From 2986a18c8f3bc4bc54e2bfba97511f117f821cfe Mon Sep 17 00:00:00 2001 From: Mykola Baibuz Date: Thu, 28 Sep 2023 23:54:32 +0300 Subject: [PATCH 1/7] iOS AWG support --- .gitmodules | 6 +++--- client/3rd/awg-apple | 1 + client/3rd/wireguard-apple | 1 - client/cmake/ios.cmake | 2 +- client/ios/networkextension/CMakeLists.txt | 2 +- .../WireGuardNetworkExtension-Bridging-Header.h | 4 ++-- client/macos/app/WireGuard-Bridging-Header.h | 2 +- .../WireGuardNetworkExtension-Bridging-Header.h | 2 +- client/platforms/ios/WireGuard-Bridging-Header.h | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) create mode 160000 client/3rd/awg-apple delete mode 160000 client/3rd/wireguard-apple diff --git a/.gitmodules b/.gitmodules index 453a8ee4..c96dd6bc 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,3 @@ -[submodule "client/3rd/wireguard-apple"] - path = client/3rd/wireguard-apple - url = https://github.com/WireGuard/wireguard-apple [submodule "client/3rd/OpenVPNAdapter"] path = client/3rd/OpenVPNAdapter url = https://github.com/amnezia-vpn/OpenVPNAdapter.git @@ -25,3 +22,6 @@ [submodule "client/3rd-prebuilt"] path = client/3rd-prebuilt url = https://github.com/amnezia-vpn/3rd-prebuilt +[submodule "client/3rd/awg-apple"] + path = client/3rd/awg-apple + url = https://github.com/amnezia-vpn/awg-apple diff --git a/client/3rd/awg-apple b/client/3rd/awg-apple new file mode 160000 index 00000000..5767a03f --- /dev/null +++ b/client/3rd/awg-apple @@ -0,0 +1 @@ +Subproject commit 5767a03f75a2b77d4f78fdd77ff51a1eefabe3b0 diff --git a/client/3rd/wireguard-apple b/client/3rd/wireguard-apple deleted file mode 160000 index 23618f99..00000000 --- a/client/3rd/wireguard-apple +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 23618f994f17d8ad8f2f65d79b4a1e8a0830b334 diff --git a/client/cmake/ios.cmake b/client/cmake/ios.cmake index 5dc1b2e7..7aa9f1a9 100644 --- a/client/cmake/ios.cmake +++ b/client/cmake/ios.cmake @@ -97,7 +97,7 @@ target_compile_options(${PROJECT} PRIVATE -DVPN_NE_BUNDLEID=\"${BUILD_IOS_APP_IDENTIFIER}.network-extension\" ) -set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/wireguard-apple/Sources) +set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/awg-apple/Sources) target_sources(${PROJECT} PRIVATE # ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosvpnprotocol.swift diff --git a/client/ios/networkextension/CMakeLists.txt b/client/ios/networkextension/CMakeLists.txt index 29dc0bbe..16769ea3 100644 --- a/client/ios/networkextension/CMakeLists.txt +++ b/client/ios/networkextension/CMakeLists.txt @@ -58,7 +58,7 @@ target_link_libraries(networkextension PRIVATE ${FW_UI_KIT}) target_compile_options(networkextension PRIVATE -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\") target_compile_options(networkextension PRIVATE -DNETWORK_EXTENSION=1) -set(WG_APPLE_SOURCE_DIR ${CLIENT_ROOT_DIR}/3rd/wireguard-apple/Sources) +set(WG_APPLE_SOURCE_DIR ${CLIENT_ROOT_DIR}/3rd/awg-apple/Sources) target_sources(networkextension PRIVATE ${WG_APPLE_SOURCE_DIR}/WireGuardKit/WireGuardAdapter.swift diff --git a/client/ios/networkextension/WireGuardNetworkExtension-Bridging-Header.h b/client/ios/networkextension/WireGuardNetworkExtension-Bridging-Header.h index 03a987ad..44d0b6b0 100644 --- a/client/ios/networkextension/WireGuardNetworkExtension-Bridging-Header.h +++ b/client/ios/networkextension/WireGuardNetworkExtension-Bridging-Header.h @@ -1,6 +1,6 @@ #include "wireguard-go-version.h" -#include "3rd/wireguard-apple/Sources/WireGuardKitGo/wireguard.h" -#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h" +#include "3rd/awg-apple/Sources/WireGuardKitGo/wireguard.h" +#include "3rd/awg-apple/Sources/WireGuardKitC/WireGuardKitC.h" #include #include diff --git a/client/macos/app/WireGuard-Bridging-Header.h b/client/macos/app/WireGuard-Bridging-Header.h index 40b6c89d..da71002d 100644 --- a/client/macos/app/WireGuard-Bridging-Header.h +++ b/client/macos/app/WireGuard-Bridging-Header.h @@ -3,7 +3,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "wireguard-go-version.h" -#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h" +#include "3rd/awg-apple/Sources/WireGuardKitC/WireGuardKitC.h" #include #include diff --git a/client/macos/networkextension/WireGuardNetworkExtension-Bridging-Header.h b/client/macos/networkextension/WireGuardNetworkExtension-Bridging-Header.h index 8a437ce0..ea5c8e38 100644 --- a/client/macos/networkextension/WireGuardNetworkExtension-Bridging-Header.h +++ b/client/macos/networkextension/WireGuardNetworkExtension-Bridging-Header.h @@ -4,7 +4,7 @@ #include "macos/gobridge/wireguard.h" #include "wireguard-go-version.h" -#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h" +#include "3rd/awg-apple/Sources/WireGuardKitC/WireGuardKitC.h" #include "3rd/ShadowSocks/ShadowSocks/ShadowSocks.h" #include "platforms/ios/ssconnectivity.h" #include "platforms/ios/iosopenvpn2ssadapter.h" diff --git a/client/platforms/ios/WireGuard-Bridging-Header.h b/client/platforms/ios/WireGuard-Bridging-Header.h index e5dfa39f..fbccb2d4 100644 --- a/client/platforms/ios/WireGuard-Bridging-Header.h +++ b/client/platforms/ios/WireGuard-Bridging-Header.h @@ -2,7 +2,7 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h" +#include "3rd/awg-apple/Sources/WireGuardKitC/WireGuardKitC.h" #include #include From 54b45a36e124176fe05ff620ef43ff9fccbd2c3f Mon Sep 17 00:00:00 2001 From: "vladimir.kuznetsov" Date: Fri, 29 Sep 2023 18:41:00 +0500 Subject: [PATCH 2/7] test configuration using wg instead of wg-quick to configure the server --- client/server_scripts/amnezia_wireguard/Dockerfile | 2 +- .../amnezia_wireguard/configure_container.sh | 2 +- client/server_scripts/amnezia_wireguard/start.sh | 7 ++++--- client/server_scripts/build_container.sh | 2 +- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/client/server_scripts/amnezia_wireguard/Dockerfile b/client/server_scripts/amnezia_wireguard/Dockerfile index ed974dc6..8c536fc7 100644 --- a/client/server_scripts/amnezia_wireguard/Dockerfile +++ b/client/server_scripts/amnezia_wireguard/Dockerfile @@ -3,7 +3,7 @@ FROM amneziavpn/amnezia-wg:latest LABEL maintainer="AmneziaVPN" #Install required packages -RUN apk add --no-cache curl wireguard-tools dumb-init +RUN apk add --no-cache bash curl dumb-init RUN apk --update upgrade --no-cache RUN mkdir -p /opt/amnezia diff --git a/client/server_scripts/amnezia_wireguard/configure_container.sh b/client/server_scripts/amnezia_wireguard/configure_container.sh index 8653a932..fa7b09f9 100644 --- a/client/server_scripts/amnezia_wireguard/configure_container.sh +++ b/client/server_scripts/amnezia_wireguard/configure_container.sh @@ -12,7 +12,7 @@ echo $WIREGUARD_PSK > /opt/amnezia/amneziawireguard/wireguard_psk.key cat > /opt/amnezia/amneziawireguard/wg0.conf < Date: Sat, 30 Sep 2023 00:58:08 +0300 Subject: [PATCH 3/7] iOS AWG protocol Setup --- client/3rd-prebuilt | 2 +- client/containers/containers_defs.cpp | 1 + client/platforms/ios/ios_controller.h | 1 + client/platforms/ios/ios_controller.mm | 12 ++++++++++++ 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/client/3rd-prebuilt b/client/3rd-prebuilt index e8795854..6f0d654a 160000 --- a/client/3rd-prebuilt +++ b/client/3rd-prebuilt @@ -1 +1 @@ -Subproject commit e8795854a5cf27004fe78caecc90a961688d1d41 +Subproject commit 6f0d654a2409e2f634e7f7b95d34998c8eba2d7b diff --git a/client/containers/containers_defs.cpp b/client/containers/containers_defs.cpp index 21f7b044..0b9e44a2 100644 --- a/client/containers/containers_defs.cpp +++ b/client/containers/containers_defs.cpp @@ -186,6 +186,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c) switch (c) { case DockerContainer::WireGuard: return true; case DockerContainer::OpenVpn: return true; + case DockerContainer::AmneziaWireGuard: return true; case DockerContainer::Cloak: return true; // case DockerContainer::ShadowSocks: return true; diff --git a/client/platforms/ios/ios_controller.h b/client/platforms/ios/ios_controller.h index ea8adbc0..6d10dc08 100644 --- a/client/platforms/ios/ios_controller.h +++ b/client/platforms/ios/ios_controller.h @@ -62,6 +62,7 @@ private: bool setupOpenVPN(); bool setupCloak(); bool setupWireGuard(); + bool setupAmneziaWireGuard(); bool startOpenVPN(const QString &config); bool startWireGuard(const QString &jsonConfig); diff --git a/client/platforms/ios/ios_controller.mm b/client/platforms/ios/ios_controller.mm index 57394383..6782c8da 100644 --- a/client/platforms/ios/ios_controller.mm +++ b/client/platforms/ios/ios_controller.mm @@ -204,6 +204,9 @@ bool IosController::connectVpn(amnezia::Proto proto, const QJsonObject& configur if (proto == amnezia::Proto::WireGuard) { return setupWireGuard(); } + if (proto == amnezia::Proto::AmneziaWireGuard) { + return setupAmneziaWireGuard(); + } return false; } @@ -307,6 +310,15 @@ bool IosController::setupWireGuard() return startWireGuard(wgConfig); } +bool IosController::setupAmneziaWireGuard() +{ + QJsonObject config = m_rawConfig[ProtocolProps::key_proto_config_data(amnezia::Proto::AmneziaWireGuard)].toObject(); + + QString wgConfig = config[config_key::config].toString(); + + return startWireGuard(wgConfig); +} + bool IosController::startOpenVPN(const QString &config) { qDebug() << "IosController::startOpenVPN"; From 4ed153373f585d93ddf3c566ba63fbf7cc43cba3 Mon Sep 17 00:00:00 2001 From: Mykola Baibuz Date: Sat, 30 Sep 2023 16:05:23 -0400 Subject: [PATCH 4/7] Fix Linux build, some naming changes --- .../{amneziaWireGuardConfigurator.cpp => awg_configurator.cpp} | 2 +- .../{amneziaWireGuardConfigurator.h => awg_configurator.h} | 0 client/configurators/vpn_configurator.cpp | 2 +- ...mneziaWireGuardProtocol.cpp => amneziawireguardprotocol.cpp} | 2 +- .../{amneziaWireGuardProtocol.h => amneziawireguardprotocol.h} | 0 5 files changed, 3 insertions(+), 3 deletions(-) rename client/configurators/{amneziaWireGuardConfigurator.cpp => awg_configurator.cpp} (98%) rename client/configurators/{amneziaWireGuardConfigurator.h => awg_configurator.h} (100%) rename client/protocols/{amneziaWireGuardProtocol.cpp => amneziawireguardprotocol.cpp} (84%) rename client/protocols/{amneziaWireGuardProtocol.h => amneziawireguardprotocol.h} (100%) diff --git a/client/configurators/amneziaWireGuardConfigurator.cpp b/client/configurators/awg_configurator.cpp similarity index 98% rename from client/configurators/amneziaWireGuardConfigurator.cpp rename to client/configurators/awg_configurator.cpp index 3ed27208..85dbd6de 100644 --- a/client/configurators/amneziaWireGuardConfigurator.cpp +++ b/client/configurators/awg_configurator.cpp @@ -1,4 +1,4 @@ -#include "amneziaWireGuardConfigurator.h" +#include "awg_configurator.h" #include #include diff --git a/client/configurators/amneziaWireGuardConfigurator.h b/client/configurators/awg_configurator.h similarity index 100% rename from client/configurators/amneziaWireGuardConfigurator.h rename to client/configurators/awg_configurator.h diff --git a/client/configurators/vpn_configurator.cpp b/client/configurators/vpn_configurator.cpp index 6706deed..8ab43499 100644 --- a/client/configurators/vpn_configurator.cpp +++ b/client/configurators/vpn_configurator.cpp @@ -5,7 +5,7 @@ #include "shadowsocks_configurator.h" #include "ssh_configurator.h" #include "wireguard_configurator.h" -#include "amneziaWireGuardConfigurator.h" +#include "awg_configurator.h" #include #include diff --git a/client/protocols/amneziaWireGuardProtocol.cpp b/client/protocols/amneziawireguardprotocol.cpp similarity index 84% rename from client/protocols/amneziaWireGuardProtocol.cpp rename to client/protocols/amneziawireguardprotocol.cpp index b4c5b430..cab03da9 100644 --- a/client/protocols/amneziaWireGuardProtocol.cpp +++ b/client/protocols/amneziawireguardprotocol.cpp @@ -1,4 +1,4 @@ -#include "amneziaWireGuardProtocol.h" +#include "amneziawireguardprotocol.h" AmneziaWireGuardProtocol::AmneziaWireGuardProtocol(const QJsonObject &configuration, QObject *parent) : WireguardProtocol(configuration, parent) diff --git a/client/protocols/amneziaWireGuardProtocol.h b/client/protocols/amneziawireguardprotocol.h similarity index 100% rename from client/protocols/amneziaWireGuardProtocol.h rename to client/protocols/amneziawireguardprotocol.h From 39c2124a26d1401fa4434fb790ff2780f5a20d84 Mon Sep 17 00:00:00 2001 From: "vladimir.kuznetsov" Date: Sun, 1 Oct 2023 21:43:30 +0500 Subject: [PATCH 5/7] returned the awg setting via wg-quick --- client/server_scripts/amnezia_wireguard/start.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/client/server_scripts/amnezia_wireguard/start.sh b/client/server_scripts/amnezia_wireguard/start.sh index 505ce53e..b371d5b5 100644 --- a/client/server_scripts/amnezia_wireguard/start.sh +++ b/client/server_scripts/amnezia_wireguard/start.sh @@ -6,11 +6,10 @@ echo "Container startup" #ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up # kill daemons in case of restart -# wg-quick down /opt/amnezia/amneziawireguard/wg0.conf +wg-quick down /opt/amnezia/amneziawireguard/wg0.conf -/usr/bin/amnezia-wg wg0 && /usr/bin/wg setconf wg0 /opt/amnezia/amneziawireguard/wg0.conf && ip address add dev wg0 10.8.1.1/24 && ip link set up dev wg0 -# # # start daemons if configured -# # if [ -f /opt/amnezia/amneziawireguard/wg0.conf ]; then (wg-quick up /opt/amnezia/amneziawireguard/wg0.conf); fi +# start daemons if configured +if [ -f /opt/amnezia/amneziawireguard/wg0.conf ]; then (wg-quick up /opt/amnezia/amneziawireguard/wg0.conf); fi # Allow traffic on the TUN interface. iptables -A INPUT -i wg0 -j ACCEPT From 50b8b3d649714a3465fbebaa0aa26543fa0b3ad1 Mon Sep 17 00:00:00 2001 From: "vladimir.kuznetsov" Date: Mon, 2 Oct 2023 18:30:32 +0500 Subject: [PATCH 6/7] added parsing of wireguard config parameters when importing native configs --- client/ui/controllers/importController.cpp | 68 +++++++++++++++++++--- 1 file changed, 61 insertions(+), 7 deletions(-) diff --git a/client/ui/controllers/importController.cpp b/client/ui/controllers/importController.cpp index d9278ece..f9cc2d03 100644 --- a/client/ui/controllers/importController.cpp +++ b/client/ui/controllers/importController.cpp @@ -223,21 +223,75 @@ QJsonObject ImportController::extractOpenVpnConfig(const QString &data) QJsonObject ImportController::extractWireGuardConfig(const QString &data) { + QMap configMap; + auto configByLines = data.split("\n"); + for (const QString &line : configByLines) { + QString trimmedLine = line.trimmed(); + if (trimmedLine.startsWith("[") && trimmedLine.endsWith("]")) { + continue; + } else { + QStringList parts = trimmedLine.split(" = "); + if (parts.count() == 2) { + configMap[parts.at(0).trimmed()] = parts.at(1).trimmed(); + } + } + } + QJsonObject lastConfig; lastConfig[config_key::config] = data; - const static QRegularExpression hostNameAndPortRegExp("Endpoint = (.*)(?::([0-9]*))?"); + const static QRegularExpression hostNameAndPortRegExp("Endpoint = (.*):([0-9]*)"); QRegularExpressionMatch hostNameAndPortMatch = hostNameAndPortRegExp.match(data); QString hostName; QString port; if (hostNameAndPortMatch.hasCaptured(1)) { hostName = hostNameAndPortMatch.captured(1); - } /*else { - qDebug() << "send error?" - }*/ + } else { + qDebug() << "Failed to import profile"; + emit importErrorOccurred(errorString(ErrorCode::ImportInvalidConfigError)); + } if (hostNameAndPortMatch.hasCaptured(2)) { port = hostNameAndPortMatch.captured(2); + } else { + port = protocols::wireguard::defaultPort; + } + + lastConfig[config_key::hostName] = hostName; + lastConfig[config_key::port] = port.toInt(); + +// if (!configMap.value("PrivateKey").isEmpty() && !configMap.value("Address").isEmpty() +// && !configMap.value("PresharedKey").isEmpty() && !configMap.value("PublicKey").isEmpty()) { + lastConfig[config_key::client_priv_key] = configMap.value("PrivateKey"); + lastConfig[config_key::client_ip] = configMap.value("Address"); + lastConfig[config_key::psk_key] = configMap.value("PresharedKey"); + lastConfig[config_key::server_pub_key] = configMap.value("PublicKey"); +// } else { +// qDebug() << "Failed to import profile"; +// emit importErrorOccurred(errorString(ErrorCode::ImportInvalidConfigError)); +// return QJsonObject(); +// } + + QString protocolName = "wireguard"; + if (!configMap.value(config_key::junkPacketCount).isEmpty() + && !configMap.value(config_key::junkPacketMinSize).isEmpty() + && !configMap.value(config_key::junkPacketMaxSize).isEmpty() + && !configMap.value(config_key::initPacketJunkSize).isEmpty() + && !configMap.value(config_key::responsePacketJunkSize).isEmpty() + && !configMap.value(config_key::initPacketMagicHeader).isEmpty() + && !configMap.value(config_key::responsePacketMagicHeader).isEmpty() + && !configMap.value(config_key::underloadPacketMagicHeader).isEmpty() + && !configMap.value(config_key::transportPacketMagicHeader).isEmpty()) { + lastConfig[config_key::junkPacketCount] = configMap.value(config_key::junkPacketCount); + lastConfig[config_key::junkPacketMinSize] = configMap.value(config_key::junkPacketMinSize); + lastConfig[config_key::junkPacketMaxSize] = configMap.value(config_key::junkPacketMaxSize); + lastConfig[config_key::initPacketJunkSize] = configMap.value(config_key::initPacketJunkSize); + lastConfig[config_key::responsePacketJunkSize] = configMap.value(config_key::responsePacketJunkSize); + lastConfig[config_key::initPacketMagicHeader] = configMap.value(config_key::initPacketMagicHeader); + lastConfig[config_key::responsePacketMagicHeader] = configMap.value(config_key::responsePacketMagicHeader); + lastConfig[config_key::underloadPacketMagicHeader] = configMap.value(config_key::underloadPacketMagicHeader); + lastConfig[config_key::transportPacketMagicHeader] = configMap.value(config_key::transportPacketMagicHeader); + protocolName = "amneziawireguard"; } QJsonObject wireguardConfig; @@ -247,15 +301,15 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data) wireguardConfig[config_key::transport_proto] = "udp"; QJsonObject containers; - containers.insert(config_key::container, QJsonValue("amnezia-wireguard")); - containers.insert(config_key::wireguard, QJsonValue(wireguardConfig)); + containers.insert(config_key::container, QJsonValue("amnezia-" + protocolName)); + containers.insert(protocolName, QJsonValue(wireguardConfig)); QJsonArray arr; arr.push_back(containers); QJsonObject config; config[config_key::containers] = arr; - config[config_key::defaultContainer] = "amnezia-wireguard"; + config[config_key::defaultContainer] = "amnezia-" + protocolName; config[config_key::description] = m_settings->nextAvailableServerName(); const static QRegularExpression dnsRegExp( From 304f29bfac020be5600ef1a8c9c2dc59177a4805 Mon Sep 17 00:00:00 2001 From: "vladimir.kuznetsov" Date: Mon, 2 Oct 2023 20:03:01 +0500 Subject: [PATCH 7/7] returned 'address' to awg server config and set it to 10.8.1.1/24 --- client/server_scripts/amnezia_wireguard/configure_container.sh | 2 +- client/server_scripts/amnezia_wireguard/start.sh | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/client/server_scripts/amnezia_wireguard/configure_container.sh b/client/server_scripts/amnezia_wireguard/configure_container.sh index fa7b09f9..6ebebc4a 100644 --- a/client/server_scripts/amnezia_wireguard/configure_container.sh +++ b/client/server_scripts/amnezia_wireguard/configure_container.sh @@ -12,7 +12,7 @@ echo $WIREGUARD_PSK > /opt/amnezia/amneziawireguard/wireguard_psk.key cat > /opt/amnezia/amneziawireguard/wg0.conf <