diff --git a/client/configurators/cloak_configurator.cpp b/client/configurators/cloak_configurator.cpp index 045b0787..0d74c786 100644 --- a/client/configurators/cloak_configurator.cpp +++ b/client/configurators/cloak_configurator.cpp @@ -7,10 +7,10 @@ #include "core/servercontroller.h" #include "containers/containers_defs.h" -CloakConfigurator::CloakConfigurator(std::shared_ptr settings, std::shared_ptr serverController, +CloakConfigurator::CloakConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials, DockerContainer container, @@ -19,11 +19,11 @@ QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials, ErrorCode e = ErrorCode::NoError; QString cloakPublicKey = m_serverController->getTextFileFromContainer(container, credentials, - amnezia::protocols::cloak::ckPublicKeyPath, &e); + amnezia::protocols::cloak::ckPublicKeyPath, &e); cloakPublicKey.replace("\n", ""); QString cloakBypassUid = m_serverController->getTextFileFromContainer(container, credentials, - amnezia::protocols::cloak::ckBypassUidKeyPath, &e); + amnezia::protocols::cloak::ckBypassUidKeyPath, &e); cloakBypassUid.replace("\n", ""); if (e) { @@ -48,7 +48,7 @@ QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials, config.insert(config_key::port, "$CLOAK_SERVER_PORT"); QString textCfg = m_serverController->replaceVars(QJsonDocument(config).toJson(), - m_serverController->genVarsForScript(credentials, container, containerConfig)); + m_serverController->genVarsForScript(credentials, container, containerConfig)); // qDebug().noquote() << textCfg; return textCfg; diff --git a/client/configurators/cloak_configurator.h b/client/configurators/cloak_configurator.h index c6184805..cb729cf5 100644 --- a/client/configurators/cloak_configurator.h +++ b/client/configurators/cloak_configurator.h @@ -12,10 +12,11 @@ class CloakConfigurator : ConfiguratorBase Q_OBJECT public: CloakConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); QString genCloakConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); }; #endif // CLOAK_CONFIGURATOR_H diff --git a/client/configurators/configurator_base.cpp b/client/configurators/configurator_base.cpp index 44377401..a5b6cb84 100644 --- a/client/configurators/configurator_base.cpp +++ b/client/configurators/configurator_base.cpp @@ -1,10 +1,7 @@ #include "configurator_base.h" ConfiguratorBase::ConfiguratorBase(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent) - : QObject{parent}, - m_settings(settings), - m_serverController(serverController) + std::shared_ptr serverController, + QObject *parent): QObject{parent}, m_settings(settings), m_serverController(serverController) { - } diff --git a/client/configurators/configurator_base.h b/client/configurators/configurator_base.h index 8c0614d9..a3b0a679 100644 --- a/client/configurators/configurator_base.h +++ b/client/configurators/configurator_base.h @@ -14,12 +14,12 @@ class ConfiguratorBase : public QObject Q_OBJECT public: explicit ConfiguratorBase(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); protected: std::shared_ptr m_settings; std::shared_ptr m_serverController; - }; #endif // CONFIGURATORBASE_H diff --git a/client/configurators/ikev2_configurator.cpp b/client/configurators/ikev2_configurator.cpp index 9b702824..3eb6dd29 100644 --- a/client/configurators/ikev2_configurator.cpp +++ b/client/configurators/ikev2_configurator.cpp @@ -1,4 +1,5 @@ #include "ikev2_configurator.h" + #include #include #include @@ -15,14 +16,14 @@ #include "core/servercontroller.h" -Ikev2Configurator::Ikev2Configurator(std::shared_ptr settings, std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) +Ikev2Configurator::Ikev2Configurator(std::shared_ptr settings, + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials, - DockerContainer container, ErrorCode *errorCode) + DockerContainer container, ErrorCode *errorCode) { Ikev2Configurator::ConnectionData connData; connData.host = credentials.hostName; @@ -33,20 +34,17 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se QString certFileName = "/opt/amnezia/ikev2/clients/" + connData.clientId + ".p12"; QString scriptCreateCert = QString("certutil -z <(head -c 1024 /dev/urandom) "\ - "-S -c \"IKEv2 VPN CA\" -n \"%1\" "\ - "-s \"O=IKEv2 VPN,CN=%1\" "\ - "-k rsa -g 3072 -v 120 "\ - "-d sql:/etc/ipsec.d -t \",,\" "\ - "--keyUsage digitalSignature,keyEncipherment "\ - "--extKeyUsage serverAuth,clientAuth -8 \"%1\"") - .arg(connData.clientId); + "-S -c \"IKEv2 VPN CA\" -n \"%1\" "\ + "-s \"O=IKEv2 VPN,CN=%1\" "\ + "-k rsa -g 3072 -v 120 "\ + "-d sql:/etc/ipsec.d -t \",,\" "\ + "--keyUsage digitalSignature,keyEncipherment "\ + "--extKeyUsage serverAuth,clientAuth -8 \"%1\"").arg(connData.clientId); ErrorCode e = m_serverController->runContainerScript(credentials, container, scriptCreateCert); QString scriptExportCert = QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"") - .arg(connData.password) - .arg(connData.clientId) - .arg(certFileName); + .arg(connData.password, connData.clientId, certFileName); e = m_serverController->runContainerScript(credentials, container, scriptExportCert); connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, certFileName, &e); @@ -58,8 +56,8 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se return connData; } -QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) +QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode) { Q_UNUSED(containerConfig) diff --git a/client/configurators/ikev2_configurator.h b/client/configurators/ikev2_configurator.h index 35c03b19..91ce938e 100644 --- a/client/configurators/ikev2_configurator.h +++ b/client/configurators/ikev2_configurator.h @@ -12,7 +12,8 @@ class Ikev2Configurator : ConfiguratorBase Q_OBJECT public: Ikev2Configurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); struct ConnectionData { QByteArray clientCert; // p12 client cert @@ -23,14 +24,14 @@ public: }; QString genIkev2Config(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); QString genIkev2Config(const ConnectionData &connData); QString genMobileConfig(const ConnectionData &connData); QString genStrongSwanConfig(const ConnectionData &connData); - ConnectionData prepareIkev2Config(const ServerCredentials &credentials, - DockerContainer container, ErrorCode *errorCode = nullptr); + ConnectionData prepareIkev2Config(const ServerCredentials &credentials, DockerContainer container, + ErrorCode *errorCode = nullptr); }; #endif // IKEV2_CONFIGURATOR_H diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp index 441c15f6..2d914e55 100644 --- a/client/configurators/openvpn_configurator.cpp +++ b/client/configurators/openvpn_configurator.cpp @@ -1,4 +1,5 @@ #include "openvpn_configurator.h" + #include #include #include @@ -19,14 +20,14 @@ #include #include -OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr settings, std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) +OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(const ServerCredentials &credentials, - DockerContainer container, ErrorCode *errorCode) + DockerContainer container, ErrorCode *errorCode) { OpenVpnConfigurator::ConnectionData connData = OpenVpnConfigurator::createCertRequest(); connData.host = credentials.hostName; @@ -36,9 +37,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co return connData; } - QString reqFileName = QString("%1/%2.req"). - arg(amnezia::protocols::openvpn::clientsDirPath). - arg(connData.clientId); + QString reqFileName = QString("%1/%2.req").arg(amnezia::protocols::openvpn::clientsDirPath, connData.clientId); ErrorCode e = m_serverController->uploadTextFileToContainer(container, credentials, connData.request, reqFileName); if (e) { @@ -52,9 +51,11 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co return connData; } - connData.caCert = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::openvpn::caCertPath, &e); + connData.caCert = m_serverController->getTextFileFromContainer(container, credentials, + amnezia::protocols::openvpn::caCertPath, &e); connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, - QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath).arg(connData.clientId), &e); + QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath, connData.clientId), + &e); if (e) { if (errorCode) *errorCode = e; @@ -70,11 +71,11 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co return connData; } -QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) +QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode) { QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::openvpn_template, container), - m_serverController->genVarsForScript(credentials, container, containerConfig)); + m_serverController->genVarsForScript(credentials, container, containerConfig)); ConnectionData connData = prepareOpenVpnConfig(credentials, container, errorCode); if (errorCode && *errorCode) { @@ -87,8 +88,7 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia if (config.contains("$OPENVPN_TA_KEY")) { config.replace("$OPENVPN_TA_KEY", connData.taKey); - } - else { + } else { config.replace("", ""); config.replace("", ""); } @@ -110,8 +110,7 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig) if (m_settings->routeMode() != Settings::VpnAllSites) { config.replace("redirect-gateway def1 bypass-dhcp", ""); - } - else { + } else { if(!config.contains("redirect-gateway def1 bypass-dhcp")) { config.append("redirect-gateway def1 bypass-dhcp\n"); } @@ -149,22 +148,21 @@ QString OpenVpnConfigurator::processConfigWithExportSettings(QString jsonConfig) return QJsonDocument(json).toJson(); } -ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, - const ServerCredentials &credentials, QString clientId) +ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, const ServerCredentials &credentials, QString clientId) { QString script_import = QString("sudo docker exec -i %1 bash -c \"cd /opt/amnezia/openvpn && " - "easyrsa import-req %2/%3.req %3\"") - .arg(ContainerProps::containerToString(container)) - .arg(amnezia::protocols::openvpn::clientsDirPath) - .arg(clientId); + "easyrsa import-req %2/%3.req %3\"") + .arg(ContainerProps::containerToString(container), + amnezia::protocols::openvpn::clientsDirPath, + clientId); QString script_sign = QString("sudo docker exec -i %1 bash -c \"export EASYRSA_BATCH=1; cd /opt/amnezia/openvpn && " - "easyrsa sign-req client %2\"") - .arg(ContainerProps::containerToString(container)) - .arg(clientId); + "easyrsa sign-req client %2\"") + .arg(ContainerProps::containerToString(container), clientId); QStringList scriptList {script_import, script_sign}; - QString script = m_serverController->replaceVars(scriptList.join("\n"), m_serverController->genVarsForScript(credentials, container)); + QString script = m_serverController->replaceVars(scriptList.join("\n"), + m_serverController->genVarsForScript(credentials, container)); return m_serverController->runScript(credentials, script); } @@ -174,8 +172,8 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest() ConnectionData connData; connData.clientId = Utils::getRandomString(32); - int ret = 0; - int nVersion = 1; + int ret = 0; + int nVersion = 1; QByteArray clientIdUtf8 = connData.clientId.toUtf8(); @@ -208,7 +206,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest() // 4. set public key of x509 req ret = X509_REQ_set_pubkey(x509_req, pKey); - if (ret != 1){ + if (ret != 1) { qWarning() << "Could not set pubkey!"; X509_REQ_free(x509_req); EVP_PKEY_free(pKey); @@ -217,7 +215,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest() // 5. set sign key of x509 req ret = X509_REQ_sign(x509_req, pKey, EVP_sha256()); // return x509_req->signature->length - if (ret <= 0){ + if (ret <= 0) { qWarning() << "Could not sign request!"; X509_REQ_free(x509_req); EVP_PKEY_free(pKey); @@ -227,8 +225,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest() // save private key BIO * bp_private = BIO_new(BIO_s_mem()); q_check_ptr(bp_private); - if (PEM_write_bio_PrivateKey(bp_private, pKey, nullptr, nullptr, 0, nullptr, nullptr) != 1) - { + if (PEM_write_bio_PrivateKey(bp_private, pKey, nullptr, nullptr, 0, nullptr, nullptr) != 1) { qFatal("PEM_write_bio_PrivateKey"); EVP_PKEY_free(pKey); BIO_free_all(bp_private); diff --git a/client/configurators/openvpn_configurator.h b/client/configurators/openvpn_configurator.h index 25230499..20d5bd69 100644 --- a/client/configurators/openvpn_configurator.h +++ b/client/configurators/openvpn_configurator.h @@ -12,7 +12,8 @@ class OpenVpnConfigurator : ConfiguratorBase Q_OBJECT public: OpenVpnConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); struct ConnectionData { QString clientId; @@ -25,20 +26,18 @@ public: }; QString genOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); QString processConfigWithLocalSettings(QString jsonConfig); QString processConfigWithExportSettings(QString jsonConfig); - ErrorCode signCert(DockerContainer container, - const ServerCredentials &credentials, QString clientId); + ErrorCode signCert(DockerContainer container, const ServerCredentials &credentials, QString clientId); private: ConnectionData createCertRequest(); - ConnectionData prepareOpenVpnConfig(const ServerCredentials &credentials, - DockerContainer container, ErrorCode *errorCode = nullptr); - + ConnectionData prepareOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container, + ErrorCode *errorCode = nullptr); }; #endif // OPENVPN_CONFIGURATOR_H diff --git a/client/configurators/shadowsocks_configurator.cpp b/client/configurators/shadowsocks_configurator.cpp index 97503ac4..b805492e 100644 --- a/client/configurators/shadowsocks_configurator.cpp +++ b/client/configurators/shadowsocks_configurator.cpp @@ -5,21 +5,22 @@ #include #include "containers/containers_defs.h" +#include "core/scripts_registry.h" #include "core/servercontroller.h" -ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr settings, std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) +ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } -QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) +QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode) { ErrorCode e = ErrorCode::NoError; QString ssKey = m_serverController->getTextFileFromContainer(container, credentials, - amnezia::protocols::shadowsocks::ssKeyPath, &e); + amnezia::protocols::shadowsocks::ssKeyPath, &e); ssKey.replace("\n", ""); if (e) { @@ -27,18 +28,12 @@ QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &c return ""; } - QJsonObject config; - config.insert("server", credentials.hostName); - config.insert("server_port", "$SHADOWSOCKS_SERVER_PORT"); - config.insert("local_port", "$SHADOWSOCKS_LOCAL_PORT"); - config.insert("password", ssKey); - config.insert("timeout", 60); - config.insert("method", "$SHADOWSOCKS_CIPHER"); + QString ssClientConfig = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::shadowsocks_client_template, container), + m_serverController->genVarsForScript(credentials, container, containerConfig)); - - QString textCfg = m_serverController->replaceVars(QJsonDocument(config).toJson(), - m_serverController->genVarsForScript(credentials, container, containerConfig)); + ssClientConfig.replace("$SHADOWSOCKS_PASSWORD", ssKey); + ssClientConfig = m_serverController->replaceVars(ssClientConfig, m_serverController->genVarsForScript(credentials, container, containerConfig)); //qDebug().noquote() << textCfg; - return textCfg; + return ssClientConfig; } diff --git a/client/configurators/shadowsocks_configurator.h b/client/configurators/shadowsocks_configurator.h index be80f169..90b49a04 100644 --- a/client/configurators/shadowsocks_configurator.h +++ b/client/configurators/shadowsocks_configurator.h @@ -11,10 +11,11 @@ class ShadowSocksConfigurator : ConfiguratorBase Q_OBJECT public: ShadowSocksConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); QString genShadowSocksConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); }; #endif // SHADOWSOCKS_CONFIGURATOR_H diff --git a/client/configurators/ssh_configurator.cpp b/client/configurators/ssh_configurator.cpp index f8dc9869..30f6160c 100644 --- a/client/configurators/ssh_configurator.cpp +++ b/client/configurators/ssh_configurator.cpp @@ -1,4 +1,5 @@ #include "ssh_configurator.h" + #include #include #include @@ -18,10 +19,10 @@ using namespace QSsh; -SshConfigurator::SshConfigurator(std::shared_ptr settings, std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) +SshConfigurator::SshConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } QString SshConfigurator::convertOpenSShKey(const QString &key) @@ -76,10 +77,8 @@ void SshConfigurator::openSshTerminal(const ServerCredentials &credentials) // todo: connect by key // p->setNativeArguments(QString("%1@%2") // .arg(credentials.userName).arg(credentials.hostName).arg(credentials.password)); - } - else { - p->setNativeArguments(QString("%1@%2 -pw %3") - .arg(credentials.userName).arg(credentials.hostName).arg(credentials.password)); + } else { + p->setNativeArguments(QString("%1@%2 -pw %3").arg(credentials.userName).arg(credentials.hostName, credentials.password)); } #else p->setProgram("/bin/bash"); diff --git a/client/configurators/ssh_configurator.h b/client/configurators/ssh_configurator.h index d7a177c3..3bfb9675 100644 --- a/client/configurators/ssh_configurator.h +++ b/client/configurators/ssh_configurator.h @@ -12,12 +12,12 @@ class SshConfigurator : ConfiguratorBase Q_OBJECT public: SshConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); QProcessEnvironment prepareEnv(); QString convertOpenSShKey(const QString &key); void openSshTerminal(const ServerCredentials &credentials); - }; #endif // SSH_CONFIGURATOR_H diff --git a/client/configurators/v2ray_configurator.cpp b/client/configurators/v2ray_configurator.cpp index 361182a6..6a3c444b 100644 --- a/client/configurators/v2ray_configurator.cpp +++ b/client/configurators/v2ray_configurator.cpp @@ -10,10 +10,10 @@ #include "core/scripts_registry.h" #include "containers/containers_defs.h" -V2RayConfigurator::V2RayConfigurator(std::shared_ptr settings, std::shared_ptr serverController, +V2RayConfigurator::V2RayConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, QObject *parent) : ConfiguratorBase(settings, serverController, parent) { - } QString V2RayConfigurator::genV2RayConfig(const ServerCredentials &credentials, DockerContainer container, diff --git a/client/configurators/v2ray_configurator.h b/client/configurators/v2ray_configurator.h index 5d952525..540663f1 100644 --- a/client/configurators/v2ray_configurator.h +++ b/client/configurators/v2ray_configurator.h @@ -11,7 +11,8 @@ class V2RayConfigurator : ConfiguratorBase { public: V2RayConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); QString genV2RayConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); diff --git a/client/configurators/vpn_configurator.cpp b/client/configurators/vpn_configurator.cpp index 9421bde6..37857263 100644 --- a/client/configurators/vpn_configurator.cpp +++ b/client/configurators/vpn_configurator.cpp @@ -16,8 +16,8 @@ #include "settings.h" VpnConfigurator::VpnConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { openVpnConfigurator = std::shared_ptr(new OpenVpnConfigurator(settings, serverController, this)); shadowSocksConfigurator = std::shared_ptr(new ShadowSocksConfigurator(settings, serverController, this)); @@ -28,28 +28,22 @@ VpnConfigurator::VpnConfigurator(std::shared_ptr settings, v2RayConfigurator = std::shared_ptr(new V2RayConfigurator(settings, serverController, this)); } -QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode) +QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode) { switch (proto) { case Proto::OpenVpn: return openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, errorCode); - case Proto::ShadowSocks: return shadowSocksConfigurator->genShadowSocksConfig(credentials, container, containerConfig, errorCode); - case Proto::Cloak: return cloakConfigurator->genCloakConfig(credentials, container, containerConfig, errorCode); - case Proto::WireGuard: return wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig, errorCode); - case Proto::Ikev2: return ikev2Configurator->genIkev2Config(credentials, container, containerConfig, errorCode); - case Proto::V2Ray: return v2RayConfigurator->genV2RayConfig(credentials, container, containerConfig, errorCode); - default: return ""; } @@ -68,8 +62,7 @@ QPair VpnConfigurator::getDnsForConfig(int serverIndex) if (dns.first.isEmpty() || !Utils::checkIPv4Format(dns.first)) { if (useAmneziaDns && m_settings->containers(serverIndex).contains(DockerContainer::Dns)) { dns.first = protocols::dns::amneziaDnsIp; - } - else dns.first = m_settings->primaryDns(); + } else dns.first = m_settings->primaryDns(); } if (dns.second.isEmpty() || !Utils::checkIPv4Format(dns.second)) { dns.second = m_settings->secondaryDns(); @@ -79,8 +72,7 @@ QPair VpnConfigurator::getDnsForConfig(int serverIndex) return dns; } -QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerContainer container, - Proto proto, QString &config) +QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerContainer container, Proto proto, QString &config) { auto dns = getDnsForConfig(serverIndex); @@ -90,8 +82,7 @@ QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerCo return config; } -QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, DockerContainer container, - Proto proto, QString &config) +QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, DockerContainer container, Proto proto, QString &config) { processConfigWithDnsSettings(serverIndex, container, proto, config); @@ -101,8 +92,7 @@ QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, Docker return config; } -QString &VpnConfigurator::processConfigWithExportSettings(int serverIndex, DockerContainer container, - Proto proto, QString &config) +QString &VpnConfigurator::processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config) { processConfigWithDnsSettings(serverIndex, container, proto, config); @@ -113,7 +103,7 @@ QString &VpnConfigurator::processConfigWithExportSettings(int serverIndex, Docke } void VpnConfigurator::updateContainerConfigAfterInstallation(DockerContainer container, QJsonObject &containerConfig, - const QString &stdOut) + const QString &stdOut) { Proto mainProto = ContainerProps::defaultProtocol(container); diff --git a/client/configurators/vpn_configurator.h b/client/configurators/vpn_configurator.h index 76df407c..e45060f7 100644 --- a/client/configurators/vpn_configurator.h +++ b/client/configurators/vpn_configurator.h @@ -21,10 +21,11 @@ class VpnConfigurator : ConfiguratorBase Q_OBJECT public: VpnConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); QString genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode = nullptr); QPair getDnsForConfig(int serverIndex); QString &processConfigWithDnsSettings(int serverIndex, DockerContainer container, Proto proto, QString &config); @@ -33,8 +34,7 @@ public: QString &processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config); // workaround for containers which is not support normal configaration - void updateContainerConfigAfterInstallation(DockerContainer container, - QJsonObject &containerConfig, const QString &stdOut); + void updateContainerConfigAfterInstallation(DockerContainer container, QJsonObject &containerConfig, const QString &stdOut); std::shared_ptr m_serverController; diff --git a/client/configurators/wireguard_configurator.cpp b/client/configurators/wireguard_configurator.cpp index 532d89f6..9a721598 100644 --- a/client/configurators/wireguard_configurator.cpp +++ b/client/configurators/wireguard_configurator.cpp @@ -7,13 +7,11 @@ #include #include - #include #include #include #include - #include "containers/containers_defs.h" #include "core/server_defs.h" #include "core/scripts_registry.h" @@ -21,10 +19,10 @@ #include "core/servercontroller.h" #include "settings.h" -WireguardConfigurator::WireguardConfigurator(std::shared_ptr settings, std::shared_ptr serverController, QObject *parent): - ConfiguratorBase(settings, serverController, parent) +WireguardConfigurator::WireguardConfigurator(std::shared_ptr settings, + std::shared_ptr serverController, + QObject *parent): ConfiguratorBase(settings, serverController, parent) { - } WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys() @@ -59,7 +57,9 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys() } WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) + DockerContainer container, + const QJsonObject &containerConfig, + ErrorCode *errorCode) { WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys(); connData.host = credentials.hostName; @@ -93,8 +93,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon // Calc next IP address if (ips.isEmpty()) { nextIpNumber = "2"; - } - else { + } else { int next = ips.last().split(".").last().toInt() + 1; if (next > 254) { if (errorCode) *errorCode = ErrorCode::AddressPoolError; @@ -118,14 +117,16 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon } // Get keys - connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::wireguard::serverPublicKeyPath, &e); + connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, + amnezia::protocols::wireguard::serverPublicKeyPath, &e); connData.serverPubKey.replace("\n", ""); if (e) { if (errorCode) *errorCode = e; return connData; } - connData.pskKey = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::wireguard::serverPskKeyPath, &e); + connData.pskKey = m_serverController->getTextFileFromContainer(container, credentials, + amnezia::protocols::wireguard::serverPskKeyPath, &e); connData.pskKey.replace("\n", ""); if (e) { @@ -134,35 +135,32 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon } // Add client to config - QString configPart = QString( - "[Peer]\n" - "PublicKey = %1\n" - "PresharedKey = %2\n" - "AllowedIPs = %3/32\n\n"). - arg(connData.clientPubKey). - arg(connData.pskKey). - arg(connData.clientIP); + QString configPart = QString("[Peer]\n" + "PublicKey = %1\n" + "PresharedKey = %2\n" + "AllowedIPs = %3/32\n\n").arg(connData.clientPubKey, connData.pskKey, connData.clientIP); e = m_serverController->uploadTextFileToContainer(container, credentials, configPart, - protocols::wireguard::serverConfigPath, QSsh::SftpOverwriteMode::SftpAppendToExisting); + protocols::wireguard::serverConfigPath, + QSsh::SftpOverwriteMode::SftpAppendToExisting); if (e) { if (errorCode) *errorCode = e; return connData; } + QString script = "sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip /opt/amnezia/wireguard/wg0.conf)'"; e = m_serverController->runScript(credentials, - m_serverController->replaceVars("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip /opt/amnezia/wireguard/wg0.conf)'", - m_serverController->genVarsForScript(credentials, container))); + m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container))); return connData; } -QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) +QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode) { QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::wireguard_template, container), - m_serverController->genVarsForScript(credentials, container, containerConfig)); + m_serverController->genVarsForScript(credentials, container, containerConfig)); ConnectionData connData = prepareWireguardConfig(credentials, container, containerConfig, errorCode); if (errorCode && *errorCode) { diff --git a/client/configurators/wireguard_configurator.h b/client/configurators/wireguard_configurator.h index 76790d74..917fe7c0 100644 --- a/client/configurators/wireguard_configurator.h +++ b/client/configurators/wireguard_configurator.h @@ -12,7 +12,8 @@ class WireguardConfigurator : ConfiguratorBase Q_OBJECT public: WireguardConfigurator(std::shared_ptr settings, - std::shared_ptr serverController, QObject *parent = nullptr); + std::shared_ptr serverController, + QObject *parent = nullptr); struct ConnectionData { QString clientPrivKey; // client private key @@ -24,15 +25,14 @@ public: }; QString genWireguardConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); QString processConfigWithLocalSettings(QString config); QString processConfigWithExportSettings(QString config); - private: - ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, - DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); + ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); ConnectionData genClientKeys(); }; diff --git a/client/core/scripts_registry.cpp b/client/core/scripts_registry.cpp index 3d902f27..8fa70c9a 100644 --- a/client/core/scripts_registry.cpp +++ b/client/core/scripts_registry.cpp @@ -46,6 +46,7 @@ QString amnezia::scriptName(ProtocolScriptType type) case ProtocolScriptType::openvpn_template: return QLatin1String("template.ovpn"); case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf"); case ProtocolScriptType::v2ray_client_template: return QLatin1String("template_v2ray_client.json"); + case ProtocolScriptType::shadowsocks_client_template: return QLatin1String("template_ss_client.json"); } } diff --git a/client/core/scripts_registry.h b/client/core/scripts_registry.h index 269bc90d..9887d5c4 100644 --- a/client/core/scripts_registry.h +++ b/client/core/scripts_registry.h @@ -26,7 +26,8 @@ enum ProtocolScriptType { container_startup, openvpn_template, wireguard_template, - v2ray_client_template + v2ray_client_template, + shadowsocks_client_template }; diff --git a/client/protocols/shadowsocksvpnprotocol.cpp b/client/protocols/shadowsocksvpnprotocol.cpp index dafb8191..fdf7a14f 100644 --- a/client/protocols/shadowsocksvpnprotocol.cpp +++ b/client/protocols/shadowsocksvpnprotocol.cpp @@ -114,17 +114,5 @@ QString ShadowSocksVpnProtocol::shadowSocksExecPath() void ShadowSocksVpnProtocol::readShadowSocksConfiguration(const QJsonObject &configuration) { - QJsonObject shadowSocksConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::ShadowSocks)).toObject(); - bool isLocalPortConvertOk = false; - bool isServerPortConvertOk = false; - int localPort = shadowSocksConfig.value("local_port").toString().toInt(&isLocalPortConvertOk); - int serverPort = shadowSocksConfig.value("server_port").toString().toInt(&isServerPortConvertOk); - if (!isLocalPortConvertOk) { - qDebug() << "Error when converting local_port field in ShadowSocks config"; - } else if (!isServerPortConvertOk) { - qDebug() << "Error when converting server_port field in ShadowSocks config"; - } - shadowSocksConfig["local_port"] = localPort; - shadowSocksConfig["server_port"] = serverPort; - m_shadowSocksConfig = shadowSocksConfig; + m_shadowSocksConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::ShadowSocks)).toObject(); } diff --git a/client/resources.qrc b/client/resources.qrc index c4e1431f..439ecafe 100644 --- a/client/resources.qrc +++ b/client/resources.qrc @@ -171,5 +171,6 @@ server_scripts/openvpn_v2ray_vmess/start.sh server_scripts/openvpn_v2ray_vmess/template.ovpn server_scripts/openvpn_v2ray_vmess/template_v2ray_client.json + server_scripts/openvpn_shadowsocks/template_ss_client.json diff --git a/client/server_scripts/openvpn_shadowsocks/template_ss_client.json b/client/server_scripts/openvpn_shadowsocks/template_ss_client.json new file mode 100644 index 00000000..3119af8b --- /dev/null +++ b/client/server_scripts/openvpn_shadowsocks/template_ss_client.json @@ -0,0 +1,8 @@ +{ + "local_port": $SHADOWSOCKS_LOCAL_PORT, + "method": "$SHADOWSOCKS_CIPHER", + "password": "$SHADOWSOCKS_PASSWORD", + "server": "$REMOTE_HOST", + "server_port": $SHADOWSOCKS_SERVER_PORT, + "timeout": 60 +}