From 2b0bccf2d86894e84e48f61046a37a9c37d5633e Mon Sep 17 00:00:00 2001 From: Mykola Baibuz Date: Sat, 12 Aug 2023 13:44:10 +0300 Subject: [PATCH 1/6] Move SS libs from gradle to cmake --- client/CMakeLists.txt | 3 +++ client/android/shadowsocks/src/main/jniLibs | 1 - 2 files changed, 3 insertions(+), 1 deletion(-) delete mode 120000 client/android/shadowsocks/src/main/jniLibs diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index cfe01a27..c6aa62e3 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -335,6 +335,9 @@ if(ANDROID) ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/android/${abi}/libwg.so ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/android/${abi}/libwg-go.so ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/android/${abi}/libwg-quick.so + ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/shadowsocks/android/${abi}/libredsocks.so + ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/shadowsocks/android/${abi}/libsslocal.so + ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/shadowsocks/android/${abi}/libtun2socks.so ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/libck-ovpn-plugin.so ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/libovpn3.so ${CMAKE_CURRENT_LIST_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/android/${abi}/libovpnutil.so diff --git a/client/android/shadowsocks/src/main/jniLibs b/client/android/shadowsocks/src/main/jniLibs deleted file mode 120000 index 6ad4fbe7..00000000 --- a/client/android/shadowsocks/src/main/jniLibs +++ /dev/null @@ -1 +0,0 @@ -../../../../../client/3rd-prebuilt/3rd-prebuilt/shadowsocks/android \ No newline at end of file From 4c690dd3c6d74acbfd97e643702456c991952da2 Mon Sep 17 00:00:00 2001 From: pokamest Date: Sun, 13 Aug 2023 03:10:41 -0700 Subject: [PATCH 2/6] Install scripts fixes (#275) * Install scripts fixes --- client/core/servercontroller.cpp | 13 +++++---- client/server_scripts/install_docker.sh | 28 +++++++++++++------ .../server_scripts/openvpn/run_container.sh | 1 + .../openvpn_cloak/run_container.sh | 1 + .../openvpn_shadowsocks/run_container.sh | 5 ++-- client/server_scripts/prepare_host.sh | 9 ++++-- 6 files changed, 38 insertions(+), 19 deletions(-) diff --git a/client/core/servercontroller.cpp b/client/core/servercontroller.cpp index b403c982..80d3b797 100644 --- a/client/core/servercontroller.cpp +++ b/client/core/servercontroller.cpp @@ -238,11 +238,6 @@ ErrorCode ServerController::setupContainer(const ServerCredentials &credentials, e = isUserInSudo(credentials, container); if (e) return e; - if (!isUpdate) { - e = isServerPortBusy(credentials, container, config); - if (e) return e; - } - e = isServerDpkgBusy(credentials, container); if (e) return e; @@ -250,6 +245,11 @@ ErrorCode ServerController::setupContainer(const ServerCredentials &credentials, if (e) return e; qDebug().noquote() << "ServerController::setupContainer installDockerWorker finished"; + if (!isUpdate) { + e = isServerPortBusy(credentials, container, config); + if (e) return e; + } + e = prepareHostWorker(credentials, container, config); if (e) return e; qDebug().noquote() << "ServerController::setupContainer prepareHostWorker finished"; @@ -368,6 +368,7 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent replaceVars(amnezia::scriptData(SharedScriptType::install_docker), genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr); + qDebug().noquote() << "ServerController::installDockerWorker" << stdOut; if (stdOut.contains("command not found")) return ErrorCode::ServerDockerFailedError; return error; @@ -635,7 +636,7 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential QString defaultTransportProto = ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(protocol), protocol); QString transportProto = containerConfig.value(config_key::transport_proto).toString(defaultTransportProto); - QString script = QString("sudo lsof -i -P -n | grep -E ':%1 ").arg(port); + QString script = QString("which lsof &>/dev/null || true && sudo lsof -i -P -n | grep -E ':%1 ").arg(port); for (auto &port : fixedPorts) { script = script.append("|:%1").arg(port); } diff --git a/client/server_scripts/install_docker.sh b/client/server_scripts/install_docker.sh index bb14e4cf..d8284dfd 100644 --- a/client/server_scripts/install_docker.sh +++ b/client/server_scripts/install_docker.sh @@ -1,10 +1,20 @@ -pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum";\ -if [[ -f "$pm_apt" ]]; then pm=$pm_apt; docker_pkg="docker.io"; else pm=$pm_yum; docker_pkg="docker"; fi;\ -if [[ ! -f "/usr/bin/sudo" ]]; then $pm update -y -q; $pm install -y -q sudo; fi;\ -docker_service=$(systemctl list-units --full -all | grep docker.service | grep -v inactive | grep -v dead | grep -v failed);\ -if [[ -f "$pm_apt" ]]; then export DEBIAN_FRONTEND=noninteractive; fi;\ -if [[ -z "$docker_service" ]]; then sudo $pm update -y -q; sudo $pm install -y -q curl $docker_pkg; fi;\ -docker_service=$(systemctl list-units --full -all | grep docker.service | grep -v inactive | grep -v dead | grep -v failed);\ -if [[ -z "$docker_service" ]]; then sleep 5 && sudo systemctl start docker && sleep 5; fi;\ -if [[ -f "$pm_yum" ]]; then sudo systemctl enable docker && sudo systemctl start docker; fi;\ +if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); docker_pkg="docker.io"; dist="debian";\ +elif which dnf > /dev/null 2>&1; then pm=$(which dnf); docker_pkg="docker"; dist="fedora";\ +elif which yum > /dev/null 2>&1; then pm=$(which yum); docker_pkg="docker"; dist="centos";\ +else echo "Packet manager not found"; exit 1; fi;\ +echo "Dist: $dist, Packet manager: $pm, Docker pkg: $docker_pkg";\ +if [ "$dist" = "debian" ]; then export DEBIAN_FRONTEND=noninteractive; fi;\ +if ! command -v sudo > /dev/null 2>&1; then $pm update -yq; $pm install -yq sudo; fi;\ +if ! command -v fuser > /dev/null 2>&1; then $pm install -yq psmisc; fi;\ +if ! command -v lsof > /dev/null 2>&1; then $pm install -yq lsof; fi;\ +if ! command -v docker > /dev/null 2>&1; then $pm update -yq; $pm install -yq $docker_pkg;\ + if [ "$dist" = "fedora" ] || [ "$dist" = "debian" ]; then sudo systemctl enable docker && sudo systemctl start docker; fi;\ +fi;\ +if [ "$dist" = "debian" ]; then \ + docker_service=$(systemctl list-units --full --all | grep docker.service | grep -v inactive | grep -v dead | grep -v failed);\ + if [ -z "$docker_service" ]; then sudo $pm update -yq; sudo $pm install -yq curl $docker_pkg; fi;\ + sleep 3 && sudo systemctl start docker && sleep 3;\ +fi;\ +if ! command -v sudo > /dev/null 2>&1; then echo "Failed to install Docker";exit 1;fi;\ docker --version + diff --git a/client/server_scripts/openvpn/run_container.sh b/client/server_scripts/openvpn/run_container.sh index a9e7538e..bb19c46a 100644 --- a/client/server_scripts/openvpn/run_container.sh +++ b/client/server_scripts/openvpn/run_container.sh @@ -1,5 +1,6 @@ # Run container sudo docker run -d \ +--privileged \ --log-driver none \ --restart always \ --cap-add=NET_ADMIN \ diff --git a/client/server_scripts/openvpn_cloak/run_container.sh b/client/server_scripts/openvpn_cloak/run_container.sh index 0b97c02b..54c3cf37 100644 --- a/client/server_scripts/openvpn_cloak/run_container.sh +++ b/client/server_scripts/openvpn_cloak/run_container.sh @@ -1,5 +1,6 @@ # Run container sudo docker run -d \ +--privileged \ --log-driver none \ --restart always \ --cap-add=NET_ADMIN \ diff --git a/client/server_scripts/openvpn_shadowsocks/run_container.sh b/client/server_scripts/openvpn_shadowsocks/run_container.sh index 147d4321..9e374608 100644 --- a/client/server_scripts/openvpn_shadowsocks/run_container.sh +++ b/client/server_scripts/openvpn_shadowsocks/run_container.sh @@ -1,7 +1,8 @@ # Run container -sudo docker run \ +sudo docker run -d \ +--privileged \ --log-driver none \ --d --restart always \ +--restart always \ --cap-add=NET_ADMIN \ -p $SHADOWSOCKS_SERVER_PORT:$SHADOWSOCKS_SERVER_PORT/tcp \ --name $CONTAINER_NAME $CONTAINER_NAME diff --git a/client/server_scripts/prepare_host.sh b/client/server_scripts/prepare_host.sh index a39ce145..c6defdb0 100644 --- a/client/server_scripts/prepare_host.sh +++ b/client/server_scripts/prepare_host.sh @@ -1,4 +1,9 @@ CUR_USER=$(whoami);\ sudo mkdir -p $DOCKERFILE_FOLDER;\ -sudo chown $CUR_USER $DOCKERFILE_FOLDER -if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network create --driver bridge --subnet=172.29.172.0/24 --opt com.docker.network.bridge.name=amn0 amnezia-dns-net; fi +sudo chown $CUR_USER $DOCKERFILE_FOLDER;\ +if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network create \ + --driver bridge \ + --subnet=172.29.172.0/24 \ + --opt com.docker.network.bridge.name=amn0 \ + amnezia-dns-net;\ +fi From de83db10d645909b39607549f4e7606548c1a158 Mon Sep 17 00:00:00 2001 From: pokamest Date: Sun, 13 Aug 2023 11:13:22 +0100 Subject: [PATCH 3/6] sshclient.cpp fix --- client/core/sshclient.cpp | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/client/core/sshclient.cpp b/client/core/sshclient.cpp index 4c2a9591..4e557645 100644 --- a/client/core/sshclient.cpp +++ b/client/core/sshclient.cpp @@ -352,16 +352,18 @@ namespace libssh { m_passphraseCallback = passphraseCallback; authResult = ssh_pki_import_privkey_base64(credentials.password.toStdString().c_str(), nullptr, callback, nullptr, &privateKey); if (authResult == SSH_OK) { - char* key = new char[65535]; + char *b64 = nullptr; - authResult = ssh_pki_export_privkey_base64(privateKey, nullptr, nullptr, nullptr, &key); - decryptedPrivateKey = key; - delete[] key; + authResult = ssh_pki_export_privkey_base64(privateKey, nullptr, nullptr, nullptr, &b64); + decryptedPrivateKey = QString(b64); if (authResult != SSH_OK) { qDebug() << "failed to export private key"; errorCode = ErrorCode::InternalError; } + else { + ssh_string_free_char(b64); + } } else { errorCode = ErrorCode::SshPrivateKeyError; } From c7d2a3ffd4021228271ebbb7e1ebd9b905577cd9 Mon Sep 17 00:00:00 2001 From: pokamest Date: Sun, 13 Aug 2023 15:22:24 +0100 Subject: [PATCH 4/6] Release 3.0.9 --- CMakeLists.txt | 2 +- client/android/build.gradle | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ad9866e0..e0876473 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR) set(PROJECT AmneziaVPN) -project(${PROJECT} VERSION 3.0.8.1 +project(${PROJECT} VERSION 3.0.9.0 DESCRIPTION "AmneziaVPN" HOMEPAGE_URL "https://amnezia.org/" ) diff --git a/client/android/build.gradle b/client/android/build.gradle index 03271251..987dc3ba 100644 --- a/client/android/build.gradle +++ b/client/android/build.gradle @@ -138,8 +138,8 @@ android { resConfig "en" minSdkVersion = 24 targetSdkVersion = 34 - versionCode 26 // Change to a higher number - versionName "3.0.8" // Change to a higher number + versionCode 31 // Change to a higher number + versionName "3.0.9" // Change to a higher number javaCompileOptions.annotationProcessorOptions.arguments = [ "room.schemaLocation": "${qtAndroidDir}/schemas".toString() From 59de0d47a325a4198a5bb665f3d6df206b80dd84 Mon Sep 17 00:00:00 2001 From: Mykola Baibuz Date: Wed, 16 Aug 2023 08:08:52 -0400 Subject: [PATCH 5/6] Stability fixes in OpenVPN3 lib --- client/3rd-prebuilt | 2 +- client/3rd/OpenVPNAdapter | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/client/3rd-prebuilt b/client/3rd-prebuilt index 75e352b4..d734bd22 160000 --- a/client/3rd-prebuilt +++ b/client/3rd-prebuilt @@ -1 +1 @@ -Subproject commit 75e352b40ede4324248b7594b70dbdaa1a7a7f41 +Subproject commit d734bd22bf7e936e1dd15c703e95cedba54946a8 diff --git a/client/3rd/OpenVPNAdapter b/client/3rd/OpenVPNAdapter index 0413e12b..f95f0b2b 160000 --- a/client/3rd/OpenVPNAdapter +++ b/client/3rd/OpenVPNAdapter @@ -1 +1 @@ -Subproject commit 0413e12b4ed383adf1ab3b6cd2950e6a1bb68ff3 +Subproject commit f95f0b2b569be3954b93a6a9c649208cda40b879 From ba3ef98d1e578b0547746c52c22588e6383b5948 Mon Sep 17 00:00:00 2001 From: pokamest Date: Wed, 16 Aug 2023 08:08:08 -0700 Subject: [PATCH 6/6] Fix for server busy check (#287) Fix for server busy check --- CMakeLists.txt | 4 ++-- client/amnezia_application.cpp | 2 +- client/android/build.gradle | 2 +- client/core/defs.h | 1 + client/core/servercontroller.cpp | 24 ++++++++++++++----- client/server_scripts/check_server_is_busy.sh | 9 +++---- 6 files changed, 28 insertions(+), 14 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index e0876473..9c4985fe 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2,11 +2,11 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR) set(PROJECT AmneziaVPN) -project(${PROJECT} VERSION 3.0.9.0 +project(${PROJECT} VERSION 3.0.9.1 DESCRIPTION "AmneziaVPN" HOMEPAGE_URL "https://amnezia.org/" ) -set(RELEASE_DATE "2023-07-15") +set(RELEASE_DATE "2023-08-16") set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH}) if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux") diff --git a/client/amnezia_application.cpp b/client/amnezia_application.cpp index 2f405550..7228e18d 100644 --- a/client/amnezia_application.cpp +++ b/client/amnezia_application.cpp @@ -56,7 +56,7 @@ setQuitOnLastWindowClosed(false); // Fix config file permissions -#ifdef Q_OS_LINUX && !defined(Q_OS_ANDROID) +#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID) { QSettings s(ORGANIZATION_NAME, APPLICATION_NAME); s.setValue("permFixed", true); diff --git a/client/android/build.gradle b/client/android/build.gradle index 987dc3ba..cfc53460 100644 --- a/client/android/build.gradle +++ b/client/android/build.gradle @@ -138,7 +138,7 @@ android { resConfig "en" minSdkVersion = 24 targetSdkVersion = 34 - versionCode 31 // Change to a higher number + versionCode 32 // Change to a higher number versionName "3.0.9" // Change to a higher number javaCompileOptions.annotationProcessorOptions.arguments = [ diff --git a/client/core/defs.h b/client/core/defs.h index 452038a5..4fb140e4 100644 --- a/client/core/defs.h +++ b/client/core/defs.h @@ -33,6 +33,7 @@ enum ErrorCode ServerDockerFailedError, ServerCancelInstallation, ServerUserNotInSudo, + ServerPacketManagerError, // Ssh connection errors SshRequsetDeniedError, SshInterruptedError, SshInternalError, diff --git a/client/core/servercontroller.cpp b/client/core/servercontroller.cpp index 80d3b797..05f422bc 100644 --- a/client/core/servercontroller.cpp +++ b/client/core/servercontroller.cpp @@ -369,6 +369,7 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr); qDebug().noquote() << "ServerController::installDockerWorker" << stdOut; + if (stdOut.contains("lock")) return ErrorCode::ServerPacketManagerError; if (stdOut.contains("command not found")) return ErrorCode::ServerDockerFailedError; return error; @@ -697,7 +698,8 @@ ErrorCode ServerController::isServerDpkgBusy(const ServerCredentials &credential QFutureWatcher watcher; QFuture future = QtConcurrent::run([this, &stdOut, &cbReadStdOut, &cbReadStdErr, &credentials]() { - do { + // max 100 attempts + for (int i = 0; i < 100; ++i) { if (m_cancelInstallation) { return ErrorCode::ServerCancelInstallation; } @@ -705,12 +707,22 @@ ErrorCode ServerController::isServerDpkgBusy(const ServerCredentials &credential runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::check_server_is_busy), genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr); - if (!stdOut.isEmpty() || stdOut.contains("Unable to acquire the dpkg frontend lock")) { - emit serverIsBusy(true); - QThread::msleep(1000); + + // if 'fuser' is not installed, skip check + if (stdOut.contains("Not installed")) return ErrorCode::NoError; + + if (stdOut.isEmpty()) { + return ErrorCode::NoError; } - } while (!stdOut.isEmpty()); - return ErrorCode::NoError; + else { + #ifdef MZ_DEBUG + qDebug().noquote() << stdOut; + #endif + emit serverIsBusy(true); + QThread::msleep(5000); + } + } + return ErrorCode::ServerPacketManagerError; }); QEventLoop wait; diff --git a/client/server_scripts/check_server_is_busy.sh b/client/server_scripts/check_server_is_busy.sh index 17c27864..24c2924c 100644 --- a/client/server_scripts/check_server_is_busy.sh +++ b/client/server_scripts/check_server_is_busy.sh @@ -1,4 +1,5 @@ -pm_apt="/usr/bin/apt-get";\ -if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else exit; fi;\ -if [[ ! -f "/usr/bin/sudo" ]]; then $pm update -y -q; $pm install -y -q sudo; fi;\ -sudo fuser /var/lib/dpkg/lock-frontend \ No newline at end of file +if which apt-get > /dev/null 2>&1; then LOCK_FILE="/var/lib/dpkg/lock-frontend";\ +elif which dnf > /dev/null 2>&1; then LOCK_FILE="/var/run/dnf.pid";\ +elif which yum > /dev/null 2>&1; then LOCK_FILE="/var/run/yum.pid";\ +else echo "Packet manager not found"; echo "Internal error"; exit 1; fi;\ +if command -v fuser > /dev/null 2>&1; then sudo fuser $LOCK_FILE; else echo "Not installed"; fi