AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'remotes/origin/dev' into feature/new-gui

Browse source
This commit is contained in:
vladimir.kuznetsov 2023-06-27 13:38:06 +03:00
commit d0c9c1043c
179 changed files with 3824 additions and 4107 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitattributes vendored
View file

@ -2,3 +2,4 @@ deploy/data/windows/x64/tap/windows_7/OemVista.inf eol=crlf
deploy/data/windows/x64/tap/windows_10/OemVista.inf eol=crlf
deploy/data/windows/x32/tap/windows_7/OemVista.inf eol=crlf
deploy/data/windows/x32/tap/windows_10/OemVista.inf eol=crlf
client/3rd/* linguist-vendored

23
.github/workflows/deploy.yml vendored
View file

@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
env:
QT_VERSION: 6.4.1
QT_VERSION: 6.5.0
QIF_VERSION: 4.5
steps:
@ -63,7 +63,7 @@ jobs:
runs-on: windows-latest
env:
QT_VERSION: 6.4.1
QT_VERSION: 6.5.0
QIF_VERSION: 4.5
BUILD_ARCH: 64
@ -124,8 +124,7 @@ jobs:
runs-on: macos-latest
env:
QT_VERSION: 6.4.1
QIF_VERSION: 4.4
QT_VERSION: 6.5.0
steps:
- name: 'Setup xcode'
@ -139,18 +138,18 @@ jobs:
version: ${{ env.QT_VERSION }}
host: 'mac'
target: 'desktop'
modules: 'qtremoteobjects qt5compat qtshadertools qtmultimedia'
arch: 'clang_64'
modules: 'qtremoteobjects qt5compat qtshadertools'
dir: ${{ runner.temp }}
set-env: 'true'
- name: 'Install ios Qt'
- name: 'Install iOS Qt'
uses: jurplel/install-qt-action@v3
with:
version: ${{ env.QT_VERSION }}
host: 'mac'
target: 'ios'
modules: 'qtremoteobjects qt5compat qtshadertools'
modules: 'qtremoteobjects qt5compat qtshadertools qtmultimedia'
dir: ${{ runner.temp }}
setup-python: 'true'
set-env: 'true'
@ -200,7 +199,7 @@ jobs:
runs-on: macos-latest
env:
QT_VERSION: 6.4.1
QT_VERSION: 6.5.0
QIF_VERSION: 4.5
steps:
@ -263,8 +262,7 @@ jobs:
arch: ['android_x86_64', 'android_x86'] #, 'android_armv7', 'android_arm64_v8a']
env:
QT_VERSION: 6.4.1
QIF_VERSION: 4.5
QT_VERSION: 6.5.0
steps:
- name: 'Install desktop Qt'
@ -293,6 +291,11 @@ jobs:
set-env: 'true'
extra: '--external 7z'
- name: 'Install GO'
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: 'Get sources'
uses: actions/checkout@v3
with:

29
.gitmodules vendored
View file

@ -6,7 +6,7 @@
url = https://github.com/WireGuard/wireguard-apple
[submodule "client/3rd/OpenVPNAdapter"]
path = client/3rd/OpenVPNAdapter
url = https://github.com/ss-abramchuk/OpenVPNAdapter.git
url = https://github.com/amnezia-vpn/OpenVPNAdapter.git
[submodule "client/3rd/ShadowPath"]
path = client/3rd/ShadowPath
url = https://github.com/qman9501/ShadowPath
@ -28,12 +28,33 @@
[submodule "client/3rd/zlib"]
path = client/3rd/zlib
url = https://github.com/madler/zlib.git
[submodule "deploy/amnezia-ios-certificates"]
path = deploy/amnezia-ios-certificates
url = https://github.com/amnezia-vpn/amnezia-ios-certificates.git
[submodule "client/3rd/SortFilterProxyModel"]
path = client/3rd/SortFilterProxyModel
url = https://github.com/mitchcurtis/SortFilterProxyModel.git
[submodule "client/android/cpp/openvpn3"]
path = client/android/cpp/openvpn3
url = https://github.com/amnezia-vpn/openvpn3.git
[submodule "client/android/cpp/asio"]
path = client/android/cpp/asio
url = https://github.com/chriskohlhoff/asio
[submodule "client/android/cpp/lz4"]
path = client/android/cpp/lz4
url = https://github.com/lz4/lz4.git
[submodule "client/android/cpp/mbedtls"]
path = client/android/cpp/mbedtls
url = https://github.com/ARMmbed/mbedtls.git
[submodule "client/android/cpp/openvpn"]
path = client/android/cpp/openvpn
url = https://github.com/schwabe/openvpn.git
[submodule "client/android/cpp/openssl"]
path = client/android/cpp/openssl
url = https://github.com/schwabe/platform_external_openssl.git
[submodule "client/android/cpp/cloak"]
path = client/android/cpp/cloak
url = https://github.com/amnezia-vpn/Cloak
[submodule "client/android/cpp/lzo"]
path = client/android/cpp/lzo
url = https://github.com/amnezia-vpn/lzo.git
[submodule "client/3rd/mbedtls"]
path = client/3rd/mbedtls
url = https://github.com/Mbed-TLS/mbedtls.git

47
.gitpod.Dockerfile vendored Normal file
View file

@ -0,0 +1,47 @@
FROM gitpod/workspace-full-vnc
USER gitpod
RUN sudo apt-get -q update \
&& sudo apt-get install -yq \
build-essential \
libgl1-mesa-dev \
libgstreamer-gl1.0-0 \
libpulse-dev \
libsecret-1-dev \
libxcb-glx0 \
libxcb-icccm4 \
libxcb-image0 \
libxcb-keysyms1 \
libxcb-randr0 \
libxcb-render-util0 \
libxcb-render0 \
libxcb-shape0 \
libxcb-shm0 \
libxcb-sync1 \
libxcb-util1 \
libxcb-xfixes0 \
libxcb-xinerama0 \
libxcb1 \
libxkbcommon-dev \
libxkbcommon-x11-0 \
libxcb-xkb-dev \
p7zip-full \
&& sudo rm -rf /var/lib/apt/lists/*
RUN sudo pip3 install aqtinstall
ARG QT_VERSION=6.4.1
ARG QT_ARCH=gcc_64
ARG QT_DIR=/opt/qt
RUN sudo aqt install-qt --outputdir ${QT_DIR} linux desktop ${QT_VERSION} ${QT_ARCH} --modules \
qtremoteobjects \
qt5compat \
qtshadertools
ENV QT_BIN_DIR=${QT_DIR}/${QT_VERSION}/${QT_ARCH}/bin
ARG QIF_VERSION=4.5
ARG QIF_DIR=/opt/qif
RUN sudo aqt install-tool --outputdir ${QIF_DIR} linux desktop tools_ifw
ENV QIF_BIN_DIR=${QIF_DIR}/Tools/QtInstallerFramework/${QIF_VERSION}/bin

8
.gitpod.yml Normal file
View file

@ -0,0 +1,8 @@
tasks:
- init: >-
deploy/build_linux.sh
image:
file: .gitpod.Dockerfile
vscode:
extensions:
- llvm-vs-code-extensions.vscode-clangd

6
AmneziaVPN.pro
View file

@ -1,6 +0,0 @@
TEMPLATE = subdirs
SUBDIRS = client
!ios:!android {
SUBDIRS += service
}

10
CMakeLists.txt
View file

@ -1,7 +1,13 @@
cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
set(PROJECT AmneziaVPN)
project(${PROJECT})
project(${PROJECT} VERSION 3.0.7.5
DESCRIPTION "AmneziaVPN"
HOMEPAGE_URL "https://amnezia.org/"
)
set(RELEASE_DATE "2023-05-15")
set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
if(ANDROID)
set(QT_ANDROID_BUILD_ALL_ABIS ON)
@ -15,4 +21,6 @@ add_subdirectory(client)
if(NOT IOS AND NOT ANDROID)
add_subdirectory(service)
include(${CMAKE_SOURCE_DIR}/deploy/installer/config.cmake)
endif()

74
README.md
View file

@ -1,16 +1,24 @@
# Amnezia VPN
## _The best client for self-hosted VPN_
[![Build Status](https://github.com/amnezia-vpn/desktop-client/actions/workflows/deploy.yml/badge.svg?branch=dev)]
[![Build Status](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml/badge.svg?branch=dev)](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml?query=branch:dev)
[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/amnezia-vpn/amnezia-client)
Amnezia is a VPN client with the key feature of deploying your own VPN server on you virtual server.
Amnezia is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.
## Features
- Very easy to use - enter your ip address, ssh login and password, and Amnezia client will automatically install VPN docker containers to your server and connect to VPN.
- OpenVPN and OpenVPN over ShadowSocks protocols support.
- Custom VPN routing mode support - add any sites to client to enable VPN only for them.
- Windows and MacOS support.
- Unsecure sharing connection profile for family use.
- Very easy to use - enter your ip address, ssh login and password, and Amnezia will automatically install VPN docker containers to your server and connect to VPN.
- OpenVPN, ShadowSocks, WireGuard, IKEv2 protocols support.
- Masking VPN with OpenVPN over Cloak plugin
- Split tunneling support - add any sites to client to enable VPN only for them (only for desktops)
- Windows, MacOS, Linux, Android, iOS releases.
## Links
[https://amnezia.org](https://amnezia.org) - project website
[https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit
[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)
[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)
[https://signal.group/...](https://signal.group/#CjQKIB2gUf8QH_IXnOJMGQWMDjYz9cNfmRQipGWLFiIgc4MwEhAKBONrSiWHvoUFbbD0xwdh) - Signal channel
## Tech
@ -20,7 +28,7 @@ AmneziaVPN uses a number of open source projects to work:
- [OpenVPN](https://openvpn.net/)
- [ShadowSocks](https://shadowsocks.org/)
- [Qt](https://www.qt.io/)
- [QtSsh](https://github.com/jaredtao/QtSsh) - forked form Qt Creator
- [LibSsh](https://libssh.org) - forked form Qt Creator
- and more...
## Checking out the source code
@ -36,39 +44,35 @@ git submodule update --init
Want to contribute? Welcome!
### Building sources and deployment
Easiest way to build your own executables - is to fork project and configure [Travis CI](https://travis-ci.com/)
Or you can build sources manually using Qt Creator. Qt >= 14.2 supported.
Look to the `build_macos.sh` and `build_windows.bat` scripts in `deploy` folder for details.
Look deploy folder for build scripts.
### How to build iOS app from source code on MacOS
1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed,
at least version 12 or higher.
1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed, at least version 14 or higher.
2. We use `qmake` to generate the XCode project and then we "patch" it to add
extra components such as the wireguard, the browser bridge and so on. We patch
the XCode project using [xcodeproj](https://github.com/CocoaPods/Xcodeproj). To
install it:
```bash
gem install xcodeproj # probably you want to run this command with `sudo`
```
3. You also need to install go >= v1.16. If you don't have it done already,
2. We use QT to generate the XCode project. we need QT version 6.4. Install QT for macos in [here](https://doc.qt.io/qt-6/macos.html)
3. Install cmake is require. We recommend cmake version 3.25. You can install cmake in [here](https://cmake.org/download/)
4. You also need to install go >= v1.16. If you don't have it done already,
download go from the [official website](https://golang.org/dl/) or use Homebrew.
Latest version is recommended.
4. Navigate inside client folder and generate the XCode project using our script:
Latest version is recommended. Install gomobile
```bash
cd client
./scripts/apple_compile.sh ios
export PATH=$PATH:~/go/bin
go install golang.org/x/mobile/cmd/gomobile@latest
gomobile init
```
If you have more than one version of Qt installed, you'll most likely get
a "`qmake` cannot be found in your `$PATH`" error. In this case run this script
using QT\IOS\_BIN env to set the path for the Qt5 macos build bin folder.
For example, the path could look like this:
5. Build project
```bash
QT_IOS_BIN="/Users/username/Qt/6.4.1/ios/bin" ./scripts/apple_compile.sh ios
export QT_BIN_DIR="<PATH-TO-QT-FOLDER>/Qt/<QT-VERSION>/ios/bin"
export QT_IOS_BIN=$QT_BIN_DIR
export PATH=$PATH:~/go/bin
mkdir build-ios
$QT_IOS_BIN/qt-cmake . -B build-ios -GXcode -DQT_HOST_PATH=$QT_BIN_DIR
```
Replace PATH-TO-QT-FOLDER and QT-VERSION to your environment
If you get `gomobile: command not found` make sure to set PATH to the location
of the bin folder where gomobile was installed. Usually, it's in `GOPATH`.
@ -76,7 +80,7 @@ of the bin folder where gomobile was installed. Usually, it's in `GOPATH`.
export PATH=$(PATH):/path/to/GOPATH/bin
```
5. Xcode should automatically open. You can then run/test/archive/ship the app.
5. Open XCode project. You can then run/test/archive/ship the app.
If build fails with the following error
```
@ -125,12 +129,6 @@ You may face compiling issues in QT Creator after you've worked in Android Studi
## License
GPL v.3
## Contacts
[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)
[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)
[https://signal.group/...](https://signal.group/#CjQKIB2gUf8QH_IXnOJMGQWMDjYz9cNfmRQipGWLFiIgc4MwEhAKBONrSiWHvoUFbbD0xwdh) - Signal channel
[https://amnezia.org](https://amnezia.org) - project website
## Donate
Bitcoin: bc1qn9rhsffuxwnhcuuu4qzrwp4upkrq94xnh8r26u
XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3

2
client/3rd/OpenVPNAdapter vendored

@ -1 +1 @@
Subproject commit 0e2db0baa0d66029cbb18d74b78bc7a5c9013fba
Subproject commit 7b4046faf358206d9640a8cc01cb4ab5fe2e4a6c

249
client/AmneziaVPN-Swift.h
View file

@ -1,249 +0,0 @@
#ifndef AmneziaVPN_Swift_h
#define AmneziaVPN_Swift_h
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wgcc-compat"
#if !defined(__has_include)
# define __has_include(x) 0
#endif
#if !defined(__has_attribute)
# define __has_attribute(x) 0
#endif
#if !defined(__has_feature)
# define __has_feature(x) 0
#endif
#if !defined(__has_warning)
# define __has_warning(x) 0
#endif
#if __has_include(<swift/objc-prologue.h>)
# include <swift/objc-prologue.h>
#endif
#pragma clang diagnostic ignored "-Wauto-import"
#include <Foundation/Foundation.h>
#include <stdint.h>
#include <stddef.h>
#include <stdbool.h>
#if !defined(SWIFT_TYPEDEFS)
# define SWIFT_TYPEDEFS 1
# if __has_include(<uchar.h>)
# include <uchar.h>
# elif !defined(__cplusplus)
typedef uint_least16_t char16_t;
typedef uint_least32_t char32_t;
# endif
typedef float swift_float2 __attribute__((__ext_vector_type__(2)));
typedef float swift_float3 __attribute__((__ext_vector_type__(3)));
typedef float swift_float4 __attribute__((__ext_vector_type__(4)));
typedef double swift_double2 __attribute__((__ext_vector_type__(2)));
typedef double swift_double3 __attribute__((__ext_vector_type__(3)));
typedef double swift_double4 __attribute__((__ext_vector_type__(4)));
typedef int swift_int2 __attribute__((__ext_vector_type__(2)));
typedef int swift_int3 __attribute__((__ext_vector_type__(3)));
typedef int swift_int4 __attribute__((__ext_vector_type__(4)));
typedef unsigned int swift_uint2 __attribute__((__ext_vector_type__(2)));
typedef unsigned int swift_uint3 __attribute__((__ext_vector_type__(3)));
typedef unsigned int swift_uint4 __attribute__((__ext_vector_type__(4)));
#endif
#if !defined(SWIFT_PASTE)
# define SWIFT_PASTE_HELPER(x, y) x##y
# define SWIFT_PASTE(x, y) SWIFT_PASTE_HELPER(x, y)
#endif
#if !defined(SWIFT_METATYPE)
# define SWIFT_METATYPE(X) Class
#endif
#if !defined(SWIFT_CLASS_PROPERTY)
# if __has_feature(objc_class_property)
# define SWIFT_CLASS_PROPERTY(...) __VA_ARGS__
# else
# define SWIFT_CLASS_PROPERTY(...)
# endif
#endif
#if __has_attribute(objc_runtime_name)
# define SWIFT_RUNTIME_NAME(X) __attribute__((objc_runtime_name(X)))
#else
# define SWIFT_RUNTIME_NAME(X)
#endif
#if __has_attribute(swift_name)
# define SWIFT_COMPILE_NAME(X) __attribute__((swift_name(X)))
#else
# define SWIFT_COMPILE_NAME(X)
#endif
#if __has_attribute(objc_method_family)
# define SWIFT_METHOD_FAMILY(X) __attribute__((objc_method_family(X)))
#else
# define SWIFT_METHOD_FAMILY(X)
#endif
#if __has_attribute(noescape)
# define SWIFT_NOESCAPE __attribute__((noescape))
#else
# define SWIFT_NOESCAPE
#endif
#if __has_attribute(ns_consumed)
# define SWIFT_RELEASES_ARGUMENT __attribute__((ns_consumed))
#else
# define SWIFT_RELEASES_ARGUMENT
#endif
#if __has_attribute(warn_unused_result)
# define SWIFT_WARN_UNUSED_RESULT __attribute__((warn_unused_result))
#else
# define SWIFT_WARN_UNUSED_RESULT
#endif
#if __has_attribute(noreturn)
# define SWIFT_NORETURN __attribute__((noreturn))
#else
# define SWIFT_NORETURN
#endif
#if !defined(SWIFT_CLASS_EXTRA)
# define SWIFT_CLASS_EXTRA
#endif
#if !defined(SWIFT_PROTOCOL_EXTRA)
# define SWIFT_PROTOCOL_EXTRA
#endif
#if !defined(SWIFT_ENUM_EXTRA)
# define SWIFT_ENUM_EXTRA
#endif
#if !defined(SWIFT_CLASS)
# if __has_attribute(objc_subclassing_restricted)
# define SWIFT_CLASS(SWIFT_NAME) SWIFT_RUNTIME_NAME(SWIFT_NAME) __attribute__((objc_subclassing_restricted)) SWIFT_CLASS_EXTRA
# define SWIFT_CLASS_NAMED(SWIFT_NAME) __attribute__((objc_subclassing_restricted)) SWIFT_COMPILE_NAME(SWIFT_NAME) SWIFT_CLASS_EXTRA
# else
# define SWIFT_CLASS(SWIFT_NAME) SWIFT_RUNTIME_NAME(SWIFT_NAME) SWIFT_CLASS_EXTRA
# define SWIFT_CLASS_NAMED(SWIFT_NAME) SWIFT_COMPILE_NAME(SWIFT_NAME) SWIFT_CLASS_EXTRA
# endif
#endif
#if !defined(SWIFT_RESILIENT_CLASS)
# if __has_attribute(objc_class_stub)
# define SWIFT_RESILIENT_CLASS(SWIFT_NAME) SWIFT_CLASS(SWIFT_NAME) __attribute__((objc_class_stub))
# define SWIFT_RESILIENT_CLASS_NAMED(SWIFT_NAME) __attribute__((objc_class_stub)) SWIFT_CLASS_NAMED(SWIFT_NAME)
# else
# define SWIFT_RESILIENT_CLASS(SWIFT_NAME) SWIFT_CLASS(SWIFT_NAME)
# define SWIFT_RESILIENT_CLASS_NAMED(SWIFT_NAME) SWIFT_CLASS_NAMED(SWIFT_NAME)
# endif
#endif
#if !defined(SWIFT_PROTOCOL)
# define SWIFT_PROTOCOL(SWIFT_NAME) SWIFT_RUNTIME_NAME(SWIFT_NAME) SWIFT_PROTOCOL_EXTRA
# define SWIFT_PROTOCOL_NAMED(SWIFT_NAME) SWIFT_COMPILE_NAME(SWIFT_NAME) SWIFT_PROTOCOL_EXTRA
#endif
#if !defined(SWIFT_EXTENSION)
# define SWIFT_EXTENSION(M) SWIFT_PASTE(M##_Swift_, __LINE__)
#endif
#if !defined(OBJC_DESIGNATED_INITIALIZER)
# if __has_attribute(objc_designated_initializer)
# define OBJC_DESIGNATED_INITIALIZER __attribute__((objc_designated_initializer))
# else
# define OBJC_DESIGNATED_INITIALIZER
# endif
#endif
#if !defined(SWIFT_ENUM_ATTR)
# if defined(__has_attribute) && __has_attribute(enum_extensibility)
# define SWIFT_ENUM_ATTR(_extensibility) __attribute__((enum_extensibility(_extensibility)))
# else
# define SWIFT_ENUM_ATTR(_extensibility)
# endif
#endif
#if !defined(SWIFT_ENUM)
# define SWIFT_ENUM(_type, _name, _extensibility) enum _name : _type _name; enum SWIFT_ENUM_ATTR(_extensibility) SWIFT_ENUM_EXTRA _name : _type
# if __has_feature(generalized_swift_name)
# define SWIFT_ENUM_NAMED(_type, _name, SWIFT_NAME, _extensibility) enum _name : _type _name SWIFT_COMPILE_NAME(SWIFT_NAME); enum SWIFT_COMPILE_NAME(SWIFT_NAME) SWIFT_ENUM_ATTR(_extensibility) SWIFT_ENUM_EXTRA _name : _type
# else
# define SWIFT_ENUM_NAMED(_type, _name, SWIFT_NAME, _extensibility) SWIFT_ENUM(_type, _name, _extensibility)
# endif
#endif
#if !defined(SWIFT_UNAVAILABLE)
# define SWIFT_UNAVAILABLE __attribute__((unavailable))
#endif
#if !defined(SWIFT_UNAVAILABLE_MSG)
# define SWIFT_UNAVAILABLE_MSG(msg) __attribute__((unavailable(msg)))
#endif
#if !defined(SWIFT_AVAILABILITY)
# define SWIFT_AVAILABILITY(plat, ...) __attribute__((availability(plat, __VA_ARGS__)))
#endif
#if !defined(SWIFT_WEAK_IMPORT)
# define SWIFT_WEAK_IMPORT __attribute__((weak_import))
#endif
#if !defined(SWIFT_DEPRECATED)
# define SWIFT_DEPRECATED __attribute__((deprecated))
#endif
#if !defined(SWIFT_DEPRECATED_MSG)
# define SWIFT_DEPRECATED_MSG(...) __attribute__((deprecated(__VA_ARGS__)))
#endif
#if __has_feature(attribute_diagnose_if_objc)
# define SWIFT_DEPRECATED_OBJC(Msg) __attribute__((diagnose_if(1, Msg, "warning")))
#else
# define SWIFT_DEPRECATED_OBJC(Msg) SWIFT_DEPRECATED_MSG(Msg)
#endif
#if !defined(IBSegueAction)
# define IBSegueAction
#endif
#if __has_feature(modules)
#if __has_warning("-Watimport-in-framework-header")
#pragma clang diagnostic ignored "-Watimport-in-framework-header"
#endif
@import Foundation;
@import ObjectiveC;
#endif
#pragma clang diagnostic ignored "-Wproperty-attribute-mismatch"
#pragma clang diagnostic ignored "-Wduplicate-method-arg"
#if __has_warning("-Wpragma-clang-attribute")
# pragma clang diagnostic ignored "-Wpragma-clang-attribute"
#endif
#pragma clang diagnostic ignored "-Wunknown-pragmas"
#pragma clang diagnostic ignored "-Wnullability"
#if __has_attribute(external_source_symbol)
# pragma push_macro("any")
# undef any
# pragma clang attribute push(__attribute__((external_source_symbol(language="Swift", defined_in="AmneziaVPN",generated_declaration))), apply_to=any(function,enum,objc_interface,objc_category,objc_protocol))
# pragma pop_macro("any")
#endif
@class NSString;
@class NSData;
enum ConnectionState : NSInteger;
@class NSDate;
@class NSNumber;
@class VPNIPAddressRange;
SWIFT_CLASS("_TtC10AmneziaVPN18IOSVpnProtocolImpl")
@interface IOSVpnProtocolImpl : NSObject
- (nonnull instancetype)initWithBundleID:(NSString * _Nonnull)bundleID privateKey:(NSData * _Nonnull)privateKey deviceIpv4Address:(NSString * _Nonnull)deviceIpv4Address deviceIpv6Address:(NSString * _Nonnull)deviceIpv6Address closure:(void (^ _Nonnull)(enum ConnectionState, NSDate * _Nullable))closure callback:(void (^ _Nonnull)(BOOL))callback OBJC_DESIGNATED_INITIALIZER;
- (nonnull instancetype)initWithBundleID:(NSString * _Nonnull)bundleID config:(NSString * _Nonnull)config closure:(void (^ _Nonnull)(enum ConnectionState, NSDate * _Nullable))closure callback:(void (^ _Nonnull)(BOOL))callback;
- (nonnull instancetype)initWithBundleID:(NSString * _Nonnull)bundleID tunnelConfig:(NSString * _Nonnull)tunnelConfig ssConfig:(NSString * _Nonnull)ssConfig closure:(void (^ _Nonnull)(enum ConnectionState, NSDate * _Nullable))closure callback:(void (^ _Nonnull)(BOOL))callback;
- (void)connectWithDnsServer:(NSString * _Nonnull)dnsServer serverIpv6Gateway:(NSString * _Nonnull)serverIpv6Gateway serverPublicKey:(NSString * _Nonnull)serverPublicKey presharedKey:(NSString * _Nonnull)presharedKey serverIpv4AddrIn:(NSString * _Nonnull)serverIpv4AddrIn serverPort:(NSInteger)serverPort allowedIPAddressRanges:(NSArray<VPNIPAddressRange *> * _Nonnull)allowedIPAddressRanges ipv6Enabled:(Boolean)enabled reason:(NSInteger)reason failureCallback:(void (^ _Nonnull)(void))failureCallback;
- (void)connectWithOvpnConfig:(NSString * _Nonnull)ovpnConfig failureCallback:(void (^ _Nonnull)(void))failureCallback;
- (void)connectWithSsConfig:(NSString * _Nonnull)ssConfig ovpnConfig:(NSString * _Nonnull)ovpnConfig failureCallback:(void (^ _Nonnull)(void))failureCallback;
- (void)disconnect;
- (void)checkStatusWithCallback:(void (^ _Nonnull)(NSString * _Nonnull, NSString * _Nonnull, NSString * _Nonnull))callback;
- (nonnull instancetype)init SWIFT_UNAVAILABLE;
+ (nonnull instancetype)new SWIFT_UNAVAILABLE_MSG("-init is unavailable");
@end
typedef SWIFT_ENUM(NSInteger, ConnectionState, closed) {
ConnectionStateError = 0,
ConnectionStateConnected = 1,
ConnectionStateDisconnected = 2,
};
SWIFT_CLASS("_TtC10AmneziaVPN17VPNIPAddressRange")
@interface VPNIPAddressRange : NSObject
- (nonnull instancetype)initWithAddress:(NSString * _Nonnull)address networkPrefixLength:(uint8_t)networkPrefixLength isIpv6:(BOOL)isIpv6 OBJC_DESIGNATED_INITIALIZER;
- (nonnull instancetype)init SWIFT_UNAVAILABLE;
+ (nonnull instancetype)new SWIFT_UNAVAILABLE_MSG("-init is unavailable");
@end
#if __has_attribute(external_source_symbol)
# pragma clang attribute pop
#endif
#pragma clang diagnostic pop
#endif /* AmneziaVPN_Swift_h */

14
client/AmneziaVPN.entitlements
View file

@ -1,14 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.application-groups</key>
<array>
<string>group.org.amnezia.AmneziaVPN</string>
</array>
<key>keychain-access-groups</key>
<array>
<string>$(AppIdentifierPrefix)group.org.amnezia.AmneziaVPN</string>
</array>
</dict>
</plist>

202
client/CMakeLists.txt
View file

@ -1,14 +1,11 @@
cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
set(PROJECT AmneziaVPN)
project(${PROJECT} VERSION 2.1.2)
set(BUILD_ID 1)
SET(QT_BUILD_TOOLS_WHEN_CROSS_COMPILING ON)
project(${PROJECT})
set(QT_BUILD_TOOLS_WHEN_CROSS_COMPILING ON)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
if(${CMAKE_VERSION} VERSION_GREATER_EQUAL 3.17)
cmake_policy(SET CMP0099 OLD)
endif()
if(ANDROID)
# For a some reason cmake do not applying GNU_SOURCE/BSD_SOURCE flags on Android platform.
@ -16,34 +13,43 @@ if(ANDROID)
add_definitions(-D_BSD_SOURCE)
endif()
if(CMAKE_XCODE_BUILD_SYSTEM VERSION_GREATER_EQUAL 12)
cmake_policy(SET CMP0114 NEW)
endif()
set(CMAKE_AUTOMOC ON)
set(CMAKE_AUTORCC ON)
set(CMAKE_AUTOUIC ON)
set_property(GLOBAL PROPERTY USE_FOLDERS ON)
set_property(GLOBAL PROPERTY AUTOGEN_TARGETS_FOLDER "Autogen")
set_property(GLOBAL PROPERTY AUTOMOC_TARGETS_FOLDER "Autogen")
set_property(GLOBAL PROPERTY PREDEFINED_TARGETS_FOLDER "Autogen")
find_package(Qt6 REQUIRED COMPONENTS
set(PACKAGES
Widgets Core Gui Network Xml
RemoteObjects Quick Svg QuickControls2
Core5Compat Concurrent
)
if(IOS)
set(PACKAGES
${PACKAGES}
Multimedia
)
endif()
find_package(Qt6 REQUIRED COMPONENTS ${PACKAGES})
set(LIBS ${LIBS}
Qt6::Widgets Qt6::Core Qt6::Gui
Qt6::Network Qt6::Xml Qt6::RemoteObjects
Qt6::Quick Qt6::Svg Qt6::QuickControls2
Qt6::Core5Compat Qt6::Concurrent
)
if(IOS)
set(LIBS
${LIBS}
Qt6::Multimedia
)
endif()
qt_standard_project_setup()
if(IOS)
execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/scripts/openvpn.sh args
#execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/scripts/run-build-cloak.sh)
execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/ios/scripts/openvpn.sh args
WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
endif()
@ -64,6 +70,8 @@ include_directories(
${CMAKE_CURRENT_BINARY_DIR}
)
configure_file(${CMAKE_CURRENT_LIST_DIR}/../version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h)
set(HEADERS ${HEADERS}
${CMAKE_CURRENT_LIST_DIR}/migrations.h
${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc.h
@ -82,6 +90,7 @@ set(HEADERS ${HEADERS}
${CMAKE_CURRENT_LIST_DIR}/ui/uilogic.h
${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h
${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h
${CMAKE_CURRENT_BINARY_DIR}/version.h
${CMAKE_CURRENT_LIST_DIR}/core/sshclient.h
)
@ -151,6 +160,11 @@ qt6_add_resources(QRC ${QRC} ${CMAKE_CURRENT_LIST_DIR}/resources.qrc)
if(WIN32)
add_compile_definitions(MVPN_WINDOWS)
configure_file(
${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in
${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
)
set(HEADERS ${HEADERS}
${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_windows.h
)
@ -160,7 +174,7 @@ if(WIN32)
)
set(RESOURCES ${RESOURCES}
${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc
${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
)
set(LIBS ${LIBS}
@ -176,6 +190,9 @@ if(WIN32)
endif()
if(APPLE)
cmake_policy(SET CMP0099 OLD)
cmake_policy(SET CMP0114 NEW)
if(NOT BUILD_OSX_APP_IDENTIFIER)
set(BUILD_OSX_APP_IDENTIFIER org.amnezia.AmneziaVPN CACHE STRING "OSX Application identifier")
endif()
@ -193,7 +210,6 @@ if(APPLE)
set(CMAKE_XCODE_ATTRIBUTE_DEVELOPMENT_TEAM ${BUILD_VPN_DEVELOPMENT_TEAM})
set(CMAKE_XCODE_ATTRIBUTE_GROUP_ID_IOS ${BUILD_IOS_GROUP_IDENTIFIER})
#set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/../../build)
if(NOT IOS)
set(CMAKE_OSX_ARCHITECTURES "x86_64" CACHE INTERNAL "" FORCE)
@ -201,9 +217,13 @@ if(APPLE)
set(HEADERS ${HEADERS} ${CMAKE_CURRENT_LIST_DIR}/ui/macos_util.h)
set(SOURCES ${SOURCES} ${CMAKE_CURRENT_LIST_DIR}/ui/macos_util.mm)
set(CMAKE_OSX_DEPLOYMENT_TARGET 13.0)
set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
add_compile_definitions(MVPN_MACOS)
# ICON = $$PWD/images/app.icns
set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns)
set(MACOSX_BUNDLE_ICON_FILE app.icns)
set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources)
set(SOURCES ${SOURCES} ${ICON_FILE})
find_library(FW_COCOA Cocoa)
find_library(FW_APPLICATIONSERVICES ApplicationServices)
@ -221,7 +241,6 @@ if(APPLE)
endif()
endif()
if(LINUX AND NOT ANDROID)
add_compile_definitions(MVPN_LINUX)
@ -304,7 +323,6 @@ if(IOS)
set(HEADERS ${HEADERS}
${CMAKE_CURRENT_LIST_DIR}/protocols/ios_vpnprotocol.h
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/iosnotificationhandler.h
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/json.h
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/bigint.h
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/bigintipv6addr.h
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/ipaddress.h
@ -316,7 +334,6 @@ if(IOS)
set(SOURCES ${SOURCES}
${CMAKE_CURRENT_LIST_DIR}/protocols/ios_vpnprotocol.mm
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/iosnotificationhandler.mm
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/json.cpp
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/iosglue.mm
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/ipaddress.cpp
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/ipaddressrange.cpp
@ -336,9 +353,7 @@ qt_add_translations(${PROJECT} TS_FILES
${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ru.ts)
if(APPLE AND NOT IOS)
set_target_properties(AmneziaVPN PROPERTIES
MACOSX_BUNDLE TRUE
)
set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE)
endif()
if(IOS)
@ -346,32 +361,7 @@ if(IOS)
enable_language(OBJCXX)
enable_language(Swift)
#disable in cicd
include(cmake/osxtools.cmake)
# set(CMAKE_XCODE_GENERATE_TOP_LEVEL_PROJECT_ONLY TRUE)
set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_ENABLE_BITCODE "NO")
set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon")
set_target_properties(${PROJECT} PROPERTIES XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION)
set(CMAKE_XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../Frameworks")
set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_LIST_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos)
#need to change for debug and release
set_target_properties(${PROJECT}
PROPERTIES XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "org.amnezia.${PROJECT}"
XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1"
XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution"
)
set_target_properties(${PROJECT}
PROPERTIES XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "org.amnezia.${PROJECT}"
XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1"
XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
)
set(LIBS ${LIBS}
${CMAKE_CURRENT_LIST_DIR}/3rd/OpenSSL/lib/ios/iphone/libcrypto.a
@ -380,32 +370,57 @@ if(IOS)
target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
set_target_properties(${PROJECT} PROPERTIES
XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_LIST_DIR}/ios/app/Info.plist.in
MACOSX_BUNDLE_ICON_FILE "AppIcon"
MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
MACOSX_BUNDLE_GUI_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}"
MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_LIST_DIR}/ios/app/main.entitlements"
XCODE_ATTRIBUTE_MARKETING_VERSION "${APPLE_PROJECT_VERSION}"
XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPN"
XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN"
XCODE_GENERATE_SCHEME TRUE
XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY ON
XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/Frameworks"
XCODE_EMBED_APP_EXTENSIONS networkextension
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution"
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN"
XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN"
)
set_target_properties(${PROJECT} PROPERTIES
XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
XCODE_ATTRIBUTE_SWIFT_OBJC_BRIDGING_HEADER "${CMAKE_CURRENT_LIST_DIR}/platforms/ios/WireGuard-Bridging-Header.h"
XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
XCODE_ATTRIBUTE_SWIFT_OPTIMIZATION_LEVEL "-Onone"
XCODE_ATTRIBUTE_SWIFT_OBJC_INTERFACE_HEADER_NAME "AmneziaVPN-Swift.h"
)
set_target_properties(${PROJECT} PROPERTIES
OUTPUT_NAME "AmneziaVPN"
MACOSX_BUNDLE ON
MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_LIST_DIR}/ios/app/Info.plist.in
MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
MACOSX_BUNDLE_BUNDLE_VERSION "${BUILD_ID}"
MACOSX_BUNDLE_COPYRIGHT "MPL-2.0"
MACOSX_BUNDLE_GUI_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
MACOSX_BUNDLE_LONG_VERSION_STRING "${CMAKE_PROJECT_VERSION}-${BUILD_ID}"
MACOSX_BUNDLE_SHORT_VERSION_STRING "${CMAKE_PROJECT_VERSION}"
XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_LIST_DIR}/ios/app/main.entitlements"
XCODE_ATTRIBUTE_MARKETING_VERSION "${CMAKE_PROJECT_VERSION}"
XCODE_GENERATE_SCHEME TRUE
MACOSX_BUNDLE_ICON_FILE "AppIcon"
XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
)
target_include_directories(${PROJECT} PRIVATE ${CMAKE_CURRENT_LIST_DIR})
@ -415,8 +430,10 @@ if(IOS)
-DVPN_NE_BUNDLEID=\"${BUILD_IOS_APP_IDENTIFIER}.network-extension\"
)
target_sources(${PROJECT} PRIVATE
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/iosvpnprotocol.swift
${CMAKE_CURRENT_LIST_DIR}/platforms/ios/ioslogger.swift
${CMAKE_CURRENT_LIST_DIR}/3rd/wireguard-apple/Sources/Shared/Keychain.swift
${CMAKE_CURRENT_LIST_DIR}/3rd/wireguard-apple/Sources/WireGuardKit/IPAddressRange.swift
${CMAKE_CURRENT_LIST_DIR}/3rd/wireguard-apple/Sources/WireGuardKit/InterfaceConfiguration.swift
@ -433,61 +450,29 @@ if(IOS)
${CMAKE_CURRENT_LIST_DIR}/3rd/wireguard-apple/Sources/WireGuardKit/PrivateKey.swift
)
target_sources(${PROJECT} PRIVATE
platforms/ios/iosvpnprotocol.swift
platforms/ios/ioslogger.swift
)
target_sources(${PROJECT} PRIVATE
${CMAKE_CURRENT_LIST_DIR}/ios/app/launch.png
${CMAKE_CURRENT_LIST_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
${CMAKE_CURRENT_LIST_DIR}/ios/Media.xcassets
)
set_source_files_properties(
${CMAKE_CURRENT_LIST_DIR}/ios/app/launch.png
${CMAKE_CURRENT_LIST_DIR}/ios/app/AmneziaVPNLaunchScreen.storyboard
${CMAKE_CURRENT_LIST_DIR}/ios/Media.xcassets
PROPERTIES MACOSX_PACKAGE_LOCATION "Resources"
)
target_sources(${PROJECT} PRIVATE
${CMAKE_CURRENT_LIST_DIR}/ios/Media.xcassets
)
set_source_files_properties(
${CMAKE_CURRENT_LIST_DIR}/ios/Media.xcassets
PROPERTIES MACOSX_PACKAGE_LOCATION "Resources"
)
add_subdirectory(ios/networkextension)
add_dependencies(${PROJECT} networkextension)
set_target_properties(${PROJECT} PROPERTIES XCODE_EMBED_APP_EXTENSIONS networkextension)
set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS
"${CMAKE_CURRENT_LIST_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework"
)
set_target_properties(${PROJECT} PROPERTIES XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY ON)
set_target_properties(${PROJECT} PROPERTIES XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION)
set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_LIST_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos)
target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_LIST_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework")
set_target_properties("networkextension"
PROPERTIES XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "org.amnezia.${PROJECT}.network-extension"
XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1"
XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution"
)
set_target_properties("networkextension"
PROPERTIES XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "org.amnezia.${PROJECT}.network-extension"
XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1"
XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
)
set_target_properties (${PROJECT} PROPERTIES XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual)
set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN")
set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN")
set_target_properties("networkextension" PROPERTIES XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual)
set_target_properties("networkextension" PROPERTIES XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN.network-extension")
set_target_properties("networkextension" PROPERTIES XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN.network-extension")
endif()
if(ANDROID)
@ -514,7 +499,6 @@ if(ANDROID)
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/AmneziaApp.kt
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/PackageManagerHelper.java
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/VPNActivity.kt
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/VPNApplication.java
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/VPNClientBinder.kt
${CMAKE_CURRENT_LIST_DIR}/android/src/org/amnezia/vpn/qt/VPNPermissionHelper.kt
${CMAKE_CURRENT_BINARY_DIR}
@ -537,12 +521,6 @@ if(ANDROID)
${CMAKE_CURRENT_LIST_DIR}/android/lib/wireguard/${abi}/libwg.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/wireguard/${abi}/libwg-go.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/wireguard/${abi}/libwg-quick.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/openvpn/${abi}/libjbcrypto.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/openvpn/${abi}/libopenvpn.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/openvpn/${abi}/libopvpnutil.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/openvpn/${abi}/libovpn3.so
${CMAKE_CURRENT_LIST_DIR}/android/lib/openvpn/${abi}/libovpnexec.so
)
endforeach()
@ -588,5 +566,5 @@ if(WIN32)
)
endif()
if(IOS)
#include(cmake/ios-arch-fixup.cmake)
include(cmake/ios-arch-fixup.cmake)
endif()

24
client/Info.plist
View file

@ -1,24 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleExecutable</key>
<string>${EXECUTABLE_NAME}</string>
<key>CFBundleIconFile</key>
<string>${ASSETCATALOG_COMPILER_APPICON_NAME}</string>
<key>CFBundleIdentifier</key>
<string>${PRODUCT_BUNDLE_IDENTIFIER}</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleSignature</key>
<string>${QMAKE_PKGINFO_TYPEINFO}</string>
<key>LSMinimumSystemVersion</key>
<string>${MACOSX_DEPLOYMENT_TARGET}</string>
<key>NOTE</key>
<string>This file was generated by Qt/QMake.</string>
<key>NSPrincipalClass</key>
<string>NSApplication</string>
<key>NSSupportsAutomaticGraphicsSwitching</key>
<true/>
</dict>
</plist>

29
client/WireGuard-Bridging-Header.h
View file

@ -1,29 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "wireguard-go-version.h"
#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h"
#include <stdbool.h>
#include <stdint.h>
#define WG_KEY_LEN (32)
#define WG_KEY_LEN_BASE64 (45)
#define WG_KEY_LEN_HEX (65)
void key_to_base64(char base64[WG_KEY_LEN_BASE64],
const uint8_t key[WG_KEY_LEN]);
bool key_from_base64(uint8_t key[WG_KEY_LEN], const char* base64);
void key_to_hex(char hex[WG_KEY_LEN_HEX], const uint8_t key[WG_KEY_LEN]);
bool key_from_hex(uint8_t key[WG_KEY_LEN], const char* hex);
bool key_eq(const uint8_t key1[WG_KEY_LEN], const uint8_t key2[WG_KEY_LEN]);
void write_msg_to_log(const char* tag, const char* msg);
#import "TargetConditionals.h"
#if TARGET_OS_OSX
# include <libproc.h>
#endif

48
client/amnezia_application.cpp
View file

@ -1,13 +1,18 @@
#include "amnezia_application.h"
#include <QClipboard>
#include <QFontDatabase>
#include <QQuickStyle>
#include <QMimeData>
#include <QStandardPaths>
#include <QTextDocument>
#include <QTimer>
#include <QTranslator>
#include <QQuickStyle>
#include "defines.h"
#include "core/servercontroller.h"
#include "logger.h"
#include "version.h"
#include "platforms/ios/QRCodeReaderBase.h"
@ -28,7 +33,7 @@ AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecond
setQuitOnLastWindowClosed(false);
// Fix config file permissions
#ifdef Q_OS_LINUX
#ifdef Q_OS_LINUX && !defined(Q_OS_ANDROID)
{
QSettings s(ORGANIZATION_NAME, APPLICATION_NAME);
s.setValue("permFixed", true);
@ -41,7 +46,6 @@ AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecond
QString configLoc2 = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/"
+ ORGANIZATION_NAME + "/" + APPLICATION_NAME + "/" + APPLICATION_NAME + ".conf";
QFile::setPermissions(configLoc2, QFileDevice::ReadOwner | QFileDevice::WriteOwner);
#endif
m_settings = std::shared_ptr<Settings>(new Settings);
@ -126,16 +130,32 @@ void AmneziaApplication::init()
// m_uiLogic->showOnStartup();
// #endif
// // TODO - fix
// #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
// if (isPrimary()) {
// QObject::connect(this, &SingleApplication::instanceStarted, m_uiLogic, [this](){
// qDebug() << "Secondary instance started, showing this window instead";
// emit m_uiLogic->show();
// emit m_uiLogic->raise();
// });
// }
// #endif
#endif
// TODO - fix
#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
if (isPrimary()) {
QObject::connect(this, &SingleApplication::instanceStarted, m_uiLogic, [this](){
qDebug() << "Secondary instance started, showing this window instead";
emit m_uiLogic->show();
emit m_uiLogic->raise();
});
}
#endif
// Android TextField clipboard workaround
// https://bugreports.qt.io/browse/QTBUG-113461
#ifdef Q_OS_ANDROID
QObject::connect(qApp, &QApplication::applicationStateChanged, [](Qt::ApplicationState state) {
if (state == Qt::ApplicationActive) {
if (qApp->clipboard()->mimeData()->formats().contains("text/html")) {
QTextDocument doc;
doc.setHtml(qApp->clipboard()->mimeData()->html());
qApp->clipboard()->setText(doc.toPlainText());
}
}
});
#endif
}
void AmneziaApplication::registerTypes()

32
client/android/build.gradle
View file

@ -11,6 +11,8 @@ buildscript {
streamsupportVersion = '1.7.0'
threetenabpVersion = '1.1.1'
groupName = 'org.amnezia.vpn'
minSdkVer = '24'
cmakeMinVersion = "3.25.0+"
}
repositories {
@ -36,9 +38,8 @@ apply plugin: 'kotlin-kapt'
dependencies {
implementation fileTree(dir: 'libs', include: ['*.jar', '*.aar'])
implementation group: 'org.json', name: 'json', version: '20220924'
implementation 'androidx.core:core-ktx:1.7.0'
implementation 'androidx.appcompat:appcompat:1.4.1'
implementation "androidx.security:security-crypto:1.1.0-alpha03"
@ -135,9 +136,9 @@ android {
defaultConfig {
resConfig "en"
minSdkVersion = 24
targetSdkVersion = 31
versionCode 10 // Change to a higher number
versionName "2.0.10" // Change to a higher number
targetSdkVersion = 34
versionCode 22 // Change to a higher number
versionName "3.0.7" // Change to a higher number
javaCompileOptions.annotationProcessorOptions.arguments = [
"room.schemaLocation": "${qtAndroidDir}/schemas".toString()
@ -150,7 +151,10 @@ android {
minifyEnabled false
externalNativeBuild {
cmake {
arguments "-DANDROID_PACKAGE_NAME=${groupName}", "-DGRADLE_USER_HOME=${project.gradle.gradleUserHomeDir}"
version cmakeMinVersion
arguments "-DANDROID_PACKAGE_NAME=${groupName}",
"-DGRADLE_USER_HOME=${project.gradle.gradleUserHomeDir}",
"-DANDROID_PLATFORM=${minSdkVer}"
}
}
}
@ -160,7 +164,10 @@ android {
minifyEnabled false
externalNativeBuild {
cmake {
arguments "-DANDROID_PACKAGE_NAME=${groupName}", "-DGRADLE_USER_HOME=${project.gradle.gradleUserHomeDir}"
version cmakeMinVersion
arguments "-DANDROID_PACKAGE_NAME=${groupName}",
"-DGRADLE_USER_HOME=${project.gradle.gradleUserHomeDir}",
"-DANDROID_PLATFORM=${minSdkVer}"
}
}
}
@ -172,11 +179,12 @@ android {
// }
// }
// externalNativeBuild {
// cmake {
// path 'openvpn/src/main/cpp/CMakeLists.txt'
// }
// }
externalNativeBuild {
cmake {
version cmakeMinVersion
path "${projectDir}/cpp/CMakeLists.txt"
}
}
}

267
client/android/cpp/CMakeLists.txt Normal file
View file

@ -0,0 +1,267 @@
cmake_minimum_required(VERSION 3.4.1)
project(AmneziaVPN)
# Git version string
include(GetGitRevisionDescription.cmake)
git_describe(OPENVPN2_GIT "${CMAKE_CURRENT_SOURCE_DIR}/openvpn" "--tags" "--always" "--long")
git_describe(OPENVPN3_GIT "${CMAKE_CURRENT_SOURCE_DIR}/openvpn3" "--tags" "--always" "--long")
message("OpenVPN 2.x version ${OPENVPN2_GIT}")
message("OpenVPN 3.x version ${OPENVPN3_GIT}")
# Set mbedtls options
OPTION(ENABLE_PROGRAMS "" OFF)
OPTION(USE_SHARED_MBEDTLS_LIBRARY "" OFF)
OPTION(ENABLE_TESTING "" OFF)
# Own options
OPTION(OPENVPN2MBED "Use mbed TLS for OpenVPN2" OFF)
OPTION(OPENVPN3OSSL "Use OpenSSL for OpenVPN3" ON)
SET(OPENVPN2MBED OFF)
SET(OPENVPN3OSSL ON)
# STATIC or SHARED
SET(SSLLIBTYPE STATIC)
SET(OPENSSL_PATH "openssl")
set(CMAKE_CXX_STANDARD 17)
#add_subdirectory(lzo)
include(tools.cmake)
include(lzo.cmake)
include(lz4.cmake)
include(openssl/openssl.cmake)
include(cloak.cmake)
if(NOT ${OPENVPN3OSSL} OR ${OPENVPN2MBED})
add_subdirectory(mbedtls)
endif()
FIND_PACKAGE(SWIG 3.0 REQUIRED)
add_custom_command(OUTPUT "ovpncli_wrap.cxx"
COMMAND ${CMAKE_COMMAND} -E make_directory ovpn3
COMMAND ${SWIG_EXECUTABLE} -outdir ovpn3
-c++
-java -package net.openvpn.ovpn3
-outcurrentdir
-DOPENVPN_PLATFORM_ANDROID
-I${CMAKE_CURRENT_SOURCE_DIR}/openvpn3/client
-I${CMAKE_CURRENT_SOURCE_DIR}/openvpn3
${CMAKE_CURRENT_SOURCE_DIR}/openvpn3/client/ovpncli.i)
link_directories(${CMAKE_CURRENT_SOURCE_DIR}/cloak/${ANDROID_ABI}/)
message("${CMAKE_CURRENT_SOURCE_DIR}/cloak/${ANDROID_ABI}/"})
set(ovpn3_SRCS
openvpn3/client/ovpncli.cpp
openvpn3/openvpn/openssl/xkey/xkey_provider.c
openvpn3/openvpn/openssl/xkey/xkey_helper.c
ovpncli_wrap.cxx)
add_library(ovpn3 SHARED ${ovpn3_SRCS})
target_include_directories(ovpn3 PUBLIC
${CMAKE_CURRENT_SOURCE_DIR}/lzo/include
${CMAKE_CURRENT_SOURCE_DIR}/openvpn3
${CMAKE_CURRENT_SOURCE_DIR}/asio/asio/include
${CMAKE_CURRENT_SOURCE_DIR}/openvpn3/client
${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/include
)
if (${OPENVPN3OSSL})
target_compile_definitions(ovpn3 PRIVATE
-DUSE_OPENSSL
)
target_link_libraries(ovpn3 crypto ssl lzo lz4 libck-ovpn-plugin)
else ()
target_compile_definitions(ovpn3 PRIVATE
-DUSE_MBEDTLS
)
target_link_libraries(ovpn3 mbedtls mbedx509 mbedcrypto lzo lz4)
endif ()
target_compile_definitions(ovpn3 PRIVATE
-DHAVE_CONFIG_H
-DHAVE_LZO
-DHAVE_LZ4
-DASIO_STANDALONE
-DUSE_ASIO
-DGIT_VERSION_STRING=\"${OPENVPN3_GIT}\"
-DOPENVPN_SHOW_SESSION_TOKEN
-DOPENSSL_API_COMPAT=0x10200000L
-DOPENVPN_ALLOW_INSECURE_CERTPROFILE
-DENABLE_EXTERNAL_PKI
)
#else ()
# message("Not budiling OpenVPN for output dir ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}")
#endif ()
add_library(ovpnutil SHARED ovpnutil/jniglue.c)
target_compile_definitions(ovpnutil PRIVATE -DTARGET_ARCH_ABI=\"${ANDROID_ABI}\"
-DOPENVPN2_GIT_REVISION=\"${OPENVPN2_GIT}\"
-DOPENVPN3_GIT_REVISION=\"${OPENVPN3_GIT}\"
)
target_link_libraries(ovpnutil log)
add_library(rsapss SHARED ovpnutil/rsapss.cpp)
target_link_libraries(rsapss log crypto ssl)
if (NOT ${CMAKE_LIBRARY_OUTPUT_DIRECTORY} MATCHES "build/intermediates/cmake/.*skeleton.*/")
add_library(osslspeedtest SHARED ovpnutil/sslspeed.c)
target_link_libraries(osslspeedtest log crypto ssl)
else ()
message("Not budiling SSLSpeedTest for output dir ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}")
endif ()
set(openvpn_srcs
src/compat/compat-basename.c
src/compat/compat-daemon.c
src/compat/compat-dirname.c
src/compat/compat-gettimeofday.c
src/openvpn/argv.c
src/openvpn/auth_token.c
src/openvpn/base64.c
src/openvpn/buffer.c
src/openvpn/clinat.c
src/openvpn/console.c
src/openvpn/console_builtin.c
src/openvpn/crypto.c
src/openvpn/crypto_openssl.c
src/openvpn/crypto_mbedtls.c
src/openvpn/cryptoapi.c
src/openvpn/dhcp.c
src/openvpn/dns.c
src/openvpn/dns.h
src/openvpn/error.c
src/openvpn/event.c
src/openvpn/env_set.c
src/openvpn/fdmisc.c
src/openvpn/forward.c
src/openvpn/fragment.c
src/openvpn/gremlin.c
src/openvpn/helper.c
src/openvpn/httpdigest.c
src/openvpn/init.c
src/openvpn/interval.c
src/openvpn/list.c
src/openvpn/lladdr.c
src/openvpn/lzo.c
src/openvpn/manage.c
src/openvpn/mbuf.c
src/openvpn/misc.c
src/openvpn/mroute.c
src/openvpn/mss.c
src/openvpn/mstats.c
src/openvpn/mtcp.c
src/openvpn/mtu.c
src/openvpn/mudp.c
src/openvpn/multi.c
src/openvpn/ntlm.c
src/openvpn/occ.c
src/openvpn/openvpn.c
src/openvpn/options.c
src/openvpn/options_util.c
src/openvpn/otime.c
src/openvpn/packet_id.c
src/openvpn/perf.c
src/openvpn/ping.c
src/openvpn/pkcs11.c
src/openvpn/pkcs11_openssl.c
src/openvpn/platform.c
src/openvpn/plugin.c
src/openvpn/pool.c
src/openvpn/proto.c
src/openvpn/proxy.c
src/openvpn/ps.c
src/openvpn/push.c
src/openvpn/reliable.c
src/openvpn/route.c
src/openvpn/run_command.c
src/openvpn/schedule.c
src/openvpn/session_id.c
src/openvpn/shaper.c
src/openvpn/sig.c
src/openvpn/socket.c
src/openvpn/socks.c
src/openvpn/ssl.c
src/openvpn/ssl_openssl.c
src/openvpn/ssl_mbedtls.c
src/openvpn/ssl_ncp.c
src/openvpn/ssl_pkt.c
src/openvpn/ssl_pkt.h
src/openvpn/ssl_util.c
src/openvpn/ssl_verify.c
src/openvpn/ssl_verify_openssl.c
src/openvpn/ssl_verify_mbedtls.c
src/openvpn/status.c
src/openvpn/tls_crypt.c
src/openvpn/tun.c
src/openvpn/vlan.c
src/openvpn/xkey_helper.c
src/openvpn/xkey_provider.c
src/openvpn/comp-lz4.c
src/openvpn/comp.c
src/openvpn/compstub.c
)
PREPEND(openvpn_srcs_with_path "openvpn" ${openvpn_srcs})
add_library(openvpn SHARED ${openvpn_srcs_with_path})
target_include_directories(openvpn PRIVATE
openvpn-config
openvpn/src/compat
openvpn/include
mbedtls/include
lzo/include
openvpn
)
target_compile_definitions(openvpn PRIVATE
-DHAVE_CONFIG_H
-DCONFIGURE_GIT_REVISION=\"${OPENVPN2_GIT}\"
-DCONFIGURE_GIT_FLAGS=\"\"
-DTARGET_ABI=\"${ANDROID_ABI}\"
-DOPENSSL_API_COMPAT=0x11000000L
)
if (${OPENVPN2MBED})
target_compile_definitions(openvpn PRIVATE
-DENABLE_CRYPTO_MBEDTLS=1
)
target_link_libraries(openvpn mbedtls mbedx509 mbedcrypto lzo lz4)
else ()
target_compile_definitions(openvpn PRIVATE
-DENABLE_CRYPTO_OPENSSL=1
)
target_link_libraries(openvpn crypto ssl lzo lz4)
endif ()
add_executable(libovpnexec.so minivpn/minivpn.c)
target_compile_options(libovpnexec.so PRIVATE -fPIE)
target_link_libraries(libovpnexec.so PRIVATE openvpn -fPIE -pie)
add_executable(pie_openvpn.${ANDROID_ABI} minivpn/minivpn.c)
target_compile_options(pie_openvpn.${ANDROID_ABI} PRIVATE -fPIE)
target_link_libraries(pie_openvpn.${ANDROID_ABI} PRIVATE openvpn -fPIE -pie)
# Hack to copy OpenVPN binaries to assets directory
SET(OVPN_ASSET_DIR ${CMAKE_SOURCE_DIR}/../../../build/ovpnassets)
add_custom_target(makeassetdir ALL
COMMAND ${CMAKE_COMMAND} -E make_directory ${OVPN_ASSET_DIR})
add_custom_command(TARGET pie_openvpn.${ANDROID_ABI} POST_BUILD
COMMAND
${CMAKE_COMMAND} -E copy
$<TARGET_FILE:pie_openvpn.${ANDROID_ABI}>
${OVPN_ASSET_DIR}
)
# Hack that these targets are really executed
add_dependencies(ovpnutil pie_openvpn.${ANDROID_ABI})
add_dependencies(pie_openvpn.${ANDROID_ABI} makeassetdir)

169
client/android/cpp/GetGitRevisionDescription.cmake Normal file
View file

@ -0,0 +1,169 @@
# From https://raw.githubusercontent.com/rpavlik/cmake-modules/master/GetGitRevisionDescription.cmake.in
# - Returns a version string from Git
#
# These functions force a re-configure on each git commit so that you can
# trust the values of the variables in your build system.
#
# get_git_head_revision(<refspecvar> <hashvar> [<additional arguments to git describe> ...])
#
# Returns the refspec and sha hash of the current head revision
#
# git_describe(<var> [<additional arguments to git describe> ...])
#
# Returns the results of git describe on the source tree, and adjusting
# the output so that it tests false if an error occurs.
#
# git_get_exact_tag(<var> [<additional arguments to git describe> ...])
#
# Returns the results of git describe --exact-match on the source tree,
# and adjusting the output so that it tests false if there was no exact
# matching tag.
#
# git_local_changes(<var>)
#
# Returns either "CLEAN" or "DIRTY" with respect to uncommitted changes.
# Uses the return code of "git diff-index --quiet HEAD --".
# Does not regard untracked files.
#
# Requires CMake 2.6 or newer (uses the 'function' command)
#
# Original Author:
# 2009-2010 Ryan Pavlik <rpavlik@iastate.edu> <abiryan@ryand.net>
# http://academic.cleardefinition.com
# Iowa State University HCI Graduate Program/VRAC
#
# Copyright Iowa State University 2009-2010.
# Distributed under the Boost Software License, Version 1.0.
# (See accompanying file LICENSE_1_0.txt or copy at
# http://www.boost.org/LICENSE_1_0.txt)
if(__get_git_revision_description)
return()
endif()
set(__get_git_revision_description YES)
# We must run the following at "include" time, not at function call time,
# to find the path to this module rather than the path to a calling list file
get_filename_component(_gitdescmoddir ${CMAKE_CURRENT_LIST_FILE} PATH)
function(get_git_head_revision _refspecvar _hashvar path)
set(GIT_PARENT_DIR "${path}")
set(GIT_DIR "${GIT_PARENT_DIR}/.git")
while(NOT EXISTS "${GIT_DIR}") # .git dir not found, search parent directories
set(GIT_PREVIOUS_PARENT "${GIT_PARENT_DIR}")
get_filename_component(GIT_PARENT_DIR ${GIT_PARENT_DIR} PATH)
if(GIT_PARENT_DIR STREQUAL GIT_PREVIOUS_PARENT)
# We have reached the root directory, we are not in git
set(${_refspecvar} "GITDIR-NOTFOUND" PARENT_SCOPE)
set(${_hashvar} "GITDIR-NOTFOUND" PARENT_SCOPE)
return()
endif()
set(GIT_DIR "${GIT_PARENT_DIR}/.git")
endwhile()
# check if this is a submodule
if(NOT IS_DIRECTORY ${GIT_DIR})
file(READ ${GIT_DIR} submodule)
string(REGEX REPLACE "gitdir: (.*)\n$" "\\1" GIT_DIR_RELATIVE ${submodule})
get_filename_component(SUBMODULE_DIR ${GIT_DIR} PATH)
get_filename_component(GIT_DIR ${SUBMODULE_DIR}/${GIT_DIR_RELATIVE} ABSOLUTE)
endif()
set(GIT_DATA "${CMAKE_CURRENT_BINARY_DIR}/CMakeFiles/git-data")
if(NOT EXISTS "${GIT_DATA}")
file(MAKE_DIRECTORY "${GIT_DATA}")
endif()
if(NOT EXISTS "${GIT_DIR}/HEAD")
return()
endif()
set(HEAD_FILE "${GIT_DATA}/HEAD")
configure_file("${GIT_DIR}/HEAD" "${HEAD_FILE}" COPYONLY)
configure_file("${_gitdescmoddir}/GetGitRevisionDescription.cmake.in"
"${GIT_DATA}/grabRef.cmake"
@ONLY)
include("${GIT_DATA}/grabRef.cmake")
set(${_refspecvar} "${HEAD_REF}" PARENT_SCOPE)
set(${_hashvar} "${HEAD_HASH}" PARENT_SCOPE)
endfunction()
function(git_describe _var path)
if(NOT GIT_FOUND)
find_package(Git QUIET)
endif()
get_git_head_revision(refspec hash ${path})
if(NOT GIT_FOUND)
set(${_var} "GIT-NOTFOUND" PARENT_SCOPE)
return()
endif()
if(NOT hash)
set(${_var} "HEAD-HASH-NOTFOUND" PARENT_SCOPE)
return()
endif()
# TODO sanitize
#if((${ARGN}" MATCHES "&&") OR
# (ARGN MATCHES "||") OR
# (ARGN MATCHES "\\;"))
# message("Please report the following error to the project!")
# message(FATAL_ERROR "Looks like someone's doing something nefarious with git_describe! Passed arguments ${ARGN}")
#endif()
#message(STATUS "Arguments to execute_process: ${ARGN}")
execute_process(COMMAND
"${GIT_EXECUTABLE}"
describe
${hash}
${ARGN}
WORKING_DIRECTORY
${path}
RESULT_VARIABLE
res
OUTPUT_VARIABLE
out
ERROR_QUIET
OUTPUT_STRIP_TRAILING_WHITESPACE)
if(NOT res EQUAL 0)
set(out "${out}-${res}-NOTFOUND")
endif()
set(${_var} "${out}" PARENT_SCOPE)
endfunction()
function(git_get_exact_tag _var path)
git_describe(out ${path} --exact-match ${ARGN})
set(${_var} "${out}" PARENT_SCOPE)
endfunction()
function(git_local_changes _var path)
if(NOT GIT_FOUND)
find_package(Git QUIET)
endif()
get_git_head_revision(refspec hash path)
if(NOT GIT_FOUND)
set(${_var} "GIT-NOTFOUND" PARENT_SCOPE)
return()
endif()
if(NOT hash)
set(${_var} "HEAD-HASH-NOTFOUND" PARENT_SCOPE)
return()
endif()
execute_process(COMMAND
"${GIT_EXECUTABLE}"
diff-index --quiet HEAD --
WORKING_DIRECTORY
${path}
RESULT_VARIABLE
res
OUTPUT_VARIABLE
out
ERROR_QUIET
OUTPUT_STRIP_TRAILING_WHITESPACE)
if(res EQUAL 0)
set(${_var} "CLEAN" PARENT_SCOPE)
else()
set(${_var} "DIRTY" PARENT_SCOPE)
endif()
endfunction()

42
client/android/cpp/GetGitRevisionDescription.cmake.in Normal file
View file

@ -0,0 +1,42 @@
# From https://raw.githubusercontent.com/rpavlik/cmake-modules/master/GetGitRevisionDescription.cmake.in
#
# Internal file for GetGitRevisionDescription.cmake
#
# Requires CMake 2.6 or newer (uses the 'function' command)
#
# Original Author:
# 2009-2010 Ryan Pavlik <rpavlik@iastate.edu> <abiryan@ryand.net>
# http://academic.cleardefinition.com
# Iowa State University HCI Graduate Program/VRAC
#
# Copyright Iowa State University 2009-2010.
# Distributed under the Boost Software License, Version 1.0.
# (See accompanying file LICENSE_1_0.txt or copy at
# http://www.boost.org/LICENSE_1_0.txt)
set(HEAD_HASH)
file(READ "@HEAD_FILE@" HEAD_CONTENTS LIMIT 1024)
string(STRIP "${HEAD_CONTENTS}" HEAD_CONTENTS)
if(HEAD_CONTENTS MATCHES "ref")
# named branch
string(REPLACE "ref: " "" HEAD_REF "${HEAD_CONTENTS}")
if(EXISTS "@GIT_DIR@/${HEAD_REF}")
configure_file("@GIT_DIR@/${HEAD_REF}" "@GIT_DATA@/head-ref" COPYONLY)
else()
configure_file("@GIT_DIR@/packed-refs" "@GIT_DATA@/packed-refs" COPYONLY)
file(READ "@GIT_DATA@/packed-refs" PACKED_REFS)
if(${PACKED_REFS} MATCHES "([0-9a-z]*) ${HEAD_REF}")
set(HEAD_HASH "${CMAKE_MATCH_1}")
endif()
endif()
else()
# detached HEAD
configure_file("@GIT_DIR@/HEAD" "@GIT_DATA@/head-ref" COPYONLY)
endif()
if(NOT HEAD_HASH)
file(READ "@GIT_DATA@/head-ref" HEAD_HASH LIMIT 1024)
string(STRIP "${HEAD_HASH}" HEAD_HASH)
endif()

1
client/android/cpp/asio Submodule

@ -0,0 +1 @@
Subproject commit 4915cfd8a1653c157a1480162ae5601318553eb8

1
client/android/cpp/cloak Submodule

@ -0,0 +1 @@
Subproject commit 28890e1c69e0b02b052fe6e438f5c3642137ab7a

50
client/android/cpp/cloak.cmake Normal file
View file

@ -0,0 +1,50 @@
cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
set(TARGET ck_ovpn_plugin_go)
set(CLOAK_SRCS cloak/cmd/ck-ovpn-plugin/ck-ovpn-plugin.go)
set(CLOAK_LIB libck-ovpn-plugin.so)
list(APPEND CMAKE_PROGRAM_PATH "/usr/local/go/bin")
find_program(GO_EXEC go)
set(BUILD_CMD_ARGS build)
list(APPEND BUILD_CMD_ARGS -buildmode=c-shared -o ${CMAKE_CURRENT_BINARY_DIR}/${CLOAK_LIB} ${CMAKE_GO_FLAGS} ./...)
set(PREPARE_ENV_ARGS env)
list(APPEND PREPARE_ENV_ARGS -w CGO_ENABLED=1 GOOS=android)
string(REGEX MATCH "[0-9]+$" ANDROID_API_LEVEL ${ANDROID_PLATFORM})
message(WARNING "build cloak plugin abi=${ANDROID_ABI}, ANDROID_API_LEVEL=${ANDROID_API_LEVEL}")
if ("${ANDROID_ABI}" STREQUAL "x86")
list(APPEND PREPARE_ENV_ARGS GOARCH=386)
list(APPEND PREPARE_ENV_ARGS CC=${ANDROID_TOOLCHAIN_ROOT}/bin/i686-linux-android${ANDROID_API_LEVEL}-clang)
elseif ("${ANDROID_ABI}" STREQUAL "x86_64")
list(APPEND PREPARE_ENV_ARGS GOARCH=amd64)
list(APPEND PREPARE_ENV_ARGS CC=${ANDROID_TOOLCHAIN_ROOT}/bin/x86_64-linux-android${ANDROID_API_LEVEL}-clang)
elseif ("${ANDROID_ABI}" STREQUAL "arm64-v8a")
list(APPEND PREPARE_ENV_ARGS GOARCH=arm64)
list(APPEND PREPARE_ENV_ARGS CC=${ANDROID_TOOLCHAIN_ROOT}/bin/aarch64-linux-android${ANDROID_API_LEVEL}-clang)
elseif ("${ANDROID_ABI}" STREQUAL "armeabi-v7a")
list(APPEND PREPARE_ENV_ARGS GOARCH=arm)
list(APPEND PREPARE_ENV_ARGS GOARM=7)
list(APPEND PREPARE_ENV_ARGS CC=${ANDROID_TOOLCHAIN_ROOT}/bin/armv7a-linux-androideabi${ANDROID_API_LEVEL}-clang)
endif ()
add_custom_command(
OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${CLOAK_LIB}
DEPENDS ${CLOAK_SRCS}
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/cloak/cmd/ck-ovpn-plugin
COMMAND ${GO_EXEC} ${PREPARE_ENV_ARGS}
COMMAND ${GO_EXEC} ${BUILD_CMD_ARGS}
COMMENT "Building Go library")
add_custom_target(${TARGET} DEPENDS ${CLOAK_LIB} ${HEADER})
add_library(libck-ovpn-plugin STATIC IMPORTED GLOBAL)
add_dependencies(libck-ovpn-plugin ${TARGET})
set_target_properties(libck-ovpn-plugin
PROPERTIES
IMPORTED_LOCATION ${CMAKE_CURRENT_BINARY_DIR}/${CLOAK_LIB}
INTERFACE_INCLUDE_DIRECTORIES ${CMAKE_CURRENT_BINARY_DIR})

1
client/android/cpp/lz4 Submodule

@ -0,0 +1 @@
Subproject commit d44371841a2f1728a3f36839fd4b7e872d0927d3

7
client/android/cpp/lz4.cmake Normal file
View file

@ -0,0 +1,7 @@
set(lz4_srcs
lz4.c
)
PREPEND(lz4_src_with_path "lz4/lib/" ${lz4_srcs})
add_library(lz4 ${lz4_src_with_path})
target_include_directories(lz4 PUBLIC "${CMAKE_CURRENT_SOURCE_DIR}/lz4/lib")

1
client/android/cpp/lzo Submodule

@ -0,0 +1 @@
Subproject commit 5754571c8968245f77cf180da872f8f52fe52a40

78
client/android/cpp/lzo.cmake Normal file
View file

@ -0,0 +1,78 @@
# Lzo's own cmake is rather throublesome
set(lzo_srcs
lzo1.c
lzo1_99.c
lzo1a.c
lzo1a_99.c
lzo1b_1.c
lzo1b_2.c
lzo1b_3.c
lzo1b_4.c
lzo1b_5.c
lzo1b_6.c
lzo1b_7.c
lzo1b_8.c
lzo1b_9.c
lzo1b_99.c
lzo1b_9x.c
lzo1b_cc.c
lzo1b_d1.c
lzo1b_d2.c
lzo1b_rr.c
lzo1b_xx.c
lzo1c_1.c
lzo1c_2.c
lzo1c_3.c
lzo1c_4.c
lzo1c_5.c
lzo1c_6.c
lzo1c_7.c
lzo1c_8.c
lzo1c_9.c
lzo1c_99.c
lzo1c_9x.c
lzo1c_cc.c
lzo1c_d1.c
lzo1c_d2.c
lzo1c_rr.c
lzo1c_xx.c
lzo1f_1.c
lzo1f_9x.c
lzo1f_d1.c
lzo1f_d2.c
lzo1x_1.c
lzo1x_1k.c
lzo1x_1l.c
lzo1x_1o.c
lzo1x_9x.c
lzo1x_d1.c
lzo1x_d2.c
lzo1x_d3.c
lzo1x_o.c
lzo1y_1.c
lzo1y_9x.c
lzo1y_d1.c
lzo1y_d2.c
lzo1y_d3.c
lzo1y_o.c
lzo1z_9x.c
lzo1z_d1.c
lzo1z_d2.c
lzo1z_d3.c
lzo2a_9x.c
lzo2a_d1.c
lzo2a_d2.c
lzo_crc.c
lzo_init.c
lzo_ptr.c
lzo_str.c
lzo_util.c
)
PREPEND(lzo_src_with_path "lzo/src" ${lzo_srcs})
add_library(lzo ${lzo_src_with_path})
target_include_directories(lzo PUBLIC "${CMAKE_CURRENT_SOURCE_DIR}/lzo/include")
if (${ANDROID_ABI} STREQUAL "armeabi-v7a")
target_compile_options(lzo PRIVATE -O0)
endif()

1
client/android/cpp/mbedtls Submodule

@ -0,0 +1 @@
Subproject commit b1c8e41ae3b36a9a88e0cbee10ed38a577b54726

0
client/android/cpp/minivpn/minivpn.c Normal file
View file

1
client/android/cpp/openssl Submodule

@ -0,0 +1 @@
Subproject commit 5a6a7d0c955b168ccaecbd16d5a8ae4d20304ff4

1
client/android/cpp/openvpn Submodule

@ -0,0 +1 @@
Subproject commit b1ae59746c150da85aa93c8e0ac1e8a0e670d6ef

684
client/android/cpp/openvpn-config/config.h Normal file
View file

@ -0,0 +1,684 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* DISABLE PERSISTEN TUN */
#undef TUNSETPERSIST
/* Enable deferred authentication */
#define CONFIGURE_DEF_AUTH 1
/* Enable internal packet filter */
#undef CONFIGURE_PF //1
/* enable iproute2 support */
#undef CONFIG_FEATURE_IPROUTE
/* Use memory debugging function in OpenSSL */
/* #undef CRYPTO_MDEBUG */
#define HAVE_BASENAME
/* Use dmalloc memory debugging library */
/* #undef DMALLOC */
/* Dimension to use for empty array declaration */
#define EMPTY_ARRAY_SIZE 0
/* Enable client capability only */
#define ENABLE_CLIENT_ONLY 1
/* Enable debugging support */
#define ENABLE_DEBUG 1
/* Enable internal fragmentation support */
#define ENABLE_FRAGMENT 1
/* Enable HTTP proxy support */
#define ENABLE_HTTP_PROXY 1
/* Enable management server capability */
#define ENABLE_MANAGEMENT 1
/* Enable multi-homed UDP server capability */
#define ENABLE_MULTIHOME 0
/* Allow --askpass and --auth-user-pass passwords to be read from a file */
#define ENABLE_PASSWORD_SAVE 1
/* Enable TCP Server port sharing */
#define ENABLE_PORT_SHARE 1
/* Enable smaller executable size */
/* #undef ENABLE_SMALL */
/* Enable Socks proxy support */
#define ENABLE_SOCKS 1
/* Define to 1 if you have the `accept' function. */
#define HAVE_ACCEPT 1
/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1
/* Define to 1 if you have the `bind' function. */
#define HAVE_BIND 1
/* Define to 1 if you have the `chdir' function. */
#define HAVE_CHDIR 1
/* Define to 1 if you have the `chroot' function. */
#define HAVE_CHROOT 1
/* Define to 1 if you have the `chsize' function. */
/* #undef HAVE_CHSIZE */
/* struct cmsghdr needed for extended socket error support */
#define HAVE_CMSGHDR 1
/* Define to 1 if you have the `connect' function. */
#define HAVE_CONNECT 1
/* Define to 1 if your compiler supports GNU GCC-style variadic macros */
#define HAVE_CPP_VARARG_MACRO_GCC 1
/* Define to 1 if your compiler supports ISO C99 variadic macros */
#define HAVE_CPP_VARARG_MACRO_ISO 1
/* Define to 1 if you have the `ctime' function. */
#define HAVE_CTIME 1
/* Define to 1 if you have the <ctype.h> header file. */
#define HAVE_CTYPE_H 1
/* Define to 1 if you have the `daemon' function. */
#define HAVE_DAEMON 1
/* Define to 1 if you have the `dup' function. */
#define HAVE_DUP 1
/* Define to 1 if you have the `dup2' function. */
#define HAVE_DUP2 1
/* Define to 1 if you have the `ENGINE_cleanup' function. */
#define HAVE_ENGINE_CLEANUP 0
/* Define to 1 if you have the `ENGINE_load_builtin_engines' function. */
#define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 0
/* Define to 1 if you have the `ENGINE_register_all_complete' function. */
#define HAVE_ENGINE_REGISTER_ALL_COMPLETE 0
/* epoll_create function is defined */
#define HAVE_EPOLL_CREATE 1
/* Define to 1 if you have the <errno.h> header file. */
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the <err.h> header file. */
#define HAVE_ERR_H 1
/* Define to 1 if you have the `EVP_CIPHER_CTX_set_key_length' function. */
#define HAVE_EVP_CIPHER_CTX_SET_KEY_LENGTH 1
/* Define to 1 if you have the `execve' function. */
#define HAVE_EXECVE 1
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* Define to 1 if you have the `flock' function. */
#define HAVE_FLOCK 1
/* Define to 1 if you have the `fork' function. */
#define HAVE_FORK 1
/* Define to 1 if you have the `ftruncate' function. */
#define HAVE_FTRUNCATE 1
/* Define to 1 if you have the `getgrnam' function. */
#define HAVE_GETGRNAM 1
/* Define to 1 if you have the `gethostbyname' function. */
#define HAVE_GETHOSTBYNAME 1
/* Define to 1 if you have the `getpass' function. */
/* #define HAVE_GETPASS 1 */
/* Define to 1 if you have the `getpeereid' function. */
/* #undef HAVE_GETPEEREID */
/* Define to 1 if you have the `getpeername' function. */
#define HAVE_GETPEERNAME 1
/* Define to 1 if you have the `getpid' function. */
#define HAVE_GETPID 1
/* Define to 1 if you have the `getpwnam' function. */
#define HAVE_GETPWNAM 1
/* Define to 1 if you have the `getsockname' function. */
#define HAVE_GETSOCKNAME 1
/* Define to 1 if you have the `getsockopt' function. */
#define HAVE_GETSOCKOPT 1
/* Define to 1 if you have the `gettimeofday' function. */
#define HAVE_GETTIMEOFDAY 1
/* Define to 1 if you have the <grp.h> header file. */
#define HAVE_GRP_H 1
/* Define to 1 if you have the `inet_ntoa' function. */
#define HAVE_INET_NTOA 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* struct in_pktinfo needed for IP_PKTINFO support */
#define HAVE_IN_PKTINFO 1
#define HAVE_IPI_SPEC_DST 1
/* struct iovec needed for IPv6 support */
#define HAVE_IOVEC 1
/* struct iphdr needed for IPv6 support */
#define HAVE_IPHDR 1
/* Define to 1 if you have the <linux/errqueue.h> header file. */
#define HAVE_LINUX_ERRQUEUE_H 1
/* Define to 1 if you have the <linux/if_tun.h> header file. */
#define HAVE_LINUX_IF_TUN_H 1
/* Define to 1 if you have the <linux/sockios.h> header file. */
#define HAVE_LINUX_SOCKIOS_H 1
/* Define to 1 if you have the <linux/types.h> header file. */
#define HAVE_LINUX_TYPES_H 1
/* Define to 1 if you have the `listen' function. */
#define HAVE_LISTEN 1
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the `memset' function. */
#define HAVE_MEMSET 1
/* Define to 1 if you have the `mlockall' function. */
/* #define HAVE_MLOCKALL 1*/
/* struct msghdr needed for extended socket error support */
#define HAVE_MSGHDR 1
/* Define to 1 if you have the <netdb.h> header file. */
#define HAVE_NETDB_H 1
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
#define HAVE_NETINET_IF_ETHER_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
#define HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <netinet/in_systm.h> header file. */
#define HAVE_NETINET_IN_SYSTM_H 1
/* Define to 1 if you have the <netinet/ip.h> header file. */
#define HAVE_NETINET_IP_H 1
/* Define to 1 if you have the <netinet/tcp.h> header file. */
#define HAVE_NETINET_TCP_H 1
/* Define to 1 if you have the <net/if.h> header file. */
#define HAVE_NET_IF_H 1
/* Define to 1 if you have the <net/if_tun.h> header file. */
/* #undef HAVE_NET_IF_TUN_H */
/* Define to 1 if you have the <net/tun/if_tun.h> header file. */
/* #undef HAVE_NET_TUN_IF_TUN_H */
/* Define to 1 if you have the `nice' function. */
#define HAVE_NICE 1
/* Define to 1 if you have the `openlog' function. */
#define HAVE_OPENLOG 1
/* Define to 1 if you have the <openssl/engine.h> header file. */
#define HAVE_OPENSSL_ENGINE_H 0
/* Define to 1 if you have the `poll' function. */
#define HAVE_POLL 1
/* Define if you have POSIX threads libraries and header files. */
/* #undef HAVE_PTHREAD */
/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1
/* Define to 1 if you have the <pwd.h> header file. */
#define HAVE_PWD_H 1
/* Define to 1 if you have the `readv' function. */
#define HAVE_READV 1
/* Define to 1 if you have the `recv' function. */
#define HAVE_RECV 1
/* Define to 1 if you have the `recvfrom' function. */
#define HAVE_RECVFROM 1
/* Define to 1 if you have the `recvmsg' function. */
#define HAVE_RECVMSG 1
/* Define to 1 if you have the <resolv.h> header file. */
#define HAVE_RESOLV_H 1
/* Indicates if res_init is available */
#define HAVE_RES_INIT 1
/* Define to 1 if you have the `select' function. */
#define HAVE_SELECT 1
/* Define to 1 if you have the `send' function. */
#define HAVE_SEND 1
/* Define to 1 if you have the `sendmsg' function. */
#define HAVE_SENDMSG 1
/* Define to 1 if you have the `sendto' function. */
#define HAVE_SENDTO 1
/* SELinux support */
/* #undef HAVE_SETCON */
/* Define to 1 if you have the `setgid' function. */
#define HAVE_SETGID 1
/* Define to 1 if you have the `setgroups' function. */
#define HAVE_SETGROUPS 1
/* Define to 1 if you have the `setsid' function. */
#define HAVE_SETSID 1
/* Define to 1 if you have the `setsockopt' function. */
#define HAVE_SETSOCKOPT 1
/* Define to 1 if you have the `setuid' function. */
#define HAVE_SETUID 1
/* Define to 1 if you have the <signal.h> header file. */
#define HAVE_SIGNAL_H 1
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
/* struct sock_extended_err needed for extended socket error support */
#define HAVE_SOCK_EXTENDED_ERR 1
/* Define to 1 if you have the `stat' function. */
#define HAVE_STAT 1
/* Define to 1 if you have the <stdarg.h> header file. */
#define HAVE_STDARG_H 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdio.h> header file. */
#define HAVE_STDIO_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the `strdup' function. */
#define HAVE_STRDUP 1
/* Define to 1 if you have the `strerror' function. */
#define HAVE_STRERROR 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <stropts.h> header file. */
#define HAVE_STROPTS_H 1
/* Define to 1 if you have the `syslog' function. */
#define HAVE_SYSLOG 1
/* Define to 1 if you have the <syslog.h> header file. */
#define HAVE_SYSLOG_H 1
/* Define to 1 if you have the `system' function. */
#define HAVE_SYSTEM 1
/* Define to 1 if you have the <sys/epoll.h> header file. */
#define HAVE_SYS_EPOLL_H 1
/* Define to 1 if you have the <sys/file.h> header file. */
#define HAVE_SYS_FILE_H 1
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#define HAVE_SYS_IOCTL_H 1
/* Define to 1 if you have the <sys/mman.h> header file. */
#define HAVE_SYS_MMAN_H 1
/* Define to 1 if you have the <poll.h> header file. */
#define HAVE_POLL_H 1
/* Define to 1 if you have the <sys/socket.h> header file. */
#define HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/sockio.h> header file. */
/* #undef HAVE_SYS_SOCKIO_H */
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/time.h> header file. */
#define HAVE_SYS_TIME_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
#define HAVE_SYS_UIO_H 1
/* Define to 1 if you have the <sys/un.h> header file. */
#define HAVE_SYS_UN_H 1
/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
#define HAVE_SYS_WAIT_H 1
/* Define to 1 if you have the `time' function. */
#define HAVE_TIME 1
/* struct tun_pi needed for IPv6 support */
#define HAVE_TUN_PI 1
/* Define to 1 if you have the `umask' function. */
#define HAVE_UMASK 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the `unlink' function. */
#define HAVE_UNLINK 1
/* Define to 1 if you have the `vfork' function. */
#define HAVE_VFORK 1
/* Define to 1 if you have the <vfork.h> header file. */
/* #undef HAVE_VFORK_H */
/* Define to 1 if you have the `vsnprintf' function. */
#define HAVE_VSNPRINTF 1
/* Define to 1 if `fork' works. */
#define HAVE_WORKING_FORK 1
/* Define to 1 if `vfork' works. */
#define HAVE_WORKING_VFORK 1
/* Define to 1 if you have the `writev' function. */
#define HAVE_WRITEV 1
/* Path to ifconfig tool */
#define IFCONFIG_PATH "/system/xbin/ifconfig"
/* Path to iproute tool */
#define IPROUTE_PATH "ip"
/* Use lzo/ directory prefix for LZO header files (for LZO 2.0) */
#define LZO_HEADER_DIR 1
/* LZO version number */
#define LZO_VERSION_NUM "2"
/* Name of package */
#define PACKAGE "openvpn"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "openvpn-users@lists.sourceforge.net"
/* Define to the full name of this package. */
#define PACKAGE_NAME "OpenVPN"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "OpenVPN 2.6-icsopenvpn"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "openvpn"
/* Define to the version of this package. */
#define PACKAGE_VERSION "2.6_master"
/* Define to the necessary symbol if this constant uses a non-standard name on
your system. */
/* #undef PTHREAD_CREATE_JOINABLE */
/* Define as the return type of signal handlers (`int' or `void'). */
#define RETSIGTYPE void
/* Path to route tool */
#define ROUTE_PATH "/system/xbin/route"
/* The size of `unsigned int', as computed by sizeof. */
#define SIZEOF_UNSIGNED_INT 4
/* The size of `unsigned long', as computed by sizeof. */
#define SIZEOF_UNSIGNED_LONG 4
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Enable strict options check between peers */
/* #undef STRICT_OPTIONS_CHECK */
/* The TAP-Win32 id defined in tap-win32/SOURCES */
#define TAP_ID "tap0901"
/* The TAP-Win32 version number is defined in tap-win32/SOURCES */
#define TAP_WIN32_MIN_MAJOR 9
/* The TAP-Win32 version number is defined in tap-win32/SOURCES */
#define TAP_WIN32_MIN_MINOR 1
/* A string representing our target */
#define TARGET_ALIAS TARGET_ABI
/* Are we running on Mac OS X? */
/* #undef TARGET_DARWIN */
/* Are we running on DragonFlyBSD? */
/* #undef TARGET_DRAGONFLY */
/* Are we running on FreeBSD? */
/* #undef TARGET_FREEBSD */
/* Are we running on Android Linux? */
/* TARGET_LINUX is not enable since the TARGET_XXX options mainly
control different tun/tap, ifconfig behaviour and Android VpnProvider
is very different from Linux */
#define TARGET_ANDROID
/* Are we running on Linux? */
/* #define TARGET_LINUX 1 */
/* Are we running NetBSD? */
/* #undef TARGET_NETBSD */
/* Are we running on OpenBSD? */
/* #undef TARGET_OPENBSD */
/* Are we running on Solaris? */
/* #undef TARGET_SOLARIS */
/* Are we running WIN32? */
/* #undef TARGET_WIN32 */
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
#define TIME_WITH_SYS_TIME 1
/* Win32 builtin */
/* #undef UF */
/* Use OpenSSL crypto library */
#define USE_CRYPTO 1
/* Use libdl for dynamic library loading */
#define USE_LIBDL 1
/* Use LoadLibrary to load DLLs on Windows */
/* #undef USE_LOAD_LIBRARY */
/* Use LZO compression library */
#define ENABLE_LZO 1
#define ENABLE_SNAPPY 1
#define ENABLE_LZ4 1
#define NEED_COMPAT_LZ4 1
/* Enable PKCS11 capability */
/* #undef USE_PKCS11 */
/* Use pthread-based multithreading */
/* #undef USE_PTHREAD */
/* Use OpenSSL SSL library */
#define ENABLE_SSL 1
#define USE_SSL 1
#define ENABLE_CRYPTO 1
/* via android.mk */
/*#define ENABLE_CRYPTO_OPENSSL 1*/
/* #define ENABLE_CRYPTO_POLARSSL 1 */
/* Use valgrind memory debugging library */
/* #undef USE_VALGRIND */
/* Version number of package */
//#define VERSION "2.3.1"
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# define _GNU_SOURCE 1
#endif
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
/* Define to `int' if <sys/types.h> doesn't define. */
/* #undef gid_t */
/* Some systems don't define in_addr_t */
/* #undef in_addr_t */
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
/* #undef inline */
#endif
/* Define to `long int' if <sys/types.h> does not define. */
/* #undef off_t */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef pid_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef size_t */
/* type to use in place of socklen_t if not defined */
/* #undef socklen_t */
/* Define to `int' if <sys/types.h> doesn't define. */
/* #undef uid_t */
/* 16-bit unsigned type */
/* #undef uint16_t */
/* 32-bit unsigned type */
/* #undef uint32_t */
/* 8-bit unsigned type */
/* #undef uint8_t */
/* Define as `fork' if `vfork' does not work. */
/* #undef vfork */
/* Define to empty if the keyword `volatile' does not work. Warning: valid
code using `volatile' can become incorrect without. Disable with care. */
/* #undef volatile */
// New version
#define HAVE_INET_NTOP 1
#define HAVE_INET_PTON 1
#define HAVE_LZO_LZOUTIL_H 1
#define HAVE_LZO_LZO1X_H 1
#define HAVE_SYS_TIME_H 1
#define HAVE_TIME_H 1
// #define HAVE_CONFIG_VERSION_H 1
#define PATH_SEPARATOR_STR "/"
#define HAVE_SA_FAMILY_T 1
// Workaround for bionc
#define IPPROTO_IP IPPROTO_IP
#define IPPROTO_TCP IPPROTO_TCP
int res_init();
#define HAVE_AEAD_CIPHER_MODES 1
#define HAVE_EVP_MD_CTX_RESET 1
#define HAVE_EVP_MD_CTX_FREE 1
#define HAVE_EVP_MD_CTX_NEW 1
#define HAVE_EVP_CIPHER_CTX_FREE 1
#define HAVE_EVP_CIPHER_CTX_NEW 1
#define HAVE_HMAC_CTX_RESET 1
#define HAVE_HMAC_CTX_FREE 1
#define HAVE_HMAC_CTX_NEW 1
#define HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB_USERDATA 1
#define HAVE_SSL_CTX_GET_DEFAULT_PASSWD_CB 1
#define HAVE_X509_GET0_PUBKEY 1
#define HAVE_X509_STORE_GET0_OBJECTS 1
#define HAVE_X509_OBJECT_FREE 1
#define HAVE_X509_OBJECT_GET_TYPE 1
#define HAVE_EVP_PKEY_GET0_RSA 1
#define HAVE_EVP_PKEY_ID 1
#define HAVE_EVP_PKEY_GET0_DSA 1
#define HAVE_RSA_SET_FLAGS 1
#define HAVE_RSA_GET0_KEY 1
#define HAVE_RSA_SET0_KEY 1
#define HAVE_RSA_BITS 1
#define HAVE_DSA_BITS 1
#define HAVE_DSA_GET0_PQG 1
#define HAVE_RSA_METH_NEW 1
#define HAVE_RSA_METH_FREE 1
#define HAVE_RSA_METH_SET_PUB_ENC 1
#define HAVE_RSA_METH_SET_PUB_DEC 1
#define HAVE_RSA_METH_SET_PRIV_DEC 1
#define HAVE_RSA_METH_SET_PRIV_ENC 1
#define HAVE_RSA_METH_SET_INIT 1
#define HAVE_RSA_METH_SET_FINISH 1
#define HAVE_RSA_METH_SET0_APP_DATA 1
#define HAVE_EVP_PKEY_GET0_EC_KEY 1
#define HAVE_EC_GROUP_ORDER_BITS 1
#define HAVE_RSA_METH_GET0_APP_DATA 1
#define HAVE_RSA_METH_SET_SIGN 1
#define ENABLE_OFB_CFB_MODE 1
#define HAVE_X509_GET0_NOTBEFORE 1
#define HAVE_X509_GET0_NOTAFTER 1
#define HAVE_OPENSSL_VERSION 1
#define HAVE_EVP_CIPHER_CTX_RESET
#define _SOCKLEN_T_DECLARED 1

875
client/android/cpp/openvpn-config/openvpn-plugin.h Normal file
View file

@ -0,0 +1,875 @@
/* include/openvpn-plugin.h. Generated from openvpn-plugin.h.in by configure. */
/*
* OpenVPN -- An application to securely tunnel IP networks
* over a single TCP/UDP port, with support for SSL/TLS-based
* session authentication and key exchange,
* packet encryption, packet authentication, and
* packet compression.
*
* Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef OPENVPN_PLUGIN_H_
#define OPENVPN_PLUGIN_H_
#define OPENVPN_PLUGIN_VERSION 3
#ifdef ENABLE_CRYPTO_MBEDTLS
#include <mbedtls/x509_crt.h>
#ifndef __OPENVPN_X509_CERT_T_DECLARED
#define __OPENVPN_X509_CERT_T_DECLARED
typedef mbedtls_x509_crt openvpn_x509_cert_t;
#endif
#else /* ifdef ENABLE_CRYPTO_MBEDTLS */
#include <openssl/x509.h>
#ifndef __OPENVPN_X509_CERT_T_DECLARED
#define __OPENVPN_X509_CERT_T_DECLARED
typedef X509 openvpn_x509_cert_t;
#endif
#endif
#include <stdarg.h>
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Provide some basic version information to plug-ins at OpenVPN compile time
* This is will not be the complete version
*/
#define OPENVPN_VERSION_MAJOR 2
#define OPENVPN_VERSION_MINOR 5
#define OPENVPN_VERSION_PATCH "_git"
/*
* Plug-in types. These types correspond to the set of script callbacks
* supported by OpenVPN.
*
* This is the general call sequence to expect when running in server mode:
*
* Initial Server Startup:
*
* FUNC: openvpn_plugin_open_v1
* FUNC: openvpn_plugin_client_constructor_v1 (this is the top-level "generic"
* client template)
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_UP
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ROUTE_UP
*
* New Client Connection:
*
* FUNC: openvpn_plugin_client_constructor_v1
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ENABLE_PF
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert
* in the server chain)
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_IPCHANGE
*
* [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED,
* we don't proceed until authentication is verified via auth_control_file]
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_CLIENT_CONNECT_V2
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_LEARN_ADDRESS
*
* [Client session ensues]
*
* For each "TLS soft reset", according to reneg-sec option (or similar):
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ENABLE_PF
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert
* in the server chain)
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL
*
* [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED,
* we expect that authentication is verified via auth_control_file within
* the number of seconds defined by the "hand-window" option. Data channel traffic
* will continue to flow uninterrupted during this period.]
*
* [Client session continues]
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_CLIENT_DISCONNECT
* FUNC: openvpn_plugin_client_destructor_v1
*
* [ some time may pass ]
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_LEARN_ADDRESS (this coincides with a
* lazy free of initial
* learned addr object)
* Server Shutdown:
*
* FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_DOWN
* FUNC: openvpn_plugin_client_destructor_v1 (top-level "generic" client)
* FUNC: openvpn_plugin_close_v1
*/
#define OPENVPN_PLUGIN_UP 0
#define OPENVPN_PLUGIN_DOWN 1
#define OPENVPN_PLUGIN_ROUTE_UP 2
#define OPENVPN_PLUGIN_IPCHANGE 3
#define OPENVPN_PLUGIN_TLS_VERIFY 4
#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY 5
#define OPENVPN_PLUGIN_CLIENT_CONNECT 6
#define OPENVPN_PLUGIN_CLIENT_DISCONNECT 7
#define OPENVPN_PLUGIN_LEARN_ADDRESS 8
#define OPENVPN_PLUGIN_CLIENT_CONNECT_V2 9
#define OPENVPN_PLUGIN_TLS_FINAL 10
#define OPENVPN_PLUGIN_ENABLE_PF 11
#define OPENVPN_PLUGIN_ROUTE_PREDOWN 12
#define OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER 13
#define OPENVPN_PLUGIN_CLIENT_CONNECT_DEFER_V2 14
#define OPENVPN_PLUGIN_CLIENT_CRRESPONSE 15
#define OPENVPN_PLUGIN_N 16
/*
* Build a mask out of a set of plug-in types.
*/
#define OPENVPN_PLUGIN_MASK(x) (1<<(x))
/*
* A pointer to a plugin-defined object which contains
* the object state.
*/
typedef void *openvpn_plugin_handle_t;
/*
* Return value for openvpn_plugin_func_v1 function
*/
#define OPENVPN_PLUGIN_FUNC_SUCCESS 0
#define OPENVPN_PLUGIN_FUNC_ERROR 1
#define OPENVPN_PLUGIN_FUNC_DEFERRED 2
/*
* For Windows (needs to be modified for MSVC)
*/
#if defined(_WIN32) && !defined(OPENVPN_PLUGIN_H)
#define OPENVPN_EXPORT __declspec(dllexport)
#else
#define OPENVPN_EXPORT
#endif
/*
* If OPENVPN_PLUGIN_H is defined, we know that we are being
* included in an OpenVPN compile, rather than a plugin compile.
*/
#ifdef OPENVPN_PLUGIN_H
/*
* We are compiling OpenVPN.
*/
#define OPENVPN_PLUGIN_DEF typedef
#define OPENVPN_PLUGIN_FUNC(name) (*name)
#else /* ifdef OPENVPN_PLUGIN_H */
/*
* We are compiling plugin.
*/
#define OPENVPN_PLUGIN_DEF OPENVPN_EXPORT
#define OPENVPN_PLUGIN_FUNC(name) name
#endif
/*
* Used by openvpn_plugin_func to return structured
* data. The plugin should allocate all structure
* instances, name strings, and value strings with
* malloc, since OpenVPN will assume that it
* can free the list by calling free() over the same.
*/
struct openvpn_plugin_string_list
{
struct openvpn_plugin_string_list *next;
char *name;
char *value;
};
/* openvpn_plugin_{open,func}_v3() related structs */
/**
* Defines version of the v3 plugin argument structs
*
* Whenever one or more of these structs are modified, this constant
* must be updated. A changelog should be appended in this comment
* as well, to make it easier to see what information is available
* in the different versions.
*
* Version Comment
* 1 Initial plugin v3 structures providing the same API as
* the v2 plugin interface, X509 certificate information +
* a logging API for plug-ins.
*
* 2 Added ssl_api member in struct openvpn_plugin_args_open_in
* which identifies the SSL implementation OpenVPN is compiled
* against.
*
* 3 Added ovpn_version, ovpn_version_major, ovpn_version_minor
* and ovpn_version_patch to provide the runtime version of
* OpenVPN to plug-ins.
*
* 4 Exported secure_memzero() as plugin_secure_memzero()
*
* 5 Exported openvpn_base64_encode() as plugin_base64_encode()
* Exported openvpn_base64_decode() as plugin_base64_decode()
*/
#define OPENVPN_PLUGINv3_STRUCTVER 5
/**
* Definitions needed for the plug-in callback functions.
*/
typedef enum
{
PLOG_ERR = (1 << 0),/* Error condition message */
PLOG_WARN = (1 << 1),/* General warning message */
PLOG_NOTE = (1 << 2),/* Informational message */
PLOG_DEBUG = (1 << 3),/* Debug message, displayed if verb >= 7 */
PLOG_ERRNO = (1 << 8),/* Add error description to message */
PLOG_NOMUTE = (1 << 9), /* Mute setting does not apply for message */
} openvpn_plugin_log_flags_t;
#ifdef __GNUC__
#if __USE_MINGW_ANSI_STDIO
#define _ovpn_chk_fmt(a, b) __attribute__ ((format(gnu_printf, (a), (b))))
#else
#define _ovpn_chk_fmt(a, b) __attribute__ ((format(__printf__, (a), (b))))
#endif
#else /* ifdef __GNUC__ */
#define _ovpn_chk_fmt(a, b)
#endif
typedef void (*plugin_log_t)(openvpn_plugin_log_flags_t flags,
const char *plugin_name,
const char *format, ...) _ovpn_chk_fmt (3, 4);
typedef void (*plugin_vlog_t)(openvpn_plugin_log_flags_t flags,
const char *plugin_name,
const char *format,
va_list arglist) _ovpn_chk_fmt (3, 0);
/* #undef _ovpn_chk_fmt */
/**
* Export of secure_memzero() to be used inside plug-ins
*
* @param data Pointer to data to zeroise
* @param len Length of data, in bytes
*
*/
typedef void (*plugin_secure_memzero_t)(void *data, size_t len);
/**
* Export of openvpn_base64_encode() to be used inside plug-ins
*
* @param data Pointer to data to BASE64 encode
* @param size Length of data, in bytes
* @param *str Pointer to the return buffer. This needed memory is
* allocated by openvpn_base64_encode() and needs to be free()d
* after use.
*
* @return int Returns the length of the buffer created, or -1 on error.
*
*/
typedef int (*plugin_base64_encode_t)(const void *data, int size, char **str);
/**
* Export of openvpn_base64_decode() to be used inside plug-ins
*
* @param str Pointer to the BASE64 encoded data
* @param data Pointer to the buffer where save the decoded data
* @param size Size of the destination buffer
*
* @return int Returns the length of the decoded data, or -1 on error or
* if the destination buffer is too small.
*
*/
typedef int (*plugin_base64_decode_t)(const char *str, void *data, int size);
/**
* Used by the openvpn_plugin_open_v3() function to pass callback
* function pointers to the plug-in.
*
* plugin_log
* plugin_vlog : Use these functions to add information to the OpenVPN log file.
* Messages will only be displayed if the plugin_name parameter
* is set. PLOG_DEBUG messages will only be displayed with plug-in
* debug log verbosity (at the time of writing that's verb >= 7).
*
* plugin_secure_memzero
* : Use this function to securely wipe sensitive information from
* memory. This function is declared in a way that the compiler
* will not remove these function calls during the compiler
* optimization phase.
*/
struct openvpn_plugin_callbacks
{
plugin_log_t plugin_log;
plugin_vlog_t plugin_vlog;
plugin_secure_memzero_t plugin_secure_memzero;
plugin_base64_encode_t plugin_base64_encode;
plugin_base64_decode_t plugin_base64_decode;
};
/**
* Used by the openvpn_plugin_open_v3() function to indicate to the
* plug-in what kind of SSL implementation OpenVPN uses. This is
* to avoid SEGV issues when OpenVPN is complied against mbed TLS
* and the plug-in against OpenSSL.
*/
typedef enum {
SSLAPI_NONE,
SSLAPI_OPENSSL,
SSLAPI_MBEDTLS
} ovpnSSLAPI;
/**
* Arguments used to transport variables to the plug-in.
* The struct openvpn_plugin_args_open_in is only used
* by the openvpn_plugin_open_v3() function.
*
* STRUCT MEMBERS
*
* type_mask : Set by OpenVPN to the logical OR of all script
* types which this version of OpenVPN supports.
*
* argv : a NULL-terminated array of options provided to the OpenVPN
* "plug-in" directive. argv[0] is the dynamic library pathname.
*
* envp : a NULL-terminated array of OpenVPN-set environmental
* variables in "name=value" format. Note that for security reasons,
* these variables are not actually written to the "official"
* environmental variable store of the process.
*
* callbacks : a pointer to the plug-in callback function struct.
*
*/
struct openvpn_plugin_args_open_in
{
const int type_mask;
const char **const argv;
const char **const envp;
struct openvpn_plugin_callbacks *callbacks;
const ovpnSSLAPI ssl_api;
const char *ovpn_version;
const unsigned int ovpn_version_major;
const unsigned int ovpn_version_minor;
const char *const ovpn_version_patch;
};
/**
* Arguments used to transport variables from the plug-in back
* to the OpenVPN process. The struct openvpn_plugin_args_open_return
* is only used by the openvpn_plugin_open_v3() function.
*
* STRUCT MEMBERS
*
* type_mask : The plug-in should set this value to the logical OR of all script
* types which the plug-in wants to intercept. For example, if the
* script wants to intercept the client-connect and client-disconnect
* script types:
*
* type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
* | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
*
* handle : Pointer to a global plug-in context, created by the plug-in. This pointer
* is passed on to the other plug-in calls.
*
* return_list : used to return data back to OpenVPN.
*
*/
struct openvpn_plugin_args_open_return
{
int type_mask;
openvpn_plugin_handle_t handle;
struct openvpn_plugin_string_list **return_list;
};
/**
* Arguments used to transport variables to and from the
* plug-in. The struct openvpn_plugin_args_func is only used
* by the openvpn_plugin_func_v3() function.
*
* STRUCT MEMBERS:
*
* type : one of the PLUGIN_x types.
*
* argv : a NULL-terminated array of "command line" options which
* would normally be passed to the script. argv[0] is the dynamic
* library pathname.
*
* envp : a NULL-terminated array of OpenVPN-set environmental
* variables in "name=value" format. Note that for security reasons,
* these variables are not actually written to the "official"
* environmental variable store of the process.
*
* handle : Pointer to a global plug-in context, created by the plug-in's openvpn_plugin_open_v3().
*
* per_client_context : the per-client context pointer which was returned by
* openvpn_plugin_client_constructor_v1, if defined.
*
* current_cert_depth : Certificate depth of the certificate being passed over
*
* *current_cert : X509 Certificate object received from the client
*
*/
struct openvpn_plugin_args_func_in
{
const int type;
const char **const argv;
const char **const envp;
openvpn_plugin_handle_t handle;
void *per_client_context;
int current_cert_depth;
openvpn_x509_cert_t *current_cert;
};
/**
* Arguments used to transport variables to and from the
* plug-in. The struct openvpn_plugin_args_func is only used
* by the openvpn_plugin_func_v3() function.
*
* STRUCT MEMBERS:
*
* return_list : used to return data back to OpenVPN for further processing/usage by
* the OpenVPN executable.
*
*/
struct openvpn_plugin_args_func_return
{
struct openvpn_plugin_string_list **return_list;
};
/*
* Multiple plugin modules can be cascaded, and modules can be
* used in tandem with scripts. The order of operation is that
* the module func() functions are called in the order that
* the modules were specified in the config file. If a script
* was specified as well, it will be called last. If the
* return code of the module/script controls an authentication
* function (such as tls-verify or auth-user-pass-verify), then
* every module and script must return success (0) in order for
* the connection to be authenticated.
*
* Notes:
*
* Plugins which use a privilege-separation model (by forking in
* their initialization function before the main OpenVPN process
* downgrades root privileges and/or executes a chroot) must
* daemonize after a fork if the "daemon" environmental variable is
* set. In addition, if the "daemon_log_redirect" variable is set,
* the plugin should preserve stdout/stderr across the daemon()
* syscall. See the daemonize() function in plugin/auth-pam/auth-pam.c
* for an example.
*/
/*
* Prototypes for functions which OpenVPN plug-ins must define.
*/
/*
* FUNCTION: openvpn_plugin_open_v2
*
* REQUIRED: YES
*
* Called on initial plug-in load. OpenVPN will preserve plug-in state
* across SIGUSR1 restarts but not across SIGHUP restarts. A SIGHUP reset
* will cause the plugin to be closed and reopened.
*
* ARGUMENTS
*
* *type_mask : Set by OpenVPN to the logical OR of all script
* types which this version of OpenVPN supports. The plug-in
* should set this value to the logical OR of all script types
* which the plug-in wants to intercept. For example, if the
* script wants to intercept the client-connect and
* client-disconnect script types:
*
* *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_CONNECT)
* | OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_CLIENT_DISCONNECT)
*
* argv : a NULL-terminated array of options provided to the OpenVPN
* "plug-in" directive. argv[0] is the dynamic library pathname.
*
* envp : a NULL-terminated array of OpenVPN-set environmental
* variables in "name=value" format. Note that for security reasons,
* these variables are not actually written to the "official"
* environmental variable store of the process.
*
* return_list : used to return data back to OpenVPN.
*
* RETURN VALUE
*
* An openvpn_plugin_handle_t value on success, NULL on failure
*/
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v2)
(unsigned int *type_mask,
const char *argv[],
const char *envp[],
struct openvpn_plugin_string_list **return_list);
/*
* FUNCTION: openvpn_plugin_func_v2
*
* Called to perform the work of a given script type.
*
* REQUIRED: YES
*
* ARGUMENTS
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* type : one of the PLUGIN_x types
*
* argv : a NULL-terminated array of "command line" options which
* would normally be passed to the script. argv[0] is the dynamic
* library pathname.
*
* envp : a NULL-terminated array of OpenVPN-set environmental
* variables in "name=value" format. Note that for security reasons,
* these variables are not actually written to the "official"
* environmental variable store of the process.
*
* per_client_context : the per-client context pointer which was returned by
* openvpn_plugin_client_constructor_v1, if defined.
*
* return_list : used to return data back to OpenVPN.
*
* RETURN VALUE
*
* OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
*
* In addition, OPENVPN_PLUGIN_FUNC_DEFERRED may be returned by
* OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY. This enables asynchronous
* authentication where the plugin (or one of its agents) may indicate
* authentication success/failure some number of seconds after the return
* of the OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY handler by writing a single
* char to the file named by auth_control_file in the environmental variable
* list (envp).
*
* first char of auth_control_file:
* '0' -- indicates auth failure
* '1' -- indicates auth success
*
* OpenVPN will delete the auth_control_file after it goes out of scope.
*
* If an OPENVPN_PLUGIN_ENABLE_PF handler is defined and returns success
* for a particular client instance, packet filtering will be enabled for that
* instance. OpenVPN will then attempt to read the packet filter configuration
* from the temporary file named by the environmental variable pf_file. This
* file may be generated asynchronously and may be dynamically updated during the
* client session, however the client will be blocked from sending or receiving
* VPN tunnel packets until the packet filter file has been generated. OpenVPN
* will periodically test the packet filter file over the life of the client
* instance and reload when modified. OpenVPN will delete the packet filter file
* when the client instance goes out of scope.
*
* Packet filter file grammar:
*
* [CLIENTS DROP|ACCEPT]
* {+|-}common_name1
* {+|-}common_name2
* . . .
* [SUBNETS DROP|ACCEPT]
* {+|-}subnet1
* {+|-}subnet2
* . . .
* [END]
*
* Subnet: IP-ADDRESS | IP-ADDRESS/NUM_NETWORK_BITS
*
* CLIENTS refers to the set of clients (by their common-name) which
* this instance is allowed ('+') to connect to, or is excluded ('-')
* from connecting to. Note that in the case of client-to-client
* connections, such communication must be allowed by the packet filter
* configuration files of both clients.
*
* SUBNETS refers to IP addresses or IP address subnets which this
* instance may connect to ('+') or is excluded ('-') from connecting
* to.
*
* DROP or ACCEPT defines default policy when there is no explicit match
* for a common-name or subnet. The [END] tag must exist. A special
* purpose tag called [KILL] will immediately kill the client instance.
* A given client or subnet rule applies to both incoming and outgoing
* packets.
*
* See plugin/defer/simple.c for an example on using asynchronous
* authentication and client-specific packet filtering.
*/
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v2)
(openvpn_plugin_handle_t handle,
const int type,
const char *argv[],
const char *envp[],
void *per_client_context,
struct openvpn_plugin_string_list **return_list);
/*
* FUNCTION: openvpn_plugin_open_v3
*
* REQUIRED: YES
*
* Called on initial plug-in load. OpenVPN will preserve plug-in state
* across SIGUSR1 restarts but not across SIGHUP restarts. A SIGHUP reset
* will cause the plugin to be closed and reopened.
*
* ARGUMENTS
*
* version : fixed value, defines the API version of the OpenVPN plug-in API. The plug-in
* should validate that this value is matching the OPENVPN_PLUGINv3_STRUCTVER
* value.
*
* arguments : Structure with all arguments available to the plug-in.
*
* retptr : used to return data back to OpenVPN.
*
* RETURN VALUE
*
* OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
*/
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v3)
(const int version,
struct openvpn_plugin_args_open_in const *arguments,
struct openvpn_plugin_args_open_return *retptr);
/*
* FUNCTION: openvpn_plugin_func_v3
*
* Called to perform the work of a given script type.
*
* REQUIRED: YES
*
* ARGUMENTS
*
* version : fixed value, defines the API version of the OpenVPN plug-in API. The plug-in
* should validate that this value is matching the OPENVPN_PLUGIN_VERSION value.
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* return_list : used to return data back to OpenVPN.
*
* RETURN VALUE
*
* OPENVPN_PLUGIN_FUNC_SUCCESS on success, OPENVPN_PLUGIN_FUNC_ERROR on failure
*
* In addition, OPENVPN_PLUGIN_FUNC_DEFERRED may be returned by
* OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY. This enables asynchronous
* authentication where the plugin (or one of its agents) may indicate
* authentication success/failure some number of seconds after the return
* of the OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY handler by writing a single
* char to the file named by auth_control_file in the environmental variable
* list (envp).
*
* first char of auth_control_file:
* '0' -- indicates auth failure
* '1' -- indicates auth success
*
* OpenVPN will delete the auth_control_file after it goes out of scope.
*
* If an OPENVPN_PLUGIN_ENABLE_PF handler is defined and returns success
* for a particular client instance, packet filtering will be enabled for that
* instance. OpenVPN will then attempt to read the packet filter configuration
* from the temporary file named by the environmental variable pf_file. This
* file may be generated asynchronously and may be dynamically updated during the
* client session, however the client will be blocked from sending or receiving
* VPN tunnel packets until the packet filter file has been generated. OpenVPN
* will periodically test the packet filter file over the life of the client
* instance and reload when modified. OpenVPN will delete the packet filter file
* when the client instance goes out of scope.
*
* Packet filter file grammar:
*
* [CLIENTS DROP|ACCEPT]
* {+|-}common_name1
* {+|-}common_name2
* . . .
* [SUBNETS DROP|ACCEPT]
* {+|-}subnet1
* {+|-}subnet2
* . . .
* [END]
*
* Subnet: IP-ADDRESS | IP-ADDRESS/NUM_NETWORK_BITS
*
* CLIENTS refers to the set of clients (by their common-name) which
* this instance is allowed ('+') to connect to, or is excluded ('-')
* from connecting to. Note that in the case of client-to-client
* connections, such communication must be allowed by the packet filter
* configuration files of both clients.
*
* SUBNETS refers to IP addresses or IP address subnets which this
* instance may connect to ('+') or is excluded ('-') from connecting
* to.
*
* DROP or ACCEPT defines default policy when there is no explicit match
* for a common-name or subnet. The [END] tag must exist. A special
* purpose tag called [KILL] will immediately kill the client instance.
* A given client or subnet rule applies to both incoming and outgoing
* packets.
*
* See plugin/defer/simple.c for an example on using asynchronous
* authentication and client-specific packet filtering.
*/
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v3)
(const int version,
struct openvpn_plugin_args_func_in const *arguments,
struct openvpn_plugin_args_func_return *retptr);
/*
* FUNCTION: openvpn_plugin_close_v1
*
* REQUIRED: YES
*
* ARGUMENTS
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* Called immediately prior to plug-in unload.
*/
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_close_v1)
(openvpn_plugin_handle_t handle);
/*
* FUNCTION: openvpn_plugin_abort_v1
*
* REQUIRED: NO
*
* ARGUMENTS
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* Called when OpenVPN is in the process of aborting due to a fatal error.
* Will only be called on an open context returned by a prior successful
* openvpn_plugin_open callback.
*/
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_abort_v1)
(openvpn_plugin_handle_t handle);
/*
* FUNCTION: openvpn_plugin_client_constructor_v1
*
* Called to allocate a per-client memory region, which
* is then passed to the openvpn_plugin_func_v2 function.
* This function is called every time the OpenVPN server
* constructs a client instance object, which normally
* occurs when a session-initiating packet is received
* by a new client, even before the client has authenticated.
*
* This function should allocate the private memory needed
* by the plugin to track individual OpenVPN clients, and
* return a void * to this memory region.
*
* REQUIRED: NO
*
* ARGUMENTS
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* RETURN VALUE
*
* void * pointer to plugin's private per-client memory region, or NULL
* if no memory region is required.
*/
OPENVPN_PLUGIN_DEF void *OPENVPN_PLUGIN_FUNC(openvpn_plugin_client_constructor_v1)
(openvpn_plugin_handle_t handle);
/*
* FUNCTION: openvpn_plugin_client_destructor_v1
*
* This function is called on client instance object destruction.
*
* REQUIRED: NO
*
* ARGUMENTS
*
* handle : the openvpn_plugin_handle_t value which was returned by
* openvpn_plugin_open.
*
* per_client_context : the per-client context pointer which was returned by
* openvpn_plugin_client_constructor_v1, if defined.
*/
OPENVPN_PLUGIN_DEF void OPENVPN_PLUGIN_FUNC(openvpn_plugin_client_destructor_v1)
(openvpn_plugin_handle_t handle, void *per_client_context);
/*
* FUNCTION: openvpn_plugin_select_initialization_point_v1
*
* Several different points exist in OpenVPN's initialization sequence where
* the openvpn_plugin_open function can be called. While the default is
* OPENVPN_PLUGIN_INIT_PRE_DAEMON, this function can be used to select a
* different initialization point. For example, if your plugin needs to
* return configuration parameters to OpenVPN, use
* OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE.
*
* REQUIRED: NO
*
* RETURN VALUE:
*
* An OPENVPN_PLUGIN_INIT_x value.
*/
#define OPENVPN_PLUGIN_INIT_PRE_CONFIG_PARSE 1
#define OPENVPN_PLUGIN_INIT_PRE_DAEMON 2 /* default */
#define OPENVPN_PLUGIN_INIT_POST_DAEMON 3
#define OPENVPN_PLUGIN_INIT_POST_UID_CHANGE 4
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_select_initialization_point_v1)
(void);
/*
* FUNCTION: openvpn_plugin_min_version_required_v1
*
* This function is called by OpenVPN to query the minimum
* plugin interface version number required by the plugin.
*
* REQUIRED: NO
*
* RETURN VALUE
*
* The minimum OpenVPN plugin interface version number necessary to support
* this plugin.
*/
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_min_version_required_v1)
(void);
/*
* Deprecated functions which are still supported for backward compatibility.
*/
OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_open_v1)
(unsigned int *type_mask,
const char *argv[],
const char *envp[]);
OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v1)
(openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]);
#ifdef __cplusplus
}
#endif
#endif /* OPENVPN_PLUGIN_H_ */

1
client/android/cpp/openvpn3 Submodule

@ -0,0 +1 @@
Subproject commit dd6e82ba9fff32e4f4a3965750f3ec9106131a44

40
client/android/cpp/ovpnutil/jniglue.c Normal file
View file

@ -0,0 +1,40 @@
#include <jni.h>
#include <android/log.h>
#include <stdlib.h>
#include <unistd.h>
#include "jniglue.h"
jint JNI_OnLoad(JavaVM *vm, void *reserved) {
#ifndef NDEBUG
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "Loading openvpn native library $id$ compiled on " __DATE__ " " __TIME__ );
#endif
return JNI_VERSION_1_2;
}
void android_openvpn_log(int level,const char* prefix,const char* prefix_sep,const char* m1)
{
__android_log_print(ANDROID_LOG_DEBUG,"openvpn","%s%s%s",prefix,prefix_sep,m1);
}
//! Hack to get the current installed ABI of the libraries. See also https://github.com/schwabe/ics-openvpn/issues/391
jstring Java_de_blinkt_openvpn_core_NativeUtils_getJNIAPI(JNIEnv *env, jclass jo)
{
return (*env)->NewStringUTF(env, TARGET_ARCH_ABI);
}
jstring Java_de_blinkt_openvpn_core_NativeUtils_getOpenVPN2GitVersion(JNIEnv *env, jclass jo)
{
return (*env)->NewStringUTF(env, OPENVPN2_GIT_REVISION);
}
jstring Java_de_blinkt_openvpn_core_NativeUtils_getOpenVPN3GitVersion(JNIEnv *env, jclass jo)
{
return (*env)->NewStringUTF(env, OPENVPN3_GIT_REVISION);
}

21
client/android/cpp/ovpnutil/jniglue.h Normal file
View file

@ -0,0 +1,21 @@
//
// jniglue.h
// xcopenvpn
//
// Created by Arne Schwabe on 29.03.12.
// Copyright (c) 2012 Universität Paderborn. All rights reserved.
//
#ifndef xcopenvpn_jniglue_h
#define xcopenvpn_jniglue_h
void android_openvpn_log(int level,const char* prefix,const char* prefix_sep,const char* m1);
#endif
#ifdef __cplusplus
extern "C" {
#endif
int jniThrowException(JNIEnv* env, const char* className, const char* msg);
#ifdef __cplusplus
}
#endif

146
client/android/cpp/ovpnutil/rsapss.cpp Normal file
View file

@ -0,0 +1,146 @@
/* Adapted from OpenSSL's rsa_pss.c from OpenSSL 3.0.1 */
/*
* Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "jni.h"
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <array>
static const unsigned char zeroes[] = {0, 0, 0, 0, 0, 0, 0, 0};
static char opensslerr[1024];
extern "C" jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsapss(JNIEnv *env,
jclass,
jint hashtype,
jint MSBits,
jint rsa_size,
jbyteArray from) {
/*
unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
int sLen)
*/
jbyte *data = env->GetByteArrayElements(from, nullptr);
int datalen = env->GetArrayLength(from);
const auto *mHash = reinterpret_cast<const unsigned char *>(data);
const EVP_MD *Hash;
if (hashtype == 0) {
Hash = EVP_md5();
} else if (hashtype == 1) {
Hash = EVP_sha1();
} else if (hashtype == 2) {
Hash = EVP_sha224();
} else if (hashtype == 3) {
Hash = EVP_sha256();
} else if (hashtype == 4) {
Hash = EVP_sha384();
} else if (hashtype == 5) {
Hash = EVP_sha512();
}
const EVP_MD *mgf1Hash = Hash;
int ret = 0;
int maskedDBLen, emLen;
unsigned char *H, *salt = nullptr, *p;
EVP_MD_CTX *ctx = nullptr;
int hLen = EVP_MD_get_size(Hash);
int sLen = hLen; /* RSA_PSS_SALTLEN_DIGEST */
std::array<unsigned char, 2048> buf{};
unsigned char *EM = buf.data();
if (hLen < 0)
goto err;
emLen = rsa_size;
if (MSBits == 0) {
*EM++ = 0;
emLen--;
}
if (emLen < hLen + 2) {
goto err;
}
if (sLen == RSA_PSS_SALTLEN_MAX) {
sLen = emLen - hLen - 2;
} else if (sLen > emLen - hLen - 2) {
goto err;
}
if (sLen > 0) {
salt = (unsigned char *) OPENSSL_malloc(sLen);
if (salt == nullptr) {
goto err;
}
if (RAND_bytes_ex(nullptr, salt, sLen, 0) <= 0)
goto err;
}
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
ctx = EVP_MD_CTX_new();
if (ctx == nullptr)
goto err;
if (!EVP_DigestInit_ex(ctx, Hash, nullptr)
|| !EVP_DigestUpdate(ctx, zeroes, sizeof(zeroes))
|| !EVP_DigestUpdate(ctx, mHash, hLen))
goto err;
if (sLen && !EVP_DigestUpdate(ctx, salt, sLen))
goto err;
if (!EVP_DigestFinal_ex(ctx, H, nullptr))
goto err;
/* Generate dbMask in place then perform XOR on it */
if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
goto err;
p = EM;
/*
* Initial PS XORs with all zeroes which is a NOP so just update pointer.
* Note from a test above this value is guaranteed to be non-negative.
*/
p += emLen - sLen - hLen - 2;
*p++ ^= 0x1;
if (sLen > 0) {
for (int i = 0; i < sLen; i++)
*p++ ^= salt[i];
}
if (MSBits)
EM[0] &= 0xFF >> (8 - MSBits);
/* H is already in place so just set final 0xbc */
EM[emLen - 1] = 0xbc;
ret = 1;
err:
EVP_MD_CTX_free(ctx);
OPENSSL_clear_free(salt, (size_t) sLen); /* salt != NULL implies sLen > 0 */
jbyteArray jb;
jb = env->NewByteArray(emLen);
env->SetByteArrayRegion(jb, 0, emLen, (jbyte *) EM);
return jb;
}

334
client/android/cpp/ovpnutil/sslspeed.c Normal file
View file

@ -0,0 +1,334 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* The ECDH and ECDSA speed test software is originally written by
* Sumit Gupta of Sun Microsystems Laboratories.
*
*/
// Modified by Arne Schwabe to give a simple openssl evp speed java api
#include <jni.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/ioctl.h>
#include <sys/times.h>
#include <linux/if.h>
#include <android/log.h>
#include <unistd.h>
#include <string.h>
#include <stdio.h>
#include <errno.h>
#include "jniglue.h"
#include <android/log.h>
#include <openssl/crypto.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/async.h>
#include <openssl/provider.h>
/* This file just contains code thrown together until it works */
#undef SECONDS
#define SECONDS 3
#define PRIME_SECONDS 10
#define RSA_SECONDS 10
#define DSA_SECONDS 10
#define ECDSA_SECONDS 10
#define ECDH_SECONDS 10
typedef struct loopargs_st {
unsigned char *buf;
unsigned char *buf2;
unsigned char *buf_malloc;
unsigned char *buf2_malloc;
unsigned int siglen;
EVP_CIPHER_CTX *ctx;
HMAC_CTX *hctx;
} loopargs_t;
#undef BUFSIZE
#define BUFSIZE (1024*16+1)
#define MAX_MISALIGNMENT 63
#define MAX_BLOCK_SIZE 128
static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
#define SIZE_NUM 7
static const int lengths[SIZE_NUM] = {
16, 64, 256, 1024, 1500, 8 * 1024, 16 * 1024
};
static int testnum;
# define COND(unused_cond) (run && count<0x7fffffff)
static volatile int run = 0;
#ifdef SIGALRM
# if defined(__STDC__) || defined(sgi) || defined(_AIX)
# define SIGRETTYPE void
# else
# define SIGRETTYPE int
# endif
#define START 0
#define STOP 1
#define TM_START 0
#define TM_STOP 1
static int usertime = 1;
double app_tminterval(int stop, int usertime)
{
double ret = 0;
struct tms rus;
clock_t now = times(&rus);
static clock_t tmstart;
if (usertime)
now = rus.tms_utime;
if (stop == TM_START)
tmstart = now;
else {
long int tck = sysconf(_SC_CLK_TCK);
ret = (now - tmstart) / (double)tck;
}
return (ret);
}
static double Time_F(int s)
{
double ret = app_tminterval(s, usertime);
if (s == STOP)
alarm(0);
return ret;
}
#endif
static long save_count = 0;
static int decrypt = 0;
static int EVP_Update_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **)args;
unsigned char *buf = tempargs->buf;
EVP_CIPHER_CTX *ctx = tempargs->ctx;
int outl, count;
if (decrypt)
for (count = 0; COND(nb_iter); count++)
EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
else
for (count = 0; COND(nb_iter); count++)
EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
if (decrypt)
EVP_DecryptFinal_ex(ctx, buf, &outl);
else
EVP_EncryptFinal_ex(ctx, buf, &outl);
return count;
}
static const EVP_MD *evp_md = NULL;
static int EVP_Digest_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **)args;
unsigned char *buf = tempargs->buf;
unsigned char md[EVP_MAX_MD_SIZE];
int count;
for (count = 0; COND(nb_iter); count++) {
if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
return -1;
}
return count;
}
static int run_benchmark(int async_jobs,
int (*loop_function)(void *), loopargs_t *loopargs)
{
int job_op_count = 0;
int total_op_count = 0;
int num_inprogress = 0;
int error = 0, i = 0, ret = 0;
OSSL_ASYNC_FD job_fd = 0;
size_t num_job_fds = 0;
run = 1;
if (async_jobs == 0) {
return loop_function((void *)&loopargs);
}
return 1234567;
}
static void* stop_run(void* arg)
{
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "stop run thread started");
sleep(3);
run=0;
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "stop run thread stopped");
return NULL;
}
jdoubleArray Java_de_blinkt_openvpn_core_NativeUtils_getOpenSSLSpeed(JNIEnv* env, jclass thiz, jstring algorithm, jint testnumber)
{
OSSL_PROVIDER *legacy;
OSSL_PROVIDER *deflt;
OSSL_LIB_CTX *lib_ctx = OSSL_LIB_CTX_new();
/* Load Multiple providers into the default (NULL) library context */
legacy = OSSL_PROVIDER_load(lib_ctx, "legacy");
if (legacy == NULL) {
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "Failed to load Legacy provider\n");
return NULL;
}
deflt = OSSL_PROVIDER_load(lib_ctx, "default");
if (deflt == NULL) {
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "Failed to load Default provider\n");
OSSL_PROVIDER_unload(legacy);
return NULL;
}
static const unsigned char key16[16] = {
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
};
const EVP_CIPHER *evp_cipher = NULL;
const char* alg = (*env)->GetStringUTFChars( env, algorithm , NULL ) ;
evp_cipher = EVP_CIPHER_fetch(lib_ctx, alg, NULL);
if (evp_cipher == NULL)
evp_md = EVP_MD_fetch(lib_ctx, alg, NULL);
if (evp_cipher == NULL && evp_md == NULL) {
// BIO_printf(bio_err, "%s: %s is an unknown cipher or digest\n", prog, opt_arg());
//jniThrowException(env, "java/security/NoSuchAlgorithmException", "Algorithm not found");
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "Algorithm not found");
return NULL;
}
loopargs_t *loopargs = NULL;
int loopargs_len = 1;
int async_jobs = 0;
loopargs = malloc(loopargs_len * sizeof(loopargs_t));
memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
jdoubleArray ret = (*env)->NewDoubleArray(env, 3);
if (testnum < 0 || testnum >= SIZE_NUM)
goto error;
testnum = testnumber;
for (int i = 0; i < loopargs_len; i++) {
int misalign=0;
loopargs[i].buf_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);
loopargs[i].buf2_malloc = malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1);
/* Align the start of buffers on a 64 byte boundary */
loopargs[i].buf = loopargs[i].buf_malloc + misalign;
loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
}
int count;
double d;
if (evp_cipher) {
/*
* -O3 -fschedule-insns messes up an optimization here!
* names[D_EVP] somehow becomes NULL
*/
for (int k = 0; k < loopargs_len; k++) {
loopargs[k].ctx = EVP_CIPHER_CTX_new();
if (decrypt)
EVP_DecryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);
else
EVP_EncryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, key16, iv);
EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
}
Time_F(START);
pthread_t timer_thread;
if (pthread_create(&timer_thread, NULL, stop_run, NULL))
goto error;
count = run_benchmark(async_jobs, EVP_Update_loop, loopargs);
d = Time_F(STOP);
for (int k = 0; k < loopargs_len; k++) {
EVP_CIPHER_CTX_free(loopargs[k].ctx);
}
}
if (evp_md) {
pthread_t timer_thread;
if (pthread_create(&timer_thread, NULL, stop_run, NULL))
{
__android_log_write(ANDROID_LOG_DEBUG,"openvpn", "creating thread failed");
goto error;
}
Time_F(START);
count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
d = Time_F(STOP);
}
// Save results in hacky way
double results[] = {(double) lengths[testnum], (double) count, d};
(*env)->SetDoubleArrayRegion(env, ret, 0, 3, results);
// print_result(D_EVP, testnum, count, d);
OSSL_LIB_CTX_free(lib_ctx);
free(loopargs);
return ret;
error:
for (int k = 0; k < loopargs_len; k++) {
EVP_CIPHER_CTX_free(loopargs[k].ctx);
}
free(loopargs);
OSSL_LIB_CTX_free(lib_ctx);
return NULL;
}

7
client/android/cpp/tools.cmake Normal file
View file

@ -0,0 +1,7 @@
FUNCTION(PREPEND var prefix)
SET(listVar "")
FOREACH(f ${ARGN})
LIST(APPEND listVar "${prefix}/${f}")
ENDFOREACH(f)
SET(${var} "${listVar}" PARENT_SCOPE)
ENDFUNCTION(PREPEND)

BIN
client/android/lib/openvpn/arm64-v8a/libjbcrypto.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/arm64-v8a/libopenvpn.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/arm64-v8a/libopvpnutil.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/arm64-v8a/libovpn3.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/arm64-v8a/libovpnexec.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/armeabi-v7a/libjbcrypto.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/armeabi-v7a/libopenvpn.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/armeabi-v7a/libopvpnutil.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/armeabi-v7a/libovpn3.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/armeabi-v7a/libovpnexec.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86/libjbcrypto.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86/libopenvpn.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86/libopvpnutil.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86/libovpn3.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86/libovpnexec.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86_64/libjbcrypto.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86_64/libopenvpn.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86_64/libopvpnutil.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86_64/libovpn3.so
View file

Binary file not shown.

BIN
client/android/lib/openvpn/x86_64/libovpnexec.so
View file

Binary file not shown.

50
client/android/src/net/openvpn/ovpn3/ClientAPI_Config.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.
@ -117,12 +117,12 @@ public class ClientAPI_Config {
return ovpncliJNI.ClientAPI_Config_protoVersionOverride_get(swigCPtr, this);
}
public void setIpv6(String value) {
ovpncliJNI.ClientAPI_Config_ipv6_set(swigCPtr, this, value);
public void setAllowUnusedAddrFamilies(String value) {
ovpncliJNI.ClientAPI_Config_allowUnusedAddrFamilies_set(swigCPtr, this, value);
}
public String getIpv6() {
return ovpncliJNI.ClientAPI_Config_ipv6_get(swigCPtr, this);
public String getAllowUnusedAddrFamilies() {
return ovpncliJNI.ClientAPI_Config_allowUnusedAddrFamilies_get(swigCPtr, this);
}
public void setConnTimeout(int value) {
@ -221,14 +221,6 @@ public class ClientAPI_Config {
return ovpncliJNI.ClientAPI_Config_defaultKeyDirection_get(swigCPtr, this);
}
public void setForceAesCbcCiphersuites(boolean value) {
ovpncliJNI.ClientAPI_Config_forceAesCbcCiphersuites_set(swigCPtr, this, value);
}
public boolean getForceAesCbcCiphersuites() {
return ovpncliJNI.ClientAPI_Config_forceAesCbcCiphersuites_get(swigCPtr, this);
}
public void setTlsVersionMinOverride(String value) {
ovpncliJNI.ClientAPI_Config_tlsVersionMinOverride_set(swigCPtr, this, value);
}
@ -366,6 +358,14 @@ public class ClientAPI_Config {
return ovpncliJNI.ClientAPI_Config_gremlinConfig_get(swigCPtr, this);
}
public void setUsePluggableTransports(boolean value) {
ovpncliJNI.ClientAPI_Config_usePluggableTransports_set(swigCPtr, this, value);
}
public boolean getUsePluggableTransports() {
return ovpncliJNI.ClientAPI_Config_usePluggableTransports_get(swigCPtr, this);
}
public void setWintun(boolean value) {
ovpncliJNI.ClientAPI_Config_wintun_set(swigCPtr, this, value);
}
@ -374,6 +374,30 @@ public class ClientAPI_Config {
return ovpncliJNI.ClientAPI_Config_wintun_get(swigCPtr, this);
}
public void setAllowLocalDnsResolvers(boolean value) {
ovpncliJNI.ClientAPI_Config_allowLocalDnsResolvers_set(swigCPtr, this, value);
}
public boolean getAllowLocalDnsResolvers() {
return ovpncliJNI.ClientAPI_Config_allowLocalDnsResolvers_get(swigCPtr, this);
}
public void setEnableLegacyAlgorithms(boolean value) {
ovpncliJNI.ClientAPI_Config_enableLegacyAlgorithms_set(swigCPtr, this, value);
}
public boolean getEnableLegacyAlgorithms() {
return ovpncliJNI.ClientAPI_Config_enableLegacyAlgorithms_get(swigCPtr, this);
}
public void setEnableNonPreferredDCAlgorithms(boolean value) {
ovpncliJNI.ClientAPI_Config_enableNonPreferredDCAlgorithms_set(swigCPtr, this, value);
}
public boolean getEnableNonPreferredDCAlgorithms() {
return ovpncliJNI.ClientAPI_Config_enableNonPreferredDCAlgorithms_get(swigCPtr, this);
}
public ClientAPI_Config() {
this(ovpncliJNI.new_ClientAPI_Config(), true);
}

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ConnectionInfo.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_DynamicChallenge.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_EvalConfig.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_Event.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ExternalPKIBase.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ExternalPKICertRequest.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ExternalPKIRequestBase.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ExternalPKISignRequest.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_InterfaceStats.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_KeyValue.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_LLVector.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_LogInfo.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_MergeConfig.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

38
client/android/src/net/openvpn/ovpn3/ClientAPI_OpenVPNClient.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.
@ -56,26 +56,6 @@ public class ClientAPI_OpenVPNClient extends ClientAPI_TunBuilderBase {
ovpncliJNI.ClientAPI_OpenVPNClient_director_connect(this, swigCPtr, true, true);
}
public static ClientAPI_MergeConfig merge_config_static(String path, boolean follow_references) {
return new ClientAPI_MergeConfig(ovpncliJNI.ClientAPI_OpenVPNClient_merge_config_static(path, follow_references), true);
}
public static ClientAPI_MergeConfig merge_config_string_static(String config_content) {
return new ClientAPI_MergeConfig(ovpncliJNI.ClientAPI_OpenVPNClient_merge_config_string_static(config_content), true);
}
public static ClientAPI_EvalConfig eval_config_static(ClientAPI_Config config) {
return new ClientAPI_EvalConfig(ovpncliJNI.ClientAPI_OpenVPNClient_eval_config_static(ClientAPI_Config.getCPtr(config), config), true);
}
public static int max_profile_size() {
return ovpncliJNI.ClientAPI_OpenVPNClient_max_profile_size();
}
public static boolean parse_dynamic_challenge(String cookie, ClientAPI_DynamicChallenge dc) {
return ovpncliJNI.ClientAPI_OpenVPNClient_parse_dynamic_challenge(cookie, ClientAPI_DynamicChallenge.getCPtr(dc), dc);
}
public ClientAPI_EvalConfig eval_config(ClientAPI_Config arg0) {
return new ClientAPI_EvalConfig(ovpncliJNI.ClientAPI_OpenVPNClient_eval_config(swigCPtr, this, ClientAPI_Config.getCPtr(arg0), arg0), true);
}
@ -176,20 +156,4 @@ public class ClientAPI_OpenVPNClient extends ClientAPI_TunBuilderBase {
if (getClass() == ClientAPI_OpenVPNClient.class) ovpncliJNI.ClientAPI_OpenVPNClient_clock_tick(swigCPtr, this); else ovpncliJNI.ClientAPI_OpenVPNClient_clock_tickSwigExplicitClientAPI_OpenVPNClient(swigCPtr, this);
}
public static String crypto_self_test() {
return ovpncliJNI.ClientAPI_OpenVPNClient_crypto_self_test();
}
public static int app_expire() {
return ovpncliJNI.ClientAPI_OpenVPNClient_app_expire();
}
public static String platform() {
return ovpncliJNI.ClientAPI_OpenVPNClient_platform();
}
public static String copyright() {
return ovpncliJNI.ClientAPI_OpenVPNClient_copyright();
}
}

75
client/android/src/net/openvpn/ovpn3/ClientAPI_OpenVPNClientHelper.java Normal file
View file

@ -0,0 +1,75 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.
* ----------------------------------------------------------------------------- */
package net.openvpn.ovpn3;
public class ClientAPI_OpenVPNClientHelper {
private transient long swigCPtr;
protected transient boolean swigCMemOwn;
protected ClientAPI_OpenVPNClientHelper(long cPtr, boolean cMemoryOwn) {
swigCMemOwn = cMemoryOwn;
swigCPtr = cPtr;
}
protected static long getCPtr(ClientAPI_OpenVPNClientHelper obj) {
return (obj == null) ? 0 : obj.swigCPtr;
}
@SuppressWarnings("deprecation")
protected void finalize() {
delete();
}
public synchronized void delete() {
if (swigCPtr != 0) {
if (swigCMemOwn) {
swigCMemOwn = false;
ovpncliJNI.delete_ClientAPI_OpenVPNClientHelper(swigCPtr);
}
swigCPtr = 0;
}
}
public ClientAPI_OpenVPNClientHelper() {
this(ovpncliJNI.new_ClientAPI_OpenVPNClientHelper(), true);
}
public ClientAPI_MergeConfig merge_config(String path, boolean follow_references) {
return new ClientAPI_MergeConfig(ovpncliJNI.ClientAPI_OpenVPNClientHelper_merge_config(swigCPtr, this, path, follow_references), true);
}
public ClientAPI_MergeConfig merge_config_string(String config_content) {
return new ClientAPI_MergeConfig(ovpncliJNI.ClientAPI_OpenVPNClientHelper_merge_config_string(swigCPtr, this, config_content), true);
}
public ClientAPI_EvalConfig eval_config(ClientAPI_Config config) {
return new ClientAPI_EvalConfig(ovpncliJNI.ClientAPI_OpenVPNClientHelper_eval_config(swigCPtr, this, ClientAPI_Config.getCPtr(config), config), true);
}
public static int max_profile_size() {
return ovpncliJNI.ClientAPI_OpenVPNClientHelper_max_profile_size();
}
public static boolean parse_dynamic_challenge(String cookie, ClientAPI_DynamicChallenge dc) {
return ovpncliJNI.ClientAPI_OpenVPNClientHelper_parse_dynamic_challenge(cookie, ClientAPI_DynamicChallenge.getCPtr(dc), dc);
}
public String crypto_self_test() {
return ovpncliJNI.ClientAPI_OpenVPNClientHelper_crypto_self_test(swigCPtr, this);
}
public static String platform() {
return ovpncliJNI.ClientAPI_OpenVPNClientHelper_platform();
}
public static String copyright() {
return ovpncliJNI.ClientAPI_OpenVPNClientHelper_copyright();
}
}

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ProvideCreds.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_RemoteOverride.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ServerEntry.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_ServerEntryVector.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_SessionToken.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_Status.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_StringVec.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ClientAPI_TransportStats.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

6
client/android/src/net/openvpn/ovpn3/ClientAPI_TunBuilderBase.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.
@ -104,8 +104,8 @@ public class ClientAPI_TunBuilderBase {
return ovpncliJNI.ClientAPI_TunBuilderBase_tun_builder_add_wins_server(swigCPtr, this, address);
}
public boolean tun_builder_set_block_ipv6(boolean block_ipv6) {
return ovpncliJNI.ClientAPI_TunBuilderBase_tun_builder_set_block_ipv6(swigCPtr, this, block_ipv6);
public boolean tun_builder_set_allow_family(int af, boolean allow) {
return ovpncliJNI.ClientAPI_TunBuilderBase_tun_builder_set_allow_family(swigCPtr, this, af, allow);
}
public boolean tun_builder_set_adapter_domain_suffix(String name) {

2
client/android/src/net/openvpn/ovpn3/SWIGTYPE_p_std__string.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/SWIGTYPE_p_std__vectorT_openvpn__ClientAPI__KeyValue_t.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

2
client/android/src/net/openvpn/ovpn3/ovpncli.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.

41
client/android/src/net/openvpn/ovpn3/ovpncliJNI.java
View file

@ -1,6 +1,6 @@
/* ----------------------------------------------------------------------------
* This file was automatically generated by SWIG (http://www.swig.org).
* Version 4.0.2
* Version 4.0.1
*
* Do not make changes to this file unless you know what you are doing--modify
* the SWIG interface file instead.
@ -73,7 +73,7 @@ public class ovpncliJNI {
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_set_proxy_http(long jarg1, ClientAPI_TunBuilderBase jarg1_, String jarg2, int jarg3);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_set_proxy_https(long jarg1, ClientAPI_TunBuilderBase jarg1_, String jarg2, int jarg3);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_add_wins_server(long jarg1, ClientAPI_TunBuilderBase jarg1_, String jarg2);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_set_block_ipv6(long jarg1, ClientAPI_TunBuilderBase jarg1_, boolean jarg2);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_set_allow_family(long jarg1, ClientAPI_TunBuilderBase jarg1_, int jarg2, boolean jarg3);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_set_adapter_domain_suffix(long jarg1, ClientAPI_TunBuilderBase jarg1_, String jarg2);
public final static native int ClientAPI_TunBuilderBase_tun_builder_establish(long jarg1, ClientAPI_TunBuilderBase jarg1_);
public final static native boolean ClientAPI_TunBuilderBase_tun_builder_persist(long jarg1, ClientAPI_TunBuilderBase jarg1_);
@ -183,8 +183,8 @@ public class ovpncliJNI {
public final static native String ClientAPI_Config_protoOverride_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_protoVersionOverride_set(long jarg1, ClientAPI_Config jarg1_, int jarg2);
public final static native int ClientAPI_Config_protoVersionOverride_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_ipv6_set(long jarg1, ClientAPI_Config jarg1_, String jarg2);
public final static native String ClientAPI_Config_ipv6_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_allowUnusedAddrFamilies_set(long jarg1, ClientAPI_Config jarg1_, String jarg2);
public final static native String ClientAPI_Config_allowUnusedAddrFamilies_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_connTimeout_set(long jarg1, ClientAPI_Config jarg1_, int jarg2);
public final static native int ClientAPI_Config_connTimeout_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_tunPersist_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
@ -209,8 +209,6 @@ public class ovpncliJNI {
public final static native String ClientAPI_Config_privateKeyPassword_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_defaultKeyDirection_set(long jarg1, ClientAPI_Config jarg1_, int jarg2);
public final static native int ClientAPI_Config_defaultKeyDirection_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_forceAesCbcCiphersuites_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_forceAesCbcCiphersuites_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_tlsVersionMinOverride_set(long jarg1, ClientAPI_Config jarg1_, String jarg2);
public final static native String ClientAPI_Config_tlsVersionMinOverride_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_tlsCertProfileOverride_set(long jarg1, ClientAPI_Config jarg1_, String jarg2);
@ -245,8 +243,16 @@ public class ovpncliJNI {
public final static native long ClientAPI_Config_clockTickMS_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_gremlinConfig_set(long jarg1, ClientAPI_Config jarg1_, String jarg2);
public final static native String ClientAPI_Config_gremlinConfig_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_usePluggableTransports_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_usePluggableTransports_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_wintun_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_wintun_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_allowLocalDnsResolvers_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_allowLocalDnsResolvers_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_enableLegacyAlgorithms_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_enableLegacyAlgorithms_get(long jarg1, ClientAPI_Config jarg1_);
public final static native void ClientAPI_Config_enableNonPreferredDCAlgorithms_set(long jarg1, ClientAPI_Config jarg1_, boolean jarg2);
public final static native boolean ClientAPI_Config_enableNonPreferredDCAlgorithms_get(long jarg1, ClientAPI_Config jarg1_);
public final static native long new_ClientAPI_Config();
public final static native void delete_ClientAPI_Config(long jarg1);
public final static native void ClientAPI_Event_error_set(long jarg1, ClientAPI_Event jarg1_, boolean jarg2);
@ -372,13 +378,18 @@ public class ovpncliJNI {
public final static native String ClientAPI_RemoteOverride_error_get(long jarg1, ClientAPI_RemoteOverride jarg1_);
public final static native long new_ClientAPI_RemoteOverride();
public final static native void delete_ClientAPI_RemoteOverride(long jarg1);
public final static native long new_ClientAPI_OpenVPNClientHelper();
public final static native void delete_ClientAPI_OpenVPNClientHelper(long jarg1);
public final static native long ClientAPI_OpenVPNClientHelper_merge_config(long jarg1, ClientAPI_OpenVPNClientHelper jarg1_, String jarg2, boolean jarg3);
public final static native long ClientAPI_OpenVPNClientHelper_merge_config_string(long jarg1, ClientAPI_OpenVPNClientHelper jarg1_, String jarg2);
public final static native long ClientAPI_OpenVPNClientHelper_eval_config(long jarg1, ClientAPI_OpenVPNClientHelper jarg1_, long jarg2, ClientAPI_Config jarg2_);
public final static native int ClientAPI_OpenVPNClientHelper_max_profile_size();
public final static native boolean ClientAPI_OpenVPNClientHelper_parse_dynamic_challenge(String jarg1, long jarg2, ClientAPI_DynamicChallenge jarg2_);
public final static native String ClientAPI_OpenVPNClientHelper_crypto_self_test(long jarg1, ClientAPI_OpenVPNClientHelper jarg1_);
public final static native String ClientAPI_OpenVPNClientHelper_platform();
public final static native String ClientAPI_OpenVPNClientHelper_copyright();
public final static native long new_ClientAPI_OpenVPNClient();
public final static native void delete_ClientAPI_OpenVPNClient(long jarg1);
public final static native long ClientAPI_OpenVPNClient_merge_config_static(String jarg1, boolean jarg2);
public final static native long ClientAPI_OpenVPNClient_merge_config_string_static(String jarg1);
public final static native long ClientAPI_OpenVPNClient_eval_config_static(long jarg1, ClientAPI_Config jarg1_);
public final static native int ClientAPI_OpenVPNClient_max_profile_size();
public final static native boolean ClientAPI_OpenVPNClient_parse_dynamic_challenge(String jarg1, long jarg2, ClientAPI_DynamicChallenge jarg2_);
public final static native long ClientAPI_OpenVPNClient_eval_config(long jarg1, ClientAPI_OpenVPNClient jarg1_, long jarg2, ClientAPI_Config jarg2_);
public final static native long ClientAPI_OpenVPNClient_provide_creds(long jarg1, ClientAPI_OpenVPNClient jarg1_, long jarg2, ClientAPI_ProvideCreds jarg2_);
public final static native boolean ClientAPI_OpenVPNClient_socket_protect(long jarg1, ClientAPI_OpenVPNClient jarg1_, int jarg2, String jarg3, boolean jarg4);
@ -408,10 +419,6 @@ public class ovpncliJNI {
public final static native void ClientAPI_OpenVPNClient_remote_overrideSwigExplicitClientAPI_OpenVPNClient(long jarg1, ClientAPI_OpenVPNClient jarg1_, long jarg2, ClientAPI_RemoteOverride jarg2_);
public final static native void ClientAPI_OpenVPNClient_clock_tick(long jarg1, ClientAPI_OpenVPNClient jarg1_);
public final static native void ClientAPI_OpenVPNClient_clock_tickSwigExplicitClientAPI_OpenVPNClient(long jarg1, ClientAPI_OpenVPNClient jarg1_);
public final static native String ClientAPI_OpenVPNClient_crypto_self_test();
public final static native int ClientAPI_OpenVPNClient_app_expire();
public final static native String ClientAPI_OpenVPNClient_platform();
public final static native String ClientAPI_OpenVPNClient_copyright();
public final static native void ClientAPI_OpenVPNClient_director_connect(ClientAPI_OpenVPNClient obj, long cptr, boolean mem_own, boolean weak_global);
public final static native void ClientAPI_OpenVPNClient_change_ownership(ClientAPI_OpenVPNClient obj, long cptr, boolean take_or_release);
public final static native long ClientAPI_ExternalPKICertRequest_SWIGUpcast(long jarg1);
@ -469,8 +476,8 @@ public class ovpncliJNI {
public static boolean SwigDirector_ClientAPI_OpenVPNClient_tun_builder_add_wins_server(ClientAPI_OpenVPNClient jself, String address) {
return jself.tun_builder_add_wins_server(address);
}
public static boolean SwigDirector_ClientAPI_OpenVPNClient_tun_builder_set_block_ipv6(ClientAPI_OpenVPNClient jself, boolean block_ipv6) {
return jself.tun_builder_set_block_ipv6(block_ipv6);
public static boolean SwigDirector_ClientAPI_OpenVPNClient_tun_builder_set_allow_family(ClientAPI_OpenVPNClient jself, int af, boolean allow) {
return jself.tun_builder_set_allow_family(af, allow);
}
public static boolean SwigDirector_ClientAPI_OpenVPNClient_tun_builder_set_adapter_domain_suffix(ClientAPI_OpenVPNClient jself, String name) {
return jself.tun_builder_set_adapter_domain_suffix(name);

46
client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt
View file

@ -14,6 +14,7 @@ import com.wireguard.android.util.SharedLibraryLoader
import com.wireguard.config.*
import com.wireguard.crypto.Key
import org.json.JSONObject
import java.util.Base64
import net.openvpn.ovpn3.ClientAPI_Config
import net.openvpn.ovpn3.ClientAPI_EvalConfig
@ -25,6 +26,7 @@ import net.openvpn.ovpn3.ClientAPI_OpenVPNClient
import net.openvpn.ovpn3.ClientAPI_ProvideCreds
import net.openvpn.ovpn3.ClientAPI_Status
import net.openvpn.ovpn3.ClientAPI_TransportStats
import java.lang.StringBuilder
class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runnable {
private val tag = "OpenVPNThreadv3"
@ -59,7 +61,48 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna
override fun run() {
val config: ClientAPI_Config = ClientAPI_Config()
config.content = mService.getVpnConfig().getJSONObject("openvpn_config_data").getString("config")
val jsonVpnConfig = mService.getVpnConfig()
val ovpnConfig = jsonVpnConfig.getJSONObject("openvpn_config_data").getString("config")
val resultingConfig = StringBuilder()
resultingConfig.append(ovpnConfig)
if (jsonVpnConfig.getString("protocol") == "cloak") {
val cloakConfigJson: JSONObject = jsonVpnConfig.getJSONObject("cloak_config_data")
if (cloakConfigJson.keySet().contains("NumConn")) {
cloakConfigJson.put("NumConn", 1)
}
if (cloakConfigJson.keySet().contains("ProxyMethod")) {
cloakConfigJson.put("ProxyMethod", "openvpn")
}
if (cloakConfigJson.keySet().contains("port")) {
val portValue = cloakConfigJson.get("port")
cloakConfigJson.remove("port")
cloakConfigJson.put("RemotePort", portValue)
}
if (cloakConfigJson.keySet().contains("remote")) {
val hostValue = cloakConfigJson.get("remote")
cloakConfigJson.remove("remote")
cloakConfigJson.put("RemoteHost", hostValue)
}
val cloakConfig = Base64.getEncoder().encodeToString(
jsonVpnConfig.getJSONObject("cloak_config_data").toString().toByteArray()
)
resultingConfig.append("\n<cloak>\n")
resultingConfig.append(cloakConfig)
resultingConfig.append("\n</cloak>\n")
config.setUsePluggableTransports(true)
}
config.content = resultingConfig.toString()
eval_config(config)
@ -67,7 +110,6 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna
if (status.getError()) {
Log.i(tag, "connect() error: " + status.getError() + ": " + status.getMessage())
}
}
override fun log(arg0: ClientAPI_LogInfo){

27
client/android/src/org/amnezia/vpn/VPNService.kt
View file

@ -176,7 +176,6 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
}
override fun onUnbind(intent: Intent?): Boolean {
Log.v(tag, "Aman: onUnbind....................")
if (!isUp) {
// If the Qt Client got closed while we were not connected
// we do not need to stay as a foreground service.
@ -185,12 +184,17 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
return super.onUnbind(intent)
}
override fun onDestroy() {
turnOff()
super.onDestroy()
}
/**
* EntryPoint for the Service, gets Called when AndroidController.cpp
* calles bindService. Returns the [VPNServiceBinder] so QT can send Requests to it.
*/
override fun onBind(intent: Intent): IBinder {
Log.v(tag, "Aman: onBind....................")
when (mProtocol) {
"shadowsocks" -> {
@ -214,7 +218,6 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
* or from Booting the device and having "connect on boot" enabled.
*/
override fun onStartCommand(intent: Intent?, flags: Int, startId: Int): Int {
Log.v(tag, "Aman: onStartCommand....................")
this.intent = intent
this.flags = flags
this.startId = startId
@ -278,6 +281,7 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
var isUp: Boolean = false
get() {
return when (mProtocol) {
"cloak",
"openvpn" -> {
field
}
@ -303,6 +307,7 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
val deviceIpv4: String = ""
val status = when (mProtocol) {
"cloak",
"openvpn" -> {
if (mOpenVPNThreadv3 == null) {
Status(null, null, null, null)
@ -373,7 +378,9 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
Log.i(tag, "Config: $mConfig")
mProtocol = mConfig!!.getString("protocol")
Log.i(tag, "Protocol: $mProtocol")
when (mProtocol) {
"cloak",
"openvpn" -> {
startOpenVpn()
}
@ -447,8 +454,13 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
fun turnOff() {
Log.v(tag, "Aman: turnOff....................")
when (mProtocol) {
"wireguard" -> wgTurnOff(currentTunnelHandle)
"openvpn" -> ovpnTurnOff()
"wireguard" -> {
wgTurnOff(currentTunnelHandle)
}
"cloak",
"openvpn" -> {
ovpnTurnOff()
}
"shadowsocks" -> {
stopRunner(false)
stopTest()
@ -457,6 +469,7 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
Log.e(tag, "No protocol")
}
}
currentTunnelHandle = -1
stopForeground(true)
isUp = false
@ -688,6 +701,10 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
}
private fun startOpenVpn() {
if (isUp || mOpenVPNThreadv3 != null) {
ovpnTurnOff()
}
mOpenVPNThreadv3 = OpenVPNThreadv3(this)
Thread({

2
client/android/src/org/amnezia/vpn/qt/AmneziaApp.kt
View file

@ -7,7 +7,7 @@ import org.qtproject.qt.android.bindings.QtActivity
import org.qtproject.qt.android.bindings.QtApplication
import android.app.Application
class AmneziaApp: Application() {
class AmneziaApp: org.qtproject.qt.android.bindings.QtApplication() {
override fun onCreate() {
super.onCreate()

29
client/android/src/org/amnezia/vpn/qt/VPNActivity.kt
View file

@ -5,8 +5,6 @@
package org.amnezia.vpn.qt;
import android.Manifest
import android.content.ClipData
import android.content.ClipboardManager
import android.content.ComponentName
import android.content.ContentResolver
import android.content.Context
@ -73,10 +71,6 @@ class VPNActivity : org.qtproject.qt.android.bindings.QtActivity() {
@JvmStatic fun saveFileAs(fileContent: String, suggestedName: String) {
VPNActivity.getInstance().saveFile(fileContent, suggestedName)
}
@JvmStatic fun putTextToClipboard(text: String) {
VPNActivity.getInstance().putToClipboard(text)
}
}
override fun onCreate(savedInstanceState: Bundle?) {
@ -109,18 +103,6 @@ class VPNActivity : org.qtproject.qt.android.bindings.QtActivity() {
startActivityForResult(intent, CREATE_FILE_ACTION_CODE)
}
override fun getSystemService(name: String): Any? {
return if (Build.VERSION.SDK_INT >= 29 && name == "clipboard") {
// QT will always attempt to read the clipboard if content is there.
// since we have no use of the clipboard in android 10+
// we _can_ return null
// And we definitely should since android 12 displays clipboard access.
null
} else {
super.getSystemService(name)
}
}
external fun handleBackButton(): Boolean
external fun onServiceMessage(actionCode: Int, body: String?)
@ -317,15 +299,4 @@ class VPNActivity : org.qtproject.qt.android.bindings.QtActivity() {
tmpFileContentToSave = ""
}
private fun putToClipboard(text: String) {
this.runOnUiThread {
val clipboard = applicationContext.getSystemService(CLIPBOARD_SERVICE) as ClipboardManager?
if (clipboard != null) {
val clip: ClipData = ClipData.newPlainText("", text)
clipboard.setPrimaryClip(clip)
}
}
}
}

24
client/android/src/org/amnezia/vpn/qt/VPNApplication.java
View file

@ -1,24 +0,0 @@
package org.amnezia.vpn.qt;
import android.content.res.Configuration;
import androidx.annotation.NonNull;
import org.amnezia.vpn.shadowsocks.core.Core;
import org.amnezia.vpn.shadowsocks.core.VpnManager;
public class VPNApplication extends org.qtproject.qt.android.bindings.QtApplication {
private static VPNApplication instance;
@Override
public void onCreate() {
super.onCreate();
VPNApplication.instance = this;
// Core.INSTANCE.init(this, VPNActivity.class);
// VpnManager.Companion.getInstance().init(this);
}
@Override
public void onConfigurationChanged(@NonNull Configuration newConfig) {
super.onConfigurationChanged(newConfig);
// Core.INSTANCE.updateNotificationChannels();
}
}

415
client/client.pro
View file

@ -1,415 +0,0 @@
QT += widgets core gui network xml remoteobjects quick svg quickcontrols2
equals(QT_MAJOR_VERSION, 6): QT += core5compat
TARGET = AmneziaVPN
TEMPLATE = app
# silent builds on CI env
IS_CI=$$(CI)
!isEmpty(IS_CI){
message("Detected CI env")
CONFIG += silent #ccache
}
CONFIG += qtquickcompiler
include("3rd/QtSsh/src/ssh/qssh.pri")
include("3rd/QtSsh/src/botan/botan.pri")
!android:!ios:include("3rd/SingleApplication/singleapplication.pri")
include ("3rd/SortFilterProxyModel/SortFilterProxyModel.pri")
include("3rd/qrcodegen/qrcodegen.pri")
include("3rd/QSimpleCrypto/QSimpleCrypto.pri")
include("3rd/qtkeychain/qtkeychain.pri")
INCLUDEPATH += $$PWD/3rd/QSimpleCrypto/include
INCLUDEPATH += $$PWD/3rd/OpenSSL/include
INCLUDEPATH += $$PWD/3rd/qtkeychain/include
INCLUDEPATH += $$PWD/3rd/libssh/include
DEPENDPATH += $$PWD/3rd/OpenSSL/include
HEADERS += \
../ipc/ipc.h \
amnezia_application.h \
configurators/cloak_configurator.h \
configurators/configurator_base.h \
configurators/ikev2_configurator.h \
configurators/shadowsocks_configurator.h \
configurators/ssh_configurator.h \
configurators/vpn_configurator.h \
configurators/wireguard_configurator.h \
containers/containers_defs.h \
core/defs.h \
core/errorstrings.h \
configurators/openvpn_configurator.h \
core/scripts_registry.h \
core/server_defs.h \
core/servercontroller.h \
defines.h \
logger.h \
managementserver.h \
platforms/ios/MobileUtils.h \
platforms/linux/leakdetector.h \
protocols/protocols_defs.h \
secure_qsettings.h \
settings.h \
ui/notificationhandler.h \
ui/models/containers_model.h \
ui/models/protocols_model.h \
ui/pages.h \
ui/pages_logic/AppSettingsLogic.h \
ui/pages_logic/GeneralSettingsLogic.h \
ui/pages_logic/NetworkSettingsLogic.h \
ui/pages_logic/NewServerProtocolsLogic.h \
ui/pages_logic/PageLogicBase.h \
ui/pages_logic/QrDecoderLogic.h \
ui/pages_logic/ServerConfiguringProgressLogic.h \
ui/pages_logic/ServerContainersLogic.h \
ui/pages_logic/ServerListLogic.h \
ui/pages_logic/ServerSettingsLogic.h \
ui/pages_logic/ShareConnectionLogic.h \
ui/pages_logic/SitesLogic.h \
ui/pages_logic/StartPageLogic.h \
ui/pages_logic/ViewConfigLogic.h \
ui/pages_logic/VpnLogic.h \
ui/pages_logic/WizardLogic.h \
ui/pages_logic/protocols/CloakLogic.h \
ui/pages_logic/protocols/OpenVpnLogic.h \
ui/pages_logic/protocols/OtherProtocolsLogic.h \
ui/pages_logic/protocols/PageProtocolLogicBase.h \
ui/pages_logic/protocols/ShadowSocksLogic.h \
ui/pages_logic/protocols/WireGuardLogic.h \
ui/property_helper.h \
ui/models/servers_model.h \
ui/uilogic.h \
ui/qautostart.h \
ui/models/sites_model.h \
utilities.h \
vpnconnection.h \
protocols/vpnprotocol.h \
constants.h \
platforms/ios/QRCodeReaderBase.h
SOURCES += \
amnezia_application.cpp \
configurators/cloak_configurator.cpp \
configurators/configurator_base.cpp \
configurators/ikev2_configurator.cpp \
configurators/shadowsocks_configurator.cpp \
configurators/ssh_configurator.cpp \
configurators/vpn_configurator.cpp \
configurators/wireguard_configurator.cpp \
containers/containers_defs.cpp \
core/errorstrings.cpp \
configurators/openvpn_configurator.cpp \
core/scripts_registry.cpp \
core/server_defs.cpp \
core/servercontroller.cpp \
logger.cpp \
main.cpp \
managementserver.cpp \
platforms/ios/MobileUtils.cpp \
platforms/linux/leakdetector.cpp \
protocols/protocols_defs.cpp \
secure_qsettings.cpp \
settings.cpp \
ui/notificationhandler.cpp \
ui/models/containers_model.cpp \
ui/models/protocols_model.cpp \
ui/pages_logic/AppSettingsLogic.cpp \
ui/pages_logic/GeneralSettingsLogic.cpp \
ui/pages_logic/NetworkSettingsLogic.cpp \
ui/pages_logic/NewServerProtocolsLogic.cpp \
ui/pages_logic/PageLogicBase.cpp \
ui/pages_logic/QrDecoderLogic.cpp \
ui/pages_logic/ServerConfiguringProgressLogic.cpp \
ui/pages_logic/ServerContainersLogic.cpp \
ui/pages_logic/ServerListLogic.cpp \
ui/pages_logic/ServerSettingsLogic.cpp \
ui/pages_logic/ShareConnectionLogic.cpp \
ui/pages_logic/SitesLogic.cpp \
ui/pages_logic/StartPageLogic.cpp \
ui/pages_logic/ViewConfigLogic.cpp \
ui/pages_logic/VpnLogic.cpp \
ui/pages_logic/WizardLogic.cpp \
ui/pages_logic/protocols/CloakLogic.cpp \
ui/pages_logic/protocols/OpenVpnLogic.cpp \
ui/pages_logic/protocols/OtherProtocolsLogic.cpp \
ui/pages_logic/protocols/PageProtocolLogicBase.cpp \
ui/pages_logic/protocols/ShadowSocksLogic.cpp \
ui/models/servers_model.cpp \
ui/pages_logic/protocols/WireGuardLogic.cpp \
ui/uilogic.cpp \
ui/qautostart.cpp \
ui/models/sites_model.cpp \
utilities.cpp \
vpnconnection.cpp \
protocols/vpnprotocol.cpp \
platforms/ios/QRCodeReaderBase.cpp
RESOURCES += \
resources.qrc
TRANSLATIONS = \
translations/amneziavpn_ru.ts
win32 {
DEFINES += MVPN_WINDOWS
OTHER_FILES += platforms/windows/amneziavpn.rc
RC_FILE = platforms/windows/amneziavpn.rc
HEADERS += \
protocols/ikev2_vpn_protocol_windows.h \
SOURCES += \
protocols/ikev2_vpn_protocol_windows.cpp \
VERSION = 2.0.0.0
QMAKE_TARGET_COMPANY = "AmneziaVPN"
QMAKE_TARGET_PRODUCT = "AmneziaVPN"
LIBS += \
-luser32 \
-lrasapi32 \
-lshlwapi \
-liphlpapi \
-lws2_32 \
-lgdi32
QMAKE_LFLAGS_WINDOWS += /entry:mainCRTStartup
!contains(QMAKE_TARGET.arch, x86_64) {
message("Windows x86 build")
LIBS += -L$$PWD/3rd/OpenSSL/lib/windows/x86/ -llibssl -llibcrypto
}
else {
message("Windows x86_64 build")
LIBS += -L$$PWD/3rd/OpenSSL/lib/windows/x86_64/ -llibssl -llibcrypto
}
}
macx {
DEFINES += MVPN_MACOS
ICON = $$PWD/images/app.icns
HEADERS += ui/macos_util.h
SOURCES += ui/macos_util.mm
LIBS += -framework Cocoa -framework ApplicationServices -framework CoreServices -framework Foundation -framework AppKit -framework Security
LIBS += $$PWD/3rd/OpenSSL/lib/macos/x86_64/libcrypto.a
LIBS += $$PWD/3rd/OpenSSL/lib/macos/x86_64/libssl.a
}
linux:!android {
DEFINES += MVPN_LINUX
LIBS += /usr/lib/x86_64-linux-gnu/libcrypto.a
LIBS += /usr/lib/x86_64-linux-gnu/libssl.a
LIBS += $$PWD/3rd/libssh/build/src/libssh.a
LIBS += -lz
INCLUDEPATH += $$PWD/platforms/linux
}
win32|macx|linux:!android {
DEFINES += AMNEZIA_DESKTOP
HEADERS += \
core/ipcclient.h \
core/privileged_process.h \
ui/systemtray_notificationhandler.h \
protocols/openvpnprotocol.h \
protocols/openvpnovercloakprotocol.h \
protocols/shadowsocksvpnprotocol.h \
protocols/wireguardprotocol.h \
SOURCES += \
core/ipcclient.cpp \
core/privileged_process.cpp \
ui/systemtray_notificationhandler.cpp \
protocols/openvpnprotocol.cpp \
protocols/openvpnovercloakprotocol.cpp \
protocols/shadowsocksvpnprotocol.cpp \
protocols/wireguardprotocol.cpp \
REPC_REPLICA += ../ipc/ipc_interface.rep
REPC_REPLICA += ../ipc/ipc_process_interface.rep
}
android {
message(Platform: android)
message("$$ANDROID_TARGET_ARCH")
versionAtLeast(QT_VERSION, 6.0.0) {
# We need to include qtprivate api's
# As QAndroidBinder is not yet implemented with a public api
QT += core-private
ANDROID_ABIS = $$ANDROID_TARGET_ARCH
}
DEFINES += MVPN_ANDROID
INCLUDEPATH += platforms/android
HEADERS += \
platforms/android/android_controller.h \
platforms/android/android_notificationhandler.h \
protocols/android_vpnprotocol.h \
platforms/android/androidutils.h \
platforms/android/androidvpnactivity.h
SOURCES += \
platforms/android/android_controller.cpp \
platforms/android/android_notificationhandler.cpp \
protocols/android_vpnprotocol.cpp \
platforms/android/androidutils.cpp \
platforms/android/androidvpnactivity.cpp
DISTFILES += \
android/AndroidManifest.xml \
android/build.gradle \
android/gradle/wrapper/gradle-wrapper.jar \
android/gradle/wrapper/gradle-wrapper.properties \
android/gradlew \
android/gradlew.bat \
android/gradle.properties \
android/res/values/libs.xml \
android/res/xml/fileprovider.xml \
android/src/org/amnezia/vpn/AuthHelper.java \
android/src/org/amnezia/vpn/IPCContract.kt \
android/src/org/amnezia/vpn/NotificationUtil.kt \
android/src/org/amnezia/vpn/OpenVPNThreadv3.kt \
android/src/org/amnezia/vpn/Prefs.kt \
android/src/org/amnezia/vpn/VpnLogger.kt \
android/src/org/amnezia/vpn/VpnService.kt \
android/src/org/amnezia/vpn/VpnServiceBinder.kt \
android/src/org/amnezia/vpn/qt/AmneziaApp.kt \
android/src/org/amnezia/vpn/qt/PackageManagerHelper.java \
android/src/org/amnezia/vpn/qt/VPNActivity.kt \
android/src/org/amnezia/vpn/qt/VPNApplication.java \
android/src/org/amnezia/vpn/qt/VPNPermissionHelper.kt
ANDROID_PACKAGE_SOURCE_DIR = $$PWD/android
for (abi, ANDROID_ABIS): {
equals(ANDROID_TARGET_ARCH,$$abi) {
LIBS += $$PWD/3rd/OpenSSL/lib/android/$${abi}/libcrypto.a
LIBS += $$PWD/3rd/OpenSSL/lib/android/$${abi}/libssl.a
}
ANDROID_EXTRA_LIBS += $$PWD/android/lib/wireguard/$${abi}/libwg.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/wireguard/$${abi}/libwg-go.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/wireguard/$${abi}/libwg-quick.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/openvpn/$${abi}/libjbcrypto.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/openvpn/$${abi}/libopenvpn.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/openvpn/$${abi}/libopvpnutil.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/openvpn/$${abi}/libovpn3.so
ANDROID_EXTRA_LIBS += $$PWD/android/lib/openvpn/$${abi}/libovpnexec.so
}
}
ios {
message("Client iOS build")
CONFIG += static
CONFIG += file_copies
# For the authentication
LIBS += -framework AuthenticationServices
# For notifications
LIBS += -framework UIKit
LIBS += -framework Foundation
LIBS += -framework StoreKit
LIBS += -framework UserNotifications
LIBS += -framework AVFoundation
DEFINES += MVPN_IOS
HEADERS += \
protocols/ios_vpnprotocol.h \
platforms/ios/iosnotificationhandler.h \
platforms/ios/json.h \
platforms/ios/bigint.h \
platforms/ios/bigintipv6addr.h \
platforms/ios/ipaddress.h \
platforms/ios/ipaddressrange.h \
platforms/ios/QtAppDelegate.h \
platforms/ios/QtAppDelegate-C-Interface.h
SOURCES -= \
platforms/ios/QRCodeReaderBase.cpp \
platforms/ios/MobileUtils.cpp
SOURCES += \
protocols/ios_vpnprotocol.mm \
platforms/ios/iosnotificationhandler.mm \
platforms/ios/json.cpp \
platforms/ios/iosglue.mm \
platforms/ios/ipaddress.cpp \
platforms/ios/ipaddressrange.cpp \
platforms/ios/QRCodeReaderBase.mm \
platforms/ios/QtAppDelegate.mm \
platforms/ios/MobileUtils.mm
Q_ENABLE_BITCODE.value = NO
Q_ENABLE_BITCODE.name = ENABLE_BITCODE
QMAKE_MAC_XCODE_SETTINGS += Q_ENABLE_BITCODE
# CONFIG(iphoneos, iphoneos|iphonesimulator) {
iphoneos {
message("Building for iPhone OS")
QMAKE_TARGET_BUNDLE_PREFIX = org.amnezia
QMAKE_BUNDLE = AmneziaVPN
QMAKE_IOS_DEPLOYMENT_TARGET = 13.0
QMAKE_APPLE_TARGETED_DEVICE_FAMILY = 1
QMAKE_DEVELOPMENT_TEAM = X7UJ388FXK
QMAKE_PROVISIONING_PROFILE = f2fefb59-14aa-4aa9-ac14-1d5531b06dcc
QMAKE_XCODE_CODE_SIGN_IDENTITY = "Apple Distribution"
QMAKE_INFO_PLIST = $$PWD/ios/app/Info.plist
XCODEBUILD_FLAGS += -allowProvisioningUpdates
DEFINES += iphoneos
contains(QT_ARCH, arm64) {
message("Building for iOS/ARM v8 64-bit architecture")
ARCH_TAG = "ios_armv8_64"
LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libcrypto.a
LIBS += $$PWD/3rd/OpenSSL/lib/ios/iphone/libssl.a
} else {
message("Building for iOS/ARM v7 (32-bit) architecture")
ARCH_TAG = "ios_armv7"
}
}
# }
# CONFIG(iphonesimulator, iphoneos|iphonesimulator) {
# iphonesimulator {
# message("Building for iPhone Simulator")
# ARCH_TAG = "ios_x86_64"
#
# DEFINES += iphonesimulator
#
# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libcrypto.a
# LIBS += $$PWD/3rd/OpenSSL/lib/ios/simulator/libssl.a
# }
# }
NETWORKEXTENSION=1
# ! build_pass: system(ruby $$PWD/scripts/xcode_patcher.rb "$$PWD" "$$OUT_PWD/AmneziaVPN.xcodeproj" "2.0" "2.0.0" "ios" "$$NETWORKEXTENSION"|| echo "Failed to merge xcode with wireguard")
#ruby %{sourceDir}/client/ios/xcode_patcher.rb "%{buildDir}/AmneziaVPN.xcodeproj" "2.0" "2.0.0" "ios" "1"
#cd client/ && /Users/md/Qt/5.15.2/ios/bin/qmake -o Makefile /Users/md/amnezia/desktop-client/client/client.pro -spec macx-ios-clang CONFIG+=iphonesimulator CONFIG+=simulator CONFIG+=qml_debug -after
# %{sourceDir}/client/ios/xcode_patcher.rb %{buildDir}/client/AmneziaVPN.xcodeproj 2.0 2.0.0 ios 1
}

9
client/configurators/cloak_configurator.cpp
View file

@ -39,14 +39,11 @@ QString CloakConfigurator::genCloakConfig(const ServerCredentials &credentials,
config.insert("UID", cloakBypassUid);
config.insert("PublicKey", cloakPublicKey);
config.insert("ServerName", "$FAKE_WEB_SITE_ADDRESS");
config.insert("NumConn", 4);
config.insert("NumConn", 1);
config.insert("BrowserSig", "chrome");
config.insert("StreamTimeout", 300);
// transfer params to protocol runner
config.insert(config_key::transport_proto, "tcp");
config.insert(config_key::remote, credentials.hostName);
config.insert(config_key::port, "$CLOAK_SERVER_PORT");
config.insert("RemoteHost", credentials.hostName);
config.insert("RemotePort", "$CLOAK_SERVER_PORT");
QString textCfg = serverController.replaceVars(QJsonDocument(config).toJson(),
serverController.genVarsForScript(credentials, container, containerConfig));

2
client/containers/containers_defs.cpp
View file

@ -155,6 +155,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
switch (c) {
case DockerContainer::WireGuard: return true;
case DockerContainer::OpenVpn: return true;
case DockerContainer::Cloak: return true;
// case DockerContainer::ShadowSocks: return true;
default: return false;
}
@ -170,6 +171,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
case DockerContainer::WireGuard: return true;
case DockerContainer::OpenVpn: return true;
case DockerContainer::ShadowSocks: return true;
case DockerContainer::Cloak: return true;
default: return false;
}

2
client/core/sshclient.cpp
View file

@ -265,7 +265,6 @@ namespace libssh {
int bytesWritten = sftp_write(file, buffer, bufferSize);
std::string chunk(buffer, bufferSize);
qDebug() << "sftp write: " << QString(chunk.c_str());
if (bytesWritten != bufferSize) {
fin.close();
@ -280,7 +279,6 @@ namespace libssh {
fin.read(buffer, lastChunkSize);
std::string chunk(buffer, lastChunkSize);
qDebug() << "sftp write: " << QString(chunk.c_str());
int bytesWritten = sftp_write(file, buffer, lastChunkSize);

10
client/defines.h
View file

@ -1,10 +0,0 @@
#ifndef DEFINES_H
#define DEFINES_H
#define APPLICATION_NAME "AmneziaVPN"
#define SERVICE_NAME "AmneziaVPN-service"
#define ORGANIZATION_NAME "AmneziaVPN.ORG"
#define APP_MAJOR_VERSION "2.1.2"
#define APP_VERSION "2.1.2.0"
#endif // DEFINES_H

64
client/images/AmneziaVPN_Full_logo.svg Normal file
View file

File diff suppressed because one or more lines are too long
Side by side

After

Width:  |  Height:  |  Size: 151 KiB

2
client/images/AmneziaVPN_Full_logo.svg.license Normal file
View file

@ -0,0 +1,2 @@
File AmneziaVPN_Full_logo.svg licensed by CC-BY-SA 4.0
Full license text - https://creativecommons.org/licenses/by-sa/4.0/legalcode.txt

92
client/ios/app/Info.plist
View file

@ -1,92 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleAllowMixedLocalizations</key>
<true/>
<key>CFBundleDevelopmentRegion</key>
<string>$(DEVELOPMENT_LANGUAGE)</string>
<key>CFBundleDisplayName</key>
<string>AmneziaVPN</string>
<key>CFBundleDocumentTypes</key>
<array>
<dict>
<key>CFBundleTypeName</key>
<string>Amnezia VPN config</string>
<key>LSHandlerRank</key>
<string>Alternate</string>
<key>LSItemContentTypes</key>
<array>
<string>org.amnezia.AmneziaVPN.amnezia-config</string>
</array>
</dict>
</array>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIcons</key>
<dict/>
<key>CFBundleIcons~ipad</key>
<dict/>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>${APP_DISPLAY_NAME}</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>$(MARKETING_VERSION)</string>
<key>CFBundleVersion</key>
<string>7</string>
<key>ITSAppUsesNonExemptEncryption</key>
<false/>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>UIFileSharingEnabled</key>
<true/>
<key>LSSupportsOpeningDocumentsInPlace</key>
<true/>
<key>NSCameraUsageDescription</key>
<string>Amnezia VPN needs access to the camera for reading QR-codes.</string>
<key>UILaunchStoryboardName</key>
<string>AmneziaVPNLaunchScreen</string>
<key>UIRequiresFullScreen</key>
<true/>
<key>UISupportedInterfaceOrientations</key>
<array>
<string>UIInterfaceOrientationPortraitUpsideDown</string>
<string>UIInterfaceOrientationPortrait</string>
</array>
<key>UISupportedInterfaceOrientations~ipad</key>
<array/>
<key>UIUserInterfaceStyle</key>
<string>Light</string>
<key>UTImportedTypeDeclarations</key>
<array>
<dict>
<key>UTTypeConformsTo</key>
<array>
<string>public.data</string>
</array>
<key>UTTypeDescription</key>
<string>Amnezia VPN config</string>
<key>UTTypeIconFiles</key>
<array/>
<key>UTTypeIdentifier</key>
<string>org.amnezia.AmneziaVPN.amnezia-config</string>
<key>UTTypeTagSpecification</key>
<dict>
<key>public.filename-extension</key>
<array>
<string>vpn</string>
</array>
<key>public.mime-type</key>
<array>
<string>text/plain</string>
</array>
</dict>
</dict>
</array>
</dict>
</plist>

Some files were not shown because too many files have changed in this diff Show more