Merge pull request #527 from amnezia-vpn/feature/api-awg
added support for awg configs for api
This commit is contained in:
pokamest
GitHub
commit
30a0ac0def
5 changed files with 66 additions and 35 deletions
|
|
@ -128,7 +128,8 @@ open class ProtocolConfig protected constructor(
|
|||
}
|
||||
|
||||
private fun processExcludedRoutes() {
|
||||
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.TIRAMISU) {
|
||||
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.TIRAMISU && excludedRoutes.isNotEmpty()) {
|
||||
// todo: rewrite, taking into account the current routes
|
||||
// for older versions of Android, build a list of subnets without excluded routes
|
||||
// and add them to routes
|
||||
val ipRangeSet = IpRangeSet()
|
||||
|
|
|
|||
|
|
@ -31,11 +31,11 @@ public:
|
|||
QString processConfigWithLocalSettings(QString config);
|
||||
QString processConfigWithExportSettings(QString config);
|
||||
|
||||
static ConnectionData genClientKeys();
|
||||
|
||||
private:
|
||||
ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
|
||||
const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
|
||||
|
||||
ConnectionData genClientKeys();
|
||||
|
||||
bool m_isAwg;
|
||||
QString m_serverConfigPath;
|
||||
|
|
|
|||
|
|
@ -5,12 +5,14 @@
|
|||
#include <QNetworkReply>
|
||||
|
||||
#include "configurators/openvpn_configurator.h"
|
||||
#include "configurators/wireguard_configurator.h"
|
||||
|
||||
namespace
|
||||
{
|
||||
namespace configKey
|
||||
{
|
||||
constexpr char cloak[] = "cloak";
|
||||
constexpr char awg[] = "awg";
|
||||
|
||||
constexpr char apiEdnpoint[] = "api_endpoint";
|
||||
constexpr char accessToken[] = "api_key";
|
||||
|
|
@ -26,33 +28,42 @@ ApiController::ApiController(const QSharedPointer<ServersModel> &serversModel,
|
|||
{
|
||||
}
|
||||
|
||||
QString ApiController::genPublicKey(const QString &protocol)
|
||||
{
|
||||
if (protocol == configKey::cloak) {
|
||||
return ".";
|
||||
}
|
||||
return QString();
|
||||
}
|
||||
|
||||
QString ApiController::genCertificateRequest(const QString &protocol)
|
||||
{
|
||||
if (protocol == configKey::cloak) {
|
||||
m_certRequest = OpenVpnConfigurator::createCertRequest();
|
||||
return m_certRequest.request;
|
||||
}
|
||||
return QString();
|
||||
}
|
||||
|
||||
void ApiController::processCloudConfig(const QString &protocol, QString &config)
|
||||
void ApiController::processCloudConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, QString &config)
|
||||
{
|
||||
if (protocol == configKey::cloak) {
|
||||
config.replace("<key>", "<key>\n");
|
||||
config.replace("$OPENVPN_PRIV_KEY", m_certRequest.privKey);
|
||||
config.replace("$OPENVPN_PRIV_KEY", apiPayloadData.certRequest.privKey);
|
||||
return;
|
||||
} else if (protocol == configKey::awg) {
|
||||
config.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", apiPayloadData.wireGuardClientPrivKey);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
ApiController::ApiPayloadData ApiController::generateApiPayloadData(const QString &protocol)
|
||||
{
|
||||
ApiController::ApiPayloadData apiPayload;
|
||||
if (protocol == configKey::cloak) {
|
||||
apiPayload.certRequest = OpenVpnConfigurator::createCertRequest();
|
||||
} else if (protocol == configKey::awg) {
|
||||
auto connData = WireguardConfigurator::genClientKeys();
|
||||
apiPayload.wireGuardClientPubKey = connData.clientPubKey;
|
||||
apiPayload.wireGuardClientPrivKey = connData.clientPrivKey;
|
||||
}
|
||||
return apiPayload;
|
||||
}
|
||||
|
||||
QJsonObject ApiController::fillApiPayload(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData)
|
||||
{
|
||||
QJsonObject obj;
|
||||
if (protocol == configKey::cloak) {
|
||||
obj[configKey::certificate] = apiPayloadData.certRequest.request;
|
||||
} else if (protocol == configKey::awg) {
|
||||
obj[configKey::publicKey] = apiPayloadData.wireGuardClientPubKey;
|
||||
}
|
||||
return obj;
|
||||
}
|
||||
|
||||
bool ApiController::updateServerConfigFromApi()
|
||||
{
|
||||
auto serverConfig = m_serversModel->getDefaultServerConfig();
|
||||
|
|
@ -71,13 +82,9 @@ bool ApiController::updateServerConfigFromApi()
|
|||
|
||||
QString protocol = serverConfig.value(configKey::protocol).toString();
|
||||
|
||||
QJsonObject obj;
|
||||
auto apiPayloadData = generateApiPayloadData(protocol);
|
||||
|
||||
obj[configKey::publicKey] = genPublicKey(protocol);
|
||||
obj[configKey::certificate] = genCertificateRequest(protocol);
|
||||
|
||||
QByteArray requestBody = QJsonDocument(obj).toJson();
|
||||
qDebug() << requestBody;
|
||||
QByteArray requestBody = QJsonDocument(fillApiPayload(protocol, apiPayloadData)).toJson();
|
||||
|
||||
QScopedPointer<QNetworkReply> reply;
|
||||
reply.reset(manager.post(request, requestBody));
|
||||
|
|
@ -100,7 +107,7 @@ bool ApiController::updateServerConfigFromApi()
|
|||
}
|
||||
|
||||
QString configStr = ba;
|
||||
processCloudConfig(protocol, configStr);
|
||||
processCloudConfig(protocol, apiPayloadData, configStr);
|
||||
|
||||
QJsonObject cloudConfig = QJsonDocument::fromJson(configStr.toUtf8()).object();
|
||||
|
||||
|
|
|
|||
|
|
@ -22,15 +22,19 @@ signals:
|
|||
void errorOccurred(const QString &errorMessage);
|
||||
|
||||
private:
|
||||
QString genPublicKey(const QString &protocol);
|
||||
QString genCertificateRequest(const QString &protocol);
|
||||
struct ApiPayloadData {
|
||||
OpenVpnConfigurator::ConnectionData certRequest;
|
||||
|
||||
void processCloudConfig(const QString &protocol, QString &config);
|
||||
QString wireGuardClientPrivKey;
|
||||
QString wireGuardClientPubKey;
|
||||
};
|
||||
|
||||
ApiPayloadData generateApiPayloadData(const QString &protocol);
|
||||
QJsonObject fillApiPayload(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData);
|
||||
void processCloudConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, QString &config);
|
||||
|
||||
QSharedPointer<ServersModel> m_serversModel;
|
||||
QSharedPointer<ContainersModel> m_containersModel;
|
||||
|
||||
OpenVpnConfigurator::ConnectionData m_certRequest;
|
||||
};
|
||||
|
||||
#endif // APICONTROLLER_H
|
||||
|
|
|
|||
|
|
@ -388,6 +388,25 @@ void VpnConnection::createProtocolConnections()
|
|||
|
||||
void VpnConnection::appendSplitTunnelingConfig()
|
||||
{
|
||||
if (m_vpnConfiguration.value(config_key::configVersion).toInt()) {
|
||||
auto protocolName = m_vpnConfiguration.value(config_key::vpnproto).toString();
|
||||
if (protocolName == ProtocolProps::protoToString(Proto::Awg)) {
|
||||
auto configData = m_vpnConfiguration.value(protocolName + "_config_data").toObject();
|
||||
QJsonArray allowedIpsJsonArray = QJsonArray::fromStringList(configData.value("allowed_ips").toString().split(","));
|
||||
QJsonArray defaultAllowedIP = QJsonArray::fromStringList(QString("0.0.0.0/0, ::/0").split(","));
|
||||
|
||||
if (allowedIpsJsonArray != defaultAllowedIP) {
|
||||
allowedIpsJsonArray.append(m_vpnConfiguration.value(config_key::dns1).toString());
|
||||
allowedIpsJsonArray.append(m_vpnConfiguration.value(config_key::dns2).toString());
|
||||
|
||||
m_vpnConfiguration.insert(config_key::splitTunnelType, Settings::RouteMode::VpnOnlyForwardSites);
|
||||
m_vpnConfiguration.insert(config_key::splitTunnelSites, allowedIpsJsonArray);
|
||||
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
auto routeMode = m_settings->routeMode();
|
||||
auto sites = m_settings->getVpnIps(routeMode);
|
||||
|
||||
|
|
@ -397,7 +416,7 @@ void VpnConnection::appendSplitTunnelingConfig()
|
|||
}
|
||||
|
||||
// Allow traffic to Amezia DNS
|
||||
if (routeMode == Settings::VpnOnlyForwardSites){
|
||||
if (routeMode == Settings::VpnOnlyForwardSites) {
|
||||
sitesJsonArray.append(m_vpnConfiguration.value(config_key::dns1).toString());
|
||||
sitesJsonArray.append(m_vpnConfiguration.value(config_key::dns2).toString());
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue