AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use new console client for OVPN

Browse source
This commit is contained in:
Mykola Baibuz 2023-11-10 16:37:03 -05:00
parent 02c0f96e5e
commit 9d456dc18e
3 changed files with 153 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

6
client/protocols/openvpnovercloakprotocol.cpp
View file

@ -22,6 +22,8 @@ OpenVpnOverCloakProtocol::~OpenVpnOverCloakProtocol()
ErrorCode OpenVpnOverCloakProtocol::start() ErrorCode OpenVpnOverCloakProtocol::start()
{ {
#if 0
if (!QFileInfo::exists(cloakExecPath())) { if (!QFileInfo::exists(cloakExecPath())) {
setLastError(ErrorCode::CloakExecutableMissing); setLastError(ErrorCode::CloakExecutableMissing);
return lastError(); return lastError();
@ -77,10 +79,12 @@ ErrorCode OpenVpnOverCloakProtocol::start()
if (m_ckProcess.state() == QProcess::ProcessState::Running) { if (m_ckProcess.state() == QProcess::ProcessState::Running) {
setConnectionState(Vpn::ConnectionState::Connecting); setConnectionState(Vpn::ConnectionState::Connecting);
#endif
return OpenVpnProtocol::start(); return OpenVpnProtocol::start();
#if 0
} }
else return ErrorCode::CloakExecutableMissing; else return ErrorCode::CloakExecutableMissing;
#endif
} }
void OpenVpnOverCloakProtocol::stop() void OpenVpnOverCloakProtocol::stop()

276
client/protocols/openvpnprotocol.cpp
View file

@ -10,11 +10,10 @@
#include "utilities.h" #include "utilities.h"
#include "version.h" #include "version.h"
OpenVpnProtocol::OpenVpnProtocol(const QJsonObject &configuration, QObject *parent) : VpnProtocol(configuration, parent) OpenVpnProtocol::OpenVpnProtocol(const QJsonObject &configuration, QObject *parent) : VpnProtocol(configuration, parent)
{ {
readOpenVpnConfiguration(configuration); readOpenVpnConfiguration(configuration);
connect(&m_managementServer, &ManagementServer::readyRead, this,
&OpenVpnProtocol::onReadyReadDataFromManagementServer);
} }
OpenVpnProtocol::~OpenVpnProtocol() OpenVpnProtocol::~OpenVpnProtocol()
@ -25,7 +24,6 @@ OpenVpnProtocol::~OpenVpnProtocol()
QString OpenVpnProtocol::defaultConfigFileName() QString OpenVpnProtocol::defaultConfigFileName()
{ {
// qDebug() << "OpenVpnProtocol::defaultConfigFileName" << defaultConfigPath() + QString("/%1.ovpn").arg(APPLICATION_NAME);
return defaultConfigPath() + QString("/%1.ovpn").arg(APPLICATION_NAME); return defaultConfigPath() + QString("/%1.ovpn").arg(APPLICATION_NAME);
} }
@ -33,25 +31,20 @@ QString OpenVpnProtocol::defaultConfigPath()
{ {
QString p = QStandardPaths::writableLocation(QStandardPaths::AppDataLocation) + "/config"; QString p = QStandardPaths::writableLocation(QStandardPaths::AppDataLocation) + "/config";
Utils::initializePath(p); Utils::initializePath(p);
return p; return p;
} }
void OpenVpnProtocol::stop() void OpenVpnProtocol::stop()
{ {
qDebug() << "OpenVpnProtocol::stop()"; qDebug() << "OpenVpnProtocol::stop()";
setConnectionState(Vpn::ConnectionState::Disconnecting);
// TODO: need refactoring // TODO: need refactoring
// sendTermSignal() will even return true while server connected ??? // sendTermSignal() will even return true while server connected ???
if ((m_connectionState == Vpn::ConnectionState::Preparing) || (m_connectionState == Vpn::ConnectionState::Connecting) if ((m_connectionState == Vpn::ConnectionState::Preparing) || (m_connectionState == Vpn::ConnectionState::Connecting)
|| (m_connectionState == Vpn::ConnectionState::Connected) || (m_connectionState == Vpn::ConnectionState::Connected)
|| (m_connectionState == Vpn::ConnectionState::Reconnecting)) { || (m_connectionState == Vpn::ConnectionState::Reconnecting)) {
if (!sendTermSignal()) {
killOpenVpnProcess(); killOpenVpnProcess();
} QThread::msleep(10);
QThread::msleep(10);
m_managementServer.stop();
} }
setConnectionState(Vpn::ConnectionState::Disconnected); setConnectionState(Vpn::ConnectionState::Disconnected);
} }
@ -86,9 +79,30 @@ void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration)
{ {
if (configuration.contains(ProtocolProps::key_proto_config_data(Proto::OpenVpn))) { if (configuration.contains(ProtocolProps::key_proto_config_data(Proto::OpenVpn))) {
QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::OpenVpn)).toObject(); QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::OpenVpn)).toObject();
QString plainConfig = jConfig.value(config_key::config).toString().toUtf8();
if (configuration.contains(ProtocolProps::key_proto_config_data(Proto::Cloak))) {
QJsonObject cloakConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::Cloak)).toObject();
cloakConfig["NumConn"] = 1;
cloakConfig["ProxyMethod"] = "openvpn";
if (cloakConfig.contains("port")){
int portValue = cloakConfig.value("port").toInt();
cloakConfig.remove("port");
cloakConfig["RemotePort"] = portValue;
}
if (cloakConfig.contains("remote")){
QString hostValue = cloakConfig.value("remote").toString();
cloakConfig.remove("remote");
cloakConfig["RemoteHost"] = hostValue;
}
plainConfig += "\n<cloak>\n";
QJsonDocument Doc(cloakConfig);
QByteArray ba = Doc.toJson();
QString plainCloak = ba;
plainConfig += QString::fromLatin1(plainCloak.toUtf8().toBase64().data());
plainConfig += "\n</cloak>\n";
}
m_configFile.open(); m_configFile.open();
m_configFile.write(jConfig.value(config_key::config).toString().toUtf8()); m_configFile.write(plainConfig.toUtf8());
m_configFile.close(); m_configFile.close();
m_configFileName = m_configFile.fileName(); m_configFileName = m_configFile.fileName();
@ -98,7 +112,7 @@ void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration)
bool OpenVpnProtocol::openVpnProcessIsRunning() const bool OpenVpnProtocol::openVpnProcessIsRunning() const
{ {
return Utils::processIsRunning("openvpn"); return Utils::processIsRunning("ovpncli");
} }
void OpenVpnProtocol::disconnectFromManagementServer() void OpenVpnProtocol::disconnectFromManagementServer()
@ -122,7 +136,6 @@ void OpenVpnProtocol::sendManagementCommand(const QString &command)
uint OpenVpnProtocol::selectMgmtPort() uint OpenVpnProtocol::selectMgmtPort()
{ {
for (int i = 0; i < 100; ++i) { for (int i = 0; i < 100; ++i) {
quint32 port = QRandomGenerator::global()->generate(); quint32 port = QRandomGenerator::global()->generate();
port = (double)(65000 - 15001) * port / UINT32_MAX + 15001; port = (double)(65000 - 15001) * port / UINT32_MAX + 15001;
@ -132,26 +145,63 @@ uint OpenVpnProtocol::selectMgmtPort()
if (ok) if (ok)
return port; return port;
} }
return m_managementPort; return m_managementPort;
} }
void OpenVpnProtocol::updateRouteGateway(QString line) void OpenVpnProtocol::updateRouteGateway(QString line)
{ {
// TODO: fix for macos const QString substr = "sitnl_route_best_gw result: via ";
line = line.split("ROUTE_GATEWAY", Qt::SkipEmptyParts).at(1); int start = line.indexOf(substr) + substr.size();
if (!line.contains("/")) int end = line.indexOf(" dev ", start);
return;
m_routeGateway = line.split("/", Qt::SkipEmptyParts).first(); m_routeGateway = line.mid(start, (end-start));
m_routeGateway.replace(" ", "");
qDebug() << "Set VPN route gateway" << m_routeGateway;
} }
void OpenVpnProtocol::handle_cli_message(QString message)
{
QString line = message;
if (line.isEmpty()) {
return;
}
if (line.contains("EVENT: CONNECTED")) {
setConnectionState(Vpn::ConnectionState::Connected);
} else if (line.contains("EXITING")) {
// openVpnStateSigTermHandler();
setConnectionState(Vpn::ConnectionState::Disconnecting);
} else if (line.contains("RECONNECTING")) {
setConnectionState(Vpn::ConnectionState::Reconnecting);
}
if (line.contains("sitnl_route_best_gw")) {
updateRouteGateway(line);
}
if (line.contains("[ifconfig]")) {
updateVpnGateway(line);
}
// TODO: SET CORRECT STRING
if (line.contains("FATAL")) {
if (line.contains("tap-windows6 adapters on this system are currently in use or disabled")) {
emit protocolError(ErrorCode::OpenVpnAdaptersInUseError);
} else {
emit protocolError(ErrorCode::OpenVpnUnknownError);
}
return;
}
}
ErrorCode OpenVpnProtocol::start() ErrorCode OpenVpnProtocol::start()
{ {
// qDebug() << "Start OpenVPN connection"; // qDebug() << "Start OpenVPN connection";
OpenVpnProtocol::stop(); OpenVpnProtocol::stop();
qDebug() << " Utils::openVpnExecPath();" << Utils::openVpnExecPath();
if (!QFileInfo::exists(Utils::openVpnExecPath())) { if (!QFileInfo::exists(Utils::openVpnExecPath())) {
setLastError(ErrorCode::OpenVpnExecutableMissing); setLastError(ErrorCode::OpenVpnExecutableMissing);
return lastError(); return lastError();
@ -184,23 +234,11 @@ ErrorCode OpenVpnProtocol::start()
} }
#endif #endif
// QString vpnLogFileNamePath = Utils::systemLogPath() + "/openvpn.log";
// Utils::createEmptyFile(vpnLogFileNamePath);
uint mgmtPort = selectMgmtPort();
qDebug() << "OpenVpnProtocol::start mgmt port selected:" << mgmtPort;
if (!m_managementServer.start(m_managementHost, mgmtPort)) {
setLastError(ErrorCode::OpenVpnManagementServerError);
return lastError();
}
setConnectionState(Vpn::ConnectionState::Connecting); setConnectionState(Vpn::ConnectionState::Connecting);
m_openVpnProcess = IpcClient::CreatePrivilegedProcess(); m_openVpnProcess = IpcClient::CreatePrivilegedProcess();
if (!m_openVpnProcess) { if (!m_openVpnProcess) {
// qWarning() << "IpcProcess replica is not created!"; qWarning() << "IpcProcess replica is not created!";
setLastError(ErrorCode::AmneziaServiceConnectionFailed); setLastError(ErrorCode::AmneziaServiceConnectionFailed);
return ErrorCode::AmneziaServiceConnectionFailed; return ErrorCode::AmneziaServiceConnectionFailed;
} }
@ -212,122 +250,100 @@ ErrorCode OpenVpnProtocol::start()
return ErrorCode::AmneziaServiceConnectionFailed; return ErrorCode::AmneziaServiceConnectionFailed;
} }
m_openVpnProcess->setProgram(PermittedProcess::OpenVPN); m_openVpnProcess->setProgram(PermittedProcess::OpenVPN);
QStringList arguments({ QStringList arguments({ configPath()/*, "--management", m_managementHost, QString::number(mgmtPort),
"--config", configPath(), "--management", m_managementHost, QString::number(mgmtPort), "--management-client" *//*, "--log", vpnLogFileNamePath */
"--management-client" /*, "--log", vpnLogFileNamePath */
}); });
m_openVpnProcess->setArguments(arguments); m_openVpnProcess->setArguments(arguments);
qDebug() << arguments.join(" "); qDebug() << arguments.join(" ");
connect(m_openVpnProcess.data(), &PrivilegedProcess::errorOccurred, connect(m_openVpnProcess.data(), &PrivilegedProcess::errorOccurred,
[&](QProcess::ProcessError error) { qDebug() << "PrivilegedProcess errorOccurred" << error; }); [&](QProcess::ProcessError error) {
qDebug() << "PrivilegedProcess errorOccurred" << error;
setConnectionState(Vpn::ConnectionState::Disconnected);
});
connect(m_openVpnProcess.data(), &PrivilegedProcess::stateChanged, connect(m_openVpnProcess.data(), &PrivilegedProcess::stateChanged, [&](QProcess::ProcessState newState) {
[&](QProcess::ProcessState newState) { qDebug() << "PrivilegedProcess stateChanged" << newState; }); switch ( newState )
{
case QProcess::Starting:
setConnectionState(Vpn::ConnectionState::Connecting);
break;
case QProcess::Running:
setConnectionState(Vpn::ConnectionState::Connecting);
break;
default:
setConnectionState(Vpn::ConnectionState::Disconnected);
}
qDebug() << "PrivilegedProcess stateChanged" << newState;
});
connect(m_openVpnProcess.data(), &PrivilegedProcess::finished, this, connect(m_openVpnProcess.data(), &PrivilegedProcess::finished, this,
[&]() { setConnectionState(Vpn::ConnectionState::Disconnected); }); [&]() { setConnectionState(Vpn::ConnectionState::Disconnected); });
m_openVpnProcess->start();
// startTimeoutTimer(); connect(m_openVpnProcess.data(), &PrivilegedProcess::readyRead, this, [&] {
QRemoteObjectPendingReply<QByteArray> call = m_openVpnProcess->readAll();
auto *watcher = new QRemoteObjectPendingCallWatcher(call, this);
auto *timeoutTimer = new QTimer(this);
timeoutTimer->setSingleShot(true);
m_watchers.insert(watcher, timeoutTimer);
connect(timeoutTimer, &QTimer::timeout, this, [this, watcher, timeoutTimer]() {
qDebug() << "Foo request timed out.";
m_watchers.remove(watcher);
watcher->deleteLater();
timeoutTimer->deleteLater();
});
connect(watcher, &QRemoteObjectPendingCallWatcher::finished, [this](QRemoteObjectPendingCallWatcher *self) {
QTimer *timer = m_watchers.take(self);
if (timer) {
timer->stop();
timer->deleteLater();
}
QByteArray result = self->returnValue().toByteArray();
handle_cli_message(QString(result));
self->deleteLater();
});
timeoutTimer->start(30000);
});
connect(m_openVpnProcess.data(), QOverload<int, QProcess::ExitStatus>::of(&PrivilegedProcess::finished), this, [this](int exitCode, QProcess::ExitStatus exitStatus) {
qDebug().noquote() << "OpenVPN finished, exitCode, exiStatus" << exitCode << exitStatus;
setConnectionState(Vpn::ConnectionState::Disconnected);
if (exitStatus != QProcess::NormalExit) {
emit protocolError(amnezia::ErrorCode::ShadowSocksExecutableCrashed);
stop();
}
if (exitCode !=0 ) {
emit protocolError(amnezia::ErrorCode::InternalError);
stop();
}
});
m_openVpnProcess->start();
return ErrorCode::NoError; return ErrorCode::NoError;
} }
bool OpenVpnProtocol::sendTermSignal()
{
return m_managementServer.writeCommand("signal SIGTERM");
}
void OpenVpnProtocol::sendByteCount()
{
m_managementServer.writeCommand("bytecount 1");
}
void OpenVpnProtocol::sendInitialData()
{
m_managementServer.writeCommand("state on");
m_managementServer.writeCommand("log on");
}
void OpenVpnProtocol::onReadyReadDataFromManagementServer()
{
for (;;) {
QString line = m_managementServer.readLine().simplified();
if (line.isEmpty()) {
return;
}
if (!line.contains(">BYTECOUNT")) {
qDebug().noquote() << line;
}
if (line.contains(">INFO:OpenVPN Management Interface")) {
sendInitialData();
} else if (line.startsWith(">STATE")) {
if (line.contains("CONNECTED,SUCCESS")) {
sendByteCount();
stopTimeoutTimer();
setConnectionState(Vpn::ConnectionState::Connected);
continue;
} else if (line.contains("EXITING,SIGTER")) {
// openVpnStateSigTermHandler();
setConnectionState(Vpn::ConnectionState::Disconnecting);
continue;
} else if (line.contains("RECONNECTING")) {
setConnectionState(Vpn::ConnectionState::Reconnecting);
continue;
}
}
if (line.contains("ROUTE_GATEWAY")) {
updateRouteGateway(line);
}
if (line.contains("PUSH: Received control message")) {
updateVpnGateway(line);
}
if (line.contains("FATAL")) {
if (line.contains("tap-windows6 adapters on this system are currently in use or disabled")) {
emit protocolError(ErrorCode::OpenVpnAdaptersInUseError);
} else {
emit protocolError(ErrorCode::OpenVpnUnknownError);
}
return;
}
QByteArray data(line.toStdString().c_str());
if (data.contains(">BYTECOUNT:")) {
int beg = data.lastIndexOf(">BYTECOUNT:");
int end = data.indexOf("\n", beg);
beg += sizeof(">BYTECOUNT:") - 1;
QList<QByteArray> count = data.mid(beg, end - beg + 1).split(',');
quint64 r = static_cast<quint64>(count.at(0).trimmed().toULongLong());
quint64 s = static_cast<quint64>(count.at(1).trimmed().toULongLong());
setBytesChanged(r, s);
}
}
}
void OpenVpnProtocol::updateVpnGateway(const QString &line) void OpenVpnProtocol::updateVpnGateway(const QString &line)
{ {
// line looks like // "[ifconfig] [10.8.0.14] [10.8.0.13]"
// PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart QStringList params = line.split("\n");
// 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' for (const QString &param : params) {
if (param.contains("ifconfig")) {
QStringList params = line.split(","); QString l = param.right(param.size() - param.indexOf("ifconfig"));
for (const QString &l : params) {
if (l.contains("ifconfig")) {
if (l.split(" ").size() == 3) { if (l.split(" ").size() == 3) {
m_vpnLocalAddress = l.split(" ").at(1); m_vpnLocalAddress = l.split(" ").at(1);
m_vpnLocalAddress.remove("[");m_vpnLocalAddress.remove("]");
m_vpnGateway = l.split(" ").at(2); m_vpnGateway = l.split(" ").at(2);
m_vpnGateway.remove("[");m_vpnGateway.remove("]");
qDebug() << QString("Set vpn local address %1, gw %2").arg(m_vpnLocalAddress).arg(vpnGateway()); qDebug() << QString("Set vpn local address %1, gw %2").arg(m_vpnLocalAddress).arg(vpnGateway());
} }
} }

4
client/protocols/openvpnprotocol.h
View file

@ -25,8 +25,6 @@ public:
static QString defaultConfigFileName(); static QString defaultConfigFileName();
static QString defaultConfigPath(); static QString defaultConfigPath();
protected slots:
void onReadyReadDataFromManagementServer();
private: private:
QString configPath() const; QString configPath() const;
@ -34,6 +32,7 @@ private:
bool sendTermSignal(); bool sendTermSignal();
void readOpenVpnConfiguration(const QJsonObject &configuration); void readOpenVpnConfiguration(const QJsonObject &configuration);
void disconnectFromManagementServer(); void disconnectFromManagementServer();
void handle_cli_message(QString message);
void killOpenVpnProcess(); void killOpenVpnProcess();
void sendByteCount(); void sendByteCount();
void sendInitialData(); void sendInitialData();
@ -42,6 +41,7 @@ private:
const QString m_managementHost = "127.0.0.1"; const QString m_managementHost = "127.0.0.1";
const unsigned int m_managementPort = 57775; const unsigned int m_managementPort = 57775;
QHash<QRemoteObjectPendingCallWatcher*, QTimer*> m_watchers;
ManagementServer m_managementServer; ManagementServer m_managementServer;
QString m_configFileName; QString m_configFileName;
QTemporaryFile m_configFile; QTemporaryFile m_configFile;