AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

changed the way shadowsocks client config was created

Browse source 
- some code style refactoring
This commit is contained in:
vladimir.kuznetsov 2023-02-14 19:40:04 +03:00
parent 36fae9152f
commit c23c8e8462
23 changed files with 146 additions and 170 deletions
Download patch file Download diff file Expand all files Collapse all files

4
client/configurators/cloak_configurator.cpp
View file

@ -7,10 +7,10 @@
#include "core/servercontroller.h" #include "core/servercontroller.h"
#include "containers/containers_defs.h" #include "containers/containers_defs.h"
CloakConfigurator::CloakConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, CloakConfigurator::CloakConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent) QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials, DockerContainer container, QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials, DockerContainer container,

3
client/configurators/cloak_configurator.h
View file

@ -12,7 +12,8 @@ class CloakConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
CloakConfigurator(std::shared_ptr<Settings> settings, CloakConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
QString genCloakConfig(const ServerCredentials &credentials, DockerContainer container, QString genCloakConfig(const ServerCredentials &credentials, DockerContainer container,
const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);

7
client/configurators/configurator_base.cpp
View file

@ -1,10 +1,7 @@
#include "configurator_base.h" #include "configurator_base.h"
ConfiguratorBase::ConfiguratorBase(std::shared_ptr<Settings> settings, ConfiguratorBase::ConfiguratorBase(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent) std::shared_ptr<ServerController> serverController,
: QObject{parent}, QObject *parent): QObject{parent}, m_settings(settings), m_serverController(serverController)
m_settings(settings),
m_serverController(serverController)
{ {
} }

4
client/configurators/configurator_base.h
View file

@ -14,12 +14,12 @@ class ConfiguratorBase : public QObject
Q_OBJECT Q_OBJECT
public: public:
explicit ConfiguratorBase(std::shared_ptr<Settings> settings, explicit ConfiguratorBase(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
protected: protected:
std::shared_ptr<Settings> m_settings; std::shared_ptr<Settings> m_settings;
std::shared_ptr<ServerController> m_serverController; std::shared_ptr<ServerController> m_serverController;
}; };
#endif // CONFIGURATORBASE_H #endif // CONFIGURATORBASE_H

18
client/configurators/ikev2_configurator.cpp
View file

@ -1,4 +1,5 @@
#include "ikev2_configurator.h" #include "ikev2_configurator.h"
#include <QApplication> #include <QApplication>
#include <QProcess> #include <QProcess>
#include <QString> #include <QString>
@ -15,10 +16,10 @@
#include "core/servercontroller.h" #include "core/servercontroller.h"
Ikev2Configurator::Ikev2Configurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, QObject *parent): Ikev2Configurator::Ikev2Configurator(std::shared_ptr<Settings> settings,
ConfiguratorBase(settings, serverController, parent) std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials, Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const ServerCredentials &credentials,
@ -38,15 +39,12 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se
"-k rsa -g 3072 -v 120 "\ "-k rsa -g 3072 -v 120 "\
"-d sql:/etc/ipsec.d -t \",,\" "\ "-d sql:/etc/ipsec.d -t \",,\" "\
"--keyUsage digitalSignature,keyEncipherment "\ "--keyUsage digitalSignature,keyEncipherment "\
"--extKeyUsage serverAuth,clientAuth -8 \"%1\"") "--extKeyUsage serverAuth,clientAuth -8 \"%1\"").arg(connData.clientId);
.arg(connData.clientId);
ErrorCode e = m_serverController->runContainerScript(credentials, container, scriptCreateCert); ErrorCode e = m_serverController->runContainerScript(credentials, container, scriptCreateCert);
QString scriptExportCert = QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"") QString scriptExportCert = QString("pk12util -W \"%1\" -d sql:/etc/ipsec.d -n \"%2\" -o \"%3\"")
.arg(connData.password) .arg(connData.password, connData.clientId, certFileName);
.arg(connData.clientId)
.arg(certFileName);
e = m_serverController->runContainerScript(credentials, container, scriptExportCert); e = m_serverController->runContainerScript(credentials, container, scriptExportCert);
connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, certFileName, &e); connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, certFileName, &e);
@ -58,8 +56,8 @@ Ikev2Configurator::ConnectionData Ikev2Configurator::prepareIkev2Config(const Se
return connData; return connData;
} }
QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) const QJsonObject &containerConfig, ErrorCode *errorCode)
{ {
Q_UNUSED(containerConfig) Q_UNUSED(containerConfig)

7
client/configurators/ikev2_configurator.h
View file

@ -12,7 +12,8 @@ class Ikev2Configurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
Ikev2Configurator(std::shared_ptr<Settings> settings, Ikev2Configurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
struct ConnectionData { struct ConnectionData {
QByteArray clientCert; // p12 client cert QByteArray clientCert; // p12 client cert
@ -29,8 +30,8 @@ public:
QString genMobileConfig(const ConnectionData &connData); QString genMobileConfig(const ConnectionData &connData);
QString genStrongSwanConfig(const ConnectionData &connData); QString genStrongSwanConfig(const ConnectionData &connData);
ConnectionData prepareIkev2Config(const ServerCredentials &credentials, ConnectionData prepareIkev2Config(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, ErrorCode *errorCode = nullptr); ErrorCode *errorCode = nullptr);
}; };
#endif // IKEV2_CONFIGURATOR_H #endif // IKEV2_CONFIGURATOR_H

45
client/configurators/openvpn_configurator.cpp
View file

@ -1,4 +1,5 @@
#include "openvpn_configurator.h" #include "openvpn_configurator.h"
#include <QApplication> #include <QApplication>
#include <QProcess> #include <QProcess>
#include <QString> #include <QString>
@ -19,10 +20,10 @@
#include <openssl/x509.h> #include <openssl/x509.h>
#include <openssl/pem.h> #include <openssl/pem.h>
OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, QObject *parent): OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr<Settings> settings,
ConfiguratorBase(settings, serverController, parent) std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(const ServerCredentials &credentials, OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(const ServerCredentials &credentials,
@ -36,9 +37,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
return connData; return connData;
} }
QString reqFileName = QString("%1/%2.req"). QString reqFileName = QString("%1/%2.req").arg(amnezia::protocols::openvpn::clientsDirPath, connData.clientId);
arg(amnezia::protocols::openvpn::clientsDirPath).
arg(connData.clientId);
ErrorCode e = m_serverController->uploadTextFileToContainer(container, credentials, connData.request, reqFileName); ErrorCode e = m_serverController->uploadTextFileToContainer(container, credentials, connData.request, reqFileName);
if (e) { if (e) {
@ -52,9 +51,11 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
return connData; return connData;
} }
connData.caCert = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::openvpn::caCertPath, &e); connData.caCert = m_serverController->getTextFileFromContainer(container, credentials,
amnezia::protocols::openvpn::caCertPath, &e);
connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials, connData.clientCert = m_serverController->getTextFileFromContainer(container, credentials,
QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath).arg(connData.clientId), &e); QString("%1/%2.crt").arg(amnezia::protocols::openvpn::clientCertPath, connData.clientId),
&e);
if (e) { if (e) {
if (errorCode) *errorCode = e; if (errorCode) *errorCode = e;
@ -70,8 +71,8 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
return connData; return connData;
} }
QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentials, QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) const QJsonObject &containerConfig, ErrorCode *errorCode)
{ {
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::openvpn_template, container), QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::openvpn_template, container),
m_serverController->genVarsForScript(credentials, container, containerConfig)); m_serverController->genVarsForScript(credentials, container, containerConfig));
@ -87,8 +88,7 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia
if (config.contains("$OPENVPN_TA_KEY")) { if (config.contains("$OPENVPN_TA_KEY")) {
config.replace("$OPENVPN_TA_KEY", connData.taKey); config.replace("$OPENVPN_TA_KEY", connData.taKey);
} } else {
else {
config.replace("<tls-auth>", ""); config.replace("<tls-auth>", "");
config.replace("</tls-auth>", ""); config.replace("</tls-auth>", "");
} }
@ -110,8 +110,7 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig)
if (m_settings->routeMode() != Settings::VpnAllSites) { if (m_settings->routeMode() != Settings::VpnAllSites) {
config.replace("redirect-gateway def1 bypass-dhcp", ""); config.replace("redirect-gateway def1 bypass-dhcp", "");
} } else {
else {
if(!config.contains("redirect-gateway def1 bypass-dhcp")) { if(!config.contains("redirect-gateway def1 bypass-dhcp")) {
config.append("redirect-gateway def1 bypass-dhcp\n"); config.append("redirect-gateway def1 bypass-dhcp\n");
} }
@ -149,22 +148,21 @@ QString OpenVpnConfigurator::processConfigWithExportSettings(QString jsonConfig)
return QJsonDocument(json).toJson(); return QJsonDocument(json).toJson();
} }
ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, ErrorCode OpenVpnConfigurator::signCert(DockerContainer container, const ServerCredentials &credentials, QString clientId)
const ServerCredentials &credentials, QString clientId)
{ {
QString script_import = QString("sudo docker exec -i %1 bash -c \"cd /opt/amnezia/openvpn && " QString script_import = QString("sudo docker exec -i %1 bash -c \"cd /opt/amnezia/openvpn && "
"easyrsa import-req %2/%3.req %3\"") "easyrsa import-req %2/%3.req %3\"")
.arg(ContainerProps::containerToString(container)) .arg(ContainerProps::containerToString(container),
.arg(amnezia::protocols::openvpn::clientsDirPath) amnezia::protocols::openvpn::clientsDirPath,
.arg(clientId); clientId);
QString script_sign = QString("sudo docker exec -i %1 bash -c \"export EASYRSA_BATCH=1; cd /opt/amnezia/openvpn && " QString script_sign = QString("sudo docker exec -i %1 bash -c \"export EASYRSA_BATCH=1; cd /opt/amnezia/openvpn && "
"easyrsa sign-req client %2\"") "easyrsa sign-req client %2\"")
.arg(ContainerProps::containerToString(container)) .arg(ContainerProps::containerToString(container), clientId);
.arg(clientId);
QStringList scriptList {script_import, script_sign}; QStringList scriptList {script_import, script_sign};
QString script = m_serverController->replaceVars(scriptList.join("\n"), m_serverController->genVarsForScript(credentials, container)); QString script = m_serverController->replaceVars(scriptList.join("\n"),
m_serverController->genVarsForScript(credentials, container));
return m_serverController->runScript(credentials, script); return m_serverController->runScript(credentials, script);
} }
@ -227,8 +225,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::createCertRequest()
// save private key // save private key
BIO * bp_private = BIO_new(BIO_s_mem()); BIO * bp_private = BIO_new(BIO_s_mem());
q_check_ptr(bp_private); q_check_ptr(bp_private);
if (PEM_write_bio_PrivateKey(bp_private, pKey, nullptr, nullptr, 0, nullptr, nullptr) != 1) if (PEM_write_bio_PrivateKey(bp_private, pKey, nullptr, nullptr, 0, nullptr, nullptr) != 1) {
{
qFatal("PEM_write_bio_PrivateKey"); qFatal("PEM_write_bio_PrivateKey");
EVP_PKEY_free(pKey); EVP_PKEY_free(pKey);
BIO_free_all(bp_private); BIO_free_all(bp_private);

11
client/configurators/openvpn_configurator.h
View file

@ -12,7 +12,8 @@ class OpenVpnConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
OpenVpnConfigurator(std::shared_ptr<Settings> settings, OpenVpnConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
struct ConnectionData { struct ConnectionData {
QString clientId; QString clientId;
@ -30,15 +31,13 @@ public:
QString processConfigWithLocalSettings(QString jsonConfig); QString processConfigWithLocalSettings(QString jsonConfig);
QString processConfigWithExportSettings(QString jsonConfig); QString processConfigWithExportSettings(QString jsonConfig);
ErrorCode signCert(DockerContainer container, ErrorCode signCert(DockerContainer container, const ServerCredentials &credentials, QString clientId);
const ServerCredentials &credentials, QString clientId);
private: private:
ConnectionData createCertRequest(); ConnectionData createCertRequest();
ConnectionData prepareOpenVpnConfig(const ServerCredentials &credentials, ConnectionData prepareOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, ErrorCode *errorCode = nullptr); ErrorCode *errorCode = nullptr);
}; };
#endif // OPENVPN_CONFIGURATOR_H #endif // OPENVPN_CONFIGURATOR_H

27
client/configurators/shadowsocks_configurator.cpp
View file

@ -5,16 +5,17 @@
#include <QJsonDocument> #include <QJsonDocument>
#include "containers/containers_defs.h" #include "containers/containers_defs.h"
#include "core/scripts_registry.h"
#include "core/servercontroller.h" #include "core/servercontroller.h"
ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, QObject *parent): ShadowSocksConfigurator::ShadowSocksConfigurator(std::shared_ptr<Settings> settings,
ConfiguratorBase(settings, serverController, parent) std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &credentials, QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) const QJsonObject &containerConfig, ErrorCode *errorCode)
{ {
ErrorCode e = ErrorCode::NoError; ErrorCode e = ErrorCode::NoError;
@ -27,18 +28,12 @@ QString ShadowSocksConfigurator::genShadowSocksConfig(const ServerCredentials &c
return ""; return "";
} }
QJsonObject config; QString ssClientConfig = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::shadowsocks_client_template, container),
config.insert("server", credentials.hostName);
config.insert("server_port", "$SHADOWSOCKS_SERVER_PORT");
config.insert("local_port", "$SHADOWSOCKS_LOCAL_PORT");
config.insert("password", ssKey);
config.insert("timeout", 60);
config.insert("method", "$SHADOWSOCKS_CIPHER");
QString textCfg = m_serverController->replaceVars(QJsonDocument(config).toJson(),
m_serverController->genVarsForScript(credentials, container, containerConfig)); m_serverController->genVarsForScript(credentials, container, containerConfig));
ssClientConfig.replace("$SHADOWSOCKS_PASSWORD", ssKey);
ssClientConfig = m_serverController->replaceVars(ssClientConfig, m_serverController->genVarsForScript(credentials, container, containerConfig));
//qDebug().noquote() << textCfg; //qDebug().noquote() << textCfg;
return textCfg; return ssClientConfig;
} }

3
client/configurators/shadowsocks_configurator.h
View file

@ -11,7 +11,8 @@ class ShadowSocksConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
ShadowSocksConfigurator(std::shared_ptr<Settings> settings, ShadowSocksConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
QString genShadowSocksConfig(const ServerCredentials &credentials, DockerContainer container, QString genShadowSocksConfig(const ServerCredentials &credentials, DockerContainer container,
const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);

13
client/configurators/ssh_configurator.cpp
View file

@ -1,4 +1,5 @@
#include "ssh_configurator.h" #include "ssh_configurator.h"
#include <QApplication> #include <QApplication>
#include <QProcess> #include <QProcess>
#include <QString> #include <QString>
@ -18,10 +19,10 @@
using namespace QSsh; using namespace QSsh;
SshConfigurator::SshConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, QObject *parent): SshConfigurator::SshConfigurator(std::shared_ptr<Settings> settings,
ConfiguratorBase(settings, serverController, parent) std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
QString SshConfigurator::convertOpenSShKey(const QString &key) QString SshConfigurator::convertOpenSShKey(const QString &key)
@ -76,10 +77,8 @@ void SshConfigurator::openSshTerminal(const ServerCredentials &credentials)
// todo: connect by key // todo: connect by key
// p->setNativeArguments(QString("%1@%2") // p->setNativeArguments(QString("%1@%2")
// .arg(credentials.userName).arg(credentials.hostName).arg(credentials.password)); // .arg(credentials.userName).arg(credentials.hostName).arg(credentials.password));
} } else {
else { p->setNativeArguments(QString("%1@%2 -pw %3").arg(credentials.userName).arg(credentials.hostName, credentials.password));
p->setNativeArguments(QString("%1@%2 -pw %3")
.arg(credentials.userName).arg(credentials.hostName).arg(credentials.password));
} }
#else #else
p->setProgram("/bin/bash"); p->setProgram("/bin/bash");

4
client/configurators/ssh_configurator.h
View file

@ -12,12 +12,12 @@ class SshConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
SshConfigurator(std::shared_ptr<Settings> settings, SshConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
QProcessEnvironment prepareEnv(); QProcessEnvironment prepareEnv();
QString convertOpenSShKey(const QString &key); QString convertOpenSShKey(const QString &key);
void openSshTerminal(const ServerCredentials &credentials); void openSshTerminal(const ServerCredentials &credentials);
}; };
#endif // SSH_CONFIGURATOR_H #endif // SSH_CONFIGURATOR_H

4
client/configurators/v2ray_configurator.cpp
View file

@ -10,10 +10,10 @@
#include "core/scripts_registry.h" #include "core/scripts_registry.h"
#include "containers/containers_defs.h" #include "containers/containers_defs.h"
V2RayConfigurator::V2RayConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, V2RayConfigurator::V2RayConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController,
QObject *parent) : ConfiguratorBase(settings, serverController, parent) QObject *parent) : ConfiguratorBase(settings, serverController, parent)
{ {
} }
QString V2RayConfigurator::genV2RayConfig(const ServerCredentials &credentials, DockerContainer container, QString V2RayConfigurator::genV2RayConfig(const ServerCredentials &credentials, DockerContainer container,

3
client/configurators/v2ray_configurator.h
View file

@ -11,7 +11,8 @@ class V2RayConfigurator : ConfiguratorBase
{ {
public: public:
V2RayConfigurator(std::shared_ptr<Settings> settings, V2RayConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
QString genV2RayConfig(const ServerCredentials &credentials, DockerContainer container, QString genV2RayConfig(const ServerCredentials &credentials, DockerContainer container,
const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);

26
client/configurators/vpn_configurator.cpp
View file

@ -16,8 +16,8 @@
#include "settings.h" #include "settings.h"
VpnConfigurator::VpnConfigurator(std::shared_ptr<Settings> settings, VpnConfigurator::VpnConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent): std::shared_ptr<ServerController> serverController,
ConfiguratorBase(settings, serverController, parent) QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
openVpnConfigurator = std::shared_ptr<OpenVpnConfigurator>(new OpenVpnConfigurator(settings, serverController, this)); openVpnConfigurator = std::shared_ptr<OpenVpnConfigurator>(new OpenVpnConfigurator(settings, serverController, this));
shadowSocksConfigurator = std::shared_ptr<ShadowSocksConfigurator>(new ShadowSocksConfigurator(settings, serverController, this)); shadowSocksConfigurator = std::shared_ptr<ShadowSocksConfigurator>(new ShadowSocksConfigurator(settings, serverController, this));
@ -28,28 +28,22 @@ VpnConfigurator::VpnConfigurator(std::shared_ptr<Settings> settings,
v2RayConfigurator = std::shared_ptr<V2RayConfigurator>(new V2RayConfigurator(settings, serverController, this)); v2RayConfigurator = std::shared_ptr<V2RayConfigurator>(new V2RayConfigurator(settings, serverController, this));
} }
QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode) const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode)
{ {
switch (proto) { switch (proto) {
case Proto::OpenVpn: case Proto::OpenVpn:
return openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, errorCode); return openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, errorCode);
case Proto::ShadowSocks: case Proto::ShadowSocks:
return shadowSocksConfigurator->genShadowSocksConfig(credentials, container, containerConfig, errorCode); return shadowSocksConfigurator->genShadowSocksConfig(credentials, container, containerConfig, errorCode);
case Proto::Cloak: case Proto::Cloak:
return cloakConfigurator->genCloakConfig(credentials, container, containerConfig, errorCode); return cloakConfigurator->genCloakConfig(credentials, container, containerConfig, errorCode);
case Proto::WireGuard: case Proto::WireGuard:
return wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig, errorCode); return wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig, errorCode);
case Proto::Ikev2: case Proto::Ikev2:
return ikev2Configurator->genIkev2Config(credentials, container, containerConfig, errorCode); return ikev2Configurator->genIkev2Config(credentials, container, containerConfig, errorCode);
case Proto::V2Ray: case Proto::V2Ray:
return v2RayConfigurator->genV2RayConfig(credentials, container, containerConfig, errorCode); return v2RayConfigurator->genV2RayConfig(credentials, container, containerConfig, errorCode);
default: default:
return ""; return "";
} }
@ -68,8 +62,7 @@ QPair<QString, QString> VpnConfigurator::getDnsForConfig(int serverIndex)
if (dns.first.isEmpty() || !Utils::checkIPv4Format(dns.first)) { if (dns.first.isEmpty() || !Utils::checkIPv4Format(dns.first)) {
if (useAmneziaDns && m_settings->containers(serverIndex).contains(DockerContainer::Dns)) { if (useAmneziaDns && m_settings->containers(serverIndex).contains(DockerContainer::Dns)) {
dns.first = protocols::dns::amneziaDnsIp; dns.first = protocols::dns::amneziaDnsIp;
} } else dns.first = m_settings->primaryDns();
else dns.first = m_settings->primaryDns();
} }
if (dns.second.isEmpty() || !Utils::checkIPv4Format(dns.second)) { if (dns.second.isEmpty() || !Utils::checkIPv4Format(dns.second)) {
dns.second = m_settings->secondaryDns(); dns.second = m_settings->secondaryDns();
@ -79,8 +72,7 @@ QPair<QString, QString> VpnConfigurator::getDnsForConfig(int serverIndex)
return dns; return dns;
} }
QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerContainer container, QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerContainer container, Proto proto, QString &config)
Proto proto, QString &config)
{ {
auto dns = getDnsForConfig(serverIndex); auto dns = getDnsForConfig(serverIndex);
@ -90,8 +82,7 @@ QString &VpnConfigurator::processConfigWithDnsSettings(int serverIndex, DockerCo
return config; return config;
} }
QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, DockerContainer container, QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, DockerContainer container, Proto proto, QString &config)
Proto proto, QString &config)
{ {
processConfigWithDnsSettings(serverIndex, container, proto, config); processConfigWithDnsSettings(serverIndex, container, proto, config);
@ -101,8 +92,7 @@ QString &VpnConfigurator::processConfigWithLocalSettings(int serverIndex, Docker
return config; return config;
} }
QString &VpnConfigurator::processConfigWithExportSettings(int serverIndex, DockerContainer container, QString &VpnConfigurator::processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config)
Proto proto, QString &config)
{ {
processConfigWithDnsSettings(serverIndex, container, proto, config); processConfigWithDnsSettings(serverIndex, container, proto, config);

6
client/configurators/vpn_configurator.h
View file

@ -21,7 +21,8 @@ class VpnConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
VpnConfigurator(std::shared_ptr<Settings> settings, VpnConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
QString genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container, QString genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container,
const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode = nullptr); const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode = nullptr);
@ -33,8 +34,7 @@ public:
QString &processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config); QString &processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config);
// workaround for containers which is not support normal configaration // workaround for containers which is not support normal configaration
void updateContainerConfigAfterInstallation(DockerContainer container, void updateContainerConfigAfterInstallation(DockerContainer container, QJsonObject &containerConfig, const QString &stdOut);
QJsonObject &containerConfig, const QString &stdOut);
std::shared_ptr<ServerController> m_serverController; std::shared_ptr<ServerController> m_serverController;

40
client/configurators/wireguard_configurator.cpp
View file

@ -7,13 +7,11 @@
#include <QTemporaryFile> #include <QTemporaryFile>
#include <QJsonDocument> #include <QJsonDocument>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/x509.h> #include <openssl/x509.h>
#include <openssl/pem.h> #include <openssl/pem.h>
#include "containers/containers_defs.h" #include "containers/containers_defs.h"
#include "core/server_defs.h" #include "core/server_defs.h"
#include "core/scripts_registry.h" #include "core/scripts_registry.h"
@ -21,10 +19,10 @@
#include "core/servercontroller.h" #include "core/servercontroller.h"
#include "settings.h" #include "settings.h"
WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings, std::shared_ptr<ServerController> serverController, QObject *parent): WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings,
ConfiguratorBase(settings, serverController, parent) std::shared_ptr<ServerController> serverController,
QObject *parent): ConfiguratorBase(settings, serverController, parent)
{ {
} }
WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys() WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
@ -59,7 +57,9 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
} }
WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials, WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) DockerContainer container,
const QJsonObject &containerConfig,
ErrorCode *errorCode)
{ {
WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys(); WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys();
connData.host = credentials.hostName; connData.host = credentials.hostName;
@ -93,8 +93,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
// Calc next IP address // Calc next IP address
if (ips.isEmpty()) { if (ips.isEmpty()) {
nextIpNumber = "2"; nextIpNumber = "2";
} } else {
else {
int next = ips.last().split(".").last().toInt() + 1; int next = ips.last().split(".").last().toInt() + 1;
if (next > 254) { if (next > 254) {
if (errorCode) *errorCode = ErrorCode::AddressPoolError; if (errorCode) *errorCode = ErrorCode::AddressPoolError;
@ -118,14 +117,16 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
} }
// Get keys // Get keys
connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::wireguard::serverPublicKeyPath, &e); connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials,
amnezia::protocols::wireguard::serverPublicKeyPath, &e);
connData.serverPubKey.replace("\n", ""); connData.serverPubKey.replace("\n", "");
if (e) { if (e) {
if (errorCode) *errorCode = e; if (errorCode) *errorCode = e;
return connData; return connData;
} }
connData.pskKey = m_serverController->getTextFileFromContainer(container, credentials, amnezia::protocols::wireguard::serverPskKeyPath, &e); connData.pskKey = m_serverController->getTextFileFromContainer(container, credentials,
amnezia::protocols::wireguard::serverPskKeyPath, &e);
connData.pskKey.replace("\n", ""); connData.pskKey.replace("\n", "");
if (e) { if (e) {
@ -134,32 +135,29 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
} }
// Add client to config // Add client to config
QString configPart = QString( QString configPart = QString("[Peer]\n"
"[Peer]\n"
"PublicKey = %1\n" "PublicKey = %1\n"
"PresharedKey = %2\n" "PresharedKey = %2\n"
"AllowedIPs = %3/32\n\n"). "AllowedIPs = %3/32\n\n").arg(connData.clientPubKey, connData.pskKey, connData.clientIP);
arg(connData.clientPubKey).
arg(connData.pskKey).
arg(connData.clientIP);
e = m_serverController->uploadTextFileToContainer(container, credentials, configPart, e = m_serverController->uploadTextFileToContainer(container, credentials, configPart,
protocols::wireguard::serverConfigPath, QSsh::SftpOverwriteMode::SftpAppendToExisting); protocols::wireguard::serverConfigPath,
QSsh::SftpOverwriteMode::SftpAppendToExisting);
if (e) { if (e) {
if (errorCode) *errorCode = e; if (errorCode) *errorCode = e;
return connData; return connData;
} }
QString script = "sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip /opt/amnezia/wireguard/wg0.conf)'";
e = m_serverController->runScript(credentials, e = m_serverController->runScript(credentials,
m_serverController->replaceVars("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip /opt/amnezia/wireguard/wg0.conf)'", m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container)));
m_serverController->genVarsForScript(credentials, container)));
return connData; return connData;
} }
QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode) const QJsonObject &containerConfig, ErrorCode *errorCode)
{ {
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::wireguard_template, container), QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::wireguard_template, container),
m_serverController->genVarsForScript(credentials, container, containerConfig)); m_serverController->genVarsForScript(credentials, container, containerConfig));

8
client/configurators/wireguard_configurator.h
View file

@ -12,7 +12,8 @@ class WireguardConfigurator : ConfiguratorBase
Q_OBJECT Q_OBJECT
public: public:
WireguardConfigurator(std::shared_ptr<Settings> settings, WireguardConfigurator(std::shared_ptr<Settings> settings,
std::shared_ptr<ServerController> serverController, QObject *parent = nullptr); std::shared_ptr<ServerController> serverController,
QObject *parent = nullptr);
struct ConnectionData { struct ConnectionData {
QString clientPrivKey; // client private key QString clientPrivKey; // client private key
@ -29,10 +30,9 @@ public:
QString processConfigWithLocalSettings(QString config); QString processConfigWithLocalSettings(QString config);
QString processConfigWithExportSettings(QString config); QString processConfigWithExportSettings(QString config);
private: private:
ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr); const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
ConnectionData genClientKeys(); ConnectionData genClientKeys();
}; };

1
client/core/scripts_registry.cpp
View file

@ -46,6 +46,7 @@ QString amnezia::scriptName(ProtocolScriptType type)
case ProtocolScriptType::openvpn_template: return QLatin1String("template.ovpn"); case ProtocolScriptType::openvpn_template: return QLatin1String("template.ovpn");
case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf"); case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf");
case ProtocolScriptType::v2ray_client_template: return QLatin1String("template_v2ray_client.json"); case ProtocolScriptType::v2ray_client_template: return QLatin1String("template_v2ray_client.json");
case ProtocolScriptType::shadowsocks_client_template: return QLatin1String("template_ss_client.json");
} }
} }

3
client/core/scripts_registry.h
View file

@ -26,7 +26,8 @@ enum ProtocolScriptType {
container_startup, container_startup,
openvpn_template, openvpn_template,
wireguard_template, wireguard_template,
v2ray_client_template v2ray_client_template,
shadowsocks_client_template
}; };

14
client/protocols/shadowsocksvpnprotocol.cpp
View file

@ -114,17 +114,5 @@ QString ShadowSocksVpnProtocol::shadowSocksExecPath()
void ShadowSocksVpnProtocol::readShadowSocksConfiguration(const QJsonObject &configuration) void ShadowSocksVpnProtocol::readShadowSocksConfiguration(const QJsonObject &configuration)
{ {
QJsonObject shadowSocksConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::ShadowSocks)).toObject(); m_shadowSocksConfig = configuration.value(ProtocolProps::key_proto_config_data(Proto::ShadowSocks)).toObject();
bool isLocalPortConvertOk = false;
bool isServerPortConvertOk = false;
int localPort = shadowSocksConfig.value("local_port").toString().toInt(&isLocalPortConvertOk);
int serverPort = shadowSocksConfig.value("server_port").toString().toInt(&isServerPortConvertOk);
if (!isLocalPortConvertOk) {
qDebug() << "Error when converting local_port field in ShadowSocks config";
} else if (!isServerPortConvertOk) {
qDebug() << "Error when converting server_port field in ShadowSocks config";
}
shadowSocksConfig["local_port"] = localPort;
shadowSocksConfig["server_port"] = serverPort;
m_shadowSocksConfig = shadowSocksConfig;
} }

1
client/resources.qrc
View file

@ -171,5 +171,6 @@
<file>server_scripts/openvpn_v2ray_vmess/start.sh</file> <file>server_scripts/openvpn_v2ray_vmess/start.sh</file>
<file>server_scripts/openvpn_v2ray_vmess/template.ovpn</file> <file>server_scripts/openvpn_v2ray_vmess/template.ovpn</file>
<file>server_scripts/openvpn_v2ray_vmess/template_v2ray_client.json</file> <file>server_scripts/openvpn_v2ray_vmess/template_v2ray_client.json</file>
<file>server_scripts/openvpn_shadowsocks/template_ss_client.json</file>
</qresource> </qresource>
</RCC> </RCC>

8
client/server_scripts/openvpn_shadowsocks/template_ss_client.json Normal file
View file

@ -0,0 +1,8 @@
{
"local_port": $SHADOWSOCKS_LOCAL_PORT,
"method": "$SHADOWSOCKS_CIPHER",
"password": "$SHADOWSOCKS_PASSWORD",
"server": "$REMOTE_HOST",
"server_port": $SHADOWSOCKS_SERVER_PORT,
"timeout": 60
}