mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-05-23 19:35:48 +03:00
Compare commits
23 Commits
feature/li
...
bugfix/dis
| Author | SHA1 | Date | |
|---|---|---|---|
|
f1ec9c5c75 | ||
|
|
f2a9940147 | ||
|
|
4f17085c99 | ||
|
|
fdd2c12647 | ||
|
|
066b74887e | ||
|
|
eb95ec7cbf | ||
|
|
e2492abb77 | ||
|
|
e0ecfc12a9 | ||
|
|
b1b503b7c6 | ||
|
|
3d573d5977 | ||
|
|
fc99da1432 | ||
|
|
20e4ea2d4a | ||
|
|
f0b3c16880 | ||
|
|
2ac62027e8 | ||
|
|
43c3518f9e | ||
|
|
8b86c482d2 | ||
|
|
b4efae8edd | ||
|
|
03bc7d6293 | ||
|
|
8390a270ca | ||
|
|
faa832b152 | ||
|
|
ed228643cf | ||
|
|
ef901c2149 | ||
|
|
16d92ddb7c |
@@ -174,15 +174,6 @@ endif()
|
||||
if(LINUX AND NOT ANDROID)
|
||||
set(LIBS ${LIBS} -static-libstdc++ -static-libgcc -ldl)
|
||||
link_directories(${CMAKE_CURRENT_LIST_DIR}/platforms/linux)
|
||||
|
||||
set(HEADERS ${HEADERS}
|
||||
${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_linux.h
|
||||
)
|
||||
|
||||
set(SOURCES ${SOURCES}
|
||||
${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_linux.cpp
|
||||
)
|
||||
|
||||
endif()
|
||||
|
||||
if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
|
||||
|
||||
@@ -53,14 +53,16 @@ AmneziaApplication::~AmneziaApplication()
|
||||
{
|
||||
if (m_vpnConnection) {
|
||||
QMetaObject::invokeMethod(m_vpnConnection.get(), "disconnectFromVpn", Qt::QueuedConnection);
|
||||
QMetaObject::invokeMethod(m_vpnConnection.get(), "deleteLater", Qt::QueuedConnection);
|
||||
QThread::msleep(2000);
|
||||
QMetaObject::invokeMethod(m_vpnConnection.get(), "disconnectSlots", Qt::QueuedConnection);
|
||||
}
|
||||
|
||||
m_vpnConnectionThread.requestInterruption();
|
||||
m_vpnConnectionThread.quit();
|
||||
|
||||
if (!m_vpnConnectionThread.wait(5000)) {
|
||||
if (!m_vpnConnectionThread.wait(3000)) {
|
||||
m_vpnConnectionThread.terminate();
|
||||
m_vpnConnectionThread.wait();
|
||||
m_vpnConnectionThread.wait(500);
|
||||
}
|
||||
|
||||
if (m_engine) {
|
||||
|
||||
@@ -64,26 +64,6 @@ QString Ikev2Configurator::createConfig(const ServerCredentials &credentials, Do
|
||||
return "";
|
||||
}
|
||||
|
||||
#if defined(Q_OS_LINUX)
|
||||
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::ipsec_template, container),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
config.replace("$CLIENT_NAME", connData.clientId);
|
||||
config.replace("$UUID1", QUuid::createUuid().toString());
|
||||
config.replace("$SERVER_ADDR", connData.host);
|
||||
|
||||
QJsonObject jConfig;
|
||||
jConfig[config_key::config] = config;
|
||||
|
||||
jConfig[config_key::hostName] = connData.host;
|
||||
jConfig[config_key::userName] = connData.clientId;
|
||||
jConfig[config_key::cert] = QString(connData.clientCert.toBase64());
|
||||
jConfig[config_key::cacert] = QString(connData.caCert);
|
||||
jConfig[config_key::password] = connData.password;
|
||||
|
||||
return QJsonDocument(jConfig).toJson();
|
||||
#endif
|
||||
|
||||
return genIkev2Config(connData);
|
||||
}
|
||||
|
||||
@@ -93,7 +73,6 @@ QString Ikev2Configurator::genIkev2Config(const ConnectionData &connData)
|
||||
config[config_key::hostName] = connData.host;
|
||||
config[config_key::userName] = connData.clientId;
|
||||
config[config_key::cert] = QString(connData.clientCert.toBase64());
|
||||
config[config_key::cacert] = QString(connData.caCert);
|
||||
config[config_key::password] = connData.password;
|
||||
|
||||
return QJsonDocument(config).toJson();
|
||||
@@ -136,22 +115,3 @@ QString Ikev2Configurator::genStrongSwanConfig(const ConnectionData &connData)
|
||||
|
||||
return config;
|
||||
}
|
||||
|
||||
QString Ikev2Configurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
|
||||
QJsonObject json;
|
||||
json[config_key::config] = protocolConfigString;
|
||||
return QJsonDocument(json).toJson();
|
||||
}
|
||||
|
||||
QString Ikev2Configurator::processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
QJsonObject json;
|
||||
json[config_key::config] = protocolConfigString;
|
||||
return QJsonDocument(json).toJson();
|
||||
}
|
||||
|
||||
@@ -27,10 +27,6 @@ public:
|
||||
QString genIkev2Config(const ConnectionData &connData);
|
||||
QString genMobileConfig(const ConnectionData &connData);
|
||||
QString genStrongSwanConfig(const ConnectionData &connData);
|
||||
QString genIPSecConfig(const ConnectionData &connData);
|
||||
|
||||
QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
|
||||
ConnectionData prepareIkev2Config(const ServerCredentials &credentials,
|
||||
DockerContainer container, ErrorCode &errorCode);
|
||||
|
||||
@@ -257,7 +257,7 @@ Proto ContainerProps::defaultProtocol(DockerContainer c)
|
||||
|
||||
bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
|
||||
{
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_LINUX)
|
||||
#ifdef Q_OS_WINDOWS
|
||||
return true;
|
||||
|
||||
#elif defined(Q_OS_IOS)
|
||||
@@ -306,6 +306,13 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
|
||||
case DockerContainer::SSXray: return true;
|
||||
default: return false;
|
||||
}
|
||||
|
||||
#elif defined(Q_OS_LINUX)
|
||||
switch (c) {
|
||||
case DockerContainer::Ipsec: return false;
|
||||
default: return true;
|
||||
}
|
||||
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
|
||||
@@ -85,8 +85,9 @@ bool IpcClient::init(IpcClient *instance)
|
||||
}
|
||||
|
||||
qDebug() << "IpcClient::init succeed";
|
||||
instance->m_isSocketConnected = (Instance()->m_ipcClient->isReplicaValid() && Instance()->m_Tun2SocksClient->isReplicaValid());
|
||||
|
||||
return (Instance()->m_ipcClient->isReplicaValid() && Instance()->m_Tun2SocksClient->isReplicaValid());
|
||||
return Instance()->isSocketConnected();
|
||||
}
|
||||
|
||||
QSharedPointer<PrivilegedProcess> IpcClient::CreatePrivilegedProcess()
|
||||
|
||||
@@ -50,7 +50,6 @@ QString amnezia::scriptName(ProtocolScriptType type)
|
||||
case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf");
|
||||
case ProtocolScriptType::awg_template: return QLatin1String("template.conf");
|
||||
case ProtocolScriptType::xray_template: return QLatin1String("template.json");
|
||||
case ProtocolScriptType::ipsec_template: return QLatin1String("template.conf");
|
||||
default: return QString();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,8 +28,7 @@ enum ProtocolScriptType {
|
||||
openvpn_template,
|
||||
wireguard_template,
|
||||
awg_template,
|
||||
xray_template,
|
||||
ipsec_template
|
||||
xray_template
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -1,185 +0,0 @@
|
||||
#include <QCoreApplication>
|
||||
#include <QFileInfo>
|
||||
#include <QProcess>
|
||||
|
||||
#include <QNetworkInterface>
|
||||
|
||||
#include <QThread>
|
||||
|
||||
#include <chrono>
|
||||
|
||||
#include "core/networkUtilities.h"
|
||||
|
||||
#include "settings.h"
|
||||
#include "logger.h"
|
||||
#include "ikev2_vpn_protocol_linux.h"
|
||||
#include "utilities.h"
|
||||
#include "core/ipcclient.h"
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/pem.h>
|
||||
|
||||
|
||||
static Ikev2Protocol* self = nullptr;
|
||||
|
||||
|
||||
Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) :
|
||||
VpnProtocol(configuration, parent)
|
||||
{
|
||||
qDebug() << "IpsecProtocol::Ikev2Protocol()";
|
||||
self = this;
|
||||
readIkev2Configuration(configuration);
|
||||
m_routeGateway = NetworkUtilities::getGatewayAndIface();
|
||||
m_vpnGateway = "192.168.43.10";
|
||||
m_vpnLocalAddress = "192.168.43.10";
|
||||
m_remoteAddress = NetworkUtilities::getIPAddress(configuration.value(amnezia::config_key::hostName).toString());
|
||||
m_routeMode = static_cast<Settings::RouteMode>(configuration.value(amnezia::config_key::splitTunnelType).toInt());
|
||||
m_configData = configuration;
|
||||
}
|
||||
|
||||
Ikev2Protocol::~Ikev2Protocol()
|
||||
{
|
||||
qDebug() << "IpsecProtocol::~IpsecProtocol()";
|
||||
Ikev2Protocol::stop();
|
||||
}
|
||||
|
||||
void Ikev2Protocol::stop()
|
||||
{
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
Ikev2Protocol::disconnect_vpn();
|
||||
qDebug() << "IpsecProtocol::stop()";
|
||||
}
|
||||
|
||||
void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
|
||||
{
|
||||
qDebug() << "IpsecProtocol::readIkev2Configuration()";
|
||||
QJsonObject ikev2_data = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
m_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
|
||||
}
|
||||
|
||||
ErrorCode Ikev2Protocol::start()
|
||||
{
|
||||
qDebug() << "IpsecProtocol::start()";
|
||||
STACK_OF(X509) *certstack = sk_X509_new_null();
|
||||
BIO *p12 = BIO_new(BIO_s_mem());
|
||||
|
||||
EVP_PKEY *pkey;
|
||||
X509 *cert;
|
||||
|
||||
BIO_write(p12, QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()),
|
||||
QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()).size());
|
||||
|
||||
PKCS12 *pkcs12 = d2i_PKCS12_bio(p12, NULL);
|
||||
PKCS12_parse(pkcs12, m_config[config_key::password].toString().toStdString().c_str(), &pkey, &cert, &certstack);
|
||||
BIO *bio = BIO_new(BIO_s_mem());
|
||||
PEM_write_bio_X509(bio, cert);
|
||||
|
||||
BUF_MEM *mem = NULL;
|
||||
BIO_get_mem_ptr(bio, &mem);
|
||||
|
||||
std::string pem(mem->data, mem->length);
|
||||
QString alias(pem.c_str());
|
||||
|
||||
IpcClient::Interface()->writeIPsecUserCert(alias, m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecConfig(m_config[config_key::config].toString());
|
||||
IpcClient::Interface()->writeIPsecCaCert(m_config[config_key::cacert].toString(), m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecPrivate(m_config[config_key::cert].toString(), m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecPrivatePass(m_config[config_key::password].toString(), m_config[config_key::hostName].toString(),
|
||||
m_config[config_key::userName].toString());
|
||||
|
||||
connect_to_vpn("ikev2-vpn");
|
||||
|
||||
if (!IpcClient::Interface()) {
|
||||
return ErrorCode::AmneziaServiceConnectionFailed;
|
||||
}
|
||||
|
||||
QString connectionStatus;
|
||||
|
||||
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
|
||||
futureResult.waitForFinished();
|
||||
|
||||
if (futureResult.returnValue().isEmpty()) {
|
||||
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
|
||||
futureResult.waitForFinished();
|
||||
}
|
||||
|
||||
connectionStatus = futureResult.returnValue();
|
||||
|
||||
if (connectionStatus.contains("ESTABLISHED")) {
|
||||
QStringList lines = connectionStatus.split('\n');
|
||||
for (auto iter = lines.begin(); iter!=lines.end(); iter++)
|
||||
{
|
||||
if (iter->contains("0.0.0.0/0")) {
|
||||
QList<QHostAddress> dnsAddr;
|
||||
|
||||
dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns1).toString()));
|
||||
// We don't use secondary DNS if primary DNS is AmneziaDNS
|
||||
if (!m_configData.value(amnezia::config_key::dns1).toString().
|
||||
contains(amnezia::protocols::dns::amneziaDnsIp)) {
|
||||
dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns2).toString()));
|
||||
}
|
||||
|
||||
m_vpnGateway = iter->split("===", Qt::SkipEmptyParts).first();
|
||||
m_vpnGateway = m_vpnGateway.split(" ").at(2);
|
||||
m_vpnGateway = m_vpnGateway.split("/").first();
|
||||
m_vpnLocalAddress = m_vpnGateway;
|
||||
|
||||
// killSwitch toggle
|
||||
if (QVariant(m_config.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
m_config.insert("vpnServer", m_remoteAddress);
|
||||
IpcClient::Interface()->enableKillSwitch(m_config, 0);
|
||||
}
|
||||
|
||||
if (m_routeMode == Settings::RouteMode::VpnAllSites) {
|
||||
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
|
||||
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
|
||||
IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
|
||||
}
|
||||
|
||||
QList<QNetworkInterface> netInterfaces = QNetworkInterface::allInterfaces();
|
||||
for (int i = 0; i < netInterfaces.size(); i++) {
|
||||
for (int j=0; j < netInterfaces.at(i).addressEntries().size(); j++)
|
||||
{
|
||||
if (netInterfaces.at(i).addressEntries().at(j).ip().toString() == m_vpnGateway)
|
||||
{
|
||||
IpcClient::Interface()->updateResolvers(netInterfaces.at(i).humanReadableName(), dnsAddr);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
IpcClient::Interface()->StopRoutingIpv6();
|
||||
}
|
||||
}
|
||||
setConnectionState(Vpn::ConnectionState::Connected);
|
||||
} else {
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
}
|
||||
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
|
||||
const QString & serv_addr) {
|
||||
qDebug() << "Ikev2Protocol::create_new_vpn()";
|
||||
return true;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::delete_vpn_connection(const QString &vpn_name) {
|
||||
|
||||
return false;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::connect_to_vpn(const QString &vpn_name) {
|
||||
qDebug() << "IpsecProtocol::connect_to_vpn()";
|
||||
IpcClient::Interface()->startIPsec(vpn_name);
|
||||
QThread::msleep(3000);
|
||||
return true;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::disconnect_vpn() {
|
||||
qDebug() << "IpsecProtocol::disconnect_vpn()";
|
||||
IpcClient::Interface()->stopIPsec("ikev2-vpn");
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
IpcClient::Interface()->StartRoutingIpv6();
|
||||
return true;
|
||||
}
|
||||
@@ -1,52 +0,0 @@
|
||||
#ifndef IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
#define IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
|
||||
#include <QObject>
|
||||
#include <QProcess>
|
||||
#include <QString>
|
||||
#include <QTemporaryFile>
|
||||
#include <QTimer>
|
||||
|
||||
#include "vpnprotocol.h"
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <atomic>
|
||||
#include <thread>
|
||||
#include <condition_variable>
|
||||
#include <mutex>
|
||||
|
||||
class Ikev2Protocol : public VpnProtocol
|
||||
{
|
||||
Q_OBJECT
|
||||
|
||||
public:
|
||||
explicit Ikev2Protocol(const QJsonObject& configuration, QObject* parent = nullptr);
|
||||
virtual ~Ikev2Protocol() override;
|
||||
|
||||
ErrorCode start() override;
|
||||
void stop() override;
|
||||
|
||||
static QString tunnelName() { return "AmneziaVPN IKEv2"; }
|
||||
|
||||
|
||||
private:
|
||||
void readIkev2Configuration(const QJsonObject &configuration);
|
||||
|
||||
private:
|
||||
QJsonObject m_config;
|
||||
QJsonObject m_configData;
|
||||
QString m_remoteAddress;
|
||||
int m_routeMode;
|
||||
|
||||
|
||||
bool create_new_vpn(const QString & vpn_name,
|
||||
const QString & serv_addr);
|
||||
bool delete_vpn_connection(const QString &vpn_name);
|
||||
|
||||
bool connect_to_vpn(const QString & vpn_name);
|
||||
bool disconnect_vpn();
|
||||
};
|
||||
|
||||
|
||||
#endif // IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
@@ -172,8 +172,7 @@ void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE
|
||||
|
||||
void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
|
||||
{
|
||||
QJsonObject ikev2_data = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
m_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
|
||||
m_config = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
}
|
||||
|
||||
ErrorCode Ikev2Protocol::start()
|
||||
|
||||
@@ -56,7 +56,8 @@ void OpenVpnProtocol::stop()
|
||||
}
|
||||
|
||||
#if defined(Q_OS_WIN) || defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
QRemoteObjectPendingReply<bool> disableKillSwitchResp = IpcClient::Interface()->disableKillSwitch();
|
||||
disableKillSwitchResp.waitForFinished(1000);
|
||||
#endif
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
|
||||
@@ -24,7 +24,6 @@ namespace amnezia
|
||||
constexpr char description[] = "description";
|
||||
constexpr char name[] = "name";
|
||||
constexpr char cert[] = "cert";
|
||||
constexpr char cacert[] = "cacert";
|
||||
constexpr char config[] = "config";
|
||||
|
||||
constexpr char containers[] = "containers";
|
||||
|
||||
@@ -16,10 +16,6 @@
|
||||
#include "ikev2_vpn_protocol_windows.h"
|
||||
#endif
|
||||
|
||||
#ifdef Q_OS_LINUX
|
||||
#include "ikev2_vpn_protocol_linux.h"
|
||||
#endif
|
||||
|
||||
VpnProtocol::VpnProtocol(const QJsonObject &configuration, QObject *parent)
|
||||
: QObject(parent),
|
||||
m_connectionState(Vpn::ConnectionState::Unknown),
|
||||
@@ -110,7 +106,7 @@ QString VpnProtocol::vpnGateway() const
|
||||
VpnProtocol *VpnProtocol::factory(DockerContainer container, const QJsonObject &configuration)
|
||||
{
|
||||
switch (container) {
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
|
||||
#if defined(Q_OS_WINDOWS)
|
||||
case DockerContainer::Ipsec: return new Ikev2Protocol(configuration);
|
||||
#endif
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_MACX) and !defined MACOS_NE || (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID))
|
||||
|
||||
@@ -167,8 +167,10 @@ ErrorCode XrayProtocol::startTun2Sock()
|
||||
void XrayProtocol::stop()
|
||||
{
|
||||
#if defined(Q_OS_WIN) || defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
IpcClient::Interface()->StartRoutingIpv6();
|
||||
QRemoteObjectPendingReply<bool> disableKillSwitchResp = IpcClient::Interface()->disableKillSwitch();
|
||||
disableKillSwitchResp.waitForFinished(1000);
|
||||
QRemoteObjectPendingReply<bool> StartRoutingIpv6Resp = IpcClient::Interface()->StartRoutingIpv6();
|
||||
StartRoutingIpv6Resp.waitForFinished(1000);
|
||||
#endif
|
||||
qDebug() << "XrayProtocol::stop()";
|
||||
m_xrayProcess.disconnect();
|
||||
@@ -176,6 +178,7 @@ void XrayProtocol::stop()
|
||||
m_xrayProcess.waitForFinished(3000);
|
||||
if (m_t2sProcess) {
|
||||
m_t2sProcess->stop();
|
||||
QThread::msleep(200);
|
||||
}
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
|
||||
@@ -77,7 +77,6 @@
|
||||
<file>server_scripts/ipsec/mobileconfig.plist</file>
|
||||
<file>server_scripts/ipsec/run_container.sh</file>
|
||||
<file>server_scripts/ipsec/start.sh</file>
|
||||
<file>server_scripts/ipsec/template.conf</file>
|
||||
<file>server_scripts/ipsec/strongswan.profile</file>
|
||||
<file>server_scripts/openvpn_cloak/configure_container.sh</file>
|
||||
<file>server_scripts/openvpn_cloak/Dockerfile</file>
|
||||
|
||||
@@ -242,7 +242,6 @@ conn ikev2-cp
|
||||
dpdtimeout=120
|
||||
dpdaction=clear
|
||||
auto=add
|
||||
authby=rsa-sha1
|
||||
ikev2=insist
|
||||
rekey=no
|
||||
pfs=yes
|
||||
|
||||
@@ -1,28 +0,0 @@
|
||||
config setup
|
||||
charondebug="ike 1, knl 1, cfg 0"
|
||||
uniqueids=no
|
||||
|
||||
conn ikev2-vpn
|
||||
auto=add
|
||||
type=tunnel
|
||||
keyexchange=ikev2
|
||||
fragmentation=yes
|
||||
forceencaps=yes
|
||||
dpdaction=clear
|
||||
dpddelay=300s
|
||||
rekey=no
|
||||
leftid=$CLIENT_NAME
|
||||
leftcert=$CLIENT_NAME.crt
|
||||
leftdns=$PRIMARY_DNS,$SECONDARY_DNS
|
||||
leftsendcert=always
|
||||
leftsourceip=%config
|
||||
right=$SERVER_IP_ADDRESS
|
||||
rightsubnet=0.0.0.0/0
|
||||
rightsendcert=never
|
||||
eap_identity=%identity
|
||||
encapsulation=yes
|
||||
pfs=yes
|
||||
ike=aes256-sha256-modp2048,aes256-sha1-modp1024,3des-sha1-modp1024
|
||||
esp=aes256-sha256,aes256-sha1,3des-sha1
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ PageType {
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButtonLayout.bottom
|
||||
anchors.top: backButton.bottom
|
||||
anchors.bottom: saveButton.top
|
||||
anchors.right: parent.right
|
||||
anchors.left: parent.left
|
||||
|
||||
@@ -37,7 +37,7 @@ PageType {
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButtonLayout.bottom
|
||||
anchors.top: backButton.bottom
|
||||
anchors.bottom: parent.bottom
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
@@ -17,428 +17,414 @@ import "../Components"
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
ColumnLayout {
|
||||
id: backButtonLayout
|
||||
BackButtonType {
|
||||
id: backButton
|
||||
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
anchors.topMargin: 20
|
||||
|
||||
BackButtonType {
|
||||
id: backButton
|
||||
|
||||
onActiveFocusChanged: {
|
||||
if(backButton.enabled && backButton.activeFocus) {
|
||||
listView.positionViewAtBeginning()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
FlickableType {
|
||||
id: fl
|
||||
anchors.top: backButtonLayout.bottom
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButton.bottom
|
||||
anchors.bottom: parent.bottom
|
||||
contentHeight: content.implicitHeight
|
||||
anchors.right: parent.right
|
||||
anchors.left: parent.left
|
||||
|
||||
Column {
|
||||
id: content
|
||||
enabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
header: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
enabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
BaseHeaderType {
|
||||
id: header
|
||||
|
||||
ListView {
|
||||
id: listview
|
||||
Layout.fillWidth: true
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
|
||||
width: parent.width
|
||||
height: listview.contentItem.height
|
||||
headerText: qsTr("OpenVPN Settings")
|
||||
}
|
||||
}
|
||||
|
||||
clip: true
|
||||
interactive: false
|
||||
model: OpenVpnConfigModel
|
||||
|
||||
model: OpenVpnConfigModel
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
delegate: Item {
|
||||
id: delegateItem
|
||||
spacing: 0
|
||||
|
||||
property alias vpnAddressSubnetTextField: vpnAddressSubnetTextField
|
||||
property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
TextFieldWithHeaderType {
|
||||
id: vpnAddressSubnetTextField
|
||||
|
||||
implicitWidth: listview.width
|
||||
implicitHeight: col.implicitHeight
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
ColumnLayout {
|
||||
id: col
|
||||
enabled: listView.enabled
|
||||
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
|
||||
anchors.leftMargin: 16
|
||||
anchors.rightMargin: 16
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== subnetAddress) {
|
||||
subnetAddress = textField.text
|
||||
}
|
||||
}
|
||||
|
||||
spacing: 0
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
BaseHeaderType {
|
||||
Layout.fillWidth: true
|
||||
headerText: qsTr("OpenVPN settings")
|
||||
}
|
||||
ParagraphTextType {
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: vpnAddressSubnetTextField
|
||||
text: qsTr("Network protocol")
|
||||
}
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
TransportProtoSelector {
|
||||
id: transportProtoSelector
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
rootWidth: root.width
|
||||
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
enabled: isTransportProtoEditable
|
||||
|
||||
parentFlickable: fl
|
||||
currentIndex: {
|
||||
return transportProto === "tcp" ? 1 : 0
|
||||
}
|
||||
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== subnetAddress) {
|
||||
subnetAddress = textField.text
|
||||
}
|
||||
onCurrentIndexChanged: {
|
||||
if (transportProto === "tcp" && currentIndex === 0) {
|
||||
transportProto = "udp"
|
||||
} else if (transportProto === "udp" && currentIndex === 1) {
|
||||
transportProto = "tcp"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: portTextField
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 40
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: listView.enabled
|
||||
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
textField.validator: IntValidator { bottom: 1; top: 65535 }
|
||||
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== port) {
|
||||
port = textField.text
|
||||
}
|
||||
}
|
||||
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: autoNegotiateEncryprionSwitcher
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
text: qsTr("Auto-negotiate encryption")
|
||||
checked: autoNegotiateEncryprion
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== autoNegotiateEncryprion) {
|
||||
autoNegotiateEncryprion = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: hashDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 20
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
descriptionText: qsTr("Hash")
|
||||
headerText: qsTr("Hash")
|
||||
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: hashListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("SHA512") }
|
||||
ListElement { name : qsTr("SHA384") }
|
||||
ListElement { name : qsTr("SHA256") }
|
||||
ListElement { name : qsTr("SHA3-512") }
|
||||
ListElement { name : qsTr("SHA3-384") }
|
||||
ListElement { name : qsTr("SHA3-256") }
|
||||
ListElement { name : qsTr("whirlpool") }
|
||||
ListElement { name : qsTr("BLAKE2b512") }
|
||||
ListElement { name : qsTr("BLAKE2s256") }
|
||||
ListElement { name : qsTr("SHA1") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
hashDropDown.text = selectedText
|
||||
hash = hashDropDown.text
|
||||
hashDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
hashDropDown.text = hash
|
||||
|
||||
for (var i = 0; i < hashListView.model.count; i++) {
|
||||
if (hashListView.model.get(i).name === hashDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
ParagraphTextType {
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
|
||||
text: qsTr("Network protocol")
|
||||
}
|
||||
|
||||
TransportProtoSelector {
|
||||
id: transportProtoSelector
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
rootWidth: root.width
|
||||
|
||||
enabled: isTransportProtoEditable
|
||||
|
||||
currentIndex: {
|
||||
return transportProto === "tcp" ? 1 : 0
|
||||
}
|
||||
|
||||
onCurrentIndexChanged: {
|
||||
if (transportProto === "tcp" && currentIndex === 0) {
|
||||
transportProto = "udp"
|
||||
} else if (transportProto === "udp" && currentIndex === 1) {
|
||||
transportProto = "tcp"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: portTextField
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 40
|
||||
parentFlickable: fl
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
textField.validator: IntValidator { bottom: 1; top: 65535 }
|
||||
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== port) {
|
||||
port = textField.text
|
||||
}
|
||||
}
|
||||
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: autoNegotiateEncryprionSwitcher
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
parentFlickable: fl
|
||||
|
||||
text: qsTr("Auto-negotiate encryption")
|
||||
checked: autoNegotiateEncryprion
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== autoNegotiateEncryprion) {
|
||||
autoNegotiateEncryprion = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: hashDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 20
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
descriptionText: qsTr("Hash")
|
||||
headerText: qsTr("Hash")
|
||||
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: hashListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("SHA512") }
|
||||
ListElement { name : qsTr("SHA384") }
|
||||
ListElement { name : qsTr("SHA256") }
|
||||
ListElement { name : qsTr("SHA3-512") }
|
||||
ListElement { name : qsTr("SHA3-384") }
|
||||
ListElement { name : qsTr("SHA3-256") }
|
||||
ListElement { name : qsTr("whirlpool") }
|
||||
ListElement { name : qsTr("BLAKE2b512") }
|
||||
ListElement { name : qsTr("BLAKE2s256") }
|
||||
ListElement { name : qsTr("SHA1") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
hashDropDown.text = selectedText
|
||||
hash = hashDropDown.text
|
||||
hashDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
hashDropDown.text = hash
|
||||
|
||||
for (var i = 0; i < hashListView.model.count; i++) {
|
||||
if (hashListView.model.get(i).name === hashDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: cipherDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
descriptionText: qsTr("Cipher")
|
||||
headerText: qsTr("Cipher")
|
||||
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: cipherListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("AES-256-GCM") }
|
||||
ListElement { name : qsTr("AES-192-GCM") }
|
||||
ListElement { name : qsTr("AES-128-GCM") }
|
||||
ListElement { name : qsTr("AES-256-CBC") }
|
||||
ListElement { name : qsTr("AES-192-CBC") }
|
||||
ListElement { name : qsTr("AES-128-CBC") }
|
||||
ListElement { name : qsTr("ChaCha20-Poly1305") }
|
||||
ListElement { name : qsTr("ARIA-256-CBC") }
|
||||
ListElement { name : qsTr("CAMELLIA-256-CBC") }
|
||||
ListElement { name : qsTr("none") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
cipherDropDown.text = selectedText
|
||||
cipher = cipherDropDown.text
|
||||
cipherDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
cipherDropDown.text = cipher
|
||||
|
||||
for (var i = 0; i < cipherListView.model.count; i++) {
|
||||
if (cipherListView.model.get(i).name === cipherDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Rectangle {
|
||||
id: contentRect
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.preferredHeight: checkboxLayout.implicitHeight
|
||||
color: AmneziaStyle.color.onyxBlack
|
||||
radius: 16
|
||||
|
||||
Connections {
|
||||
target: tlsAuthCheckBox
|
||||
enabled: !GC.isMobile()
|
||||
|
||||
function onFocusChanged() {
|
||||
if (tlsAuthCheckBox.activeFocus) {
|
||||
fl.ensureVisible(contentRect)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
ColumnLayout {
|
||||
id: checkboxLayout
|
||||
|
||||
anchors.fill: parent
|
||||
CheckBoxType {
|
||||
id: tlsAuthCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
text: qsTr("TLS auth")
|
||||
checked: tlsAuth
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== tlsAuth) {
|
||||
console.log("tlsAuth changed to: " + checked)
|
||||
tlsAuth = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DividerType {}
|
||||
|
||||
CheckBoxType {
|
||||
id: blockDnsCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
text: qsTr("Block DNS requests outside of VPN")
|
||||
checked: blockDns
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== blockDns) {
|
||||
blockDns = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalClientCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
parentFlickable: fl
|
||||
|
||||
checked: additionalClientCommands !== ""
|
||||
|
||||
text: qsTr("Additional client configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalClientCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalClientCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
visible: additionalClientCommandsSwitcher.checked
|
||||
|
||||
parentFlickable: fl
|
||||
|
||||
textAreaText: additionalClientCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalClientCommands !== textAreaText) {
|
||||
additionalClientCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalServerCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
parentFlickable: fl
|
||||
|
||||
checked: additionalServerCommands !== ""
|
||||
|
||||
text: qsTr("Additional server configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalServerCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalServerCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
visible: additionalServerCommandsSwitcher.checked
|
||||
|
||||
textAreaText: additionalServerCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
parentFlickable: fl
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalServerCommands !== textAreaText) {
|
||||
additionalServerCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.bottomMargin: 24
|
||||
|
||||
enabled: vpnAddressSubnetTextField.errorText === "" &&
|
||||
portTextField.errorText === ""
|
||||
|
||||
text: qsTr("Save")
|
||||
parentFlickable: fl
|
||||
|
||||
onClicked: function() {
|
||||
forceActiveFocus()
|
||||
|
||||
var headerText = qsTr("Save settings?")
|
||||
var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.")
|
||||
var yesButtonText = qsTr("Continue")
|
||||
var noButtonText = qsTr("Cancel")
|
||||
|
||||
var yesButtonFunction = function() {
|
||||
if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) {
|
||||
PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection"))
|
||||
return
|
||||
}
|
||||
|
||||
PageController.goToPage(PageEnum.PageSetupWizardInstalling);
|
||||
InstallController.updateContainer(OpenVpnConfigModel.getConfig())
|
||||
}
|
||||
var noButtonFunction = function() {
|
||||
if (!GC.isMobile()) {
|
||||
saveButton.forceActiveFocus()
|
||||
}
|
||||
}
|
||||
showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
|
||||
Keys.onEnterPressed: saveButton.clicked()
|
||||
Keys.onReturnPressed: saveButton.clicked()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: cipherDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
descriptionText: qsTr("Cipher")
|
||||
headerText: qsTr("Cipher")
|
||||
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: cipherListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("AES-256-GCM") }
|
||||
ListElement { name : qsTr("AES-192-GCM") }
|
||||
ListElement { name : qsTr("AES-128-GCM") }
|
||||
ListElement { name : qsTr("AES-256-CBC") }
|
||||
ListElement { name : qsTr("AES-192-CBC") }
|
||||
ListElement { name : qsTr("AES-128-CBC") }
|
||||
ListElement { name : qsTr("ChaCha20-Poly1305") }
|
||||
ListElement { name : qsTr("ARIA-256-CBC") }
|
||||
ListElement { name : qsTr("CAMELLIA-256-CBC") }
|
||||
ListElement { name : qsTr("none") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
cipherDropDown.text = selectedText
|
||||
cipher = cipherDropDown.text
|
||||
cipherDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
cipherDropDown.text = cipher
|
||||
|
||||
for (var i = 0; i < cipherListView.model.count; i++) {
|
||||
if (cipherListView.model.get(i).name === cipherDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Rectangle {
|
||||
id: contentRect
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
Layout.preferredHeight: checkboxLayout.implicitHeight
|
||||
color: AmneziaStyle.color.onyxBlack
|
||||
radius: 16
|
||||
|
||||
ColumnLayout {
|
||||
id: checkboxLayout
|
||||
|
||||
anchors.fill: parent
|
||||
|
||||
CheckBoxType {
|
||||
id: tlsAuthCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
text: qsTr("TLS auth")
|
||||
checked: tlsAuth
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== tlsAuth) {
|
||||
console.log("tlsAuth changed to: " + checked)
|
||||
tlsAuth = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DividerType {}
|
||||
|
||||
CheckBoxType {
|
||||
id: blockDnsCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
text: qsTr("Block DNS requests outside of VPN")
|
||||
checked: blockDns
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== blockDns) {
|
||||
blockDns = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalClientCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
checked: additionalClientCommands !== ""
|
||||
|
||||
text: qsTr("Additional client configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalClientCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalClientCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
visible: additionalClientCommandsSwitcher.checked
|
||||
|
||||
textAreaText: additionalClientCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalClientCommands !== textAreaText) {
|
||||
additionalClientCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalServerCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
checked: additionalServerCommands !== ""
|
||||
|
||||
text: qsTr("Additional server configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalServerCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalServerCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
visible: additionalServerCommandsSwitcher.checked
|
||||
|
||||
textAreaText: additionalServerCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalServerCommands !== textAreaText) {
|
||||
additionalServerCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.bottomMargin: 24
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: vpnAddressSubnetTextField.errorText === "" &&
|
||||
portTextField.errorText === ""
|
||||
|
||||
text: qsTr("Save")
|
||||
|
||||
onClicked: function() {
|
||||
forceActiveFocus()
|
||||
|
||||
var headerText = qsTr("Save settings?")
|
||||
var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.")
|
||||
var yesButtonText = qsTr("Continue")
|
||||
var noButtonText = qsTr("Cancel")
|
||||
|
||||
var yesButtonFunction = function() {
|
||||
if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) {
|
||||
PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection"))
|
||||
return
|
||||
}
|
||||
|
||||
PageController.goToPage(PageEnum.PageSetupWizardInstalling);
|
||||
InstallController.updateContainer(OpenVpnConfigModel.getConfig())
|
||||
}
|
||||
var noButtonFunction = function() {
|
||||
if (!GC.isMobile()) {
|
||||
saveButton.forceActiveFocus()
|
||||
}
|
||||
}
|
||||
showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
|
||||
Keys.onEnterPressed: saveButton.clicked()
|
||||
Keys.onReturnPressed: saveButton.clicked()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -66,8 +66,6 @@ PageType {
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
|
||||
@@ -87,8 +85,6 @@ PageType {
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
|
||||
@@ -43,8 +43,6 @@ PageType {
|
||||
|
||||
LabelWithButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
visible: isVisible
|
||||
|
||||
@@ -68,8 +66,6 @@ PageType {
|
||||
|
||||
visible: GC.isDesktop()
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
text: qsTr("Close application")
|
||||
leftImageSource: "qrc:/images/controls/x-circle.svg"
|
||||
|
||||
@@ -66,6 +66,13 @@ PageType {
|
||||
|
||||
text: qsTr("If AmneziaDNS is not used or installed")
|
||||
}
|
||||
}
|
||||
|
||||
model: 1 // fake model to force the ListView to be created without a model
|
||||
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
spacing: 16
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: primaryDns
|
||||
@@ -96,13 +103,6 @@ PageType {
|
||||
regularExpression: InstallController.ipAddressRegExp()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
model: 1 // fake model to force the ListView to be created without a model
|
||||
spacing: 16
|
||||
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BasicButtonType {
|
||||
id: restoreDefaultButton
|
||||
@@ -139,10 +139,6 @@ PageType {
|
||||
showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
footer: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
@@ -18,6 +18,8 @@ PageType {
|
||||
|
||||
signal lastItemTabClickedSignal()
|
||||
|
||||
property bool isServerWithWriteAccess: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
Connections {
|
||||
target: InstallController
|
||||
|
||||
@@ -59,15 +61,13 @@ PageType {
|
||||
target: ServersModel
|
||||
|
||||
function onProcessedServerIndexChanged() {
|
||||
listView.isServerWithWriteAccess = ServersModel.isProcessedServerHasWriteAccess()
|
||||
root.isServerWithWriteAccess = ServersModel.isProcessedServerHasWriteAccess()
|
||||
}
|
||||
}
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
property bool isServerWithWriteAccess: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
anchors.fill: parent
|
||||
|
||||
model: serverActions
|
||||
@@ -107,7 +107,7 @@ PageType {
|
||||
QtObject {
|
||||
id: check
|
||||
|
||||
property bool isVisible: true
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
readonly property string title: qsTr("Check the server for previously installed Amnezia services")
|
||||
readonly property string description: qsTr("Add them to the application if they were not displayed")
|
||||
readonly property var tColor: AmneziaStyle.color.paleGray
|
||||
@@ -121,7 +121,7 @@ PageType {
|
||||
QtObject {
|
||||
id: reboot
|
||||
|
||||
property bool isVisible: true
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
readonly property string title: qsTr("Reboot server")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
@@ -181,7 +181,7 @@ PageType {
|
||||
QtObject {
|
||||
id: clear
|
||||
|
||||
property bool isVisible: true
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
readonly property string title: qsTr("Clear server from Amnezia software")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
@@ -240,7 +240,7 @@ PageType {
|
||||
QtObject {
|
||||
id: switch_to_premium
|
||||
|
||||
property bool isVisible: ServersModel.getProcessedServerData("isServerFromTelegramApi")
|
||||
property bool isVisible: ServersModel.getProcessedServerData("isServerFromTelegramApi") && ServersModel.processedServerIsPremium
|
||||
readonly property string title: qsTr("Switch to the new Amnezia Premium subscription")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
|
||||
@@ -161,10 +161,4 @@ PageType {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
ShareConnectionDrawer {
|
||||
id: shareConnectionDrawer
|
||||
|
||||
anchors.fill: parent
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,8 +32,8 @@
|
||||
VpnConnection::VpnConnection(std::shared_ptr<Settings> settings, QObject *parent)
|
||||
: QObject(parent), m_settings(settings), m_checkTimer(new QTimer(this))
|
||||
{
|
||||
m_checkTimer.setInterval(1000);
|
||||
#if defined(Q_OS_IOS) || defined(MACOS_NE)
|
||||
m_checkTimer.setInterval(1000);
|
||||
connect(IosController::Instance(), &IosController::connectionStateChanged, this, &VpnConnection::onConnectionStateChanged);
|
||||
connect(IosController::Instance(), &IosController::bytesChanged, this, &VpnConnection::onBytesChanged);
|
||||
|
||||
@@ -42,9 +42,6 @@ VpnConnection::VpnConnection(std::shared_ptr<Settings> settings, QObject *parent
|
||||
|
||||
VpnConnection::~VpnConnection()
|
||||
{
|
||||
#if defined AMNEZIA_DESKTOP
|
||||
disconnectFromVpn();
|
||||
#endif
|
||||
}
|
||||
|
||||
void VpnConnection::onBytesChanged(quint64 receivedBytes, quint64 sentBytes)
|
||||
@@ -55,19 +52,7 @@ void VpnConnection::onBytesChanged(quint64 receivedBytes, quint64 sentBytes)
|
||||
void VpnConnection::onKillSwitchModeChanged(bool enabled)
|
||||
{
|
||||
#ifdef AMNEZIA_DESKTOP
|
||||
if (!m_IpcClient) {
|
||||
m_IpcClient = new IpcClient(this);
|
||||
}
|
||||
|
||||
if (!m_IpcClient->isSocketConnected()) {
|
||||
if (!IpcClient::init(m_IpcClient)) {
|
||||
qWarning() << "Error occurred when init IPC client";
|
||||
emit serviceIsNotReady();
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (IpcClient::Interface()) {
|
||||
if (InterfaceReady()) {
|
||||
qDebug() << "Set KillSwitch Strict mode enabled " << enabled;
|
||||
IpcClient::Interface()->refreshKillSwitch(enabled);
|
||||
}
|
||||
@@ -80,12 +65,10 @@ void VpnConnection::onConnectionStateChanged(Vpn::ConnectionState state)
|
||||
#ifdef AMNEZIA_DESKTOP
|
||||
auto container = m_settings->defaultContainer(m_settings->defaultServerIndex());
|
||||
|
||||
if (IpcClient::Interface()) {
|
||||
if (InterfaceReady()) {
|
||||
if (state == Vpn::ConnectionState::Connected) {
|
||||
IpcClient::Interface()->resetIpStack();
|
||||
if (container != DockerContainer::Ipsec) {
|
||||
IpcClient::Interface()->flushDns();
|
||||
}
|
||||
IpcClient::Interface()->flushDns();
|
||||
|
||||
if (container != DockerContainer::Awg && container != DockerContainer::WireGuard) {
|
||||
QString dns1 = m_vpnConfiguration.value(config_key::dns1).toString();
|
||||
@@ -214,14 +197,41 @@ void VpnConnection::deleteRoutes(const QStringList &ips)
|
||||
#endif
|
||||
}
|
||||
|
||||
bool VpnConnection::InterfaceReady()
|
||||
{
|
||||
#ifdef AMNEZIA_DESKTOP
|
||||
if (!m_IpcClient) {
|
||||
m_IpcClient = new IpcClient(this);
|
||||
}
|
||||
|
||||
if (!m_IpcClient->isSocketConnected()) {
|
||||
if (!IpcClient::init(m_IpcClient)) {
|
||||
qWarning() << "Error occurred when init IPC client";
|
||||
emit serviceIsNotReady();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return IpcClient::Interface() != nullptr;
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
void VpnConnection::flushDns()
|
||||
{
|
||||
#ifdef AMNEZIA_DESKTOP
|
||||
if (IpcClient::Interface())
|
||||
if (InterfaceReady())
|
||||
IpcClient::Interface()->flushDns();
|
||||
#endif
|
||||
}
|
||||
|
||||
void VpnConnection::disconnectSlots()
|
||||
{
|
||||
if (m_vpnProtocol) {
|
||||
m_vpnProtocol->disconnect();
|
||||
}
|
||||
}
|
||||
|
||||
ErrorCode VpnConnection::lastError() const
|
||||
{
|
||||
#ifdef Q_OS_ANDROID
|
||||
@@ -242,20 +252,11 @@ void VpnConnection::connectToVpn(int serverIndex, const ServerCredentials &crede
|
||||
.arg(serverIndex)
|
||||
.arg(ContainerProps::containerToString(container))
|
||||
<< m_settings->routeMode();
|
||||
#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) && !defined(MACOS_NE)
|
||||
if (!m_IpcClient) {
|
||||
m_IpcClient = new IpcClient(this);
|
||||
}
|
||||
|
||||
if (!m_IpcClient->isSocketConnected()) {
|
||||
if (!IpcClient::init(m_IpcClient)) {
|
||||
qWarning() << "Error occurred when init IPC client";
|
||||
emit serviceIsNotReady();
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
return;
|
||||
}
|
||||
if (!InterfaceReady()) {
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Error);
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
|
||||
m_remoteAddress = NetworkUtilities::getIPAddress(credentials.hostName);
|
||||
emit connectionStateChanged(Vpn::ConnectionState::Connecting);
|
||||
@@ -442,13 +443,18 @@ QString VpnConnection::bytesPerSecToText(quint64 bytes)
|
||||
void VpnConnection::disconnectFromVpn()
|
||||
{
|
||||
#ifdef AMNEZIA_DESKTOP
|
||||
QString proto = m_settings->defaultContainerName(m_settings->defaultServerIndex());
|
||||
if (IpcClient::Interface()) {
|
||||
IpcClient::Interface()->flushDns();
|
||||
if (InterfaceReady()) {
|
||||
|
||||
m_vpnProtocol.data()->stop();
|
||||
qDebug() << "Interface is ready!";
|
||||
|
||||
QRemoteObjectPendingReply<bool> flushDnsResp = IpcClient::Interface()->flushDns();
|
||||
flushDnsResp.waitForFinished(1000);
|
||||
|
||||
qDebug() << "Flushed DNS";
|
||||
// delete cached routes
|
||||
QRemoteObjectPendingReply<bool> response = IpcClient::Interface()->clearSavedRoutes();
|
||||
response.waitForFinished(1000);
|
||||
QRemoteObjectPendingReply<bool> clearSavedRoutesResp = IpcClient::Interface()->clearSavedRoutes();
|
||||
clearSavedRoutesResp.waitForFinished(1000);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -477,12 +483,13 @@ void VpnConnection::disconnectFromVpn()
|
||||
return;
|
||||
}
|
||||
|
||||
#ifndef Q_OS_ANDROID
|
||||
#if !defined(Q_OS_ANDROID) && !defined(AMNEZIA_DESKTOP)
|
||||
if (m_vpnProtocol) {
|
||||
m_vpnProtocol->deleteLater();
|
||||
}
|
||||
m_vpnProtocol = nullptr;
|
||||
#endif
|
||||
|
||||
m_vpnProtocol = nullptr;
|
||||
}
|
||||
|
||||
Vpn::ConnectionState VpnConnection::connectionState()
|
||||
|
||||
@@ -56,6 +56,7 @@ public slots:
|
||||
void deleteRoutes(const QStringList &ips);
|
||||
void flushDns();
|
||||
void onKillSwitchModeChanged(bool enabled);
|
||||
void disconnectSlots();
|
||||
|
||||
signals:
|
||||
void bytesChanged(quint64 receivedBytes, quint64 sentBytes);
|
||||
@@ -95,6 +96,7 @@ private:
|
||||
|
||||
void appendSplitTunnelingConfig();
|
||||
void appendKillSwitchConfig();
|
||||
bool InterfaceReady();
|
||||
};
|
||||
|
||||
#endif // VPNCONNECTION_H
|
||||
|
||||
@@ -12,7 +12,7 @@ class IpcInterface
|
||||
SLOT( int routeAddList(const QString &gw, const QStringList &ips) );
|
||||
SLOT( bool clearSavedRoutes() );
|
||||
SLOT( bool routeDeleteList(const QString &gw, const QStringList &ip) );
|
||||
SLOT( void flushDns() );
|
||||
SLOT( bool flushDns() );
|
||||
SLOT( void resetIpStack() );
|
||||
|
||||
SLOT( bool checkAndInstallDriver() );
|
||||
@@ -25,8 +25,8 @@ class IpcInterface
|
||||
SLOT( bool createTun(const QString &dev, const QString &subnet) );
|
||||
SLOT( bool deleteTun(const QString &dev) );
|
||||
|
||||
SLOT( void StartRoutingIpv6() );
|
||||
SLOT( void StopRoutingIpv6() );
|
||||
SLOT( bool StartRoutingIpv6() );
|
||||
SLOT( bool StopRoutingIpv6() );
|
||||
|
||||
SLOT( bool disableKillSwitch() );
|
||||
SLOT( bool disableAllTraffic() );
|
||||
@@ -36,17 +36,5 @@ class IpcInterface
|
||||
SLOT( bool enablePeerTraffic( const QJsonObject &configStr) );
|
||||
SLOT( bool enableKillSwitch( const QJsonObject &excludeAddr, int vpnAdapterIndex) );
|
||||
SLOT( bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers) );
|
||||
|
||||
SLOT( bool writeIPsecCaCert(QString cacert, QString uuid) );
|
||||
SLOT( bool writeIPsecPrivate(QString privKey, QString uuid) );
|
||||
SLOT( bool writeIPsecConfig(QString config) );
|
||||
SLOT( bool writeIPsecUserCert(QString usercert, QString uuid) );
|
||||
SLOT( bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) );
|
||||
|
||||
SLOT( bool stopIPsec(QString tunnelName) );
|
||||
SLOT( bool startIPsec(QString tunnelName) );
|
||||
|
||||
SLOT( QString getTunnelStatus(QString tunnelName) );
|
||||
|
||||
};
|
||||
|
||||
|
||||
@@ -4,7 +4,6 @@
|
||||
#include <QFileInfo>
|
||||
#include <QLocalSocket>
|
||||
#include <QObject>
|
||||
#include <QJsonArray>
|
||||
|
||||
#include "logger.h"
|
||||
#include "router.h"
|
||||
@@ -84,7 +83,7 @@ bool IpcServer::routeDeleteList(const QString &gw, const QStringList &ips)
|
||||
return Router::routeDeleteList(gw, ips);
|
||||
}
|
||||
|
||||
void IpcServer::flushDns()
|
||||
bool IpcServer::flushDns()
|
||||
{
|
||||
#ifdef MZ_DEBUG
|
||||
qDebug() << "IpcServer::flushDns";
|
||||
@@ -158,14 +157,13 @@ bool IpcServer::updateResolvers(const QString &ifname, const QList<QHostAddress>
|
||||
return Router::updateResolvers(ifname, resolvers);
|
||||
}
|
||||
|
||||
void IpcServer::StartRoutingIpv6()
|
||||
bool IpcServer::StartRoutingIpv6()
|
||||
{
|
||||
Router::StartRoutingIpv6();
|
||||
return Router::StartRoutingIpv6();
|
||||
}
|
||||
|
||||
void IpcServer::StopRoutingIpv6()
|
||||
bool IpcServer::StopRoutingIpv6()
|
||||
{
|
||||
Router::StopRoutingIpv6();
|
||||
return Router::StopRoutingIpv6();
|
||||
}
|
||||
|
||||
void IpcServer::setLogsEnabled(bool enabled)
|
||||
@@ -206,196 +204,6 @@ bool IpcServer::disableKillSwitch()
|
||||
return KillSwitch::instance()->disableKillSwitch();
|
||||
}
|
||||
|
||||
bool IpcServer::startIPsec(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess processSystemd;
|
||||
QStringList commandsSystemd;
|
||||
commandsSystemd << "systemctl" << "restart" << "ipsec";
|
||||
processSystemd.start("sudo", commandsSystemd);
|
||||
if (!processSystemd.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel!\n";
|
||||
return false;
|
||||
}
|
||||
else if (!processSystemd.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commandsSystemd.clear();
|
||||
|
||||
QThread::msleep(5000);
|
||||
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "up" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel!\n";
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::stopIPsec(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "down" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecConfig(QString config)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: IPSec config file";
|
||||
QString configFile = QString("/etc/ipsec.conf");
|
||||
QFile ipSecConfFile(configFile);
|
||||
if (ipSecConfFile.open(QIODevice::WriteOnly)) {
|
||||
ipSecConfFile.write(config.toUtf8());
|
||||
ipSecConfFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecUserCert(QString usercert, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: Write user cert " << uuid;
|
||||
QString certName = QString("/etc/ipsec.d/certs/%1.crt").arg(uuid);
|
||||
QFile userCertFile(certName);
|
||||
if (userCertFile.open(QIODevice::WriteOnly)) {
|
||||
userCertFile.write(usercert.toUtf8());
|
||||
userCertFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecCaCert(QString cacert, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: Write CA cert user " << uuid;
|
||||
QString certName = QString("/etc/ipsec.d/cacerts/%1.crt").arg(uuid);
|
||||
QFile caCertFile(certName);
|
||||
if (caCertFile.open(QIODevice::WriteOnly)) {
|
||||
caCertFile.write(cacert.toUtf8());
|
||||
caCertFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecPrivate(QString privKey, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: User private key " << uuid;
|
||||
QString privateKey = QString("/etc/ipsec.d/private/%1.p12").arg(uuid);
|
||||
QFile pKeyFile(privateKey);
|
||||
if (pKeyFile.open(QIODevice::WriteOnly)) {
|
||||
pKeyFile.write(QByteArray::fromBase64(privKey.toUtf8()));
|
||||
pKeyFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool IpcServer::writeIPsecPrivatePass(QString pass, QString host, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: User private key " << uuid;
|
||||
const QString secretsFilename = "/etc/ipsec.secrets";
|
||||
QStringList lines;
|
||||
|
||||
{
|
||||
QFile secretsFile(secretsFilename);
|
||||
if (secretsFile.open(QIODevice::ReadOnly | QIODevice::Text))
|
||||
{
|
||||
QTextStream edit(&secretsFile);
|
||||
while (!edit.atEnd()) lines.push_back(edit.readLine());
|
||||
}
|
||||
secretsFile.close();
|
||||
}
|
||||
|
||||
for (auto iter = lines.begin(); iter!=lines.end();)
|
||||
{
|
||||
if (iter->contains(host))
|
||||
{
|
||||
iter = lines.erase(iter);
|
||||
}
|
||||
else
|
||||
{
|
||||
++iter;
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
QFile secretsFile(secretsFilename);
|
||||
if (secretsFile.open(QIODevice::WriteOnly | QIODevice::Text))
|
||||
{
|
||||
QTextStream edit(&secretsFile);
|
||||
for (int i=0; i<lines.size(); i++) edit << lines[i] << Qt::endl;
|
||||
}
|
||||
QString P12 = QString("%any %1 : P12 %2.p12 \"%3\" \n").arg(host, uuid, pass);
|
||||
secretsFile.write(P12.toUtf8());
|
||||
secretsFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
QString IpcServer::getTunnelStatus(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "status" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return "";
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return "";
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
|
||||
QString status = process.readAll();
|
||||
return status;
|
||||
#endif
|
||||
return QString();
|
||||
|
||||
}
|
||||
|
||||
bool IpcServer::enablePeerTraffic(const QJsonObject &configStr)
|
||||
{
|
||||
return KillSwitch::instance()->enablePeerTraffic(configStr);
|
||||
|
||||
@@ -23,7 +23,7 @@ public:
|
||||
virtual int routeAddList(const QString &gw, const QStringList &ips) override;
|
||||
virtual bool clearSavedRoutes() override;
|
||||
virtual bool routeDeleteList(const QString &gw, const QStringList &ips) override;
|
||||
virtual void flushDns() override;
|
||||
virtual bool flushDns() override;
|
||||
virtual void resetIpStack() override;
|
||||
virtual bool checkAndInstallDriver() override;
|
||||
virtual QStringList getTapList() override;
|
||||
@@ -32,8 +32,8 @@ public:
|
||||
virtual void setLogsEnabled(bool enabled) override;
|
||||
virtual bool createTun(const QString &dev, const QString &subnet) override;
|
||||
virtual bool deleteTun(const QString &dev) override;
|
||||
virtual void StartRoutingIpv6() override;
|
||||
virtual void StopRoutingIpv6() override;
|
||||
virtual bool StartRoutingIpv6() override;
|
||||
virtual bool StopRoutingIpv6() override;
|
||||
virtual bool disableAllTraffic() override;
|
||||
virtual bool addKillSwitchAllowedRange(QStringList ranges) override;
|
||||
virtual bool resetKillSwitchAllowedRange(QStringList ranges) override;
|
||||
@@ -42,14 +42,6 @@ public:
|
||||
virtual bool disableKillSwitch() override;
|
||||
virtual bool refreshKillSwitch( bool enabled ) override;
|
||||
virtual bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers) override;
|
||||
virtual bool writeIPsecCaCert(QString cacert, QString uuid) override;
|
||||
virtual bool writeIPsecPrivate(QString privKey, QString uuid) override;
|
||||
virtual bool writeIPsecConfig(QString config) override;
|
||||
virtual bool writeIPsecUserCert(QString usercert, QString uuid) override;
|
||||
virtual bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) override;
|
||||
virtual bool stopIPsec(QString tunnelName) override;
|
||||
virtual bool startIPsec(QString tunnelName) override;
|
||||
virtual QString getTunnelStatus(QString tunnelName) override;
|
||||
|
||||
private:
|
||||
int m_localpid = 0;
|
||||
|
||||
@@ -98,6 +98,17 @@ bool KillSwitch::disableKillSwitch() {
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), false);
|
||||
} else {
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), false);
|
||||
LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), false);
|
||||
LinuxFirewall::uninstall();
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -42,14 +42,14 @@ int Router::routeDeleteList(const QString &gw, const QStringList &ips)
|
||||
#endif
|
||||
}
|
||||
|
||||
void Router::flushDns()
|
||||
bool Router::flushDns()
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
RouterWin::Instance().flushDns();
|
||||
return RouterWin::Instance().flushDns();
|
||||
#elif defined (Q_OS_MAC)
|
||||
RouterMac::Instance().flushDns();
|
||||
return RouterMac::Instance().flushDns();
|
||||
#elif defined Q_OS_LINUX
|
||||
RouterLinux::Instance().flushDns();
|
||||
return RouterLinux::Instance().flushDns();
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -100,25 +100,25 @@ bool Router::updateResolvers(const QString& ifname, const QList<QHostAddress>& r
|
||||
}
|
||||
|
||||
|
||||
void Router::StopRoutingIpv6()
|
||||
bool Router::StopRoutingIpv6()
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
RouterWin::Instance().StopRoutingIpv6();
|
||||
return RouterWin::Instance().StopRoutingIpv6();
|
||||
#elif defined (Q_OS_MAC)
|
||||
// todo fixme
|
||||
return true;// todo fixme
|
||||
#elif defined Q_OS_LINUX
|
||||
RouterLinux::Instance().StopRoutingIpv6();
|
||||
return RouterLinux::Instance().StopRoutingIpv6();
|
||||
#endif
|
||||
}
|
||||
|
||||
void Router::StartRoutingIpv6()
|
||||
bool Router::StartRoutingIpv6()
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
RouterWin::Instance().StartRoutingIpv6();
|
||||
return RouterWin::Instance().StartRoutingIpv6();
|
||||
#elif defined (Q_OS_MAC)
|
||||
// todo fixme
|
||||
return true;// todo fixme
|
||||
#elif defined Q_OS_LINUX
|
||||
RouterLinux::Instance().StartRoutingIpv6();
|
||||
return RouterLinux::Instance().StartRoutingIpv6();
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
@@ -19,12 +19,12 @@ public:
|
||||
static int routeAddList(const QString &gw, const QStringList &ips);
|
||||
static bool clearSavedRoutes();
|
||||
static int routeDeleteList(const QString &gw, const QStringList &ips);
|
||||
static void flushDns();
|
||||
static bool flushDns();
|
||||
static void resetIpStack();
|
||||
static bool createTun(const QString &dev, const QString &subnet);
|
||||
static bool deleteTun(const QString &dev);
|
||||
static void StartRoutingIpv6();
|
||||
static void StopRoutingIpv6();
|
||||
static bool StartRoutingIpv6();
|
||||
static bool StopRoutingIpv6();
|
||||
static bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
|
||||
};
|
||||
|
||||
|
||||
@@ -160,7 +160,7 @@ bool RouterLinux::isServiceActive(const QString &serviceName) {
|
||||
return process.exitCode() == 0;
|
||||
}
|
||||
|
||||
void RouterLinux::flushDns()
|
||||
bool RouterLinux::flushDns()
|
||||
{
|
||||
QProcess p;
|
||||
p.setProcessChannelMode(QProcess::MergedChannels);
|
||||
@@ -174,7 +174,7 @@ void RouterLinux::flushDns()
|
||||
p.start("systemctl", { "restart", "systemd-resolved" });
|
||||
} else {
|
||||
qDebug() << "No suitable DNS manager found.";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
|
||||
p.waitForFinished();
|
||||
@@ -183,6 +183,8 @@ void RouterLinux::flushDns()
|
||||
qDebug().noquote() << "Flush dns completed";
|
||||
else
|
||||
qDebug().noquote() << "OUTPUT systemctl restart nscd/systemd-resolved: " + output;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RouterLinux::createTun(const QString &dev, const QString &subnet) {
|
||||
@@ -279,7 +281,7 @@ bool RouterLinux::updateResolvers(const QString& ifname, const QList<QHostAddres
|
||||
return m_dnsUtil->updateResolvers(ifname, resolvers);
|
||||
}
|
||||
|
||||
void RouterLinux::StartRoutingIpv6()
|
||||
bool RouterLinux::StartRoutingIpv6()
|
||||
{
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
@@ -289,12 +291,12 @@ void RouterLinux::StartRoutingIpv6()
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start activate ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not activate ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
@@ -303,19 +305,20 @@ void RouterLinux::StartRoutingIpv6()
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start activate ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not activate ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
qDebug().noquote() << "StartRoutingIpv6 OK";
|
||||
return true;
|
||||
}
|
||||
|
||||
void RouterLinux::StopRoutingIpv6()
|
||||
bool RouterLinux::StopRoutingIpv6()
|
||||
{
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
@@ -325,12 +328,12 @@ void RouterLinux::StopRoutingIpv6()
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start disable ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not disable ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
@@ -339,14 +342,15 @@ void RouterLinux::StopRoutingIpv6()
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start disable ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not disable ipv6\n";
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
qDebug().noquote() << "StopRoutingIpv6 OK";
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -30,11 +30,11 @@ public:
|
||||
bool routeDelete(const QString &ip, const QString &gw, const int &sock);
|
||||
bool routeDeleteList(const QString &gw, const QStringList &ips);
|
||||
QString getgatewayandiface();
|
||||
void flushDns();
|
||||
bool flushDns();
|
||||
bool createTun(const QString &dev, const QString &subnet);
|
||||
bool deleteTun(const QString &dev);
|
||||
void StartRoutingIpv6();
|
||||
void StopRoutingIpv6();
|
||||
bool StartRoutingIpv6();
|
||||
bool StopRoutingIpv6();
|
||||
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
|
||||
public slots:
|
||||
|
||||
|
||||
@@ -166,7 +166,7 @@ bool RouterMac::deleteTun(const QString &dev)
|
||||
return true;
|
||||
}
|
||||
|
||||
void RouterMac::flushDns()
|
||||
bool RouterMac::flushDns()
|
||||
{
|
||||
// sudo killall -HUP mDNSResponder
|
||||
QProcess p;
|
||||
@@ -174,5 +174,7 @@ void RouterMac::flushDns()
|
||||
|
||||
p.start("killall", QStringList() << "-HUP" << "mDNSResponder");
|
||||
p.waitForFinished();
|
||||
|
||||
qDebug().noquote() << "OUTPUT killall -HUP mDNSResponder: " + p.readAll();
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -29,7 +29,7 @@ public:
|
||||
bool clearSavedRoutes();
|
||||
bool routeDelete(const QString &ip, const QString &gw);
|
||||
bool routeDeleteList(const QString &gw, const QStringList &ips);
|
||||
void flushDns();
|
||||
bool flushDns();
|
||||
bool createTun(const QString &dev, const QString &subnet);
|
||||
bool deleteTun(const QString &dev);
|
||||
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
|
||||
|
||||
@@ -273,7 +273,7 @@ int RouterWin::routeDeleteList(const QString &gw, const QStringList &ips)
|
||||
return success_count;
|
||||
}
|
||||
|
||||
void RouterWin::flushDns()
|
||||
bool RouterWin::flushDns()
|
||||
{
|
||||
QProcess p;
|
||||
p.setProcessChannelMode(QProcess::MergedChannels);
|
||||
@@ -281,6 +281,7 @@ void RouterWin::flushDns()
|
||||
|
||||
p.start(command);
|
||||
p.waitForFinished();
|
||||
return true;
|
||||
//qDebug().noquote() << "OUTPUT ipconfig /flushdns: " + p.readAll();
|
||||
}
|
||||
|
||||
@@ -444,7 +445,7 @@ bool RouterWin::updateResolvers(const QString& ifname, const QList<QHostAddress>
|
||||
}
|
||||
|
||||
|
||||
void RouterWin::StopRoutingIpv6()
|
||||
bool RouterWin::StopRoutingIpv6()
|
||||
{
|
||||
{
|
||||
QProcess p;
|
||||
@@ -464,9 +465,10 @@ void RouterWin::StopRoutingIpv6()
|
||||
p.start(command);
|
||||
p.waitForFinished();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
void RouterWin::StartRoutingIpv6()
|
||||
bool RouterWin::StartRoutingIpv6()
|
||||
{
|
||||
{
|
||||
QProcess p;
|
||||
@@ -486,5 +488,6 @@ void RouterWin::StartRoutingIpv6()
|
||||
p.start(command);
|
||||
p.waitForFinished();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -39,11 +39,11 @@ public:
|
||||
int routeAddList(const QString &gw, const QStringList &ips);
|
||||
bool clearSavedRoutes();
|
||||
int routeDeleteList(const QString &gw, const QStringList &ips);
|
||||
void flushDns();
|
||||
bool flushDns();
|
||||
void resetIpStack();
|
||||
|
||||
void StartRoutingIpv6();
|
||||
void StopRoutingIpv6();
|
||||
bool StartRoutingIpv6();
|
||||
bool StopRoutingIpv6();
|
||||
|
||||
void suspendWcmSvc(bool suspend);
|
||||
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
|
||||
|
||||
Reference in New Issue
Block a user