Check openvpn config for scripts

QML refactoring
2022-08-29 01:32:42 +03:00 · 2022-08-29 01:32:42 +03:00 · 3a5a7bf674
commit 3a5a7bf674
parent 7c749a964c
19 changed files with 367 additions and 121 deletions
--- a/client/ui/pages_logic/GeneralSettingsLogic.cpp
+++ b/client/ui/pages_logic/GeneralSettingsLogic.cpp
@ -34,6 +34,6 @@ void GeneralSettingsLogic::onPushButtonGeneralSettingsShareConnectionClicked()
    qobject_cast<ProtocolsModel *>(uiLogic()->protocolsModel())->setSelectedServerIndex(uiLogic()->selectedServerIndex);
    qobject_cast<ProtocolsModel *>(uiLogic()->protocolsModel())->setSelectedDockerContainer(uiLogic()->selectedDockerContainer);

-    uiLogic()->shareConnectionLogic()->updateSharingPage(uiLogic()->selectedServerIndex, uiLogic()->selectedDockerContainer);
+    uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(uiLogic()->selectedServerIndex, uiLogic()->selectedDockerContainer);
    emit uiLogic()->goToPage(Page::ShareConnection);
 }
--- a/client/ui/pages_logic/QrDecoderLogic.cpp
+++ b/client/ui/pages_logic/QrDecoderLogic.cpp
@ -54,7 +54,7 @@ void QrDecoderLogic::onDetectedQrCode(const QString &code)
                data.append(m_chunks.value(i));
            }

-            bool ok = uiLogic()->startPageLogic()->importConnectionFromQr(data);
+            bool ok = uiLogic()->pageLogic<StartPageLogic>()->importConnectionFromQr(data);
            if (ok) {
                set_detectingEnabled(false);
                emit stopDecode();
@ -67,7 +67,7 @@ void QrDecoderLogic::onDetectedQrCode(const QString &code)
        }
    }
    else {
-        bool ok = uiLogic()->startPageLogic()->importConnectionFromQr(ba);
+        bool ok = uiLogic()->pageLogic<StartPageLogic>()->importConnectionFromQr(ba);
        if (ok) {
            set_detectingEnabled(false);
            emit stopDecode();
--- a/client/ui/pages_logic/ServerContainersLogic.cpp
+++ b/client/ui/pages_logic/ServerContainersLogic.cpp
@ -54,13 +54,13 @@ void ServerContainersLogic::onPushButtonDefaultClicked(DockerContainer c)
    if (!uiLogic()->m_vpnConnection) return;
    if (!uiLogic()->m_vpnConnection->isConnected()) return;

-    uiLogic()->vpnLogic()->onDisconnect();
-    uiLogic()->vpnLogic()->onConnect();
+    uiLogic()->pageLogic<VpnLogic>()->onDisconnect();
+    uiLogic()->pageLogic<VpnLogic>()->onConnect();
 }

 void ServerContainersLogic::onPushButtonShareClicked(DockerContainer c)
 {
-    uiLogic()->shareConnectionLogic()->updateSharingPage(uiLogic()->selectedServerIndex, c);
+    uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(uiLogic()->selectedServerIndex, c);
    emit uiLogic()->goToPage(Page::ShareConnection);
 }

@ -86,7 +86,7 @@ void ServerContainersLogic::onPushButtonContinueClicked(DockerContainer c, int p
    emit uiLogic()->goToPage(Page::ServerConfiguringProgress);
    qApp->processEvents();

-    ErrorCode e = uiLogic()->serverConfiguringProgressLogic()->doInstallAction([this, c, &config](){
+    ErrorCode e = uiLogic()->pageLogic<ServerConfiguringProgressLogic>()->doInstallAction([this, c, &config](){
        return m_serverController->setupContainer(m_settings->serverCredentials(uiLogic()->selectedServerIndex), c, config);
    });

--- a/client/ui/pages_logic/ServerSettingsLogic.cpp
+++ b/client/ui/pages_logic/ServerSettingsLogic.cpp
@ -49,7 +49,7 @@ void ServerSettingsLogic::onPushButtonClearServer()
    set_pushButtonClearText(tr("Uninstalling Amnezia software..."));

    if (m_settings->defaultServerIndex() == uiLogic()->selectedServerIndex) {
-        uiLogic()->vpnLogic()->onDisconnect();
+        uiLogic()->pageLogic<VpnLogic>()->onDisconnect();
    }

    ErrorCode e = m_serverController->removeAllContainers(m_settings->serverCredentials(uiLogic()->selectedServerIndex));
@ -76,7 +76,7 @@ void ServerSettingsLogic::onPushButtonClearServer()
 void ServerSettingsLogic::onPushButtonForgetServer()
 {
    if (m_settings->defaultServerIndex() == uiLogic()->selectedServerIndex && uiLogic()->m_vpnConnection->isConnected()) {
-        uiLogic()->vpnLogic()->onDisconnect();
+        uiLogic()->pageLogic<VpnLogic>()->onDisconnect();
    }
    m_settings->removeServer(uiLogic()->selectedServerIndex);

@ -128,6 +128,6 @@ void ServerSettingsLogic::onLineEditDescriptionEditingFinished()

 void ServerSettingsLogic::onPushButtonShareFullClicked()
 {
-    uiLogic()->shareConnectionLogic()->updateSharingPage(uiLogic()->selectedServerIndex, DockerContainer::None);
+    uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(uiLogic()->selectedServerIndex, DockerContainer::None);
    emit uiLogic()->goToShareProtocolPage(Proto::Any);
 }
--- a/client/ui/pages_logic/SitesLogic.cpp
+++ b/client/ui/pages_logic/SitesLogic.cpp
@ -40,7 +40,7 @@ void SitesLogic::onUpdatePage()

 void SitesLogic::onPushButtonAddCustomSitesClicked()
 {
-    if (uiLogic()->vpnLogic()->radioButtonVpnModeAllSitesChecked()) {
+    if (uiLogic()->pageLogic<VpnLogic>()->radioButtonVpnModeAllSitesChecked()) {
        return;
    }
    Settings::RouteMode mode = m_settings->routeMode();
--- a/client/ui/pages_logic/StartPageLogic.cpp
+++ b/client/ui/pages_logic/StartPageLogic.cpp
@ -1,4 +1,6 @@
 #include "StartPageLogic.h"
+#include "ViewConfigLogic.h"
+
 #include "core/errorstrings.h"
 #include "configurators/ssh_configurator.h"
 #include "configurators/vpn_configurator.h"
@ -17,13 +19,7 @@ StartPageLogic::StartPageLogic(UiLogic *logic, QObject *parent):
    m_pushButtonConnectEnabled{true},
    m_pushButtonConnectText{tr("Connect")},
    m_pushButtonConnectKeyChecked{false},
-    m_lineEditStartExistingCodeText{},
-    m_textEditSshKeyText{},
-    m_lineEditIpText{},
-    m_lineEditPasswordText{},
-    m_lineEditLoginText{},
    m_labelWaitInfoVisible{true},
-    m_labelWaitInfoText{},
    m_pushButtonBackFromStartVisible{true},
    m_ipAddressPortRegex{Utils::ipAddressPortRegExp()}
 {
@ -150,11 +146,9 @@ bool StartPageLogic::importConnection(const QJsonObject &profile)
    credentials.password = profile.value(config_key::password).toString();

    if (credentials.isValid() || profile.contains(config_key::containers)) {
-        m_settings->addServer(profile);
-        m_settings->setDefaultServer(m_settings->serversCount() - 1);
-
-        emit uiLogic()->goToPage(Page::Vpn);
-        emit uiLogic()->setStartPage(Page::Vpn);
+        // check config
+        uiLogic()->pageLogic<ViewConfigLogic>()->set_configJson(profile);
+        emit uiLogic()->goToPage(Page::ViewConfig);
    }
    else {
        qDebug() << "Failed to import profile";
--- a/client/ui/pages_logic/ViewConfigLogic.cpp
+++ b/client/ui/pages_logic/ViewConfigLogic.cpp
@ -0,0 +1,67 @@
+#include "ViewConfigLogic.h"
+#include "core/errorstrings.h"
+#include "../uilogic.h"
+
+
+ViewConfigLogic::ViewConfigLogic(UiLogic *logic, QObject *parent):
+    PageLogicBase(logic, parent)
+{
+
+}
+
+void ViewConfigLogic::onUpdatePage()
+{
+    set_configText(QJsonDocument(configJson()).toJson());
+
+    m_openVpnLastConfigs = m_openVpnMalStrings =
+            "<style> \
+            div { line-height: 0.5; } \
+            </style><div>";
+
+    m_warningStringNumber = 3;
+    m_warningActive = false;
+
+    const QJsonArray &containers = configJson()[config_key::containers].toArray();
+    int i = 0;
+    for (const QJsonValue &v: containers) {
+        QString cfg_json = v.toObject()[ProtocolProps::protoToString(Proto::OpenVpn)]
+                .toObject()[config_key::last_config].toString();
+
+        QString openvpn_cfg = QJsonDocument::fromJson(cfg_json.toUtf8()).object()[config_key::config]
+                .toString();
+
+        openvpn_cfg.replace("\r", "");
+
+        QStringList lines = openvpn_cfg.split("\n");
+        for (const QString &l: lines) {
+            i++;
+            QRegularExpressionMatch match = m_re.match(l);
+            if (dangerousTags.contains(match.captured(0))) {
+                QString t = QString("<p><font color=\"red\">%1</font>").arg(l);
+                m_openVpnLastConfigs.append(t + "\n");
+                m_openVpnMalStrings.append(t);
+                if (m_warningStringNumber == 3) m_warningStringNumber = i - 3;
+                m_warningActive = true;
+                qDebug() << "ViewConfigLogic : malicious scripts warning:" << l;
+            }
+            else {
+                m_openVpnLastConfigs.append("<p>" + l + "&nbsp;\n");
+            }
+        }
+    }
+
+    emit openVpnLastConfigsChanged(m_openVpnLastConfigs);
+    emit openVpnMalStringsChanged(m_openVpnMalStrings);
+    emit warningStringNumberChanged(m_warningStringNumber);
+    emit warningActiveChanged(m_warningActive);
+}
+
+void ViewConfigLogic::importConfig()
+{
+    m_settings->addServer(configJson());
+    m_settings->setDefaultServer(m_settings->serversCount() - 1);
+
+    emit uiLogic()->goToPage(Page::Vpn);
+    emit uiLogic()->setStartPage(Page::Vpn);
+}
+
--- a/client/ui/pages_logic/ViewConfigLogic.h
+++ b/client/ui/pages_logic/ViewConfigLogic.h
@ -0,0 +1,47 @@
+#ifndef VIEW_CONFIG_LOGIC_H
+#define VIEW_CONFIG_LOGIC_H
+
+#include "PageLogicBase.h"
+
+#include <QJsonObject>
+
+class UiLogic;
+
+class ViewConfigLogic : public PageLogicBase
+{
+    Q_OBJECT
+
+    AUTO_PROPERTY(QString, configText)
+    AUTO_PROPERTY(QString, openVpnLastConfigs)
+    AUTO_PROPERTY(QString, openVpnMalStrings)
+    AUTO_PROPERTY(QJsonObject, configJson)
+    AUTO_PROPERTY(int, warningStringNumber)
+    AUTO_PROPERTY(bool, warningActive)
+
+public:
+    Q_INVOKABLE void onUpdatePage() override;
+    Q_INVOKABLE void importConfig();
+
+
+public:
+    explicit ViewConfigLogic(UiLogic *uiLogic, QObject *parent = nullptr);
+    ~ViewConfigLogic() = default;
+
+private:
+    QRegularExpression m_re {"(\\w+-\\w+|\\w+)"};
+
+    // https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/script-options.rst
+    QStringList dangerousTags {
+        "up",
+        "tls-verify",
+        "ipchange",
+        "client-connect",
+        "route-up",
+        "route-pre-down",
+        "client-disconnect",
+        "down",
+        "learn-address",
+        "auth-user-pass-verify"
+    };
+};
+#endif // VIEW_CONFIG_LOGIC_H