mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-06-16 15:23:03 +03:00
Compare commits
12 Commits
bugfix/ips
...
checking_s
| Author | SHA1 | Date | |
|---|---|---|---|
|
464aa4ceae | ||
|
|
db83555a03 | ||
|
|
7b2a4ea922 | ||
|
|
795ccaa080 | ||
|
|
ce4cb28e74 | ||
|
|
c9423dd9af | ||
|
|
055c8f7b66 | ||
|
|
2b85dafa15 | ||
|
|
45fb4b0982 | ||
|
|
62497024f9 | ||
|
|
076b076cd9 | ||
|
|
85fa1ad8b1 |
@@ -757,10 +757,6 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
|
||||
|
||||
ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, DockerContainer container)
|
||||
{
|
||||
if (credentials.userName == "root") {
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
|
||||
QString stdOut;
|
||||
auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
|
||||
stdOut += data + "\n";
|
||||
@@ -774,8 +770,14 @@ ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, D
|
||||
const QString scriptData = amnezia::scriptData(SharedScriptType::check_user_in_sudo);
|
||||
ErrorCode error = runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr);
|
||||
|
||||
if (!stdOut.contains("sudo"))
|
||||
if (credentials.userName != "root" && !stdOut.contains("sudo") && !stdOut.contains("wheel"))
|
||||
return ErrorCode::ServerUserNotInSudo;
|
||||
if (credentials.userName != "root" && stdOut.contains("sudo:") && !stdOut.contains("uname:") && stdOut.contains("not found"))
|
||||
return ErrorCode::SudoPackageIsNotPreinstalled;
|
||||
if (stdOut.contains("sudoers"))
|
||||
return ErrorCode::ServerUserNotAllowedInSudoers;
|
||||
if (stdOut.contains("password is required"))
|
||||
return ErrorCode::ServerUserPasswordRequired;
|
||||
|
||||
return error;
|
||||
}
|
||||
|
||||
@@ -56,6 +56,9 @@ namespace amnezia
|
||||
ServerCancelInstallation = 204,
|
||||
ServerUserNotInSudo = 205,
|
||||
ServerPacketManagerError = 206,
|
||||
SudoPackageIsNotPreinstalled = 207,
|
||||
ServerUserNotAllowedInSudoers = 208,
|
||||
ServerUserPasswordRequired = 209,
|
||||
|
||||
// Ssh connection errors
|
||||
SshRequestDeniedError = 300,
|
||||
|
||||
@@ -19,8 +19,11 @@ QString errorString(ErrorCode code) {
|
||||
case(ErrorCode::ServerContainerMissingError): errorMessage = QObject::tr("Server error: Docker container missing"); break;
|
||||
case(ErrorCode::ServerDockerFailedError): errorMessage = QObject::tr("Server error: Docker failed"); break;
|
||||
case(ErrorCode::ServerCancelInstallation): errorMessage = QObject::tr("Installation canceled by user"); break;
|
||||
case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user does not have permission to use sudo"); break;
|
||||
case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Packet manager error"); break;
|
||||
case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user is not a member of the sudo group"); break;
|
||||
case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Package manager error"); break;
|
||||
case(ErrorCode::SudoPackageIsNotPreinstalled): errorMessage = QObject::tr("The sudo package is not pre-installed"); break;
|
||||
case(ErrorCode::ServerUserNotAllowedInSudoers): errorMessage = QObject::tr("Action not allowed in sudoers"); break;
|
||||
case(ErrorCode::ServerUserPasswordRequired): errorMessage = QObject::tr("The user's password is required"); break;
|
||||
|
||||
// Libssh errors
|
||||
case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break;
|
||||
|
||||
@@ -238,7 +238,7 @@ ErrorCode Ikev2Protocol::start()
|
||||
"-CipherTransformConstants GCMAES128 "
|
||||
"-EncryptionMethod AES256 "
|
||||
"-IntegrityCheckMethod SHA256 "
|
||||
"-PfsGroup PFS2048 "
|
||||
"-PfsGroup None "
|
||||
"-DHGroup Group14 "
|
||||
"-PassThru -Force\"")
|
||||
.arg(tunnelName());
|
||||
|
||||
@@ -15,12 +15,6 @@
|
||||
|
||||
using namespace QKeychain;
|
||||
|
||||
namespace {
|
||||
constexpr const char *settingsKeyTag = "settingsKeyTag";
|
||||
constexpr const char *settingsIvTag = "settingsIvTag";
|
||||
constexpr const char *keyChainName = "AmneziaVPN-Keychain";
|
||||
}
|
||||
|
||||
SecureQSettings::SecureQSettings(const QString &organization, const QString &application, QObject *parent)
|
||||
: QObject { parent }, m_settings(organization, application, parent), encryptedKeys({ "Servers/serversList" })
|
||||
{
|
||||
@@ -55,7 +49,7 @@ QVariant SecureQSettings::value(const QString &key, const QVariant &defaultValue
|
||||
// check if value is not encrypted, v. < 2.0.x
|
||||
retVal = m_settings.value(key);
|
||||
if (retVal.isValid()) {
|
||||
if (retVal.userType() == QMetaType::QByteArray && retVal.toByteArray().mid(0, magicString.size()) == magicString) {
|
||||
if (retVal.userType() == QVariant::ByteArray && retVal.toByteArray().mid(0, magicString.size()) == magicString) {
|
||||
|
||||
if (getEncKey().isEmpty() || getEncIv().isEmpty()) {
|
||||
qCritical() << "SecureQSettings::setValue Decryption requested, but key is empty";
|
||||
|
||||
@@ -8,6 +8,10 @@
|
||||
|
||||
#include "keychain.h"
|
||||
|
||||
constexpr const char *settingsKeyTag = "settingsKeyTag";
|
||||
constexpr const char *settingsIvTag = "settingsIvTag";
|
||||
constexpr const char *keyChainName = "AmneziaVPN-Keychain";
|
||||
|
||||
class SecureQSettings : public QObject
|
||||
{
|
||||
Q_OBJECT
|
||||
@@ -40,7 +44,7 @@ public:
|
||||
private:
|
||||
QSettings m_settings;
|
||||
|
||||
mutable QHash<QString, QVariant> m_cache;
|
||||
mutable QMap<QString, QVariant> m_cache;
|
||||
|
||||
QStringList encryptedKeys; // encode only key listed here
|
||||
// only this fields need for backup
|
||||
|
||||
@@ -1,2 +1,11 @@
|
||||
CUR_USER=$(whoami);\
|
||||
groups $CUR_USER
|
||||
if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); opt="--version";\
|
||||
elif which dnf > /dev/null 2>&1; then pm=$(which dnf); opt="--version";\
|
||||
elif which yum > /dev/null 2>&1; then pm=$(which yum); opt="--version";\
|
||||
elif which pacman > /dev/null 2>&1; then pm=$(which pacman); opt="--version";\
|
||||
else pm="uname"; opt="-a";\
|
||||
fi;\
|
||||
CUR_USER=$(whoami 2> /dev/null || echo ~ | sed 's/.*\///');\
|
||||
echo $LANG | grep -qE '^(en_US.UTF-8|C.UTF-8|C)$' || export LC_ALL=C;\
|
||||
if [ "$CUR_USER" = "root" ] || ( groups "$CUR_USER" | grep -E '\<(sudo|wheel)\>' ); then \
|
||||
sudo -K && sudo -nu $CUR_USER $pm $opt > /dev/null && sudo -n $pm $opt > /dev/null;\
|
||||
fi
|
||||
@@ -1,7 +1,7 @@
|
||||
if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); silent_inst="-yq install"; check_pkgs="-yq update"; docker_pkg="docker.io"; dist="debian";\
|
||||
elif which dnf > /dev/null 2>&1; then pm=$(which dnf); silent_inst="-yq install"; check_pkgs="-yq check-update"; docker_pkg="docker"; dist="fedora";\
|
||||
elif which yum > /dev/null 2>&1; then pm=$(which yum); silent_inst="-y -q install"; check_pkgs="-y -q check-update"; docker_pkg="docker"; dist="centos";\
|
||||
elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="-Sup"; docker_pkg="docker"; dist="archlinux";\
|
||||
elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="> /dev/null 2>&1"; docker_pkg="docker"; dist="archlinux";\
|
||||
else echo "Packet manager not found"; exit 1; fi;\
|
||||
echo "Dist: $dist, Packet manager: $pm, Install command: $silent_inst, Check pkgs command: $check_pkgs, Docker pkg: $docker_pkg";\
|
||||
if [ "$dist" = "debian" ]; then export DEBIAN_FRONTEND=noninteractive; fi;\
|
||||
@@ -12,9 +12,6 @@ if ! command -v docker > /dev/null 2>&1; then \
|
||||
sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
|
||||
sleep 5; sudo systemctl enable --now docker; sleep 5;\
|
||||
fi;\
|
||||
if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = "Y" ]; then \
|
||||
if ! command -v apparmor_parser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst apparmor; fi;\
|
||||
fi;\
|
||||
if [ "$(systemctl is-active docker)" != "active" ]; then \
|
||||
sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
|
||||
sleep 5; sudo systemctl start docker; sleep 5;\
|
||||
|
||||
@@ -33,14 +33,14 @@ conn shared
|
||||
right=%any
|
||||
encapsulation=yes
|
||||
authby=secret
|
||||
pfs=yes
|
||||
pfs=no
|
||||
rekey=no
|
||||
keyingtries=5
|
||||
dpddelay=30
|
||||
dpdtimeout=120
|
||||
dpdaction=clear
|
||||
ikev2=never
|
||||
ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp2048,aes128-sha1;modp2048
|
||||
ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
|
||||
phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
|
||||
ikelifetime=24h
|
||||
salifetime=24h
|
||||
@@ -244,9 +244,9 @@ conn ikev2-cp
|
||||
auto=add
|
||||
ikev2=insist
|
||||
rekey=no
|
||||
pfs=yes
|
||||
ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp2048,aes128-sha1;modp2048
|
||||
phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
|
||||
pfs=no
|
||||
ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1
|
||||
phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2
|
||||
ikelifetime=24h
|
||||
salifetime=24h
|
||||
encapsulation=yes
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
CUR_USER=$(whoami);\
|
||||
CUR_USER=$(whoami 2> /dev/null || echo ~ | sed 's/.*\///');\
|
||||
sudo mkdir -p $DOCKERFILE_FOLDER;\
|
||||
sudo chown $CUR_USER $DOCKERFILE_FOLDER;\
|
||||
if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network create \
|
||||
|
||||
@@ -3334,8 +3334,8 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>ليس لدي المستخدم الصلحيات لأستخدام sudo</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>المستخدم ليس عضوًا في مجموعة sudo</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
@@ -3399,7 +3399,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>خطأ في الخادم: خطأ في مدير الحزم</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -3468,8 +3468,8 @@ It's okay as long as it's from someone you trust.</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>The user does not have permission to use sudo</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>کاربر عضو گروه sudo نیست</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
@@ -3590,8 +3590,8 @@ It's okay as long as it's from someone you trust.</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<translation>Server error: Packet manager error</translation>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>خطای سرور: خطای مدیر بسته</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="34"/>
|
||||
|
||||
@@ -3434,13 +3434,13 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>उपयोगकर्ता के पास sudo का उपयोग करने की अनुमति नहीं है</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>उपयोगकर्ता sudo समूह का सदस्य नहीं है</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<translation>सर्वर त्रुटि: पैकेट प्रबंधक त्रुटि</translation>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>सर्वर त्रुटि: पैकेज प्रबंधक त्रुटि</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
|
||||
@@ -3330,8 +3330,8 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>ဤအသုံးပြုသူသည် sudo ကိုအသုံးပြုရန်ခွင့်ပြုချက်မရှိပါ</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>ဤအသုံးပြုသူသည် sudo အဖွဲ့၏ အဖွဲ့ဝင်မဟုတ်ပါ</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
@@ -3395,8 +3395,8 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<translation>ဆာဗာ မှားယွင်းမှု: Packet Manager မှားယွင်းမှု</translation>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>ဆာဗာ အမှား- Package manager အမှား</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="34"/>
|
||||
|
||||
@@ -3604,12 +3604,12 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>У пользователя нет прав на использование sudo</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>Пользователь не входит в группу sudo</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>Ошибка сервера: ошибка менеджера пакетов</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -3700,13 +3700,13 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>The user does not have permission to use sudo</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>Користувач не входить до групи sudo</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<translation type="unfinished"></translation>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>Помилка сервера: помилка менеджера пакетів</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
|
||||
@@ -3433,8 +3433,8 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>صارف کو sudo استعمال کرنے کی اجازت نہیں ہے</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>صارف sudo گروپ کا رکن نہیں ہے</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
@@ -3498,7 +3498,7 @@ Already installed containers were found on the server. All installed containers
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>سرور خطا: پیکیج منیجر خطا</translation>
|
||||
</message>
|
||||
<message>
|
||||
|
||||
@@ -3675,13 +3675,13 @@ and will not be shared or disclosed to the Amnezia or any third parties</source>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="22"/>
|
||||
<source>The user does not have permission to use sudo</source>
|
||||
<translation>用户没有root权限</translation>
|
||||
<source>The user is not a member of the sudo group</source>
|
||||
<translation>用户不是 sudo 组的成员</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="23"/>
|
||||
<source>Server error: Packet manager error</source>
|
||||
<translation type="unfinished"></translation>
|
||||
<source>Server error: Package manager error</source>
|
||||
<translation>服务器错误:包管理器错误</translation>
|
||||
</message>
|
||||
<message>
|
||||
<location filename="../core/errorstrings.cpp" line="26"/>
|
||||
|
||||
@@ -217,8 +217,6 @@ PageType {
|
||||
Layout.alignment: Qt.AlignHCenter
|
||||
implicitHeight: 32
|
||||
|
||||
visible: Qt.platform.os !== "ios"
|
||||
|
||||
defaultColor: AmneziaStyle.color.transparent
|
||||
hoveredColor: AmneziaStyle.color.translucentWhite
|
||||
pressedColor: AmneziaStyle.color.sheerWhite
|
||||
@@ -332,7 +330,7 @@ PageType {
|
||||
property string title: qsTr("I have nothing")
|
||||
property string description: qsTr("")
|
||||
property string imageSource: "qrc:/images/controls/help-circle.svg"
|
||||
property bool isVisible: PageController.isStartPageVisible() && Qt.platform.os !== "ios"
|
||||
property bool isVisible: PageController.isStartPageVisible()
|
||||
property var handler: function() {
|
||||
Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl())
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user