diff --git a/client/AmneziaVPN-Swift.h b/client/AmneziaVPN-Swift.h index 35e3a6cc..c04ce421 100644 --- a/client/AmneziaVPN-Swift.h +++ b/client/AmneziaVPN-Swift.h @@ -217,7 +217,7 @@ enum ConnectionState : NSInteger; SWIFT_CLASS("_TtC10AmneziaVPN18IOSVpnProtocolImpl") @interface IOSVpnProtocolImpl : NSObject - (nonnull instancetype)initWithBundleID:(NSString * _Nonnull)bundleID privateKey:(NSData * _Nonnull)privateKey deviceIpv4Address:(NSString * _Nonnull)deviceIpv4Address deviceIpv6Address:(NSString * _Nonnull)deviceIpv6Address closure:(void (^ _Nonnull)(enum ConnectionState, NSDate * _Nullable))closure callback:(void (^ _Nonnull)(BOOL))callback OBJC_DESIGNATED_INITIALIZER; -- (void)connectWithDnsServer:(NSString * _Nonnull)dnsServer serverIpv6Gateway:(NSString * _Nonnull)serverIpv6Gateway serverPublicKey:(NSString * _Nonnull)serverPublicKey serverIpv4AddrIn:(NSString * _Nonnull)serverIpv4AddrIn serverPort:(NSInteger)serverPort allowedIPAddressRanges:(NSArray * _Nonnull)allowedIPAddressRanges ipv6Enabled:(Boolean)enabled reason:(NSInteger)reason failureCallback:(void (^ _Nonnull)(void))failureCallback; +- (void)connectWithDnsServer:(NSString * _Nonnull)dnsServer serverIpv6Gateway:(NSString * _Nonnull)serverIpv6Gateway serverPublicKey:(NSString * _Nonnull)serverPublicKey presharedKey:(NSString * _Nonnull)presharedKey serverIpv4AddrIn:(NSString * _Nonnull)serverIpv4AddrIn serverPort:(NSInteger)serverPort allowedIPAddressRanges:(NSArray * _Nonnull)allowedIPAddressRanges ipv6Enabled:(Boolean)enabled reason:(NSInteger)reason failureCallback:(void (^ _Nonnull)(void))failureCallback; - (void)disconnect; - (void)checkStatusWithCallback:(void (^ _Nonnull)(NSString * _Nonnull, NSString * _Nonnull, NSString * _Nonnull))callback; - (nonnull instancetype)init SWIFT_UNAVAILABLE; diff --git a/client/AmneziaVPNRelease.entitlements b/client/AmneziaVPNRelease.entitlements deleted file mode 100644 index 5b8bd14b..00000000 --- a/client/AmneziaVPNRelease.entitlements +++ /dev/null @@ -1,14 +0,0 @@ - - - - - com.apple.developer.networking.networkextension - - packet-tunnel-provider - - com.apple.security.application-groups - - com.apple.security.files.user-selected.read-write - - - diff --git a/client/client.pro b/client/client.pro index c503ed2a..489edd4f 100644 --- a/client/client.pro +++ b/client/client.pro @@ -299,50 +299,46 @@ ios { Q_ENABLE_BITCODE.name = ENABLE_BITCODE QMAKE_MAC_XCODE_SETTINGS += Q_ENABLE_BITCODE - CONFIG(iphoneos, iphoneos|iphonesimulator) { - message("Building for iPhone OS") - QMAKE_TARGET_BUNDLE_PREFIX = org.amnezia - QMAKE_BUNDLE = AmneziaVPN - QMAKE_IOS_DEPLOYMENT_TARGET = 12.0 - QMAKE_APPLE_TARGETED_DEVICE_FAMILY = 1 - QMAKE_DEVELOPMENT_TEAM = X7UJ388FXK - QMAKE_PROVISIONING_PROFILE = f2fefb59-14aa-4aa9-ac14-1d5531b06dcc - QMAKE_XCODE_CODE_SIGN_IDENTITY = "Apple Distribution" - - XCODEBUILD_FLAGS += -allowProvisioningUpdates - - DEFINES += iphoneos - - contains(QT_ARCH, arm64) { - message("Building for iOS/ARM v8 64-bit architecture") - ARCH_TAG = "ios_armv8_64" - - LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libcrypto.a - LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libssl.a - } else { - message("Building for iOS/ARM v7 (32-bit) architecture") - ARCH_TAG = "ios_armv7" - } - } - - CONFIG(iphonesimulator, iphoneos|iphonesimulator) { - message("Building for iPhone Simulator") - ARCH_TAG = "ios_x86_64" +# CONFIG(iphoneos, iphoneos|iphonesimulator) { + iphoneos { + message("Building for iPhone OS") + QMAKE_TARGET_BUNDLE_PREFIX = org.amnezia + QMAKE_BUNDLE = AmneziaVPN + QMAKE_IOS_DEPLOYMENT_TARGET = 12.0 + QMAKE_APPLE_TARGETED_DEVICE_FAMILY = 1 + QMAKE_DEVELOPMENT_TEAM = X7UJ388FXK + QMAKE_PROVISIONING_PROFILE = f2fefb59-14aa-4aa9-ac14-1d5531b06dcc + QMAKE_XCODE_CODE_SIGN_IDENTITY = "Apple Distribution" + QMAKE_INFO_PLIST= $$PWD/ios/app/Info.plist - DEFINES += iphoneos + XCODEBUILD_FLAGS += -allowProvisioningUpdates + DEFINES += iphoneos + + contains(QT_ARCH, arm64) { + message("Building for iOS/ARM v8 64-bit architecture") + ARCH_TAG = "ios_armv8_64" + LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libcrypto.a LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libssl.a + } else { + message("Building for iOS/ARM v7 (32-bit) architecture") + ARCH_TAG = "ios_armv7" + } } +# } + # CONFIG(iphonesimulator, iphoneos|iphonesimulator) { -# message("Building for iPhone Simulator") -# ARCH_TAG = "ios_x86_64" -# -# DEFINES += iphonesimulator -# -# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libcrypto.a -# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libssl.a +# iphonesimulator { +# message("Building for iPhone Simulator") +# ARCH_TAG = "ios_x86_64" +# +# DEFINES += iphonesimulator +# +# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libcrypto.a +# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libssl.a +# } # } NETWORKEXTENSION=1 diff --git a/client/ios/app/Info.plist b/client/ios/app/Info.plist index 8bbb0d55..3c0f289e 100644 --- a/client/ios/app/Info.plist +++ b/client/ios/app/Info.plist @@ -2,8 +2,6 @@ - ADJUST_SDK_TOKEN - $(ADJUST_SDK_TOKEN) CFBundleAllowMixedLocalizations CFBundleDevelopmentRegion @@ -36,8 +34,6 @@ UILaunchStoryboardName AmneziaVPNLaunchScreen - UIRequiredDeviceCapabilities - UIRequiresFullScreen UISupportedInterfaceOrientations @@ -49,7 +45,5 @@ UIUserInterfaceStyle Light - com.wireguard.ios.app_group_id - group.org.mozilla.ios.Guardian diff --git a/client/ios/app/main.entitlements b/client/ios/app/main.entitlements index cb13ea2d..fa993a87 100644 --- a/client/ios/app/main.entitlements +++ b/client/ios/app/main.entitlements @@ -8,9 +8,13 @@ com.apple.security.application-groups - $(GROUP_ID_IOS) + group.ru.kotit.AmneziaVPN.udev com.apple.security.files.user-selected.read-write + keychain-access-groups + + $(AppIdentifierPrefix)group.ru.kotit.AmneziaVPN.udev + diff --git a/client/ios/networkextension/AmneziaVPNNetworkExtension.entitlements b/client/ios/networkextension/AmneziaVPNNetworkExtension.entitlements index f6d173d9..efcee280 100644 --- a/client/ios/networkextension/AmneziaVPNNetworkExtension.entitlements +++ b/client/ios/networkextension/AmneziaVPNNetworkExtension.entitlements @@ -8,7 +8,11 @@ com.apple.security.application-groups - $(GROUP_ID_IOS) + group.ru.kotit.AmneziaVPN.udev + keychain-access-groups + + $(AppIdentifierPrefix)group.ru.kotit.AmneziaVPN.udev + diff --git a/client/macos/networkextension/Info.plist b/client/macos/networkextension/Info.plist index 40e7d169..96d82459 100644 --- a/client/macos/networkextension/Info.plist +++ b/client/macos/networkextension/Info.plist @@ -2,39 +2,28 @@ - CFBundleExecutable - $(EXECUTABLE_NAME) - - CFBundleIdentifier - $(PRODUCT_BUNDLE_IDENTIFIER) - - CFBundleInfoDictionaryVersion - 6.0 - - CFBundleName - $(PRODUCT_NAME) - - CFBundlePackageType - $(PRODUCT_BUNDLE_PACKAGE_TYPE) - - CFBundleShortVersionString - $(MARKETING_VERSION) - - CFBundleVersion - $(CURRENT_PROJECT_VERSION) - - ITSAppUsesNonExemptEncryption - - - LSMinimumSystemVersion - $(MACOSX_DEPLOYMENT_TARGET) - CFBundleDevelopmentRegion $(DEVELOPMENT_LANGUAGE) - CFBundleDisplayName AmneziaVPNNetworkExtension - + CFBundleExecutable + $(EXECUTABLE_NAME) + CFBundleIdentifier + $(PRODUCT_BUNDLE_IDENTIFIER) + CFBundleInfoDictionaryVersion + 6.0 + CFBundleName + $(PRODUCT_NAME) + CFBundlePackageType + $(PRODUCT_BUNDLE_PACKAGE_TYPE) + CFBundleShortVersionString + $(MARKETING_VERSION) + CFBundleVersion + $(CURRENT_PROJECT_VERSION) + ITSAppUsesNonExemptEncryption + + LSMinimumSystemVersion + $(MACOSX_DEPLOYMENT_TARGET) NSExtension NSExtensionPointIdentifier @@ -42,11 +31,5 @@ NSExtensionPrincipalClass $(PRODUCT_MODULE_NAME).PacketTunnelProvider - - com.wireguard.ios.app_group_id - group.$(APP_ID_IOS) - - com.wireguard.macos.app_group_id - $(DEVELOPMENT_TEAM).group.$(APP_ID_MACOS) diff --git a/client/platforms/ios/iosvpnprotocol.swift b/client/platforms/ios/iosvpnprotocol.swift index b14bc690..ce0363e7 100644 --- a/client/platforms/ios/iosvpnprotocol.swift +++ b/client/platforms/ios/iosvpnprotocol.swift @@ -61,16 +61,19 @@ public class IOSVpnProtocolImpl : NSObject { let nsManagers = managers ?? [] Logger.global?.log(message: "We have received \(nsManagers.count) managers.") + print("We have received \(nsManagers.count) managers.") let tunnel = nsManagers.first(where: IOSVpnProtocolImpl.isOurManager(_:)) if tunnel == nil { Logger.global?.log(message: "Creating the tunnel") + print("Creating the tunnel") self!.tunnel = NETunnelProviderManager() closure(IOSConnectionState.Disconnected, nil) return } Logger.global?.log(message: "Tunnel already exists") + print("Tunnel already exists") self!.tunnel = tunnel if tunnel?.connection.status == .connected { @@ -87,18 +90,25 @@ public class IOSVpnProtocolImpl : NSObject { switch session.status { case .connected: Logger.global?.log(message: "STATE CHANGED: connected") + print("STATE CHANGED: connected") case .connecting: Logger.global?.log(message: "STATE CHANGED: connecting") + print("STATE CHANGED: connecting") case .disconnected: Logger.global?.log(message: "STATE CHANGED: disconnected") + print("STATE CHANGED: disconnected") case .disconnecting: Logger.global?.log(message: "STATE CHANGED: disconnecting") + print("STATE CHANGED: disconnecting") case .invalid: Logger.global?.log(message: "STATE CHANGED: invalid") + print("STATE CHANGED: invalid") case .reasserting: Logger.global?.log(message: "STATE CHANGED: reasserting") + print("STATE CHANGED: reasserting") default: Logger.global?.log(message: "STATE CHANGED: unknown status") + print("STATE CHANGED: unknown status") } // We care about "unknown" state changes. @@ -129,10 +139,11 @@ public class IOSVpnProtocolImpl : NSObject { } Logger.global?.log(message: "Found the manager with the correct bundle identifier: \(tunnelProto.providerBundleIdentifier!)") + print("Found the manager with the correct bundle identifier: \(tunnelProto.providerBundleIdentifier!)") return true } - @objc func connect(dnsServer: String, serverIpv6Gateway: String, serverPublicKey: String, serverIpv4AddrIn: String, serverPort: Int, allowedIPAddressRanges: Array, ipv6Enabled: Bool, reason: Int, failureCallback: @escaping () -> Void) { + @objc func connect(dnsServer: String, serverIpv6Gateway: String, serverPublicKey: String, presharedKey: String, serverIpv4AddrIn: String, serverPort: Int, allowedIPAddressRanges: Array, ipv6Enabled: Bool, reason: Int, failureCallback: @escaping () -> Void) { Logger.global?.log(message: "Connecting") assert(tunnel != nil) @@ -144,6 +155,7 @@ public class IOSVpnProtocolImpl : NSObject { let ipv6GatewayIP = IPv6Address(serverIpv6Gateway) var peerConfiguration = PeerConfiguration(publicKey: keyData) + peerConfiguration.preSharedKey = PreSharedKey(base64Key: presharedKey) peerConfiguration.endpoint = Endpoint(from: serverIpv4AddrIn + ":\(serverPort )") peerConfiguration.allowedIPs = [] @@ -168,6 +180,7 @@ public class IOSVpnProtocolImpl : NSObject { } } interface.dns = [ DNSServer(address: dnsServerIP!)] + interface.mtu = 1412 // 1280 if (ipv6Enabled) { interface.dns.append(DNSServer(address: ipv6GatewayIP!)) @@ -206,6 +219,7 @@ public class IOSVpnProtocolImpl : NSObject { } Logger.global?.log(message: "Loading the tunnel succeeded") + print("Loading the tunnel succeeded") do { if (reason == 1 /* ReasonSwitching */) { @@ -219,8 +233,10 @@ public class IOSVpnProtocolImpl : NSObject { Logger.global?.log(message: "Failed to convert response to string") return } + print("Config sent to NE: \(configString)") } } else { + print("starting tunnel") try (self.tunnel!.connection as? NETunnelProviderSession)?.startTunnel() } } catch let error { diff --git a/client/protocols/ios_vpnprotocol.mm b/client/protocols/ios_vpnprotocol.mm index 4dcc600b..6e5246cb 100644 --- a/client/protocols/ios_vpnprotocol.mm +++ b/client/protocols/ios_vpnprotocol.mm @@ -96,30 +96,29 @@ bool IOSVpnProtocol::initialize() case ConnectionStateError: { [m_controller dealloc]; m_controller = nullptr; - emit initialized(false, false, QDateTime()); + emit connectionStateChanged(VpnConnectionState::Error); return; } case ConnectionStateConnected: { Q_ASSERT(date); QDateTime qtDate(QDateTime::fromNSDate(date)); - emit initialized(true, true, qtDate); + emit connectionStateChanged(VpnConnectionState::Connected); return; } case ConnectionStateDisconnected: // Just in case we are connecting, let's call disconnect. [m_controller disconnect]; - emit initialized(true, false, QDateTime()); + emit connectionStateChanged(VpnConnectionState::Disconnected); return; } } callback:^(BOOL a_connected) { qDebug() << "State changed: " << a_connected; if (a_connected) { - emit isConnected(); + emit connectionStateChanged(Connected); return; } - - emit isDisconnected(); +// emit connectionStateChanged(Disconnected); }]; } return true; @@ -176,6 +175,7 @@ ErrorCode IOSVpnProtocol::start() [m_controller connectWithDnsServer:dnsServersList.takeFirst().toNSString() serverIpv6Gateway:@"FE80::1" serverPublicKey:serverPubKey.toNSString() + presharedKey:pskKey.toNSString() serverIpv4AddrIn:serverAddr.toNSString() serverPort:port.toInt() allowedIPAddressRanges:allowedIPAddressRangesNS @@ -183,7 +183,7 @@ ErrorCode IOSVpnProtocol::start() reason:0 failureCallback:^() { qDebug() << "IOSVPNProtocol - connection failed"; - emit isDisconnected(); + emit connectionStateChanged(Disconnected); }]; return NoError; } @@ -192,7 +192,7 @@ void IOSVpnProtocol::stop() { if (!m_controller) { qDebug() << "Not correctly initialized"; - emit isDisconnected(); + emit connectionStateChanged(Disconnected); return; } diff --git a/client/scripts/ios_compile.sh b/client/scripts/ios_compile.sh index 11c2fb7c..fcce7649 100755 --- a/client/scripts/ios_compile.sh +++ b/client/scripts/ios_compile.sh @@ -159,15 +159,14 @@ IOS_FLAGS=" Q_OS_IOS=1 " -#printn Y "Mode: " -#if [[ "$RELEASE" ]]; then -# print G "release" -# MODE="CONFIG-=debug CONFIG+=release CONFIG-=debug_and_release" -#else -# print G "debug" -# MODE="CONFIG+=debug CONFIG-=release CONFIG-=debug_and_release" -#fi -MODE="CONFIG-=debug CONFIG+=release CONFIG-=debug_and_release" +printn Y "Mode: " +if [[ "$RELEASE" ]]; then + print G "release" + MODE="CONFIG-=debug CONFIG+=release CONFIG-=debug_and_release" +else + print G "debug" + MODE="CONFIG+=debug CONFIG-=release CONFIG-=debug_and_release" +fi OSRUBY=$OS printn Y "OS: "