AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' of github.com:amnezia-vpn/amnezia-client into feature/new-gui

Browse source
This commit is contained in:
vladimir.kuznetsov 2023-08-09 10:33:34 +05:00
commit e0d93eaa9f
15 changed files with 218 additions and 116 deletions
Download patch file Download diff file Expand all files Collapse all files

2
client/3rd-prebuilt

@ -1 +1 @@
Subproject commit f339911dcb75d8a199e508cc2c2f32851cf211b8
Subproject commit 75e352b40ede4324248b7594b70dbdaa1a7a7f41

37
client/configurators/openvpn_configurator.cpp
View file

@ -110,18 +110,24 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig)
QJsonObject json = QJsonDocument::fromJson(jsonConfig.toUtf8()).object();
QString config = json[config_key::config].toString();
if (m_settings->routeMode() != Settings::VpnAllSites) {
config.replace("redirect-gateway def1 bypass-dhcp", "");
QRegularExpression regex("redirect-gateway.*");
config.replace(regex, "");
if (m_settings->routeMode() == Settings::VpnAllSites) {
config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n");
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("block-ipv6\n");
}
else {
if(!config.contains("redirect-gateway def1 bypass-dhcp")) {
config.append("redirect-gateway def1 bypass-dhcp\n");
}
if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
// no redirect-gateway
}
if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n");
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("block-ipv6\n");
}
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("redirect-gateway ipv6\n");
#ifndef MZ_WINDOWS
config.replace("block-outside-dns", "");
@ -146,9 +152,14 @@ QString OpenVpnConfigurator::processConfigWithExportSettings(QString jsonConfig)
QJsonObject json = QJsonDocument::fromJson(jsonConfig.toUtf8()).object();
QString config = json[config_key::config].toString();
if(!config.contains("redirect-gateway def1 bypass-dhcp")) {
config.append("redirect-gateway def1 bypass-dhcp\n");
}
QRegularExpression regex("redirect-gateway.*");
config.replace(regex, "");
config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n");
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("block-ipv6\n");
// remove block-outside-dns for all exported configs
config.replace("block-outside-dns", "");

2
client/protocols/ios_vpnprotocol.h
View file

@ -15,7 +15,7 @@ public:
explicit IOSVpnProtocol(amnezia::Proto proto, const QJsonObject& configuration, QObject* parent = nullptr);
static IOSVpnProtocol* instance();
virtual ~IOSVpnProtocol() override = default;
virtual ~IOSVpnProtocol() override;
bool initialize();

11
client/protocols/ios_vpnprotocol.mm
View file

@ -30,6 +30,12 @@ IOSVpnProtocol::IOSVpnProtocol(Proto proto, const QJsonObject &configuration, QO
connect(this, &IOSVpnProtocol::newTransmittedDataCount, this, &IOSVpnProtocol::setBytesChanged);
}
IOSVpnProtocol::~IOSVpnProtocol()
{
qDebug() << "IOSVpnProtocol::~IOSVpnProtocol()";
IOSVpnProtocol::stop();
}
IOSVpnProtocol* IOSVpnProtocol::instance() {
return s_instance;
}
@ -158,9 +164,12 @@ void IOSVpnProtocol::checkStatus()
}
m_checkingStatus = true;
QPointer<IOSVpnProtocol> weakSelf = this;
[m_controller checkStatusWithCallback:^(NSString* serverIpv4Gateway, NSString* deviceIpv4Address,
NSString* configString) {
if (!weakSelf) return;
QString config = QString::fromNSString(configString);
m_checkingStatus = false;
@ -185,7 +194,7 @@ void IOSVpnProtocol::checkStatus()
}
}
emit newTransmittedDataCount(rxBytes, txBytes);
emit weakSelf->newTransmittedDataCount(rxBytes, txBytes);
}];
}

32
client/protocols/openvpnprotocol.cpp
View file

@ -42,6 +42,7 @@ QString OpenVpnProtocol::defaultConfigPath()
void OpenVpnProtocol::stop()
{
qDebug() << "OpenVpnProtocol::stop()";
setConnectionState(VpnProtocol::Disconnecting);
// TODO: need refactoring
// sendTermSignal() will even return true while server connected ???
@ -52,10 +53,10 @@ void OpenVpnProtocol::stop()
if (!sendTermSignal()) {
killOpenVpnProcess();
}
QThread::msleep(10);
m_managementServer.stop();
qApp->processEvents();
setConnectionState(Vpn::ConnectionState::Disconnecting);
}
setConnectionState(VpnProtocol::Disconnected);
}
ErrorCode OpenVpnProtocol::prepare()
@ -78,11 +79,9 @@ ErrorCode OpenVpnProtocol::prepare()
void OpenVpnProtocol::killOpenVpnProcess()
{
#ifndef Q_OS_IOS
if (m_openVpnProcess){
m_openVpnProcess->close();
}
#endif
}
void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration)
@ -150,7 +149,6 @@ void OpenVpnProtocol::updateRouteGateway(QString line)
ErrorCode OpenVpnProtocol::start()
{
#ifndef Q_OS_IOS
//qDebug() << "Start OpenVPN connection";
OpenVpnProtocol::stop();
@ -164,6 +162,27 @@ ErrorCode OpenVpnProtocol::start()
return lastError();
}
// Detect default gateway
#ifdef Q_OS_MAC
QProcess p;
p.setProcessChannelMode(QProcess::MergedChannels);
p.start("route", QStringList() << "-n" << "get" << "default");
p.waitForFinished();
QString s = p.readAll();
QRegularExpression rx(R"(gateway:\s*(\d+\.\d+\.\d+\.\d+))");
QRegularExpressionMatch match = rx.match(s);
if (match.hasMatch()) {
m_routeGateway = match.captured(1);
qDebug() << "Set VPN route gateway" << m_routeGateway;
}
else {
qWarning() << "Unable to set VPN route gateway, output:\n" << s;
}
#endif
// QString vpnLogFileNamePath = Utils::systemLogPath() + "/openvpn.log";
// Utils::createEmptyFile(vpnLogFileNamePath);
@ -216,9 +235,6 @@ ErrorCode OpenVpnProtocol::start()
//startTimeoutTimer();
return ErrorCode::NoError;
#else
return ErrorCode::NotImplementedError;
#endif
}
bool OpenVpnProtocol::sendTermSignal()

38
client/ui/pages_logic/SitesLogic.cpp
View file

@ -66,12 +66,18 @@ void SitesLogic::onPushButtonAddCustomSitesClicked()
m_settings->addVpnSite(mode, newSite, ip);
if (!ip.isEmpty()) {
uiLogic()->m_vpnConnection->addRoutes(QStringList() << ip);
uiLogic()->m_vpnConnection->flushDns();
} else if (Utils::ipAddressWithSubnetRegExp().exactMatch(newSite)) {
uiLogic()->m_vpnConnection->addRoutes(QStringList() << newSite);
uiLogic()->m_vpnConnection->flushDns();
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "addRoutes",
Qt::QueuedConnection,
Q_ARG(QStringList, QStringList() << ip));
}
else if (Utils::ipAddressWithSubnetRegExp().exactMatch(newSite)) {
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "addRoutes",
Qt::QueuedConnection,
Q_ARG(QStringList, QStringList() << newSite));
}
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "flushDns",
Qt::QueuedConnection);
onUpdatePage();
};
@ -118,17 +124,19 @@ void SitesLogic::onPushButtonSitesDeleteClicked(QStringList items)
return;
// sites.append(siteModel->data(row, 0).toString());
if (uiLogic()->m_vpnConnection->connectionState() == Vpn::ConnectionState::Connected) {
// ips.append(siteModel->data(row, 1).toString());
if (uiLogic()->m_vpnConnection && uiLogic()->m_vpnConnection->connectionState() == VpnProtocol::Connected) {
ips.append(siteModel->data(row, 1).toString());
}
}
m_settings->removeVpnSites(mode, sites);
if (uiLogic()->m_vpnConnection->connectionState() == Vpn::ConnectionState::Connected) {
uiLogic()->m_vpnConnection->deleteRoutes(ips);
uiLogic()->m_vpnConnection->flushDns();
}
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "deleteRoutes",
Qt::QueuedConnection,
Q_ARG(QStringList, ips));
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "flushDns",
Qt::QueuedConnection);
onUpdatePage();
}
@ -189,8 +197,12 @@ void SitesLogic::onPushButtonSitesImportClicked(const QString &fileName)
m_settings->addVpnIps(mode, ips);
m_settings->addVpnSites(mode, sites);
uiLogic()->m_vpnConnection->addRoutes(QStringList() << ips);
uiLogic()->m_vpnConnection->flushDns();
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "addRoutes",
Qt::QueuedConnection,
Q_ARG(QStringList, ips));
QMetaObject::invokeMethod(uiLogic()->m_vpnConnection, "flushDns",
Qt::QueuedConnection);
onUpdatePage();
}

4
client/utilities.cpp
View file

@ -221,7 +221,9 @@ QString Utils::openVpnExecPath()
#ifdef Q_OS_WIN
return Utils::executable("openvpn/openvpn", true);
#elif defined Q_OS_LINUX
return Utils::usrExecutable("openvpn");
// We have service that runs OpenVPN on Linux. We need to make same
// path for client and service.
return Utils::executable("../../client/bin/openvpn", true);
#else
return Utils::executable("/openvpn", true);
#endif

69
client/vpnconnection.cpp
View file

@ -32,9 +32,9 @@
VpnConnection::VpnConnection(std::shared_ptr<Settings> settings,
std::shared_ptr<VpnConfigurator> configurator, QObject* parent) : QObject(parent),
m_settings(settings),
m_configurator(configurator),
m_isIOSConnected(false)
m_configurator(configurator)
{
m_checkTimer.setInterval(1000);
}
VpnConnection::~VpnConnection()
@ -96,31 +96,16 @@ void VpnConnection::onConnectionStateChanged(Vpn::ConnectionState state)
#endif
#ifdef Q_OS_IOS
if (state == Vpn::ConnectionState::Connected){
m_isIOSConnected = true;
checkIOSStatus();
if (state == VpnProtocol::Connected) {
m_checkTimer.start();
}
else {
m_isIOSConnected = false;
// m_receivedBytes = 0;
// m_sentBytes = 0;
m_checkTimer.stop();
}
#endif
emit connectionStateChanged(state);
}
#ifdef Q_OS_IOS
void VpnConnection::checkIOSStatus()
{
QTimer::singleShot(1000, [this]() {
if(m_isIOSConnected){
iosVpnProtocol->checkStatus();
checkIOSStatus();
}
} );
}
#endif
const QString &VpnConnection::remoteAddress() const
{
return m_remoteAddress;
@ -236,7 +221,6 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex,
const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, Proto proto,
ErrorCode *errorCode)
{
ErrorCode e = ErrorCode::NoError;
QMap<Proto, QString> lastVpnConfig = getLastVpnConfig(containerConfig);
QString configData;
@ -246,19 +230,16 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex,
}
else {
configData = m_configurator->genVpnProtocolConfig(credentials,
container, containerConfig, proto, &e);
container, containerConfig, proto, errorCode);
if (errorCode && *errorCode) {
return "";
}
QString configDataBeforeLocalProcessing = configData;
configData = m_configurator->processConfigWithLocalSettings(serverIndex, container, proto, configData);
if (errorCode && e) {
*errorCode = e;
return "";
}
if (serverIndex >= 0) {
qDebug() << "VpnConnection::createVpnConfiguration: saving config for server #" << serverIndex << container << proto;
QJsonObject protoObject = m_settings->protocolConfig(serverIndex, container, proto);
@ -267,7 +248,6 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex,
}
}
if (errorCode) *errorCode = e;
return configData;
}
@ -275,18 +255,15 @@ QJsonObject VpnConnection::createVpnConfiguration(int serverIndex,
const ServerCredentials &credentials, DockerContainer container,
const QJsonObject &containerConfig, ErrorCode *errorCode)
{
ErrorCode e = ErrorCode::NoError;
QJsonObject vpnConfiguration;
for (ProtocolEnumNS::Proto proto : ContainerProps::protocolsForContainer(container)) {
QJsonObject vpnConfigData = QJsonDocument::fromJson(
createVpnConfigurationForProto(
serverIndex, credentials, container, containerConfig, proto, &e).toUtf8()).
serverIndex, credentials, container, containerConfig, proto, errorCode).toUtf8()).
object();
if (e) {
if (errorCode) *errorCode = e;
if (errorCode && *errorCode) {
return {};
}
@ -356,16 +333,18 @@ void VpnConnection::connectToVpn(int serverIndex,
m_vpnProtocol.reset(androidVpnProtocol);
#elif defined Q_OS_IOS
Proto proto = ContainerProps::defaultProtocol(container);
//if (iosVpnProtocol==NULL) {
iosVpnProtocol = new IOSVpnProtocol(proto, m_vpnConfiguration);
//}
// IOSVpnProtocol *iosVpnProtocol = new IOSVpnProtocol(proto, m_vpnConfiguration);
auto iosVpnProtocol = new IOSVpnProtocol(proto, m_vpnConfiguration);
if (!iosVpnProtocol->initialize()) {
qDebug() << QString("Init failed") ;
emit Vpn::ConnectionState::Error;
emit VpnProtocol::Error;
iosVpnProtocol->deleteLater();
return;
}
connect(&m_checkTimer, &QTimer::timeout, iosVpnProtocol, &IOSVpnProtocol::checkStatus);
m_vpnProtocol.reset(iosVpnProtocol);
#endif
createProtocolConnections();
@ -439,7 +418,11 @@ void VpnConnection::disconnectFromVpn()
#endif
return;
}
m_vpnProtocol.data()->stop();
if (m_vpnProtocol) {
m_vpnProtocol->deleteLater();
}
m_vpnProtocol = nullptr;
}
Vpn::ConnectionState VpnConnection::connectionState()
@ -450,10 +433,6 @@ Vpn::ConnectionState VpnConnection::connectionState()
bool VpnConnection::isConnected() const
{
#ifdef Q_OS_IOS
#endif
if (!m_vpnProtocol.data()) {
return false;
}

23
client/vpnconnection.h
View file

@ -5,6 +5,7 @@
#include <QString>
#include <QScopedPointer>
#include <QRemoteObjectNode>
#include <QTimer>
#include "protocols/vpnprotocol.h"
#include "core/defs.h"
@ -50,17 +51,12 @@ public:
const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
bool isConnected() const;
bool isDisconnected() const;
Vpn::ConnectionState connectionState();
QSharedPointer<VpnProtocol> vpnProtocol() const;
void addRoutes(const QStringList &ips);
void deleteRoutes(const QStringList &ips);
void flushDns();
const QString &remoteAddress() const;
void addSitesRoutes(const QString &gw, Settings::RouteMode mode);
@ -74,6 +70,11 @@ public slots:
void disconnectFromVpn();
void addRoutes(const QStringList &ips);
void deleteRoutes(const QStringList &ips);
void flushDns();
signals:
void bytesChanged(quint64 receivedBytes, quint64 sentBytes);
void connectionStateChanged(Vpn::ConnectionState state);
@ -85,10 +86,6 @@ protected slots:
void onBytesChanged(quint64 receivedBytes, quint64 sentBytes);
void onConnectionStateChanged(Vpn::ConnectionState state);
#ifdef Q_OS_IOS
void checkIOSStatus();
#endif
protected:
QSharedPointer<VpnProtocol> m_vpnProtocol;
@ -99,14 +96,14 @@ private:
QJsonObject m_vpnConfiguration;
QJsonObject m_routeMode;
QString m_remoteAddress;
bool m_isIOSConnected; //remove later move to isConnected,
// Only for iOS for now, check counters
QTimer m_checkTimer;
#ifdef AMNEZIA_DESKTOP
IpcClient *m_IpcClient {nullptr};
#endif
#ifdef Q_OS_IOS
IOSVpnProtocol * iosVpnProtocol{nullptr};
#endif
#ifdef Q_OS_ANDROID
AndroidVpnProtocol* androidVpnProtocol = nullptr;