AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' of github.com:amnezia-vpn/amnezia-client into origin/feature/new-gui

Browse source
This commit is contained in:
vladimir.kuznetsov 2023-05-12 11:54:28 +08:00
commit dd0de7e8be
14 changed files with 22 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

1
client/android/src/org/amnezia/vpn/VPNService.kt
View file

@ -396,7 +396,6 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
fun establish(): ParcelFileDescriptor? { fun establish(): ParcelFileDescriptor? {
Log.v(tag, "Aman: establish....................") Log.v(tag, "Aman: establish....................")
mbuilder.allowFamily(OsConstants.AF_INET) mbuilder.allowFamily(OsConstants.AF_INET)
mbuilder.allowFamily(OsConstants.AF_INET6)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) mbuilder.setMetered(false) if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) mbuilder.setMetered(false)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) setUnderlyingNetworks(null) if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) setUnderlyingNetworks(null)

4
client/configurators/openvpn_configurator.cpp
View file

@ -118,6 +118,10 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig)
config.append("redirect-gateway def1 bypass-dhcp\n"); config.append("redirect-gateway def1 bypass-dhcp\n");
} }
} }
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("redirect-gateway ipv6\n");
#if (defined Q_OS_MAC || defined(Q_OS_LINUX)) && !defined(Q_OS_ANDROID) #if (defined Q_OS_MAC || defined(Q_OS_LINUX)) && !defined(Q_OS_ANDROID)
config.replace("block-outside-dns", ""); config.replace("block-outside-dns", "");

5
client/core/servercontroller.cpp
View file

@ -655,6 +655,11 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
script = script.append("|:%1").arg(port); script = script.append("|:%1").arg(port);
} }
script = script.append("' | grep -i %1").arg(transportProto); script = script.append("' | grep -i %1").arg(transportProto);
if (transportProto == "tcp") {
script = script.append(" | grep LISTEN");
}
ErrorCode errorCode = runScript(credentials, ErrorCode errorCode = runScript(credentials,
replaceVars(script, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr); replaceVars(script, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
if (errorCode != ErrorCode::NoError) { if (errorCode != ErrorCode::NoError) {

2
client/core/sshclient.cpp
View file

@ -6,7 +6,7 @@
#include <fstream> #include <fstream>
#ifdef Q_OS_WINDOWS #ifdef Q_OS_WINDOWS
#define S_IRWXU 0 const uint32_t S_IRWXU = 0644;
#endif #endif
namespace libssh { namespace libssh {

2
client/server_scripts/openvpn/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

5
client/server_scripts/openvpn/run_container.sh
View file

@ -21,5 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH

2
client/server_scripts/openvpn_cloak/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

4
client/server_scripts/openvpn_cloak/run_container.sh
View file

@ -21,4 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn_cloak/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH

2
client/server_scripts/openvpn_shadowsocks/configure_container.sh
View file

@ -18,7 +18,7 @@ user nobody
group nobody group nobody
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem crl-verify /opt/amnezia/openvpn/crl.pem
status openvpn-status.log status openvpn-status.log
verb 1 verb 1
tls-server tls-server

4
client/server_scripts/openvpn_shadowsocks/run_container.sh
View file

@ -21,4 +21,6 @@ cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\ cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\ cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\ cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn' cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\
cd /opt/amnezia/openvpn && easyrsa gen-crl;\
cd /opt/amnezia/openvpn && cp pki/crl.pem /opt/amnezia/openvpn/crl.pem'

1
client/server_scripts/openvpn_shadowsocks/template.ovpn
View file

@ -5,7 +5,6 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
crl-verify crl.pem
$OPENVPN_NCP_DISABLE $OPENVPN_NCP_DISABLE
cipher $OPENVPN_CIPHER cipher $OPENVPN_CIPHER
auth $OPENVPN_HASH auth $OPENVPN_HASH

BIN
deploy/data/macos/openvpn
View file

Binary file not shown.