AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Xray with Reality protocol (#494)

Browse source 
* Xray with Reality for desktops
This commit is contained in:
Mykola Baibuz 2024-03-27 11:02:34 +00:00 committed by GitHub
parent f6acec53c0
commit ba4237f1dd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
64 changed files with 1933 additions and 336 deletions
Download patch file Download diff file Expand all files Collapse all files

2
service/server/CMakeLists.txt
View file

@ -14,6 +14,7 @@ configure_file(${CMAKE_SOURCE_DIR}/version.h.in ${CMAKE_CURRENT_BINARY_DIR}/vers
set(HEADERS
${CMAKE_CURRENT_LIST_DIR}/../../client/utilities.h
${CMAKE_CURRENT_LIST_DIR}/../../client/core/networkUtilities.h
${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc.h
${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.h
${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserverprocess.h
@ -26,6 +27,7 @@ set(HEADERS
set(SOURCES
${CMAKE_CURRENT_LIST_DIR}/../../client/utilities.cpp
${CMAKE_CURRENT_LIST_DIR}/../../client/core/networkUtilities.cpp
${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.cpp
${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserverprocess.cpp
${CMAKE_CURRENT_LIST_DIR}/localserver.cpp

58
service/server/router.cpp
View file

@ -64,3 +64,61 @@ void Router::resetIpStack()
#endif
}
bool Router::createTun(const QString &dev, const QString &subnet)
{
#ifdef Q_OS_LINUX
return RouterLinux::Instance().createTun(dev, subnet);
#endif
#ifdef Q_OS_MAC
return RouterMac::Instance().createTun(dev, subnet);
#endif
return true;
};
bool Router::deleteTun(const QString &dev)
{
#ifdef Q_OS_LINUX
return RouterLinux::Instance().deleteTun(dev);
#endif
#ifdef Q_OS_MAC
return RouterMac::Instance().deleteTun(dev);
#endif
return true;
};
bool Router::updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers)
{
#ifdef Q_OS_LINUX
return RouterLinux::Instance().updateResolvers(ifname, resolvers);
#endif
#ifdef Q_OS_MACOS
return RouterMac::Instance().updateResolvers(ifname, resolvers);
#endif
#ifdef Q_OS_WIN
return RouterWin::Instance().updateResolvers(ifname, resolvers);
#endif
}
void Router::StopRoutingIpv6()
{
#ifdef Q_OS_WIN
RouterWin::Instance().StopRoutingIpv6();
#elif defined (Q_OS_MAC)
// todo fixme
#elif defined Q_OS_LINUX
RouterLinux::Instance().StopRoutingIpv6();
#endif
}
void Router::StartRoutingIpv6()
{
#ifdef Q_OS_WIN
RouterWin::Instance().StartRoutingIpv6();
#elif defined (Q_OS_MAC)
// todo fixme
#elif defined Q_OS_LINUX
RouterLinux::Instance().StartRoutingIpv6();
#endif
}

6
service/server/router.h
View file

@ -7,6 +7,7 @@
#include <QHash>
#include <QDebug>
#include <QObject>
#include <QHostAddress>
/**
* @brief The Router class - General class for handling ip routing
@ -20,6 +21,11 @@ public:
static int routeDeleteList(const QString &gw, const QStringList &ips);
static void flushDns();
static void resetIpStack();
static bool createTun(const QString &dev, const QString &subnet);
static bool deleteTun(const QString &dev);
static void StartRoutingIpv6();
static void StopRoutingIpv6();
static bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
};
#endif // ROUTER_H

190
service/server/router_linux.cpp
View file

@ -5,10 +5,14 @@
#include <utilities.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <net/route.h>
#include <linux/if.h>
#include <linux/if_tun.h>
#include <linux/netlink.h>
#include <linux/rtnetlink.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/ioctl.h>
#include <paths.h>
#include <fcntl.h>
#include <errno.h>
@ -16,6 +20,8 @@
#include <unistd.h>
#include <QFileInfo>
#include <core/networkUtilities.h>
RouterLinux &RouterLinux::Instance()
{
static RouterLinux s;
@ -24,10 +30,10 @@ RouterLinux &RouterLinux::Instance()
bool RouterLinux::routeAdd(const QString &ipWithSubnet, const QString &gw, const int &sock)
{
QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipWithSubnet);
if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
if (!NetworkUtilities::checkIPv4Format(ip) || !NetworkUtilities::checkIPv4Format(gw)) {
qCritical().noquote() << "Critical, trying to add invalid route: " << ip << gw;
return false;
}
@ -91,18 +97,18 @@ bool RouterLinux::clearSavedRoutes()
bool RouterLinux::routeDelete(const QString &ipWithSubnet, const QString &gw, const int &sock)
{
#ifdef MZ_DEBUG
qDebug().noquote() << "RouterMac::routeDelete: " << ipWithSubnet << gw;
qDebug().noquote() << "RouterLinux::routeDelete: " << ipWithSubnet << gw;
#endif
QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipWithSubnet);
if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
if (!NetworkUtilities::checkIPv4Format(ip) || !NetworkUtilities::checkIPv4Format(gw)) {
qCritical().noquote() << "Critical, trying to remove invalid route: " << ip << gw;
return false;
}
if (ip == "0.0.0.0") {
if (ipWithSubnet == "0.0.0.0/0") {
qDebug().noquote() << "Warning, trying to remove default route, skipping: " << ip << gw;
return true;
}
@ -170,3 +176,169 @@ void RouterLinux::flushDns()
else
qDebug().noquote() << "OUTPUT systemctl restart nscd/systemd-resolved: " + output;
}
bool RouterLinux::createTun(const QString &dev, const QString &subnet) {
qDebug().noquote() << "createTun start";
QProcess process;
QStringList commands;
commands << "ip" << "tuntap" << "add" << "mode" << "tun" << "dev" << dev;
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start adding tun device!\n";
return false;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not add tun device!\n";
return false;
}
commands.clear();
commands << "ip" << "addr" << "add" << QString("%1/24").arg(subnet) << "dev" << dev;
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start adding a subnet for tun device!\n";
return false;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not add a subnet for tun device!\n";
return false;
}
commands.clear();
commands << "ip" << "link" << "set" << "dev" << dev << "up";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start link set for tun device!\n";
return false;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not link set for tun device!\n";
return false;
}
return true;
}
bool RouterLinux::deleteTun(const QString &dev)
{
struct {
struct nlmsghdr nh;
struct ifinfomsg ifm;
unsigned char data[64];
} req;
struct rtattr *rta;
int ret, rtnl;
rtnl = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE);
if (rtnl < 0) {
qDebug().noquote() << "can't open rtnl: " << errno;
return 1;
}
memset(&req, 0, sizeof(req));
req.nh.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(req.ifm)));
req.nh.nlmsg_flags = NLM_F_REQUEST;
req.nh.nlmsg_type = RTM_DELLINK;
req.ifm.ifi_family = AF_UNSPEC;
rta = (struct rtattr *)(((char *)&req) + NLMSG_ALIGN(req.nh.nlmsg_len));
rta->rta_type = IFLA_IFNAME;
rta->rta_len = RTA_LENGTH(IFNAMSIZ);
req.nh.nlmsg_len += rta->rta_len;
memcpy(RTA_DATA(rta), dev.toStdString().c_str(), IFNAMSIZ);
ret = send(rtnl, &req, req.nh.nlmsg_len, 0);
if (ret < 0)
qDebug().noquote() << "can't send: errno";
ret = (unsigned int)ret != req.nh.nlmsg_len;
close(rtnl);
qDebug().noquote() << "deleteTun ret" << ret;
return ret;
}
bool RouterLinux::updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers)
{
return m_dnsUtil->updateResolvers(ifname, resolvers);
}
void RouterLinux::StartRoutingIpv6()
{
QProcess process;
QStringList commands;
commands << "sysctl" << "-w" << "net.ipv6.conf.all.disable_ipv6=0";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start activate ipv6\n";
return;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not activate ipv6\n";
return;
}
commands.clear();
commands << "sysctl" << "-w" << "net.ipv6.conf.default.disable_ipv6=0";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start activate ipv6\n";
return;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not activate ipv6\n";
return;
}
commands.clear();
qDebug().noquote() << "StartRoutingIpv6 OK";
}
void RouterLinux::StopRoutingIpv6()
{
QProcess process;
QStringList commands;
commands << "sysctl" << "-w" << "net.ipv6.conf.all.disable_ipv6=1";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start disable ipv6\n";
return;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not disable ipv6\n";
return;
}
commands.clear();
commands << "sysctl" << "-w" << "net.ipv6.conf.default.disable_ipv6=1";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start disable ipv6\n";
return;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not disable ipv6\n";
return;
}
commands.clear();
qDebug().noquote() << "StopRoutingIpv6 OK";
}

11
service/server/router_linux.h
View file

@ -8,6 +8,8 @@
#include <QDebug>
#include <QObject>
#include "../client/platforms/linux/daemon/dnsutilslinux.h"
/**
* @brief The Router class - General class for handling ip routing
*/
@ -29,15 +31,20 @@ public:
bool routeDeleteList(const QString &gw, const QStringList &ips);
QString getgatewayandiface();
void flushDns();
bool createTun(const QString &dev, const QString &subnet);
bool deleteTun(const QString &dev);
void StartRoutingIpv6();
void StopRoutingIpv6();
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
public slots:
private:
RouterLinux() {}
RouterLinux() {m_dnsUtil = new DnsUtilsLinux(this);}
RouterLinux(RouterLinux const &) = delete;
RouterLinux& operator= (RouterLinux const&) = delete;
QList<Route> m_addedRoutes;
DnsUtilsLinux *m_dnsUtil;
};
#endif // ROUTERLINUX_H

53
service/server/router_mac.cpp
View file

@ -3,7 +3,8 @@
#include <QProcess>
#include <QThread>
#include <utilities.h>
#include <core/networkUtilities.h>
RouterMac &RouterMac::Instance()
{
@ -13,14 +14,14 @@ RouterMac &RouterMac::Instance()
bool RouterMac::routeAdd(const QString &ipWithSubnet, const QString &gw)
{
QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipWithSubnet);
#ifdef MZ_DEBUG
qDebug().noquote() << "RouterMac::routeAdd: " << ipWithSubnet << gw;
#endif
if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
if (!NetworkUtilities::checkIPv4Format(ip) || !NetworkUtilities::checkIPv4Format(gw)) {
qCritical().noquote() << "Critical, trying to add invalid route: " << ip << gw;
return false;
}
@ -76,19 +77,19 @@ bool RouterMac::clearSavedRoutes()
bool RouterMac::routeDelete(const QString &ipWithSubnet, const QString &gw)
{
QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipWithSubnet);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipWithSubnet);
#ifdef MZ_DEBUG
qDebug().noquote() << "RouterMac::routeDelete: " << ipWithSubnet << gw;
#endif
if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
if (!NetworkUtilities::checkIPv4Format(ip) || !NetworkUtilities::checkIPv4Format(gw)) {
qCritical().noquote() << "Critical, trying to remove invalid route: " << ip << gw;
return false;
}
if (ip == "0.0.0.0") {
if (ipWithSubnet == "0.0.0.0/0") {
qDebug().noquote() << "Warning, trying to remove default route, skipping: " << ip << gw;
return true;
}
@ -129,6 +130,42 @@ bool RouterMac::routeDeleteList(const QString &gw, const QStringList &ips)
return cnt;
}
bool RouterMac::createTun(const QString &dev, const QString &subnet) {
qDebug().noquote() << "createTun start";
QProcess process;
QStringList commands;
commands << "ifconfig" << dev << "inet" << subnet << subnet << "up";
process.start("sudo", commands);
if (!process.waitForStarted(1000))
{
qDebug().noquote() << "Could not start activate tun device!\n";
return false;
}
else if (!process.waitForFinished(2000))
{
qDebug().noquote() << "Could not activate tun device!\n";
return false;
}
commands.clear();
return true;
}
bool RouterMac::updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers)
{
return m_dnsUtil->updateResolvers(ifname, resolvers);
}
bool RouterMac::deleteTun(const QString &dev)
{
qDebug().noquote() << "deleteTun start";
return true;
}
void RouterMac::flushDns()
{
// sudo killall -HUP mDNSResponder

9
service/server/router_mac.h
View file

@ -8,6 +8,7 @@
#include <QDebug>
#include <QObject>
#include "../client/platforms/macos/daemon/dnsutilsmacos.h"
/**
* @brief The Router class - General class for handling ip routing
@ -29,15 +30,19 @@ public:
bool routeDelete(const QString &ip, const QString &gw);
bool routeDeleteList(const QString &gw, const QStringList &ips);
void flushDns();
bool createTun(const QString &dev, const QString &subnet);
bool deleteTun(const QString &dev);
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
public slots:
private:
RouterMac() {}
RouterMac() {m_dnsUtil = new DnsUtilsMacos(this);}
RouterMac(RouterMac const &) = delete;
RouterMac& operator= (RouterMac const&) = delete;
QList<Route> m_addedRoutes;
DnsUtilsMacos *m_dnsUtil;
};
#endif // ROUTERMAC_H

73
service/server/router_win.cpp
View file

@ -1,5 +1,4 @@
#include "router_win.h"
#include "../client/utilities.h"
#include <string>
#include <tlhelp32.h>
@ -7,6 +6,8 @@
#include <QProcess>
#include <core/networkUtilities.h>
LONG (NTAPI * NtSuspendProcess)(HANDLE ProcessHandle) = NULL;
LONG (NTAPI * NtResumeProcess)(HANDLE ProcessHandle) = NULL;
@ -35,7 +36,7 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
// .arg(ips.join("\n"));
if (!Utils::checkIPv4Format(gw)) {
if (!NetworkUtilities::checkIPv4Format(gw)) {
qCritical().noquote() << "Trying to add invalid route, gw: " << gw;
return 0;
}
@ -58,7 +59,6 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
dwStatus = GetIpForwardTable(pIpForwardTable, &dwSize, bOrder);
}
if (dwStatus != ERROR_SUCCESS) {
qDebug() << "getIpForwardTable failed.";
if (pIpForwardTable)
@ -66,7 +66,6 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
return 0;
}
int success_count = 0;
MIB_IPFORWARDROW ipfrow;
@ -77,7 +76,6 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
ipfrow.dwForwardType = MIB_IPROUTE_TYPE_INDIRECT; /* XXX - next hop != final dest */
ipfrow.dwForwardProto = MIB_IPPROTO_NETMGMT; /* XXX - MIB_PROTO_NETMGMT */
// Set iface for route
IPAddr dwGwAddr = inet_addr(gw.toStdString().c_str());
if (GetBestInterface(dwGwAddr, &ipfrow.dwForwardIfIndex) != NO_ERROR) {
@ -105,14 +103,14 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
for (int i = 0; i < ips.size(); ++i) {
QString ipWithMask = ips.at(i);
QString ip = Utils::ipAddressFromIpWithSubnet(ipWithMask);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipWithMask);
if (!Utils::checkIPv4Format(ip)) {
if (!NetworkUtilities::checkIPv4Format(ip)) {
qCritical().noquote() << "Critical, trying to add invalid route, ip: " << ip;
continue;
}
QString mask = Utils::netMaskFromIpWithSubnet(ipWithMask);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipWithMask);
// address
ipfrow.dwForwardDest = inet_addr(ip.toStdString().c_str());
@ -137,7 +135,6 @@ int RouterWin::routeAddList(const QString &gw, const QStringList &ips)
}
}
// Free resources
if (pIpForwardTable)
free(pIpForwardTable);
@ -215,8 +212,7 @@ int RouterWin::routeDeleteList(const QString &gw, const QStringList &ips)
DWORD dwSize = 0;
BOOL bOrder = FALSE;
DWORD dwStatus = 0;
ULONG gw_addr= inet_addr(gw.toStdString().c_str());
ULONG gw_addr = inet_addr(gw.toStdString().c_str());
// Find out how big our buffer needs to be.
dwStatus = GetIpForwardTable(pIpForwardTable, &dwSize, bOrder);
@ -230,7 +226,6 @@ int RouterWin::routeDeleteList(const QString &gw, const QStringList &ips)
dwStatus = GetIpForwardTable(pIpForwardTable, &dwSize, bOrder);
}
if (dwStatus != ERROR_SUCCESS) {
qDebug() << "getIpForwardTable failed.";
if (pIpForwardTable)
@ -244,8 +239,8 @@ int RouterWin::routeDeleteList(const QString &gw, const QStringList &ips)
for (int i = 0; i < ips.size(); ++i) {
QString ipMask = ips.at(i);
if (ipMask.isEmpty()) continue;
QString ip = Utils::ipAddressFromIpWithSubnet(ipMask);
QString mask = Utils::netMaskFromIpWithSubnet(ipMask);
QString ip = NetworkUtilities::ipAddressFromIpWithSubnet(ipMask);
QString mask = NetworkUtilities::netMaskFromIpWithSubnet(ipMask);
if (ip.isEmpty()) continue;
@ -443,3 +438,53 @@ BOOL RouterWin::SuspendProcess(BOOL fSuspend, DWORD dwProcessId)
return ok;
}
bool RouterWin::updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers)
{
return m_dnsUtil->updateResolvers(ifname, resolvers);
}
void RouterWin::StopRoutingIpv6()
{
{
QProcess p;
QString command = QString("interface ipv6 add route fc00::/7 interface={NetworkInterface.IPv6LoopbackInterfaceIndex} metric=0 store=active");
p.start(command);
p.waitForFinished();
}
{
QProcess p;
QString command = QString("interface ipv6 add route 2000::/4 interface={NetworkInterface.IPv6LoopbackInterfaceIndex} metric=0 store=active");
p.start(command);
p.waitForFinished();
}
{
QProcess p;
QString command = QString("interface ipv6 add route 3000::/4 interface={NetworkInterface.IPv6LoopbackInterfaceIndex} metric=0 store=active");
p.start(command);
p.waitForFinished();
}
}
void RouterWin::StartRoutingIpv6()
{
{
QProcess p;
QString command = QString("interface ipv6 delete route fc00::/7 interface={NetworkInterface.IPv6LoopbackInterfaceIndex}");
p.start(command);
p.waitForFinished();
}
{
QProcess p;
QString command = QString("interface ipv6 delete route 2000::/4 interface={NetworkInterface.IPv6LoopbackInterfaceIndex}");
p.start(command);
p.waitForFinished();
}
{
QProcess p;
QString command = QString("interface ipv6 delete route 3000::/4 interface={NetworkInterface.IPv6LoopbackInterfaceIndex}");
p.start(command);
p.waitForFinished();
}
}

10
service/server/router_win.h
View file

@ -8,6 +8,7 @@
#include <QDebug>
#include <QObject>
#include "../client/platforms/windows/daemon/dnsutilswindows.h"
#include <WinSock2.h> //includes Windows.h
#include <WS2tcpip.h>
@ -41,10 +42,13 @@ public:
void flushDns();
void resetIpStack();
void StartRoutingIpv6();
void StopRoutingIpv6();
void suspendWcmSvc(bool suspend);
bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers);
private:
RouterWin() {}
RouterWin(RouterWin const &) = delete;
RouterWin& operator= (RouterWin const&) = delete;
@ -54,11 +58,11 @@ private:
BOOL InitNtFunctions();
BOOL SuspendProcess(BOOL fSuspend, DWORD dwProcessId);
private:
RouterWin() {m_dnsUtil = new DnsUtilsWindows(this);}
QMultiMap<QString, MIB_IPFORWARDROW> m_ipForwardRows;
bool m_suspended = false;
DnsUtilsWindows *m_dnsUtil;
};
#endif // ROUTERWIN_H