server scripts fix

client/core/openvpnconfigurator.cpp

@@ -190,6 +190,8 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
         if (errorCode) *errorCode = ErrorCode::RemoteProcessCrashError;
     }
 
+    ServerController::setupServerFirewall(credentials);
+
     return connData;
 }
 

client/core/openvpnconfigurator.h

@@ -37,7 +37,6 @@ private:
 
     static ConnectionData prepareOpenVpnConfig(const ServerCredentials &credentials,
         Protocol proto, ErrorCode *errorCode = nullptr);
-
 };
 
 #endif // OPENVPNCONFIGURATOR_H

client/core/servercontroller.cpp

@@ -54,7 +54,7 @@ ErrorCode ServerController::runScript(DockerContainer container,
         }
 
         QEventLoop wait;
-        int exitStatus;
+        int exitStatus = -1;
 
         //        QObject::connect(proc.data(), &SshRemoteProcess::started, &wait, [](){
         //            qDebug() << "Command started";
@@ -66,22 +66,22 @@ ErrorCode ServerController::runScript(DockerContainer container,
             wait.quit();
         });
 
-//        QObject::connect(proc.data(), &SshRemoteProcess::readyReadStandardOutput, [proc](){
-//            QString s = proc->readAllStandardOutput();
-//            if (s != "." && !s.isEmpty()) {
-//                qDebug().noquote() << s;
-//            }
-//        });
+        QObject::connect(proc.data(), &SshRemoteProcess::readyReadStandardOutput, [proc](){
+            QString s = proc->readAllStandardOutput();
+            if (s != "." && !s.isEmpty()) {
+                qDebug().noquote() << s;
+            }
+        });
 
-//        QObject::connect(proc.data(), &SshRemoteProcess::readyReadStandardError, [proc](){
-//            QString s = proc->readAllStandardError();
-//            if (s != "." && !s.isEmpty()) {
-//                qDebug().noquote() << s;
-//            }
-//        });
+        QObject::connect(proc.data(), &SshRemoteProcess::readyReadStandardError, [proc](){
+            QString s = proc->readAllStandardError();
+            if (s != "." && !s.isEmpty()) {
+                qDebug().noquote() << s;
+            }
+        });
 
         proc->start();
-        if (i < lines.count()) {
+        if (i < lines.count() && exitStatus < 0) {
             wait.exec();
         }
 
@@ -117,7 +117,7 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container,
     }
 
     QEventLoop wait;
-    int exitStatus = 0;
+    int exitStatus = -1;
 
     //    QObject::connect(proc.data(), &SshRemoteProcess::started, &wait, [](){
     //        qDebug() << "Command started";
@@ -138,11 +138,11 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container,
     });
 
     proc->start();
-    wait.exec();
+    //wait.exec();
 
-//    if (proc->isRunning()) {
-//        wait.exec();
-//    }
+    if (exitStatus < 0) {
+        wait.exec();
+    }
 
     return fromSshProcessExitStatus(exitStatus);
 }
@@ -176,10 +176,15 @@ QString ServerController::getTextFileFromContainer(DockerContainer container,
         wait.quit();
     });
 
+    QObject::connect(proc.data(), &SshRemoteProcess::started, &wait, [&](){
+        qDebug() << "ServerController::getTextFileFromContainer proc started";
+        exitStatus = -1;
+    });
+
     proc->start();
     wait.exec();
 
-//    if (proc->isRunning()) {
+//    if (exitStatus < 0) {
 //        wait.exec();
 //    }
 
@@ -421,3 +426,12 @@ SshConnection *ServerController::connectToHost(const SshConnectionParameters &ss
 
     return client;
 }
+
+ErrorCode ServerController::setupServerFirewall(const ServerCredentials &credentials)
+{
+    QFile file(":/server_scripts/setup_firewall.sh");
+    file.open(QIODevice::ReadOnly);
+
+    QString script = file.readAll();
+    return runScript(DockerContainer::OpenVpn, sshParams(credentials), script);
+}

client/core/servercontroller.h

@@ -44,6 +44,7 @@ public:
     static int ssContainerPort() { return 8585; } // TODO move to ShadowSocksDefs.h
     static QString ssEncryption() { return "chacha20-ietf-poly1305"; } // TODO move to ShadowSocksDefs.h
 
+    static ErrorCode setupServerFirewall(const ServerCredentials &credentials);
 private:
     static QSsh::SshConnection *connectToHost(const QSsh::SshConnectionParameters &sshParams);
     static ErrorCode runScript(DockerContainer container,

client/platform_win/vpnclient.rc

@@ -18,7 +18,7 @@ IDI_ICON1               ICON                    "../images/app.ico"
 #define VER_ORIGINALFILENAME_STR    "amneziavpn.exe"
 #define VER_PRODUCTNAME_STR         "AmneziaVPN"
 
-#define VER_COMPANYDOMAIN_STR       "http://amnezia.org/"
+#define VER_COMPANYDOMAIN_STR       "https://amnezia.org/"
 
 VS_VERSION_INFO VERSIONINFO
 FILEVERSION VER_FILEVERSION

client/resources.qrc

@@ -39,5 +39,6 @@
         <file>images/background_connected.png</file>
         <file>server_scripts/setup_shadowsocks_server.sh</file>
         <file>server_scripts/template_shadowsocks.ovpn</file>
+        <file>server_scripts/setup_firewall.sh</file>
     </qresource>
 </RCC>

client/server_scripts/setup_firewall.sh

@@ -0,0 +1,3 @@
+sysctl -w net.ipv4.ip_forward=1
+iptables -P FORWARD ACCEPT
+iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

client/server_scripts/setup_openvpn_server.sh

@@ -7,7 +7,7 @@ systemctl start docker
 docker stop $CONTAINER_NAME
 docker rm -f $CONTAINER_NAME
 docker pull amneziavpn/openvpn:latest
-docker run -d --restart always --cap-add=NET_ADMIN -p 1194:1194/udp --name $CONTAINER_NAME amneziavpn/openvpn:latest
+docker run -d --restart always --cap-add=NET_ADMIN -e HOST_ADDR=$(curl -s https://api.ipify.org) -p 1194:1194/udp --name $CONTAINER_NAME amneziavpn/openvpn:latest
 
 
 docker exec -i $CONTAINER_NAME sh -c "mkdir -p /opt/amneziavpn_data/clients"
@@ -18,4 +18,4 @@ docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && cp pki/dh.pem /
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && easyrsa sign-req server MyReq << EOF3 yes EOF3"
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && openvpn --genkey --secret ta.key << EOF4"
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && cp pki/ca.crt pki/issued/MyReq.crt pki/private/MyReq.key ta.key /etc/openvpn"
-docker exec -i $CONTAINER_NAME sh -c "openvpn --config /etc/openvpn/server.conf &"
+docker exec -d $CONTAINER_NAME sh -c "openvpn --config /etc/openvpn/server.conf"

client/server_scripts/setup_shadowsocks_server.sh

@@ -18,4 +18,4 @@ docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && cp pki/dh.pem /
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && easyrsa sign-req server MyReq << EOF3 yes EOF3"
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && openvpn --genkey --secret ta.key << EOF4"
 docker exec -i $CONTAINER_NAME sh -c "cd /opt/amneziavpn_data && cp pki/ca.crt pki/issued/MyReq.crt pki/private/MyReq.key ta.key /etc/openvpn"
-docker exec -i $CONTAINER_NAME sh -c "openvpn --config /etc/openvpn/server.conf &"
+docker exec -d $CONTAINER_NAME sh -c "openvpn --config /etc/openvpn/server.conf"