
|
||||
vpnBuilder.addDisallowedApplication(app)
|
||||
}
|
||||
|
||||
|
||||
@@ -453,7 +453,7 @@ class AmneziaActivity : QtActivity() {
|
||||
|
||||
@Suppress("unused")
|
||||
fun setSaveLogs(enabled: Boolean) {
|
||||
Log.d(TAG, "Set save logs: $enabled")
|
||||
Log.v(TAG, "Set save logs: $enabled")
|
||||
mainScope.launch {
|
||||
Log.saveLogs = enabled
|
||||
vpnServiceMessenger.send {
|
||||
@@ -473,7 +473,9 @@ class AmneziaActivity : QtActivity() {
|
||||
@Suppress("unused")
|
||||
fun clearLogs() {
|
||||
Log.v(TAG, "Clear logs")
|
||||
Log.clearLogs()
|
||||
mainScope.launch {
|
||||
Log.clearLogs()
|
||||
}
|
||||
}
|
||||
|
||||
@Suppress("unused")
|
||||
@@ -509,7 +511,7 @@ class AmneziaActivity : QtActivity() {
|
||||
|
||||
@Suppress("unused")
|
||||
fun getAppIcon(packageName: String, width: Int, height: Int): Bitmap {
|
||||
Log.v(TAG, "Get app icon: $packageName")
|
||||
Log.v(TAG, "Get app icon")
|
||||
return AppListProvider.getAppIcon(packageManager, packageName, width, height)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -109,9 +109,11 @@ object Log {
|
||||
"${deviceInfo()}\n${readLogs()}\nLOGCAT:\n${getLogcat()}"
|
||||
|
||||
fun clearLogs() {
|
||||
withLock {
|
||||
logFile.delete()
|
||||
rotateLogFile.delete()
|
||||
if (logDir.exists()) {
|
||||
withLock {
|
||||
logFile.delete()
|
||||
rotateLogFile.delete()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -49,8 +49,8 @@ foreach(abi IN ITEMS ${QT_ANDROID_ABIS})
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/libovpn3.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/libovpnutil.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/librsapss.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openssl/android/${abi}/libcrypto_3.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openssl/android/${abi}/libssl_3.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/libssh/android/${abi}/libssh.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openssl3/android/${abi}/libcrypto_3.so
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openssl3/android/${abi}/libssl_3.so
|
||||
)
|
||||
endforeach()
|
||||
|
||||
@@ -108,6 +108,7 @@ target_sources(${PROJECT} PRIVATE
|
||||
${CLIENT_ROOT_DIR}/platforms/ios/Log.swift
|
||||
${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift
|
||||
${CLIENT_ROOT_DIR}/platforms/ios/ScreenProtection.swift
|
||||
${CLIENT_ROOT_DIR}/platforms/ios/VPNCController.swift
|
||||
)
|
||||
|
||||
target_sources(${PROJECT} PRIVATE
|
||||
|
||||
@@ -3,15 +3,13 @@
|
||||
#include <QJsonDocument>
|
||||
#include <QJsonObject>
|
||||
|
||||
#include "core/controllers/serverController.h"
|
||||
|
||||
AwgConfigurator::AwgConfigurator(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: WireguardConfigurator(settings, true, parent)
|
||||
AwgConfigurator::AwgConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: WireguardConfigurator(settings, serverController, true, parent)
|
||||
{
|
||||
}
|
||||
|
||||
QString AwgConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
QString AwgConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
QString config = WireguardConfigurator::createConfig(credentials, container, containerConfig, errorCode);
|
||||
|
||||
@@ -41,8 +39,8 @@ QString AwgConfigurator::createConfig(const ServerCredentials &credentials, Dock
|
||||
jsonConfig[config_key::responsePacketMagicHeader] = configMap.value(config_key::responsePacketMagicHeader);
|
||||
jsonConfig[config_key::underloadPacketMagicHeader] = configMap.value(config_key::underloadPacketMagicHeader);
|
||||
jsonConfig[config_key::transportPacketMagicHeader] = configMap.value(config_key::transportPacketMagicHeader);
|
||||
jsonConfig[config_key::mtu] = containerConfig.value(ProtocolProps::protoToString(Proto::Awg)).toObject().
|
||||
value(config_key::mtu).toString(protocols::awg::defaultMtu);
|
||||
jsonConfig[config_key::mtu] =
|
||||
containerConfig.value(ProtocolProps::protoToString(Proto::Awg)).toObject().value(config_key::mtu).toString(protocols::awg::defaultMtu);
|
||||
|
||||
return QJsonDocument(jsonConfig).toJson();
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ class AwgConfigurator : public WireguardConfigurator
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
AwgConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
AwgConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode);
|
||||
|
||||
@@ -1,33 +1,30 @@
|
||||
#include "cloak_configurator.h"
|
||||
|
||||
#include <QFile>
|
||||
#include <QJsonObject>
|
||||
#include <QJsonDocument>
|
||||
#include <QJsonObject>
|
||||
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "containers/containers_defs.h"
|
||||
#include "core/controllers/serverController.h"
|
||||
|
||||
CloakConfigurator::CloakConfigurator(std::shared_ptr<Settings> settings, QObject *parent):
|
||||
ConfiguratorBase(settings, parent)
|
||||
CloakConfigurator::CloakConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
QString CloakConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
QString CloakConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
|
||||
QString cloakPublicKey = serverController.getTextFileFromContainer(container, credentials,
|
||||
amnezia::protocols::cloak::ckPublicKeyPath, errorCode);
|
||||
QString cloakPublicKey =
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::cloak::ckPublicKeyPath, errorCode);
|
||||
cloakPublicKey.replace("\n", "");
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return "";
|
||||
}
|
||||
|
||||
QString cloakBypassUid = serverController.getTextFileFromContainer(container, credentials,
|
||||
amnezia::protocols::cloak::ckBypassUidKeyPath, errorCode);
|
||||
QString cloakBypassUid =
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::cloak::ckBypassUidKeyPath, errorCode);
|
||||
cloakBypassUid.replace("\n", "");
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -47,8 +44,8 @@ QString CloakConfigurator::createConfig(const ServerCredentials &credentials, Do
|
||||
config.insert("RemoteHost", credentials.hostName);
|
||||
config.insert("RemotePort", "$CLOAK_SERVER_PORT");
|
||||
|
||||
QString textCfg = serverController.replaceVars(QJsonDocument(config).toJson(),
|
||||
serverController.genVarsForScript(credentials, container, containerConfig));
|
||||
QString textCfg = m_serverController->replaceVars(QJsonDocument(config).toJson(),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
return textCfg;
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ class CloakConfigurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
CloakConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
CloakConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode);
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#include "configurator_base.h"
|
||||
|
||||
ConfiguratorBase::ConfiguratorBase(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: QObject { parent }, m_settings(settings)
|
||||
ConfiguratorBase::ConfiguratorBase(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: QObject { parent }, m_settings(settings), m_serverController(serverController)
|
||||
{
|
||||
}
|
||||
|
||||
|
||||
@@ -5,13 +5,14 @@
|
||||
|
||||
#include "containers/containers_defs.h"
|
||||
#include "core/defs.h"
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "settings.h"
|
||||
|
||||
class ConfiguratorBase : public QObject
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
explicit ConfiguratorBase(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
explicit ConfiguratorBase(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
virtual QString createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode) = 0;
|
||||
@@ -25,6 +26,8 @@ protected:
|
||||
void processConfigWithDnsSettings(const QPair<QString, QString> &dns, QString &protocolConfigString);
|
||||
|
||||
std::shared_ptr<Settings> m_settings;
|
||||
QSharedPointer<ServerController> m_serverController;
|
||||
|
||||
};
|
||||
|
||||
#endif // CONFIGURATORBASE_H
|
||||
|
||||
@@ -9,18 +9,18 @@
|
||||
#include <QUuid>
|
||||
|
||||
#include "containers/containers_defs.h"
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "core/scripts_registry.h"
|
||||
#include "core/server_defs.h"
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "utilities.h"
|
||||
|
||||
Ikev2Configurator::Ikev2Configurator(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: ConfiguratorBase(settings, parent)
|
||||
Ikev2Configurator::Ikev2Configurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
}
|
||||
|
||||
Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials,
|
||||
DockerContainer container, ErrorCode errorCode)
|
||||
Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials, DockerContainer container,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
Ikev2Configurator::ConnectionData connData;
|
||||
connData.host = credentials.hostName;
|
||||
@@ -39,18 +39,14 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se
|
||||
"--extKeyUsage serverAuth,clientAuth -8 \"%1\"")
|
||||
.arg(connData.clientId);
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
errorCode = serverController.runContainerScript(credentials, container, scriptCreateCert);
|
||||
errorCode = m_serverController->runContainerScript(credentials, container, scriptCreateCert);
|
||||
|
||||
QString scriptExportCert = QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"")
|
||||
.arg(connData.password)
|
||||
.arg(connData.clientId)
|
||||
.arg(certFileName);
|
||||
errorCode = serverController.runContainerScript(credentials, container, scriptExportCert);
|
||||
QString scriptExportCert =
|
||||
QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"").arg(connData.password).arg(connData.clientId).arg(certFileName);
|
||||
errorCode = m_serverController->runContainerScript(credentials, container, scriptExportCert);
|
||||
|
||||
connData.clientCert = serverController.getTextFileFromContainer(container, credentials, certFileName, errorCode);
|
||||
connData.caCert =
|
||||
serverController.getTextFileFromContainer(container, credentials, "/etc/ipsec.d/ca_cert_base64.p12", errorCode);
|
||||
connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, certFileName, errorCode);
|
||||
connData.caCert = m_serverController->getTextFileFromContainer(container, credentials, "/etc/ipsec.d/ca_cert_base64.p12", errorCode);
|
||||
|
||||
qDebug() << "Ikev2Configurator::ConnectionData client cert size:" << connData.clientCert.size();
|
||||
qDebug() << "Ikev2Configurator::ConnectionData ca cert size:" << connData.caCert.size();
|
||||
@@ -58,8 +54,8 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se
|
||||
return connData;
|
||||
}
|
||||
|
||||
QString Ikev2Configurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
QString Ikev2Configurator::createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
Q_UNUSED(containerConfig)
|
||||
|
||||
|
||||
@@ -11,7 +11,7 @@ class Ikev2Configurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
Ikev2Configurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
Ikev2Configurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
struct ConnectionData {
|
||||
QByteArray clientCert; // p12 client cert
|
||||
|
||||
@@ -24,14 +24,14 @@
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: ConfiguratorBase(settings, parent)
|
||||
OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController,
|
||||
QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
}
|
||||
|
||||
OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(const ServerCredentials &credentials,
|
||||
DockerContainer container,
|
||||
ErrorCode errorCode)
|
||||
DockerContainer container, ErrorCode errorCode)
|
||||
{
|
||||
OpenVpnConfigurator::ConnectionData connData = OpenVpnConfigurator::createCertRequest();
|
||||
connData.host = credentials.hostName;
|
||||
@@ -43,8 +43,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
|
||||
|
||||
QString reqFileName = QString("%1/%2.req").arg(amnezia::protocols::openvpn::clientsDirPath).arg(connData.clientId);
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
errorCode = serverController.uploadTextFileToContainer(container, credentials, connData.request, reqFileName);
|
||||
errorCode = m_serverController->uploadTextFileToContainer(container, credentials, connData.request, reqFileName);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return connData;
|
||||
}
|
||||
@@ -54,18 +53,16 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
|
||||
return connData;
|
||||
}
|
||||
|
||||
connData.caCert = serverController.getTextFileFromContainer(container, credentials,
|
||||
amnezia::protocols::openvpn::caCertPath, errorCode);
|
||||
connData.clientCert = serverController.getTextFileFromContainer(
|
||||
container, credentials,
|
||||
QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath).arg(connData.clientId), errorCode);
|
||||
connData.caCert =
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::openvpn::caCertPath, errorCode);
|
||||
connData.clientCert = m_serverController->getTextFileFromContainer(
|
||||
container, credentials, QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath).arg(connData.clientId), errorCode);
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return connData;
|
||||
}
|
||||
|
||||
connData.taKey = serverController.getTextFileFromContainer(container, credentials,
|
||||
amnezia::protocols::openvpn::taKeyPath, errorCode);
|
||||
connData.taKey = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::openvpn::taKeyPath, errorCode);
|
||||
|
||||
if (connData.caCert.isEmpty() || connData.clientCert.isEmpty() || connData.taKey.isEmpty()) {
|
||||
errorCode = ErrorCode::SshScpFailureError;
|
||||
@@ -77,10 +74,8 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
|
||||
QString OpenVpnConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
QString config =
|
||||
serverController.replaceVars(amnezia::scriptData(ProtocolScriptType::openvpn_template, container),
|
||||
serverController.genVarsForScript(credentials, container, containerConfig));
|
||||
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::openvpn_template, container),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
ConnectionData connData = prepareOpenVpnConfig(credentials, container, errorCode);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -121,18 +116,16 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(const QPair<QString,
|
||||
if (!isApiConfig) {
|
||||
QRegularExpression regex("redirect-gateway.*");
|
||||
config.replace(regex, "");
|
||||
|
||||
if (m_settings->routeMode() == Settings::VpnAllSites) {
|
||||
|
||||
if (!m_settings->isSitesSplitTunnelingEnabled()) {
|
||||
config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n");
|
||||
// Prevent ipv6 leak
|
||||
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
|
||||
config.append("block-ipv6\n");
|
||||
}
|
||||
if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
|
||||
} else if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
|
||||
|
||||
// no redirect-gateway
|
||||
}
|
||||
if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
|
||||
} else if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
|
||||
#ifndef Q_OS_ANDROID
|
||||
config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n");
|
||||
#endif
|
||||
@@ -196,12 +189,10 @@ ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, const ServerC
|
||||
.arg(ContainerProps::containerToString(container))
|
||||
.arg(clientId);
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
QStringList scriptList { script_import, script_sign };
|
||||
QString script = serverController.replaceVars(scriptList.join("\n"),
|
||||
serverController.genVarsForScript(credentials, container));
|
||||
QString script = m_serverController->replaceVars(scriptList.join("\n"), m_serverController->genVarsForScript(credentials, container));
|
||||
|
||||
return serverController.runScript(credentials, script);
|
||||
return m_serverController->runScript(credentials, script);
|
||||
}
|
||||
|
||||
OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest()
|
||||
@@ -235,8 +226,8 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest()
|
||||
|
||||
X509_NAME_add_entry_by_txt(x509_name, "C", MBSTRING_ASC, (unsigned char *)"ORG", -1, -1, 0);
|
||||
X509_NAME_add_entry_by_txt(x509_name, "O", MBSTRING_ASC, (unsigned char *)"", -1, -1, 0);
|
||||
X509_NAME_add_entry_by_txt(x509_name, "CN", MBSTRING_ASC,
|
||||
reinterpret_cast<unsigned char const *>(clientIdUtf8.data()), clientIdUtf8.size(), -1, 0);
|
||||
X509_NAME_add_entry_by_txt(x509_name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char const *>(clientIdUtf8.data()),
|
||||
clientIdUtf8.size(), -1, 0);
|
||||
|
||||
// 4. set public key of x509 req
|
||||
ret = X509_REQ_set_pubkey(x509_req, pKey);
|
||||
|
||||
@@ -11,7 +11,7 @@ class OpenVpnConfigurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
OpenVpnConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
OpenVpnConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
struct ConnectionData
|
||||
{
|
||||
|
||||
@@ -1,25 +1,23 @@
|
||||
#include "shadowsocks_configurator.h"
|
||||
|
||||
#include <QFile>
|
||||
#include <QJsonObject>
|
||||
#include <QJsonDocument>
|
||||
#include <QJsonObject>
|
||||
|
||||
#include "containers/containers_defs.h"
|
||||
#include "core/controllers/serverController.h"
|
||||
|
||||
ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr<Settings> settings, QObject *parent):
|
||||
ConfiguratorBase(settings, parent)
|
||||
ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController,
|
||||
QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
QString ShadowSocksConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
|
||||
QString ssKey = serverController.getTextFileFromContainer(container, credentials,
|
||||
amnezia::protocols::shadowsocks::ssKeyPath, errorCode);
|
||||
QString ssKey =
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::shadowsocks::ssKeyPath, errorCode);
|
||||
ssKey.replace("\n", "");
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -34,10 +32,9 @@ QString ShadowSocksConfigurator::createConfig(const ServerCredentials &credentia
|
||||
config.insert("timeout", 60);
|
||||
config.insert("method", "$SHADOWSOCKS_CIPHER");
|
||||
|
||||
QString textCfg = m_serverController->replaceVars(QJsonDocument(config).toJson(),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
QString textCfg = serverController.replaceVars(QJsonDocument(config).toJson(),
|
||||
serverController.genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
//qDebug().noquote() << textCfg;
|
||||
// qDebug().noquote() << textCfg;
|
||||
return textCfg;
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ class ShadowSocksConfigurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
ShadowSocksConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
ShadowSocksConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode);
|
||||
|
||||
@@ -17,8 +17,8 @@
|
||||
#include "core/server_defs.h"
|
||||
#include "utilities.h"
|
||||
|
||||
SshConfigurator::SshConfigurator(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: ConfiguratorBase(settings, parent)
|
||||
SshConfigurator::SshConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
}
|
||||
|
||||
@@ -82,8 +82,7 @@ void SshConfigurator::openSshTerminal(const ServerCredentials &credentials)
|
||||
// p->setNativeArguments(QString("%1@%2")
|
||||
// .arg(credentials.userName).arg(credentials.hostName).arg(credentials.secretData));
|
||||
} else {
|
||||
p->setNativeArguments(
|
||||
QString("%1@%2 -pw %3").arg(credentials.userName).arg(credentials.hostName).arg(credentials.secretData));
|
||||
p->setNativeArguments(QString("%1@%2 -pw %3").arg(credentials.userName).arg(credentials.hostName).arg(credentials.secretData));
|
||||
}
|
||||
#else
|
||||
p->setProgram("/bin/bash");
|
||||
|
||||
@@ -11,7 +11,7 @@ class SshConfigurator : ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
SshConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
SshConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
QProcessEnvironment prepareEnv();
|
||||
QString convertOpenSShKey(const QString &key);
|
||||
|
||||
@@ -19,15 +19,13 @@
|
||||
#include "settings.h"
|
||||
#include "utilities.h"
|
||||
|
||||
WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings, bool isAwg, QObject *parent)
|
||||
: ConfiguratorBase(settings, parent), m_isAwg(isAwg)
|
||||
WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController,
|
||||
bool isAwg, QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent), m_isAwg(isAwg)
|
||||
{
|
||||
m_serverConfigPath =
|
||||
m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath;
|
||||
m_serverPublicKeyPath =
|
||||
m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath;
|
||||
m_serverPskKeyPath =
|
||||
m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath;
|
||||
m_serverConfigPath = m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath;
|
||||
m_serverPublicKeyPath = m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath;
|
||||
m_serverPskKeyPath = m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath;
|
||||
m_configTemplate = m_isAwg ? ProtocolScriptType::awg_template : ProtocolScriptType::wireguard_template;
|
||||
|
||||
m_protocolName = m_isAwg ? config_key::awg : config_key::wireguard;
|
||||
@@ -67,8 +65,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
|
||||
|
||||
WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials,
|
||||
DockerContainer container,
|
||||
const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode)
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
{
|
||||
WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys();
|
||||
connData.host = credentials.hostName;
|
||||
@@ -79,8 +76,6 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
return connData;
|
||||
}
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
|
||||
// Get list of already created clients (only IP addresses)
|
||||
QString nextIpNumber;
|
||||
{
|
||||
@@ -91,7 +86,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
return ErrorCode::NoError;
|
||||
};
|
||||
|
||||
errorCode = serverController.runContainerScript(credentials, container, script, cbReadStdOut);
|
||||
errorCode = m_serverController->runContainerScript(credentials, container, script, cbReadStdOut);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return connData;
|
||||
}
|
||||
@@ -113,8 +108,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
}
|
||||
}
|
||||
|
||||
QString subnetIp =
|
||||
containerConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress);
|
||||
QString subnetIp = containerConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress);
|
||||
{
|
||||
QStringList l = subnetIp.split(".", Qt::SkipEmptyParts);
|
||||
if (l.isEmpty()) {
|
||||
@@ -128,14 +122,13 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
}
|
||||
|
||||
// Get keys
|
||||
connData.serverPubKey =
|
||||
serverController.getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode);
|
||||
connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode);
|
||||
connData.serverPubKey.replace("\n", "");
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return connData;
|
||||
}
|
||||
|
||||
connData.pskKey = serverController.getTextFileFromContainer(container, credentials, m_serverPskKeyPath, errorCode);
|
||||
connData.pskKey = m_serverController->getTextFileFromContainer(container, credentials, m_serverPskKeyPath, errorCode);
|
||||
connData.pskKey.replace("\n", "");
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -149,18 +142,17 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
"AllowedIPs = %3/32\n\n")
|
||||
.arg(connData.clientPubKey, connData.pskKey, connData.clientIP);
|
||||
|
||||
errorCode = serverController.uploadTextFileToContainer(container, credentials, configPart, m_serverConfigPath,
|
||||
libssh::ScpOverwriteMode::ScpAppendToExisting);
|
||||
errorCode = m_serverController->uploadTextFileToContainer(container, credentials, configPart, m_serverConfigPath,
|
||||
libssh::ScpOverwriteMode::ScpAppendToExisting);
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return connData;
|
||||
}
|
||||
|
||||
QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'")
|
||||
.arg(m_serverConfigPath);
|
||||
QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'").arg(m_serverConfigPath);
|
||||
|
||||
errorCode = serverController.runScript(
|
||||
credentials, serverController.replaceVars(script, serverController.genVarsForScript(credentials, container)));
|
||||
errorCode = m_serverController->runScript(
|
||||
credentials, m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container)));
|
||||
|
||||
return connData;
|
||||
}
|
||||
@@ -168,10 +160,9 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
|
||||
QString WireguardConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
QString scriptData = amnezia::scriptData(m_configTemplate, container);
|
||||
QString config = serverController.replaceVars(
|
||||
scriptData, serverController.genVarsForScript(credentials, container, containerConfig));
|
||||
QString config =
|
||||
m_serverController->replaceVars(scriptData, m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
ConnectionData connData = prepareWireguardConfig(credentials, container, containerConfig, errorCode);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -201,16 +192,16 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials
|
||||
return QJsonDocument(jConfig).toJson();
|
||||
}
|
||||
|
||||
QString WireguardConfigurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns,
|
||||
const bool isApiConfig, QString &protocolConfigString)
|
||||
QString WireguardConfigurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
|
||||
return protocolConfigString;
|
||||
}
|
||||
|
||||
QString WireguardConfigurator::processConfigWithExportSettings(const QPair<QString, QString> &dns,
|
||||
const bool isApiConfig, QString &protocolConfigString)
|
||||
QString WireguardConfigurator::processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
|
||||
|
||||
@@ -12,7 +12,8 @@ class WireguardConfigurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
WireguardConfigurator(std::shared_ptr<Settings> settings, bool isAwg, QObject *parent = nullptr);
|
||||
WireguardConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, bool isAwg,
|
||||
QObject *parent = nullptr);
|
||||
|
||||
struct ConnectionData
|
||||
{
|
||||
@@ -25,13 +26,11 @@ public:
|
||||
QString port;
|
||||
};
|
||||
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode errorCode);
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode);
|
||||
|
||||
QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString);
|
||||
QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString);
|
||||
QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
|
||||
static ConnectionData genClientKeys();
|
||||
|
||||
|
||||
@@ -8,26 +8,26 @@
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "core/scripts_registry.h"
|
||||
|
||||
XrayConfigurator::XrayConfigurator(std::shared_ptr<Settings> settings, QObject *parent) : ConfiguratorBase(settings, parent)
|
||||
XrayConfigurator::XrayConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent)
|
||||
: ConfiguratorBase(settings, serverController, parent)
|
||||
{
|
||||
}
|
||||
|
||||
QString XrayConfigurator::createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
|
||||
QString config = serverController.replaceVars(amnezia::scriptData(ProtocolScriptType::xray_template, container),
|
||||
serverController.genVarsForScript(credentials, container, containerConfig));
|
||||
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::xray_template, container),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
QString xrayPublicKey =
|
||||
serverController.getTextFileFromContainer(container, credentials, amnezia::protocols::xray::PublicKeyPath, errorCode);
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::xray::PublicKeyPath, errorCode);
|
||||
xrayPublicKey.replace("\n", "");
|
||||
|
||||
QString xrayUuid = serverController.getTextFileFromContainer(container, credentials, amnezia::protocols::xray::uuidPath, errorCode);
|
||||
QString xrayUuid = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::xray::uuidPath, errorCode);
|
||||
xrayUuid.replace("\n", "");
|
||||
|
||||
QString xrayShortId = serverController.getTextFileFromContainer(container, credentials, amnezia::protocols::xray::shortidPath, errorCode);
|
||||
QString xrayShortId =
|
||||
m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::xray::shortidPath, errorCode);
|
||||
xrayShortId.replace("\n", "");
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
|
||||
@@ -10,7 +10,7 @@ class XrayConfigurator : public ConfiguratorBase
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
XrayConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
|
||||
XrayConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, QObject *parent = nullptr);
|
||||
|
||||
QString createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
|
||||
ErrorCode errorCode);
|
||||
|
||||
@@ -321,7 +321,7 @@ bool ContainerProps::isEasySetupContainer(DockerContainer container)
|
||||
switch (container) {
|
||||
case DockerContainer::WireGuard: return true;
|
||||
case DockerContainer::Awg: return true;
|
||||
case DockerContainer::Cloak: return true;
|
||||
// case DockerContainer::Cloak: return true;
|
||||
default: return false;
|
||||
}
|
||||
}
|
||||
@@ -330,8 +330,8 @@ QString ContainerProps::easySetupHeader(DockerContainer container)
|
||||
{
|
||||
switch (container) {
|
||||
case DockerContainer::WireGuard: return tr("Low");
|
||||
case DockerContainer::Awg: return tr("Medium or High");
|
||||
case DockerContainer::Cloak: return tr("Extreme");
|
||||
case DockerContainer::Awg: return tr("High");
|
||||
// case DockerContainer::Cloak: return tr("Extreme");
|
||||
default: return "";
|
||||
}
|
||||
}
|
||||
@@ -341,8 +341,8 @@ QString ContainerProps::easySetupDescription(DockerContainer container)
|
||||
switch (container) {
|
||||
case DockerContainer::WireGuard: return tr("I just want to increase the level of my privacy.");
|
||||
case DockerContainer::Awg: return tr("I want to bypass censorship. This option recommended in most cases.");
|
||||
case DockerContainer::Cloak:
|
||||
return tr("Most VPN protocols are blocked. Recommended if other options are not working.");
|
||||
// case DockerContainer::Cloak:
|
||||
// return tr("Most VPN protocols are blocked. Recommended if other options are not working.");
|
||||
default: return "";
|
||||
}
|
||||
}
|
||||
@@ -352,7 +352,7 @@ int ContainerProps::easySetupOrder(DockerContainer container)
|
||||
switch (container) {
|
||||
case DockerContainer::WireGuard: return 3;
|
||||
case DockerContainer::Awg: return 2;
|
||||
case DockerContainer::Cloak: return 1;
|
||||
// case DockerContainer::Cloak: return 1;
|
||||
default: return 0;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
#include <QNetworkReply>
|
||||
#include <QtConcurrent>
|
||||
|
||||
#include "core/errorstrings.h"
|
||||
#include "configurators/wireguard_configurator.h"
|
||||
|
||||
namespace
|
||||
@@ -20,6 +19,7 @@ namespace
|
||||
constexpr char certificate[] = "certificate";
|
||||
constexpr char publicKey[] = "public_key";
|
||||
constexpr char protocol[] = "protocol";
|
||||
constexpr char uuid[] = "installation_uuid";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -64,11 +64,11 @@ QJsonObject ApiController::fillApiPayload(const QString &protocol, const ApiCont
|
||||
return obj;
|
||||
}
|
||||
|
||||
ErrorCode ApiController::updateServerConfigFromApi(QJsonObject &serverConfig)
|
||||
ErrorCode ApiController::updateServerConfigFromApi(const QString &installationUuid, QJsonObject &serverConfig)
|
||||
{
|
||||
QFutureWatcher<ErrorCode> watcher;
|
||||
|
||||
QFuture<ErrorCode> future = QtConcurrent::run([this, &serverConfig]() {
|
||||
QFuture<ErrorCode> future = QtConcurrent::run([this, &serverConfig, &installationUuid]() {
|
||||
auto containerConfig = serverConfig.value(config_key::containers).toArray();
|
||||
|
||||
if (serverConfig.value(config_key::configVersion).toInt()) {
|
||||
@@ -86,7 +86,10 @@ ErrorCode ApiController::updateServerConfigFromApi(QJsonObject &serverConfig)
|
||||
|
||||
auto apiPayloadData = generateApiPayloadData(protocol);
|
||||
|
||||
QByteArray requestBody = QJsonDocument(fillApiPayload(protocol, apiPayloadData)).toJson();
|
||||
auto apiPayload = fillApiPayload(protocol, apiPayloadData);
|
||||
apiPayload[configKey::uuid] = installationUuid;
|
||||
|
||||
QByteArray requestBody = QJsonDocument(apiPayload).toJson();
|
||||
|
||||
QScopedPointer<QNetworkReply> reply;
|
||||
reply.reset(manager.post(request, requestBody));
|
||||
|
||||
@@ -13,7 +13,7 @@ public:
|
||||
explicit ApiController(QObject *parent = nullptr);
|
||||
|
||||
public slots:
|
||||
ErrorCode updateServerConfigFromApi(QJsonObject &serverConfig);
|
||||
ErrorCode updateServerConfigFromApi(const QString &installationUuid, QJsonObject &serverConfig);
|
||||
|
||||
private:
|
||||
struct ApiPayloadData {
|
||||
|
||||
@@ -23,10 +23,10 @@
|
||||
#include <thread>
|
||||
|
||||
#include "containers/containers_defs.h"
|
||||
#include "logger.h"
|
||||
#include "core/networkUtilities.h"
|
||||
#include "core/scripts_registry.h"
|
||||
#include "core/server_defs.h"
|
||||
#include "core/networkUtilities.h"
|
||||
#include "logger.h"
|
||||
#include "settings.h"
|
||||
#include "utilities.h"
|
||||
#include "vpnConfigurationController.h"
|
||||
@@ -95,10 +95,9 @@ ErrorCode ServerController::runScript(const ServerCredentials &credentials, QStr
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
|
||||
ErrorCode
|
||||
ServerController::runContainerScript(const ServerCredentials &credentials, DockerContainer container, QString script,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdOut,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr)
|
||||
ErrorCode ServerController::runContainerScript(const ServerCredentials &credentials, DockerContainer container, QString script,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdOut,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr)
|
||||
{
|
||||
QString fileName = "/opt/amnezia/" + Utils::getRandomString(16) + ".sh";
|
||||
Logger::appendSshLog("Run container script for " + ContainerProps::containerToString(container) + ":\n" + script);
|
||||
@@ -116,9 +115,8 @@ ServerController::runContainerScript(const ServerCredentials &credentials, Docke
|
||||
return e;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, const ServerCredentials &credentials,
|
||||
const QString &file, const QString &path,
|
||||
libssh::ScpOverwriteMode overwriteMode)
|
||||
ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, const ServerCredentials &credentials, const QString &file,
|
||||
const QString &path, libssh::ScpOverwriteMode overwriteMode)
|
||||
{
|
||||
ErrorCode e = ErrorCode::NoError;
|
||||
QString tmpFileName = QString("/tmp/%1.tmp").arg(Utils::getRandomString(16));
|
||||
@@ -156,12 +154,10 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container,
|
||||
if (e)
|
||||
return e;
|
||||
|
||||
e = runScript(
|
||||
credentials,
|
||||
replaceVars(
|
||||
QString("sudo docker exec -i $CONTAINER_NAME sh -c \"cat %1 >> %2\"").arg(tmpFileName).arg(path),
|
||||
genVarsForScript(credentials, container)),
|
||||
cbReadStd, cbReadStd);
|
||||
e = runScript(credentials,
|
||||
replaceVars(QString("sudo docker exec -i $CONTAINER_NAME sh -c \"cat %1 >> %2\"").arg(tmpFileName).arg(path),
|
||||
genVarsForScript(credentials, container)),
|
||||
cbReadStd, cbReadStd);
|
||||
|
||||
if (e)
|
||||
return e;
|
||||
@@ -172,20 +168,17 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container,
|
||||
return ErrorCode::ServerContainerMissingError;
|
||||
}
|
||||
|
||||
runScript(credentials,
|
||||
replaceVars(QString("sudo shred -u %1").arg(tmpFileName), genVarsForScript(credentials, container)));
|
||||
runScript(credentials, replaceVars(QString("sudo shred -u %1").arg(tmpFileName), genVarsForScript(credentials, container)));
|
||||
return e;
|
||||
}
|
||||
|
||||
QByteArray ServerController::getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials,
|
||||
const QString &path, ErrorCode errorCode)
|
||||
QByteArray ServerController::getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials, const QString &path,
|
||||
ErrorCode errorCode)
|
||||
{
|
||||
|
||||
errorCode = ErrorCode::NoError;
|
||||
|
||||
QString script = QString("sudo docker exec -i %1 sh -c \"xxd -p \'%2\'\"")
|
||||
.arg(ContainerProps::containerToString(container))
|
||||
.arg(path);
|
||||
QString script = QString("sudo docker exec -i %1 sh -c \"xxd -p \'%2\'\"").arg(ContainerProps::containerToString(container)).arg(path);
|
||||
|
||||
QString stdOut;
|
||||
auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
|
||||
@@ -197,8 +190,8 @@ QByteArray ServerController::getTextFileFromContainer(DockerContainer container,
|
||||
return QByteArray::fromHex(stdOut.toUtf8());
|
||||
}
|
||||
|
||||
ErrorCode ServerController::uploadFileToHost(const ServerCredentials &credentials, const QByteArray &data,
|
||||
const QString &remotePath, libssh::ScpOverwriteMode overwriteMode)
|
||||
ErrorCode ServerController::uploadFileToHost(const ServerCredentials &credentials, const QByteArray &data, const QString &remotePath,
|
||||
libssh::ScpOverwriteMode overwriteMode)
|
||||
{
|
||||
auto error = m_sshClient.connectToHost(credentials);
|
||||
if (error != ErrorCode::NoError) {
|
||||
@@ -244,12 +237,10 @@ ErrorCode ServerController::removeAllContainers(const ServerCredentials &credent
|
||||
ErrorCode ServerController::removeContainer(const ServerCredentials &credentials, DockerContainer container)
|
||||
{
|
||||
return runScript(credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::remove_container),
|
||||
genVarsForScript(credentials, container)));
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::remove_container), genVarsForScript(credentials, container)));
|
||||
}
|
||||
|
||||
ErrorCode ServerController::setupContainer(const ServerCredentials &credentials, DockerContainer container,
|
||||
QJsonObject &config, bool isUpdate)
|
||||
ErrorCode ServerController::setupContainer(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config, bool isUpdate)
|
||||
{
|
||||
qDebug().noquote() << "ServerController::setupContainer" << ContainerProps::containerToString(container);
|
||||
ErrorCode e = ErrorCode::NoError;
|
||||
@@ -309,12 +300,11 @@ ErrorCode ServerController::setupContainer(const ServerCredentials &credentials,
|
||||
return startupContainerWorker(credentials, container, config);
|
||||
}
|
||||
|
||||
ErrorCode ServerController::updateContainer(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &oldConfig, QJsonObject &newConfig)
|
||||
ErrorCode ServerController::updateContainer(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &oldConfig,
|
||||
QJsonObject &newConfig)
|
||||
{
|
||||
bool reinstallRequired = isReinstallContainerRequired(container, oldConfig, newConfig);
|
||||
qDebug() << "ServerController::updateContainer for container" << container << "reinstall required is"
|
||||
<< reinstallRequired;
|
||||
qDebug() << "ServerController::updateContainer for container" << container << "reinstall required is" << reinstallRequired;
|
||||
|
||||
if (reinstallRequired) {
|
||||
return setupContainer(credentials, container, newConfig, true);
|
||||
@@ -327,8 +317,7 @@ ErrorCode ServerController::updateContainer(const ServerCredentials &credentials
|
||||
}
|
||||
}
|
||||
|
||||
bool ServerController::isReinstallContainerRequired(DockerContainer container, const QJsonObject &oldConfig,
|
||||
const QJsonObject &newConfig)
|
||||
bool ServerController::isReinstallContainerRequired(DockerContainer container, const QJsonObject &oldConfig, const QJsonObject &newConfig)
|
||||
{
|
||||
Proto mainProto = ContainerProps::defaultProtocol(container);
|
||||
|
||||
@@ -359,7 +348,7 @@ bool ServerController::isReinstallContainerRequired(DockerContainer container, c
|
||||
|
||||
if (container == DockerContainer::Awg) {
|
||||
if ((oldProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort)
|
||||
!= newProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort))
|
||||
!= newProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort))
|
||||
|| (oldProtoConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount)
|
||||
!= newProtoConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount))
|
||||
|| (oldProtoConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize)
|
||||
@@ -381,7 +370,7 @@ bool ServerController::isReinstallContainerRequired(DockerContainer container, c
|
||||
return true;
|
||||
}
|
||||
|
||||
if (container == DockerContainer::WireGuard){
|
||||
if (container == DockerContainer::WireGuard) {
|
||||
if (oldProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort)
|
||||
!= newProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort))
|
||||
return true;
|
||||
@@ -407,8 +396,7 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent
|
||||
};
|
||||
|
||||
ErrorCode error =
|
||||
runScript(credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::install_docker), genVarsForScript(credentials)),
|
||||
runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::install_docker), genVarsForScript(credentials)),
|
||||
cbReadStdOut, cbReadStdErr);
|
||||
|
||||
qDebug().noquote() << "ServerController::installDockerWorker" << stdOut;
|
||||
@@ -420,17 +408,13 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent
|
||||
return error;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::prepareHostWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config)
|
||||
ErrorCode ServerController::prepareHostWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
|
||||
{
|
||||
// create folder on host
|
||||
return runScript(
|
||||
credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::prepare_host), genVarsForScript(credentials, container)));
|
||||
return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::prepare_host), genVarsForScript(credentials, container)));
|
||||
}
|
||||
|
||||
ErrorCode ServerController::buildContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config)
|
||||
ErrorCode ServerController::buildContainerWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
|
||||
{
|
||||
ErrorCode e = uploadFileToHost(credentials, amnezia::scriptData(ProtocolScriptType::dockerfile, container).toUtf8(),
|
||||
amnezia::server::getDockerfileFolder(container) + "/Dockerfile");
|
||||
@@ -445,8 +429,7 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
|
||||
};
|
||||
|
||||
e = runScript(credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::build_container),
|
||||
genVarsForScript(credentials, container, config)),
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)),
|
||||
cbReadStdOut);
|
||||
if (e)
|
||||
return e;
|
||||
@@ -454,8 +437,7 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
|
||||
return e;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::runContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
QJsonObject &config)
|
||||
ErrorCode ServerController::runContainerWorker(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config)
|
||||
{
|
||||
QString stdOut;
|
||||
auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
|
||||
@@ -478,8 +460,7 @@ ErrorCode ServerController::runContainerWorker(const ServerCredentials &credenti
|
||||
return e;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::configureContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
QJsonObject &config)
|
||||
ErrorCode ServerController::configureContainerWorker(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config)
|
||||
{
|
||||
QString stdOut;
|
||||
auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
|
||||
@@ -501,8 +482,7 @@ ErrorCode ServerController::configureContainerWorker(const ServerCredentials &cr
|
||||
return e;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::startupContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config)
|
||||
ErrorCode ServerController::startupContainerWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
|
||||
{
|
||||
QString script = amnezia::scriptData(ProtocolScriptType::container_startup, container);
|
||||
|
||||
@@ -510,8 +490,7 @@ ErrorCode ServerController::startupContainerWorker(const ServerCredentials &cred
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
|
||||
ErrorCode e = uploadTextFileToContainer(container, credentials,
|
||||
replaceVars(script, genVarsForScript(credentials, container, config)),
|
||||
ErrorCode e = uploadTextFileToContainer(container, credentials, replaceVars(script, genVarsForScript(credentials, container, config)),
|
||||
"/opt/amnezia/start.sh");
|
||||
if (e)
|
||||
return e;
|
||||
@@ -522,8 +501,8 @@ ErrorCode ServerController::startupContainerWorker(const ServerCredentials &cred
|
||||
genVarsForScript(credentials, container, config)));
|
||||
}
|
||||
|
||||
ServerController::Vars ServerController::genVarsForScript(const ServerCredentials &credentials,
|
||||
DockerContainer container, const QJsonObject &config)
|
||||
ServerController::Vars ServerController::genVarsForScript(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config)
|
||||
{
|
||||
const QJsonObject &openvpnConfig = config.value(ProtocolProps::protoToString(Proto::OpenVpn)).toObject();
|
||||
const QJsonObject &cloakConfig = config.value(ProtocolProps::protoToString(Proto::Cloak)).toObject();
|
||||
@@ -538,24 +517,19 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
|
||||
vars.append({ { "$REMOTE_HOST", credentials.hostName } });
|
||||
|
||||
// OpenVPN vars
|
||||
vars.append(
|
||||
{ { "$OPENVPN_SUBNET_IP",
|
||||
openvpnConfig.value(config_key::subnet_address).toString(protocols::openvpn::defaultSubnetAddress) } });
|
||||
vars.append({ { "$OPENVPN_SUBNET_CIDR",
|
||||
openvpnConfig.value(config_key::subnet_cidr).toString(protocols::openvpn::defaultSubnetCidr) } });
|
||||
vars.append({ { "$OPENVPN_SUBNET_MASK",
|
||||
openvpnConfig.value(config_key::subnet_mask).toString(protocols::openvpn::defaultSubnetMask) } });
|
||||
vars.append({ { "$OPENVPN_SUBNET_IP",
|
||||
openvpnConfig.value(config_key::subnet_address).toString(protocols::openvpn::defaultSubnetAddress) } });
|
||||
vars.append({ { "$OPENVPN_SUBNET_CIDR", openvpnConfig.value(config_key::subnet_cidr).toString(protocols::openvpn::defaultSubnetCidr) } });
|
||||
vars.append({ { "$OPENVPN_SUBNET_MASK", openvpnConfig.value(config_key::subnet_mask).toString(protocols::openvpn::defaultSubnetMask) } });
|
||||
|
||||
vars.append({ { "$OPENVPN_PORT", openvpnConfig.value(config_key::port).toString(protocols::openvpn::defaultPort) } });
|
||||
vars.append(
|
||||
{ { "$OPENVPN_TRANSPORT_PROTO",
|
||||
openvpnConfig.value(config_key::transport_proto).toString(protocols::openvpn::defaultTransportProto) } });
|
||||
vars.append({ { "$OPENVPN_TRANSPORT_PROTO",
|
||||
openvpnConfig.value(config_key::transport_proto).toString(protocols::openvpn::defaultTransportProto) } });
|
||||
|
||||
bool isNcpDisabled = openvpnConfig.value(config_key::ncp_disable).toBool(protocols::openvpn::defaultNcpDisable);
|
||||
vars.append({ { "$OPENVPN_NCP_DISABLE", isNcpDisabled ? protocols::openvpn::ncpDisableString : "" } });
|
||||
|
||||
vars.append({ { "$OPENVPN_CIPHER",
|
||||
openvpnConfig.value(config_key::cipher).toString(protocols::openvpn::defaultCipher) } });
|
||||
vars.append({ { "$OPENVPN_CIPHER", openvpnConfig.value(config_key::cipher).toString(protocols::openvpn::defaultCipher) } });
|
||||
vars.append({ { "$OPENVPN_HASH", openvpnConfig.value(config_key::hash).toString(protocols::openvpn::defaultHash) } });
|
||||
|
||||
bool isTlsAuth = openvpnConfig.value(config_key::tls_auth).toBool(protocols::openvpn::defaultTlsAuth);
|
||||
@@ -566,43 +540,35 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
|
||||
}
|
||||
|
||||
vars.append({ { "$OPENVPN_ADDITIONAL_CLIENT_CONFIG",
|
||||
openvpnConfig.value(config_key::additional_client_config)
|
||||
.toString(protocols::openvpn::defaultAdditionalClientConfig) } });
|
||||
openvpnConfig.value(config_key::additional_client_config).toString(protocols::openvpn::defaultAdditionalClientConfig) } });
|
||||
vars.append({ { "$OPENVPN_ADDITIONAL_SERVER_CONFIG",
|
||||
openvpnConfig.value(config_key::additional_server_config)
|
||||
.toString(protocols::openvpn::defaultAdditionalServerConfig) } });
|
||||
openvpnConfig.value(config_key::additional_server_config).toString(protocols::openvpn::defaultAdditionalServerConfig) } });
|
||||
|
||||
// ShadowSocks vars
|
||||
vars.append({ { "$SHADOWSOCKS_SERVER_PORT",
|
||||
ssConfig.value(config_key::port).toString(protocols::shadowsocks::defaultPort) } });
|
||||
vars.append({ { "$SHADOWSOCKS_SERVER_PORT", ssConfig.value(config_key::port).toString(protocols::shadowsocks::defaultPort) } });
|
||||
vars.append({ { "$SHADOWSOCKS_LOCAL_PORT",
|
||||
ssConfig.value(config_key::local_port).toString(protocols::shadowsocks::defaultLocalProxyPort) } });
|
||||
vars.append({ { "$SHADOWSOCKS_CIPHER",
|
||||
ssConfig.value(config_key::cipher).toString(protocols::shadowsocks::defaultCipher) } });
|
||||
vars.append({ { "$SHADOWSOCKS_CIPHER", ssConfig.value(config_key::cipher).toString(protocols::shadowsocks::defaultCipher) } });
|
||||
|
||||
vars.append({ { "$CONTAINER_NAME", ContainerProps::containerToString(container) } });
|
||||
vars.append({ { "$DOCKERFILE_FOLDER", "/opt/amnezia/" + ContainerProps::containerToString(container) } });
|
||||
|
||||
// Cloak vars
|
||||
vars.append({ { "$CLOAK_SERVER_PORT", cloakConfig.value(config_key::port).toString(protocols::cloak::defaultPort) } });
|
||||
vars.append({ { "$FAKE_WEB_SITE_ADDRESS",
|
||||
cloakConfig.value(config_key::site).toString(protocols::cloak::defaultRedirSite) } });
|
||||
vars.append({ { "$FAKE_WEB_SITE_ADDRESS", cloakConfig.value(config_key::site).toString(protocols::cloak::defaultRedirSite) } });
|
||||
|
||||
// Xray vars
|
||||
vars.append({ { "$XRAY_SITE_NAME",
|
||||
xrayConfig.value(config_key::site).toString(protocols::xray::defaultSite) } });
|
||||
vars.append({ { "$XRAY_SITE_NAME", xrayConfig.value(config_key::site).toString(protocols::xray::defaultSite) } });
|
||||
|
||||
// Wireguard vars
|
||||
vars.append(
|
||||
{ { "$WIREGUARD_SUBNET_IP",
|
||||
wireguarConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) } });
|
||||
vars.append({ { "$WIREGUARD_SUBNET_IP",
|
||||
wireguarConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) } });
|
||||
vars.append({ { "$WIREGUARD_SUBNET_CIDR",
|
||||
wireguarConfig.value(config_key::subnet_cidr).toString(protocols::wireguard::defaultSubnetCidr) } });
|
||||
vars.append({ { "$WIREGUARD_SUBNET_MASK",
|
||||
wireguarConfig.value(config_key::subnet_mask).toString(protocols::wireguard::defaultSubnetMask) } });
|
||||
|
||||
vars.append({ { "$WIREGUARD_SERVER_PORT",
|
||||
wireguarConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) } });
|
||||
vars.append({ { "$WIREGUARD_SERVER_PORT", wireguarConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) } });
|
||||
|
||||
// IPsec vars
|
||||
vars.append({ { "$IPSEC_VPN_L2TP_NET", "192.168.42.0/24" } });
|
||||
@@ -625,30 +591,22 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
|
||||
vars.append({ { "$SECONDARY_SERVER_DNS", m_settings->secondaryDns() } });
|
||||
|
||||
// Sftp vars
|
||||
vars.append(
|
||||
{ { "$SFTP_PORT",
|
||||
sftpConfig.value(config_key::port).toString(QString::number(ProtocolProps::defaultPort(Proto::Sftp))) } });
|
||||
vars.append({ { "$SFTP_PORT", sftpConfig.value(config_key::port).toString(QString::number(ProtocolProps::defaultPort(Proto::Sftp))) } });
|
||||
vars.append({ { "$SFTP_USER", sftpConfig.value(config_key::userName).toString() } });
|
||||
vars.append({ { "$SFTP_PASSWORD", sftpConfig.value(config_key::password).toString() } });
|
||||
|
||||
// Amnezia wireguard vars
|
||||
vars.append({ { "$AWG_SERVER_PORT",
|
||||
amneziaWireguarConfig.value(config_key::port).toString(protocols::awg::defaultPort) } });
|
||||
vars.append({ { "$AWG_SERVER_PORT", amneziaWireguarConfig.value(config_key::port).toString(protocols::awg::defaultPort) } });
|
||||
|
||||
vars.append({ { "$JUNK_PACKET_COUNT", amneziaWireguarConfig.value(config_key::junkPacketCount).toString() } });
|
||||
vars.append({ { "$JUNK_PACKET_MIN_SIZE", amneziaWireguarConfig.value(config_key::junkPacketMinSize).toString() } });
|
||||
vars.append({ { "$JUNK_PACKET_MAX_SIZE", amneziaWireguarConfig.value(config_key::junkPacketMaxSize).toString() } });
|
||||
vars.append({ { "$INIT_PACKET_JUNK_SIZE", amneziaWireguarConfig.value(config_key::initPacketJunkSize).toString() } });
|
||||
vars.append({ { "$RESPONSE_PACKET_JUNK_SIZE",
|
||||
amneziaWireguarConfig.value(config_key::responsePacketJunkSize).toString() } });
|
||||
vars.append({ { "$INIT_PACKET_MAGIC_HEADER",
|
||||
amneziaWireguarConfig.value(config_key::initPacketMagicHeader).toString() } });
|
||||
vars.append({ { "$RESPONSE_PACKET_MAGIC_HEADER",
|
||||
amneziaWireguarConfig.value(config_key::responsePacketMagicHeader).toString() } });
|
||||
vars.append({ { "$UNDERLOAD_PACKET_MAGIC_HEADER",
|
||||
amneziaWireguarConfig.value(config_key::underloadPacketMagicHeader).toString() } });
|
||||
vars.append({ { "$TRANSPORT_PACKET_MAGIC_HEADER",
|
||||
amneziaWireguarConfig.value(config_key::transportPacketMagicHeader).toString() } });
|
||||
vars.append({ { "$RESPONSE_PACKET_JUNK_SIZE", amneziaWireguarConfig.value(config_key::responsePacketJunkSize).toString() } });
|
||||
vars.append({ { "$INIT_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::initPacketMagicHeader).toString() } });
|
||||
vars.append({ { "$RESPONSE_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::responsePacketMagicHeader).toString() } });
|
||||
vars.append({ { "$UNDERLOAD_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::underloadPacketMagicHeader).toString() } });
|
||||
vars.append({ { "$TRANSPORT_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::transportPacketMagicHeader).toString() } });
|
||||
|
||||
QString serverIp = NetworkUtilities::getIPAddress(credentials.hostName);
|
||||
if (!serverIp.isEmpty()) {
|
||||
@@ -684,9 +642,7 @@ void ServerController::cancelInstallation()
|
||||
|
||||
ErrorCode ServerController::setupServerFirewall(const ServerCredentials &credentials)
|
||||
{
|
||||
return runScript(
|
||||
credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::setup_host_firewall), genVarsForScript(credentials)));
|
||||
return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::setup_host_firewall), genVarsForScript(credentials)));
|
||||
}
|
||||
|
||||
QString ServerController::replaceVars(const QString &script, const Vars &vars)
|
||||
@@ -698,8 +654,7 @@ QString ServerController::replaceVars(const QString &script, const Vars &vars)
|
||||
return s;
|
||||
}
|
||||
|
||||
ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config)
|
||||
ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
|
||||
{
|
||||
if (container == DockerContainer::Dns) {
|
||||
return ErrorCode::NoError;
|
||||
@@ -722,15 +677,12 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
|
||||
QStringList fixedPorts = ContainerProps::fixedPortsForContainer(container);
|
||||
|
||||
QString defaultPort("%1");
|
||||
QString port =
|
||||
containerConfig.value(config_key::port).toString(defaultPort.arg(ProtocolProps::defaultPort(protocol)));
|
||||
QString defaultTransportProto =
|
||||
ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(protocol), protocol);
|
||||
QString port = containerConfig.value(config_key::port).toString(defaultPort.arg(ProtocolProps::defaultPort(protocol)));
|
||||
QString defaultTransportProto = ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(protocol), protocol);
|
||||
QString transportProto = containerConfig.value(config_key::transport_proto).toString(defaultTransportProto);
|
||||
|
||||
// TODO reimplement with netstat
|
||||
QString script =
|
||||
QString("which lsof &>/dev/null || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port);
|
||||
QString script = QString("which lsof &>/dev/null || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port);
|
||||
for (auto &port : fixedPorts) {
|
||||
script = script.append("|:%1").arg(port);
|
||||
}
|
||||
@@ -740,8 +692,7 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
|
||||
script = script.append(" | grep LISTEN");
|
||||
}
|
||||
|
||||
ErrorCode errorCode = runScript(credentials, replaceVars(script, genVarsForScript(credentials, container)),
|
||||
cbReadStdOut, cbReadStdErr);
|
||||
ErrorCode errorCode = runScript(credentials, replaceVars(script, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
@@ -769,8 +720,7 @@ ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, D
|
||||
};
|
||||
|
||||
const QString scriptData = amnezia::scriptData(SharedScriptType::check_user_in_sudo);
|
||||
ErrorCode error =
|
||||
runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr);
|
||||
ErrorCode error = runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr);
|
||||
|
||||
if (!stdOut.contains("sudo"))
|
||||
return ErrorCode::ServerUserNotInSudo;
|
||||
@@ -800,9 +750,7 @@ ErrorCode ServerController::isServerDpkgBusy(const ServerCredentials &credential
|
||||
return ErrorCode::ServerCancelInstallation;
|
||||
}
|
||||
stdOut.clear();
|
||||
runScript(credentials,
|
||||
replaceVars(amnezia::scriptData(SharedScriptType::check_server_is_busy),
|
||||
genVarsForScript(credentials)),
|
||||
runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::check_server_is_busy), genVarsForScript(credentials)),
|
||||
cbReadStdOut, cbReadStdErr);
|
||||
|
||||
if (stdOut.contains("Packet manager not found"))
|
||||
|
||||
@@ -25,19 +25,18 @@ public:
|
||||
ErrorCode rebootServer(const ServerCredentials &credentials);
|
||||
ErrorCode removeAllContainers(const ServerCredentials &credentials);
|
||||
ErrorCode removeContainer(const ServerCredentials &credentials, DockerContainer container);
|
||||
ErrorCode setupContainer(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config,
|
||||
bool isUpdate = false);
|
||||
ErrorCode updateContainer(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &oldConfig, QJsonObject &newConfig);
|
||||
ErrorCode setupContainer(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config, bool isUpdate = false);
|
||||
ErrorCode updateContainer(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &oldConfig,
|
||||
QJsonObject &newConfig);
|
||||
|
||||
ErrorCode startupContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config = QJsonObject());
|
||||
|
||||
ErrorCode uploadTextFileToContainer(
|
||||
DockerContainer container, const ServerCredentials &credentials, const QString &file, const QString &path,
|
||||
libssh::ScpOverwriteMode overwriteMode = libssh::ScpOverwriteMode::ScpOverwriteExisting);
|
||||
QByteArray getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials,
|
||||
const QString &path, ErrorCode errorCode);
|
||||
ErrorCode uploadTextFileToContainer(DockerContainer container, const ServerCredentials &credentials, const QString &file,
|
||||
const QString &path,
|
||||
libssh::ScpOverwriteMode overwriteMode = libssh::ScpOverwriteMode::ScpOverwriteExisting);
|
||||
QByteArray getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials, const QString &path,
|
||||
ErrorCode errorCode);
|
||||
|
||||
QString replaceVars(const QString &script, const Vars &vars);
|
||||
Vars genVarsForScript(const ServerCredentials &credentials, DockerContainer container = DockerContainer::None,
|
||||
@@ -47,10 +46,9 @@ public:
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdOut = nullptr,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr = nullptr);
|
||||
|
||||
ErrorCode
|
||||
runContainerScript(const ServerCredentials &credentials, DockerContainer container, QString script,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdOut = nullptr,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr = nullptr);
|
||||
ErrorCode runContainerScript(const ServerCredentials &credentials, DockerContainer container, QString script,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdOut = nullptr,
|
||||
const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr = nullptr);
|
||||
|
||||
QString checkSshConnection(const ServerCredentials &credentials, ErrorCode errorCode);
|
||||
|
||||
@@ -61,18 +59,14 @@ public:
|
||||
|
||||
private:
|
||||
ErrorCode installDockerWorker(const ServerCredentials &credentials, DockerContainer container);
|
||||
ErrorCode prepareHostWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config = QJsonObject());
|
||||
ErrorCode prepareHostWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config = QJsonObject());
|
||||
ErrorCode buildContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config = QJsonObject());
|
||||
ErrorCode runContainerWorker(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config);
|
||||
ErrorCode configureContainerWorker(const ServerCredentials &credentials, DockerContainer container,
|
||||
QJsonObject &config);
|
||||
ErrorCode configureContainerWorker(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config);
|
||||
|
||||
ErrorCode isServerPortBusy(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &config);
|
||||
bool isReinstallContainerRequired(DockerContainer container, const QJsonObject &oldConfig,
|
||||
const QJsonObject &newConfig);
|
||||
ErrorCode isServerPortBusy(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config);
|
||||
bool isReinstallContainerRequired(DockerContainer container, const QJsonObject &oldConfig, const QJsonObject &newConfig);
|
||||
ErrorCode isUserInSudo(const ServerCredentials &credentials, DockerContainer container);
|
||||
ErrorCode isServerDpkgBusy(const ServerCredentials &credentials, DockerContainer container);
|
||||
|
||||
|
||||
@@ -8,21 +8,22 @@
|
||||
#include "configurators/wireguard_configurator.h"
|
||||
#include "configurators/xray_configurator.h"
|
||||
|
||||
VpnConfigurationsController::VpnConfigurationsController(const std::shared_ptr<Settings> &settings, QObject *parent)
|
||||
: QObject { parent }, m_settings(settings)
|
||||
VpnConfigurationsController::VpnConfigurationsController(const std::shared_ptr<Settings> &settings,
|
||||
QSharedPointer<ServerController> serverController, QObject *parent)
|
||||
: QObject { parent }, m_settings(settings), m_serverController(serverController)
|
||||
{
|
||||
}
|
||||
|
||||
QScopedPointer<ConfiguratorBase> VpnConfigurationsController::createConfigurator(const Proto protocol)
|
||||
{
|
||||
switch (protocol) {
|
||||
case Proto::OpenVpn: return QScopedPointer<ConfiguratorBase>(new OpenVpnConfigurator(m_settings));
|
||||
case Proto::ShadowSocks: return QScopedPointer<ConfiguratorBase>(new ShadowSocksConfigurator(m_settings));
|
||||
case Proto::Cloak: return QScopedPointer<ConfiguratorBase>(new CloakConfigurator(m_settings));
|
||||
case Proto::WireGuard: return QScopedPointer<ConfiguratorBase>(new WireguardConfigurator(m_settings, false));
|
||||
case Proto::Awg: return QScopedPointer<ConfiguratorBase>(new AwgConfigurator(m_settings));
|
||||
case Proto::Ikev2: return QScopedPointer<ConfiguratorBase>(new Ikev2Configurator(m_settings));
|
||||
case Proto::Xray: return QScopedPointer<ConfiguratorBase>(new XrayConfigurator(m_settings));
|
||||
case Proto::OpenVpn: return QScopedPointer<ConfiguratorBase>(new OpenVpnConfigurator(m_settings, m_serverController));
|
||||
case Proto::ShadowSocks: return QScopedPointer<ConfiguratorBase>(new ShadowSocksConfigurator(m_settings, m_serverController));
|
||||
case Proto::Cloak: return QScopedPointer<ConfiguratorBase>(new CloakConfigurator(m_settings, m_serverController));
|
||||
case Proto::WireGuard: return QScopedPointer<ConfiguratorBase>(new WireguardConfigurator(m_settings, m_serverController, false));
|
||||
case Proto::Awg: return QScopedPointer<ConfiguratorBase>(new AwgConfigurator(m_settings, m_serverController));
|
||||
case Proto::Ikev2: return QScopedPointer<ConfiguratorBase>(new Ikev2Configurator(m_settings, m_serverController));
|
||||
case Proto::Xray: return QScopedPointer<ConfiguratorBase>(new XrayConfigurator(m_settings, m_serverController));
|
||||
default: return QScopedPointer<ConfiguratorBase>();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@ class VpnConfigurationsController : public QObject
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
explicit VpnConfigurationsController(const std::shared_ptr<Settings> &settings, QObject *parent = nullptr);
|
||||
explicit VpnConfigurationsController(const std::shared_ptr<Settings> &settings, QSharedPointer<ServerController> serverController, QObject *parent = nullptr);
|
||||
|
||||
public slots:
|
||||
ErrorCode createProtocolConfigForContainer(const ServerCredentials &credentials, const DockerContainer container,
|
||||
@@ -30,6 +30,7 @@ private:
|
||||
QScopedPointer<ConfiguratorBase> createConfigurator(const Proto protocol);
|
||||
|
||||
std::shared_ptr<Settings> m_settings;
|
||||
QSharedPointer<ServerController> m_serverController;
|
||||
};
|
||||
|
||||
#endif // VPNCONFIGIRATIONSCONTROLLER_H
|
||||
|
||||
@@ -23,6 +23,13 @@ namespace libssh {
|
||||
|
||||
ErrorCode Client::connectToHost(const ServerCredentials &credentials)
|
||||
{
|
||||
if (m_session != nullptr) {
|
||||
if (!ssh_is_connected(m_session)) {
|
||||
ssh_free(m_session);
|
||||
m_session = nullptr;
|
||||
}
|
||||
}
|
||||
|
||||
if (m_session == nullptr) {
|
||||
m_session = ssh_new();
|
||||
|
||||
|
||||
@@ -248,9 +248,10 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) {
|
||||
|
||||
GETVALUE("privateKey", config.m_privateKey, String);
|
||||
GETVALUE("serverPublicKey", config.m_serverPublicKey, String);
|
||||
GETVALUE("serverPskKey", config.m_serverPskKey, String);
|
||||
GETVALUE("serverPort", config.m_serverPort, Double);
|
||||
|
||||
config.m_serverPskKey = obj.value("serverPskKey").toString();
|
||||
|
||||
if (!obj.contains("deviceMTU") || obj.value("deviceMTU").toString().toInt() == 0)
|
||||
{
|
||||
config.m_deviceMTU = 1420;
|
||||
@@ -373,19 +374,33 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!obj.value("Jc").isNull() && !obj.value("Jmin").isNull()
|
||||
&& !obj.value("Jmax").isNull() && !obj.value("S1").isNull()
|
||||
&& !obj.value("S2").isNull() && !obj.value("H1").isNull()
|
||||
&& !obj.value("H2").isNull() && !obj.value("H3").isNull()
|
||||
&& !obj.value("H4").isNull()) {
|
||||
config.m_killSwitchEnabled = QVariant(obj.value("killSwitchOption").toString()).toBool();
|
||||
|
||||
if (!obj.value("Jc").isNull()) {
|
||||
config.m_junkPacketCount = obj.value("Jc").toString();
|
||||
}
|
||||
if (!obj.value("Jmin").isNull()) {
|
||||
config.m_junkPacketMinSize = obj.value("Jmin").toString();
|
||||
}
|
||||
if (!obj.value("Jmax").isNull()) {
|
||||
config.m_junkPacketMaxSize = obj.value("Jmax").toString();
|
||||
}
|
||||
if (!obj.value("S1").isNull()) {
|
||||
config.m_initPacketJunkSize = obj.value("S1").toString();
|
||||
}
|
||||
if (!obj.value("S2").isNull()) {
|
||||
config.m_responsePacketJunkSize = obj.value("S2").toString();
|
||||
}
|
||||
if (!obj.value("H1").isNull()) {
|
||||
config.m_initPacketMagicHeader = obj.value("H1").toString();
|
||||
}
|
||||
if (!obj.value("H2").isNull()) {
|
||||
config.m_responsePacketMagicHeader = obj.value("H2").toString();
|
||||
}
|
||||
if (!obj.value("H3").isNull()) {
|
||||
config.m_underloadPacketMagicHeader = obj.value("H3").toString();
|
||||
}
|
||||
if (!obj.value("H4").isNull()) {
|
||||
config.m_transportPacketMagicHeader = obj.value("H4").toString();
|
||||
}
|
||||
|
||||
|
||||
@@ -37,6 +37,7 @@ class InterfaceConfig {
|
||||
QList<IPAddress> m_allowedIPAddressRanges;
|
||||
QStringList m_excludedAddresses;
|
||||
QStringList m_vpnDisabledApps;
|
||||
bool m_killSwitchEnabled;
|
||||
#if defined(MZ_ANDROID) || defined(MZ_IOS)
|
||||
QString m_installationId;
|
||||
#endif
|
||||
|
||||
@@ -221,7 +221,9 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
|
||||
json.insert("excludedAddresses", jsExcludedAddresses);
|
||||
|
||||
json.insert("vpnDisabledApps", splitTunnelApps);
|
||||
|
||||
|
||||
json.insert(amnezia::config_key::killSwitchOption, rawConfig.value(amnezia::config_key::killSwitchOption));
|
||||
|
||||
if (protocolName == amnezia::config_key::awg) {
|
||||
json.insert(amnezia::config_key::junkPacketCount, wgConfig.value(amnezia::config_key::junkPacketCount));
|
||||
json.insert(amnezia::config_key::junkPacketMinSize, wgConfig.value(amnezia::config_key::junkPacketMinSize));
|
||||
@@ -232,6 +234,24 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
|
||||
json.insert(amnezia::config_key::responsePacketMagicHeader, wgConfig.value(amnezia::config_key::responsePacketMagicHeader));
|
||||
json.insert(amnezia::config_key::underloadPacketMagicHeader, wgConfig.value(amnezia::config_key::underloadPacketMagicHeader));
|
||||
json.insert(amnezia::config_key::transportPacketMagicHeader, wgConfig.value(amnezia::config_key::transportPacketMagicHeader));
|
||||
} else if (!wgConfig.value(amnezia::config_key::junkPacketCount).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::junkPacketMinSize).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::junkPacketMaxSize).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::initPacketJunkSize).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::responsePacketJunkSize).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::initPacketMagicHeader).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::responsePacketMagicHeader).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::underloadPacketMagicHeader).isUndefined()
|
||||
&& !wgConfig.value(amnezia::config_key::transportPacketMagicHeader).isUndefined()) {
|
||||
json.insert(amnezia::config_key::junkPacketCount, wgConfig.value(amnezia::config_key::junkPacketCount));
|
||||
json.insert(amnezia::config_key::junkPacketMinSize, wgConfig.value(amnezia::config_key::junkPacketMinSize));
|
||||
json.insert(amnezia::config_key::junkPacketMaxSize, wgConfig.value(amnezia::config_key::junkPacketMaxSize));
|
||||
json.insert(amnezia::config_key::initPacketJunkSize, wgConfig.value(amnezia::config_key::initPacketJunkSize));
|
||||
json.insert(amnezia::config_key::responsePacketJunkSize, wgConfig.value(amnezia::config_key::responsePacketJunkSize));
|
||||
json.insert(amnezia::config_key::initPacketMagicHeader, wgConfig.value(amnezia::config_key::initPacketMagicHeader));
|
||||
json.insert(amnezia::config_key::responsePacketMagicHeader, wgConfig.value(amnezia::config_key::responsePacketMagicHeader));
|
||||
json.insert(amnezia::config_key::underloadPacketMagicHeader, wgConfig.value(amnezia::config_key::underloadPacketMagicHeader));
|
||||
json.insert(amnezia::config_key::transportPacketMagicHeader, wgConfig.value(amnezia::config_key::transportPacketMagicHeader));
|
||||
}
|
||||
|
||||
write(json);
|
||||
|
||||
@@ -171,9 +171,15 @@ void NetworkWatcher::unsecuredNetwork(const QString& networkName,
|
||||
}
|
||||
|
||||
|
||||
QString NetworkWatcher::getCurrentTransport() {
|
||||
auto type = m_impl->getTransportType();
|
||||
QMetaEnum metaEnum = QMetaEnum::fromType<NetworkWatcherImpl::TransportType>();
|
||||
return QString(metaEnum.valueToKey(type))
|
||||
.remove("TransportType_", Qt::CaseSensitive);
|
||||
QNetworkInformation::Reachability NetworkWatcher::getReachability() {
|
||||
if (m_simulatedDisconnection) {
|
||||
return QNetworkInformation::Reachability::Disconnected;
|
||||
} else if (QNetworkInformation::instance()) {
|
||||
return QNetworkInformation::instance()->reachability();
|
||||
}
|
||||
return QNetworkInformation::Reachability::Unknown;
|
||||
}
|
||||
|
||||
void NetworkWatcher::simulateDisconnection(bool simulatedDisconnection) {
|
||||
m_simulatedDisconnection = simulatedDisconnection;
|
||||
}
|
||||
|
||||
@@ -7,45 +7,50 @@
|
||||
|
||||
#include <QElapsedTimer>
|
||||
#include <QMap>
|
||||
#include <QObject>
|
||||
#include <QNetworkInformation>
|
||||
|
||||
|
||||
class NetworkWatcherImpl;
|
||||
|
||||
// This class watches for network changes to detect unsecured wifi.
|
||||
class NetworkWatcher final : public QObject {
|
||||
Q_OBJECT
|
||||
Q_DISABLE_COPY_MOVE(NetworkWatcher)
|
||||
Q_OBJECT
|
||||
Q_DISABLE_COPY_MOVE(NetworkWatcher)
|
||||
|
||||
public:
|
||||
NetworkWatcher();
|
||||
~NetworkWatcher();
|
||||
public:
|
||||
NetworkWatcher();
|
||||
~NetworkWatcher();
|
||||
|
||||
void initialize();
|
||||
void initialize();
|
||||
|
||||
// public for the inspector.
|
||||
void unsecuredNetwork(const QString& networkName, const QString& networkId);
|
||||
// Public for the Inspector.
|
||||
void unsecuredNetwork(const QString& networkName, const QString& networkId);
|
||||
// Used for the Inspector. simulateOffline = true to mock being disconnected,
|
||||
// false to restore.
|
||||
void simulateDisconnection(bool simulatedDisconnection);
|
||||
|
||||
QString getCurrentTransport();
|
||||
QNetworkInformation::Reachability getReachability();
|
||||
|
||||
signals:
|
||||
void networkChange();
|
||||
signals:
|
||||
void networkChange();
|
||||
|
||||
private:
|
||||
void settingsChanged();
|
||||
private:
|
||||
void settingsChanged();
|
||||
|
||||
// void notificationClicked(NotificationHandler::Message message);
|
||||
private:
|
||||
bool m_active = false;
|
||||
bool m_reportUnsecuredNetwork = false;
|
||||
|
||||
private:
|
||||
bool m_active = false;
|
||||
bool m_reportUnsecuredNetwork = false;
|
||||
// Platform-specific implementation.
|
||||
NetworkWatcherImpl* m_impl = nullptr;
|
||||
|
||||
// Platform-specific implementation.
|
||||
NetworkWatcherImpl* m_impl = nullptr;
|
||||
QMap<QString, QElapsedTimer> m_networks;
|
||||
|
||||
QMap<QString, QElapsedTimer> m_networks;
|
||||
// This is used to connect NotificationHandler lazily.
|
||||
bool m_firstNotification = true;
|
||||
|
||||
// This is used to connect NotificationHandler lazily.
|
||||
bool m_firstNotification = true;
|
||||
// Used to simulate network disconnection in the Inspector
|
||||
bool m_simulatedDisconnection = false;
|
||||
};
|
||||
|
||||
#endif // NETWORKWATCHER_H
|
||||
|
||||
@@ -5,50 +5,45 @@
|
||||
#ifndef NETWORKWATCHERIMPL_H
|
||||
#define NETWORKWATCHERIMPL_H
|
||||
|
||||
#include <QNetworkInformation>
|
||||
#include <QObject>
|
||||
|
||||
class NetworkWatcherImpl : public QObject {
|
||||
Q_OBJECT
|
||||
Q_DISABLE_COPY_MOVE(NetworkWatcherImpl)
|
||||
Q_OBJECT
|
||||
Q_DISABLE_COPY_MOVE(NetworkWatcherImpl)
|
||||
|
||||
public:
|
||||
NetworkWatcherImpl(QObject* parent) : QObject(parent) {}
|
||||
public:
|
||||
NetworkWatcherImpl(QObject* parent) : QObject(parent) {}
|
||||
|
||||
virtual ~NetworkWatcherImpl() = default;
|
||||
virtual ~NetworkWatcherImpl() = default;
|
||||
|
||||
virtual void initialize() = 0;
|
||||
virtual void initialize() = 0;
|
||||
|
||||
virtual void start() { m_active = true; }
|
||||
virtual void stop() { m_active = false; }
|
||||
virtual void start() { m_active = true; }
|
||||
virtual void stop() { m_active = false; }
|
||||
|
||||
bool isActive() const { return m_active; }
|
||||
bool isActive() const { return m_active; }
|
||||
|
||||
enum TransportType {
|
||||
TransportType_Unknown = 0,
|
||||
TransportType_Ethernet = 1,
|
||||
TransportType_WiFi = 2,
|
||||
TransportType_Cellular = 3, // In Case the API does not retun the gsm type
|
||||
TransportType_Other = 4, // I.e USB thethering
|
||||
TransportType_None = 5 // I.e Airplane Mode or no active network device
|
||||
};
|
||||
Q_ENUM(TransportType);
|
||||
enum TransportType {
|
||||
TransportType_Unknown = 0,
|
||||
TransportType_Ethernet = 1,
|
||||
TransportType_WiFi = 2,
|
||||
TransportType_Cellular = 3, // In Case the API does not retun the gsm type
|
||||
TransportType_Other = 4, // I.e USB thethering
|
||||
TransportType_None = 5 // I.e Airplane Mode or no active network device
|
||||
};
|
||||
Q_ENUM(TransportType);
|
||||
|
||||
// Returns the current type of Network Connection
|
||||
virtual TransportType getTransportType() = 0;
|
||||
signals:
|
||||
// Fires when the Device Connects to an unsecured Network
|
||||
void unsecuredNetwork(const QString& networkName, const QString& networkId);
|
||||
// Fires on when the connected WIFI Changes
|
||||
// TODO: Only windows-networkwatcher has this, the other plattforms should
|
||||
// too.
|
||||
void networkChanged(QString newBSSID);
|
||||
|
||||
signals:
|
||||
// Fires when the Device Connects to an unsecured Network
|
||||
void unsecuredNetwork(const QString& networkName, const QString& networkId);
|
||||
// Fires on when the connected WIFI Changes
|
||||
// TODO: Only windows-networkwatcher has this, the other plattforms should
|
||||
// too.
|
||||
void networkChanged(QString newBSSID);
|
||||
|
||||
// Fired when the Device changed the Type of Transport
|
||||
void transportChanged(NetworkWatcherImpl::TransportType transportType);
|
||||
|
||||
private:
|
||||
bool m_active = false;
|
||||
private:
|
||||
bool m_active = false;
|
||||
};
|
||||
|
||||
#endif // NETWORKWATCHERIMPL_H
|
||||
|
||||
@@ -8,11 +8,11 @@
|
||||
|
||||
DummyNetworkWatcher::DummyNetworkWatcher(QObject* parent)
|
||||
: NetworkWatcherImpl(parent) {
|
||||
MZ_COUNT_CTOR(DummyNetworkWatcher);
|
||||
MZ_COUNT_CTOR(DummyNetworkWatcher);
|
||||
}
|
||||
|
||||
DummyNetworkWatcher::~DummyNetworkWatcher() {
|
||||
MZ_COUNT_DTOR(DummyNetworkWatcher);
|
||||
MZ_COUNT_DTOR(DummyNetworkWatcher);
|
||||
}
|
||||
|
||||
void DummyNetworkWatcher::initialize() {}
|
||||
|
||||
@@ -8,15 +8,11 @@
|
||||
#include "networkwatcherimpl.h"
|
||||
|
||||
class DummyNetworkWatcher final : public NetworkWatcherImpl {
|
||||
public:
|
||||
DummyNetworkWatcher(QObject* parent);
|
||||
~DummyNetworkWatcher();
|
||||
public:
|
||||
DummyNetworkWatcher(QObject* parent);
|
||||
~DummyNetworkWatcher();
|
||||
|
||||
void initialize() override;
|
||||
|
||||
NetworkWatcherImpl::TransportType getTransportType() override {
|
||||
return TransportType_Other;
|
||||
};
|
||||
void initialize() override;
|
||||
};
|
||||
|
||||
#endif // DUMMYNETWORKWATCHER_H
|
||||
|
||||
@@ -16,6 +16,11 @@ struct Log {
|
||||
|
||||
private static let appGroupID = "group.org.amnezia.AmneziaVPN"
|
||||
|
||||
static let appLogURL = {
|
||||
let sharedContainerURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: appGroupID)!
|
||||
return sharedContainerURL.appendingPathComponent("app.log", isDirectory: false)
|
||||
}()
|
||||
|
||||
static let neLogURL = {
|
||||
let sharedContainerURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: appGroupID)!
|
||||
return sharedContainerURL.appendingPathComponent("ne.log", isDirectory: false)
|
||||
@@ -70,8 +75,12 @@ struct Log {
|
||||
}
|
||||
|
||||
static func log(_ type: OSLogType, title: String = "", message: String, url: URL = neLogURL) {
|
||||
NSLog("\(title) \(message)")
|
||||
|
||||
guard isLoggingEnabled else { return }
|
||||
|
||||
osLog.log(level: type, "\(title) \(message)")
|
||||
|
||||
let date = Date()
|
||||
let level = Record.Level(from: type)
|
||||
let messages = message.split(whereSeparator: \.isNewline)
|
||||
@@ -107,3 +116,7 @@ extension Log: CustomStringConvertible {
|
||||
.joined(separator: "\n")
|
||||
}
|
||||
}
|
||||
|
||||
func log(_ type: OSLogType, title: String = "", message: String) {
|
||||
Log.log(type, title: "App: \(title)", message: message, url: Log.appLogURL)
|
||||
}
|
||||
|
||||
@@ -1,50 +1,33 @@
|
||||
import Foundation
|
||||
import NetworkExtension
|
||||
|
||||
public func swiftUpdateLogData(_ qtString: std.string) -> std.string {
|
||||
let qtLog = Log(String(describing: qtString))
|
||||
var log = qtLog
|
||||
|
||||
if let appLog = Log(at: Log.appLogURL) {
|
||||
appLog.records.forEach {
|
||||
log.records.append($0)
|
||||
}
|
||||
}
|
||||
|
||||
if let neLog = Log(at: Log.neLogURL) {
|
||||
neLog.records.forEach {
|
||||
log.records.append($0)
|
||||
}
|
||||
}
|
||||
|
||||
log.records.sort {
|
||||
$0.date < $1.date
|
||||
}
|
||||
log.records.sort {
|
||||
$0.date < $1.date
|
||||
}
|
||||
|
||||
return std.string(log.description)
|
||||
}
|
||||
|
||||
public func swiftDeleteLog() {
|
||||
Log.clear(at: Log.appLogURL)
|
||||
Log.clear(at: Log.neLogURL)
|
||||
}
|
||||
|
||||
public func toggleLogging(_ isEnabled: Bool) {
|
||||
Log.isLoggingEnabled = isEnabled
|
||||
}
|
||||
|
||||
public func clearSettings() {
|
||||
NETunnelProviderManager.loadAllFromPreferences { managers, error in
|
||||
if let error {
|
||||
NSLog("clearSettings removeFromPreferences error: \(error.localizedDescription)")
|
||||
return
|
||||
}
|
||||
|
||||
managers?.forEach { manager in
|
||||
manager.removeFromPreferences { error in
|
||||
if let error {
|
||||
NSLog("NE removeFromPreferences error: \(error.localizedDescription)")
|
||||
} else {
|
||||
manager.loadFromPreferences { error in
|
||||
if let error {
|
||||
NSLog("NE loadFromPreferences after remove error: \(error.localizedDescription)")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -94,6 +94,8 @@ extension PacketTunnelProvider {
|
||||
}
|
||||
|
||||
func stopOpenVPN(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) {
|
||||
ovpnLog(.info, message: "Stopping tunnel: reason: \(reason.description)")
|
||||
|
||||
stopHandler = completionHandler
|
||||
if vpnReachability.isTracking {
|
||||
vpnReachability.stopTracking()
|
||||
|
||||
@@ -200,7 +200,7 @@ extension PacketTunnelProvider {
|
||||
// }
|
||||
|
||||
func stopWireguard(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) {
|
||||
wg_log(.info, staticMessage: "Stopping tunnel")
|
||||
wg_log(.info, message: "Stopping tunnel: reason: \(reason.description)")
|
||||
|
||||
wgAdapter.stop { error in
|
||||
ErrorNotifier.removeLastErrorFile()
|
||||
|
||||
@@ -200,3 +200,46 @@ extension WireGuardLogLevel {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
extension NEProviderStopReason: CustomStringConvertible {
|
||||
public var description: String {
|
||||
switch self {
|
||||
case .none:
|
||||
return "No specific reason"
|
||||
case .userInitiated:
|
||||
return "The user stopped the NE"
|
||||
case .providerFailed:
|
||||
return "The NE failed to function correctly"
|
||||
case .noNetworkAvailable:
|
||||
return "No network connectivity is currently available"
|
||||
case .unrecoverableNetworkChange:
|
||||
return "The device’s network connectivity changed"
|
||||
case .providerDisabled:
|
||||
return "The NE was disabled"
|
||||
case .authenticationCanceled:
|
||||
return "The authentication process was canceled"
|
||||
case .configurationFailed:
|
||||
return "The VPNC is invalid"
|
||||
case .idleTimeout:
|
||||
return "The session timed out"
|
||||
case .configurationDisabled:
|
||||
return "The VPNC was disabled"
|
||||
case .configurationRemoved:
|
||||
return "The VPNC was removed"
|
||||
case .superceded:
|
||||
return "VPNC was superceded by a higher-priority VPNC"
|
||||
case .userLogout:
|
||||
return "The user logged out"
|
||||
case .userSwitch:
|
||||
return "The current console user changed"
|
||||
case .connectionFailed:
|
||||
return "The connection failed"
|
||||
case .sleep:
|
||||
return "A stop reason indicating the VPNC enabled disconnect on sleep and the device went to sleep"
|
||||
case .appUpdate:
|
||||
return "appUpdat"
|
||||
@unknown default:
|
||||
return "@unknown default"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
50
client/platforms/ios/VPNCController.swift
Normal file
50
client/platforms/ios/VPNCController.swift
Normal file
@@ -0,0 +1,50 @@
|
||||
import Foundation
|
||||
import NetworkExtension
|
||||
|
||||
public func removeVPNC(_ vpncName: std.string) {
|
||||
let vpncName = String(describing: vpncName)
|
||||
|
||||
Task {
|
||||
await getManagers()?.first { manager in
|
||||
if let name = manager.localizedDescription, name == vpncName {
|
||||
Task {
|
||||
await remove(manager)
|
||||
}
|
||||
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public func clearSettings() {
|
||||
Task {
|
||||
await getManagers()?.forEach { manager in
|
||||
Task {
|
||||
await remove(manager)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func getManagers() async -> [NETunnelProviderManager]? {
|
||||
do {
|
||||
return try await NETunnelProviderManager.loadAllFromPreferences()
|
||||
} catch {
|
||||
log(.error, title: "VPNC: ", message: "loadAllFromPreferences error: \(error.localizedDescription)")
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func remove(_ manager: NETunnelProviderManager) async {
|
||||
let vpncName = manager.localizedDescription ?? "Unknown"
|
||||
do {
|
||||
try await manager.removeFromPreferences()
|
||||
try await manager.loadFromPreferences()
|
||||
log(.info, title: "VPNC: ", message: "Remove \(vpncName)")
|
||||
} catch {
|
||||
log(.error, title: "VPNC: ", message: "Failed to remove \(vpncName) (\(error.localizedDescription))")
|
||||
}
|
||||
}
|
||||
@@ -86,6 +86,9 @@ struct WGConfig: Decodable {
|
||||
AllowedIPs = \(allowedIPs.joined(separator: ", "))
|
||||
Endpoint = \(hostName):\(port)
|
||||
PersistentKeepalive = \(persistentKeepAlive)
|
||||
|
||||
SplitTunnelType = \(splitTunnelType)
|
||||
SplitTunnelSites = \(splitTunnelSites.joined(separator: ", "))
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
@@ -89,9 +89,11 @@ bool IosController::initialize()
|
||||
|
||||
|
||||
for (NETunnelProviderManager *manager in managers) {
|
||||
qDebug() << "IosController::initialize : VPNC: " << manager.localizedDescription;
|
||||
|
||||
if (manager.connection.status == NEVPNStatusConnected) {
|
||||
m_currentTunnel = manager;
|
||||
qDebug() << "IosController::initialize : VPN already connected";
|
||||
qDebug() << "IosController::initialize : VPN already connected with" << manager.localizedDescription;
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Connected);
|
||||
break;
|
||||
|
||||
@@ -138,7 +140,7 @@ bool IosController::connectVpn(amnezia::Proto proto, const QJsonObject& configur
|
||||
[NETunnelProviderManager loadAllFromPreferencesWithCompletionHandler:^(NSArray<NETunnelProviderManager *> * _Nullable managers, NSError * _Nullable error) {
|
||||
@try {
|
||||
if (error) {
|
||||
qDebug() << "IosController::connectVpn : Error:" << [error.localizedDescription UTF8String];
|
||||
qDebug() << "IosController::connectVpn : VPNC: loadAllFromPreferences error:" << [error.localizedDescription UTF8String];
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
ok = false;
|
||||
return;
|
||||
@@ -151,7 +153,7 @@ bool IosController::connectVpn(amnezia::Proto proto, const QJsonObject& configur
|
||||
for (NETunnelProviderManager *manager in managers) {
|
||||
if ([manager.localizedDescription isEqualToString:tunnelName.toNSString()]) {
|
||||
m_currentTunnel = manager;
|
||||
qDebug() << "IosController::connectVpn : Using existing tunnel";
|
||||
qDebug() << "IosController::connectVpn : Using existing tunnel:" << manager.localizedDescription;
|
||||
if (manager.connection.status == NEVPNStatusConnected) {
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Connected);
|
||||
return;
|
||||
@@ -162,10 +164,10 @@ bool IosController::connectVpn(amnezia::Proto proto, const QJsonObject& configur
|
||||
}
|
||||
|
||||
if (!m_currentTunnel) {
|
||||
qDebug() << "IosController::connectVpn : Creating new tunnel";
|
||||
isNewTunnelCreated = true;
|
||||
m_currentTunnel = [[NETunnelProviderManager alloc] init];
|
||||
m_currentTunnel.localizedDescription = [NSString stringWithUTF8String:tunnelName.toStdString().c_str()];
|
||||
qDebug() << "IosController::connectVpn : Creating new tunnel" << m_currentTunnel.localizedDescription;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -598,13 +600,14 @@ void IosController::startTunnel()
|
||||
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
|
||||
|
||||
if (saveError) {
|
||||
qDebug().nospace() << "IosController::startTunnel" << protocolName << ": Connect " << protocolName << " Tunnel Save Error" << saveError.localizedDescription.UTF8String;
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
return;
|
||||
}
|
||||
|
||||
[m_currentTunnel loadFromPreferencesWithCompletionHandler:^(NSError *loadError) {
|
||||
if (loadError) {
|
||||
qDebug().nospace() << "IosController::start" << protocolName << ": Connect " << protocolName << " Tunnel Load Error" << loadError.localizedDescription.UTF8String;
|
||||
qDebug().nospace() << "IosController::startTunnel :" << m_currentTunnel.localizedDescription << protocolName << ": Connect " << protocolName << " Tunnel Load Error" << loadError.localizedDescription.UTF8String;
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
return;
|
||||
}
|
||||
@@ -615,11 +618,11 @@ void IosController::startTunnel()
|
||||
BOOL started = [m_currentTunnel.connection startVPNTunnelWithOptions:nil andReturnError:&startError];
|
||||
|
||||
if (!started || startError) {
|
||||
qDebug().nospace() << "IosController::start" << protocolName << " : Connect " << protocolName << " Tunnel Start Error"
|
||||
qDebug().nospace() << "IosController::startTunnel :" << m_currentTunnel.localizedDescription << protocolName << " : Connect " << protocolName << " Tunnel Start Error"
|
||||
<< (startError ? startError.localizedDescription.UTF8String : "");
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
} else {
|
||||
qDebug().nospace() << "IosController::start" << protocolName << " : Starting the tunnel succeeded";
|
||||
qDebug().nospace() << "IosController::startTunnel :" << m_currentTunnel.localizedDescription << protocolName << " : Starting the tunnel succeeded";
|
||||
}
|
||||
}];
|
||||
});
|
||||
|
||||
@@ -15,7 +15,6 @@ class IOSNetworkWatcher : public NetworkWatcherImpl {
|
||||
~IOSNetworkWatcher();
|
||||
|
||||
void initialize() override;
|
||||
NetworkWatcherImpl::TransportType getTransportType() override;
|
||||
|
||||
private:
|
||||
NetworkWatcherImpl::TransportType toTransportType(nw_path_t path);
|
||||
|
||||
@@ -37,16 +37,6 @@ void IOSNetworkWatcher::initialize() {
|
||||
//TODO IMPL FOR AMNEZIA
|
||||
}
|
||||
|
||||
NetworkWatcherImpl::TransportType IOSNetworkWatcher::getTransportType() {
|
||||
//TODO IMPL FOR AMNEZIA
|
||||
|
||||
if (m_observableConnection != nil) {
|
||||
return m_currentVPNTransport;
|
||||
}
|
||||
// If we don't have an open tunnel-observer, m_currentVPNTransport is probably wrong.
|
||||
return NetworkWatcherImpl::TransportType_Unknown;
|
||||
}
|
||||
|
||||
NetworkWatcherImpl::TransportType IOSNetworkWatcher::toTransportType(nw_path_t path) {
|
||||
if (path == nil) {
|
||||
return NetworkWatcherImpl::TransportType_Unknown;
|
||||
|
||||
@@ -103,15 +103,32 @@ bool WireguardUtilsLinux::addInterface(const InterfaceConfig& config) {
|
||||
out << "private_key=" << QString(privateKey.toHex()) << "\n";
|
||||
out << "replace_peers=true\n";
|
||||
|
||||
if (config.m_junkPacketCount != "") {
|
||||
|
||||
if (!config.m_junkPacketCount.isEmpty()) {
|
||||
out << "jc=" << config.m_junkPacketCount << "\n";
|
||||
}
|
||||
if (!config.m_junkPacketMinSize.isEmpty()) {
|
||||
out << "jmin=" << config.m_junkPacketMinSize << "\n";
|
||||
}
|
||||
if (!config.m_junkPacketMaxSize.isEmpty()) {
|
||||
out << "jmax=" << config.m_junkPacketMaxSize << "\n";
|
||||
}
|
||||
if (!config.m_initPacketJunkSize.isEmpty()) {
|
||||
out << "s1=" << config.m_initPacketJunkSize << "\n";
|
||||
}
|
||||
if (!config.m_responsePacketJunkSize.isEmpty()) {
|
||||
out << "s2=" << config.m_responsePacketJunkSize << "\n";
|
||||
}
|
||||
if (!config.m_initPacketMagicHeader.isEmpty()) {
|
||||
out << "h1=" << config.m_initPacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_responsePacketMagicHeader.isEmpty()) {
|
||||
out << "h2=" << config.m_responsePacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_underloadPacketMagicHeader.isEmpty()) {
|
||||
out << "h3=" << config.m_underloadPacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_transportPacketMagicHeader.isEmpty()) {
|
||||
out << "h4=" << config.m_transportPacketMagicHeader << "\n";
|
||||
}
|
||||
|
||||
@@ -119,24 +136,25 @@ bool WireguardUtilsLinux::addInterface(const InterfaceConfig& config) {
|
||||
if (err != 0) {
|
||||
logger.error() << "Interface configuration failed:" << strerror(err);
|
||||
} else {
|
||||
FirewallParams params { };
|
||||
params.dnsServers.append(config.m_dnsServer);
|
||||
if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
|
||||
params.blockAll = true;
|
||||
if (config.m_excludedAddresses.size()) {
|
||||
params.allowNets = true;
|
||||
foreach (auto net, config.m_excludedAddresses) {
|
||||
params.allowAddrs.append(net.toUtf8());
|
||||
if (config.m_killSwitchEnabled) {
|
||||
FirewallParams params { };
|
||||
params.dnsServers.append(config.m_dnsServer);
|
||||
if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
|
||||
params.blockAll = true;
|
||||
if (config.m_excludedAddresses.size()) {
|
||||
params.allowNets = true;
|
||||
foreach (auto net, config.m_excludedAddresses) {
|
||||
params.allowAddrs.append(net.toUtf8());
|
||||
}
|
||||
}
|
||||
} else {
|
||||
params.blockNets = true;
|
||||
foreach (auto net, config.m_allowedIPAddressRanges) {
|
||||
params.blockAddrs.append(net.toString());
|
||||
}
|
||||
}
|
||||
} else {
|
||||
params.blockNets = true;
|
||||
foreach (auto net, config.m_allowedIPAddressRanges) {
|
||||
params.blockAddrs.append(net.toString());
|
||||
}
|
||||
applyFirewallRules(params);
|
||||
}
|
||||
|
||||
applyFirewallRules(params);
|
||||
}
|
||||
|
||||
return (err == 0);
|
||||
@@ -182,7 +200,9 @@ bool WireguardUtilsLinux::updatePeer(const InterfaceConfig& config) {
|
||||
QTextStream out(&message);
|
||||
out << "set=1\n";
|
||||
out << "public_key=" << QString(publicKey.toHex()) << "\n";
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
if (!config.m_serverPskKey.isNull()) {
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
}
|
||||
if (!config.m_serverIpv4AddrIn.isNull()) {
|
||||
out << "endpoint=" << config.m_serverIpv4AddrIn << ":";
|
||||
} else if (!config.m_serverIpv6AddrIn.isNull()) {
|
||||
|
||||
5
client/platforms/linux/linuxnetworkwatcher.h
Normal file → Executable file
5
client/platforms/linux/linuxnetworkwatcher.h
Normal file → Executable file
@@ -22,11 +22,6 @@ class LinuxNetworkWatcher final : public NetworkWatcherImpl {
|
||||
|
||||
void start() override;
|
||||
|
||||
NetworkWatcherImpl::TransportType getTransportType() {
|
||||
// TODO: Find out how to do that on linux generally. (VPN-2382)
|
||||
return NetworkWatcherImpl::TransportType_Unknown;
|
||||
};
|
||||
|
||||
signals:
|
||||
void checkDevicesInThread();
|
||||
|
||||
|
||||
@@ -95,6 +95,11 @@ void MacosRouteMonitor::handleRtmDelete(const struct rt_msghdr* rtm,
|
||||
!(rtm->rtm_addrs & RTA_NETMASK) || (addrlist.count() < 3)) {
|
||||
return;
|
||||
}
|
||||
// Ignore interface-scoped routes, we want to find the default route to the
|
||||
// internet in the global scope.
|
||||
if (rtm->rtm_flags & RTF_IFSCOPE) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Check for a default route, which should have a netmask of zero.
|
||||
const struct sockaddr* sa =
|
||||
@@ -156,6 +161,11 @@ void MacosRouteMonitor::handleRtmUpdate(const struct rt_msghdr* rtm,
|
||||
!(rtm->rtm_addrs & RTA_NETMASK) || (addrlist.count() < 3)) {
|
||||
return;
|
||||
}
|
||||
// Ignore interface-scoped routes, we want to find the default route to the
|
||||
// internet in the global scope.
|
||||
if (rtm->rtm_flags & RTF_IFSCOPE) {
|
||||
return;
|
||||
}
|
||||
// Ignore route changes that we caused, or routes on the tunnel interface.
|
||||
if (rtm->rtm_index == m_ifindex) {
|
||||
return;
|
||||
|
||||
@@ -101,15 +101,31 @@ bool WireguardUtilsMacos::addInterface(const InterfaceConfig& config) {
|
||||
out << "private_key=" << QString(privateKey.toHex()) << "\n";
|
||||
out << "replace_peers=true\n";
|
||||
|
||||
if (config.m_junkPacketCount != "") {
|
||||
if (!config.m_junkPacketCount.isEmpty()) {
|
||||
out << "jc=" << config.m_junkPacketCount << "\n";
|
||||
}
|
||||
if (!config.m_junkPacketMinSize.isEmpty()) {
|
||||
out << "jmin=" << config.m_junkPacketMinSize << "\n";
|
||||
}
|
||||
if (!config.m_junkPacketMaxSize.isEmpty()) {
|
||||
out << "jmax=" << config.m_junkPacketMaxSize << "\n";
|
||||
}
|
||||
if (!config.m_initPacketJunkSize.isEmpty()) {
|
||||
out << "s1=" << config.m_initPacketJunkSize << "\n";
|
||||
}
|
||||
if (!config.m_responsePacketJunkSize.isEmpty()) {
|
||||
out << "s2=" << config.m_responsePacketJunkSize << "\n";
|
||||
}
|
||||
if (!config.m_initPacketMagicHeader.isEmpty()) {
|
||||
out << "h1=" << config.m_initPacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_responsePacketMagicHeader.isEmpty()) {
|
||||
out << "h2=" << config.m_responsePacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_underloadPacketMagicHeader.isEmpty()) {
|
||||
out << "h3=" << config.m_underloadPacketMagicHeader << "\n";
|
||||
}
|
||||
if (!config.m_transportPacketMagicHeader.isEmpty()) {
|
||||
out << "h4=" << config.m_transportPacketMagicHeader << "\n";
|
||||
}
|
||||
|
||||
@@ -118,26 +134,26 @@ bool WireguardUtilsMacos::addInterface(const InterfaceConfig& config) {
|
||||
if (err != 0) {
|
||||
logger.error() << "Interface configuration failed:" << strerror(err);
|
||||
} else {
|
||||
FirewallParams params { };
|
||||
params.dnsServers.append(config.m_dnsServer);
|
||||
if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
|
||||
params.blockAll = true;
|
||||
if (config.m_excludedAddresses.size()) {
|
||||
if (config.m_killSwitchEnabled) {
|
||||
FirewallParams params { };
|
||||
params.dnsServers.append(config.m_dnsServer);
|
||||
if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
|
||||
params.blockAll = true;
|
||||
if (config.m_excludedAddresses.size()) {
|
||||
params.allowNets = true;
|
||||
foreach (auto net, config.m_excludedAddresses) {
|
||||
params.allowAddrs.append(net.toUtf8());
|
||||
params.allowAddrs.append(net.toUtf8());
|
||||
}
|
||||
}
|
||||
} else {
|
||||
params.blockNets = true;
|
||||
foreach (auto net, config.m_allowedIPAddressRanges) {
|
||||
}
|
||||
} else {
|
||||
params.blockNets = true;
|
||||
foreach (auto net, config.m_allowedIPAddressRanges) {
|
||||
params.blockAddrs.append(net.toString());
|
||||
}
|
||||
}
|
||||
applyFirewallRules(params);
|
||||
}
|
||||
|
||||
applyFirewallRules(params);
|
||||
}
|
||||
|
||||
return (err == 0);
|
||||
}
|
||||
|
||||
@@ -183,7 +199,9 @@ bool WireguardUtilsMacos::updatePeer(const InterfaceConfig& config) {
|
||||
QTextStream out(&message);
|
||||
out << "set=1\n";
|
||||
out << "public_key=" << QString(publicKey.toHex()) << "\n";
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
if (!config.m_serverPskKey.isNull()) {
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
}
|
||||
if (!config.m_serverIpv4AddrIn.isNull()) {
|
||||
out << "endpoint=" << config.m_serverIpv4AddrIn << ":";
|
||||
} else if (!config.m_serverIpv6AddrIn.isNull()) {
|
||||
|
||||
@@ -83,7 +83,7 @@ void MacOSPingSender::sendPing(const QHostAddress& dest, quint16 sequence) {
|
||||
packet.icmp_seq = htons(sequence);
|
||||
packet.icmp_cksum = inetChecksum(&packet, sizeof(packet));
|
||||
|
||||
if (sendto(m_socket, (char*)&packet, sizeof(packet), 0,
|
||||
if (sendto(m_socket, (char*)&packet, sizeof(packet), MSG_NOSIGNAL,
|
||||
(struct sockaddr*)&addr, sizeof(addr)) != sizeof(packet)) {
|
||||
logger.error() << "ping sending failed:" << strerror(errno);
|
||||
emit criticalPingError();
|
||||
@@ -107,9 +107,9 @@ void MacOSPingSender::socketReady() {
|
||||
iov.iov_base = packet;
|
||||
iov.iov_len = IP_MAXPACKET;
|
||||
|
||||
ssize_t rc = recvmsg(m_socket, &msg, MSG_DONTWAIT);
|
||||
ssize_t rc = recvmsg(m_socket, &msg, MSG_DONTWAIT | MSG_NOSIGNAL);
|
||||
if (rc <= 0) {
|
||||
logger.error() << "Recvmsg failed";
|
||||
logger.error() << "Recvmsg failed:" << strerror(errno);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -41,11 +41,33 @@ void MacOSUtils::enableLoginItem(bool startAtBoot) {
|
||||
Q_ASSERT(appId);
|
||||
|
||||
NSString* loginItemAppId =
|
||||
QString("%1.login-item").arg(QString::fromNSString(appId)).toNSString();
|
||||
CFStringRef cfs = (__bridge CFStringRef)loginItemAppId;
|
||||
QString("%1.login-item").arg(QString::fromNSString(appId)).toNSString();
|
||||
|
||||
Boolean ok = SMLoginItemSetEnabled(cfs, startAtBoot ? YES : NO);
|
||||
logger.debug() << "Result: " << ok;
|
||||
// For macOS 13 and beyond, register() and unregister() methods
|
||||
// are used for managing login items since SMLoginItemSetEnabled() is deprecated.
|
||||
// For versions prior to macOS 13, SMLoginItemSetEnabled() is used.
|
||||
if (@available(macOS 13, *)) {
|
||||
// Use register() or unregister() based on the startAtBoot flag
|
||||
NSError* error = nil;
|
||||
|
||||
if (startAtBoot) {
|
||||
if (![[SMAppService mainAppService] registerAndReturnError: & error]) {
|
||||
logger.error() << "Failed to register Amnezia VPN LoginItem: " << error.localizedDescription;
|
||||
} else {
|
||||
logger.debug() << "Amnezia VPN LoginItem registered successfully.";
|
||||
}
|
||||
} else {
|
||||
if (![[SMAppService mainAppService] unregisterAndReturnError: & error]) {
|
||||
logger.error() << "Failed to unregister Amnezia VPN LoginItem: " << error.localizedDescription;
|
||||
} else {
|
||||
logger.debug() << "LoginItem unregistered successfully.";
|
||||
}
|
||||
}
|
||||
} else {
|
||||
CFStringRef cfs = (__bridge CFStringRef) loginItemAppId;
|
||||
Boolean ok = SMLoginItemSetEnabled(cfs, startAtBoot ? YES : NO);
|
||||
logger.debug() << "Result: " << ok;
|
||||
}
|
||||
}
|
||||
|
||||
namespace {
|
||||
|
||||
@@ -4,8 +4,11 @@
|
||||
|
||||
#include "dnsutilswindows.h"
|
||||
|
||||
#include <WS2tcpip.h>
|
||||
#include <iphlpapi.h>
|
||||
#include <windows.h>
|
||||
#include <winsock2.h>
|
||||
#include <ws2ipdef.h>
|
||||
|
||||
#include <QProcess>
|
||||
#include <QTextStream>
|
||||
@@ -39,30 +42,27 @@ DnsUtilsWindows::~DnsUtilsWindows() {
|
||||
|
||||
bool DnsUtilsWindows::updateResolvers(const QString& ifname,
|
||||
const QList<QHostAddress>& resolvers) {
|
||||
NET_LUID luid;
|
||||
if (ConvertInterfaceAliasToLuid((wchar_t*)ifname.utf16(), &luid) != 0) {
|
||||
MIB_IF_ROW2 entry;
|
||||
if (ConvertInterfaceAliasToLuid((wchar_t*)ifname.utf16(),
|
||||
&entry.InterfaceLuid) != 0) {
|
||||
logger.error() << "Failed to resolve LUID for" << ifname;
|
||||
return false;
|
||||
}
|
||||
m_luid = luid.Value;
|
||||
if (GetIfEntry2(&entry) != NO_ERROR) {
|
||||
logger.error() << "Failed to resolve interface for" << ifname;
|
||||
return false;
|
||||
}
|
||||
m_luid = entry.InterfaceLuid.Value;
|
||||
|
||||
logger.debug() << "Configuring DNS for" << ifname;
|
||||
if (m_setInterfaceDnsSettingsProcAddr == nullptr) {
|
||||
return updateResolversNetsh(resolvers);
|
||||
return updateResolversNetsh(entry.InterfaceIndex, resolvers);
|
||||
}
|
||||
return updateResolversWin32(resolvers);
|
||||
return updateResolversWin32(entry.InterfaceGuid, resolvers);
|
||||
}
|
||||
|
||||
bool DnsUtilsWindows::updateResolversWin32(
|
||||
const QList<QHostAddress>& resolvers) {
|
||||
GUID guid;
|
||||
NET_LUID luid;
|
||||
luid.Value = m_luid;
|
||||
if (ConvertInterfaceLuidToGuid(&luid, &guid) != NO_ERROR) {
|
||||
logger.error() << "Failed to resolve GUID";
|
||||
return false;
|
||||
}
|
||||
|
||||
GUID guid, const QList<QHostAddress>& resolvers) {
|
||||
QStringList v4resolvers;
|
||||
QStringList v6resolvers;
|
||||
for (const QHostAddress& addr : resolvers) {
|
||||
@@ -113,16 +113,8 @@ constexpr const char* netshAddTemplate =
|
||||
"interface %1 add dnsservers name=%2 address=%3 validate=no\r\n";
|
||||
|
||||
bool DnsUtilsWindows::updateResolversNetsh(
|
||||
const QList<QHostAddress>& resolvers) {
|
||||
int ifindex, const QList<QHostAddress>& resolvers) {
|
||||
QProcess netsh;
|
||||
NET_LUID luid;
|
||||
NET_IFINDEX ifindex;
|
||||
luid.Value = m_luid;
|
||||
if (ConvertInterfaceLuidToIndex(&luid, &ifindex) != NO_ERROR) {
|
||||
logger.error() << "Failed to resolve GUID";
|
||||
return false;
|
||||
}
|
||||
|
||||
netsh.setProgram("netsh");
|
||||
netsh.start();
|
||||
if (!netsh.waitForStarted(WINDOWS_NETSH_TIMEOUT_MSEC)) {
|
||||
@@ -166,12 +158,26 @@ bool DnsUtilsWindows::updateResolversNetsh(
|
||||
|
||||
bool DnsUtilsWindows::restoreResolvers() {
|
||||
if (m_luid == 0) {
|
||||
// If the DNS hasn't been configured, there is nothing to restore.
|
||||
return true;
|
||||
}
|
||||
|
||||
MIB_IF_ROW2 entry;
|
||||
DWORD error;
|
||||
entry.InterfaceLuid.Value = m_luid;
|
||||
error = GetIfEntry2(&entry);
|
||||
if (error == ERROR_FILE_NOT_FOUND) {
|
||||
// If the interface no longer exists, there is nothing to restore.
|
||||
return true;
|
||||
}
|
||||
if (error != NO_ERROR) {
|
||||
logger.error() << "Failed to resolve interface entry:" << error;
|
||||
return false;
|
||||
}
|
||||
|
||||
QList<QHostAddress> empty;
|
||||
if (m_setInterfaceDnsSettingsProcAddr == nullptr) {
|
||||
return updateResolversNetsh(empty);
|
||||
return updateResolversNetsh(entry.InterfaceIndex, empty);
|
||||
}
|
||||
return updateResolversWin32(empty);
|
||||
return updateResolversWin32(entry.InterfaceGuid, empty);
|
||||
}
|
||||
|
||||
@@ -27,8 +27,8 @@ class DnsUtilsWindows final : public DnsUtils {
|
||||
quint64 m_luid = 0;
|
||||
DWORD (*m_setInterfaceDnsSettingsProcAddr)(GUID, const void*) = nullptr;
|
||||
|
||||
bool updateResolversWin32(const QList<QHostAddress>& resolvers);
|
||||
bool updateResolversNetsh(const QList<QHostAddress>& resolvers);
|
||||
bool updateResolversWin32(GUID, const QList<QHostAddress>& resolvers);
|
||||
bool updateResolversNetsh(int ifindex, const QList<QHostAddress>& resolvers);
|
||||
};
|
||||
|
||||
#endif // DNSUTILSWINDOWS_H
|
||||
|
||||
@@ -38,7 +38,6 @@ class WindowsDaemon final : public Daemon {
|
||||
Inactive,
|
||||
};
|
||||
|
||||
State m_state = Inactive;
|
||||
int m_inetAdapterIndex = -1;
|
||||
|
||||
WireguardUtilsWindows* m_wgutils = nullptr;
|
||||
|
||||
@@ -114,7 +114,7 @@ void WindowsRouteMonitor::updateValidInterfaces(int family) {
|
||||
void WindowsRouteMonitor::updateExclusionRoute(MIB_IPFORWARD_ROW2* data,
|
||||
void* ptable) {
|
||||
PMIB_IPFORWARD_TABLE2 table = reinterpret_cast<PMIB_IPFORWARD_TABLE2>(ptable);
|
||||
SOCKADDR_INET nexthop = {0};
|
||||
SOCKADDR_INET nexthop = {};
|
||||
quint64 bestLuid = 0;
|
||||
int bestMatch = -1;
|
||||
ULONG bestMetric = ULONG_MAX;
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
#include <QFileInfo>
|
||||
#include <QNetworkInterface>
|
||||
#include <QScopeGuard>
|
||||
#include <QThread>
|
||||
|
||||
namespace {
|
||||
Logger logger("WindowsSplitTunnel");
|
||||
@@ -29,6 +30,9 @@ WindowsSplitTunnel::WindowsSplitTunnel(QObject* parent) : QObject(parent) {
|
||||
uninstallDriver();
|
||||
return;
|
||||
}
|
||||
|
||||
m_tries = 0;
|
||||
|
||||
if (!isInstalled()) {
|
||||
logger.debug() << "Driver is not Installed, doing so";
|
||||
auto handle = installDriver();
|
||||
@@ -59,10 +63,10 @@ void WindowsSplitTunnel::initDriver() {
|
||||
m_driver = CreateFileW(DRIVER_SYMLINK, GENERIC_READ | GENERIC_WRITE, 0,
|
||||
nullptr, OPEN_EXISTING, 0, nullptr);
|
||||
;
|
||||
|
||||
if (m_driver == INVALID_HANDLE_VALUE) {
|
||||
if (m_driver == INVALID_HANDLE_VALUE && m_tries < 500) {
|
||||
WindowsUtils::windowsLog("Failed to open Driver: ");
|
||||
|
||||
m_tries++;
|
||||
Sleep(100);
|
||||
// If the handle is not present, try again after the serivce has started;
|
||||
auto driver_manager = WindowsServiceManager(DRIVER_SERVICE_NAME);
|
||||
QObject::connect(&driver_manager, &WindowsServiceManager::serviceStarted,
|
||||
|
||||
@@ -158,6 +158,7 @@ class WindowsSplitTunnel final : public QObject {
|
||||
constexpr static const auto MV_SERVICE_NAME = L"MullvadVPN";
|
||||
DRIVER_STATE getState();
|
||||
|
||||
int m_tries;
|
||||
// Initializes the WFP Sublayer
|
||||
bool initSublayer();
|
||||
|
||||
|
||||
@@ -39,7 +39,7 @@ Logger logger("tunnel.dll");
|
||||
|
||||
WindowsTunnelLogger::WindowsTunnelLogger(const QString& filename,
|
||||
QObject* parent)
|
||||
: QObject(parent), m_logfile(filename, this), m_timer(this) {
|
||||
: QObject(parent), m_timer(this), m_logfile(filename, this) {
|
||||
MZ_COUNT_CTOR(WindowsTunnelLogger);
|
||||
|
||||
m_startTime = QDateTime::currentMSecsSinceEpoch() * 1000000;
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "WindowsTunnelService.h"
|
||||
#include "windowstunnelservice.h"
|
||||
|
||||
#include <Windows.h>
|
||||
|
||||
@@ -30,12 +30,22 @@ static bool waitForServiceStatus(SC_HANDLE service, DWORD expectedStatus);
|
||||
|
||||
WindowsTunnelService::WindowsTunnelService(QObject* parent) : QObject(parent) {
|
||||
MZ_COUNT_CTOR(WindowsTunnelService);
|
||||
logger.debug() << "WindowsTunnelService created.";
|
||||
|
||||
m_scm = OpenSCManager(nullptr, nullptr, SC_MANAGER_ALL_ACCESS);
|
||||
if (m_scm == nullptr) {
|
||||
WindowsUtils::windowsLog("Failed to open SCManager");
|
||||
}
|
||||
|
||||
// Is the service already running? Terminate it.
|
||||
SC_HANDLE service =
|
||||
OpenService((SC_HANDLE)m_scm, TUNNEL_SERVICE_NAME, SERVICE_ALL_ACCESS);
|
||||
if (service != nullptr) {
|
||||
logger.info() << "Tunnel already exists. Terminating it.";
|
||||
stopAndDeleteTunnelService(service);
|
||||
CloseServiceHandle(service);
|
||||
}
|
||||
|
||||
connect(&m_timer, &QTimer::timeout, this, &WindowsTunnelService::timeout);
|
||||
}
|
||||
|
||||
@@ -138,7 +148,7 @@ bool WindowsTunnelService::start(const QString& configData) {
|
||||
|
||||
logger.debug() << "Service:" << qApp->applicationFilePath();
|
||||
|
||||
service = CreateService(scm, TUNNEL_SERVICE_NAME, L"Amezia VPN (tunnel)",
|
||||
service = CreateService(scm, TUNNEL_SERVICE_NAME, L"Amnezia VPN (tunnel)",
|
||||
SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
|
||||
SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL,
|
||||
(const wchar_t*)serviceCmdline.utf16(), nullptr, 0,
|
||||
|
||||
@@ -116,10 +116,12 @@ bool WireguardUtilsWindows::addInterface(const InterfaceConfig& config) {
|
||||
m_luid = luid.Value;
|
||||
m_routeMonitor.setLuid(luid.Value);
|
||||
|
||||
// Enable the windows firewall
|
||||
NET_IFINDEX ifindex;
|
||||
ConvertInterfaceLuidToIndex(&luid, &ifindex);
|
||||
WindowsFirewall::instance()->enableKillSwitch(ifindex);
|
||||
if (config.m_killSwitchEnabled) {
|
||||
// Enable the windows firewall
|
||||
NET_IFINDEX ifindex;
|
||||
ConvertInterfaceLuidToIndex(&luid, &ifindex);
|
||||
WindowsFirewall::instance()->enableKillSwitch(ifindex);
|
||||
}
|
||||
|
||||
logger.debug() << "Registration completed";
|
||||
return true;
|
||||
@@ -137,9 +139,10 @@ bool WireguardUtilsWindows::updatePeer(const InterfaceConfig& config) {
|
||||
QByteArray pskKey =
|
||||
QByteArray::fromBase64(qPrintable(config.m_serverPskKey));
|
||||
|
||||
// Enable the windows firewall for this peer.
|
||||
WindowsFirewall::instance()->enablePeerTraffic(config);
|
||||
|
||||
if (config.m_killSwitchEnabled) {
|
||||
// Enable the windows firewall for this peer.
|
||||
WindowsFirewall::instance()->enablePeerTraffic(config);
|
||||
}
|
||||
logger.debug() << "Configuring peer" << publicKey.toHex()
|
||||
<< "via" << config.m_serverIpv4AddrIn;
|
||||
|
||||
@@ -148,7 +151,9 @@ bool WireguardUtilsWindows::updatePeer(const InterfaceConfig& config) {
|
||||
QTextStream out(&message);
|
||||
out << "set=1\n";
|
||||
out << "public_key=" << QString(publicKey.toHex()) << "\n";
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
if (!config.m_serverPskKey.isNull()) {
|
||||
out << "preshared_key=" << QString(pskKey.toHex()) << "\n";
|
||||
}
|
||||
if (!config.m_serverIpv4AddrIn.isNull()) {
|
||||
out << "endpoint=" << config.m_serverIpv4AddrIn << ":";
|
||||
} else if (!config.m_serverIpv6AddrIn.isNull()) {
|
||||
|
||||
@@ -8,6 +8,7 @@
|
||||
#include <d3d11.h>
|
||||
#include <dxgi.h>
|
||||
#include <iphlpapi.h>
|
||||
#include <shlobj_core.h>
|
||||
|
||||
#include <QDir>
|
||||
#include <QHostAddress>
|
||||
@@ -19,9 +20,9 @@
|
||||
#include "logger.h"
|
||||
#include "platforms/windows/windowsutils.h"
|
||||
|
||||
#define TUNNEL_SERVICE_NAME L"WireGuardTunnel$amnvpn"
|
||||
|
||||
constexpr const char* VPN_NAME = "AmneziaVPN";
|
||||
constexpr const char* WIREGUARD_DIR = "WireGuard";
|
||||
constexpr const char* DATA_DIR = "Data";
|
||||
|
||||
namespace {
|
||||
Logger logger("WindowsCommons");
|
||||
@@ -67,27 +68,67 @@ QString WindowsCommons::tunnelConfigFile() {
|
||||
return QString();
|
||||
}
|
||||
|
||||
// static
|
||||
QString WindowsCommons::tunnelLogFile() {
|
||||
QStringList paths =
|
||||
QStandardPaths::standardLocations(QStandardPaths::GenericDataLocation);
|
||||
static QString tunnelLogFilePath = getTunnelLogFilePath();
|
||||
return tunnelLogFilePath;
|
||||
}
|
||||
|
||||
for (const QString& path : paths) {
|
||||
QDir dir(path);
|
||||
if (!dir.exists()) {
|
||||
continue;
|
||||
// static
|
||||
QString WindowsCommons::getProgramFilesPath() {
|
||||
wchar_t* path = nullptr;
|
||||
|
||||
if (SUCCEEDED(
|
||||
SHGetKnownFolderPath(FOLDERID_ProgramFiles, 0, nullptr, &path))) {
|
||||
auto guard = qScopeGuard([&] { CoTaskMemFree(path); });
|
||||
return QString::fromWCharArray(path);
|
||||
}
|
||||
return QString();
|
||||
}
|
||||
|
||||
// static
|
||||
QString WindowsCommons::getTunnelLogFilePath() {
|
||||
// Return WireGuard's log file path, "\Program Files\WireGuard\Data\log.bin",
|
||||
// if the directory path exists
|
||||
auto programFilesPath = getProgramFilesPath();
|
||||
if (!programFilesPath.isEmpty()) {
|
||||
QDir programFilesDir(programFilesPath);
|
||||
|
||||
if (programFilesDir.exists()) {
|
||||
QDir wireGuardDir(programFilesDir.filePath(WIREGUARD_DIR));
|
||||
|
||||
if (wireGuardDir.exists()) {
|
||||
QDir wireGuardDataDir(wireGuardDir.filePath(DATA_DIR));
|
||||
|
||||
if (wireGuardDataDir.exists()) {
|
||||
return wireGuardDataDir.filePath("log.bin");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
QDir vpnDir(dir.filePath(VPN_NAME));
|
||||
if (!vpnDir.exists()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
return vpnDir.filePath("log.bin");
|
||||
}
|
||||
|
||||
logger.debug() << "Failed to find WireGuard Tunnel log file";
|
||||
return QString();
|
||||
}
|
||||
|
||||
// static
|
||||
int WindowsCommons::AdapterIndexTo(const QHostAddress& dst) {
|
||||
logger.debug() << "Getting Current Internet Adapter that routes to"
|
||||
<< logger.sensitive(dst.toString());
|
||||
quint32_be ipBigEndian;
|
||||
quint32 ip = dst.toIPv4Address();
|
||||
qToBigEndian(ip, &ipBigEndian);
|
||||
_MIB_IPFORWARDROW routeInfo;
|
||||
auto result = GetBestRoute(ipBigEndian, 0, &routeInfo);
|
||||
if (result != NO_ERROR) {
|
||||
return -1;
|
||||
}
|
||||
auto adapter =
|
||||
QNetworkInterface::interfaceFromIndex(routeInfo.dwForwardIfIndex);
|
||||
logger.debug() << "Internet Adapter:" << adapter.name();
|
||||
return routeInfo.dwForwardIfIndex;
|
||||
}
|
||||
|
||||
// static
|
||||
int WindowsCommons::VPNAdapterIndex() {
|
||||
// For someReason QNetworkInterface::fromName(MozillaVPN) does not work >:(
|
||||
@@ -102,7 +143,7 @@ int WindowsCommons::VPNAdapterIndex() {
|
||||
|
||||
// Static
|
||||
QString WindowsCommons::getCurrentPath() {
|
||||
QByteArray buffer(2048, 0xFF);
|
||||
QByteArray buffer(2048, 0xFFu);
|
||||
auto ok = GetModuleFileNameA(NULL, buffer.data(), buffer.size());
|
||||
|
||||
if (ok == ERROR_INSUFFICIENT_BUFFER) {
|
||||
|
||||
@@ -19,9 +19,14 @@ class WindowsCommons final {
|
||||
|
||||
// Returns the Interface Index of the VPN Adapter
|
||||
static int VPNAdapterIndex();
|
||||
|
||||
// Returns the Interface Index that could Route to dst
|
||||
static int AdapterIndexTo(const QHostAddress& dst);
|
||||
// Returns the Path of the Current process
|
||||
static QString getCurrentPath();
|
||||
|
||||
private:
|
||||
static QString getTunnelLogFilePath();
|
||||
static QString getProgramFilesPath();
|
||||
};
|
||||
|
||||
#endif // WINDOWSCOMMONS_H
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
|
||||
#include "windowsnetworkwatcher.h"
|
||||
|
||||
#include <QNetworkInformation>
|
||||
#include <QScopeGuard>
|
||||
|
||||
#include "leakdetector.h"
|
||||
@@ -136,9 +137,4 @@ void WindowsNetworkWatcher::processWlan(PWLAN_NOTIFICATION_DATA data) {
|
||||
logger.debug() << "Unsecure network:" << logger.sensitive(ssid)
|
||||
<< "id:" << logger.sensitive(bssid);
|
||||
emit unsecuredNetwork(ssid, bssid);
|
||||
}
|
||||
|
||||
NetworkWatcherImpl::TransportType WindowsNetworkWatcher::getTransportType() {
|
||||
// TODO: Implement this once we update to Qt6.3 (VPN-3511)
|
||||
return TransportType_Other;
|
||||
}
|
||||
}
|
||||
@@ -17,8 +17,6 @@ class WindowsNetworkWatcher final : public NetworkWatcherImpl {
|
||||
|
||||
void initialize() override;
|
||||
|
||||
NetworkWatcherImpl::TransportType getTransportType() override;
|
||||
|
||||
private:
|
||||
static void wlanCallback(PWLAN_NOTIFICATION_DATA data, PVOID context);
|
||||
|
||||
|
||||
@@ -7,6 +7,8 @@
|
||||
#include <WS2tcpip.h>
|
||||
#include <Windows.h>
|
||||
#include <iphlpapi.h>
|
||||
#include <winternl.h>
|
||||
|
||||
// Note: This important must come after the previous three.
|
||||
// clang-format off
|
||||
#include <IcmpAPI.h>
|
||||
@@ -16,17 +18,58 @@
|
||||
|
||||
#include "leakdetector.h"
|
||||
#include "logger.h"
|
||||
#include "windowscommons.h"
|
||||
#include "platforms/windows/windowsutils.h"
|
||||
#include "windowscommons.h"
|
||||
|
||||
#pragma comment(lib, "Ws2_32")
|
||||
|
||||
/*
|
||||
* On 64 Bit systems we need to use another struct.
|
||||
*/
|
||||
#ifdef _WIN64
|
||||
using MZ_ICMP_ECHO_REPLY = ICMP_ECHO_REPLY32;
|
||||
#else
|
||||
using MZ_ICMP_ECHO_REPLY = ICMP_ECHO_REPLY;
|
||||
#endif
|
||||
|
||||
constexpr WORD WindowsPingPayloadSize = sizeof(quint16);
|
||||
constexpr size_t ICMP_ERR_SIZE = 8;
|
||||
/*
|
||||
* IcmpSendEcho2 expects us to provide a Buffer that is
|
||||
* at least this size
|
||||
*/
|
||||
constexpr size_t MinimumReplyBufferSize =
|
||||
sizeof(ICMP_ECHO_REPLY) + WindowsPingPayloadSize + ICMP_ERR_SIZE +
|
||||
sizeof(IO_STATUS_BLOCK);
|
||||
/**
|
||||
* ICMP_ECHO_REPLY32 is smaller than ICMP_ECHO_REPLY, so if we use that due to
|
||||
* binary compat Windows will add some padding.
|
||||
*/
|
||||
constexpr auto reply_padding =
|
||||
sizeof(ICMP_ECHO_REPLY) - sizeof(MZ_ICMP_ECHO_REPLY);
|
||||
|
||||
// Disable Packing, so the compiler does not add padding in this struct between
|
||||
// different sized types.
|
||||
#pragma pack(push, 1)
|
||||
struct ICMP_ECHO_REPLY_BUFFER {
|
||||
MZ_ICMP_ECHO_REPLY reply;
|
||||
std::array<uint8_t, reply_padding> padding;
|
||||
quint16 payload;
|
||||
std::array<char8_t, ICMP_ERR_SIZE> icmp_error;
|
||||
IO_STATUS_BLOCK status;
|
||||
};
|
||||
#pragma pack(pop)
|
||||
|
||||
// If the Size is not the MinimumReplyBufferSize, the compiler added
|
||||
// padding, so the fields will not be properly aligned with
|
||||
// what IcmpSendEcho2 will write.
|
||||
static_assert(sizeof(ICMP_ECHO_REPLY_BUFFER) == MinimumReplyBufferSize,
|
||||
"Fulfills the size requirements");
|
||||
|
||||
struct WindowsPingSenderPrivate {
|
||||
HANDLE m_handle;
|
||||
HANDLE m_event;
|
||||
unsigned char m_buffer[sizeof(ICMP_ECHO_REPLY) + WindowsPingPayloadSize + 8];
|
||||
ICMP_ECHO_REPLY_BUFFER m_replyBuffer;
|
||||
};
|
||||
|
||||
namespace {
|
||||
@@ -58,7 +101,7 @@ WindowsPingSender::WindowsPingSender(const QHostAddress& source,
|
||||
QObject::connect(m_notifier, &QWinEventNotifier::activated, this,
|
||||
&WindowsPingSender::pingEventReady);
|
||||
|
||||
memset(m_private->m_buffer, 0, sizeof(m_private->m_buffer));
|
||||
m_private->m_replyBuffer = {};
|
||||
}
|
||||
|
||||
WindowsPingSender::~WindowsPingSender() {
|
||||
@@ -86,16 +129,33 @@ void WindowsPingSender::sendPing(const QHostAddress& dest, quint16 sequence) {
|
||||
|
||||
quint32 v4dst = dest.toIPv4Address();
|
||||
if (m_source.isNull()) {
|
||||
IcmpSendEcho2(m_private->m_handle, m_private->m_event, nullptr, nullptr,
|
||||
qToBigEndian<quint32>(v4dst), &sequence, sizeof(sequence),
|
||||
nullptr, m_private->m_buffer, sizeof(m_private->m_buffer),
|
||||
10000);
|
||||
IcmpSendEcho2(m_private->m_handle, // IcmpHandle,
|
||||
m_private->m_event, // Event
|
||||
nullptr, // ApcRoutine
|
||||
nullptr, // ApcContext
|
||||
qToBigEndian<quint32>(v4dst), // DestinationAddress
|
||||
&sequence, // RequestData
|
||||
sizeof(sequence), // RequestSize
|
||||
nullptr, // RequestOptions
|
||||
&m_private->m_replyBuffer, // [OUT] ReplyBuffer
|
||||
sizeof(m_private->m_replyBuffer), // ReplySize
|
||||
10000 // Timeout
|
||||
);
|
||||
} else {
|
||||
quint32 v4src = m_source.toIPv4Address();
|
||||
IcmpSendEcho2Ex(m_private->m_handle, m_private->m_event, nullptr, nullptr,
|
||||
qToBigEndian<quint32>(v4src), qToBigEndian<quint32>(v4dst),
|
||||
&sequence, sizeof(sequence), nullptr, m_private->m_buffer,
|
||||
sizeof(m_private->m_buffer), 10000);
|
||||
IcmpSendEcho2Ex(m_private->m_handle, // IcmpHandle
|
||||
m_private->m_event, // Event
|
||||
nullptr, // ApcRoutine
|
||||
nullptr, // ApcContext
|
||||
qToBigEndian<quint32>(v4src), // SourceAddress
|
||||
qToBigEndian<quint32>(v4dst), // DestinationAddress
|
||||
&sequence, // RequestData
|
||||
sizeof(sequence), // RequestSize
|
||||
nullptr, // RequestOptions
|
||||
&m_private->m_replyBuffer, // [OUT] ReplyBuffer
|
||||
sizeof(m_private->m_replyBuffer), // ReplySize
|
||||
10000 // Timeout
|
||||
);
|
||||
}
|
||||
|
||||
DWORD status = GetLastError();
|
||||
@@ -108,8 +168,11 @@ void WindowsPingSender::sendPing(const QHostAddress& dest, quint16 sequence) {
|
||||
}
|
||||
|
||||
void WindowsPingSender::pingEventReady() {
|
||||
DWORD replyCount =
|
||||
IcmpParseReplies(m_private->m_buffer, sizeof(m_private->m_buffer));
|
||||
// Cleanup all data once we're done with m_replyBuffer.
|
||||
const auto guard = qScopeGuard([this]() { m_private->m_replyBuffer = {}; });
|
||||
|
||||
DWORD replyCount = IcmpParseReplies(&m_private->m_replyBuffer,
|
||||
sizeof(m_private->m_replyBuffer));
|
||||
if (replyCount == 0) {
|
||||
DWORD error = GetLastError();
|
||||
if (error == IP_REQ_TIMED_OUT) {
|
||||
@@ -120,14 +183,25 @@ void WindowsPingSender::pingEventReady() {
|
||||
<< " Message: " << errmsg;
|
||||
return;
|
||||
}
|
||||
|
||||
const ICMP_ECHO_REPLY* replies = (const ICMP_ECHO_REPLY*)m_private->m_buffer;
|
||||
for (DWORD i = 0; i < replyCount; i++) {
|
||||
if (replies[i].DataSize < sizeof(quint16)) {
|
||||
continue;
|
||||
}
|
||||
quint16 sequence;
|
||||
memcpy(&sequence, replies[i].Data, sizeof(quint16));
|
||||
emit recvPing(sequence);
|
||||
// We only allocated for one reply, so more should be impossible.
|
||||
if (replyCount != 1) {
|
||||
logger.error() << "Invalid amount of responses recieved";
|
||||
return;
|
||||
}
|
||||
if (m_private->m_replyBuffer.reply.Data == nullptr) {
|
||||
logger.error() << "Did get a ping response without payload";
|
||||
return;
|
||||
}
|
||||
// Assert that the (void*) pointer of Data is pointing
|
||||
// to our ReplyBuffer payload.
|
||||
if (m_private->m_replyBuffer.reply.Data == nullptr) {
|
||||
logger.error() << "Did get a ping response without payload";
|
||||
return;
|
||||
}
|
||||
// Assert that the (void*) pointer of Data is pointing
|
||||
// to our ReplyBuffer payload.
|
||||
assert(m_private->m_replyBuffer.reply.Data ==
|
||||
static_cast<PVOID>(&m_private->m_replyBuffer.payload));
|
||||
|
||||
emit recvPing(m_private->m_replyBuffer.payload);
|
||||
}
|
||||
|
||||
@@ -336,8 +336,11 @@ void OpenVpnProtocol::updateVpnGateway(const QString &line)
|
||||
for (int i = 0; i < netInterfaces.size(); i++) {
|
||||
for (int j=0; j < netInterfaces.at(i).addressEntries().size(); j++)
|
||||
{
|
||||
// killSwitch toggle
|
||||
if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) {
|
||||
IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
|
||||
if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
|
||||
}
|
||||
m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index());
|
||||
m_configData.insert("vpnGateway", m_vpnGateway);
|
||||
m_configData.insert("vpnServer", m_configData.value(amnezia::config_key::hostName).toString());
|
||||
@@ -347,7 +350,10 @@ void OpenVpnProtocol::updateVpnGateway(const QString &line)
|
||||
}
|
||||
#endif
|
||||
#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
|
||||
IpcClient::Interface()->enableKillSwitch(m_configData, 0);
|
||||
// killSwitch toggle
|
||||
if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
IpcClient::Interface()->enableKillSwitch(m_configData, 0);
|
||||
}
|
||||
#endif
|
||||
qDebug() << QString("Set vpn local address %1, gw %2").arg(m_vpnLocalAddress).arg(vpnGateway());
|
||||
}
|
||||
|
||||
@@ -92,6 +92,8 @@ namespace amnezia
|
||||
constexpr char splitTunnelApps[] = "splitTunnelApps";
|
||||
constexpr char appSplitTunnelType[] = "appSplitTunnelType";
|
||||
|
||||
constexpr char killSwitchOption[] = "killSwitchOption";
|
||||
|
||||
constexpr char crc[] = "crc";
|
||||
|
||||
constexpr char clientId[] = "clientId";
|
||||
|
||||
@@ -142,7 +142,6 @@ ErrorCode XrayProtocol::startTun2Sock()
|
||||
QThread::msleep(5000);
|
||||
IpcClient::Interface()->createTun("utun22", amnezia::protocols::xray::defaultLocalAddr);
|
||||
IpcClient::Interface()->updateResolvers("utun22", dnsAddr);
|
||||
IpcClient::Interface()->enableKillSwitch(m_configData, 0);
|
||||
#endif
|
||||
#ifdef Q_OS_WINDOWS
|
||||
QThread::msleep(15000);
|
||||
@@ -151,7 +150,12 @@ ErrorCode XrayProtocol::startTun2Sock()
|
||||
QThread::msleep(1000);
|
||||
IpcClient::Interface()->createTun("tun2", amnezia::protocols::xray::defaultLocalAddr);
|
||||
IpcClient::Interface()->updateResolvers("tun2", dnsAddr);
|
||||
IpcClient::Interface()->enableKillSwitch(m_configData, 0);
|
||||
#endif
|
||||
#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
|
||||
// killSwitch toggle
|
||||
if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
IpcClient::Interface()->enableKillSwitch(m_configData, 0);
|
||||
}
|
||||
#endif
|
||||
if (m_routeMode == 0) {
|
||||
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
|
||||
@@ -165,8 +169,11 @@ ErrorCode XrayProtocol::startTun2Sock()
|
||||
for (int i = 0; i < netInterfaces.size(); i++) {
|
||||
for (int j=0; j < netInterfaces.at(i).addressEntries().size(); j++)
|
||||
{
|
||||
// killSwitch toggle
|
||||
if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) {
|
||||
IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
|
||||
if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
|
||||
}
|
||||
m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index());
|
||||
m_configData.insert("vpnGateway", m_vpnGateway);
|
||||
m_configData.insert("vpnServer", m_remoteAddress);
|
||||
@@ -200,6 +207,7 @@ void XrayProtocol::stop()
|
||||
{
|
||||
#if defined(Q_OS_WIN) || defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
IpcClient::Interface()->StartRoutingIpv6();
|
||||
#endif
|
||||
qDebug() << "XrayProtocol::stop()";
|
||||
m_xrayProcess.terminate();
|
||||
|
||||
@@ -125,6 +125,10 @@ QByteArray SecureQSettings::backupAppConfig() const
|
||||
QJsonObject cfg;
|
||||
|
||||
for (const QString &key : m_settings.allKeys()) {
|
||||
if (key == "Conf/installationUuid") {
|
||||
continue;
|
||||
}
|
||||
|
||||
cfg.insert(key, QJsonValue::fromVariant(value(key)));
|
||||
}
|
||||
|
||||
@@ -138,6 +142,10 @@ bool SecureQSettings::restoreAppConfig(const QByteArray &json)
|
||||
return false;
|
||||
|
||||
for (const QString &key : cfg.keys()) {
|
||||
if (key == "Conf/installationUuid") {
|
||||
continue;
|
||||
}
|
||||
|
||||
setValue(key, cfg.value(key).toVariant());
|
||||
}
|
||||
|
||||
|
||||
@@ -256,7 +256,7 @@ Settings::RouteMode Settings::routeMode() const
|
||||
return static_cast<RouteMode>(value("Conf/routeMode", 0).toInt());
|
||||
}
|
||||
|
||||
bool Settings::getSitesSplitTunnelingEnabled() const
|
||||
bool Settings::isSitesSplitTunnelingEnabled() const
|
||||
{
|
||||
return value("Conf/sitesSplitTunnelingEnabled", false).toBool();
|
||||
}
|
||||
@@ -361,7 +361,9 @@ QString Settings::secondaryDns() const
|
||||
|
||||
void Settings::clearSettings()
|
||||
{
|
||||
auto uuid = getInstallationUuid(false);
|
||||
m_settings.clearSettings();
|
||||
setInstallationUuid(uuid);
|
||||
emit settingsCleared();
|
||||
}
|
||||
|
||||
@@ -413,7 +415,7 @@ void Settings::setVpnApps(AppsRouteMode mode, const QVector<InstalledAppInfo> &a
|
||||
m_settings.sync();
|
||||
}
|
||||
|
||||
bool Settings::getAppsSplitTunnelingEnabled() const
|
||||
bool Settings::isAppsSplitTunnelingEnabled() const
|
||||
{
|
||||
return value("Conf/appsSplitTunnelingEnabled", false).toBool();
|
||||
}
|
||||
@@ -423,6 +425,31 @@ void Settings::setAppsSplitTunnelingEnabled(bool enabled)
|
||||
setValue("Conf/appsSplitTunnelingEnabled", enabled);
|
||||
}
|
||||
|
||||
bool Settings::isKillSwitchEnabled() const
|
||||
{
|
||||
return value("Conf/killSwitchEnabled", true).toBool();
|
||||
}
|
||||
|
||||
void Settings::setKillSwitchEnabled(bool enabled)
|
||||
{
|
||||
setValue("Conf/killSwitchEnabled", enabled);
|
||||
}
|
||||
|
||||
QString Settings::getInstallationUuid(const bool needCreate)
|
||||
{
|
||||
auto uuid = value("Conf/installationUuid", "").toString();
|
||||
if (needCreate && uuid.isEmpty()) {
|
||||
uuid = QUuid::createUuid().toString();
|
||||
setInstallationUuid(uuid);
|
||||
}
|
||||
return uuid;
|
||||
}
|
||||
|
||||
void Settings::setInstallationUuid(const QString &uuid)
|
||||
{
|
||||
setValue("Conf/installationUuid", uuid);
|
||||
}
|
||||
|
||||
ServerCredentials Settings::defaultServerCredentials() const
|
||||
{
|
||||
return serverCredentials(defaultServerIndex());
|
||||
|
||||
@@ -115,7 +115,7 @@ public:
|
||||
RouteMode routeMode() const;
|
||||
void setRouteMode(RouteMode mode) { setValue("Conf/routeMode", mode); }
|
||||
|
||||
bool getSitesSplitTunnelingEnabled() const;
|
||||
bool isSitesSplitTunnelingEnabled() const;
|
||||
void setSitesSplitTunnelingEnabled(bool enabled);
|
||||
|
||||
QVariantMap vpnSites(RouteMode mode) const
|
||||
@@ -211,9 +211,13 @@ public:
|
||||
QVector<InstalledAppInfo> getVpnApps(AppsRouteMode mode) const;
|
||||
void setVpnApps(AppsRouteMode mode, const QVector<InstalledAppInfo> &apps);
|
||||
|
||||
bool getAppsSplitTunnelingEnabled() const;
|
||||
bool isAppsSplitTunnelingEnabled() const;
|
||||
void setAppsSplitTunnelingEnabled(bool enabled);
|
||||
|
||||
bool isKillSwitchEnabled() const;
|
||||
void setKillSwitchEnabled(bool enabled);
|
||||
QString getInstallationUuid(const bool needCreate);
|
||||
|
||||
signals:
|
||||
void saveLogsChanged(bool enabled);
|
||||
void screenshotsEnabledChanged(bool enabled);
|
||||
@@ -224,6 +228,8 @@ private:
|
||||
QVariant value(const QString &key, const QVariant &defaultValue = QVariant()) const;
|
||||
void setValue(const QString &key, const QVariant &value);
|
||||
|
||||
void setInstallationUuid(const QString &uuid);
|
||||
|
||||
mutable SecureQSettings m_settings;
|
||||
};
|
||||
|
||||
|
||||
@@ -613,7 +613,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="384"/>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation>احذف OpenVPN من الخادم?</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -2104,8 +2104,8 @@ It's okay as long as it's from someone you trust.</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="116"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<translation>تنسيق OpenVpn الاصلي</translation>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>تنسيق OpenVPN الاصلي</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="121"/>
|
||||
@@ -2716,7 +2716,7 @@ It's okay as long as it's from someone you trust.</source>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="35"/>
|
||||
<source>OpenVPN config missing</source>
|
||||
<translation>OpenVpn تكوين مفقود</translation>
|
||||
<translation>OpenVPN تكوين مفقود</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="32"/>
|
||||
@@ -2726,12 +2726,12 @@ It's okay as long as it's from someone you trust.</source>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="36"/>
|
||||
<source>OpenVPN management server error</source>
|
||||
<translation>OpenVpn خطأ في إدارة الخادم</translation>
|
||||
<translation>OpenVPN خطأ في إدارة الخادم</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="39"/>
|
||||
<source>OpenVPN executable missing</source>
|
||||
<translation>OpenVpn executeable مفقود</translation>
|
||||
<translation>OpenVPN executable مفقود</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="40"/>
|
||||
@@ -2968,7 +2968,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for
|
||||
* Recognised by DPI analysis systems and therefore susceptible to blocking
|
||||
* Can operate over both TCP and UDP network protocols.</source>
|
||||
<translation>يبقا OpenVPN كأحد اشهر بروتوكولات VPN و التي تم اختبارها عبر الزمن.
|
||||
ينشأ بروتوكول امان مميز, يستفيد من SSL/TLS للتشفير و تغير المفاتيح. واكثر من ذلك, OpenVpn يدعم تعدد طرق المصادقة يجعلة متعدد الاستخدامات وقابلة للتكيف, تلبية مجموعة واسعة من الأجهزة وأنظمة التشغيل. بسبب طبيعتة مفتوحة المصدر, يستفيد OpenVPN من التدقيق الشامل من قبل المجتمع العالمي, مما يعزز أمنها باستمرار. مع توازن قوي بين الأداء والأمان والتوافق, يظل OpenVPN الخيار الأفضل للأفراد والشركات المهتمين بالخصوصية على حدٍ سواء.
|
||||
ينشأ بروتوكول امان مميز, يستفيد من SSL/TLS للتشفير و تغير المفاتيح. واكثر من ذلك, OpenVPN يدعم تعدد طرق المصادقة يجعلة متعدد الاستخدامات وقابلة للتكيف, تلبية مجموعة واسعة من الأجهزة وأنظمة التشغيل. بسبب طبيعتة مفتوحة المصدر, يستفيد OpenVPN من التدقيق الشامل من قبل المجتمع العالمي, مما يعزز أمنها باستمرار. مع توازن قوي بين الأداء والأمان والتوافق, يظل OpenVPN الخيار الأفضل للأفراد والشركات المهتمين بالخصوصية على حدٍ سواء.
|
||||
|
||||
* مٌتاح في AmneziaVPN عبر جميع المنصات
|
||||
* استهلاك طاقة عادي علي اجهزة المحمول
|
||||
@@ -3330,7 +3330,7 @@ While it offers a blend of security, stability, and speed, it's essential t
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="313"/>
|
||||
<source>Medium or High</source>
|
||||
<source>High</source>
|
||||
<translation>متوسط او عالي</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -589,7 +589,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="384"/>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation>آیا میخواهید OpenVPN از سرور حذف شود؟</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -1986,7 +1986,7 @@ It's okay as long as it's from someone you trust.</source>
|
||||
<name>PageShare</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="116"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>فرمت OpenVPN</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -3234,7 +3234,7 @@ For more detailed information, you can
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="313"/>
|
||||
<source>Medium or High</source>
|
||||
<source>High</source>
|
||||
<translation>متوسط یا بالا</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
3427
client/translations/amneziavpn_hi_IN.ts
Normal file
3427
client/translations/amneziavpn_hi_IN.ts
Normal file
File diff suppressed because it is too large
Load Diff
@@ -589,7 +589,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="384"/>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation>AmneziaWG ကို ဆာဗာမှ ဖယ်ရှားမည်လား?</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -1987,8 +1987,8 @@ It's okay as long as it's from someone you trust.</source>
|
||||
<name>PageShare</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="116"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<translation>OpenVpn မူရင်းဖောမတ်</translation>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>OpenVPN မူရင်းဖောမတ်</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="121"/>
|
||||
@@ -3232,7 +3232,7 @@ For more detailed information, you can
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="313"/>
|
||||
<source>Medium or High</source>
|
||||
<source>High</source>
|
||||
<translation>Medium သို့မဟုတ် High</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -589,8 +589,8 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="384"/>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<translation>Удалить OpenVpn с сервера?</translation>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation>Удалить OpenVPN с сервера?</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="385"/>
|
||||
@@ -1724,6 +1724,14 @@ Already installed containers were found on the server. All installed containers
|
||||
<translation>Добавить импортированные сайты к существующим</translation>
|
||||
</message>
|
||||
</context>
|
||||
<context>
|
||||
<name>PageSettingsAppSplitTunneling</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageSettingsAppSplitTunneling.qml" line="26"/>
|
||||
<source>Cannot change split tunneling settings during active connection</source>
|
||||
<translation>Невозможно изменить настройки раздельного туннелирования при включенном VPN</translation>
|
||||
</message>
|
||||
</context>
|
||||
<context>
|
||||
<name>PageSetupWizardConfigSource</name>
|
||||
<message>
|
||||
@@ -2087,7 +2095,7 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
<name>PageShare</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="116"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>OpenVPN нативный формат</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -2876,7 +2884,23 @@ If there is a extreme level of Internet censorship in your region, we advise you
|
||||
* Not recognised by DPI analysis systems
|
||||
* Works over TCP network protocol, 443 port.
|
||||
</source>
|
||||
<translation type="unfinished"></translation>
|
||||
<translation>Это связка протокола OpenVPN и плагина Cloak, разработанная специально для защиты от блокировки.
|
||||
|
||||
OpenVPN обеспечивает безопасное VPN-соединение, шифруя весь интернет-трафик между клиентом и сервером.
|
||||
|
||||
Cloak защищает OpenVPN от обнаружения и блокировки.
|
||||
|
||||
Cloak изменяет метаданные пакетов таким образом, что полностью маскирует VPN-трафик под обычный веб-трафик, а также защищает VPN от обнаружения с помощью Active Probing. Это делает его очень защищенным от обнаружения
|
||||
|
||||
Сразу после получения первого пакета данных Cloak устанавливает подлинность входящего соединения. Если аутентификация не проходит, плагин маскирует сервер под фальшивый сайт, и ваш VPN становится невидимым для систем анализа.
|
||||
|
||||
Если в вашем регионе наблюдается жесткая интернет-цензура, мы советуем вам уже при первом подключении использовать только OpenVPN через Cloak.
|
||||
|
||||
* Доступен в AmneziaVPN на всех платформах
|
||||
* Высокое энергопотребление на мобильных устройствах
|
||||
* Гибкие настройки
|
||||
* Не распознается системами DPI-анализа
|
||||
* Работает по сетевому протоколу TCP, порт 443.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="174"/>
|
||||
@@ -2889,7 +2913,15 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures.
|
||||
* Minimum number of settings
|
||||
* Easily recognised by DPI analysis systems, susceptible to blocking
|
||||
* Works over UDP network protocol.</source>
|
||||
<translation type="unfinished"></translation>
|
||||
<translation>Относительно новый и популярный VPN-протокол с простой архитектурой.
|
||||
WireGuard обеспечивает стабильное VPN-соединение и высокую производительность на всех устройствах. Он использует строго заданные настройки шифрования. WireGuard по сравнению с OpenVPN имеет меньшую задержку и лучшую пропускную способность при передаче данных.
|
||||
WireGuard очень уязвим для блокировки из-за характерных сигнатур пакетов. В отличие от некоторых других VPN-протоколов, использующих методы обфускации, последовательные сигнатуры пакетов WireGuard легче идентифицируются и, следовательно, могут блокироваться современными Deep Packet Inspection (DPI) системами и другими инструментами для сетевого мониторинга.
|
||||
|
||||
* Доступен в AmneziaVPN на всех платформах
|
||||
* Низкое энергопотребление
|
||||
* Минимальная конфигурация
|
||||
* Легко распознается системами DPI-анализа, поддается блокировке
|
||||
* Работает по сетевому протоколу UDP</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="203"/>
|
||||
@@ -2950,16 +2982,21 @@ While it offers a blend of security, stability, and speed, it's essential t
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="115"/>
|
||||
<source>XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods.</source>
|
||||
<translation>XRay с REALITY - подойдет для стран с самым высоким уровнем цензуры в Интернете. Маскировка трафика под веб-трафик на уровне TLS и защита от обнаружения активными методами прослушивания.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="121"/>
|
||||
<source>IKEv2 - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS.</source>
|
||||
<translation>IKEv2 Современный стабильный протокол, немного быстрее других восстанавливает соединение после потери сигнала. Имеет нативную поддержку последних версиий Android и iOS.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="118"/>
|
||||
<location filename="../containers/containers_defs.cpp" line="124"/>
|
||||
<source>Deploy a WordPress site on the Tor network in two clicks.</source>
|
||||
<translation>Разверните сайт на WordPress в сети Tor в два клика.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="120"/>
|
||||
<location filename="../containers/containers_defs.cpp" line="126"/>
|
||||
<source>Replace the current DNS server with your own. This will increase your privacy level.</source>
|
||||
<translation>Замените DNS-сервер на Amnezia DNS. Это повысит уровень конфиденциальности.</translation>
|
||||
</message>
|
||||
@@ -2998,6 +3035,17 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for
|
||||
* Настраиваемый протокол шифрования
|
||||
* Обнаруживается некоторыми DPI-системами
|
||||
* Работает по сетевому протоколу TCP.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="203"/>
|
||||
<source>The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion.
|
||||
It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data.
|
||||
This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations.
|
||||
Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship.</source>
|
||||
<translation>Протокол REALITY, новаторская разработка создателей XRay, специально разработан для противодействия самым строгим мерам интернет-цензуры благодаря новому подходу к обходу.
|
||||
Он уникальным образом идентифицирует цензоров на этапе TLS рукопожатия, беспрепятственно работая в качестве прокси для реальных клиентов и перенаправляя цензоров на сайты, такие как google.com, тем самым представляя подлинный TLS сертификат и данные.
|
||||
Эта передовая способность отличает REALITY от аналогичных технологий благодаря способности маскировать веб-трафик так, как будто он поступает со случайных, легитимных сайтов, без необходимости специальной настройки.
|
||||
В отличие от более старых протоколов, таких как VMess, VLESS и XTLS-Vision, технология распознавания REALITY "друг или враг" на этапе рукопожатия TLS повышает надежность и обходит обнаружение сложными системами DPI, которые используют методы активного прослушивания. Это делает REALITY эффективным решением для поддержания свободы интернета в странах с жесткой цензурой.</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="217"/>
|
||||
@@ -3395,8 +3443,8 @@ This means that AmneziaWG keeps the fast performance of the original while addin
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="313"/>
|
||||
<source>Medium or High</source>
|
||||
<translation>Средний или Высокий</translation>
|
||||
<source>High</source>
|
||||
<translation>Высокий</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="314"/>
|
||||
|
||||
@@ -692,7 +692,7 @@ Already installed containers were found on the server. All installed containers
|
||||
<translation type="vanished">Видалити OpenVPN</translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation type="vanished">Видалити OpenVPN з серверу?</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -1176,12 +1176,12 @@ Already installed containers were found on the server. All installed containers
|
||||
<name>PageSettingsAppSplitTunneling</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageSettingsAppSplitTunneling.qml" line="37"/>
|
||||
<source>Only the Apps listed here will be accessed through the VPN</source>
|
||||
<source>Only the apps from the list should have access via VPN</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageSettingsAppSplitTunneling.qml" line="42"/>
|
||||
<source>Apps from the list should not be accessed via VPN</source>
|
||||
<source>Apps from the list should not have access via VPN</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -2301,7 +2301,7 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
<name>PageShare</name>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="125"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>OpenVPN нативний формат</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -3627,8 +3627,8 @@ This means that AmneziaWG keeps the fast performance of the original while addin
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="333"/>
|
||||
<source>Medium or High</source>
|
||||
<translation>Середній або високий</translation>
|
||||
<source>High</source>
|
||||
<translation>Високий</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="334"/>
|
||||
|
||||
3335
client/translations/amneziavpn_ur_PK.ts
Normal file
3335
client/translations/amneziavpn_ur_PK.ts
Normal file
File diff suppressed because it is too large
Load Diff
@@ -611,7 +611,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageProtocolOpenVpnSettings.qml" line="384"/>
|
||||
<source>Remove OpenVpn from server?</source>
|
||||
<source>Remove OpenVPN from server?</source>
|
||||
<translation>从服务器移除OpenVPN吗?</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -2182,7 +2182,7 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../ui/qml/Pages2/PageShare.qml" line="116"/>
|
||||
<source>OpenVpn native format</source>
|
||||
<source>OpenVPN native format</source>
|
||||
<translation>OpenVPN原生格式</translation>
|
||||
</message>
|
||||
<message>
|
||||
@@ -3216,12 +3216,12 @@ While it offers a blend of security, stability, and speed, it's essential t
|
||||
<translation type="vanished">OpenVPN容器</translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Container with OpenVpn and ShadowSocks</source>
|
||||
<translation type="vanished">含 OpenVpn 和 ShadowSocks 的容器</translation>
|
||||
<source>Container with OpenVPN and ShadowSocks</source>
|
||||
<translation type="vanished">含 OpenVPN 和 ShadowSocks 的容器</translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Container with OpenVpn and ShadowSocks protocols configured with traffic masking by Cloak plugin</source>
|
||||
<translation type="vanished">含 OpenVpn 和 ShadowSocks 协议的容器,通过 Cloak 插件配置混淆流量</translation>
|
||||
<source>Container with OpenVPN and ShadowSocks protocols configured with traffic masking by Cloak plugin</source>
|
||||
<translation type="vanished">含 OpenVPN 和 ShadowSocks 协议的容器,通过 Cloak 插件配置混淆流量</translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>WireGuard container</source>
|
||||
@@ -3529,7 +3529,7 @@ While it offers a blend of security, stability, and speed, it's essential t
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../containers/containers_defs.cpp" line="313"/>
|
||||
<source>Medium or High</source>
|
||||
<source>High</source>
|
||||
<translation>中或高</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -29,7 +29,6 @@ void AppSplitTunnelingController::addApp(const QString &appPath)
|
||||
|
||||
void AppSplitTunnelingController::addApps(QVector<QPair<QString, QString>> apps)
|
||||
{
|
||||
qDebug() << apps;
|
||||
for (const auto &app : apps) {
|
||||
InstalledAppInfo appInfo { app.first, app.second, "" };
|
||||
|
||||
|
||||
@@ -14,8 +14,8 @@
|
||||
ConnectionController::ConnectionController(const QSharedPointer<ServersModel> &serversModel,
|
||||
const QSharedPointer<ContainersModel> &containersModel,
|
||||
const QSharedPointer<ClientManagementModel> &clientManagementModel,
|
||||
const QSharedPointer<VpnConnection> &vpnConnection,
|
||||
const std::shared_ptr<Settings> &settings, QObject *parent)
|
||||
const QSharedPointer<VpnConnection> &vpnConnection, const std::shared_ptr<Settings> &settings,
|
||||
QObject *parent)
|
||||
: QObject(parent),
|
||||
m_serversModel(serversModel),
|
||||
m_containersModel(containersModel),
|
||||
@@ -23,12 +23,9 @@ ConnectionController::ConnectionController(const QSharedPointer<ServersModel> &s
|
||||
m_vpnConnection(vpnConnection),
|
||||
m_settings(settings)
|
||||
{
|
||||
connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, this,
|
||||
&ConnectionController::onConnectionStateChanged);
|
||||
connect(this, &ConnectionController::connectToVpn, m_vpnConnection.get(), &VpnConnection::connectToVpn,
|
||||
Qt::QueuedConnection);
|
||||
connect(this, &ConnectionController::disconnectFromVpn, m_vpnConnection.get(), &VpnConnection::disconnectFromVpn,
|
||||
Qt::QueuedConnection);
|
||||
connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, this, &ConnectionController::onConnectionStateChanged);
|
||||
connect(this, &ConnectionController::connectToVpn, m_vpnConnection.get(), &VpnConnection::connectToVpn, Qt::QueuedConnection);
|
||||
connect(this, &ConnectionController::disconnectFromVpn, m_vpnConnection.get(), &VpnConnection::disconnectFromVpn, Qt::QueuedConnection);
|
||||
|
||||
m_state = Vpn::ConnectionState::Disconnected;
|
||||
}
|
||||
@@ -45,7 +42,7 @@ void ConnectionController::openConnection()
|
||||
if (serverConfig.value(config_key::configVersion).toInt()
|
||||
&& !m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) {
|
||||
ApiController apiController;
|
||||
errorCode = apiController.updateServerConfigFromApi(serverConfig);
|
||||
errorCode = apiController.updateServerConfigFromApi(m_settings->getInstallationUuid(true), serverConfig);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit connectionErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -59,8 +56,7 @@ void ConnectionController::openConnection()
|
||||
return;
|
||||
}
|
||||
|
||||
DockerContainer container =
|
||||
qvariant_cast<DockerContainer>(m_serversModel->data(serverIndex, ServersModel::Roles::DefaultContainerRole));
|
||||
DockerContainer container = qvariant_cast<DockerContainer>(m_serversModel->data(serverIndex, ServersModel::Roles::DefaultContainerRole));
|
||||
|
||||
if (!m_containersModel->isSupportedByCurrentPlatform(container)) {
|
||||
emit connectionErrorOccurred(tr("The selected protocol is not supported on the current platform"));
|
||||
@@ -74,11 +70,12 @@ void ConnectionController::openConnection()
|
||||
|
||||
qApp->processEvents();
|
||||
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
|
||||
QJsonObject containerConfig = m_containersModel->getContainerConfig(container);
|
||||
ServerCredentials credentials = m_serversModel->getServerCredentials(serverIndex);
|
||||
errorCode = updateProtocolConfig(container, credentials, containerConfig);
|
||||
errorCode = updateProtocolConfig(container, credentials, containerConfig, serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit connectionErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -87,8 +84,7 @@ void ConnectionController::openConnection()
|
||||
auto dns = m_serversModel->getDnsPair(serverIndex);
|
||||
serverConfig = m_serversModel->getServerConfig(serverIndex);
|
||||
|
||||
auto vpnConfiguration =
|
||||
vpnConfigurationController.createVpnConfiguration(dns, serverConfig, containerConfig, container, errorCode);
|
||||
auto vpnConfiguration = vpnConfigurationController.createVpnConfiguration(dns, serverConfig, containerConfig, container, errorCode);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit connectionErrorOccurred(tr("unable to create configuration"));
|
||||
return;
|
||||
@@ -215,10 +211,8 @@ bool ConnectionController::isConnected() const
|
||||
bool ConnectionController::isProtocolConfigExists(const QJsonObject &containerConfig, const DockerContainer container)
|
||||
{
|
||||
for (Proto protocol : ContainerProps::protocolsForContainer(container)) {
|
||||
QString protocolConfig = containerConfig.value(ProtocolProps::protoToString(protocol))
|
||||
.toObject()
|
||||
.value(config_key::last_config)
|
||||
.toString();
|
||||
QString protocolConfig =
|
||||
containerConfig.value(ProtocolProps::protoToString(protocol)).toObject().value(config_key::last_config).toString();
|
||||
|
||||
if (protocolConfig.isEmpty()) {
|
||||
return false;
|
||||
@@ -227,24 +221,27 @@ bool ConnectionController::isProtocolConfigExists(const QJsonObject &containerCo
|
||||
return true;
|
||||
}
|
||||
|
||||
ErrorCode ConnectionController::updateProtocolConfig(const DockerContainer container,
|
||||
const ServerCredentials &credentials, QJsonObject &containerConfig)
|
||||
ErrorCode ConnectionController::updateProtocolConfig(const DockerContainer container, const ServerCredentials &credentials,
|
||||
QJsonObject &containerConfig, QSharedPointer<ServerController> serverController)
|
||||
{
|
||||
QFutureWatcher<ErrorCode> watcher;
|
||||
|
||||
QFuture<ErrorCode> future = QtConcurrent::run([this, container, &credentials, &containerConfig]() {
|
||||
if (serverController.isNull()) {
|
||||
serverController.reset(new ServerController(m_settings));
|
||||
}
|
||||
|
||||
QFuture<ErrorCode> future = QtConcurrent::run([this, container, &credentials, &containerConfig, &serverController]() {
|
||||
ErrorCode errorCode = ErrorCode::NoError;
|
||||
if (!isProtocolConfigExists(containerConfig, container)) {
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
errorCode =
|
||||
vpnConfigurationController.createProtocolConfigForContainer(credentials, container, containerConfig);
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
errorCode = vpnConfigurationController.createProtocolConfigForContainer(credentials, container, containerConfig);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
m_serversModel->updateContainerConfig(container, containerConfig);
|
||||
|
||||
errorCode = m_clientManagementModel->appendClient(container, credentials, containerConfig,
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()));
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()), serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
|
||||
@@ -16,11 +16,10 @@ public:
|
||||
Q_PROPERTY(bool isConnectionInProgress READ isConnectionInProgress NOTIFY connectionStateChanged)
|
||||
Q_PROPERTY(QString connectionStateText READ connectionStateText NOTIFY connectionStateChanged)
|
||||
|
||||
explicit ConnectionController(const QSharedPointer<ServersModel> &serversModel,
|
||||
const QSharedPointer<ContainersModel> &containersModel,
|
||||
explicit ConnectionController(const QSharedPointer<ServersModel> &serversModel, const QSharedPointer<ContainersModel> &containersModel,
|
||||
const QSharedPointer<ClientManagementModel> &clientManagementModel,
|
||||
const QSharedPointer<VpnConnection> &vpnConnection,
|
||||
const std::shared_ptr<Settings> &settings, QObject *parent = nullptr);
|
||||
const QSharedPointer<VpnConnection> &vpnConnection, const std::shared_ptr<Settings> &settings,
|
||||
QObject *parent = nullptr);
|
||||
|
||||
~ConnectionController() = default;
|
||||
|
||||
@@ -41,12 +40,11 @@ public slots:
|
||||
|
||||
void onTranslationsUpdated();
|
||||
|
||||
ErrorCode updateProtocolConfig(const DockerContainer container, const ServerCredentials &credentials,
|
||||
QJsonObject &containerConfig);
|
||||
ErrorCode updateProtocolConfig(const DockerContainer container, const ServerCredentials &credentials, QJsonObject &containerConfig,
|
||||
QSharedPointer<ServerController> serverController = nullptr);
|
||||
|
||||
signals:
|
||||
void connectToVpn(int serverIndex, const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &vpnConfiguration);
|
||||
void connectToVpn(int serverIndex, const ServerCredentials &credentials, DockerContainer container, const QJsonObject &vpnConfiguration);
|
||||
void disconnectFromVpn();
|
||||
void connectionStateChanged();
|
||||
|
||||
|
||||
@@ -95,10 +95,11 @@ void ExportController::generateConnectionConfig(const QString &clientName)
|
||||
QJsonObject containerConfig = m_containersModel->getContainerConfig(container);
|
||||
containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
|
||||
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
ErrorCode errorCode = vpnConfigurationController.createProtocolConfigForContainer(credentials, container, containerConfig);
|
||||
|
||||
errorCode = m_clientManagementModel->appendClient(container, credentials, containerConfig, clientName);
|
||||
errorCode = m_clientManagementModel->appendClient(container, credentials, containerConfig, clientName, serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit exportErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -138,10 +139,10 @@ ErrorCode ExportController::generateNativeConfig(const DockerContainer container
|
||||
QJsonObject containerConfig = m_containersModel->getContainerConfig(container);
|
||||
containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
|
||||
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
|
||||
QString protocolConfigString;
|
||||
|
||||
ErrorCode errorCode = vpnConfigurationController.createProtocolConfigString(isApiConfig, dns, credentials, container, containerConfig,
|
||||
protocol, protocolConfigString);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
@@ -152,7 +153,7 @@ ErrorCode ExportController::generateNativeConfig(const DockerContainer container
|
||||
|
||||
if (protocol == Proto::OpenVpn || protocol == Proto::WireGuard || protocol == Proto::Awg) {
|
||||
auto clientId = jsonNativeConfig.value(config_key::clientId).toString();
|
||||
errorCode = m_clientManagementModel->appendClient(clientId, clientName, container, credentials);
|
||||
errorCode = m_clientManagementModel->appendClient(clientId, clientName, container, credentials, serverController);
|
||||
}
|
||||
return errorCode;
|
||||
}
|
||||
@@ -316,7 +317,8 @@ void ExportController::exportConfig(const QString &fileName)
|
||||
|
||||
void ExportController::updateClientManagementModel(const DockerContainer container, ServerCredentials credentials)
|
||||
{
|
||||
ErrorCode errorCode = m_clientManagementModel->updateModel(container, credentials);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode = m_clientManagementModel->updateModel(container, credentials, serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit exportErrorOccurred(errorString(errorCode));
|
||||
}
|
||||
@@ -324,7 +326,9 @@ void ExportController::updateClientManagementModel(const DockerContainer contain
|
||||
|
||||
void ExportController::revokeConfig(const int row, const DockerContainer container, ServerCredentials credentials)
|
||||
{
|
||||
ErrorCode errorCode = m_clientManagementModel->revokeClient(row, container, credentials, m_serversModel->getProcessedServerIndex());
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode =
|
||||
m_clientManagementModel->revokeClient(row, container, credentials, m_serversModel->getProcessedServerIndex(), serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit exportErrorOccurred(errorString(errorCode));
|
||||
}
|
||||
@@ -332,7 +336,8 @@ void ExportController::revokeConfig(const int row, const DockerContainer contain
|
||||
|
||||
void ExportController::renameClient(const int row, const QString &clientName, const DockerContainer container, ServerCredentials credentials)
|
||||
{
|
||||
ErrorCode errorCode = m_clientManagementModel->renameClient(row, clientName, container, credentials);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode = m_clientManagementModel->renameClient(row, clientName, container, credentials, serverController);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit exportErrorOccurred(errorString(errorCode));
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
#include <QFile>
|
||||
#include <QFileInfo>
|
||||
#include <QQuickItem>
|
||||
#include <QRandomGenerator>
|
||||
#include <QStandardPaths>
|
||||
|
||||
#include "core/errorstrings.h"
|
||||
@@ -15,15 +16,6 @@
|
||||
|
||||
namespace
|
||||
{
|
||||
enum class ConfigTypes {
|
||||
Amnezia,
|
||||
OpenVpn,
|
||||
WireGuard,
|
||||
Xray,
|
||||
Backup,
|
||||
Invalid
|
||||
};
|
||||
|
||||
ConfigTypes checkConfigFormat(const QString &config)
|
||||
{
|
||||
const QString openVpnConfigPatternCli = "client";
|
||||
@@ -39,19 +31,23 @@ namespace
|
||||
const QString xrayConfigPatternOutbound = "outbounds";
|
||||
|
||||
const QString amneziaConfigPattern = "containers";
|
||||
const QString amneziaConfigPatternHostName = "hostName";
|
||||
const QString amneziaConfigPatternUserName = "userName";
|
||||
const QString amneziaConfigPatternPassword = "password";
|
||||
const QString amneziaFreeConfigPattern = "api_key";
|
||||
const QString backupPattern = "Servers/serversList";
|
||||
|
||||
if (config.contains(backupPattern)) {
|
||||
return ConfigTypes::Backup;
|
||||
} else if (config.contains(amneziaConfigPattern) || config.contains(amneziaFreeConfigPattern)) {
|
||||
} else if (config.contains(amneziaConfigPattern) || config.contains(amneziaFreeConfigPattern)
|
||||
|| (config.contains(amneziaConfigPatternHostName) && config.contains(amneziaConfigPatternUserName)
|
||||
&& config.contains(amneziaConfigPatternPassword))) {
|
||||
return ConfigTypes::Amnezia;
|
||||
} else if (config.contains(openVpnConfigPatternCli)
|
||||
&& (config.contains(openVpnConfigPatternProto1) || config.contains(openVpnConfigPatternProto2))
|
||||
&& (config.contains(openVpnConfigPatternDriver1) || config.contains(openVpnConfigPatternDriver2))) {
|
||||
return ConfigTypes::OpenVpn;
|
||||
} else if (config.contains(wireguardConfigPatternSectionInterface)
|
||||
&& config.contains(wireguardConfigPatternSectionPeer)) {
|
||||
} else if (config.contains(wireguardConfigPatternSectionInterface) && config.contains(wireguardConfigPatternSectionPeer)) {
|
||||
return ConfigTypes::WireGuard;
|
||||
} else if ((config.contains(xrayConfigPatternInbound)) && (config.contains(xrayConfigPatternOutbound))) {
|
||||
return ConfigTypes::Xray;
|
||||
@@ -64,8 +60,7 @@ namespace
|
||||
#endif
|
||||
} // namespace
|
||||
|
||||
ImportController::ImportController(const QSharedPointer<ServersModel> &serversModel,
|
||||
const QSharedPointer<ContainersModel> &containersModel,
|
||||
ImportController::ImportController(const QSharedPointer<ServersModel> &serversModel, const QSharedPointer<ContainersModel> &containersModel,
|
||||
const std::shared_ptr<Settings> &settings, QObject *parent)
|
||||
: QObject(parent), m_serversModel(serversModel), m_containersModel(containersModel), m_settings(settings)
|
||||
{
|
||||
@@ -92,25 +87,29 @@ bool ImportController::extractConfigFromFile(const QString &fileName)
|
||||
bool ImportController::extractConfigFromData(QString data)
|
||||
{
|
||||
QString config = data;
|
||||
auto configFormat = checkConfigFormat(config);
|
||||
if (configFormat == ConfigTypes::Invalid) {
|
||||
m_configType = checkConfigFormat(config);
|
||||
if (m_configType == ConfigTypes::Invalid) {
|
||||
data.replace("vpn://", "");
|
||||
QByteArray ba =
|
||||
QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
|
||||
QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
|
||||
QByteArray ba_uncompressed = qUncompress(ba);
|
||||
if (!ba_uncompressed.isEmpty()) {
|
||||
ba = ba_uncompressed;
|
||||
}
|
||||
|
||||
config = ba;
|
||||
configFormat = checkConfigFormat(config);
|
||||
m_configType = checkConfigFormat(config);
|
||||
}
|
||||
|
||||
switch (configFormat) {
|
||||
switch (m_configType) {
|
||||
case ConfigTypes::OpenVpn: {
|
||||
m_config = extractOpenVpnConfig(config);
|
||||
return m_config.empty() ? false : true;
|
||||
if (!m_config.empty()) {
|
||||
checkForMaliciousStrings(m_config);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
case ConfigTypes::Awg:
|
||||
case ConfigTypes::WireGuard: {
|
||||
m_config = extractWireGuardConfig(config);
|
||||
return m_config.empty() ? false : true;
|
||||
@@ -121,7 +120,11 @@ bool ImportController::extractConfigFromData(QString data)
|
||||
}
|
||||
case ConfigTypes::Amnezia: {
|
||||
m_config = QJsonDocument::fromJson(config.toUtf8()).object();
|
||||
return m_config.empty() ? false : true;
|
||||
if (!m_config.empty()) {
|
||||
checkForMaliciousStrings(m_config);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
case ConfigTypes::Backup: {
|
||||
if (!m_serversModel->getServersCount()) {
|
||||
@@ -166,6 +169,44 @@ QString ImportController::getConfigFileName()
|
||||
return m_configFileName;
|
||||
}
|
||||
|
||||
QString ImportController::getMaliciousWarningText()
|
||||
{
|
||||
return m_maliciousWarningText;
|
||||
}
|
||||
|
||||
bool ImportController::isNativeWireGuardConfig()
|
||||
{
|
||||
return m_configType == ConfigTypes::WireGuard;
|
||||
}
|
||||
|
||||
void ImportController::processNativeWireGuardConfig()
|
||||
{
|
||||
auto containers = m_config.value(config_key::containers).toArray();
|
||||
if (!containers.isEmpty()) {
|
||||
auto container = containers.at(0).toObject();
|
||||
auto containerConfig = container.value(ContainerProps::containerTypeToString(DockerContainer::WireGuard)).toObject();
|
||||
auto protocolConfig = QJsonDocument::fromJson(containerConfig.value(config_key::last_config).toString().toUtf8()).object();
|
||||
|
||||
QString junkPacketCount = QString::number(QRandomGenerator::global()->bounded(3, 10));
|
||||
QString junkPacketMinSize = QString::number(50);
|
||||
QString junkPacketMaxSize = QString::number(1000);
|
||||
protocolConfig[config_key::junkPacketCount] = junkPacketCount;
|
||||
protocolConfig[config_key::junkPacketMinSize] = junkPacketMinSize;
|
||||
protocolConfig[config_key::junkPacketMaxSize] = junkPacketMaxSize;
|
||||
protocolConfig[config_key::initPacketJunkSize] = "0";
|
||||
protocolConfig[config_key::responsePacketJunkSize] = "0";
|
||||
protocolConfig[config_key::initPacketMagicHeader] = "1";
|
||||
protocolConfig[config_key::responsePacketMagicHeader] = "2";
|
||||
protocolConfig[config_key::underloadPacketMagicHeader] = "3";
|
||||
protocolConfig[config_key::transportPacketMagicHeader] = "4";
|
||||
|
||||
containerConfig[config_key::last_config] = QString(QJsonDocument(protocolConfig).toJson());
|
||||
container["wireguard"] = containerConfig;
|
||||
containers.replace(0, container);
|
||||
m_config[config_key::containers] = containers;
|
||||
}
|
||||
}
|
||||
|
||||
void ImportController::importConfig()
|
||||
{
|
||||
ServerCredentials credentials;
|
||||
@@ -195,6 +236,7 @@ void ImportController::importConfig()
|
||||
|
||||
m_config = {};
|
||||
m_configFileName.clear();
|
||||
m_maliciousWarningText.clear();
|
||||
}
|
||||
|
||||
QJsonObject ImportController::extractOpenVpnConfig(const QString &data)
|
||||
@@ -279,8 +321,7 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
|
||||
lastConfig[config_key::hostName] = hostName;
|
||||
lastConfig[config_key::port] = port.toInt();
|
||||
|
||||
if (!configMap.value("PrivateKey").isEmpty() && !configMap.value("Address").isEmpty()
|
||||
&& !configMap.value("PublicKey").isEmpty()) {
|
||||
if (!configMap.value("PrivateKey").isEmpty() && !configMap.value("Address").isEmpty() && !configMap.value("PublicKey").isEmpty()) {
|
||||
lastConfig[config_key::client_priv_key] = configMap.value("PrivateKey");
|
||||
lastConfig[config_key::client_ip] = configMap.value("Address");
|
||||
|
||||
@@ -306,12 +347,9 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
|
||||
lastConfig[config_key::allowed_ips] = allowedIpsJsonArray;
|
||||
|
||||
QString protocolName = "wireguard";
|
||||
if (!configMap.value(config_key::junkPacketCount).isEmpty()
|
||||
&& !configMap.value(config_key::junkPacketMinSize).isEmpty()
|
||||
&& !configMap.value(config_key::junkPacketMaxSize).isEmpty()
|
||||
&& !configMap.value(config_key::initPacketJunkSize).isEmpty()
|
||||
&& !configMap.value(config_key::responsePacketJunkSize).isEmpty()
|
||||
&& !configMap.value(config_key::initPacketMagicHeader).isEmpty()
|
||||
if (!configMap.value(config_key::junkPacketCount).isEmpty() && !configMap.value(config_key::junkPacketMinSize).isEmpty()
|
||||
&& !configMap.value(config_key::junkPacketMaxSize).isEmpty() && !configMap.value(config_key::initPacketJunkSize).isEmpty()
|
||||
&& !configMap.value(config_key::responsePacketJunkSize).isEmpty() && !configMap.value(config_key::initPacketMagicHeader).isEmpty()
|
||||
&& !configMap.value(config_key::responsePacketMagicHeader).isEmpty()
|
||||
&& !configMap.value(config_key::underloadPacketMagicHeader).isEmpty()
|
||||
&& !configMap.value(config_key::transportPacketMagicHeader).isEmpty()) {
|
||||
@@ -325,6 +363,7 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
|
||||
lastConfig[config_key::underloadPacketMagicHeader] = configMap.value(config_key::underloadPacketMagicHeader);
|
||||
lastConfig[config_key::transportPacketMagicHeader] = configMap.value(config_key::transportPacketMagicHeader);
|
||||
protocolName = "awg";
|
||||
m_configType = ConfigTypes::Awg;
|
||||
}
|
||||
|
||||
QJsonObject wireguardConfig;
|
||||
@@ -501,3 +540,43 @@ QString ImportController::getQrCodeScanProgressString()
|
||||
return tr("Scanned %1 of %2.").arg(m_receivedQrCodeChunksCount).arg(m_totalQrCodeChunksCount);
|
||||
}
|
||||
#endif
|
||||
|
||||
void ImportController::checkForMaliciousStrings(const QJsonObject &serverConfig)
|
||||
{
|
||||
const QJsonArray &containers = serverConfig[config_key::containers].toArray();
|
||||
for (const QJsonValue &container : containers) {
|
||||
auto containerConfig = container.toObject();
|
||||
auto containerName = containerConfig[config_key::container].toString();
|
||||
if ((containerName == ContainerProps::containerToString(DockerContainer::OpenVpn))
|
||||
|| (containerName == ContainerProps::containerToString(DockerContainer::Cloak))
|
||||
|| (containerName == ContainerProps::containerToString(DockerContainer::ShadowSocks))) {
|
||||
QString protocolConfig =
|
||||
containerConfig[ProtocolProps::protoToString(Proto::OpenVpn)].toObject()[config_key::last_config].toString();
|
||||
QString protocolConfigJson = QJsonDocument::fromJson(protocolConfig.toUtf8()).object()[config_key::config].toString();
|
||||
|
||||
const QRegularExpression regExp { "(\\w+-\\w+|\\w+)" };
|
||||
const size_t dangerousTagsMaxCount = 3;
|
||||
|
||||
// https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/script-options.rst
|
||||
QStringList dangerousTags {
|
||||
"up", "tls-verify", "ipchange", "client-connect", "route-up", "route-pre-down", "client-disconnect", "down", "learn-address", "auth-user-pass-verify"
|
||||
};
|
||||
|
||||
QStringList maliciousStrings;
|
||||
QStringList lines = protocolConfigJson.replace("\r", "").split("\n");
|
||||
for (const QString &l : lines) {
|
||||
QRegularExpressionMatch match = regExp.match(l);
|
||||
if (dangerousTags.contains(match.captured(0))) {
|
||||
maliciousStrings << l;
|
||||
}
|
||||
}
|
||||
|
||||
if (maliciousStrings.size() >= dangerousTagsMaxCount) {
|
||||
m_maliciousWarningText = tr("In the imported configuration, potentially dangerous lines were found:");
|
||||
for (const auto &string : maliciousStrings) {
|
||||
m_maliciousWarningText.push_back(QString("<br><i>%1</i>").arg(string));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,11 +3,22 @@
|
||||
|
||||
#include <QObject>
|
||||
|
||||
#include "containers/containers_defs.h"
|
||||
#include "core/defs.h"
|
||||
#include "ui/models/containers_model.h"
|
||||
#include "ui/models/servers_model.h"
|
||||
|
||||
namespace
|
||||
{
|
||||
enum class ConfigTypes {
|
||||
Amnezia,
|
||||
OpenVpn,
|
||||
WireGuard,
|
||||
Awg,
|
||||
Xray,
|
||||
Backup,
|
||||
Invalid
|
||||
};
|
||||
}
|
||||
|
||||
class ImportController : public QObject
|
||||
{
|
||||
Q_OBJECT
|
||||
@@ -23,6 +34,7 @@ public slots:
|
||||
bool extractConfigFromQr(const QByteArray &data);
|
||||
QString getConfig();
|
||||
QString getConfigFileName();
|
||||
QString getMaliciousWarningText();
|
||||
|
||||
#if defined Q_OS_ANDROID || defined Q_OS_IOS
|
||||
void startDecodingQr();
|
||||
@@ -36,6 +48,9 @@ public slots:
|
||||
static bool decodeQrCode(const QString &code);
|
||||
#endif
|
||||
|
||||
bool isNativeWireGuardConfig();
|
||||
void processNativeWireGuardConfig();
|
||||
|
||||
signals:
|
||||
void importFinished();
|
||||
void importErrorOccurred(const QString &errorMessage, bool goToPageHome);
|
||||
@@ -49,6 +64,8 @@ private:
|
||||
QJsonObject extractWireGuardConfig(const QString &data);
|
||||
QJsonObject extractXrayConfig(const QString &data);
|
||||
|
||||
void checkForMaliciousStrings(const QJsonObject &protocolConfig);
|
||||
|
||||
#if defined Q_OS_ANDROID || defined Q_OS_IOS
|
||||
void stopDecodingQr();
|
||||
#endif
|
||||
@@ -59,6 +76,8 @@ private:
|
||||
|
||||
QJsonObject m_config;
|
||||
QString m_configFileName;
|
||||
ConfigTypes m_configType;
|
||||
QString m_maliciousWarningText;
|
||||
|
||||
#if defined Q_OS_ANDROID || defined Q_OS_IOS
|
||||
QMap<int, QByteArray> m_qrCodeChunks;
|
||||
|
||||
@@ -10,11 +10,15 @@
|
||||
#include "core/controllers/serverController.h"
|
||||
#include "core/controllers/vpnConfigurationController.h"
|
||||
#include "core/errorstrings.h"
|
||||
#include "logger.h"
|
||||
#include "core/networkUtilities.h"
|
||||
#include "utilities.h"
|
||||
#include "logger.h"
|
||||
#include "ui/models/protocols/awgConfigModel.h"
|
||||
#include "ui/models/protocols/wireguardConfigModel.h"
|
||||
#include "utilities.h"
|
||||
|
||||
#ifdef Q_OS_IOS
|
||||
#include <AmneziaVPN-Swift.h>
|
||||
#endif
|
||||
|
||||
namespace
|
||||
{
|
||||
@@ -85,14 +89,20 @@ void InstallController::install(DockerContainer container, int port, TransportPr
|
||||
QString junkPacketCount = QString::number(QRandomGenerator::global()->bounded(3, 10));
|
||||
QString junkPacketMinSize = QString::number(50);
|
||||
QString junkPacketMaxSize = QString::number(1000);
|
||||
QString initPacketJunkSize = QString::number(QRandomGenerator::global()->bounded(15, 150));
|
||||
QString responsePacketJunkSize = QString::number(QRandomGenerator::global()->bounded(15, 150));
|
||||
|
||||
int s1 = QRandomGenerator::global()->bounded(15, 150);
|
||||
int s2 = QRandomGenerator::global()->bounded(15, 150);
|
||||
while (s1 + AwgConstant::messageInitiationSize == s2 + AwgConstant::messageResponseSize) {
|
||||
s2 = QRandomGenerator::global()->bounded(15, 150);
|
||||
}
|
||||
|
||||
QString initPacketJunkSize = QString::number(s1);
|
||||
QString responsePacketJunkSize = QString::number(s2);
|
||||
|
||||
QSet<QString> headersValue;
|
||||
while (headersValue.size() != 4) {
|
||||
|
||||
auto max = (std::numeric_limits<qint32>::max)();
|
||||
headersValue.insert(QString::number(QRandomGenerator::global()->bounded(1, max)));
|
||||
headersValue.insert(QString::number(QRandomGenerator::global()->bounded(5, max)));
|
||||
}
|
||||
|
||||
auto headersValueList = headersValue.values();
|
||||
@@ -132,12 +142,12 @@ void InstallController::install(DockerContainer container, int port, TransportPr
|
||||
serverCredentials = qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
|
||||
}
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
connect(&serverController, &ServerController::serverIsBusy, this, &InstallController::serverIsBusy);
|
||||
connect(this, &InstallController::cancelInstallation, &serverController, &ServerController::cancelInstallation);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
connect(serverController.get(), &ServerController::serverIsBusy, this, &InstallController::serverIsBusy);
|
||||
connect(this, &InstallController::cancelInstallation, serverController.get(), &ServerController::cancelInstallation);
|
||||
|
||||
QMap<DockerContainer, QJsonObject> installedContainers;
|
||||
ErrorCode errorCode = getAlreadyInstalledContainers(serverCredentials, installedContainers);
|
||||
ErrorCode errorCode = getAlreadyInstalledContainers(serverCredentials, serverController, installedContainers);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -146,7 +156,7 @@ void InstallController::install(DockerContainer container, int port, TransportPr
|
||||
QString finishMessage = "";
|
||||
|
||||
if (!installedContainers.contains(container)) {
|
||||
errorCode = serverController.setupContainer(serverCredentials, container, config);
|
||||
errorCode = serverController->setupContainer(serverCredentials, container, config);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -164,14 +174,15 @@ void InstallController::install(DockerContainer container, int port, TransportPr
|
||||
}
|
||||
|
||||
if (m_shouldCreateServer) {
|
||||
installServer(container, installedContainers, serverCredentials, finishMessage);
|
||||
installServer(container, installedContainers, serverCredentials, serverController, finishMessage);
|
||||
} else {
|
||||
installContainer(container, installedContainers, serverCredentials, finishMessage);
|
||||
installContainer(container, installedContainers, serverCredentials, serverController, finishMessage);
|
||||
}
|
||||
}
|
||||
|
||||
void InstallController::installServer(const DockerContainer container, const QMap<DockerContainer, QJsonObject> &installedContainers,
|
||||
const ServerCredentials &serverCredentials, QString &finishMessage)
|
||||
const ServerCredentials &serverCredentials, const QSharedPointer<ServerController> &serverController,
|
||||
QString &finishMessage)
|
||||
{
|
||||
if (installedContainers.size() > 1) {
|
||||
finishMessage += tr("\nAdded containers that were already installed on the server");
|
||||
@@ -185,13 +196,13 @@ void InstallController::installServer(const DockerContainer container, const QMa
|
||||
server.insert(config_key::description, m_settings->nextAvailableServerName());
|
||||
|
||||
QJsonArray containerConfigs;
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
for (auto iterator = installedContainers.begin(); iterator != installedContainers.end(); iterator++) {
|
||||
auto containerConfig = iterator.value();
|
||||
|
||||
if (ContainerProps::isSupportedByCurrentPlatform(container)) {
|
||||
auto errorCode =
|
||||
vpnConfigurationController.createProtocolConfigForContainer(m_processedServerCredentials, iterator.key(), containerConfig);
|
||||
auto errorCode = vpnConfigurationController.createProtocolConfigForContainer(m_processedServerCredentials, iterator.key(),
|
||||
containerConfig);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -199,7 +210,7 @@ void InstallController::installServer(const DockerContainer container, const QMa
|
||||
containerConfigs.append(containerConfig);
|
||||
|
||||
errorCode = m_clientManagementModel->appendClient(iterator.key(), serverCredentials, containerConfig,
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()));
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()), serverController);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -218,18 +229,20 @@ void InstallController::installServer(const DockerContainer container, const QMa
|
||||
}
|
||||
|
||||
void InstallController::installContainer(const DockerContainer container, const QMap<DockerContainer, QJsonObject> &installedContainers,
|
||||
const ServerCredentials &serverCredentials, QString &finishMessage)
|
||||
const ServerCredentials &serverCredentials,
|
||||
const QSharedPointer<ServerController> &serverController, QString &finishMessage)
|
||||
{
|
||||
bool isInstalledContainerAddedToGui = false;
|
||||
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
for (auto iterator = installedContainers.begin(); iterator != installedContainers.end(); iterator++) {
|
||||
QJsonObject containerConfig = m_containersModel->getContainerConfig(iterator.key());
|
||||
if (containerConfig.isEmpty()) {
|
||||
containerConfig = iterator.value();
|
||||
|
||||
if (ContainerProps::isSupportedByCurrentPlatform(container)) {
|
||||
auto errorCode = vpnConfigurationController.createProtocolConfigForContainer(serverCredentials, iterator.key(), containerConfig);
|
||||
auto errorCode =
|
||||
vpnConfigurationController.createProtocolConfigForContainer(serverCredentials, iterator.key(), containerConfig);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -237,7 +250,7 @@ void InstallController::installContainer(const DockerContainer container, const
|
||||
m_serversModel->addContainerConfig(iterator.key(), containerConfig);
|
||||
|
||||
errorCode = m_clientManagementModel->appendClient(iterator.key(), serverCredentials, containerConfig,
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()));
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()), serverController);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -279,14 +292,13 @@ void InstallController::scanServerForInstalledContainers()
|
||||
ServerCredentials serverCredentials =
|
||||
qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
|
||||
QMap<DockerContainer, QJsonObject> installedContainers;
|
||||
ErrorCode errorCode = getAlreadyInstalledContainers(serverCredentials, installedContainers);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode = getAlreadyInstalledContainers(serverCredentials, serverController, installedContainers);
|
||||
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
bool isInstalledContainerAddedToGui = false;
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings);
|
||||
VpnConfigurationsController vpnConfigurationController(m_settings, serverController);
|
||||
|
||||
for (auto iterator = installedContainers.begin(); iterator != installedContainers.end(); iterator++) {
|
||||
auto container = iterator.key();
|
||||
@@ -304,7 +316,8 @@ void InstallController::scanServerForInstalledContainers()
|
||||
m_serversModel->addContainerConfig(container, containerConfig);
|
||||
|
||||
errorCode = m_clientManagementModel->appendClient(container, serverCredentials, containerConfig,
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()));
|
||||
QString("Admin [%1]").arg(QSysInfo::prettyProductName()),
|
||||
serverController);
|
||||
if (errorCode) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
return;
|
||||
@@ -325,6 +338,7 @@ void InstallController::scanServerForInstalledContainers()
|
||||
}
|
||||
|
||||
ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentials &credentials,
|
||||
const QSharedPointer<ServerController> &serverController,
|
||||
QMap<DockerContainer, QJsonObject> &installedContainers)
|
||||
{
|
||||
QString stdOut;
|
||||
@@ -337,10 +351,9 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia
|
||||
return ErrorCode::NoError;
|
||||
};
|
||||
|
||||
ServerController serverController(m_settings);
|
||||
QString script = QString("sudo docker ps --format '{{.Names}} {{.Ports}}'");
|
||||
|
||||
ErrorCode errorCode = serverController.runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
ErrorCode errorCode = serverController->runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
@@ -367,8 +380,8 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia
|
||||
containerConfig.insert(config_key::transport_proto, transportProto);
|
||||
|
||||
if (protocol == Proto::Awg) {
|
||||
QString serverConfig = serverController.getTextFileFromContainer(container, credentials,
|
||||
protocols::awg::serverConfigPath, errorCode);
|
||||
QString serverConfig = serverController->getTextFileFromContainer(container, credentials,
|
||||
protocols::awg::serverConfigPath, errorCode);
|
||||
|
||||
QMap<QString, QString> serverConfigMap;
|
||||
auto serverConfigLines = serverConfig.split("\n");
|
||||
@@ -399,7 +412,7 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia
|
||||
stdOut.clear();
|
||||
script = QString("sudo docker inspect --format '{{.Config.Cmd}}' %1").arg(name);
|
||||
|
||||
ErrorCode errorCode = serverController.runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
ErrorCode errorCode = serverController->runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
@@ -443,7 +456,7 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia
|
||||
stdOut.clear();
|
||||
script = QString("sudo docker exec -i %1 sh -c 'cat /var/lib/tor/hidden_service/hostname'").arg(name);
|
||||
|
||||
ErrorCode errorCode = serverController.runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
ErrorCode errorCode = serverController->runScript(credentials, script, cbReadStdOut, cbReadStdErr);
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
return errorCode;
|
||||
}
|
||||
@@ -480,12 +493,12 @@ void InstallController::updateContainer(QJsonObject config)
|
||||
ErrorCode errorCode = ErrorCode::NoError;
|
||||
|
||||
if (isUpdateDockerContainerRequired(container, oldContainerConfig, config)) {
|
||||
ServerController serverController(m_settings);
|
||||
connect(&serverController, &ServerController::serverIsBusy, this, &InstallController::serverIsBusy);
|
||||
connect(this, &InstallController::cancelInstallation, &serverController, &ServerController::cancelInstallation);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
connect(serverController.get(), &ServerController::serverIsBusy, this, &InstallController::serverIsBusy);
|
||||
connect(this, &InstallController::cancelInstallation, serverController.get(), &ServerController::cancelInstallation);
|
||||
|
||||
errorCode = serverController.updateContainer(serverCredentials, container, oldContainerConfig, config);
|
||||
clearCachedProfile();
|
||||
errorCode = serverController->updateContainer(serverCredentials, container, oldContainerConfig, config);
|
||||
clearCachedProfile(serverController);
|
||||
}
|
||||
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
@@ -510,8 +523,13 @@ void InstallController::rebootProcessedServer()
|
||||
int serverIndex = m_serversModel->getProcessedServerIndex();
|
||||
QString serverName = m_serversModel->data(serverIndex, ServersModel::Roles::NameRole).toString();
|
||||
|
||||
m_serversModel->rebootServer();
|
||||
emit rebootProcessedServerFinished(tr("Server '%1' was rebooted").arg(serverName));
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
const auto errorCode = m_serversModel->rebootServer(serverController);
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
emit rebootProcessedServerFinished(tr("Server '%1' was rebooted").arg(serverName));
|
||||
} else {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
}
|
||||
}
|
||||
|
||||
void InstallController::removeProcessedServer()
|
||||
@@ -528,7 +546,8 @@ void InstallController::removeAllContainers()
|
||||
int serverIndex = m_serversModel->getProcessedServerIndex();
|
||||
QString serverName = m_serversModel->data(serverIndex, ServersModel::Roles::NameRole).toString();
|
||||
|
||||
ErrorCode errorCode = m_serversModel->removeAllContainers();
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode = m_serversModel->removeAllContainers(serverController);
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
emit removeAllContainersFinished(tr("All containers from server '%1' have been removed").arg(serverName));
|
||||
return;
|
||||
@@ -544,7 +563,8 @@ void InstallController::removeProcessedContainer()
|
||||
int container = m_containersModel->getProcessedContainerIndex();
|
||||
QString containerName = m_containersModel->getProcessedContainerName();
|
||||
|
||||
ErrorCode errorCode = m_serversModel->removeContainer(container);
|
||||
QSharedPointer<ServerController> serverController(new ServerController(m_settings));
|
||||
ErrorCode errorCode = m_serversModel->removeContainer(serverController, container);
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
|
||||
emit removeProcessedContainerFinished(tr("%1 has been removed from the server '%2'").arg(containerName, serverName));
|
||||
@@ -553,9 +573,18 @@ void InstallController::removeProcessedContainer()
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
}
|
||||
|
||||
void InstallController::removeApiConfig()
|
||||
void InstallController::removeApiConfig(const int serverIndex)
|
||||
{
|
||||
auto serverConfig = m_serversModel->getServerConfig(m_serversModel->getDefaultServerIndex());
|
||||
auto serverConfig = m_serversModel->getServerConfig(serverIndex);
|
||||
|
||||
#ifdef Q_OS_IOS
|
||||
QString vpncName = QString("%1 (%2) %3")
|
||||
.arg(serverConfig[config_key::description].toString())
|
||||
.arg(serverConfig[config_key::hostName].toString())
|
||||
.arg(serverConfig[config_key::vpnproto].toString());
|
||||
|
||||
AmneziaVPN::removeVPNC(vpncName.toStdString());
|
||||
#endif
|
||||
|
||||
serverConfig.remove(config_key::dns1);
|
||||
serverConfig.remove(config_key::dns2);
|
||||
@@ -564,11 +593,15 @@ void InstallController::removeApiConfig()
|
||||
|
||||
serverConfig.insert(config_key::defaultContainer, ContainerProps::containerToString(DockerContainer::None));
|
||||
|
||||
m_serversModel->editServer(serverConfig, m_serversModel->getDefaultServerIndex());
|
||||
m_serversModel->editServer(serverConfig, serverIndex);
|
||||
}
|
||||
|
||||
void InstallController::clearCachedProfile()
|
||||
void InstallController::clearCachedProfile(QSharedPointer<ServerController> serverController)
|
||||
{
|
||||
if (serverController.isNull()) {
|
||||
serverController.reset(new ServerController(m_settings));
|
||||
}
|
||||
|
||||
int serverIndex = m_serversModel->getProcessedServerIndex();
|
||||
DockerContainer container = static_cast<DockerContainer>(m_containersModel->getProcessedContainerIndex());
|
||||
QJsonObject containerConfig = m_containersModel->getContainerConfig(container);
|
||||
@@ -576,7 +609,7 @@ void InstallController::clearCachedProfile()
|
||||
qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
|
||||
|
||||
m_serversModel->clearCachedProfile(container);
|
||||
m_clientManagementModel->revokeClient(containerConfig, container, serverCredentials, serverIndex);
|
||||
m_clientManagementModel->revokeClient(containerConfig, container, serverCredentials, serverIndex, serverController);
|
||||
|
||||
emit cachedProfileCleared(tr("%1 cached profile cleared").arg(ContainerProps::containerHumanNames().value(container)));
|
||||
}
|
||||
@@ -678,13 +711,15 @@ void InstallController::mountSftpDrive(const QString &port, const QString &passw
|
||||
process->write((password + "\n").toUtf8());
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
}
|
||||
|
||||
bool InstallController::checkSshConnection()
|
||||
bool InstallController::checkSshConnection(QSharedPointer<ServerController> serverController)
|
||||
{
|
||||
ServerController serverController(m_settings);
|
||||
if (serverController.isNull()) {
|
||||
serverController.reset(new ServerController(m_settings));
|
||||
}
|
||||
|
||||
ErrorCode errorCode = ErrorCode::NoError;
|
||||
m_privateKeyPassphrase = "";
|
||||
|
||||
@@ -699,7 +734,7 @@ bool InstallController::checkSshConnection()
|
||||
};
|
||||
|
||||
QString decryptedPrivateKey;
|
||||
errorCode = serverController.getDecryptedPrivateKey(m_processedServerCredentials, decryptedPrivateKey, passphraseCallback);
|
||||
errorCode = serverController->getDecryptedPrivateKey(m_processedServerCredentials, decryptedPrivateKey, passphraseCallback);
|
||||
if (errorCode == ErrorCode::NoError) {
|
||||
m_processedServerCredentials.secretData = decryptedPrivateKey;
|
||||
} else {
|
||||
@@ -709,7 +744,7 @@ bool InstallController::checkSshConnection()
|
||||
}
|
||||
|
||||
QString output;
|
||||
output = serverController.checkSshConnection(m_processedServerCredentials, errorCode);
|
||||
output = serverController->checkSshConnection(m_processedServerCredentials, errorCode);
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
emit installationErrorOccurred(errorString(errorCode));
|
||||
@@ -746,7 +781,8 @@ void InstallController::addEmptyServer()
|
||||
emit installServerFinished(tr("Server added successfully"));
|
||||
}
|
||||
|
||||
bool InstallController::isUpdateDockerContainerRequired(const DockerContainer container, const QJsonObject &oldConfig, const QJsonObject &newConfig)
|
||||
bool InstallController::isUpdateDockerContainerRequired(const DockerContainer container, const QJsonObject &oldConfig,
|
||||
const QJsonObject &newConfig)
|
||||
{
|
||||
Proto mainProto = ContainerProps::defaultProtocol(container);
|
||||
|
||||
|
||||
@@ -35,16 +35,16 @@ public slots:
|
||||
void removeAllContainers();
|
||||
void removeProcessedContainer();
|
||||
|
||||
void removeApiConfig();
|
||||
void removeApiConfig(const int serverIndex);
|
||||
|
||||
void clearCachedProfile();
|
||||
void clearCachedProfile(QSharedPointer<ServerController> serverController = nullptr);
|
||||
|
||||
QRegularExpression ipAddressPortRegExp();
|
||||
QRegularExpression ipAddressRegExp();
|
||||
|
||||
void mountSftpDrive(const QString &port, const QString &password, const QString &username);
|
||||
|
||||
bool checkSshConnection();
|
||||
bool checkSshConnection(QSharedPointer<ServerController> serverController = nullptr);
|
||||
|
||||
void setEncryptedPassphrase(QString passphrase);
|
||||
|
||||
@@ -79,12 +79,15 @@ signals:
|
||||
|
||||
private:
|
||||
void installServer(const DockerContainer container, const QMap<DockerContainer, QJsonObject> &installedContainers,
|
||||
const ServerCredentials &serverCredentials, QString &finishMessage);
|
||||
const ServerCredentials &serverCredentials, const QSharedPointer<ServerController> &serverController,
|
||||
QString &finishMessage);
|
||||
void installContainer(const DockerContainer container, const QMap<DockerContainer, QJsonObject> &installedContainers,
|
||||
const ServerCredentials &serverCredentials, QString &finishMessage);
|
||||
const ServerCredentials &serverCredentials, const QSharedPointer<ServerController> &serverController,
|
||||
QString &finishMessage);
|
||||
bool isServerAlreadyExists();
|
||||
|
||||
ErrorCode getAlreadyInstalledContainers(const ServerCredentials &credentials, QMap<DockerContainer, QJsonObject> &installedContainers);
|
||||
ErrorCode getAlreadyInstalledContainers(const ServerCredentials &credentials, const QSharedPointer<ServerController> &serverController,
|
||||
QMap<DockerContainer, QJsonObject> &installedContainers);
|
||||
bool isUpdateDockerContainerRequired(const DockerContainer container, const QJsonObject &oldConfig, const QJsonObject &newConfig);
|
||||
|
||||
QSharedPointer<ServersModel> m_serversModel;
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user