From fa151cd320c7906968420c7c82299f9b9a7c4fc2 Mon Sep 17 00:00:00 2001 From: pokamest Date: Mon, 4 Oct 2021 19:07:49 +0300 Subject: [PATCH 1/9] Ikev2 support --- client/client.pro | 4 + client/configurators/ikev2_configurator.cpp | 67 +++++ client/configurators/ikev2_configurator.h | 30 ++ client/configurators/openvpn_configurator.cpp | 9 +- client/configurators/vpn_configurator.cpp | 15 + client/configurators/vpn_configurator.h | 2 + .../configurators/wireguard_configurator.cpp | 2 +- client/containers/containers_defs.cpp | 23 +- client/containers/containers_defs.h | 1 + client/core/defs.h | 1 + client/core/scripts_registry.cpp | 2 + client/core/servercontroller.cpp | 84 ++++-- client/core/servercontroller.h | 8 +- client/protocols/ikev2_vpn_protocol.cpp | 57 ++++ client/protocols/ikev2_vpn_protocol.h | 32 +++ client/protocols/openvpnprotocol.cpp | 2 +- client/protocols/openvpnprotocol.h | 2 +- client/protocols/protocols_defs.h | 2 +- client/protocols/vpnprotocol.cpp | 20 ++ client/protocols/vpnprotocol.h | 5 + client/resources.qrc | 4 + client/server_scripts/ipsec/Dockerfile | 4 + .../ipsec/configure_container.sh | 257 ++++++++++++++++++ client/server_scripts/ipsec/run_container.sh | 7 + client/server_scripts/ipsec/start.sh | 0 client/server_scripts/wireguard/template.conf | 2 +- client/vpnconnection.cpp | 74 ++--- 27 files changed, 626 insertions(+), 90 deletions(-) create mode 100644 client/configurators/ikev2_configurator.cpp create mode 100644 client/configurators/ikev2_configurator.h create mode 100644 client/protocols/ikev2_vpn_protocol.cpp create mode 100644 client/protocols/ikev2_vpn_protocol.h create mode 100644 client/server_scripts/ipsec/Dockerfile create mode 100644 client/server_scripts/ipsec/configure_container.sh create mode 100644 client/server_scripts/ipsec/run_container.sh create mode 100644 client/server_scripts/ipsec/start.sh diff --git a/client/client.pro b/client/client.pro index 8448c11f..4762461d 100644 --- a/client/client.pro +++ b/client/client.pro @@ -19,6 +19,7 @@ include ("3rd/SortFilterProxyModel/SortFilterProxyModel.pri") HEADERS += \ ../ipc/ipc.h \ configurators/cloak_configurator.h \ + configurators/ikev2_configurator.h \ configurators/shadowsocks_configurator.h \ configurators/ssh_configurator.h \ configurators/vpn_configurator.h \ @@ -34,6 +35,7 @@ HEADERS += \ debug.h \ defines.h \ managementserver.h \ + protocols/ikev2_vpn_protocol.h \ protocols/openvpnovercloakprotocol.h \ protocols/protocols_defs.h \ protocols/shadowsocksvpnprotocol.h \ @@ -73,6 +75,7 @@ HEADERS += \ SOURCES += \ configurators/cloak_configurator.cpp \ + configurators/ikev2_configurator.cpp \ configurators/shadowsocks_configurator.cpp \ configurators/ssh_configurator.cpp \ configurators/vpn_configurator.cpp \ @@ -87,6 +90,7 @@ SOURCES += \ debug.cpp \ main.cpp \ managementserver.cpp \ + protocols/ikev2_vpn_protocol.cpp \ protocols/openvpnovercloakprotocol.cpp \ protocols/protocols_defs.cpp \ protocols/shadowsocksvpnprotocol.cpp \ diff --git a/client/configurators/ikev2_configurator.cpp b/client/configurators/ikev2_configurator.cpp new file mode 100644 index 00000000..4c01cbdc --- /dev/null +++ b/client/configurators/ikev2_configurator.cpp @@ -0,0 +1,67 @@ +#include "ikev2_configurator.h" +#include +#include +#include +#include +#include +#include +#include + +#include "sftpdefs.h" + +#include "core/server_defs.h" +#include "containers/containers_defs.h" +#include "core/scripts_registry.h" +#include "utils.h" + +Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials, + DockerContainer container, ErrorCode *errorCode) +{ + Ikev2Configurator::ConnectionData connData; + connData.host = credentials.hostName; + connData.clientId = Utils::getRandomString(16); + connData.password = Utils::getRandomString(16); + + QString certFileName = "/opt/amnezia/ikev2/clients/" + connData.clientId + ".p12"; + + QString scriptCreateCert = QString("certutil -z <(head -c 1024 /dev/urandom) "\ + "-S -c \"IKEv2 VPN CA\" -n \"%1\" "\ + "-s \"O=IKEv2 VPN,CN=%1\" "\ + "-k rsa -g 3072 -v 120 "\ + "-d sql:/etc/ipsec.d -t \",,\" "\ + "--keyUsage digitalSignature,keyEncipherment "\ + "--extKeyUsage serverAuth,clientAuth -8 \"%1\"") + .arg(connData.clientId); + + ErrorCode e = ServerController::runContainerScript(credentials, container, scriptCreateCert); + + QString scriptExportCert = QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"") + .arg(connData.password) + .arg(connData.clientId) + .arg(certFileName); + e = ServerController::runContainerScript(credentials, container, scriptExportCert); + + connData.cert = ServerController::getTextFileFromContainer(container, credentials, certFileName, &e); + qDebug() << "Ikev2Configurator::ConnectionData cert size:" << connData.cert.size(); + + return connData; +} + +QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, + DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) +{ + ConnectionData connData = prepareIkev2Config(credentials, container, errorCode); + if (errorCode && *errorCode) { + return ""; + } + + + QJsonObject config; + config[config_key::hostName] = connData.host; + config[config_key::userName] = connData.clientId; + config[config_key::cert] = QString(connData.cert.toBase64()); + config[config_key::password] = connData.password; + + return QJsonDocument(config).toJson(); +} + diff --git a/client/configurators/ikev2_configurator.h b/client/configurators/ikev2_configurator.h new file mode 100644 index 00000000..5257fc7f --- /dev/null +++ b/client/configurators/ikev2_configurator.h @@ -0,0 +1,30 @@ +#ifndef IKEV2_CONFIGURATOR_H +#define IKEV2_CONFIGURATOR_H + +#include +#include + +#include "core/defs.h" +#include "core/servercontroller.h" + +class Ikev2Configurator +{ +public: + + struct ConnectionData { + QByteArray cert; // p12 client cert + QString clientId; + QString password; // certificate password + QString host; // host ip + }; + + static QString genIkev2Config(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + + +private: + static ConnectionData prepareIkev2Config(const ServerCredentials &credentials, + DockerContainer container, ErrorCode *errorCode = nullptr); +}; + +#endif // IKEV2_CONFIGURATOR_H diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp index 7ea9f901..5dac8cf0 100644 --- a/client/configurators/openvpn_configurator.cpp +++ b/client/configurators/openvpn_configurator.cpp @@ -248,10 +248,6 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config) { - // TODO replace DNS if it already set - config.replace("$PRIMARY_DNS", m_settings().primaryDns()); - config.replace("$SECONDARY_DNS", m_settings().secondaryDns()); - if (m_settings().routeMode() != Settings::VpnAllSites) { config.replace("redirect-gateway def1 bypass-dhcp", ""); } @@ -277,9 +273,6 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config) QString OpenVpnConfigurator::processConfigWithExportSettings(QString config) { - config.replace("$PRIMARY_DNS", m_settings().primaryDns()); - config.replace("$SECONDARY_DNS", m_settings().secondaryDns()); - if(!config.contains("redirect-gateway def1 bypass-dhcp")) { config.append("redirect-gateway def1 bypass-dhcp\n"); } @@ -308,5 +301,5 @@ ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, QStringList scriptList {script_import, script_sign}; QString script = ServerController::replaceVars(scriptList.join("\n"), ServerController::genVarsForScript(credentials, container)); - return ServerController::runScript(ServerController::sshParams(credentials), script); + return ServerController::runScript(credentials, script); } diff --git a/client/configurators/vpn_configurator.cpp b/client/configurators/vpn_configurator.cpp index 245e4d6f..0b4d9170 100644 --- a/client/configurators/vpn_configurator.cpp +++ b/client/configurators/vpn_configurator.cpp @@ -3,6 +3,7 @@ #include "cloak_configurator.h" #include "shadowsocks_configurator.h" #include "wireguard_configurator.h" +#include "ikev2_configurator.h" #include #include @@ -10,6 +11,11 @@ #include "containers/containers_defs.h" +Settings &VpnConfigurator::m_settings() +{ + static Settings s; + return s; +} QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, Protocol proto, ErrorCode *errorCode) @@ -27,6 +33,9 @@ QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentia case Protocol::WireGuard: return WireguardConfigurator::genWireguardConfig(credentials, container, containerConfig, errorCode); + case Protocol::Ikev2: + return Ikev2Configurator::genIkev2Config(credentials, container, containerConfig, errorCode); + default: return ""; } @@ -34,6 +43,9 @@ QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentia QString VpnConfigurator::processConfigWithLocalSettings(DockerContainer container, Protocol proto, QString config) { + config.replace("$PRIMARY_DNS", m_settings().primaryDns()); + config.replace("$SECONDARY_DNS", m_settings().secondaryDns()); + if (proto == Protocol::OpenVpn) { return OpenVpnConfigurator::processConfigWithLocalSettings(config); } @@ -42,6 +54,9 @@ QString VpnConfigurator::processConfigWithLocalSettings(DockerContainer containe QString VpnConfigurator::processConfigWithExportSettings(DockerContainer container, Protocol proto, QString config) { + config.replace("$PRIMARY_DNS", m_settings().primaryDns()); + config.replace("$SECONDARY_DNS", m_settings().secondaryDns()); + if (proto == Protocol::OpenVpn) { return OpenVpnConfigurator::processConfigWithExportSettings(config); } diff --git a/client/configurators/vpn_configurator.h b/client/configurators/vpn_configurator.h index 32c030d7..930a6715 100644 --- a/client/configurators/vpn_configurator.h +++ b/client/configurators/vpn_configurator.h @@ -7,6 +7,7 @@ #include "settings.h" #include "core/servercontroller.h" +// Retrieve connection settings from server class VpnConfigurator { public: @@ -21,6 +22,7 @@ public: static void updateContainerConfigAfterInstallation(DockerContainer container, QJsonObject &containerConfig, const QString &stdOut); + static Settings &m_settings(); }; #endif // VPN_CONFIGURATOR_H diff --git a/client/configurators/wireguard_configurator.cpp b/client/configurators/wireguard_configurator.cpp index 6f180f03..c5c01d7c 100644 --- a/client/configurators/wireguard_configurator.cpp +++ b/client/configurators/wireguard_configurator.cpp @@ -130,7 +130,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon return connData; } - e = ServerController::runScript(ServerController::sshParams(credentials), + e = ServerController::runScript(credentials, ServerController::replaceVars("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip /opt/amnezia/wireguard/wg0.conf)'", ServerController::genVarsForScript(credentials, container))); diff --git a/client/containers/containers_defs.cpp b/client/containers/containers_defs.cpp index 33e403b5..b56145bf 100644 --- a/client/containers/containers_defs.cpp +++ b/client/containers/containers_defs.cpp @@ -42,6 +42,9 @@ QVector ContainerProps::protocolsForContainer(amnezia::Docker case DockerContainer::Cloak: return { Protocol::OpenVpn, Protocol::ShadowSocks, Protocol::Cloak }; + case DockerContainer::Ipsec: + return { Protocol::Ikev2, Protocol::L2tp }; + case DockerContainer::Dns: return { }; @@ -69,6 +72,8 @@ QMap ContainerProps::containerHumanNames() {DockerContainer::ShadowSocks, "OpenVpn over ShadowSocks"}, {DockerContainer::Cloak, "OpenVpn over Cloak"}, {DockerContainer::WireGuard, "WireGuard"}, + {DockerContainer::Ipsec, QObject::tr("IPsec container")}, + {DockerContainer::TorWebSite, QObject::tr("Web site in TOR network")}, {DockerContainer::Dns, QObject::tr("DNS Service")}, {DockerContainer::FileShare, QObject::tr("SMB file sharing service")}, @@ -84,6 +89,8 @@ QMap ContainerProps::containerDescriptions() {DockerContainer::Cloak, QObject::tr("Container with OpenVpn and ShadowSocks protocols " "configured with traffic masking by Cloak plugin")}, {DockerContainer::WireGuard, QObject::tr("WireGuard container")}, + {DockerContainer::Ipsec, QObject::tr("IPsec container")}, + {DockerContainer::TorWebSite, QObject::tr("Web site in TOR network")}, {DockerContainer::Dns, QObject::tr("DNS Service")}, {DockerContainer::FileShare, QObject::tr("SMB file sharing service - is Window file sharing protocol")}, @@ -99,15 +106,29 @@ amnezia::ServiceType ContainerProps::containerService(DockerContainer c) case DockerContainer::Cloak : return ServiceType::Vpn; case DockerContainer::ShadowSocks : return ServiceType::Vpn; case DockerContainer::WireGuard : return ServiceType::Vpn; + case DockerContainer::Ipsec : return ServiceType::Vpn; case DockerContainer::TorWebSite : return ServiceType::Other; case DockerContainer::Dns : return ServiceType::Other; case DockerContainer::FileShare : return ServiceType::Other; + case DockerContainer::Sftp : return ServiceType::Other; default: return ServiceType::Other; } } Protocol ContainerProps::defaultProtocol(DockerContainer c) { - return static_cast(c); + switch (c) { + case DockerContainer::None : return Protocol::Any; + case DockerContainer::OpenVpn : return Protocol::OpenVpn; + case DockerContainer::Cloak : return Protocol::Cloak; + case DockerContainer::ShadowSocks : return Protocol::ShadowSocks; + case DockerContainer::WireGuard : return Protocol::WireGuard; + case DockerContainer::Ipsec : return Protocol::Ikev2; + + case DockerContainer::TorWebSite : return Protocol::TorWebSite; + case DockerContainer::Dns : return Protocol::Dns; + case DockerContainer::FileShare : return Protocol::FileShare; + case DockerContainer::Sftp : return Protocol::Sftp; + } } diff --git a/client/containers/containers_defs.h b/client/containers/containers_defs.h index 02ac5528..b27b61be 100644 --- a/client/containers/containers_defs.h +++ b/client/containers/containers_defs.h @@ -18,6 +18,7 @@ enum DockerContainer { ShadowSocks, Cloak, WireGuard, + Ipsec, //non-vpn TorWebSite, diff --git a/client/core/defs.h b/client/core/defs.h index 02d6cad6..99a7fc40 100644 --- a/client/core/defs.h +++ b/client/core/defs.h @@ -74,6 +74,7 @@ const char key_openvpn_config_path[] = "openvpn_config_path"; const char key_shadowsocks_config_data[] = "shadowsocks_config_data"; const char key_cloak_config_data[] = "cloak_config_data"; const char key_wireguard_config_data[] = "wireguard_config_data"; +const char key_ikev2_config_data[] = "ikev2_config_data"; } diff --git a/client/core/scripts_registry.cpp b/client/core/scripts_registry.cpp index 080bc36c..7644f012 100644 --- a/client/core/scripts_registry.cpp +++ b/client/core/scripts_registry.cpp @@ -11,6 +11,8 @@ QString amnezia::scriptFolder(amnezia::DockerContainer container) case DockerContainer::Cloak: return QLatin1String("openvpn_cloak"); case DockerContainer::ShadowSocks: return QLatin1String("openvpn_shadowsocks"); case DockerContainer::WireGuard: return QLatin1String("wireguard"); + case DockerContainer::Ipsec: return QLatin1String("ipsec"); + case DockerContainer::TorWebSite: return QLatin1String("website_tor"); case DockerContainer::Dns: return QLatin1String("dns"); case DockerContainer::FileShare: return QLatin1String("file_share"); diff --git a/client/core/servercontroller.cpp b/client/core/servercontroller.cpp index 782c4fec..802bbb69 100644 --- a/client/core/servercontroller.cpp +++ b/client/core/servercontroller.cpp @@ -24,11 +24,11 @@ using namespace QSsh; -ErrorCode ServerController::runScript(const SshConnectionParameters &sshParams, QString script, +ErrorCode ServerController::runScript(const ServerCredentials &credentials, QString script, const std::function)> &cbReadStdOut, const std::function)> &cbReadStdErr) { - SshConnection *client = connectToHost(sshParams); + SshConnection *client = connectToHost(sshParams(credentials)); if (client->state() == SshConnection::State::Connecting) { qDebug() << "ServerController::runScript aborted, connectToHost in progress"; return ErrorCode::SshTimeoutError; @@ -121,6 +121,26 @@ ErrorCode ServerController::runScript(const SshConnectionParameters &sshParams, return ErrorCode::NoError; } +ErrorCode ServerController::runContainerScript(const ServerCredentials &credentials, + DockerContainer container, QString script, + const std::function)> &cbReadStdOut, + const std::function)> &cbReadStdErr) +{ + QString fileName = "/opt/amnezia/" + Utils::getRandomString(16) + ".sh"; + ErrorCode e = uploadTextFileToContainer(container, credentials, script, fileName); + if (e) return e; + + QString runner = QString("sudo docker exec -i $CONTAINER_NAME bash %1 ").arg(fileName); + e = runScript(credentials, + replaceVars(runner, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr); + +// QString remover = QString("sudo docker exec -i $CONTAINER_NAME rm %1 ").arg(fileName); +// runScript(credentials, +// replaceVars(remover, genVarsForScript(credentials, container))); + + return e; +} + ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, const ServerCredentials &credentials, const QString &file, const QString &path, QSsh::SftpOverwriteMode overwriteMode) @@ -136,20 +156,20 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, }; if (overwriteMode == QSsh::SftpOverwriteMode::SftpOverwriteExisting) { - e = runScript(sshParams(credentials), + e = runScript(credentials, replaceVars(QString("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName).arg(path), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); if (e) return e; } else if (overwriteMode == QSsh::SftpOverwriteMode::SftpAppendToExisting) { - e = runScript(sshParams(credentials), + e = runScript(credentials, replaceVars(QString("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName).arg(tmpFileName), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); if (e) return e; - e = runScript(sshParams(credentials), + e = runScript(credentials, replaceVars(QString("sudo docker exec -i $CONTAINER_NAME sh -c \"cat %1 >> %2\"").arg(tmpFileName).arg(path), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); @@ -162,23 +182,23 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, return ErrorCode::ServerContainerMissingError; } - runScript(sshParams(credentials), + runScript(credentials, replaceVars(QString("sudo shred %1").arg(tmpFileName), genVarsForScript(credentials, container))); - runScript(sshParams(credentials), + runScript(credentials, replaceVars(QString("sudo rm %1").arg(tmpFileName), genVarsForScript(credentials, container))); return e; } -QString ServerController::getTextFileFromContainer(DockerContainer container, +QByteArray ServerController::getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials, const QString &path, ErrorCode *errorCode) { if (errorCode) *errorCode = ErrorCode::NoError; - QString script = QString("sudo docker exec -i %1 sh -c \"cat \'%2\'\""). + QString script = QString("sudo docker exec -i %1 sh -c \"xxd -p \'%2\'\""). arg(ContainerProps::containerToString(container)).arg(path); qDebug().noquote() << "Copy file from container\n" << script; @@ -186,14 +206,14 @@ QString ServerController::getTextFileFromContainer(DockerContainer container, SshConnection *client = connectToHost(sshParams(credentials)); if (client->state() != SshConnection::State::Connected) { if (errorCode) *errorCode = fromSshConnectionErrorCode(client->errorState()); - return QString(); + return {}; } QSharedPointer proc = client->createRemoteProcess(script.toUtf8()); if (!proc) { qCritical() << "Failed to create SshRemoteProcess, breaking."; if (errorCode) *errorCode = ErrorCode::SshRemoteProcessCreationError; - return QString(); + return {}; } QEventLoop wait; @@ -221,7 +241,7 @@ QString ServerController::getTextFileFromContainer(DockerContainer container, } if (errorCode) *errorCode = ErrorCode::NoError; - return proc->readAllStandardOutput(); + return QByteArray::fromHex(proc->readAllStandardOutput()); } ErrorCode ServerController::checkOpenVpnServer(DockerContainer container, const ServerCredentials &credentials) @@ -352,13 +372,13 @@ SshConnectionParameters ServerController::sshParams(const ServerCredentials &cre ErrorCode ServerController::removeAllContainers(const ServerCredentials &credentials) { - return runScript(sshParams(credentials), + return runScript(credentials, amnezia::scriptData(SharedScriptType::remove_all_containers)); } ErrorCode ServerController::removeContainer(const ServerCredentials &credentials, DockerContainer container) { - return runScript(sshParams(credentials), + return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::remove_container), genVarsForScript(credentials, container))); } @@ -482,7 +502,7 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent stdOut += data + "\n"; }; - ErrorCode e = runScript(sshParams(credentials), + ErrorCode e = runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::install_docker), genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr); @@ -495,7 +515,7 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent ErrorCode ServerController::prepareHostWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config) { // create folder on host - return runScript(sshParams(credentials), + return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::prepare_host), genVarsForScript(credentials, container))); } @@ -515,7 +535,7 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden // stdOut += data + "\n"; // }; - return runScript(sshParams(credentials), + return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config))); } @@ -530,7 +550,7 @@ ErrorCode ServerController::runContainerWorker(const ServerCredentials &credenti stdOut += data + "\n"; }; - ErrorCode e = runScript(sshParams(credentials), + ErrorCode e = runScript(credentials, replaceVars(amnezia::scriptData(ProtocolScriptType::run_container, container), genVarsForScript(credentials, container, config)), cbReadStdOut, cbReadStdErr); @@ -553,11 +573,12 @@ ErrorCode ServerController::configureContainerWorker(const ServerCredentials &cr }; - ErrorCode e = runScript(sshParams(credentials), + ErrorCode e = runContainerScript(credentials, container, replaceVars(amnezia::scriptData(ProtocolScriptType::configure_container, container), genVarsForScript(credentials, container, config)), cbReadStdOut, cbReadStdErr); + VpnConfigurator::updateContainerConfigAfterInstallation(container, config, stdOut); return e; @@ -576,7 +597,7 @@ ErrorCode ServerController::startupContainerWorker(const ServerCredentials &cred "/opt/amnezia/start.sh"); if (e) return e; - return runScript(sshParams(credentials), + return runScript(credentials, replaceVars("sudo docker exec -d $CONTAINER_NAME sh -c \"chmod a+x /opt/amnezia/start.sh && /opt/amnezia/start.sh\"", genVarsForScript(credentials, container, config))); } @@ -634,6 +655,25 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential vars.append({{"$WIREGUARD_SERVER_PORT", wireguarConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) }}); + // IPsec vars + vars.append({{"$IPSEC_VPN_L2TP_NET", "192.168.42.0/24"}}); + vars.append({{"$IPSEC_VPN_L2TP_POOL", "192.168.42.10-192.168.42.250"}}); + vars.append({{"$IPSEC_VPN_L2TP_LOCAL", "192.168.42.1"}}); + + vars.append({{"$IPSEC_VPN_XAUTH_NET", "192.168.43.0/24"}}); + vars.append({{"$IPSEC_VPN_XAUTH_POOL", "192.168.43.10-192.168.43.250"}}); + + vars.append({{"$IPSEC_VPN_SHA2_TRUNCBUG", "yes"}}); + + vars.append({{"$IPSEC_VPN_VPN_ANDROID_MTU_FIX", "yes"}}); + vars.append({{"$IPSEC_VPN_DISABLE_IKEV2", "no"}}); + vars.append({{"$IPSEC_VPN_DISABLE_L2TP", "no"}}); + vars.append({{"$IPSEC_VPN_DISABLE_XAUTH", "no"}}); + + vars.append({{"$IPSEC_VPN_C2C_TRAFFIC", "no"}}); + + + // Sftp vars vars.append({{"$SFTP_PORT", sftpConfig.value(config_key::port).toString(QString::number(ProtocolProps::defaultPort(Protocol::Sftp))) }}); vars.append({{"$SFTP_USER", sftpConfig.value(config_key::userName).toString() }}); @@ -661,7 +701,7 @@ QString ServerController::checkSshConnection(const ServerCredentials &credential stdOut += data + "\n"; }; - ErrorCode e = runScript(sshParams(credentials), + ErrorCode e = runScript(credentials, amnezia::scriptData(SharedScriptType::check_connection), cbReadStdOut, cbReadStdErr); if (errorCode) *errorCode = e; @@ -731,7 +771,7 @@ void ServerController::disconnectFromHost(const ServerCredentials &credentials) ErrorCode ServerController::setupServerFirewall(const ServerCredentials &credentials) { - return runScript(sshParams(credentials), + return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::setup_host_firewall), genVarsForScript(credentials))); } diff --git a/client/core/servercontroller.h b/client/core/servercontroller.h index 7116df41..30e86ff4 100644 --- a/client/core/servercontroller.h +++ b/client/core/servercontroller.h @@ -46,14 +46,18 @@ public: const ServerCredentials &credentials, const QString &file, const QString &path, QSsh::SftpOverwriteMode overwriteMode = QSsh::SftpOverwriteMode::SftpOverwriteExisting); - static QString getTextFileFromContainer(DockerContainer container, + static QByteArray getTextFileFromContainer(DockerContainer container, const ServerCredentials &credentials, const QString &path, ErrorCode *errorCode = nullptr); static ErrorCode setupServerFirewall(const ServerCredentials &credentials); static QString replaceVars(const QString &script, const Vars &vars); - static ErrorCode runScript(const QSsh::SshConnectionParameters &sshParams, QString script, + static ErrorCode runScript(const ServerCredentials &credentials, QString script, + const std::function)> &cbReadStdOut = nullptr, + const std::function)> &cbReadStdErr = nullptr); + + static ErrorCode runContainerScript(const ServerCredentials &credentials, DockerContainer container, QString script, const std::function)> &cbReadStdOut = nullptr, const std::function)> &cbReadStdErr = nullptr); diff --git a/client/protocols/ikev2_vpn_protocol.cpp b/client/protocols/ikev2_vpn_protocol.cpp new file mode 100644 index 00000000..df143cf5 --- /dev/null +++ b/client/protocols/ikev2_vpn_protocol.cpp @@ -0,0 +1,57 @@ +#include +#include +#include +#include +#include +#include + +#include "debug.h" +#include "ikev2_vpn_protocol.h" +#include "utils.h" + +Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) : + VpnProtocol(configuration, parent) +{ + //m_configFile.setFileTemplate(QDir::tempPath() + QDir::separator() + serviceName() + ".conf"); + readIkev2Configuration(configuration); +} + +Ikev2Protocol::~Ikev2Protocol() +{ + qDebug() << "IpsecProtocol::~IpsecProtocol()"; + Ikev2Protocol::stop(); + QThread::msleep(200); +} + +void Ikev2Protocol::stop() +{ +#ifndef Q_OS_IOS + +#endif +} + +void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration) +{ + m_config = configuration.value(config::key_ikev2_config_data).toObject(); +} + + + +ErrorCode Ikev2Protocol::start() +{ +#ifndef Q_OS_IOS + + QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()); + qDebug() << "Ikev2Protocol::start()" << cert; + + QTemporaryFile certFile; + certFile.open(); + certFile.write(cert); + certFile.close(); + + + return ErrorCode::NoError; + +#endif +} + diff --git a/client/protocols/ikev2_vpn_protocol.h b/client/protocols/ikev2_vpn_protocol.h new file mode 100644 index 00000000..8e256114 --- /dev/null +++ b/client/protocols/ikev2_vpn_protocol.h @@ -0,0 +1,32 @@ +#ifndef IPSEC_PROTOCOL_H +#define IPSEC_PROTOCOL_H + +#include +#include +#include +#include +#include + +#include "vpnprotocol.h" +#include "core/ipcclient.h" + +class Ikev2Protocol : public VpnProtocol +{ + Q_OBJECT + +public: + explicit Ikev2Protocol(const QJsonObject& configuration, QObject* parent = nullptr); + virtual ~Ikev2Protocol() override; + + ErrorCode start() override; + void stop() override; + +private: + void readIkev2Configuration(const QJsonObject &configuration); + + +private: + QJsonObject m_config; +}; + +#endif // IPSEC_PROTOCOL_H diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp index be7e84e6..cb8c7807 100644 --- a/client/protocols/openvpnprotocol.cpp +++ b/client/protocols/openvpnprotocol.cpp @@ -57,7 +57,7 @@ void OpenVpnProtocol::stop() } } -ErrorCode OpenVpnProtocol::checkAndSetupTapDriver() +ErrorCode OpenVpnProtocol::prepare() { if (!IpcClient::Interface()) { return ErrorCode::AmneziaServiceConnectionFailed; diff --git a/client/protocols/openvpnprotocol.h b/client/protocols/openvpnprotocol.h index 854c2574..5fbddd67 100644 --- a/client/protocols/openvpnprotocol.h +++ b/client/protocols/openvpnprotocol.h @@ -21,7 +21,7 @@ public: ErrorCode start() override; void stop() override; - ErrorCode checkAndSetupTapDriver(); + ErrorCode prepare() override; static QString defaultConfigFileName(); static QString defaultConfigPath(); diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h index 98f16f3f..770fed26 100644 --- a/client/protocols/protocols_defs.h +++ b/client/protocols/protocols_defs.h @@ -16,6 +16,7 @@ constexpr char port[] = "port"; constexpr char local_port[] = "local_port"; constexpr char description[] = "description"; +constexpr char cert[] = "cert"; constexpr char containers[] = "containers"; @@ -23,7 +24,6 @@ constexpr char container[] = "container"; constexpr char defaultContainer[] = "defaultContainer"; constexpr char protocols[] = "protocols"; -//constexpr char protocol[] = "protocol"; constexpr char remote[] = "remote"; constexpr char transport_proto[] = "transport_proto"; diff --git a/client/protocols/vpnprotocol.cpp b/client/protocols/vpnprotocol.cpp index 2a6cac4b..8a5a78d6 100644 --- a/client/protocols/vpnprotocol.cpp +++ b/client/protocols/vpnprotocol.cpp @@ -4,6 +4,13 @@ #include "vpnprotocol.h" #include "core/errorstrings.h" +#include "openvpnprotocol.h" +#include "shadowsocksvpnprotocol.h" +#include "openvpnovercloakprotocol.h" +#include "wireguardprotocol.h" +#include "ikev2_vpn_protocol.h" + + VpnProtocol::VpnProtocol(const QJsonObject &configuration, QObject* parent) : QObject(parent), m_connectionState(ConnectionState::Unknown), @@ -88,6 +95,19 @@ QString VpnProtocol::vpnGateway() const return m_vpnGateway; } +VpnProtocol *VpnProtocol::factory(DockerContainer container, const QJsonObject& configuration) +{ + switch (container) { + case DockerContainer::OpenVpn: return new OpenVpnProtocol(configuration); + case DockerContainer::Cloak: return new OpenVpnOverCloakProtocol(configuration); + case DockerContainer::ShadowSocks: return new ShadowSocksVpnProtocol(configuration); + case DockerContainer::WireGuard: return new WireguardProtocol(configuration); + case DockerContainer::Ipsec: return new Ikev2Protocol(configuration); + + default: return nullptr; + } +} + QString VpnProtocol::routeGateway() const { return m_routeGateway; diff --git a/client/protocols/vpnprotocol.h b/client/protocols/vpnprotocol.h index 59c1278d..c6bfc3b2 100644 --- a/client/protocols/vpnprotocol.h +++ b/client/protocols/vpnprotocol.h @@ -6,6 +6,8 @@ #include #include "core/defs.h" +#include "containers/containers_defs.h" + using namespace amnezia; class QTimer; @@ -23,6 +25,7 @@ public: static QString textConnectionState(ConnectionState connectionState); + virtual ErrorCode prepare() { return ErrorCode::NoError; } virtual bool isConnected() const; virtual bool isDisconnected() const; @@ -37,6 +40,8 @@ public: QString routeGateway() const; QString vpnGateway() const; + static VpnProtocol* factory(amnezia::DockerContainer container, const QJsonObject &configuration); + signals: void bytesChanged(quint64 receivedBytes, quint64 sentBytes); void connectionStateChanged(VpnProtocol::ConnectionState state); diff --git a/client/resources.qrc b/client/resources.qrc index 202b2060..e16f82c6 100644 --- a/client/resources.qrc +++ b/client/resources.qrc @@ -122,5 +122,9 @@ server_scripts/sftp/run_container.sh ui/qml/Pages/Protocols/PageProtoSftp.qml ui/qml/Pages/Protocols/PageProtoTorWebSite.qml + server_scripts/ipsec/configure_container.sh + server_scripts/ipsec/Dockerfile + server_scripts/ipsec/run_container.sh + server_scripts/ipsec/start.sh diff --git a/client/server_scripts/ipsec/Dockerfile b/client/server_scripts/ipsec/Dockerfile new file mode 100644 index 00000000..1fcecdad --- /dev/null +++ b/client/server_scripts/ipsec/Dockerfile @@ -0,0 +1,4 @@ +FROM amneziavpn/ipsec-server:latest + +RUN mkdir -p /opt/amnezia +LABEL maintainer="AmneziaVPN" diff --git a/client/server_scripts/ipsec/configure_container.sh b/client/server_scripts/ipsec/configure_container.sh new file mode 100644 index 00000000..0d22a7da --- /dev/null +++ b/client/server_scripts/ipsec/configure_container.sh @@ -0,0 +1,257 @@ +#!/bin/bash + +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + +if [ ! -e /dev/ppp ]; then +cat <<'EOF' + +Warning: /dev/ppp is missing, and IPsec/L2TP mode may not work. Please use + IKEv2 (https://git.io/ikev2docker) or IPsec/XAuth mode to connect. +EOF +fi + +NET_IFACE=$(route 2>/dev/null | grep -m 1 '^default' | grep -o '[^ ]*$') +[ -z "$NET_IFACE" ] && NET_IFACE=$(ip -4 route list 0/0 2>/dev/null | grep -m 1 -Po '(?<=dev )(\S+)') +[ -z "$NET_IFACE" ] && NET_IFACE=eth0 + + +mkdir -p /opt/src +mkdir -p /opt/amnezia/ikev2/clients + + +# Create IPsec config +cat > /etc/ipsec.conf <> /etc/ipsec.conf <<'EOF' +conn l2tp-psk + auto=add + leftprotoport=17/1701 + rightprotoport=17/%any + type=transport + also=shared + +EOF +fi + +if [ "$IPSEC_VPN_DISABLE_XAUTH" != "yes" ]; then +cat >> /etc/ipsec.conf <> /etc/ipsec.conf <<'EOF' +include /etc/ipsec.d/*.conf +EOF + +if uname -r | grep -qi 'coreos'; then + sed -i '/phase2alg/s/,aes256-sha2_512//' /etc/ipsec.conf +fi + +if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then + sed -i 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf +fi + + +# Create xl2tpd config +cat > /etc/xl2tpd/xl2tpd.conf < /etc/ppp/options.xl2tpd </dev/null +$syt kernel.msgmax=65536 2>/dev/null +$syt net.ipv4.ip_forward=1 2>/dev/null +$syt net.ipv4.conf.all.accept_redirects=0 2>/dev/null +$syt net.ipv4.conf.all.send_redirects=0 2>/dev/null +$syt net.ipv4.conf.all.rp_filter=0 2>/dev/null +$syt net.ipv4.conf.default.accept_redirects=0 2>/dev/null +$syt net.ipv4.conf.default.send_redirects=0 2>/dev/null +$syt net.ipv4.conf.default.rp_filter=0 2>/dev/null +$syt "net.ipv4.conf.$NET_IFACE.send_redirects=0" 2>/dev/null +$syt "net.ipv4.conf.$NET_IFACE.rp_filter=0" 2>/dev/null + +# Create IPTables rules +ipi='iptables -I INPUT' +ipf='iptables -I FORWARD' +ipp='iptables -t nat -I POSTROUTING' +res='RELATED,ESTABLISHED' +if ! iptables -t nat -C POSTROUTING -s "$IPSEC_VPN_L2TP_NET" -o "$NET_IFACE" -j MASQUERADE 2>/dev/null; then + $ipi 1 -p udp --dport 1701 -m policy --dir in --pol none -j DROP + $ipi 2 -m conntrack --ctstate INVALID -j DROP + $ipi 3 -m conntrack --ctstate "$res" -j ACCEPT + $ipi 4 -p udp -m multiport --dports 500,4500 -j ACCEPT + $ipi 5 -p udp --dport 1701 -m policy --dir in --pol ipsec -j ACCEPT + $ipi 6 -p udp --dport 1701 -j DROP + $ipf 1 -m conntrack --ctstate INVALID -j DROP + $ipf 2 -i "$NET_IFACE" -o ppp+ -m conntrack --ctstate "$res" -j ACCEPT + $ipf 3 -i ppp+ -o "$NET_IFACE" -j ACCEPT + $ipf 4 -i ppp+ -o ppp+ -j ACCEPT + $ipf 5 -i "$NET_IFACE" -d "$IPSEC_VPN_XAUTH_NET" -m conntrack --ctstate "$res" -j ACCEPT + $ipf 6 -s "$IPSEC_VPN_XAUTH_NET" -o "$NET_IFACE" -j ACCEPT + $ipf 7 -s "$IPSEC_VPN_XAUTH_NET" -o ppp+ -j ACCEPT + + if [ "$IPSEC_VPN_VPN_ANDROID_MTU_FIX" = "yes" ]; then + # Client-to-client traffic is allowed by default. To *disallow* such traffic, + # uncomment below and restart the Docker container. + $ipf 2 -i ppp+ -o ppp+ -s "$IPSEC_VPN_L2TP_NET" -d "$IPSEC_VPN_L2TP_NET" -j DROP + $ipf 3 -s "$IPSEC_VPN_XAUTH_NET" -d "$IPSEC_VPN_XAUTH_NET" -j DROP + $ipf 4 -i ppp+ -d "$IPSEC_VPN_XAUTH_NET" -j DROP + $ipf 5 -s "$IPSEC_VPN_XAUTH_NET" -o ppp+ -j DROP + fi + + iptables -A FORWARD -j DROP + $ipp -s "$IPSEC_VPN_XAUTH_NET" -o "$NET_IFACE" -m policy --dir out --pol none -j MASQUERADE + $ipp -s "$IPSEC_VPN_L2TP_NET" -o "$NET_IFACE" -j MASQUERADE +fi + + +if [ "$IPSEC_VPN_VPN_ANDROID_MTU_FIX" = "yes" ]; then + echo "Applying fix for Android MTU/MSS issues..." + iptables -t mangle -A FORWARD -m policy --pol ipsec --dir in \ + -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 \ + -j TCPMSS --set-mss 1360 + iptables -t mangle -A FORWARD -m policy --pol ipsec --dir out \ + -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 \ + -j TCPMSS --set-mss 1360 + +fi + +# Update file attributes +touch /etc/ipsec.secrets /etc/ppp/chap-secrets /etc/ipsec.d/passwd +chmod 600 /etc/ipsec.secrets /etc/ppp/chap-secrets /etc/ipsec.d/passwd + + +echo +echo "Starting IPsec service..." +mkdir -p /run/pluto /var/run/pluto +rm -f /run/pluto/pluto.pid /var/run/pluto/pluto.pid + +ipsec initnss >/dev/null +ipsec pluto --config /etc/ipsec.conf + + +# Start xl2tpd +mkdir -p /var/run/xl2tpd +rm -f /var/run/xl2tpd.pid +/usr/sbin/xl2tpd -c /etc/xl2tpd/xl2tpd.conf + + +################# IKEV2 ################## +if [ "$IPSEC_VPN_DISABLE_IKEV2" != "yes" ]; then +printf "y\n\nN\n" | certutil -z <(head -c 1024 /dev/urandom) \ + -S -x -n "IKEv2 VPN CA" \ + -s "O=IKEv2 VPN,CN=IKEv2 VPN CA" \ + -k rsa -g 3072 -v 120 \ + -d sql:/etc/ipsec.d -t "CT,," -2 + +certutil -z <(head -c 1024 /dev/urandom) \ + -S -c "IKEv2 VPN CA" -n "$SERVER_IP_ADDRESS" \ + -s "O=IKEv2 VPN,CN=$SERVER_IP_ADDRESS" \ + -k rsa -g 3072 -v 120 \ + -d sql:/etc/ipsec.d -t ",," \ + --keyUsage digitalSignature,keyEncipherment \ + --extKeyUsage serverAuth \ + --extSAN "ip:$SERVER_IP_ADDRESS,dns:$SERVER_IP_ADDRESS" + +cat > /etc/ipsec.d/ikev2.conf < VpnConnection::getLastVpnConfig(const QJsonObject &containerConfig) { QMap configs; - for (Protocol proto: { Protocol::OpenVpn, - Protocol::ShadowSocks, - Protocol::Cloak, - Protocol::WireGuard}) { + for (Protocol proto: ProtocolProps::allProtocols()) { QString cfg = containerConfig.value(ProtocolProps::protoToString(proto)).toObject().value(config_key::last_config).toString(); @@ -242,6 +239,13 @@ ErrorCode VpnConnection::createVpnConfiguration(int serverIndex, m_vpnConfiguration.insert(config::key_wireguard_config_data, wgConfigData); } + if (container == DockerContainer::Ipsec) { + QString ikev2ConfigData = createVpnConfigurationForProto( + serverIndex, credentials, container, containerConfig, Protocol::Ikev2, &errorCode); + + m_vpnConfiguration.insert(config::key_ikev2_config_data, ikev2ConfigData); + } + //qDebug().noquote() << "VPN config" << QJsonDocument(m_vpnConfiguration).toJson(); return ErrorCode::NoError; } @@ -261,63 +265,29 @@ ErrorCode VpnConnection::connectToVpn(int serverIndex, m_vpnProtocol.reset(); } - if (container == DockerContainer::None || container == DockerContainer::OpenVpn) { - ErrorCode e = createVpnConfiguration(serverIndex, credentials, DockerContainer::OpenVpn, containerConfig); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } - - m_vpnProtocol.reset(new OpenVpnProtocol(m_vpnConfiguration)); - e = static_cast(m_vpnProtocol.data())->checkAndSetupTapDriver(); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } + ErrorCode e = createVpnConfiguration(serverIndex, credentials, container, containerConfig); + if (e) { + emit connectionStateChanged(VpnProtocol::Error); + return e; } - else if (container == DockerContainer::ShadowSocks) { - ErrorCode e = createVpnConfiguration(serverIndex, credentials, DockerContainer::ShadowSocks, containerConfig); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } - m_vpnProtocol.reset(new ShadowSocksVpnProtocol(m_vpnConfiguration)); - e = static_cast(m_vpnProtocol.data())->checkAndSetupTapDriver(); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } + +#ifndef Q_OS_ANDROID + + m_vpnProtocol.reset(VpnProtocol::factory(container, containerConfig)); + if (!m_vpnProtocol) { + return ErrorCode::InternalError; } - else if (container == DockerContainer::Cloak) { - ErrorCode e = createVpnConfiguration(serverIndex, credentials, DockerContainer::Cloak, containerConfig); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } - m_vpnProtocol.reset(new OpenVpnOverCloakProtocol(m_vpnConfiguration)); - e = static_cast(m_vpnProtocol.data())->checkAndSetupTapDriver(); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } - } - else if (container == DockerContainer::WireGuard) { - ErrorCode e = createVpnConfiguration(serverIndex, credentials, DockerContainer::WireGuard, containerConfig); - if (e) { - emit connectionStateChanged(VpnProtocol::Error); - return e; - } + m_vpnProtocol->prepare(); -#ifdef Q_OS_ANDROID + +#else AndroidVpnProtocol *androidVpnProtocol = new AndroidVpnProtocol(Protocol::WireGuard, m_vpnConfiguration); androidVpnProtocol->initialize(); m_vpnProtocol.reset(androidVpnProtocol); -#else - m_vpnProtocol.reset(new WireguardProtocol(m_vpnConfiguration)); #endif - } + connect(m_vpnProtocol.data(), &VpnProtocol::protocolError, this, &VpnConnection::vpnProtocolError); connect(m_vpnProtocol.data(), SIGNAL(connectionStateChanged(VpnProtocol::ConnectionState)), this, SLOT(onConnectionStateChanged(VpnProtocol::ConnectionState))); From 9ecb703b998e5c17842cd11c12f80e6ea115abe2 Mon Sep 17 00:00:00 2001 From: pokamest Date: Mon, 4 Oct 2021 21:13:07 +0300 Subject: [PATCH 2/9] refactoring --- client/core/defs.h | 12 ------ client/debug.cpp | 5 ++- client/protocols/ikev2_vpn_protocol.cpp | 3 +- client/protocols/openvpnovercloakprotocol.cpp | 2 +- client/protocols/openvpnprotocol.cpp | 8 ++-- client/protocols/protocols_defs.cpp | 10 +++++ client/protocols/protocols_defs.h | 4 ++ client/protocols/shadowsocksvpnprotocol.cpp | 2 +- client/protocols/wireguardprotocol.cpp | 6 +-- client/vpnconnection.cpp | 43 +++++++++++-------- client/vpnconnection.h | 5 ++- 11 files changed, 56 insertions(+), 44 deletions(-) diff --git a/client/core/defs.h b/client/core/defs.h index 99a7fc40..6df97d31 100644 --- a/client/core/defs.h +++ b/client/core/defs.h @@ -66,18 +66,6 @@ enum ErrorCode CloakExecutableCrashed }; - -namespace config { -// config keys -const char key_openvpn_config_data[] = "openvpn_config_data"; -const char key_openvpn_config_path[] = "openvpn_config_path"; -const char key_shadowsocks_config_data[] = "shadowsocks_config_data"; -const char key_cloak_config_data[] = "cloak_config_data"; -const char key_wireguard_config_data[] = "wireguard_config_data"; -const char key_ikev2_config_data[] = "ikev2_config_data"; - -} - } // namespace amnezia Q_DECLARE_METATYPE(amnezia::ErrorCode) diff --git a/client/debug.cpp b/client/debug.cpp index a54b0131..9c0578b5 100644 --- a/client/debug.cpp +++ b/client/debug.cpp @@ -31,6 +31,9 @@ void debugMessageHandler(QtMsgType type, const QMessageLogContext& context, cons bool Debug::init() { + qSetMessagePattern("%{time yyyy-MM-dd hh:mm:ss} %{type} %{message}"); + +#ifndef QT_DEBUG QString path = userLogsDir(); QDir appDir(path); if (!appDir.mkpath(path)) { @@ -39,7 +42,6 @@ bool Debug::init() m_logFileName = QString("%1.log").arg(APPLICATION_NAME); - qSetMessagePattern("%{time yyyy-MM-dd hh:mm:ss} %{type} %{message}"); m_file.setFileName(appDir.filePath(m_logFileName)); if (!m_file.open(QIODevice::WriteOnly | QIODevice::Truncate)) { @@ -49,6 +51,7 @@ bool Debug::init() m_file.setTextModeEnabled(true); m_textStream.setDevice(&m_file); qInstallMessageHandler(debugMessageHandler); +#endif return true; } diff --git a/client/protocols/ikev2_vpn_protocol.cpp b/client/protocols/ikev2_vpn_protocol.cpp index df143cf5..e7e80fcb 100644 --- a/client/protocols/ikev2_vpn_protocol.cpp +++ b/client/protocols/ikev2_vpn_protocol.cpp @@ -32,7 +32,8 @@ void Ikev2Protocol::stop() void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration) { - m_config = configuration.value(config::key_ikev2_config_data).toObject(); + QString cfgData = configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toString(); + m_config = QJsonDocument::fromJson(cfgData.toUtf8()).object(); } diff --git a/client/protocols/openvpnovercloakprotocol.cpp b/client/protocols/openvpnovercloakprotocol.cpp index 6636c27a..f2ac4512 100644 --- a/client/protocols/openvpnovercloakprotocol.cpp +++ b/client/protocols/openvpnovercloakprotocol.cpp @@ -113,5 +113,5 @@ QString OpenVpnOverCloakProtocol::cloakExecPath() void OpenVpnOverCloakProtocol::readCloakConfiguration(const QJsonObject &configuration) { - m_cloakConfig = configuration.value(config::key_cloak_config_data).toObject(); + m_cloakConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::Cloak)).toObject(); } diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp index cb8c7807..c6dc4d35 100644 --- a/client/protocols/openvpnprotocol.cpp +++ b/client/protocols/openvpnprotocol.cpp @@ -86,16 +86,16 @@ void OpenVpnProtocol::killOpenVpnProcess() void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration) { - if (configuration.contains(config::key_openvpn_config_data)) { + if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::OpenVpn))) { m_configFile.open(); - m_configFile.write(configuration.value(config::key_openvpn_config_data).toString().toUtf8()); + m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::OpenVpn)).toString().toUtf8()); m_configFile.close(); m_configFileName = m_configFile.fileName(); qDebug().noquote() << QString("Set config data") << m_configFileName; } - else if (configuration.contains(config::key_openvpn_config_path)) { - m_configFileName = configuration.value(config::key_openvpn_config_path).toString(); + else if (configuration.contains(ProtocolProps::key_proto_config_path(Protocol::OpenVpn))) { + m_configFileName = configuration.value(ProtocolProps::key_proto_config_path(Protocol::OpenVpn)).toString(); QFileInfo file(m_configFileName); if (file.fileName().isEmpty()) { diff --git a/client/protocols/protocols_defs.cpp b/client/protocols/protocols_defs.cpp index 26c86c4c..de54424a 100644 --- a/client/protocols/protocols_defs.cpp +++ b/client/protocols/protocols_defs.cpp @@ -174,3 +174,13 @@ bool ProtocolProps::defaultTransportProtoChangeable(Protocol p) default: return false; } } + +QString ProtocolProps::key_proto_config_data(Protocol p) +{ + return protoToString(p) + "_config_data"; +} + +QString ProtocolProps::key_proto_config_path(Protocol p) +{ + return protoToString(p) + "_config_path"; +} diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h index 770fed26..e046c0bc 100644 --- a/client/protocols/protocols_defs.h +++ b/client/protocols/protocols_defs.h @@ -164,6 +164,10 @@ public: Q_INVOKABLE static TransportProto defaultTransportProto(Protocol p); Q_INVOKABLE static bool defaultTransportProtoChangeable(Protocol p); + + Q_INVOKABLE static QString key_proto_config_data(Protocol p); + Q_INVOKABLE static QString key_proto_config_path(Protocol p); + }; static void declareQmlProtocolEnum() { diff --git a/client/protocols/shadowsocksvpnprotocol.cpp b/client/protocols/shadowsocksvpnprotocol.cpp index b3267d01..702a35d8 100644 --- a/client/protocols/shadowsocksvpnprotocol.cpp +++ b/client/protocols/shadowsocksvpnprotocol.cpp @@ -112,5 +112,5 @@ QString ShadowSocksVpnProtocol::shadowSocksExecPath() void ShadowSocksVpnProtocol::readShadowSocksConfiguration(const QJsonObject &configuration) { - m_shadowSocksConfig = configuration.value(config::key_shadowsocks_config_data).toObject(); + m_shadowSocksConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::ShadowSocks)).toObject(); } diff --git a/client/protocols/wireguardprotocol.cpp b/client/protocols/wireguardprotocol.cpp index 0f5c06fe..5c37d446 100644 --- a/client/protocols/wireguardprotocol.cpp +++ b/client/protocols/wireguardprotocol.cpp @@ -73,7 +73,7 @@ void WireguardProtocol::stop() void WireguardProtocol::readWireguardConfiguration(const QJsonObject &configuration) { - if (configuration.contains(config::key_wireguard_config_data)) { + if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::WireGuard))) { if (!m_configFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) { qCritical() << "Failed to save wireguard config to" << m_configFile.fileName(); return; @@ -81,12 +81,12 @@ void WireguardProtocol::readWireguardConfiguration(const QJsonObject &configurat m_isConfigLoaded = true; - m_configFile.write(configuration.value(config::key_wireguard_config_data).toString().toUtf8()); + m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toString().toUtf8()); m_configFile.close(); m_configFileName = m_configFile.fileName(); qDebug().noquote() << QString("Set config data") << m_configFileName; - qDebug().noquote() << QString("Set config data") << configuration.value(config::key_wireguard_config_data).toString().toUtf8(); + qDebug().noquote() << QString("Set config data") << configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toString().toUtf8(); } // else if (configuration.contains(config::key_wireguard_config_path)) { // m_configFileName = configuration.value(config::key_wireguard_config_path).toString(); diff --git a/client/vpnconnection.cpp b/client/vpnconnection.cpp index 84d3a980..bda6d74c 100644 --- a/client/vpnconnection.cpp +++ b/client/vpnconnection.cpp @@ -184,10 +184,12 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex, return configData; } -ErrorCode VpnConnection::createVpnConfiguration(int serverIndex, - const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig) +QJsonObject VpnConnection::createVpnConfiguration(int serverIndex, + const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode) { - ErrorCode errorCode = ErrorCode::NoError; + ErrorCode e = ErrorCode::NoError; + QJsonObject vpnConfiguration; if (container == DockerContainer::OpenVpn || container == DockerContainer::ShadowSocks || @@ -195,12 +197,13 @@ ErrorCode VpnConnection::createVpnConfiguration(int serverIndex, QString openVpnConfigData = createVpnConfigurationForProto( - serverIndex, credentials, container, containerConfig, Protocol::OpenVpn, &errorCode); + serverIndex, credentials, container, containerConfig, Protocol::OpenVpn, &e); - m_vpnConfiguration.insert(config::key_openvpn_config_data, openVpnConfigData); - if (errorCode) { - return errorCode; + vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::OpenVpn), openVpnConfigData); + if (e) { + if (errorCode) *errorCode = e; + return {}; } QFile file(OpenVpnProtocol::defaultConfigFileName()); @@ -210,44 +213,45 @@ ErrorCode VpnConnection::createVpnConfiguration(int serverIndex, file.close(); } else { - return ErrorCode::FailedToSaveConfigData; + if (errorCode) *errorCode = ErrorCode::FailedToSaveConfigData; + return {}; } } if (container == DockerContainer::ShadowSocks) { QJsonObject ssConfigData = QJsonDocument::fromJson( createVpnConfigurationForProto( - serverIndex, credentials, container, containerConfig, Protocol::ShadowSocks, &errorCode).toUtf8()). + serverIndex, credentials, container, containerConfig, Protocol::ShadowSocks, &e).toUtf8()). object(); - m_vpnConfiguration.insert(config::key_shadowsocks_config_data, ssConfigData); + vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::ShadowSocks), ssConfigData); } if (container == DockerContainer::Cloak) { QJsonObject cloakConfigData = QJsonDocument::fromJson( createVpnConfigurationForProto( - serverIndex, credentials, container, containerConfig, Protocol::Cloak, &errorCode).toUtf8()). + serverIndex, credentials, container, containerConfig, Protocol::Cloak, &e).toUtf8()). object(); - m_vpnConfiguration.insert(config::key_cloak_config_data, cloakConfigData); + vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::Cloak), cloakConfigData); } if (container == DockerContainer::WireGuard) { QString wgConfigData = createVpnConfigurationForProto( - serverIndex, credentials, container, containerConfig, Protocol::WireGuard, &errorCode); + serverIndex, credentials, container, containerConfig, Protocol::WireGuard, &e); - m_vpnConfiguration.insert(config::key_wireguard_config_data, wgConfigData); + vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::WireGuard), wgConfigData); } if (container == DockerContainer::Ipsec) { QString ikev2ConfigData = createVpnConfigurationForProto( - serverIndex, credentials, container, containerConfig, Protocol::Ikev2, &errorCode); + serverIndex, credentials, container, containerConfig, Protocol::Ikev2, &e); - m_vpnConfiguration.insert(config::key_ikev2_config_data, ikev2ConfigData); + vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::Ikev2), ikev2ConfigData); } //qDebug().noquote() << "VPN config" << QJsonDocument(m_vpnConfiguration).toJson(); - return ErrorCode::NoError; + return vpnConfiguration; } ErrorCode VpnConnection::connectToVpn(int serverIndex, @@ -265,7 +269,8 @@ ErrorCode VpnConnection::connectToVpn(int serverIndex, m_vpnProtocol.reset(); } - ErrorCode e = createVpnConfiguration(serverIndex, credentials, container, containerConfig); + ErrorCode e = ErrorCode::NoError; + m_vpnConfiguration = createVpnConfiguration(serverIndex, credentials, container, containerConfig); if (e) { emit connectionStateChanged(VpnProtocol::Error); return e; @@ -274,7 +279,7 @@ ErrorCode VpnConnection::connectToVpn(int serverIndex, #ifndef Q_OS_ANDROID - m_vpnProtocol.reset(VpnProtocol::factory(container, containerConfig)); + m_vpnProtocol.reset(VpnProtocol::factory(container, m_vpnConfiguration)); if (!m_vpnProtocol) { return ErrorCode::InternalError; } diff --git a/client/vpnconnection.h b/client/vpnconnection.h index 23d377c3..5ad0ef94 100644 --- a/client/vpnconnection.h +++ b/client/vpnconnection.h @@ -30,8 +30,9 @@ public: const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, Protocol proto, ErrorCode *errorCode = nullptr); - ErrorCode createVpnConfiguration(int serverIndex, - const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig); + QJsonObject createVpnConfiguration(int serverIndex, + const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); ErrorCode connectToVpn(int serverIndex, const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig); From d4b9557508e6afdd86883edefe65aa70338f2fc0 Mon Sep 17 00:00:00 2001 From: pokamest Date: Tue, 5 Oct 2021 12:22:13 +0300 Subject: [PATCH 3/9] Refactoring --- client/configurators/ikev2_configurator.cpp | 1 - client/configurators/openvpn_configurator.cpp | 7 +- .../configurators/wireguard_configurator.cpp | 11 +- client/protocols/openvpnprotocol.cpp | 14 +- client/protocols/protocols_defs.h | 1 + client/protocols/wireguardprotocol.cpp | 33 ++--- .../openvpn/configure_container.sh | 53 ++++--- .../openvpn_cloak/configure_container.sh | 134 +++++++++--------- .../configure_container.sh | 79 ++++++----- .../website_tor/configure_container.sh | 3 +- .../wireguard/configure_container.sh | 30 ++-- client/settings.cpp | 3 +- client/ui/qml/Pages/PageServerContainers.qml | 1 + client/vpnconnection.cpp | 62 ++------ 14 files changed, 198 insertions(+), 234 deletions(-) diff --git a/client/configurators/ikev2_configurator.cpp b/client/configurators/ikev2_configurator.cpp index 4c01cbdc..e3788f90 100644 --- a/client/configurators/ikev2_configurator.cpp +++ b/client/configurators/ikev2_configurator.cpp @@ -55,7 +55,6 @@ QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, return ""; } - QJsonObject config; config[config_key::hostName] = connData.host; config[config_key::userName] = connData.clientId; diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp index 5dac8cf0..82b77b05 100644 --- a/client/configurators/openvpn_configurator.cpp +++ b/client/configurators/openvpn_configurator.cpp @@ -5,6 +5,7 @@ #include #include #include +#include #include "core/server_defs.h" #include "containers/containers_defs.h" @@ -242,8 +243,10 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia config.replace("block-outside-dns", ""); #endif - //qDebug().noquote() << config; - return config; + QJsonObject jConfig; + jConfig[config_key::config] = config; + + return QJsonDocument(jConfig).toJson(); } QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config) diff --git a/client/configurators/wireguard_configurator.cpp b/client/configurators/wireguard_configurator.cpp index c5c01d7c..2f63e5dd 100644 --- a/client/configurators/wireguard_configurator.cpp +++ b/client/configurators/wireguard_configurator.cpp @@ -158,8 +158,10 @@ QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &crede config.replace("$WIREGUARD_SERVER_PUBLIC_KEY", connData.serverPubKey); config.replace("$WIREGUARD_PSK", connData.pskKey); - qDebug().noquote() << config; - return config; + QJsonObject jConfig; + jConfig[config_key::config] = config; + + return QJsonDocument(jConfig).toJson(); } QString WireguardConfigurator::processConfigWithLocalSettings(QString config) @@ -168,7 +170,10 @@ QString WireguardConfigurator::processConfigWithLocalSettings(QString config) config.replace("$PRIMARY_DNS", m_settings().primaryDns()); config.replace("$SECONDARY_DNS", m_settings().secondaryDns()); - return config; + QJsonObject jConfig; + jConfig[config_key::config] = config; + + return QJsonDocument(jConfig).toJson(); } QString WireguardConfigurator::processConfigWithExportSettings(QString config) diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp index c6dc4d35..074ea584 100644 --- a/client/protocols/openvpnprotocol.cpp +++ b/client/protocols/openvpnprotocol.cpp @@ -87,23 +87,15 @@ void OpenVpnProtocol::killOpenVpnProcess() void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration) { if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::OpenVpn))) { + QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::OpenVpn)).toObject(); + m_configFile.open(); - m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::OpenVpn)).toString().toUtf8()); + m_configFile.write(jConfig.value(config_key::config).toString().toUtf8()); m_configFile.close(); m_configFileName = m_configFile.fileName(); qDebug().noquote() << QString("Set config data") << m_configFileName; } - else if (configuration.contains(ProtocolProps::key_proto_config_path(Protocol::OpenVpn))) { - m_configFileName = configuration.value(ProtocolProps::key_proto_config_path(Protocol::OpenVpn)).toString(); - QFileInfo file(m_configFileName); - - if (file.fileName().isEmpty()) { - m_configFileName = defaultConfigFileName(); - } - - qDebug().noquote() << QString("Set config file: '%1'").arg(configPath()); - } } bool OpenVpnProtocol::openVpnProcessIsRunning() const diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h index e046c0bc..bd76296e 100644 --- a/client/protocols/protocols_defs.h +++ b/client/protocols/protocols_defs.h @@ -17,6 +17,7 @@ constexpr char local_port[] = "local_port"; constexpr char description[] = "description"; constexpr char cert[] = "cert"; +constexpr char config[] = "config"; constexpr char containers[] = "containers"; diff --git a/client/protocols/wireguardprotocol.cpp b/client/protocols/wireguardprotocol.cpp index 5c37d446..16aa93ac 100644 --- a/client/protocols/wireguardprotocol.cpp +++ b/client/protocols/wireguardprotocol.cpp @@ -73,31 +73,22 @@ void WireguardProtocol::stop() void WireguardProtocol::readWireguardConfiguration(const QJsonObject &configuration) { - if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::WireGuard))) { - if (!m_configFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) { - qCritical() << "Failed to save wireguard config to" << m_configFile.fileName(); - return; - } + QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toObject(); - m_isConfigLoaded = true; - - m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toString().toUtf8()); - m_configFile.close(); - m_configFileName = m_configFile.fileName(); - - qDebug().noquote() << QString("Set config data") << m_configFileName; - qDebug().noquote() << QString("Set config data") << configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toString().toUtf8(); + if (!m_configFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) { + qCritical() << "Failed to save wireguard config to" << m_configFile.fileName(); + return; } -// else if (configuration.contains(config::key_wireguard_config_path)) { -// m_configFileName = configuration.value(config::key_wireguard_config_path).toString(); -// QFileInfo file(m_configFileName); -// if (file.fileName().isEmpty()) { -// m_configFileName = defaultConfigFileName(); -// } + m_isConfigLoaded = true; + + m_configFile.write(jConfig.value(config_key::config).toString().toUtf8()); + m_configFile.close(); + m_configFileName = m_configFile.fileName(); + + qDebug().noquote() << QString("Set config data") << m_configFileName; + qDebug().noquote() << QString("Set config data") << configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toString().toUtf8(); -// qDebug().noquote() << QString("Set config file: '%1'").arg(configPath()); -// } } //bool WireguardProtocol::openVpnProcessIsRunning() const diff --git a/client/server_scripts/openvpn/configure_container.sh b/client/server_scripts/openvpn/configure_container.sh index ceb8c993..d51d019b 100644 --- a/client/server_scripts/openvpn/configure_container.sh +++ b/client/server_scripts/openvpn/configure_container.sh @@ -1,27 +1,26 @@ -sudo docker exec -i $CONTAINER_NAME bash -c '\ -echo -e "\ -port $OPENVPN_PORT \\n\ -proto $OPENVPN_TRANSPORT_PROTO \\n\ -dev tun \\n\ -ca /opt/amnezia/openvpn/ca.crt \\n\ -cert /opt/amnezia/openvpn/AmneziaReq.crt \\n\ -key /opt/amnezia/openvpn/AmneziaReq.key \\n\ -dh /opt/amnezia/openvpn/dh.pem \\n\ -server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK \\n\ -ifconfig-pool-persist ipp.txt \\n\ -duplicate-cn \\n\ -keepalive 10 120 \\n\ -$OPENVPN_NCP_DISABLE \\n\ -cipher $OPENVPN_CIPHER \\n\ -data-ciphers $OPENVPN_CIPHER \\n\ -auth $OPENVPN_HASH \\n\ -user nobody \\n\ -group nobody \\n\ -persist-key \\n\ -persist-tun \\n\ -status openvpn-status.log \\n\ -verb 1 \\n\ -tls-server \\n\ -tls-version-min 1.2 \\n\ -$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf' - +cat > /opt/amnezia/openvpn/server.conf </opt/amnezia/openvpn/server.conf' +cat > /opt/amnezia/openvpn/server.conf < /opt/amnezia/cloak/cloak_admin_uid.key; \ -CLOAK_BYPASS_UID=$(ck-server -u) && echo $CLOAK_BYPASS_UID > /opt/amnezia/cloak/cloak_bypass_uid.key; \ -IFS=, read CLOAK_PUBLIC_KEY CLOAK_PRIVATE_KEY <<<$(ck-server -k); \ -echo $CLOAK_PUBLIC_KEY > /opt/amnezia/cloak/cloak_public.key; \ -echo $CLOAK_PRIVATE_KEY > /opt/amnezia/cloak/cloak_private.key; \ -echo -e "{\\n\ - \"ProxyBook\": {\\n\ - \"openvpn\": [\\n\ - \"$OPENVPN_TRANSPORT_PROTO\",\\n\ - \"localhost:$OPENVPN_PORT\"\\n\ - ],\\n\ - \"shadowsocks\": [\\n\ - \"tcp\",\\n\ - \"localhost:$SHADOWSOCKS_SERVER_PORT\"\\n\ - ]\\n\ - },\\n\ - \"BypassUID\": [\\n\ - \"$CLOAK_BYPASS_UID\"\\n\ - ],\\n\ - \"BindAddr\":[\":443\"],\\n\ - \"RedirAddr\": \"$FAKE_WEB_SITE_ADDRESS\",\\n\ - \"PrivateKey\": \"$CLOAK_PRIVATE_KEY\",\\n\ - \"AdminUID\": \"$CLOAK_ADMIN_UID\",\\n\ - \"DatabasePath\": \"userinfo.db\",\\n\ - \"StreamTimeout\": 300\\n\ -}" >/opt/amnezia/cloak/ck-config.json' +mkdir -p /opt/amnezia/cloak +cd /opt/amnezia/cloak || exit 1 +CLOAK_ADMIN_UID=$(ck-server -u) && echo $CLOAK_ADMIN_UID > /opt/amnezia/cloak/cloak_admin_uid.key +CLOAK_BYPASS_UID=$(ck-server -u) && echo $CLOAK_BYPASS_UID > /opt/amnezia/cloak/cloak_bypass_uid.key +IFS=, read CLOAK_PUBLIC_KEY CLOAK_PRIVATE_KEY <<<$(ck-server -k) +echo $CLOAK_PUBLIC_KEY > /opt/amnezia/cloak/cloak_public.key +echo $CLOAK_PRIVATE_KEY > /opt/amnezia/cloak/cloak_private.key + +cat > /opt/amnezia/cloak/ck-config.json < /opt/amnezia/shadowsocks/shadowsocks.key; \ -echo -e "{\\n\ - \"local_port\": 8585,\\n\ - \"method\": \"$SHADOWSOCKS_CIPHER\",\\n\ - \"password\": \"$SHADOWSOCKS_PASSWORD\",\\n\ - \"server\": \"0.0.0.0\",\\n\ - \"server_port\": $SHADOWSOCKS_SERVER_PORT,\\n\ - \"timeout\": 60\\n\ -}" >/opt/amnezia/shadowsocks/ss-config.json' +SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A") +echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key +cat > /opt/amnezia/shadowsocks/ss-config.json </opt/amnezia/openvpn/server.conf' +cat > /opt/amnezia/openvpn/server.conf < /opt/amnezia/shadowsocks/shadowsocks.key; \ -echo -e "{\\n\ - \"local_port\": 8585,\\n\ - \"method\": \"$SHADOWSOCKS_CIPHER\",\\n\ - \"password\": \"$SHADOWSOCKS_PASSWORD\",\\n\ - \"server\": \"0.0.0.0\",\\n\ - \"server_port\": $SHADOWSOCKS_SERVER_PORT,\\n\ - \"timeout\": 60\\n\ -}" >/opt/amnezia/shadowsocks/ss-config.json' +mkdir -p /opt/amnezia/shadowsocks +cd /opt/amnezia/shadowsocks +SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A") +echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key + +cat > /opt/amnezia/shadowsocks/ss-config.json < /opt/amnezia/wireguard/wireguard_server_private_key.key; \ -WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | wg pubkey) && echo $WIREGUARD_SERVER_PUBLIC_KEY > /opt/amnezia/wireguard/wireguard_server_public_key.key; \ -WIREGUARD_PSK=$(wg genpsk) && echo $WIREGUARD_PSK > /opt/amnezia/wireguard/wireguard_psk.key; \ -echo -e "\ -[Interface]\\n\ -PrivateKey = $WIREGUARD_SERVER_PRIVATE_KEY \\n\ -Address = $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR \\n\ -ListenPort = $WIREGUARD_SERVER_PORT \\n\ -" >/opt/amnezia/wireguard/wg0.conf' +mkdir -p /opt/amnezia/wireguard +cd /opt/amnezia/wireguard +WIREGUARD_SERVER_PRIVATE_KEY=$(wg genkey) +echo $WIREGUARD_SERVER_PRIVATE_KEY > /opt/amnezia/wireguard/wireguard_server_private_key.key + +WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | wg pubkey) +echo $WIREGUARD_SERVER_PUBLIC_KEY > /opt/amnezia/wireguard/wireguard_server_public_key.key + +WIREGUARD_PSK=$(wg genpsk) +echo $WIREGUARD_PSK > /opt/amnezia/wireguard/wireguard_psk.key + +cat > /opt/amnezia/wireguard/wg0.conf < Date: Tue, 5 Oct 2021 14:59:52 +0300 Subject: [PATCH 4/9] remove unnecarry ui files --- client/client.pro | 3 - client/ui/mainwindow.ui | 7838 ------------------------------------ client/ui/server_widget.ui | 167 - 3 files changed, 8008 deletions(-) delete mode 100644 client/ui/mainwindow.ui delete mode 100644 client/ui/server_widget.ui diff --git a/client/client.pro b/client/client.pro index 4762461d..da7172fa 100644 --- a/client/client.pro +++ b/client/client.pro @@ -126,9 +126,6 @@ SOURCES += \ protocols/vpnprotocol.cpp \ protocols/openvpnprotocol.cpp \ -FORMS += \ - ui/server_widget.ui - RESOURCES += \ resources.qrc diff --git a/client/ui/mainwindow.ui b/client/ui/mainwindow.ui deleted file mode 100644 index 789131bf..00000000 --- a/client/ui/mainwindow.ui +++ /dev/null @@ -1,7838 +0,0 @@ - - - MainWindow - - - - 0 - 0 - 380 - 670 - - - - AmneziaVPN - - - QMainWindow { - background: white; -} - - -QWidget { -font-family: "Lato"; -} - -/*----------------------*/ - -QPushButton { - font-size: 16px; - outline: none; - font-style: normal; - font-weight: normal; - - border: none; -} -QPushButton:disabled { - border: none; -} - -QLabel { - outline: none; - font-size: 16px; - - font-style: normal; - font-weight: normal; - color: #181922; -} -QLabel:disabled { - color: #A7A7A7; -} - -QMessageBox QLabel { - font: 16px "Lato"; -} - - -/*----------------------*/ - -QTextEdit { -background: #F4F4F4; - -/* grey */ -border: 1px solid #A7A7A7; -color: #333333; - -} - -QComboBox { -font-size: 16px; -} - -QLineEdit { -font-size: 16px; -selection-background-color: darkgray; - -background: #F4F4F4; - -border: 1px solid #A7A7A7; -color: #333333; -} - -QLineEdit:focus { - border-bottom:2px solid rgb(200, 200, 200); -} -QLineEdit[error] { - border-bottom:2px solid rgb(213, 40, 60); - color: rgb(213, 40, 60); -} -QLineEdit:disabled { - border-bottom:2px solid rgb(127, 127, 127); - color: rgb(127, 127, 127); -} - -QRadioButton { - color: #181922; - font-size: 16px; - background: transparent; -} - -QCheckBox { - color: #181922; - font-size: 16px; - background: transparent; -} - -QCheckBox::indicator { -min-height: 20px; -min-width: 20px; - -border-image: url(:/images/controls/check_off.png) 0 0 0 0 stretch stretch; -} - -QCheckBox::indicator:unchecked { -border-image: url(:/images/controls/check_off.png) 0 0 0 0 stretch stretch; -} - -QCheckBox::indicator:checked { -border-image: url(:/images/controls/check_on.png); - -} - - -QScrollBar:vertical { /* The area behind the scrollbar covering entire height. */ - background-color: rgba(0, 0, 0,0); - opacity: 100; - width: 10px; /* set width to zero to hide scrollbar entirely. Can look quite clean and scrolling still works with mousewheel. */ - margin: 10px px; /* Takes the height of the buttons + 3 extra pixels to leave some free space between handle and buttons */ - -} - -QScrollBar::handle:vertical { /* The handle you scroll with */ - image-position: center; /* image is used as a small gripper in the center of the scrollbar.. You can also use background-image to use two images */ - background-color: rgb(200, 200, 200); - border: 2px solid rgb(240,240,240); - border-radius: 1px; - min-height: 10px; -} -QScrollBar::handle:vertical:hover { /* state when you hover over the handle */ - background-color: rgb(160, 160, 160); -} -QScrollBar::handle:vertical:pressed { /* state when you hover over the handle */ - background-color: rgb(120, 120, 120); -} -QScrollBar::sub-line:vertical { /* button to scroll up */ - background-color: rgb(240,240,240); - height: 10px; - subcontrol-position: top; - subcontrol-origin: margin; -} - -QScrollBar::sub-line:vertical:hover { /* hover state of button to scroll up */ - background-color: rgb(200, 200, 200); -} - -QScrollBar::up-arrow:vertical { /* arrow to scroll up with */ - top: 2px; -} - -QScrollBar::add-line:vertical { /* Button to scroll down */ - background-color: rgb(240,240,240); - height: 10px; - padding-top: 2px; - subcontrol-position: bottom; - subcontrol-origin: margin; -} -QScrollBar::add-line:vertical:hover { /* hover state of button to scroll down */ - background-color: rgb(200, 200, 200); -} - -QScrollBar::down-arrow:vertical { /* arrow to scroll down with */ - bottom: 3px; -} - -QScrollBar::add-page:vertical, QScrollBar::sub-page:vertical { - background-color: rgb(240,240,240); - -} - - - - - - - - - 0 - 0 - 380 - 670 - - - - QWidget #widget_main { - background: white; -} - - - - - - 0 - 0 - 380 - 30 - - - - true - - - background: #F5F5F5; - - - - - - 330 - 10 - 16 - 16 - - - - PointingHandCursor - - - image: url(:/images/listitembg.png); -image-position: right; - - - - - - - - - - 360 - 8 - 13 - 13 - - - - PointingHandCursor - - - QPushButton { -image-position: right; -image: url(:/images/close.png); - - padding:1px; -} -QPushButton:hover { - padding:0px; -} - - - - - - - - - - - 0 - 30 - 380 - 640 - - - - - - - 16 - - - - - - 110 - 590 - 150 - 22 - - - - image: url(:/images/AmneziaVPN.png); - - - - - - - - - 40 - 530 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; - -color: #100A44; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -border: 1px solid #211C4A; -border-radius: 4px; -} - - - - Set up your own server - - - true - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 35 - 380 - 481 - - - - - - - 40 - 210 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QPushButton:hover { -background: #211966; -} - - - - Connect - - - - - - 40 - 140 - 300 - 40 - - - - - - - - - - vpn://... - - - - - - 0 - 20 - 381 - 71 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Connect to the already created VPN server - - - Qt::AlignCenter - - - true - - - - - - 40 - 110 - 301 - 21 - - - - - - - Connection code - - - - - - - - 40 - 260 - 300 - 71 - - - - - - - <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> -<html><head><meta name="qrichtext" content="1" /><style type="text/css"> -p, li { white-space: pre-wrap; } -</style></head><body style=" font-family:'Lato'; font-size:8.25pt; font-weight:400; font-style:normal;"> -<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><br /></p></body></html> - - - - - - 50 - 40 - 281 - 21 - - - - PointingHandCursor - - - font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 20px; -text-align: center; - -/* акцент */ -color: #15CDCB; - - - Where to get connection data → - - - - - - 10 - 0 - 361 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup your server to use VPN - - - Qt::AlignCenter - - - true - - - - - - 40 - 100 - 300 - 40 - - - - - - - - - - - - - 40 - 350 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Connect - - - - - - 40 - 180 - 300 - 40 - - - - - - - root - - - - - - 40 - 450 - 281 - 21 - - - - PointingHandCursor - - - font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 20px; -text-align: center; - -/* акцент */ -color: #15CDCB; - - - Connect using SSH key - - - true - - - true - - - - - - 40 - 260 - 300 - 40 - - - - QLineEdit { - background: #F4F4F4; - border: 1px solid #A7A7A7; - color: #333333; -} - - - - - - QLineEdit::Password - - - - - - 40 - 70 - 171 - 21 - - - - - - - Server IP address - - - - - - 40 - 150 - 261 - 21 - - - - - - - Login to connect via SSH - - - - - - 40 - 230 - 171 - 21 - - - - - - - Password - - - - - true - - - - 40 - 390 - 301 - 41 - - - - Please wait, configuring process may take up to 5 minutes - - - true - - - textEdit_new_server_ssh_key - pushButton_new_server_get_info - lineEdit_new_server_ip - pushButton_new_server_connect - lineEdit_new_server_login - pushButton_new_server_connect_key - lineEdit_new_server_password - label_4 - label_5 - label_new_server_password - label_2 - label_new_server_wait_info - - - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -color: #211C4A; -} - -QLineEdit { -padding-left: 10px; -border: 1px solid #A7A7A7; -} - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 110 - 590 - 150 - 22 - - - - image: url(:/images/AmneziaVPN.png); - - - - - - - - - 40 - 310 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Configure VPN protocols manually - - - - - - 10 - 35 - 361 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup your server to use VPN - - - Qt::AlignCenter - - - true - - - - - - 40 - 150 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Run Setup Wizard - - - - - - 40 - 100 - 301 - 41 - - - - - - - If you want easily configure your server just run Wizard - - - Qt::AlignBottom|Qt::AlignHCenter - - - true - - - - - - 40 - 260 - 301 - 41 - - - - - - - Press configure manually to choose VPN protocols you want to install - - - Qt::AlignBottom|Qt::AlignHCenter - - - true - - - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup Wizard - - - Qt::AlignCenter - - - true - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 10 - 70 - 361 - 561 - - - - - - 10 - 10 - 331 - 25 - - - - High censorship level - - - - - - 10 - 180 - 331 - 30 - - - - Medium censorship level - - - true - - - - - - 10 - 330 - 331 - 30 - - - - Low censorship level - - - - - - 30 - 40 - 321 - 121 - - - - I'm living in country with high censorship level. Many of foreign web sites and VPNs blocked by my government. I want to setup reliable VPN, which is invisible for government. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 210 - 321 - 101 - - - - I'm living in country with medium censorship level. Some web sites blocked by my government, but VPNs are not blocked at all. I want to setup flexible solution. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 360 - 321 - 51 - - - - I just want to improve my privacy in internet. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 490 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Next - - - - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup Wizard - - - Qt::AlignCenter - - - true - - - - - - 10 - 70 - 361 - 561 - - - - QLabel { - font-size: 16px; -} - - - - - 30 - 10 - 321 - 321 - - - - AmneziaVPN will install VPN protocol which is not visible for your internet provider and government firewall. Your VPN connection will be detected by your provider as regular web traffic to particular web site. - -You SHOULD set this web site address to some foreign web site which is not blocked by your internet provider. Other words you need to type below some foreign web site address which is accessible without VPN. - -Please note, this protocol still does not support export connection profile to mobile devices. Keep for updates. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 400 - 321 - 71 - - - - OpenVPN over Cloak (VPN obfuscation) profile will be installed - - - Qt::AlignBottom|Qt::AlignLeading|Qt::AlignLeft - - - true - - - - - - 30 - 490 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Next - - - - - - 30 - 360 - 301 - 41 - - - - - - - 30 - 330 - 291 - 21 - - - - Type web site address for mask - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - - - 10 - 70 - 361 - 561 - - - - QLabel { - font-size: 16px; -} - - - - - 30 - 10 - 321 - 341 - - - - Optional. - -We recommend to enable VPN mode "For selected sites" and add blocked sites you need to visit manually. If you will choose this option, you will need add every bloked site you want to visit to the access list. You may switch between modes later. - -Please note, you should add addresses to the list after VPN connection established. You may add any domain, URL or IP address, it will be resolved to IP address. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 490 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Start configuring - - - - - - 30 - 350 - 301 - 71 - - - - Turn on mode "VPN for selected sites" - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup Wizard - - - Qt::AlignCenter - - - true - - - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup Wizard - - - Qt::AlignCenter - - - true - - - - - - 10 - 70 - 361 - 561 - - - - QLabel { - font-size: 16px; -} - - - - - 30 - 10 - 321 - 341 - - - - AmneziaVPN will install VPN protocol which is difficult to detect by your internet provider and government firewall (but possible). In most cases, this is the most suitable protocol. This protocol is faster compared to the VPN protocols with "web traffic masking". - -This protocol support export connection profile to mobile devices using QR code (you should launch 3rd party opensource VPN client - ShadowSocks VPN). - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 400 - 321 - 71 - - - - OpenVPN over ShadowSocks profile will be installed - - - Qt::AlignBottom|Qt::AlignLeading|Qt::AlignLeft - - - true - - - - - - 30 - 490 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Next - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Setup Wizard - - - Qt::AlignCenter - - - true - - - - - - 10 - 70 - 361 - 561 - - - - QLabel { - font-size: 16px; -} - - - - - 30 - 10 - 321 - 341 - - - - AmneziaVPN will install OpenVPN protocol with public/private key pairs generated on server and client sides. You can also configure connection on your mobile device by copying exported ".ovpn" file to your device and setting up official OpenVPN client. We recommend do not use messengers for sending connection profile - it contains VPN private keys. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 30 - 400 - 321 - 71 - - - - OpenVPN profile will be installed - - - Qt::AlignBottom|Qt::AlignLeading|Qt::AlignLeft - - - true - - - - - - 30 - 490 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Start configuring - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - - - 40 - 510 - 301 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 0 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - - 0 - 35 - 381 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -color: #100A44; -} - - - - Configuring... - - - Qt::AlignCenter - - - true - - - - - - 30 - 90 - 321 - 31 - - - - Please wait. - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop - - - true - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - true - - - - 40 - 560 - 301 - 41 - - - - Please wait, configuring process may take up to 5 minutes - - - true - - - - - - - - 10 - 35 - 361 - 31 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 24px; -line-height: 25px; -color: #100A44; - - - - Select VPN protocols - - - Qt::AlignCenter - - - true - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 70 - 380 - 471 - - - - - 380 - 0 - - - - - 380 - 16777215 - - - - QScrollArea { background: transparent; } -QScrollArea > QWidget > QWidget { background: transparent; } -QScrollArea > QWidget > QScrollBar { background: palette(base); } - -QLineEdit { -background: transparent; -} -QPushButton { - text-align: left; - background-repeat:no-repeat; - background-position:left top; - - background-image: url(:/images/settings.png); - padding-left: 30px; - min-height: 24px; -} -QFrame { -background: transparent; -border: 1px solid lightgrey; -border-radius: 2px; -} -QFrame#scrollArea_server_protocols { -border: none; -} -QLabel { -border: none; -} - - - true - - - - - 0 - 0 - 378 - 469 - - - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - 0 - 0 - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - - - - - - OpenVPN and ShadowSocks - with masking using Cloak plugin - - - true - - - - - - - - 0 - 0 - - - - - 24 - 24 - - - - PointingHandCursor - - - - - - true - - - - - - - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Port (TCP) - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - 443 - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Fake Web Site - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - tile.openstreetmap.org - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - - - - 0 - 24 - - - - ShadowSocks - - - - - - - - 0 - 0 - - - - - 24 - 24 - - - - PointingHandCursor - - - - - - true - - - - - - - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Port(TCP) - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - 6789 - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Encryption - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - - chacha20-ietf-poly1305 - - - - - xchacha20-ietf-poly1305 - - - - - aes-256-gcm - - - - - aes-192-gcm - - - - - aes-128-gcm - - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - - - - 0 - 0 - - - - - 0 - 24 - - - - OpenVPN - - - - - - - - 0 - 0 - - - - - 24 - 24 - - - - PointingHandCursor - - - - - - true - - - - - - - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Port - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Protocol - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - - udp - - - - - tcp - - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - 5 - - - 5 - - - 5 - - - 5 - - - - - - - - - 0 - 0 - - - - - 0 - 24 - - - - WireGuard - - - - - - - - 0 - 0 - - - - - 24 - 24 - - - - PointingHandCursor - - - - - - true - - - - - - - - - - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Port - - - - - - - - 185 - 0 - - - - - 185 - 16777215 - - - - - - - - - - - - - - Qt::Vertical - - - QSizePolicy::Expanding - - - - 20 - 40 - - - - - - - - - - - 40 - 570 - 301 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 24 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - - 40 - 570 - 301 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Setup server - - - - - - - - - - - 0 - 0 - 380 - 325 - - - - border-image: url(:/images/background_connected.png); - - - - - - true - - - - - - 0 - 360 - 380 - 51 - - - - - - - - - 53 - 10 - 15 - 15 - - - - image: url(:/images/download.png); - - - - - - - - - 311 - 10 - 15 - 15 - - - - image: url(:/images/upload.png); - - - - - - - - - 260 - 20 - 118 - 30 - - - - - Lato - -1 - 50 - false - false - - - - color: rgb(66, 209, 133); -font: 16px "Lato"; - - - 0 Mbps - - - Qt::AlignCenter - - - - - - 0 - 20 - 127 - 30 - - - - - Lato - -1 - 50 - false - false - - - - color: rgb(65, 113, 214); -font: 16px "Lato"; - - - 0 Mbps - - - Qt::AlignCenter - - - - - - true - - - - 20 - 560 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} - -QPushButton:!enabled { -background: #484952; -} - -QPushButton:hover { -background: #282932; -} - - - + Add site - - - - - - 340 - 10 - 31 - 31 - - - - PointingHandCursor - - - image: url(:/images/settings_grey.png); -background: transparent - - - - - - - - - 150 - 200 - 80 - 40 - - - - PointingHandCursor - - - QPushButton:!checked { -image: url(:/images/connect_button_disconnected.png); -} - -QPushButton:checked { -image: url(:/images/connect_button_connected.png); -} - - - - - - true - - - false - - - - - - 0 - 250 - 380 - 31 - - - - font-family: "Lato"; - -font-style: normal; -font-weight: 600; -font-size: 15px; - -color: #181922; - - - - Connected - - - Qt::AlignCenter - - - - - - 20 - 424 - 341 - 1 - - - - background-image: url(:/images/Line.png); - - - - - - - - - 20 - 440 - 281 - 21 - - - - font-family: "Lato"; - -font-style: normal; -font-weight: 600; -font-size: 15px; - -color: #181922; - - - - - How to use VPN - - - Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter - - - - - - 0 - 280 - 381 - 61 - - - - Error text - - - false - - - Qt::AlignCenter - - - true - - - - - - 20 - 470 - 351 - 91 - - - - - true - - - - 0 - 60 - 341 - 19 - - - - Except selected sites - - - false - - - - - true - - - - 0 - 30 - 341 - 19 - - - - For selected sites - - - false - - - - - true - - - - 0 - 0 - 341 - 19 - - - - For all connections - - - true - - - - - - - /*QListView { - outline: 0; - background: transparent; - border: none; - gridline-color: darkgray; -} - -QListView::item -{ - padding-left: 5px; - border: none; - color: #181922; -} - -QListView::item:disabled -{ - padding-left: 5px; - border: none; - color: #181922; -} - -QListView::item:selected { - border: none; - background: rgba(167, 167, 167, 0.1); - color: #181922; -} -*/ - - - - - 10 - 10 - 28 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 10 - 0 - 360 - 0 - - - - List of the most popular prohibited sites - - - Qt::AlignCenter - - - true - - - - - true - - - - 20 - 40 - 340 - 60 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - These sites will be opened using VPN - - - Qt::AlignHCenter|Qt::AlignTop - - - true - - - - - - 20 - 140 - 231 - 31 - - - - - Lato - -1 - 50 - false - false - - - - QLineEdit { - border: none; - - font-size: 16px; - background:transparent; - - selection-background-color: darkgray; - border: 1px solid #A7A7A7; -} - - - - - - Qt::AlignCenter - - - yousite.com or IP address - - - - - true - - - - 260 - 140 - 51 - 31 - - - - PointingHandCursor - - - QPushButton { -background: #100A44; -border-radius: 4px; -font-size: 24px; -color: white -} -QPushButton:hover { -background: #211966; -} - - - + - - - - - - 20 - 110 - 311 - 21 - - - - font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 150%; - -/* identical to box height, or 24px */ - -/* text */ -color: #333333; - - - Web site/Hostname/IP address/Subnet - - - - - - 20 - 200 - 341 - 371 - - - - QTableView { - background: transparent; - gridline-color: transparent; - - border: none; - outline: none; - show-decoration-selected: 1; -} - -QTableView::item -{ - padding-left: 5px; - border-top: 1px solid lightgray; - color: #181922; -} - -QTableView::item::selected -{ - border: 0px; - padding-left: 5px; - background-color: rgb(99, 180, 251); - border: : rgb(99, 180, 251); -} - - - QAbstractItemView::ExtendedSelection - - - QAbstractItemView::SelectRows - - - false - - - Qt::NoPen - - - false - - - false - - - false - - - - - - 80 - 589 - 231 - 31 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Delete selected - - - - - true - - - - 320 - 140 - 51 - 31 - - - - PointingHandCursor - - - QPushButton { -background: #100A44; -border-radius: 4px; -padding: 5px; -image: url(:/images/folder.png); -} -QPushButton:hover { -background: #211966; -} - - - - - - - - - QPushButton { -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -Text-align:left; -padding-left: 30px; - - -/* black */ -color: #100A44; - -background-repeat: no-repeat; - background-position: left center; -} - -QPushButton:!enabled { -color: #AAAAAA; -} - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 10 - 40 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 30 - 180 - 330 - 30 - - - - PointingHandCursor - - - Reinstall server, clear server - - - background-image: url(:/images/server_settings.png); - - - Server management - - - - - - 10 - 160 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - true - - - - 30 - 240 - 330 - 30 - - - - PointingHandCursor - - - background-image: url(:/images/share.png); - - - Share connection - - - - - - 10 - 220 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 10 - 620 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - true - - - - 30 - 580 - 330 - 30 - - - - PointingHandCursor - - - - - - Exit - - - - - - 10 - 560 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 30 - 60 - 330 - 30 - - - - PointingHandCursor - - - Auto start, Auto connect - - - background-image: url(:/images/settings.png); - - - - App settings - - - - - - 10 - 280 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 10 - 100 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 30 - 120 - 330 - 30 - - - - PointingHandCursor - - - DNS settings - - - background-image: url(:/images/settings.png); - - - - Network settings - - - - - - 30 - 300 - 330 - 30 - - - - PointingHandCursor - - - Reinstall server, clear server - - - background-image: url(:/images/server_settings.png); - - - Servers - - - - - - 10 - 340 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 10 - 400 - 360 - 10 - - - - image: url(:/images/line.png); - - - - - - - - - 30 - 360 - 330 - 30 - - - - PointingHandCursor - - - Add or import new server - - - background-image: url(:/images/plus.png); - - - - Add server - - - - - - - - - - - 20 - 90 - 340 - 501 - - - - QWidget { - margin: 0px; - padding: 0px; -} - -QPushButton:hover { - image: url(:/images/close.png); - image-position: right center; -} - -QListView { - outline: 0; - background: transparent; - border: none; - gridline-color: darkgray; - show-decoration-selected: 1; -} - -QListView::item -{ - padding-left: 5px; - color: #181922; - border: none; - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #FAFBFE, stop: 1 #ECEEFF); -} - -QListView::item:disabled -{ - padding-left: 5px; - border: none; - color: #181922; -} - -QListView::item:selected { - border: none; - background: rgba(167, 167, 167, 0.1); - color: #181922; -} - -QListView::item:selected:!active { - background: transparent; - border: none; -} - -QListView::item:selected:active { - background: transparent; - border: none; -} - -QListView::item:hover { - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #FAFBFE, stop: 1 #DCDEDF); -} - - - QAbstractItemView::NoEditTriggers - - - QAbstractItemView::NoSelection - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 50 - 30 - 171 - 40 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - Servers list - - - Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter - - - - - - 240 - 39 - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/plus.png); - padding:1px; -} -QPushButton:hover { - padding:0px; -} - - - - - - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 110 - 590 - 150 - 22 - - - - image: url(:/images/AmneziaVPN.png); - - - - - - - - - 30 - 100 - 211 - 31 - - - - Auto start - - - - - - 20 - 30 - 340 - 40 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - Application Settings - - - Qt::AlignCenter - - - - - - 30 - 140 - 211 - 31 - - - - Auto connect - - - - - - 30 - 280 - 321 - 41 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QPushButton:hover { -background: #211966; -} - - - Check for updates - - - - - - 30 - 240 - 281 - 21 - - - - Software version: X.X.X (01.06.2021) - - - - - - 30 - 180 - 211 - 31 - - - - Start minimized - - - - - - 30 - 340 - 321 - 41 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QPushButton:hover { -background: #211966; -} - - - Open logs folder - - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 110 - 590 - 150 - 22 - - - - image: url(:/images/AmneziaVPN.png); - - - - - - - - - 40 - 120 - 271 - 40 - - - - - - - - - - - - - 20 - 30 - 340 - 40 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - DNS Servers - - - Qt::AlignCenter - - - - - - 40 - 200 - 271 - 40 - - - - - - - - - - - - true - - - - 320 - 130 - 18 - 18 - - - - PointingHandCursor - - - Reset to default value - - - QPushButton { -image: url(:/images/reload.png); -padding:1px; -} -QPushButton:hover { -padding:0px; -} - - - - - - - - - true - - - - 320 - 210 - 18 - 18 - - - - PointingHandCursor - - - Reset to default value - - - QPushButton { -image: url(:/images/reload.png); -padding:1px; -} -QPushButton:hover { -padding:0px; -} - - - - - - - - - true - - - - 40 - 95 - 291 - 21 - - - - Primary DNS server - - - true - - - - - true - - - - 40 - 175 - 291 - 21 - - - - Secondray DNS server - - - true - - - - - - - true - - - - 40 - 530 - 301 - 41 - - - - Please wait, configuring process may take up to 5 minutes - - - true - - - - - - 40 - 350 - 300 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Clear client cached profile - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 20 - 30 - 340 - 40 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - Server settings - - - Qt::AlignCenter - - - true - - - - - - 110 - 590 - 150 - 22 - - - - image: url(:/images/AmneziaVPN.png); - - - - - - - - - 40 - 410 - 300 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Clear server from Amnezia software - - - - - - 40 - 470 - 300 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Forget this server - - - - - - 20 - 120 - 341 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 20px; -} - - - root@yourserver.org - - - Qt::AlignCenter - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 70 - 80 - 251 - 31 - - - - QLineEdit { -border: none; -outline: none; -border-bottom: 1px solid lightgrey; -font-size: 18px; -font-weight: bold; -} - - - - Qt::AlignCenter - - - false - - - - - - 40 - 210 - 300 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - VPN protocols - - - - - - 20 - 150 - 341 - 31 - - - - QLabel { -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 20px; -} - - - VPN Protocol: - - - Qt::AlignCenter - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 40 - 260 - 300 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Share Server (FULL ACCESS) - - - label_server_settings_wait_info - label_16 - label_17 - pushButton_server_settings_clear_client_cache - pushButton_server_settings_clear - pushButton_server_settings_forget - label_server_settings_server - lineEdit_server_settings_description - pushButton_server_settings_protocols - pushButton_back_from_server_settings - label_server_settings_current_vpn_protocol - pushButton_server_settings_share_full - - - - - - - - - 20 - 440 - 340 - 121 - - - - QWidget { - margin: 0px; - padding: 0px; -} - -QPushButton:hover { - image: url(:/images/close.png); - image-position: right center; -} - -QListView { - outline: 0; - background: transparent; - border: none; - gridline-color: darkgray; - show-decoration-selected: 1; -} - -QListView::item -{ - padding-left: 5px; - color: #181922; - border: none; - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #FAFBFE, stop: 1 #ECEEFF); -} - -QListView::item:disabled -{ - padding-left: 5px; - border: none; - color: #181922; -} - -QListView::item:selected { - border: none; - background: rgba(167, 167, 167, 0.1); - color: #181922; -} - -QListView::item:selected:!active { - background: transparent; - border: none; -} - -QListView::item:selected:active { - background: transparent; - border: none; -} - -QListView::item:hover { - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #FAFBFE, stop: 1 #DCDEDF); -} - - - QAbstractItemView::NoEditTriggers - - - QAbstractItemView::NoSelection - - - - - - 20 - 30 - 340 - 40 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - Protocols - - - Qt::AlignCenter - - - true - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 70 - 381 - 511 - - - - QWidget { -background: transparent; -} -QPushButton { - text-align: left; - background-repeat:no-repeat; - background-position:left top; - - background-image: url(:/images/settings.png); - padding-left: 30px; - min-height: 24px; -} -QFrame { -border: 1px solid lightgrey; -border-radius: 2px; -} -QFrame#scrollArea_server_protocols { -border: none; -} -QLabel { -border: none; -} - - - true - - - - - 0 - -47 - 371 - 558 - - - - - 19 - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - - - - - Cloak container - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - image: url(:/images/check.png); - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/check.png); -} -QPushButton:!checked { - image: url(:/images/uncheck.png); -} - - - - - - - - true - - - false - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - background: transparent; -image: url(:/images/share.png); -padding: 0px; -margin: 0px; - - - - - - - - - - - 36 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - - true - - - false - - - - - - - - - - - - PointingHandCursor - - - OpenVPN settings - - - - - - - PointingHandCursor - - - ShadowSocks settings - - - - - - - PointingHandCursor - - - Cloak settings - - - - - - - - - - - - - - 0 - 100 - - - - - QLayout::SetMinAndMaxSize - - - - - - - ShadowSocks container - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - image: url(:/images/check.png); - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/check.png); -} -QPushButton:!checked { - image: url(:/images/uncheck.png); -} - - - - - - - true - - - false - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - background: transparent; -image: url(:/images/share.png); -padding: 0px; -margin: 0px; - - - - - - - - - - - 36 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - - true - - - - - - - - - - - - PointingHandCursor - - - OpenVPN settings - - - - - - - PointingHandCursor - - - ShadowSocks settings - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - - - - - OpenVPN container - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - image: url(:/images/check.png); - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/check.png); -} -QPushButton:!checked { - image: url(:/images/uncheck.png); -} - - - - - - - true - - - false - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - background: transparent; -image: url(:/images/share.png); -padding: 0px; -margin: 0px; - - - - - - - - - - - 36 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - - true - - - - - - - - - - - - PointingHandCursor - - - OpenVPN settings - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - - - - - WireGuard container - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - image: url(:/images/check.png); - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/check.png); -} -QPushButton:!checked { - image: url(:/images/uncheck.png); -} - - - - - - - true - - - false - - - - - - - - 24 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - background: transparent; -image: url(:/images/share.png); -padding: 0px; -margin: 0px; - - - - - - - - - - - 36 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - - true - - - - - - - - - - - - PointingHandCursor - - - WireGuard settings - - - - - - - - - - - - - - 0 - 100 - - - - - - - - QLayout::SetMinAndMaxSize - - - - - - - TOR Web site - - - - - - - - 36 - 24 - - - - - 24 - 24 - - - - PointingHandCursor - - - QPushButton { - background: transparent; - padding: 0px; - margin: 0px; -} -QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - - true - - - - - - - - - - - - Not installed - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - - - - - - - - Qt::Vertical - - - - 20 - 40 - - - - - - - - - - - 40 - 580 - 300 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 24 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - - QScrollBar::sub-line:vertical { /* button to scroll up */ - border-top-right-radius: 3px; - background-color: rgb(240,240,240); - height: 10px; - subcontrol-position: top; - subcontrol-origin: margin; - margin-top: 3px; -} - - -QScrollBar::add-line:vertical { /* Button to scroll down */ - border-bottom-right-radius: 3px; - background-color: rgb(240,240,240); - height: 10px; - padding-top: 2px; - subcontrol-position: bottom; - subcontrol-origin: margin; - margin-bottom: 3px; -} - - -QScrollBar::add-page:vertical, QScrollBar::sub-page:vertical { - background-color: rgb(240,240,240); -} - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 10 - 40 - 360 - 580 - - - - - 0 - 0 - - - - - Lato - 50 - false - false - - - - QToolBox { -margins: 0px; -} - -QToolBox QFrame { -background: transparent; -} - -QToolBox > QWidget { -font: 25px "Lato"; -background: transparent; -border-radius: 5px; - - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #F1F1F1, stop: 0.4 #FFFFFF, - stop: 0.5 #F8F8F8, stop: 1.0 #FFFFFF); - -} - -QToolBox::tab { - background: qlineargradient(x1: 0, y1: 0, x2: 0, y2: 1, - stop: 0 #E1E1E1, stop: 0.4 #DDDDDD, - stop: 0.5 #D8D8D8, stop: 1.0 #D3D3D3); -border-radius: 2px; -font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 18px; -color: #100A44; -image: url(:/images/share.png); -image-position: left; -padding-left: 10px; - - border-color: #DDDDDD; - border-bottom: 2px solid #DDDDDD; -} - -QToolBox::tab:hover { - border-color: #148CD2; - border-bottom: 2px solid #148CD2; -} - - - QFrame::NoFrame - - - 0 - - - 3 - - - 6 - - - - - 0 - 0 - 100 - 30 - - - - - - - Full access - - - - - 10 - 10 - 341 - 100 - - - - QTextEdit { - -background: #F5F5F5; -border-radius: 10px; - - -font-family: Consolas; -font-style: normal; -font-weight: bold; -font-size: 20px; - -text-align: center; - -color: #15CDCB; - -} - - - - QTextEdit::FixedColumnWidth - - - 30 - - - true - - - <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> -<html><head><meta name="qrichtext" content="1" /><style type="text/css"> -p, li { white-space: pre-wrap; } -</style></head><body style=" font-family:'Consolas'; font-size:20px; font-weight:600; font-style:normal;"> -<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><span style=" font-size:20pt;">vpn:\\xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</span></p></body></html> - - - - - - 10 - 260 - 341 - 111 - - - - font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 150%; - -color: #181922; - - - - Anyone who logs in with this code will have the same permissions to use VPN and your server as you. -This code includes your server credentials! -Provide this code only to TRUSTED users. - - - Qt::AlignJustify|Qt::AlignTop - - - true - - - - - - 10 - 130 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Copy - - - - - - 10 - 180 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Save file - - - - - - - 0 - 0 - 100 - 30 - - - - Share for Amnezia client - - - - - 10 - 10 - 341 - 100 - - - - QTextEdit { - -background: #F5F5F5; -border-radius: 10px; - - -font-family: Consolas; -font-style: normal; -font-weight: bold; -font-size: 20px; - -text-align: center; - -color: #15CDCB; - -} - - - - QTextEdit::FixedColumnWidth - - - 30 - - - true - - - <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> -<html><head><meta name="qrichtext" content="1" /><style type="text/css"> -p, li { white-space: pre-wrap; } -</style></head><body style=" font-family:'Consolas'; font-size:20px; font-weight:600; font-style:normal;"> -<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><span style=" font-size:20pt;">vpn:\\xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</span></p></body></html> - - - - - - 10 - 280 - 341 - 81 - - - - font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 150%; - -color: #181922; - - - - Anyone who logs in with this code will be able to connect to this VPN server. -This code does not include server credentials. - - - Qt::AlignJustify|Qt::AlignTop - - - true - - - - - - 10 - 180 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Copy - - - - - - 10 - 130 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Generate config - - - - - - 10 - 230 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Save file - - - - - - - 0 - 0 - 100 - 30 - - - - Share for OpenVPN client - - - - - 10 - 10 - 341 - 100 - - - - QTextEdit { - -background: #F5F5F5; -border-radius: 10px; - - -font-family: Consolas; -font-style: normal; -font-weight: bold; -font-size: 20px; - -text-align: center; - -color: #15CDCB; - -} - - - - QTextEdit::FixedColumnWidth - - - 30 - - - true - - - <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> -<html><head><meta name="qrichtext" content="1" /><style type="text/css"> -p, li { white-space: pre-wrap; } -</style></head><body style=" font-family:'Consolas'; font-size:20px; font-weight:600; font-style:normal;"> -<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><span style=" font-size:20pt;">vpn:\\xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</span></p></body></html> - - - - - - 10 - 180 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Copy - - - - - - 10 - 230 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Save file - - - - - - 10 - 130 - 341 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Generate config - - - - - - - 0 - 0 - 360 - 360 - - - - - - - Share for ShadowSocks client - - - - - 10 - 70 - 100 - 20 - - - - Password - - - - - - 10 - 10 - 100 - 20 - - - - Server: - - - - - - 10 - 50 - 100 - 20 - - - - Encryption: - - - - - - 10 - 30 - 100 - 20 - - - - Port: - - - - - - 130 - 10 - 111 - 20 - - - - Server: - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 130 - 50 - 201 - 20 - - - - Encryption: - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 130 - 30 - 111 - 20 - - - - Port: - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 130 - 70 - 201 - 20 - - - - Password: - - - Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse - - - - - - 10 - 100 - 191 - 20 - - - - Connection string - - - - - - 10 - 180 - 331 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Copy - - - - - - 85 - 235 - 200 - 200 - - - - - - - - - - - - - 10 - 130 - 331 - 40 - - - - QLineEdit { -background: #F5F5F5; -border-radius: 10px; - - -font-family: Consolas; -font-style: normal; -font-weight: bold; -font-size: 20px; - -text-align: center; - -color: #15CDCB; - -} - - - - - - - 0 - 0 - 100 - 30 - - - - Share for Cloak client - - - - - 10 - 290 - 331 - 40 - - - - PointingHandCursor - - - QPushButton { - font-size: 13pt; - font: "Open Sans Semibold"; - color:rgb(212, 212, 212); - -background: #181922; -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -} -QPushButton:hover { -background: #282932; -} - - - Copy - - - - - - 10 - 30 - 331 - 221 - - - - - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 40 - 380 - 600 - - - - - - 10 - 0 - 340 - 30 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - OpenVPN Settings - - - Qt::AlignCenter - - - true - - - - - true - - - - 200 - 310 - 151 - 21 - - - - Hash - - - true - - - - - true - - - - 30 - 310 - 151 - 21 - - - - Cipher - - - true - - - - - true - - - - 30 - 110 - 151 - 21 - - - - Network protocol - - - true - - - - - - 30 - 65 - 321 - 31 - - - - - - - - - - - - - 30 - 340 - 151 - 31 - - - - - AES-256-GCM - - - - - AES-192-GCM - - - - - AES-128-GCM - - - - - AES-256-CBC - - - - - AES-192-CBC - - - - - AES-128-CBC - - - - - ChaCha20-Poly1305 - - - - - ARIA-256-CBC - - - - - CAMELLIA-256-CBC - - - - - none - - - - - - true - - - - 30 - 40 - 291 - 21 - - - - VPN Addresses Subnet - - - true - - - - - - 30 - 500 - 321 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Save and restart VPN - - - - - - 30 - 140 - 321 - 71 - - - - QFrame{ - border: 1px solid lightgray; - border-radius: 2px; - margin-top: 0px; -} - - - - QFrame::StyledPanel - - - QFrame::Raised - - - - - 10 - 40 - 171 - 19 - - - - TCP - - - - - - 10 - 10 - 171 - 19 - - - - UDP - - - - - - - 200 - 230 - 151 - 31 - - - - - - - - - - - - - 30 - 280 - 321 - 21 - - - - Auto-negotiate encryption - - - false - - - - - - 200 - 340 - 151 - 31 - - - - - SHA512 - - - - - SHA384 - - - - - SHA256 - - - - - SHA3-512 - - - - - SHA3-384 - - - - - SHA3-256 - - - - - whirlpool - - - - - BLAKE2b512 - - - - - BLAKE2s256 - - - - - SHA1 - - - - - - true - - - - 30 - 230 - 151 - 31 - - - - Port - - - true - - - - - - 30 - 430 - 321 - 21 - - - - Block DNS requests outside of VPN - - - false - - - - - - 30 - 500 - 321 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 24 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - true - - - - 30 - 550 - 321 - 41 - - - - - - - Qt::AlignCenter - - - true - - - - - - 30 - 390 - 321 - 21 - - - - Enable TLS auth - - - false - - - progressBar_proto_openvpn_reset - label_38 - label_97 - label_99 - label_100 - lineEdit_proto_openvpn_subnet - comboBox_proto_openvpn_cipher - label_98 - pushButton_proto_openvpn_save - frame_3 - lineEdit_proto_openvpn_port - checkBox_proto_openvpn_auto_encryption - comboBox_proto_openvpn_hash - label_103 - checkBox_proto_openvpn_block_dns - label_proto_openvpn_info - checkBox_proto_openvpn_tls_auth - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 40 - 380 - 600 - - - - - - 190 - 110 - 151 - 31 - - - - - - - - - - - - - 20 - 0 - 340 - 30 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - ShadowSocks Settings - - - Qt::AlignCenter - - - true - - - - - true - - - - 30 - 110 - 151 - 31 - - - - Port - - - true - - - - - - 190 - 60 - 151 - 31 - - - - - chacha20-poly1305 - - - - - aes-256-gcm - - - - - aes-128-gcm - - - - - - true - - - - 30 - 60 - 151 - 31 - - - - Cipher - - - true - - - - - - 30 - 500 - 321 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Save and restart VPN - - - - - - 30 - 500 - 321 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 24 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - true - - - - 30 - 550 - 321 - 41 - - - - - - - Qt::AlignCenter - - - true - - - progressBar_proto_shadowsocks_reset - lineEdit_proto_shadowsocks_port - label_43 - label_104 - comboBox_proto_shadowsocks_cipher - label_101 - pushButton_proto_shadowsocks_save - label_proto_shadowsocks_info - - - - - - - 10 - 10 - 26 - 20 - - - - PointingHandCursor - - - QPushButton { - image: url(:/images/arrow_right.png); - image-position: left; - text-align: left; - /*font: 17pt "Ancient";*/ - - padding: 1px; - image: url(:/images/arrow_left.png); -} -QPushButton:hover { - padding: 0px; -} - - - - - - - - - - - 0 - 40 - 381 - 600 - - - - - - 190 - 160 - 151 - 31 - - - - - - - - - - - - true - - - - 30 - 160 - 151 - 31 - - - - Port - - - true - - - - - - 20 - 0 - 340 - 30 - - - - font-family: Lato; -font-style: normal; -font-weight: bold; -font-size: 20px; -line-height: 25px; -color: #100A44; - - - - Cloak Settings - - - Qt::AlignCenter - - - true - - - - - - 190 - 110 - 151 - 31 - - - - - - - tile.openstreetmap.org - - - - - true - - - - 30 - 60 - 151 - 31 - - - - Cipher - - - true - - - - - - 30 - 110 - 130 - 31 - - - - - 130 - 0 - - - - - 130 - 16777215 - - - - Fake Web Site - - - - - - 190 - 60 - 151 - 31 - - - - - chacha20-poly1305 - - - - - aes-256-gcm - - - - - aes-192-gcm - - - - - aes-128-gcm - - - - - plain - - - - - - - 30 - 500 - 321 - 40 - - - - PointingHandCursor - - - QPushButton { -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} -QPushButton:hover { -background: #211966; -} - - - Save and restart VPN - - - - - - 30 - 500 - 321 - 40 - - - - QProgressBar{ -color:rgb(212, 212, 212); -border-radius: 4px; - -font-family: Lato; -font-style: normal; -font-weight: normal; -font-size: 16px; -line-height: 21px; - -background: #100A44; -border-radius: 4px; -} - -QProgressBar::chunk { -background: rgba(255, 255, 255, 0.15); -border-radius: 4px 0px 0px 4px; - -} - - - - 24 - - - Qt::AlignCenter - - - true - - - Configuring... - - - - - true - - - - 30 - 550 - 321 - 41 - - - - - - - Qt::AlignCenter - - - true - - - progressBar_proto_cloak_reset - lineEdit_proto_cloak_port - label_105 - label_44 - lineEdit_proto_cloak_site - label_102 - label_47 - comboBox_proto_cloak_cipher - pushButton_proto_cloak_save - label_proto_cloak_info - - - - - - - - - - SlidingStackedWidget - QStackedWidget -
ui/Controls/SlidingStackedWidget.h
- 1 - - - - - diff --git a/client/ui/server_widget.ui b/client/ui/server_widget.ui deleted file mode 100644 index e819216f..00000000 --- a/client/ui/server_widget.ui +++ /dev/null @@ -1,167 +0,0 @@ - - - ServerWidget - - - - 0 - 0 - 325 - 70 - - - - Form - - - - - - - - 10 - 10 - 181 - 21 - - - - QLabel { - font-size: 16px; - - font-style: normal; - font-weight: bold; - color: #181922; -} - - - Description - - - - - - 20 - 40 - 141 - 16 - - - - Address - - - - - - 300 - 25 - 24 - 24 - - - - PointingHandCursor - - - Set as default - - - QPushButton:checked { - image: url(:/images/check.png); -} -QPushButton:!checked { - image: url(:/images/uncheck.png); -} - - - - - - true - - - - - - 170 - 25 - 24 - 24 - - - - PointingHandCursor - - - Share connection - - - image: url(:/images/share.png); - - - - - - true - - - - - - 212 - 25 - 32 - 24 - - - - PointingHandCursor - - - Connection - - - QPushButton:checked { - image: url(:/images/connect_button_connected.png); -} -QPushButton:!checked { - image: url(:/images/connect_button_disconnected.png); -} - - - - - - true - - - - - - 260 - 25 - 24 - 24 - - - - PointingHandCursor - - - Server settings - - - image: url(:/images/settings.png); - - - - - - true - - - - - - From 8084b2764a356dcf65980c4557b540bfe13db769 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A0=D0=BE=D0=B7=D0=BE=D0=B2=20=D0=9D=D0=B8=D0=BA=D0=B8?= =?UTF-8?q?=D1=82=D0=B0=20=D0=92=D0=B0=D0=BB=D0=B5=D1=80=D1=8C=D0=B5=D0=B2?= =?UTF-8?q?=D0=B8=D1=87?= Date: Wed, 6 Oct 2021 21:06:27 +0300 Subject: [PATCH 5/9] add return statement in android_vpnprotocol::start() --- client/protocols/android_vpnprotocol.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/protocols/android_vpnprotocol.cpp b/client/protocols/android_vpnprotocol.cpp index 5258228b..ba098607 100644 --- a/client/protocols/android_vpnprotocol.cpp +++ b/client/protocols/android_vpnprotocol.cpp @@ -88,6 +88,7 @@ void AndroidVpnProtocol::initialize() ErrorCode AndroidVpnProtocol::start() { + qDebug() << "Prompting for VPN permission"; auto appContext = QtAndroid::androidActivity().callObjectMethod( "getApplicationContext", "()Landroid/content/Context;"); @@ -128,6 +129,7 @@ ErrorCode AndroidVpnProtocol::start() QAndroidParcel sendData; sendData.writeData(QJsonDocument(m_rawConfig).toJson()); m_serviceBinder.transact(ACTION_ACTIVATE, sendData, nullptr); + return NoError; } // Activates the tunnel that is currently set From 64e5e02744fdec35872c9a81a625bd4d3fac5d50 Mon Sep 17 00:00:00 2001 From: pokamest Date: Thu, 7 Oct 2021 22:20:45 +0300 Subject: [PATCH 6/9] ikev2 impl for windows --- client/protocols/ikev2_vpn_protocol.cpp | 176 ++++++++++++++++++++++-- client/protocols/ikev2_vpn_protocol.h | 28 ++++ 2 files changed, 196 insertions(+), 8 deletions(-) diff --git a/client/protocols/ikev2_vpn_protocol.cpp b/client/protocols/ikev2_vpn_protocol.cpp index e7e80fcb..dc60be39 100644 --- a/client/protocols/ikev2_vpn_protocol.cpp +++ b/client/protocols/ikev2_vpn_protocol.cpp @@ -9,6 +9,7 @@ #include "ikev2_vpn_protocol.h" #include "utils.h" + Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) : VpnProtocol(configuration, parent) { @@ -25,34 +26,193 @@ Ikev2Protocol::~Ikev2Protocol() void Ikev2Protocol::stop() { -#ifndef Q_OS_IOS +#ifdef Q_OS_WINDOWS + { + setConnectionState(Disconnecting); + auto disconnectProcess = new QProcess; + + disconnectProcess->setProgram("rasdial"); + QString arguments = QString("\"%1\" /disconnect") + .arg(tunnelName()); + disconnectProcess->setNativeArguments(arguments); + +// connect(connectProcess, &QProcess::readyRead, [connectProcess]() { +// qDebug().noquote() << "connectProcess readyRead" << connectProcess->readAll(); +// }); + + disconnectProcess->start(); + disconnectProcess->waitForFinished(5000); + setConnectionState(Disconnected); + } #endif } void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration) { - QString cfgData = configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toString(); - m_config = QJsonDocument::fromJson(cfgData.toUtf8()).object(); + m_config = configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toObject(); } - - ErrorCode Ikev2Protocol::start() { -#ifndef Q_OS_IOS - +#ifdef Q_OS_WINDOWS QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()); - qDebug() << "Ikev2Protocol::start()" << cert; + setConnectionState(ConnectionState::Connecting); QTemporaryFile certFile; + certFile.setAutoRemove(false); certFile.open(); certFile.write(cert); certFile.close(); + { + auto certInstallProcess = IpcClient::CreatePrivilegedProcess(); + + if (!certInstallProcess) { + setLastError(ErrorCode::AmneziaServiceConnectionFailed); + return ErrorCode::AmneziaServiceConnectionFailed; + } + + certInstallProcess->waitForSource(1000); + if (!certInstallProcess->isInitialized()) { + qWarning() << "IpcProcess replica is not connected!"; + setLastError(ErrorCode::AmneziaServiceConnectionFailed); + return ErrorCode::AmneziaServiceConnectionFailed; + } + certInstallProcess->setProgram("certutil"); + QStringList arguments({"-f" , "-importpfx", + "-p", m_config[config_key::password].toString(), + certFile.fileName(), "NoExport" + }); + certInstallProcess->setArguments(arguments); + +// qDebug() << arguments.join(" "); +// connect(certInstallProcess.data(), &IpcProcessInterfaceReplica::errorOccurred, [certInstallProcess](QProcess::ProcessError error) { +// qDebug() << "IpcProcessInterfaceReplica errorOccurred" << error; +// }); + +// connect(certInstallProcess.data(), &IpcProcessInterfaceReplica::stateChanged, [certInstallProcess](QProcess::ProcessState newState) { +// qDebug() << "IpcProcessInterfaceReplica stateChanged" << newState; +// }); + +// connect(certInstallProcess.data(), &IpcProcessInterfaceReplica::readyRead, [certInstallProcess]() { +// auto req = certInstallProcess->readAll(); +// req.waitForFinished(); +// qDebug() << "IpcProcessInterfaceReplica readyRead" << req.returnValue(); +// }); + + + certInstallProcess->start(); + } + + { + auto adapterRemoveProcess = new QProcess; + + adapterRemoveProcess->setProgram("powershell"); + QString arguments = QString("-command \"Remove-VpnConnection -Name '%1' -Force\"").arg(tunnelName()); + adapterRemoveProcess->setNativeArguments(arguments); + + adapterRemoveProcess->start(); + adapterRemoveProcess->waitForFinished(5000); + } + + { + auto adapterInstallProcess = new QProcess; + + adapterInstallProcess->setProgram("powershell"); + QString arguments = QString("-command \"Add-VpnConnection " + "-ServerAddress '%1' " + "-Name '%2' " + "-TunnelType IKEv2 " + "-AuthenticationMethod MachineCertificate " + "-EncryptionLevel Required " + "-PassThru\"") + .arg(m_config[config_key::hostName].toString()) + .arg(tunnelName()); + adapterInstallProcess->setNativeArguments(arguments); +// connect(adapterInstallProcess, &QProcess::readyRead, [adapterInstallProcess]() { +// qDebug().noquote() << "adapterInstallProcess readyRead" << adapterInstallProcess->readAll(); +// }); + + adapterInstallProcess->start(); + adapterInstallProcess->waitForFinished(5000); + } + + { + auto adapterConfigProcess = new QProcess; + + adapterConfigProcess->setProgram("powershell"); + QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\ " + "-ConnectionName '%1'\ " + "-AuthenticationTransformConstants GCMAES128 " + "-CipherTransformConstants GCMAES128 " + "-EncryptionMethod AES256 " + "-IntegrityCheckMethod SHA256 " + "-PfsGroup None " + "-DHGroup Group14 " + "-PassThru -Force\"") + .arg(tunnelName()); + adapterConfigProcess->setNativeArguments(arguments); + +// connect(adapterConfigProcess, &QProcess::readyRead, [adapterConfigProcess]() { +// qDebug().noquote() << "adapterConfigProcess readyRead" << adapterConfigProcess->readAll(); +// }); + + adapterConfigProcess->start(); + adapterConfigProcess->waitForFinished(5000); + } + + { +// char buf[RASBUFFER]= {0}; +// DWORD err = 0; +// RASDIALPARAMSA *param = (RASDIALPARAMSA *)buf; +// param->dwSize = 1064; +// strcpy(param->szEntryName, tunnelName().toStdString().c_str()); +// err = RasDialA(NULL, NULL, param, 0, (LPVOID)rasCallback, &g_h); +// qDebug() << "Ikev2Protocol::start() ret" << err; + + + auto connectProcess = new QProcess; + + connectProcess->setProgram("rasdial"); + QString arguments = QString("\"%1\"") + .arg(tunnelName()); + connectProcess->setNativeArguments(arguments); + + connect(connectProcess, &QProcess::readyRead, [connectProcess]() { + qDebug().noquote() << "connectProcess readyRead" << connectProcess->readAll(); + }); + + connectProcess->start(); + connectProcess->waitForFinished(5000); + } + + setConnectionState(Connected); return ErrorCode::NoError; #endif + + return ErrorCode::NoError; } +#ifdef Q_OS_WINDOWS +DWORD CALLBACK rasCallback(UINT msg, RASCONNSTATE rascs, DWORD err) +{ + if(err != 0) { + printf("Error: %d\n", err); + fflush(stdout); + //g_done = 1; + return 0; // stop the connection. + } else { + //printf("%s\n", rasState(rascs)); + fflush(stdout); + if(rascs == RASCS_Connected) { + printf("Success: Connected\n"); + fflush(stdout); + //g_done = 1; + } + return 1; + } +} +#endif diff --git a/client/protocols/ikev2_vpn_protocol.h b/client/protocols/ikev2_vpn_protocol.h index 8e256114..7cbae06a 100644 --- a/client/protocols/ikev2_vpn_protocol.h +++ b/client/protocols/ikev2_vpn_protocol.h @@ -10,6 +10,23 @@ #include "vpnprotocol.h" #include "core/ipcclient.h" +#ifdef Q_OS_WIN +#include +#include +#include + +#include +#include +#include +#include + +#pragma comment(lib, "shlwapi.lib") +#pragma comment(lib, "rasapi32.lib") + +#define RASBUFFER 0x1000 +#define RASMAXENUM 0x100 +#endif + class Ikev2Protocol : public VpnProtocol { Q_OBJECT @@ -21,12 +38,23 @@ public: ErrorCode start() override; void stop() override; + static QString tunnelName() { return "AmneziaVPN IKEv2"; } + private: void readIkev2Configuration(const QJsonObject &configuration); private: QJsonObject m_config; + +#ifdef Q_OS_WIN + HRASCONN g_h; + int g_done = 0; +#endif }; +#ifdef Q_OS_WIN +DWORD CALLBACK rasCallback(UINT msg, RASCONNSTATE rascs, DWORD err); +#endif + #endif // IPSEC_PROTOCOL_H From ba85b56e9fde2eccf3b47235c81e1ce2c9250b0a Mon Sep 17 00:00:00 2001 From: pokamest Date: Thu, 7 Oct 2021 22:21:04 +0300 Subject: [PATCH 7/9] Various fixes --- client/debug.cpp | 9 ++++ client/debug.h | 1 + client/ui/pages_logic/VpnLogic.cpp | 83 +++++++++--------------------- client/ui/uilogic.cpp | 7 ++- ipc/ipcserverprocess.cpp | 18 +++---- 5 files changed, 46 insertions(+), 72 deletions(-) diff --git a/client/debug.cpp b/client/debug.cpp index 9c0578b5..466c226f 100644 --- a/client/debug.cpp +++ b/client/debug.cpp @@ -3,6 +3,7 @@ #include #include #include +#include #include @@ -74,6 +75,14 @@ bool Debug::openLogsFolder() return true; } +bool Debug::openServiceLogsFolder() +{ + QString path = Utils::systemLogPath(); + path = "file:///" + path; + QDesktopServices::openUrl(QUrl::fromLocalFile(path)); + return true; +} + QString Debug::appLogFileNamePath() { return m_file.fileName(); diff --git a/client/debug.h b/client/debug.h index 84ab5341..e0744842 100644 --- a/client/debug.h +++ b/client/debug.h @@ -12,6 +12,7 @@ class Debug public: static bool init(); static bool openLogsFolder(); + static bool openServiceLogsFolder(); static QString appLogFileNamePath(); private: diff --git a/client/ui/pages_logic/VpnLogic.cpp b/client/ui/pages_logic/VpnLogic.cpp index 045d710d..cc7884fc 100644 --- a/client/ui/pages_logic/VpnLogic.cpp +++ b/client/ui/pages_logic/VpnLogic.cpp @@ -1,37 +1,3 @@ -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include -//#include - -//#include "configurators/cloak_configurator.h" -//#include "configurators/vpn_configurator.h" -//#include "configurators/openvpn_configurator.h" -//#include "configurators/shadowsocks_configurator.h" -//#include "configurators/ssh_configurator.h" - -//#include "core/servercontroller.h" -//#include "core/server_defs.h" -//#include "core/errorstrings.h" - -//#include "containers/containers_defs.h" -//#include "protocols/shadowsocksvpnprotocol.h" - - #include "VpnLogic.h" #include "core/errorstrings.h" @@ -52,7 +18,6 @@ VpnLogic::VpnLogic(UiLogic *logic, QObject *parent): m_labelSpeedReceivedText{tr("0 Mbps")}, m_labelSpeedSentText{tr("0 Mbps")}, m_labelStateText{}, - m_pushButtonConnectEnabled{false}, m_widgetVpnModeEnabled{false} { connect(uiLogic()->m_vpnConnection, &VpnConnection::bytesChanged, this, &VpnLogic::onBytesChanged); @@ -107,10 +72,10 @@ void VpnLogic::onBytesChanged(quint64 receivedData, quint64 sentData) void VpnLogic::onConnectionStateChanged(VpnProtocol::ConnectionState state) { - qDebug() << "UiLogic::onConnectionStateChanged" << VpnProtocol::textConnectionState(state); + qDebug() << "VpnLogic::onConnectionStateChanged" << VpnProtocol::textConnectionState(state); - bool pushButtonConnectEnabled = false; - bool radioButtonsModeEnabled = false; + bool pbConnectEnabled = false; + bool rbModeEnabled = false; set_labelStateText(VpnProtocol::textConnectionState(state)); uiLogic()->setTrayState(state); @@ -119,41 +84,41 @@ void VpnLogic::onConnectionStateChanged(VpnProtocol::ConnectionState state) case VpnProtocol::Disconnected: onBytesChanged(0,0); set_pushButtonConnectChecked(false); - pushButtonConnectEnabled = true; - radioButtonsModeEnabled = true; + pbConnectEnabled = true; + rbModeEnabled = true; break; case VpnProtocol::Preparing: - pushButtonConnectEnabled = false; - radioButtonsModeEnabled = false; + pbConnectEnabled = false; + rbModeEnabled = false; break; case VpnProtocol::Connecting: - pushButtonConnectEnabled = false; - radioButtonsModeEnabled = false; + pbConnectEnabled = false; + rbModeEnabled = false; break; case VpnProtocol::Connected: - pushButtonConnectEnabled = true; - radioButtonsModeEnabled = false; + pbConnectEnabled = true; + rbModeEnabled = false; break; case VpnProtocol::Disconnecting: - pushButtonConnectEnabled = false; - radioButtonsModeEnabled = false; + pbConnectEnabled = false; + rbModeEnabled = false; break; case VpnProtocol::Reconnecting: - pushButtonConnectEnabled = true; - radioButtonsModeEnabled = false; + pbConnectEnabled = true; + rbModeEnabled = false; break; case VpnProtocol::Error: set_pushButtonConnectEnabled(false); - pushButtonConnectEnabled = true; - radioButtonsModeEnabled = true; + pbConnectEnabled = true; + rbModeEnabled = true; break; case VpnProtocol::Unknown: - pushButtonConnectEnabled = true; - radioButtonsModeEnabled = true; + pbConnectEnabled = true; + rbModeEnabled = true; } - set_pushButtonConnectEnabled(pushButtonConnectEnabled); - set_widgetVpnModeEnabled(radioButtonsModeEnabled); + set_pushButtonConnectEnabled(pbConnectEnabled); + set_widgetVpnModeEnabled(rbModeEnabled); } void VpnLogic::onVpnProtocolError(ErrorCode errorCode) @@ -197,11 +162,12 @@ void VpnLogic::onConnectWorker(int serverIndex, const ServerCredentials &credent { set_labelErrorText(""); set_pushButtonConnectChecked(true); + set_pushButtonConnectEnabled(false); + qApp->processEvents(); ErrorCode errorCode = uiLogic()->m_vpnConnection->connectToVpn( - serverIndex, credentials, container, containerConfig - ); + serverIndex, credentials, container, containerConfig); if (errorCode) { //ui->pushButton_connect->setChecked(false); @@ -210,7 +176,6 @@ void VpnLogic::onConnectWorker(int serverIndex, const ServerCredentials &credent return; } - set_pushButtonConnectEnabled(false); } void VpnLogic::onDisconnect() diff --git a/client/ui/uilogic.cpp b/client/ui/uilogic.cpp index 3e2276c3..d1525a7f 100644 --- a/client/ui/uilogic.cpp +++ b/client/ui/uilogic.cpp @@ -294,10 +294,9 @@ void UiLogic::showOnStartup() void UiLogic::keyPressEvent(Qt::Key key) { switch (key) { - case Qt::Key_L: - if (!Debug::openLogsFolder()) { - //QMessageBox::warning(this, APPLICATION_NAME, tr("Cannot open logs folder!")); - } + case Qt::Key_L: Debug::openLogsFolder(); + break; + case Qt::Key_K: Debug::openServiceLogsFolder(); break; #ifdef QT_DEBUG case Qt::Key_Q: diff --git a/ipc/ipcserverprocess.cpp b/ipc/ipcserverprocess.cpp index 88848b90..f9cdd20f 100644 --- a/ipc/ipcserverprocess.cpp +++ b/ipc/ipcserverprocess.cpp @@ -19,17 +19,17 @@ IpcServerProcess::IpcServerProcess(QObject *parent) : qDebug() << "IpcServerProcess errorOccurred " << error; }); - connect(m_process.data(), &QProcess::readyReadStandardError, this, [this](){ - qDebug() << "IpcServerProcess StandardError " << m_process->readAllStandardError(); +// connect(m_process.data(), &QProcess::readyReadStandardError, this, [this](){ +// qDebug() << "IpcServerProcess StandardError " << m_process->readAllStandardError(); - }); - connect(m_process.data(), &QProcess::readyReadStandardOutput, this, [this](){ - qDebug() << "IpcServerProcess StandardOutput " << m_process->readAllStandardOutput(); - }); +// }); +// connect(m_process.data(), &QProcess::readyReadStandardOutput, this, [this](){ +// qDebug() << "IpcServerProcess StandardOutput " << m_process->readAllStandardOutput(); +// }); - connect(m_process.data(), &QProcess::readyRead, this, [this](){ - qDebug() << "IpcServerProcess StandardOutput " << m_process->readAll(); - }); +// connect(m_process.data(), &QProcess::readyRead, this, [this](){ +// qDebug() << "IpcServerProcess StandardOutput " << m_process->readAll(); +// }); } From 344d23bad1e2b6cfc861bacdd2691eefaa330e50 Mon Sep 17 00:00:00 2001 From: pokamest Date: Thu, 7 Oct 2021 22:52:13 +0300 Subject: [PATCH 8/9] Fix for android --- client/vpnconnection.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/client/vpnconnection.cpp b/client/vpnconnection.cpp index ba16f48b..dd3d737a 100644 --- a/client/vpnconnection.cpp +++ b/client/vpnconnection.cpp @@ -248,9 +248,10 @@ ErrorCode VpnConnection::connectToVpn(int serverIndex, #else - AndroidVpnProtocol *androidVpnProtocol = new AndroidVpnProtocol(Protocol::WireGuard, m_vpnConfiguration); - androidVpnProtocol->initialize(); - m_vpnProtocol.reset(androidVpnProtocol); + Protocol proto = ContainerProps::defaultProtocol(container); + AndroidVpnProtocol *androidVpnProtocol = new AndroidVpnProtocol(proto, m_vpnConfiguration); + androidVpnProtocol->initialize(); + m_vpnProtocol.reset(androidVpnProtocol); #endif From d275702080497fafcc7a9910a3bd9f7653f238cd Mon Sep 17 00:00:00 2001 From: pokamest Date: Fri, 8 Oct 2021 00:50:26 +0300 Subject: [PATCH 9/9] Add protocol name to json connection config --- client/protocols/protocols_defs.h | 1 + client/vpnconnection.cpp | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h index bd76296e..943cf055 100644 --- a/client/protocols/protocols_defs.h +++ b/client/protocols/protocols_defs.h @@ -24,6 +24,7 @@ constexpr char containers[] = "containers"; constexpr char container[] = "container"; constexpr char defaultContainer[] = "defaultContainer"; +constexpr char protocol[] = "protocol"; constexpr char protocols[] = "protocols"; constexpr char remote[] = "remote"; diff --git a/client/vpnconnection.cpp b/client/vpnconnection.cpp index dd3d737a..d41cd2ab 100644 --- a/client/vpnconnection.cpp +++ b/client/vpnconnection.cpp @@ -211,6 +211,9 @@ QJsonObject VpnConnection::createVpnConfiguration(int serverIndex, } + Protocol proto = ContainerProps::defaultProtocol(container); + vpnConfiguration[config_key::protocol] = ProtocolProps::protoToString(proto); + return vpnConfiguration; } @@ -248,7 +251,6 @@ ErrorCode VpnConnection::connectToVpn(int serverIndex, #else - Protocol proto = ContainerProps::defaultProtocol(container); AndroidVpnProtocol *androidVpnProtocol = new AndroidVpnProtocol(proto, m_vpnConfiguration); androidVpnProtocol->initialize(); m_vpnProtocol.reset(androidVpnProtocol);