diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 35e740b0..0c9dfb32 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -10,7 +10,7 @@ env: jobs: Build-Linux-Ubuntu: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 env: QT_VERSION: 6.6.2 @@ -20,6 +20,8 @@ jobs: DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Install Qt' @@ -90,6 +92,8 @@ jobs: DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Get sources' @@ -156,6 +160,8 @@ jobs: DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Setup xcode' @@ -190,7 +196,7 @@ jobs: - name: 'Install go' uses: actions/setup-go@v5 with: - go-version: '1.22.1' + go-version: '1.24' cache: false - name: 'Setup gomobile' @@ -243,18 +249,82 @@ jobs: # ------------------------------------------------------ - Build-MacOS: + Build-MacOS-old: runs-on: macos-latest env: # Keep compat with MacOS 10.15 aka Catalina by Qt 6.4 QT_VERSION: 6.4.3 - QIF_VERSION: 4.6 PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }} PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }} DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} + + steps: + - name: 'Setup xcode' + uses: maxim-lobanov/setup-xcode@v1 + with: + xcode-version: '15.4.0' + + - name: 'Install Qt' + uses: jurplel/install-qt-action@v3 + with: + version: ${{ env.QT_VERSION }} + host: 'mac' + target: 'desktop' + arch: 'clang_64' + modules: 'qtremoteobjects qt5compat qtshadertools' + dir: ${{ runner.temp }} + setup-python: 'true' + set-env: 'true' + extra: '--external 7z --base ${{ env.QT_MIRROR }}' + + + - name: 'Get sources' + uses: actions/checkout@v4 + with: + submodules: 'true' + fetch-depth: 10 + + - name: 'Setup ccache' + uses: hendrikmuhs/ccache-action@v1.2 + + - name: 'Build project' + run: | + export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin" + bash deploy/build_macos.sh + + - name: 'Upload installer artifact' + uses: actions/upload-artifact@v4 + with: + name: AmneziaVPN_MacOS_old_installer + path: deploy/build/pkg/AmneziaVPN.pkg + retention-days: 7 + + - name: 'Upload unpacked artifact' + uses: actions/upload-artifact@v4 + with: + name: AmneziaVPN_MacOS_old_unpacked + path: deploy/build/client/AmneziaVPN.app + retention-days: 7 + +# ------------------------------------------------------ + + Build-MacOS: + runs-on: macos-latest + + env: + QT_VERSION: 6.8.0 + PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }} + PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }} + DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} + DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} + DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Setup xcode' @@ -275,11 +345,6 @@ jobs: set-env: 'true' extra: '--external 7z --base ${{ env.QT_MIRROR }}' - - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}' - run: | - mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework - wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip - unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/ - name: 'Get sources' uses: actions/checkout@v4 @@ -293,14 +358,13 @@ jobs: - name: 'Build project' run: | export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin" - export QIF_BIN_DIR="${{ runner.temp }}/Qt/Tools/QtInstallerFramework/${{ env.QIF_VERSION }}/bin" bash deploy/build_macos.sh - name: 'Upload installer artifact' uses: actions/upload-artifact@v4 with: name: AmneziaVPN_MacOS_installer - path: AmneziaVPN.dmg + path: deploy/build/pkg/AmneziaVPN.pkg retention-days: 7 - name: 'Upload unpacked artifact' @@ -324,6 +388,8 @@ jobs: DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Install desktop Qt' diff --git a/.github/workflows/tag-deploy.yml b/.github/workflows/tag-deploy.yml index 2bcbd8c6..31c334bf 100644 --- a/.github/workflows/tag-deploy.yml +++ b/.github/workflows/tag-deploy.yml @@ -20,6 +20,8 @@ jobs: DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }} + PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }} steps: - name: 'Install desktop Qt' diff --git a/.github/workflows/tag-upload.yml b/.github/workflows/tag-upload.yml index 22629ed3..9ac2da58 100644 --- a/.github/workflows/tag-upload.yml +++ b/.github/workflows/tag-upload.yml @@ -1,64 +1,41 @@ name: 'Upload a new version' on: - push: - tags: - - '[0-9]+.[0-9]+.[0-9]+.[0-9]+' + workflow_dispatch: + inputs: + RELEASE_VERSION: + description: 'Release version (e.g. 1.2.3.4)' + required: true + type: string jobs: - upload: + Upload-S3: runs-on: ubuntu-latest - name: upload steps: - - name: Checkout CMakeLists.txt + - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ github.ref_name }} + ref: ${{ inputs.RELEASE_VERSION }} sparse-checkout: | CMakeLists.txt + deploy/deploy_s3.sh sparse-checkout-cone-mode: false - name: Verify git tag run: | - GIT_TAG=${{ github.ref_name }} + TAG_NAME=${{ inputs.RELEASE_VERSION }} CMAKE_TAG=$(grep 'project.*VERSION' CMakeLists.txt | sed -E 's/.* ([0-9]+.[0-9]+.[0-9]+.[0-9]+)$/\1/') - - if [[ "$GIT_TAG" == "$CMAKE_TAG" ]]; then - echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are the same. Continuing..." + if [[ "$TAG_NAME" == "$CMAKE_TAG" ]]; then + echo "Git tag ($TAG_NAME) matches CMakeLists.txt version ($CMAKE_TAG)." else - echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are not the same! Cancelling..." + echo "::error::Mismatch: Git tag ($TAG_NAME) != CMakeLists.txt version ($CMAKE_TAG). Exiting with error..." exit 1 fi - - name: Download artifacts from the "${{ github.ref_name }}" tag - uses: robinraju/release-downloader@v1.8 + - name: Setup Rclone + uses: AnimMouse/setup-rclone@v1 with: - tag: ${{ github.ref_name }} - fileName: "AmneziaVPN_(Linux_|)${{ github.ref_name }}*" - out-file-path: ${{ github.ref_name }} + rclone_config: ${{ secrets.RCLONE_CONFIG }} - - name: Upload beta version - uses: jakejarvis/s3-sync-action@master - if: contains(github.event.base_ref, 'dev') - with: - args: --include "AmneziaVPN*" --delete - env: - AWS_S3_BUCKET: updates - AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }} - AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com - SOURCE_DIR: ${{ github.ref_name }} - DEST_DIR: beta/${{ github.ref_name }} - - - name: Upload stable version - uses: jakejarvis/s3-sync-action@master - if: contains(github.event.base_ref, 'master') - with: - args: --include "AmneziaVPN*" --delete - env: - AWS_S3_BUCKET: updates - AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }} - AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com - SOURCE_DIR: ${{ github.ref_name }} - DEST_DIR: stable/${{ github.ref_name }} + - name: Send dist to S3 + run: bash deploy/deploy_s3.sh ${{ inputs.RELEASE_VERSION }} diff --git a/.gitignore b/.gitignore index 5b90fd55..503adc2d 100644 --- a/.gitignore +++ b/.gitignore @@ -133,4 +133,8 @@ client/3rd/ShadowSocks/ss_ios.xcconfig out/ # CMake files -CMakeFiles/ \ No newline at end of file +CMakeFiles/ + +ios-ne-build.sh +macos-ne-build.sh +macos-signed-build.sh diff --git a/.gitmodules b/.gitmodules index 3ceaa56e..90edb582 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,3 @@ -[submodule "client/3rd/OpenVPNAdapter"] - path = client/3rd/OpenVPNAdapter - url = https://github.com/amnezia-vpn/OpenVPNAdapter.git [submodule "client/3rd/qtkeychain"] path = client/3rd/qtkeychain url = https://github.com/frankosterfeld/qtkeychain.git @@ -10,6 +7,7 @@ [submodule "client/3rd-prebuilt"] path = client/3rd-prebuilt url = https://github.com/amnezia-vpn/3rd-prebuilt + branch = feature/special-handshake [submodule "client/3rd/amneziawg-apple"] path = client/3rd/amneziawg-apple url = https://github.com/amnezia-vpn/amneziawg-apple diff --git a/CMakeLists.txt b/CMakeLists.txt index cb695631..fec613de 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR) set(PROJECT AmneziaVPN) -project(${PROJECT} VERSION 4.8.2.4 +project(${PROJECT} VERSION 4.8.8.1 DESCRIPTION "AmneziaVPN" HOMEPAGE_URL "https://amnezia.org/" ) @@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d") set(RELEASE_DATE "${CURRENT_DATE}") set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH}) -set(APP_ANDROID_VERSION_CODE 2071) +set(APP_ANDROID_VERSION_CODE 2087) if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux") set(MZ_PLATFORM_NAME "linux") diff --git a/README.md b/README.md index 8f887808..992c3ad0 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ [![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)](https://amnezia.org) -### [Website](https://amnezia.org) | [Alt website link](https://storage.googleapis.com/kldscp/amnezia.org) | [Documentation](https://docs.amnezia.org) | [Troubleshooting](https://docs.amnezia.org/troubleshooting) +### [Website](https://amnezia.org) | [Alt website link](https://storage.googleapis.com/amnezia/amnezia.org) | [Documentation](https://docs.amnezia.org) | [Troubleshooting](https://docs.amnezia.org/troubleshooting) > [!TIP] -> If the [Amnezia website](https://amnezia.org) is blocked in your region, you can use an [Alternative website link](https://storage.googleapis.com/kldscp/amnezia.org). +> If the [Amnezia website](https://amnezia.org) is blocked in your region, you can use an [Alternative website link](https://storage.googleapis.com/amnezia/amnezia.org ). - + [All releases](https://github.com/amnezia-vpn/amnezia-client/releases) @@ -185,7 +185,7 @@ GPL v3.0 Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn) -Bitcoin: bc1q26eevjcg9j0wuyywd2e3uc9cs2w58lpkpjxq6p
+Bitcoin: bc1qmhtgcf9637rl3kqyy22r2a8wa8laka4t9rx2mf
USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4
USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d
XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3
diff --git a/README_RU.md b/README_RU.md index 59518f4b..44681875 100644 --- a/README_RU.md +++ b/README_RU.md @@ -6,16 +6,16 @@ [![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/amnezia-vpn/amnezia-client) ### [English](https://github.com/amnezia-vpn/amnezia-client/blob/dev/README.md) | Русский -[AmneziaVPN](https://amnezia.org) — это open sourse VPN-клиент, ключевая особенность которого заключается в возможности развернуть собственный VPN на вашем сервере. +[AmneziaVPN](https://amnezia.org) — это open source VPN-клиент, ключевая особенность которого заключается в возможности развернуть собственный VPN на вашем сервере. [![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)](https://amnezia.org) -### [Сайт](https://amnezia.org) | [Зеркало на сайт](https://storage.googleapis.com/kldscp/amnezia.org) | [Документация](https://docs.amnezia.org) | [Решение проблем](https://docs.amnezia.org/troubleshooting) +### [Сайт](https://amnezia.org) | [Зеркало сайта](https://storage.googleapis.com/amnezia/amnezia.org) | [Документация](https://docs.amnezia.org) | [Решение проблем](https://docs.amnezia.org/troubleshooting) > [!TIP] -> Если [сайт Amnezia](https://amnezia.org) заблокирован в вашем регионе, вы можете воспользоваться [ссылкой на зеркало](https://storage.googleapis.com/kldscp/amnezia.org). +> Если [сайт Amnezia](https://amnezia.org) заблокирован в вашем регионе, вы можете воспользоваться [ссылкой на зеркало](https://storage.googleapis.com/amnezia/amnezia.org). - + [Все релизы](https://github.com/amnezia-vpn/amnezia-client/releases) @@ -30,7 +30,7 @@ - Классические VPN-протоколы: OpenVPN, WireGuard и IKEv2. - Протоколы с маскировкой трафика (обфускацией): OpenVPN с плагином [Cloak](https://github.com/cbeuw/Cloak), Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay. - Поддержка Split Tunneling — добавляйте любые сайты или приложения в список, чтобы включить VPN только для них. -- Поддерживает платформы: Windows, MacOS, Linux, Android, iOS. +- Поддерживает платформы: Windows, macOS, Linux, Android, iOS. - Поддержка конфигурации протокола AmneziaWG на [бета-прошивке Keenetic](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved). ## Ссылки @@ -38,10 +38,10 @@ - [https://amnezia.org](https://amnezia.org) - Веб-сайт проекта | [Альтернативная ссылка (зеркало)](https://storage.googleapis.com/kldscp/amnezia.org) - [https://docs.amnezia.org](https://docs.amnezia.org) - Документация - [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit -- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Канал поддржки в Telegram (Английский) -- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Канал поддржки в Telegram (Фарси) -- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Канал поддржки в Telegram (Мьянма) -- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Канал поддржки в Telegram (Русский) +- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Канал поддержки в Telegram (Английский) +- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Канал поддержки в Telegram (Фарси) +- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Канал поддержки в Telegram (Мьянма) +- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Канал поддержки в Telegram (Русский) - [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium | [Зеркало](https://storage.googleapis.com/kldscp/vpnpay.io/ru/amnezia-premium\) ## Технологии @@ -80,8 +80,8 @@ git submodule update --init --recursive Проверьте папку deploy для скриптов сборки. ### Как собрать iOS-приложение из исходного кода на MacOS -1. Убедитесь, что у вас установлен XCode версии 14 или выше. -2. Для генерации проекта XCode используется QT. Требуется версия QT 6.6.2. Установите QT для MacOS здесь или через QT Online Installer. Необходимые модули: +1. Убедитесь, что у вас установлен Xcode версии 14 или выше. +2. Для генерации проекта Xcode используется QT. Требуется версия QT 6.6.2. Установите QT для MacOS здесь или через QT Online Installer. Необходимые модули: - MacOS - iOS - Модуль совместимости с Qt 5 @@ -117,7 +117,7 @@ $QT_IOS_BIN/qt-cmake . -B build-ios -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR export PATH=$(PATH):/path/to/GOPATH/bin ``` -6. Откройте проект в XCode. Теперь вы можете тестировать, архивировать или публиковать приложение. +6. Откройте проект в Xcode. Теперь вы можете тестировать, архивировать или публиковать приложение. Если сборка завершится с ошибкой: ``` @@ -169,7 +169,7 @@ GPL v3.0 Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn) -Bitcoin: bc1q26eevjcg9j0wuyywd2e3uc9cs2w58lpkpjxq6p
+Bitcoin: bc1qmhtgcf9637rl3kqyy22r2a8wa8laka4t9rx2mf
USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4
USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d
XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3
diff --git a/client/3rd-prebuilt b/client/3rd-prebuilt index ba580dc5..840b7b07 160000 --- a/client/3rd-prebuilt +++ b/client/3rd-prebuilt @@ -1 +1 @@ -Subproject commit ba580dc5bd7784f7b1e110ff0365f3286e549a61 +Subproject commit 840b7b070e6ac8b90dda2fac6e98859b23727c0c diff --git a/client/3rd/OpenVPNAdapter b/client/3rd/OpenVPNAdapter deleted file mode 160000 index 7c821a8d..00000000 --- a/client/3rd/OpenVPNAdapter +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 7c821a8d5c1ad5ad94e0763b4f25a875b5a6fe1b diff --git a/client/3rd/amneziawg-apple b/client/3rd/amneziawg-apple index 76e7db55..811af0a8 160000 --- a/client/3rd/amneziawg-apple +++ b/client/3rd/amneziawg-apple @@ -1 +1 @@ -Subproject commit 76e7db556a6d7e2582f9481df91db188a46c009c +Subproject commit 811af0a83b3faeade89a9093a588595666d32066 diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index 05f9f17c..a454142d 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -31,9 +31,8 @@ add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}") add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}") add_definitions(-DDEV_S3_ENDPOINT="$ENV{DEV_S3_ENDPOINT}") -if(IOS) - set(PACKAGES ${PACKAGES} Multimedia) -endif() +add_definitions(-DFREE_V2_ENDPOINT="$ENV{FREE_V2_ENDPOINT}") +add_definitions(-DPREM_V1_ENDPOINT="$ENV{PREM_V1_ENDPOINT}") if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) set(PACKAGES ${PACKAGES} Widgets) @@ -48,10 +47,6 @@ set(LIBS ${LIBS} Qt6::Core5Compat Qt6::Concurrent ) -if(IOS) - set(LIBS ${LIBS} Qt6::Multimedia) -endif() - if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) set(LIBS ${LIBS} Qt6::Widgets) endif() @@ -96,11 +91,6 @@ configure_file(${CMAKE_CURRENT_LIST_DIR}/translations/translations.qrc.in ${CMAK qt6_add_resources(QRC ${I18NQRC} ${CMAKE_CURRENT_BINARY_DIR}/translations.qrc) # -- i18n end -if(IOS) - execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/ios/scripts/openvpn.sh args - WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR}) -endif() - set(IS_CI ${CI}) if(IS_CI) message("Detected CI env") @@ -110,8 +100,8 @@ if(IS_CI) endif() endif() - include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake) +include(${CMAKE_CURRENT_LIST_DIR}/cmake/sources.cmake) include_directories( ${CMAKE_CURRENT_LIST_DIR}/../ipc @@ -120,165 +110,22 @@ include_directories( ${CMAKE_CURRENT_BINARY_DIR} ) -configure_file(${CMAKE_CURRENT_LIST_DIR}/../version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h) - -set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/migrations.h - ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc.h - ${CMAKE_CURRENT_LIST_DIR}/amnezia_application.h - ${CMAKE_CURRENT_LIST_DIR}/containers/containers_defs.h - ${CMAKE_CURRENT_LIST_DIR}/core/defs.h - ${CMAKE_CURRENT_LIST_DIR}/core/errorstrings.h - ${CMAKE_CURRENT_LIST_DIR}/core/scripts_registry.h - ${CMAKE_CURRENT_LIST_DIR}/core/server_defs.h - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/apiController.h - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/serverController.h - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/vpnConfigurationController.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/qml_register_protocols.h - ${CMAKE_CURRENT_LIST_DIR}/ui/pages.h - ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h - ${CMAKE_CURRENT_BINARY_DIR}/version.h - ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.h - ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.h - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/serialization.h - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/transfer.h - ${CMAKE_CURRENT_LIST_DIR}/core/enums/apiEnums.h - ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.h -) - -# Mozilla headres -set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/mozilla/models/server.h - ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/ipaddress.h - ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/leakdetector.h - ${CMAKE_CURRENT_LIST_DIR}/mozilla/controllerimpl.h - ${CMAKE_CURRENT_LIST_DIR}/mozilla/localsocketcontroller.h -) - include_directories(mozilla) include_directories(mozilla/shared) include_directories(mozilla/models) -if(NOT IOS) - set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.h - ) -endif() - -if(NOT ANDROID) - set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/ui/notificationhandler.h - ) -endif() - -set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/migrations.cpp - ${CMAKE_CURRENT_LIST_DIR}/amnezia_application.cpp - ${CMAKE_CURRENT_LIST_DIR}/containers/containers_defs.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/errorstrings.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/scripts_registry.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/server_defs.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/apiController.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/serverController.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/controllers/vpnConfigurationController.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.cpp - ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/outbound.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/inbound.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/ss.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/ssd.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vless.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/trojan.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess_new.cpp - ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.cpp -) - -# Mozilla sources -set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/mozilla/models/server.cpp - ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/ipaddress.cpp - ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/leakdetector.cpp - ${CMAKE_CURRENT_LIST_DIR}/mozilla/localsocketcontroller.cpp -) +configure_file(${CMAKE_CURRENT_LIST_DIR}/../version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h) if(CMAKE_BUILD_TYPE STREQUAL "Debug") target_compile_definitions(${PROJECT} PRIVATE "MZ_DEBUG") endif() -if(NOT IOS) - set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.cpp - ) -endif() - -if(NOT ANDROID) - set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/ui/notificationhandler.cpp - ) -endif() - -file(GLOB COMMON_FILES_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/*.h) -file(GLOB COMMON_FILES_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/*.cpp) - -file(GLOB_RECURSE PAGE_LOGIC_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/pages_logic/*.h) -file(GLOB_RECURSE PAGE_LOGIC_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/pages_logic/*.cpp) - -file(GLOB CONFIGURATORS_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/configurators/*.h) -file(GLOB CONFIGURATORS_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/configurators/*.cpp) - -file(GLOB UI_MODELS_H CONFIGURE_DEPENDS - ${CMAKE_CURRENT_LIST_DIR}/ui/models/*.h - ${CMAKE_CURRENT_LIST_DIR}/ui/models/protocols/*.h - ${CMAKE_CURRENT_LIST_DIR}/ui/models/services/*.h -) -file(GLOB UI_MODELS_CPP CONFIGURE_DEPENDS - ${CMAKE_CURRENT_LIST_DIR}/ui/models/*.cpp - ${CMAKE_CURRENT_LIST_DIR}/ui/models/protocols/*.cpp - ${CMAKE_CURRENT_LIST_DIR}/ui/models/services/*.cpp -) - -file(GLOB UI_CONTROLLERS_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/controllers/*.h) -file(GLOB UI_CONTROLLERS_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/controllers/*.cpp) - -set(HEADERS ${HEADERS} - ${COMMON_FILES_H} - ${PAGE_LOGIC_H} - ${CONFIGURATORS_H} - ${UI_MODELS_H} - ${UI_CONTROLLERS_H} -) -set(SOURCES ${SOURCES} - ${COMMON_FILES_CPP} - ${PAGE_LOGIC_CPP} - ${CONFIGURATORS_CPP} - ${UI_MODELS_CPP} - ${UI_CONTROLLERS_CPP} -) - if(WIN32) configure_file( ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc ) - set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_windows.h - ) - - set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_windows.cpp - ) - - set(RESOURCES ${RESOURCES} - ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc - ) - set(LIBS ${LIBS} user32 rasapi32 @@ -322,30 +169,6 @@ endif() if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) message("Client desktop build") add_compile_definitions(AMNEZIA_DESKTOP) - - set(HEADERS ${HEADERS} - ${CMAKE_CURRENT_LIST_DIR}/core/ipcclient.h - ${CMAKE_CURRENT_LIST_DIR}/core/privileged_process.h - ${CMAKE_CURRENT_LIST_DIR}/ui/systemtray_notificationhandler.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnprotocol.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnovercloakprotocol.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/shadowsocksvpnprotocol.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/wireguardprotocol.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/xrayprotocol.h - ${CMAKE_CURRENT_LIST_DIR}/protocols/awgprotocol.h - ) - - set(SOURCES ${SOURCES} - ${CMAKE_CURRENT_LIST_DIR}/core/ipcclient.cpp - ${CMAKE_CURRENT_LIST_DIR}/core/privileged_process.cpp - ${CMAKE_CURRENT_LIST_DIR}/ui/systemtray_notificationhandler.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnovercloakprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/shadowsocksvpnprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/wireguardprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/xrayprotocol.cpp - ${CMAKE_CURRENT_LIST_DIR}/protocols/awgprotocol.cpp - ) endif() if(ANDROID) diff --git a/client/amnezia_application.cpp b/client/amnezia_application.cpp index 4e25097d..f32d525a 100644 --- a/client/amnezia_application.cpp +++ b/client/amnezia_application.cpp @@ -2,6 +2,8 @@ #include #include +#include +#include #include #include #include @@ -10,26 +12,16 @@ #include #include #include -#include -#include #include "logger.h" +#include "ui/controllers/pageController.h" #include "ui/models/installedAppsModel.h" #include "version.h" #include "platforms/ios/QRCodeReaderBase.h" -#if defined(Q_OS_ANDROID) - #include "core/installedAppsImageProvider.h" - #include "platforms/android/android_controller.h" -#endif #include "protocols/qml_register_protocols.h" -#if defined(Q_OS_IOS) - #include "platforms/ios/ios_controller.h" - #include -#endif - AmneziaApplication::AmneziaApplication(int &argc, char *argv[]) : AMNEZIA_BASE_CLASS(argc, argv) { setQuitOnLastWindowClosed(false); @@ -84,79 +76,12 @@ void AmneziaApplication::init() m_vpnConnection->moveToThread(&m_vpnConnectionThread); m_vpnConnectionThread.start(); - initModels(); - loadTranslator(); - initControllers(); - -#ifdef Q_OS_ANDROID - if (!AndroidController::initLogging()) { - qFatal("Android logging initialization failed"); - } - AndroidController::instance()->setSaveLogs(m_settings->isSaveLogs()); - connect(m_settings.get(), &Settings::saveLogsChanged, AndroidController::instance(), &AndroidController::setSaveLogs); - - AndroidController::instance()->setScreenshotsEnabled(m_settings->isScreenshotsEnabled()); - connect(m_settings.get(), &Settings::screenshotsEnabledChanged, AndroidController::instance(), &AndroidController::setScreenshotsEnabled); - - connect(m_settings.get(), &Settings::serverRemoved, AndroidController::instance(), &AndroidController::resetLastServer); - - connect(m_settings.get(), &Settings::settingsCleared, []() { AndroidController::instance()->resetLastServer(-1); }); - - connect(AndroidController::instance(), &AndroidController::initConnectionState, this, [this](Vpn::ConnectionState state) { - m_connectionController->onConnectionStateChanged(state); - if (m_vpnConnection) - m_vpnConnection->restoreConnection(); - }); - if (!AndroidController::instance()->initialize()) { - qFatal("Android controller initialization failed"); - } - - connect(AndroidController::instance(), &AndroidController::importConfigFromOutside, this, [this](QString data) { - emit m_pageController->goToPageHome(); - m_importController->extractConfigFromData(data); - data.clear(); - emit m_pageController->goToPageViewConfig(); - }); - - m_engine->addImageProvider(QLatin1String("installedAppImage"), new InstalledAppsImageProvider); -#endif - -#ifdef Q_OS_IOS - IosController::Instance()->initialize(); - connect(IosController::Instance(), &IosController::importConfigFromOutside, this, [this](QString data) { - emit m_pageController->goToPageHome(); - m_importController->extractConfigFromData(data); - emit m_pageController->goToPageViewConfig(); - }); - - connect(IosController::Instance(), &IosController::importBackupFromOutside, this, [this](QString filePath) { - emit m_pageController->goToPageHome(); - m_pageController->goToPageSettingsBackup(); - emit m_settingsController->importBackupFromOutside(filePath); - }); - - QTimer::singleShot(0, this, [this]() { AmneziaVPN::toggleScreenshots(m_settings->isScreenshotsEnabled()); }); - - connect(m_settings.get(), &Settings::screenshotsEnabledChanged, [](bool enabled) { AmneziaVPN::toggleScreenshots(enabled); }); -#endif - -#ifndef Q_OS_ANDROID - m_notificationHandler.reset(NotificationHandler::create(nullptr)); - - connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, m_notificationHandler.get(), - &NotificationHandler::setConnectionState); - - connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(), &PageController::raiseMainWindow); - connect(m_notificationHandler.get(), &NotificationHandler::connectRequested, m_connectionController.get(), - static_cast(&ConnectionController::openConnection)); - connect(m_notificationHandler.get(), &NotificationHandler::disconnectRequested, m_connectionController.get(), - &ConnectionController::closeConnection); - connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated); -#endif + m_coreController.reset(new CoreController(m_vpnConnection, m_settings, m_engine)); m_engine->addImportPath("qrc:/ui/qml/Modules/"); m_engine->load(url); - m_systemController->setQmlRoot(m_engine->rootObjects().value(0)); + + m_coreController->setQmlRoot(); bool enabled = m_settings->isSaveLogs(); #ifndef Q_OS_ANDROID @@ -168,13 +93,13 @@ void AmneziaApplication::init() #endif Logger::setServiceLogsEnabled(enabled); -#ifdef Q_OS_WIN +#ifdef Q_OS_WIN //TODO if (m_parser.isSet("a")) - m_pageController->showOnStartup(); + m_coreController->pageController()->showOnStartup(); else - emit m_pageController->raiseMainWindow(); + emit m_coreController->pageController()->raiseMainWindow(); #else - m_pageController->showOnStartup(); + m_coreController->pageController()->showOnStartup(); #endif // Android TextArea clipboard workaround @@ -231,33 +156,6 @@ void AmneziaApplication::loadFonts() QFontDatabase::addApplicationFont(":/fonts/pt-root-ui_vf.ttf"); } -void AmneziaApplication::loadTranslator() -{ - auto locale = m_settings->getAppLanguage(); - m_translator.reset(new QTranslator()); - updateTranslator(locale); -} - -void AmneziaApplication::updateTranslator(const QLocale &locale) -{ - if (!m_translator->isEmpty()) { - QCoreApplication::removeTranslator(m_translator.get()); - } - - QString strFileName = QString(":/translations/amneziavpn") + QLatin1String("_") + locale.name() + ".qm"; - if (m_translator->load(strFileName)) { - if (QCoreApplication::installTranslator(m_translator.get())) { - m_settings->setAppLanguage(locale); - } - } else { - m_settings->setAppLanguage(QLocale::English); - } - - m_engine->retranslate(); - - emit translationsUpdated(); -} - bool AmneziaApplication::parseCommands() { m_parser.setApplicationDescription(APPLICATION_NAME); @@ -282,19 +180,20 @@ bool AmneziaApplication::parseCommands() } #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) -void AmneziaApplication::startLocalServer() { +void AmneziaApplication::startLocalServer() +{ const QString serverName("AmneziaVPNInstance"); QLocalServer::removeServer(serverName); - QLocalServer* server = new QLocalServer(this); + QLocalServer *server = new QLocalServer(this); server->listen(serverName); QObject::connect(server, &QLocalServer::newConnection, this, [server, this]() { if (server) { - QLocalSocket* clientConnection = server->nextPendingConnection(); + QLocalSocket *clientConnection = server->nextPendingConnection(); clientConnection->deleteLater(); } - emit m_pageController->raiseMainWindow(); + emit m_coreController->pageController()->raiseMainWindow(); //TODO }); } #endif @@ -304,160 +203,12 @@ QQmlApplicationEngine *AmneziaApplication::qmlEngine() const return m_engine; } -void AmneziaApplication::initModels() +QNetworkAccessManager *AmneziaApplication::networkManager() { - m_containersModel.reset(new ContainersModel(this)); - m_engine->rootContext()->setContextProperty("ContainersModel", m_containersModel.get()); - - m_defaultServerContainersModel.reset(new ContainersModel(this)); - m_engine->rootContext()->setContextProperty("DefaultServerContainersModel", m_defaultServerContainersModel.get()); - - m_serversModel.reset(new ServersModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("ServersModel", m_serversModel.get()); - connect(m_serversModel.get(), &ServersModel::containersUpdated, m_containersModel.get(), &ContainersModel::updateModel); - connect(m_serversModel.get(), &ServersModel::defaultServerContainersUpdated, m_defaultServerContainersModel.get(), - &ContainersModel::updateModel); - m_serversModel->resetModel(); - - m_languageModel.reset(new LanguageModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("LanguageModel", m_languageModel.get()); - connect(m_languageModel.get(), &LanguageModel::updateTranslations, this, &AmneziaApplication::updateTranslator); - connect(this, &AmneziaApplication::translationsUpdated, m_languageModel.get(), &LanguageModel::translationsUpdated); - - m_sitesModel.reset(new SitesModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("SitesModel", m_sitesModel.get()); - - m_appSplitTunnelingModel.reset(new AppSplitTunnelingModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("AppSplitTunnelingModel", m_appSplitTunnelingModel.get()); - - m_protocolsModel.reset(new ProtocolsModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("ProtocolsModel", m_protocolsModel.get()); - - m_openVpnConfigModel.reset(new OpenVpnConfigModel(this)); - m_engine->rootContext()->setContextProperty("OpenVpnConfigModel", m_openVpnConfigModel.get()); - - m_shadowSocksConfigModel.reset(new ShadowSocksConfigModel(this)); - m_engine->rootContext()->setContextProperty("ShadowSocksConfigModel", m_shadowSocksConfigModel.get()); - - m_cloakConfigModel.reset(new CloakConfigModel(this)); - m_engine->rootContext()->setContextProperty("CloakConfigModel", m_cloakConfigModel.get()); - - m_wireGuardConfigModel.reset(new WireGuardConfigModel(this)); - m_engine->rootContext()->setContextProperty("WireGuardConfigModel", m_wireGuardConfigModel.get()); - - m_awgConfigModel.reset(new AwgConfigModel(this)); - m_engine->rootContext()->setContextProperty("AwgConfigModel", m_awgConfigModel.get()); - - m_xrayConfigModel.reset(new XrayConfigModel(this)); - m_engine->rootContext()->setContextProperty("XrayConfigModel", m_xrayConfigModel.get()); - -#ifdef Q_OS_WINDOWS - m_ikev2ConfigModel.reset(new Ikev2ConfigModel(this)); - m_engine->rootContext()->setContextProperty("Ikev2ConfigModel", m_ikev2ConfigModel.get()); -#endif - - m_sftpConfigModel.reset(new SftpConfigModel(this)); - m_engine->rootContext()->setContextProperty("SftpConfigModel", m_sftpConfigModel.get()); - - m_socks5ConfigModel.reset(new Socks5ProxyConfigModel(this)); - m_engine->rootContext()->setContextProperty("Socks5ProxyConfigModel", m_socks5ConfigModel.get()); - - m_clientManagementModel.reset(new ClientManagementModel(m_settings, this)); - m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get()); - connect(m_clientManagementModel.get(), &ClientManagementModel::adminConfigRevoked, m_serversModel.get(), - &ServersModel::clearCachedProfile); - - m_apiServicesModel.reset(new ApiServicesModel(this)); - m_engine->rootContext()->setContextProperty("ApiServicesModel", m_apiServicesModel.get()); - - m_apiCountryModel.reset(new ApiCountryModel(this)); - m_engine->rootContext()->setContextProperty("ApiCountryModel", m_apiCountryModel.get()); - connect(m_serversModel.get(), &ServersModel::updateApiLanguageModel, this, [this]() { - m_apiCountryModel->updateModel(m_serversModel->getProcessedServerData("apiAvailableCountries").toJsonArray(), - m_serversModel->getProcessedServerData("apiServerCountryCode").toString()); - }); - connect(m_serversModel.get(), &ServersModel::updateApiServicesModel, this, - [this]() { m_apiServicesModel->updateModel(m_serversModel->getProcessedServerData("apiConfig").toJsonObject()); }); + return m_nam; } -void AmneziaApplication::initControllers() +QClipboard *AmneziaApplication::getClipboard() { - m_connectionController.reset( - new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings)); - m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get()); - - connect(m_connectionController.get(), qOverload(&ConnectionController::connectionErrorOccurred), this, - [this](const QString &errorMessage) { - emit m_pageController->showErrorMessage(errorMessage); - emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); - }); - - connect(m_connectionController.get(), qOverload(&ConnectionController::connectionErrorOccurred), this, - [this](ErrorCode errorCode) { - emit m_pageController->showErrorMessage(errorCode); - emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); - }); - - connect(m_connectionController.get(), &ConnectionController::connectButtonClicked, m_connectionController.get(), - &ConnectionController::toggleConnection, Qt::QueuedConnection); - - m_pageController.reset(new PageController(m_serversModel, m_settings)); - m_engine->rootContext()->setContextProperty("PageController", m_pageController.get()); - - m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, - m_apiServicesModel, m_settings)); - m_engine->rootContext()->setContextProperty("InstallController", m_installController.get()); - connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(), - &PageController::showPassphraseRequestDrawer); - connect(m_pageController.get(), &PageController::passphraseRequestDrawerClosed, m_installController.get(), - &InstallController::setEncryptedPassphrase); - connect(m_installController.get(), &InstallController::currentContainerUpdated, m_connectionController.get(), - &ConnectionController::onCurrentContainerUpdated); - - connect(m_installController.get(), &InstallController::updateServerFromApiFinished, this, [this]() { - disconnect(m_reloadConfigErrorOccurredConnection); - emit m_connectionController->configFromApiUpdated(); - }); - - connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromGateway, this, [this]() { - m_reloadConfigErrorOccurredConnection = connect( - m_installController.get(), qOverload(&InstallController::installationErrorOccurred), this, - [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); }, - static_cast(Qt::AutoConnection || Qt::SingleShotConnection)); - m_installController->updateServiceFromApi(m_serversModel->getDefaultServerIndex(), "", ""); - }); - - connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromTelegram, this, [this]() { - m_reloadConfigErrorOccurredConnection = connect( - m_installController.get(), qOverload(&InstallController::installationErrorOccurred), this, - [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); }, - static_cast(Qt::AutoConnection || Qt::SingleShotConnection)); - m_serversModel->removeApiConfig(m_serversModel->getDefaultServerIndex()); - m_installController->updateServiceFromTelegram(m_serversModel->getDefaultServerIndex()); - }); - - connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated); - - m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings)); - m_engine->rootContext()->setContextProperty("ImportController", m_importController.get()); - - m_exportController.reset(new ExportController(m_serversModel, m_containersModel, m_clientManagementModel, m_settings)); - m_engine->rootContext()->setContextProperty("ExportController", m_exportController.get()); - - m_settingsController.reset( - new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_sitesModel, m_appSplitTunnelingModel, m_settings)); - m_engine->rootContext()->setContextProperty("SettingsController", m_settingsController.get()); - if (m_settingsController->isAutoConnectEnabled() && m_serversModel->getDefaultServerIndex() >= 0) { - QTimer::singleShot(1000, this, [this]() { m_connectionController->openConnection(); }); - } - connect(m_settingsController.get(), &SettingsController::amneziaDnsToggled, m_serversModel.get(), &ServersModel::toggleAmneziaDns); - - m_sitesController.reset(new SitesController(m_settings, m_vpnConnection, m_sitesModel)); - m_engine->rootContext()->setContextProperty("SitesController", m_sitesController.get()); - - m_appSplitTunnelingController.reset(new AppSplitTunnelingController(m_settings, m_appSplitTunnelingModel)); - m_engine->rootContext()->setContextProperty("AppSplitTunnelingController", m_appSplitTunnelingController.get()); - - m_systemController.reset(new SystemController(m_settings)); - m_engine->rootContext()->setContextProperty("SystemController", m_systemController.get()); + return this->clipboard(); } diff --git a/client/amnezia_application.h b/client/amnezia_application.h index 64566216..ea5f6f52 100644 --- a/client/amnezia_application.h +++ b/client/amnezia_application.h @@ -11,43 +11,12 @@ #else #include #endif +#include +#include "core/controllers/coreController.h" #include "settings.h" #include "vpnconnection.h" -#include "ui/controllers/connectionController.h" -#include "ui/controllers/exportController.h" -#include "ui/controllers/importController.h" -#include "ui/controllers/installController.h" -#include "ui/controllers/pageController.h" -#include "ui/controllers/settingsController.h" -#include "ui/controllers/sitesController.h" -#include "ui/controllers/systemController.h" -#include "ui/controllers/appSplitTunnelingController.h" -#include "ui/models/containers_model.h" -#include "ui/models/languageModel.h" -#include "ui/models/protocols/cloakConfigModel.h" -#ifndef Q_OS_ANDROID - #include "ui/notificationhandler.h" -#endif -#ifdef Q_OS_WINDOWS - #include "ui/models/protocols/ikev2ConfigModel.h" -#endif -#include "ui/models/protocols/awgConfigModel.h" -#include "ui/models/protocols/openvpnConfigModel.h" -#include "ui/models/protocols/shadowsocksConfigModel.h" -#include "ui/models/protocols/wireguardConfigModel.h" -#include "ui/models/protocols/xrayConfigModel.h" -#include "ui/models/protocols_model.h" -#include "ui/models/servers_model.h" -#include "ui/models/services/sftpConfigModel.h" -#include "ui/models/services/socks5ProxyConfigModel.h" -#include "ui/models/sites_model.h" -#include "ui/models/clientManagementModel.h" -#include "ui/models/appSplitTunnelingModel.h" -#include "ui/models/apiServicesModel.h" -#include "ui/models/apiCountryModel.h" - #define amnApp (static_cast(QCoreApplication::instance())) #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS) @@ -66,8 +35,6 @@ public: void init(); void registerTypes(); void loadFonts(); - void loadTranslator(); - void updateTranslator(const QLocale &locale); bool parseCommands(); #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) @@ -75,67 +42,24 @@ public: #endif QQmlApplicationEngine *qmlEngine() const; - QNetworkAccessManager *manager() { return m_nam; } - -signals: - void translationsUpdated(); + QNetworkAccessManager *networkManager(); + QClipboard *getClipboard(); private: - void initModels(); - void initControllers(); - QQmlApplicationEngine *m_engine {}; std::shared_ptr m_settings; + QScopedPointer m_coreController; + QSharedPointer m_containerProps; QSharedPointer m_protocolProps; - QSharedPointer m_translator; QCommandLineParser m_parser; - QSharedPointer m_containersModel; - QSharedPointer m_defaultServerContainersModel; - QSharedPointer m_serversModel; - QSharedPointer m_languageModel; - QSharedPointer m_protocolsModel; - QSharedPointer m_sitesModel; - QSharedPointer m_appSplitTunnelingModel; - QSharedPointer m_clientManagementModel; - QSharedPointer m_apiServicesModel; - QSharedPointer m_apiCountryModel; - - QScopedPointer m_openVpnConfigModel; - QScopedPointer m_shadowSocksConfigModel; - QScopedPointer m_cloakConfigModel; - QScopedPointer m_xrayConfigModel; - QScopedPointer m_wireGuardConfigModel; - QScopedPointer m_awgConfigModel; -#ifdef Q_OS_WINDOWS - QScopedPointer m_ikev2ConfigModel; -#endif - - QScopedPointer m_sftpConfigModel; - QScopedPointer m_socks5ConfigModel; - QSharedPointer m_vpnConnection; QThread m_vpnConnectionThread; -#ifndef Q_OS_ANDROID - QScopedPointer m_notificationHandler; -#endif - - QScopedPointer m_connectionController; - QScopedPointer m_pageController; - QScopedPointer m_installController; - QScopedPointer m_importController; - QScopedPointer m_exportController; - QScopedPointer m_settingsController; - QScopedPointer m_sitesController; - QScopedPointer m_systemController; - QScopedPointer m_appSplitTunnelingController; QNetworkAccessManager *m_nam; - - QMetaObject::Connection m_reloadConfigErrorOccurredConnection; }; #endif // AMNEZIA_APPLICATION_H diff --git a/client/android/AndroidManifest.xml b/client/android/AndroidManifest.xml index 9e44e022..b28f754b 100644 --- a/client/android/AndroidManifest.xml +++ b/client/android/AndroidManifest.xml @@ -91,6 +91,13 @@ android:exported="false" android:theme="@style/Translucent" /> + + - - - - \ No newline at end of file diff --git a/client/android/res/mipmap-hdpi/ic_banner.png b/client/android/res/mipmap-hdpi/ic_banner.png new file mode 100644 index 00000000..a444777f Binary files /dev/null and b/client/android/res/mipmap-hdpi/ic_banner.png differ diff --git a/client/android/res/mipmap-mdpi/ic_banner.png b/client/android/res/mipmap-mdpi/ic_banner.png new file mode 100644 index 00000000..b9ad1db7 Binary files /dev/null and b/client/android/res/mipmap-mdpi/ic_banner.png differ diff --git a/client/android/res/mipmap-xhdpi/ic_banner_foreground.png b/client/android/res/mipmap-xhdpi/ic_banner_foreground.png deleted file mode 100644 index 1c21902e..00000000 Binary files a/client/android/res/mipmap-xhdpi/ic_banner_foreground.png and /dev/null differ diff --git a/client/android/res/values-ru/strings.xml b/client/android/res/values-ru/strings.xml index 8bdabfc0..5e35bba5 100644 --- a/client/android/res/values-ru/strings.xml +++ b/client/android/res/values-ru/strings.xml @@ -23,4 +23,6 @@ Настройки уведомлений Для показа уведомлений необходимо включить уведомления в системных настройках Открыть настройки уведомлений + + Пожалуйста, установите приложение для просмотра файлов \ No newline at end of file diff --git a/client/android/res/values/ic_banner_background.xml b/client/android/res/values/ic_banner_background.xml deleted file mode 100644 index fa6f91c7..00000000 --- a/client/android/res/values/ic_banner_background.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - #1E1E1F - \ No newline at end of file diff --git a/client/android/res/values/strings.xml b/client/android/res/values/strings.xml index 5251403b..bf8d76d1 100644 --- a/client/android/res/values/strings.xml +++ b/client/android/res/values/strings.xml @@ -23,4 +23,6 @@ Notification settings To show notifications, you must enable notifications in the system settings Open notification settings + + Please install a file management utility to browse files \ No newline at end of file diff --git a/client/android/src/org/amnezia/vpn/AmneziaActivity.kt b/client/android/src/org/amnezia/vpn/AmneziaActivity.kt index b2c2ff71..c6db5e29 100644 --- a/client/android/src/org/amnezia/vpn/AmneziaActivity.kt +++ b/client/android/src/org/amnezia/vpn/AmneziaActivity.kt @@ -4,6 +4,7 @@ import android.Manifest import android.annotation.SuppressLint import android.app.AlertDialog import android.app.NotificationManager +import android.content.ActivityNotFoundException import android.content.BroadcastReceiver import android.content.ComponentName import android.content.Intent @@ -12,6 +13,7 @@ import android.content.Intent.FLAG_ACTIVITY_LAUNCHED_FROM_HISTORY import android.content.ServiceConnection import android.content.pm.PackageManager import android.graphics.Bitmap +import android.net.Uri import android.net.VpnService import android.os.Build import android.os.Bundle @@ -20,8 +22,13 @@ import android.os.IBinder import android.os.Looper import android.os.Message import android.os.Messenger +import android.os.ParcelFileDescriptor +import android.os.SystemClock +import android.provider.OpenableColumns import android.provider.Settings import android.view.MotionEvent +import android.view.View +import android.view.ViewGroup import android.view.WindowManager.LayoutParams import android.webkit.MimeTypeMap import android.widget.Toast @@ -30,6 +37,7 @@ import androidx.annotation.RequiresApi import androidx.core.content.ContextCompat import java.io.IOException import kotlin.LazyThreadSafetyMode.NONE +import kotlin.coroutines.CoroutineContext import kotlin.text.RegexOption.IGNORE_CASE import AppListProvider import kotlinx.coroutines.CompletableDeferred @@ -71,6 +79,7 @@ class AmneziaActivity : QtActivity() { private var isInBoundState = false private var notificationStateReceiver: BroadcastReceiver? = null private lateinit var vpnServiceMessenger: IpcMessenger + private var pfd: ParcelFileDescriptor? = null private val actionResultHandlers = mutableMapOf() private val permissionRequestHandlers = mutableMapOf() @@ -514,21 +523,25 @@ class AmneziaActivity : QtActivity() { type = "text/*" putExtra(Intent.EXTRA_TITLE, fileName) }.also { - startActivityForResult(it, CREATE_FILE_ACTION_CODE, ActivityResultHandler( - onSuccess = { - it?.data?.let { uri -> - Log.v(TAG, "Save file to $uri") - try { - contentResolver.openOutputStream(uri)?.use { os -> - os.bufferedWriter().use { it.write(data) } + try { + startActivityForResult(it, CREATE_FILE_ACTION_CODE, ActivityResultHandler( + onSuccess = { + it?.data?.let { uri -> + Log.v(TAG, "Save file to $uri") + try { + contentResolver.openOutputStream(uri)?.use { os -> + os.bufferedWriter().use { it.write(data) } + } + } catch (e: IOException) { + Log.e(TAG, "Failed to save file $uri: $e") + // todo: send error to Qt } - } catch (e: IOException) { - Log.e(TAG, "Failed to save file $uri: $e") - // todo: send error to Qt } } - } - )) + )) + } catch (_: ActivityNotFoundException) { + Toast.makeText(this@AmneziaActivity, "Unsupported", Toast.LENGTH_LONG).show() + } } } } @@ -537,35 +550,46 @@ class AmneziaActivity : QtActivity() { fun openFile(filter: String?) { Log.v(TAG, "Open file with filter: $filter") mainScope.launch { - val mimeTypes = if (!filter.isNullOrEmpty()) { - val extensionRegex = "\\*\\.([a-z0-9]+)".toRegex(IGNORE_CASE) - val mime = MimeTypeMap.getSingleton() - extensionRegex.findAll(filter).map { - it.groups[1]?.value?.let { mime.getMimeTypeFromExtension(it) } ?: "*/*" - }.toSet() - } else emptySet() + val intent = if (!isOnTv()) { + val mimeTypes = if (!filter.isNullOrEmpty()) { + val extensionRegex = "\\*\\.([a-z0-9]+)".toRegex(IGNORE_CASE) + val mime = MimeTypeMap.getSingleton() + extensionRegex.findAll(filter).map { + it.groups[1]?.value?.let { mime.getMimeTypeFromExtension(it) } ?: "*/*" + }.toSet() + } else emptySet() - Intent(Intent.ACTION_OPEN_DOCUMENT).apply { - addCategory(Intent.CATEGORY_OPENABLE) - Log.v(TAG, "File mimyType filter: $mimeTypes") - if ("*/*" in mimeTypes) { - type = "*/*" - } else { - when (mimeTypes.size) { - 1 -> type = mimeTypes.first() + Intent(Intent.ACTION_OPEN_DOCUMENT).apply { + addCategory(Intent.CATEGORY_OPENABLE) + Log.v(TAG, "File mimyType filter: $mimeTypes") + if ("*/*" in mimeTypes) { + type = "*/*" + } else { + when (mimeTypes.size) { + 1 -> type = mimeTypes.first() - in 2..Int.MAX_VALUE -> { - type = "*/*" - putExtra(EXTRA_MIME_TYPES, mimeTypes.toTypedArray()) + in 2..Int.MAX_VALUE -> { + type = "*/*" + putExtra(EXTRA_MIME_TYPES, mimeTypes.toTypedArray()) + } + + else -> type = "*/*" } - - else -> type = "*/*" } } - }.also { - startActivityForResult(it, OPEN_FILE_ACTION_CODE, ActivityResultHandler( + } else { + Intent(this@AmneziaActivity, TvFilePicker::class.java) + } + + try { + startActivityForResult(intent, OPEN_FILE_ACTION_CODE, ActivityResultHandler( onAny = { - val uri = it?.data?.toString() ?: "" + if (isOnTv() && it?.hasExtra("activityNotFound") == true) { + showNoFileBrowserAlertDialog() + } + val uri = it?.data?.apply { + grantUriPermission(packageName, this, Intent.FLAG_GRANT_READ_URI_PERMISSION) + }?.toString() ?: "" Log.v(TAG, "Open file: $uri") mainScope.launch { qtInitialized.await() @@ -573,10 +597,68 @@ class AmneziaActivity : QtActivity() { } } )) + } catch (_: ActivityNotFoundException) { + showNoFileBrowserAlertDialog() + mainScope.launch { + qtInitialized.await() + QtAndroidController.onFileOpened("") + } } } } + private fun showNoFileBrowserAlertDialog() { + AlertDialog.Builder(this) + .setMessage(R.string.tvNoFileBrowser) + .setCancelable(false) + .setPositiveButton(android.R.string.ok) { _, _ -> + try { + startActivity(Intent(Intent.ACTION_VIEW, Uri.parse("market://webstoreredirect"))) + } catch (_: Throwable) {} + } + .show() + } + + @Suppress("unused") + fun getFd(fileName: String): Int { + Log.v(TAG, "Get fd for $fileName") + return blockingCall { + try { + pfd = contentResolver.openFileDescriptor(Uri.parse(fileName), "r") + pfd?.fd ?: -1 + } catch (e: Exception) { + Log.e(TAG, "Failed to get fd: $e") + -1 + } + } + } + + @Suppress("unused") + fun closeFd() { + Log.v(TAG, "Close fd") + mainScope.launch { + pfd?.close() + pfd = null + } + } + + @Suppress("unused") + fun getFileName(uri: String): String { + Log.v(TAG, "Get file name for uri: $uri") + return blockingCall { + try { + contentResolver.query(Uri.parse(uri), arrayOf(OpenableColumns.DISPLAY_NAME), null, null, null)?.use { cursor -> + if (cursor.moveToFirst() && !cursor.isNull(0)) { + return@blockingCall cursor.getString(0) ?: "" + } + } + } catch (e: Exception) { + Log.e(TAG, "Failed to get file name: $e") + } + "" + } + } + @Suppress("unused") @SuppressLint("UnsupportedChromeOsCameraSystemFeature") fun isCameraPresent(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_CAMERA) @@ -721,6 +803,50 @@ class AmneziaActivity : QtActivity() { } } + // method to workaround Qt's problem with calling the keyboard on TVs + @Suppress("unused") + fun sendTouch(x: Float, y: Float) { + Log.v(TAG, "Send touch: $x, $y") + blockingCall { + findQtWindow(window.decorView)?.let { + Log.v(TAG, "Send touch to $it") + it.dispatchTouchEvent(createEvent(x, y, SystemClock.uptimeMillis(), MotionEvent.ACTION_DOWN)) + it.dispatchTouchEvent(createEvent(x, y, SystemClock.uptimeMillis(), MotionEvent.ACTION_UP)) + } + } + } + + private fun findQtWindow(view: View): View? { + Log.v(TAG, "findQtWindow: process $view") + if (view::class.simpleName == "QtWindow") return view + else if (view is ViewGroup) { + for (i in 0 until view.childCount) { + val result = findQtWindow(view.getChildAt(i)) + if (result != null) return result + } + return null + } else return null + } + + private fun createEvent(x: Float, y: Float, eventTime: Long, action: Int): MotionEvent = + MotionEvent.obtain( + eventTime, + eventTime, + action, + 1, + arrayOf(MotionEvent.PointerProperties().apply { + id = 0 + toolType = MotionEvent.TOOL_TYPE_FINGER + }), + arrayOf(MotionEvent.PointerCoords().apply { + this.x = x + this.y = y + pressure = 1f + size = 1f + }), + 0, 0, 1.0f, 1.0f, 0, 0, 0,0 + ) + // workaround for a bug in Qt that causes the mouse click event not to be handled // also disable right-click, as it causes the application to crash private var lastButtonState = 0 @@ -770,6 +896,7 @@ class AmneziaActivity : QtActivity() { } override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + Log.v(TAG, "dispatchTouch: $ev") if (ev != null && ev.getToolType(0) == MotionEvent.TOOL_TYPE_MOUSE) { return handleMouseEvent(ev) { super.dispatchTouchEvent(it) } } @@ -784,6 +911,13 @@ class AmneziaActivity : QtActivity() { /** * Utils methods */ + private fun blockingCall( + context: CoroutineContext = Dispatchers.Main.immediate, + block: suspend () -> T + ) = runBlocking { + mainScope.async(context) { block() }.await() + } + companion object { private fun actionCodeToString(actionCode: Int): String = when (actionCode) { diff --git a/client/android/src/org/amnezia/vpn/TvFilePicker.kt b/client/android/src/org/amnezia/vpn/TvFilePicker.kt new file mode 100644 index 00000000..1ac275eb --- /dev/null +++ b/client/android/src/org/amnezia/vpn/TvFilePicker.kt @@ -0,0 +1,45 @@ +package org.amnezia.vpn + +import android.content.ActivityNotFoundException +import android.content.Intent +import android.os.Bundle +import androidx.activity.ComponentActivity +import androidx.activity.result.contract.ActivityResultContracts +import org.amnezia.vpn.util.Log + +private const val TAG = "TvFilePicker" + +class TvFilePicker : ComponentActivity() { + + private val fileChooseResultLauncher = registerForActivityResult(ActivityResultContracts.GetContent()) { + setResult(RESULT_OK, Intent().apply { data = it }) + finish() + } + + override fun onCreate(savedInstanceState: Bundle?) { + super.onCreate(savedInstanceState) + Log.v(TAG, "onCreate") + getFile() + } + + override fun onNewIntent(intent: Intent) { + super.onNewIntent(intent) + Log.v(TAG, "onNewIntent") + getFile() + } + + private fun getFile() { + try { + Log.v(TAG, "getFile") + fileChooseResultLauncher.launch("*/*") + } catch (_: ActivityNotFoundException) { + Log.w(TAG, "Activity not found") + setResult(RESULT_CANCELED, Intent().apply { putExtra("activityNotFound", true) }) + finish() + } catch (e: Exception) { + Log.e(TAG, "Failed to get file: $e") + setResult(RESULT_CANCELED) + finish() + } + } +} diff --git a/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt b/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt index 80cab96d..42a27de4 100644 --- a/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt +++ b/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt @@ -120,10 +120,21 @@ open class Wireguard : Protocol() { configData.optStringOrNull("Jmax")?.let { setJmax(it.toInt()) } configData.optStringOrNull("S1")?.let { setS1(it.toInt()) } configData.optStringOrNull("S2")?.let { setS2(it.toInt()) } + configData.optStringOrNull("S3")?.let { setS3(it.toInt()) } + configData.optStringOrNull("S4")?.let { setS4(it.toInt()) } configData.optStringOrNull("H1")?.let { setH1(it.toLong()) } configData.optStringOrNull("H2")?.let { setH2(it.toLong()) } configData.optStringOrNull("H3")?.let { setH3(it.toLong()) } configData.optStringOrNull("H4")?.let { setH4(it.toLong()) } + configData.optStringOrNull("I1")?.let { setI1(it) } + configData.optStringOrNull("I2")?.let { setI2(it) } + configData.optStringOrNull("I3")?.let { setI3(it) } + configData.optStringOrNull("I4")?.let { setI4(it) } + configData.optStringOrNull("I5")?.let { setI5(it) } + configData.optStringOrNull("J1")?.let { setJ1(it) } + configData.optStringOrNull("J2")?.let { setJ2(it) } + configData.optStringOrNull("J3")?.let { setJ3(it) } + configData.optStringOrNull("Itime")?.let { setItime(it.toInt()) } } private fun start(config: WireguardConfig, vpnBuilder: Builder, protect: (Int) -> Boolean) { diff --git a/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/WireguardConfig.kt b/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/WireguardConfig.kt index 7ae3d43b..2dfbbae8 100644 --- a/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/WireguardConfig.kt +++ b/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/WireguardConfig.kt @@ -20,10 +20,21 @@ open class WireguardConfig protected constructor( val jmax: Int?, val s1: Int?, val s2: Int?, + val s3: Int?, + val s4: Int?, val h1: Long?, val h2: Long?, val h3: Long?, - val h4: Long? + val h4: Long?, + var i1: String?, + var i2: String?, + var i3: String?, + var i4: String?, + var i5: String?, + var j1: String?, + var j2: String?, + var j3: String?, + var itime: Int? ) : ProtocolConfig(protocolConfigBuilder) { protected constructor(builder: Builder) : this( @@ -39,10 +50,21 @@ open class WireguardConfig protected constructor( builder.jmax, builder.s1, builder.s2, + builder.s3, + builder.s4, builder.h1, builder.h2, builder.h3, - builder.h4 + builder.h4, + builder.i1, + builder.i2, + builder.i3, + builder.i4, + builder.i5, + builder.j1, + builder.j2, + builder.j3, + builder.itime ) fun toWgUserspaceString(): String = with(StringBuilder()) { @@ -61,10 +83,21 @@ open class WireguardConfig protected constructor( appendLine("jmax=$jmax") appendLine("s1=$s1") appendLine("s2=$s2") + s3?.let { appendLine("s3=$it") } + s4?.let { appendLine("s4=$it") } appendLine("h1=$h1") appendLine("h2=$h2") appendLine("h3=$h3") appendLine("h4=$h4") + i1?.let { appendLine("i1=$it") } + i2?.let { appendLine("i2=$it") } + i3?.let { appendLine("i3=$it") } + i4?.let { appendLine("i4=$it") } + i5?.let { appendLine("i5=$it") } + j1?.let { appendLine("j1=$it") } + j2?.let { appendLine("j2=$it") } + j3?.let { appendLine("j3=$it") } + itime?.let { appendLine("itime=$it") } } } @@ -117,10 +150,21 @@ open class WireguardConfig protected constructor( internal var jmax: Int? = null internal var s1: Int? = null internal var s2: Int? = null + internal var s3: Int? = null + internal var s4: Int? = null internal var h1: Long? = null internal var h2: Long? = null internal var h3: Long? = null internal var h4: Long? = null + internal var i1: String? = null + internal var i2: String? = null + internal var i3: String? = null + internal var i4: String? = null + internal var i5: String? = null + internal var j1: String? = null + internal var j2: String? = null + internal var j3: String? = null + internal var itime: Int? = null fun setEndpoint(endpoint: InetEndpoint) = apply { this.endpoint = endpoint } @@ -139,10 +183,21 @@ open class WireguardConfig protected constructor( fun setJmax(jmax: Int) = apply { this.jmax = jmax } fun setS1(s1: Int) = apply { this.s1 = s1 } fun setS2(s2: Int) = apply { this.s2 = s2 } + fun setS3(s3: Int) = apply { this.s3 = s3 } + fun setS4(s4: Int) = apply { this.s4 = s4 } fun setH1(h1: Long) = apply { this.h1 = h1 } fun setH2(h2: Long) = apply { this.h2 = h2 } fun setH3(h3: Long) = apply { this.h3 = h3 } fun setH4(h4: Long) = apply { this.h4 = h4 } + fun setI1(i1: String) = apply { this.i1 = i1 } + fun setI2(i2: String) = apply { this.i2 = i2 } + fun setI3(i3: String) = apply { this.i3 = i3 } + fun setI4(i4: String) = apply { this.i4 = i4 } + fun setI5(i5: String) = apply { this.i5 = i5 } + fun setJ1(j1: String) = apply { this.j1 = j1 } + fun setJ2(j2: String) = apply { this.j2 = j2 } + fun setJ3(j3: String) = apply { this.j3 = j3 } + fun setItime(itime: Int) = apply { this.itime = itime } override fun build(): WireguardConfig = configBuild().run { WireguardConfig(this@Builder) } } diff --git a/client/cmake/ios.cmake b/client/cmake/ios.cmake index 5fda3506..a498a5b1 100644 --- a/client/cmake/ios.cmake +++ b/client/cmake/ios.cmake @@ -76,12 +76,22 @@ set_target_properties(${PROJECT} PROPERTIES XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/Frameworks" XCODE_EMBED_APP_EXTENSIONS networkextension - XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" - XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" - XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual - XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN" - XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN" ) + +if(DEFINED DEPLOY) + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "distr ios.org.amnezia.AmneziaVPN" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "dev ios.org.amnezia.AmneziaVPN" + ) +else() + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" @@ -126,9 +136,9 @@ add_subdirectory(ios/networkextension) add_dependencies(${PROJECT} networkextension) set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS - "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework" + "${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-ios/OpenVPNAdapter.framework" ) -set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos) -target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework") +set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-ios/) +target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-ios/OpenVPNAdapter.framework") diff --git a/client/cmake/sources.cmake b/client/cmake/sources.cmake new file mode 100644 index 00000000..c3af531a --- /dev/null +++ b/client/cmake/sources.cmake @@ -0,0 +1,191 @@ +set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/..) + +set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/migrations.h + ${CLIENT_ROOT_DIR}/../ipc/ipc.h + ${CLIENT_ROOT_DIR}/amnezia_application.h + ${CLIENT_ROOT_DIR}/containers/containers_defs.h + ${CLIENT_ROOT_DIR}/core/defs.h + ${CLIENT_ROOT_DIR}/core/errorstrings.h + ${CLIENT_ROOT_DIR}/core/scripts_registry.h + ${CLIENT_ROOT_DIR}/core/server_defs.h + ${CLIENT_ROOT_DIR}/core/api/apiDefs.h + ${CLIENT_ROOT_DIR}/core/qrCodeUtils.h + ${CLIENT_ROOT_DIR}/core/controllers/coreController.h + ${CLIENT_ROOT_DIR}/core/controllers/gatewayController.h + ${CLIENT_ROOT_DIR}/core/controllers/serverController.h + ${CLIENT_ROOT_DIR}/core/controllers/vpnConfigurationController.h + ${CLIENT_ROOT_DIR}/protocols/protocols_defs.h + ${CLIENT_ROOT_DIR}/protocols/qml_register_protocols.h + ${CLIENT_ROOT_DIR}/ui/pages.h + ${CLIENT_ROOT_DIR}/ui/qautostart.h + ${CLIENT_ROOT_DIR}/protocols/vpnprotocol.h + ${CMAKE_CURRENT_BINARY_DIR}/version.h + ${CLIENT_ROOT_DIR}/core/sshclient.h + ${CLIENT_ROOT_DIR}/core/networkUtilities.h + ${CLIENT_ROOT_DIR}/core/serialization/serialization.h + ${CLIENT_ROOT_DIR}/core/serialization/transfer.h + ${CLIENT_ROOT_DIR}/../common/logger/logger.h + ${CLIENT_ROOT_DIR}/utils/qmlUtils.h + ${CLIENT_ROOT_DIR}/core/api/apiUtils.h +) + +# Mozilla headres +set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/mozilla/models/server.h + ${CLIENT_ROOT_DIR}/mozilla/shared/ipaddress.h + ${CLIENT_ROOT_DIR}/mozilla/shared/leakdetector.h + ${CLIENT_ROOT_DIR}/mozilla/controllerimpl.h + ${CLIENT_ROOT_DIR}/mozilla/localsocketcontroller.h +) + +if(NOT IOS) + set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/platforms/ios/QRCodeReaderBase.h + ) +endif() + +if(NOT ANDROID) + set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/ui/notificationhandler.h + ) +endif() + +set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/migrations.cpp + ${CLIENT_ROOT_DIR}/amnezia_application.cpp + ${CLIENT_ROOT_DIR}/containers/containers_defs.cpp + ${CLIENT_ROOT_DIR}/core/errorstrings.cpp + ${CLIENT_ROOT_DIR}/core/scripts_registry.cpp + ${CLIENT_ROOT_DIR}/core/server_defs.cpp + ${CLIENT_ROOT_DIR}/core/qrCodeUtils.cpp + ${CLIENT_ROOT_DIR}/core/controllers/coreController.cpp + ${CLIENT_ROOT_DIR}/core/controllers/gatewayController.cpp + ${CLIENT_ROOT_DIR}/core/controllers/serverController.cpp + ${CLIENT_ROOT_DIR}/core/controllers/vpnConfigurationController.cpp + ${CLIENT_ROOT_DIR}/protocols/protocols_defs.cpp + ${CLIENT_ROOT_DIR}/ui/qautostart.cpp + ${CLIENT_ROOT_DIR}/protocols/vpnprotocol.cpp + ${CLIENT_ROOT_DIR}/core/sshclient.cpp + ${CLIENT_ROOT_DIR}/core/networkUtilities.cpp + ${CLIENT_ROOT_DIR}/core/serialization/outbound.cpp + ${CLIENT_ROOT_DIR}/core/serialization/inbound.cpp + ${CLIENT_ROOT_DIR}/core/serialization/ss.cpp + ${CLIENT_ROOT_DIR}/core/serialization/ssd.cpp + ${CLIENT_ROOT_DIR}/core/serialization/vless.cpp + ${CLIENT_ROOT_DIR}/core/serialization/trojan.cpp + ${CLIENT_ROOT_DIR}/core/serialization/vmess.cpp + ${CLIENT_ROOT_DIR}/core/serialization/vmess_new.cpp + ${CLIENT_ROOT_DIR}/../common/logger/logger.cpp + ${CLIENT_ROOT_DIR}/utils/qmlUtils.cpp + ${CLIENT_ROOT_DIR}/core/api/apiUtils.cpp +) + +# Mozilla sources +set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/mozilla/models/server.cpp + ${CLIENT_ROOT_DIR}/mozilla/shared/ipaddress.cpp + ${CLIENT_ROOT_DIR}/mozilla/shared/leakdetector.cpp + ${CLIENT_ROOT_DIR}/mozilla/localsocketcontroller.cpp +) + +if(NOT IOS) + set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/platforms/ios/QRCodeReaderBase.cpp + ) +endif() + +if(NOT ANDROID) + set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/ui/notificationhandler.cpp + ) +endif() + +file(GLOB COMMON_FILES_H CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/*.h) +file(GLOB COMMON_FILES_CPP CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/*.cpp) + +file(GLOB_RECURSE PAGE_LOGIC_H CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/ui/pages_logic/*.h) +file(GLOB_RECURSE PAGE_LOGIC_CPP CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/ui/pages_logic/*.cpp) + +file(GLOB CONFIGURATORS_H CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/configurators/*.h) +file(GLOB CONFIGURATORS_CPP CONFIGURE_DEPENDS ${CLIENT_ROOT_DIR}/configurators/*.cpp) + +file(GLOB UI_MODELS_H CONFIGURE_DEPENDS + ${CLIENT_ROOT_DIR}/ui/models/*.h + ${CLIENT_ROOT_DIR}/ui/models/protocols/*.h + ${CLIENT_ROOT_DIR}/ui/models/services/*.h + ${CLIENT_ROOT_DIR}/ui/models/api/*.h +) +file(GLOB UI_MODELS_CPP CONFIGURE_DEPENDS + ${CLIENT_ROOT_DIR}/ui/models/*.cpp + ${CLIENT_ROOT_DIR}/ui/models/protocols/*.cpp + ${CLIENT_ROOT_DIR}/ui/models/services/*.cpp + ${CLIENT_ROOT_DIR}/ui/models/api/*.cpp +) + +file(GLOB UI_CONTROLLERS_H CONFIGURE_DEPENDS + ${CLIENT_ROOT_DIR}/ui/controllers/*.h + ${CLIENT_ROOT_DIR}/ui/controllers/api/*.h +) +file(GLOB UI_CONTROLLERS_CPP CONFIGURE_DEPENDS + ${CLIENT_ROOT_DIR}/ui/controllers/*.cpp + ${CLIENT_ROOT_DIR}/ui/controllers/api/*.cpp +) + +set(HEADERS ${HEADERS} + ${COMMON_FILES_H} + ${PAGE_LOGIC_H} + ${CONFIGURATORS_H} + ${UI_MODELS_H} + ${UI_CONTROLLERS_H} +) +set(SOURCES ${SOURCES} + ${COMMON_FILES_CPP} + ${PAGE_LOGIC_CPP} + ${CONFIGURATORS_CPP} + ${UI_MODELS_CPP} + ${UI_CONTROLLERS_CPP} +) + +if(WIN32) + set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/protocols/ikev2_vpn_protocol_windows.h + ) + + set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/protocols/ikev2_vpn_protocol_windows.cpp + ) + + set(RESOURCES ${RESOURCES} + ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc + ) +endif() + +if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) + message("Client desktop build") + add_compile_definitions(AMNEZIA_DESKTOP) + + set(HEADERS ${HEADERS} + ${CLIENT_ROOT_DIR}/core/ipcclient.h + ${CLIENT_ROOT_DIR}/core/privileged_process.h + ${CLIENT_ROOT_DIR}/ui/systemtray_notificationhandler.h + ${CLIENT_ROOT_DIR}/protocols/openvpnprotocol.h + ${CLIENT_ROOT_DIR}/protocols/openvpnovercloakprotocol.h + ${CLIENT_ROOT_DIR}/protocols/shadowsocksvpnprotocol.h + ${CLIENT_ROOT_DIR}/protocols/wireguardprotocol.h + ${CLIENT_ROOT_DIR}/protocols/xrayprotocol.h + ${CLIENT_ROOT_DIR}/protocols/awgprotocol.h + ) + + set(SOURCES ${SOURCES} + ${CLIENT_ROOT_DIR}/core/ipcclient.cpp + ${CLIENT_ROOT_DIR}/core/privileged_process.cpp + ${CLIENT_ROOT_DIR}/ui/systemtray_notificationhandler.cpp + ${CLIENT_ROOT_DIR}/protocols/openvpnprotocol.cpp + ${CLIENT_ROOT_DIR}/protocols/openvpnovercloakprotocol.cpp + ${CLIENT_ROOT_DIR}/protocols/shadowsocksvpnprotocol.cpp + ${CLIENT_ROOT_DIR}/protocols/wireguardprotocol.cpp + ${CLIENT_ROOT_DIR}/protocols/xrayprotocol.cpp + ${CLIENT_ROOT_DIR}/protocols/awgprotocol.cpp + ) +endif() diff --git a/client/configurators/awg_configurator.cpp b/client/configurators/awg_configurator.cpp index 21b61ba4..f83acb19 100644 --- a/client/configurators/awg_configurator.cpp +++ b/client/configurators/awg_configurator.cpp @@ -1,4 +1,5 @@ #include "awg_configurator.h" +#include "protocols/protocols_defs.h" #include #include @@ -39,6 +40,20 @@ QString AwgConfigurator::createConfig(const ServerCredentials &credentials, Dock jsonConfig[config_key::responsePacketMagicHeader] = configMap.value(config_key::responsePacketMagicHeader); jsonConfig[config_key::underloadPacketMagicHeader] = configMap.value(config_key::underloadPacketMagicHeader); jsonConfig[config_key::transportPacketMagicHeader] = configMap.value(config_key::transportPacketMagicHeader); + + // jsonConfig[config_key::cookieReplyPacketJunkSize] = configMap.value(config_key::cookieReplyPacketJunkSize); + // jsonConfig[config_key::transportPacketJunkSize] = configMap.value(config_key::transportPacketJunkSize); + + // jsonConfig[config_key::specialJunk1] = configMap.value(amnezia::config_key::specialJunk1); + // jsonConfig[config_key::specialJunk2] = configMap.value(amnezia::config_key::specialJunk2); + // jsonConfig[config_key::specialJunk3] = configMap.value(amnezia::config_key::specialJunk3); + // jsonConfig[config_key::specialJunk4] = configMap.value(amnezia::config_key::specialJunk4); + // jsonConfig[config_key::specialJunk5] = configMap.value(amnezia::config_key::specialJunk5); + // jsonConfig[config_key::controlledJunk1] = configMap.value(amnezia::config_key::controlledJunk1); + // jsonConfig[config_key::controlledJunk2] = configMap.value(amnezia::config_key::controlledJunk2); + // jsonConfig[config_key::controlledJunk3] = configMap.value(amnezia::config_key::controlledJunk3); + // jsonConfig[config_key::specialHandshakeTimeout] = configMap.value(amnezia::config_key::specialHandshakeTimeout); + jsonConfig[config_key::mtu] = containerConfig.value(ProtocolProps::protoToString(Proto::Awg)).toObject().value(config_key::mtu).toString(protocols::awg::defaultMtu); diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp index fafb7c2b..f6996320 100644 --- a/client/configurators/openvpn_configurator.cpp +++ b/client/configurators/openvpn_configurator.cpp @@ -13,10 +13,10 @@ #include #endif +#include "core/networkUtilities.h" #include "containers/containers_defs.h" #include "core/controllers/serverController.h" #include "core/scripts_registry.h" -#include "core/server_defs.h" #include "settings.h" #include "utilities.h" @@ -24,6 +24,7 @@ #include #include + OpenVpnConfigurator::OpenVpnConfigurator(std::shared_ptr settings, const QSharedPointer &serverController, QObject *parent) : ConfiguratorBase(settings, serverController, parent) @@ -117,22 +118,22 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(const QPairisSitesSplitTunnelingEnabled()) { config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n"); - -#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) - // Prevent ipv6 leak - config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n"); -#endif config.append("block-ipv6\n"); } else if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) { - // no redirect-gateway + // no redirect-gateway } else if (m_settings->routeMode() == Settings::VpnAllExceptSites) { #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n"); // Prevent ipv6 leak - config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n"); #endif config.append("block-ipv6\n"); } @@ -166,10 +167,15 @@ QString OpenVpnConfigurator::processConfigWithExportSettings(const QPair #include #include +#include #include #include #include @@ -19,13 +20,17 @@ #include "settings.h" #include "utilities.h" -WireguardConfigurator::WireguardConfigurator(std::shared_ptr settings, const QSharedPointer &serverController, - bool isAwg, QObject *parent) +WireguardConfigurator::WireguardConfigurator(std::shared_ptr settings, + const QSharedPointer &serverController, bool isAwg, + QObject *parent) : ConfiguratorBase(settings, serverController, parent), m_isAwg(isAwg) { - m_serverConfigPath = m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath; - m_serverPublicKeyPath = m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath; - m_serverPskKeyPath = m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath; + m_serverConfigPath = + m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath; + m_serverPublicKeyPath = + m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath; + m_serverPskKeyPath = + m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath; m_configTemplate = m_isAwg ? ProtocolScriptType::awg_template : ProtocolScriptType::wireguard_template; m_protocolName = m_isAwg ? config_key::awg : config_key::wireguard; @@ -63,9 +68,31 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys() return connData; } +QList WireguardConfigurator::getIpsFromConf(const QString &input) +{ + QRegularExpression regex("AllowedIPs = (\\d+\\.\\d+\\.\\d+\\.\\d+)"); + QRegularExpressionMatchIterator matchIterator = regex.globalMatch(input); + + QList ips; + + while (matchIterator.hasNext()) { + QRegularExpressionMatch match = matchIterator.next(); + const QString address_string { match.captured(1) }; + const QHostAddress address { address_string }; + if (address.isNull()) { + qWarning() << "Couldn't recognize the ip address: " << address_string; + } else { + ips << address; + } + } + + return ips; +} + WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container, - const QJsonObject &containerConfig, ErrorCode &errorCode) + const QJsonObject &containerConfig, + ErrorCode &errorCode) { WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys(); connData.host = credentials.hostName; @@ -76,65 +103,45 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon return connData; } - // Get list of already created clients (only IP addresses) - QString nextIpNumber; - { - QString script = QString("cat %1 | grep AllowedIPs").arg(m_serverConfigPath); - QString stdOut; - auto cbReadStdOut = [&](const QString &data, libssh::Client &) { - stdOut += data + "\n"; - return ErrorCode::NoError; - }; + QString getIpsScript = QString("cat %1 | grep AllowedIPs").arg(m_serverConfigPath); + QString stdOut; + auto cbReadStdOut = [&](const QString &data, libssh::Client &) { + stdOut += data + "\n"; + return ErrorCode::NoError; + }; - errorCode = m_serverController->runContainerScript(credentials, container, script, cbReadStdOut); - if (errorCode != ErrorCode::NoError) { - return connData; - } + errorCode = m_serverController->runContainerScript(credentials, container, getIpsScript, cbReadStdOut); + if (errorCode != ErrorCode::NoError) { + return connData; + } + auto ips = getIpsFromConf(stdOut); - stdOut.replace("AllowedIPs = ", ""); - stdOut.replace("/32", ""); - QStringList ips = stdOut.split("\n", Qt::SkipEmptyParts); - - // remove extra IPs from each line for case when user manually edited the wg0.conf - // and added there more IPs for route his itnernal networks, like: - // ... - // AllowedIPs = 10.8.1.6/32, 192.168.1.0/24, 192.168.2.0/24, ... - // ... - // without this code - next IP would be 1 if last item in 'ips' has format above - QStringList vpnIps; - for (const auto &ip : ips) { - vpnIps.append(ip.split(",", Qt::SkipEmptyParts).first().trimmed()); - } - ips = vpnIps; - - // Calc next IP address - if (ips.isEmpty()) { - nextIpNumber = "2"; + QHostAddress nextIp = [&] { + QHostAddress result; + QHostAddress lastIp; + if (ips.empty()) { + lastIp.setAddress(containerConfig.value(m_protocolName) + .toObject() + .value(config_key::subnet_address) + .toString(protocols::wireguard::defaultSubnetAddress)); } else { - int next = ips.last().split(".").last().toInt() + 1; - if (next > 254) { - errorCode = ErrorCode::AddressPoolError; - return connData; - } - nextIpNumber = QString::number(next); + lastIp = ips.last(); } - } - - QString subnetIp = containerConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress); - { - QStringList l = subnetIp.split(".", Qt::SkipEmptyParts); - if (l.isEmpty()) { - errorCode = ErrorCode::AddressPoolError; - return connData; + quint8 lastOctet = static_cast(lastIp.toIPv4Address()); + switch (lastOctet) { + case 254: result.setAddress(lastIp.toIPv4Address() + 3); break; + case 255: result.setAddress(lastIp.toIPv4Address() + 2); break; + default: result.setAddress(lastIp.toIPv4Address() + 1); break; } - l.removeLast(); - l.append(nextIpNumber); - connData.clientIP = l.join("."); - } + return result; + }(); + + connData.clientIP = nextIp.toString(); // Get keys - connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode); + connData.serverPubKey = + m_serverController->getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode); connData.serverPubKey.replace("\n", ""); if (errorCode != ErrorCode::NoError) { return connData; @@ -161,10 +168,12 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon return connData; } - QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'").arg(m_serverConfigPath); + QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'") + .arg(m_serverConfigPath); errorCode = m_serverController->runScript( - credentials, m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container))); + credentials, + m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container))); return connData; } @@ -173,8 +182,8 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials const QJsonObject &containerConfig, ErrorCode &errorCode) { QString scriptData = amnezia::scriptData(m_configTemplate, container); - QString config = - m_serverController->replaceVars(scriptData, m_serverController->genVarsForScript(credentials, container, containerConfig)); + QString config = m_serverController->replaceVars( + scriptData, m_serverController->genVarsForScript(credentials, container, containerConfig)); ConnectionData connData = prepareWireguardConfig(credentials, container, containerConfig, errorCode); if (errorCode != ErrorCode::NoError) { @@ -208,16 +217,16 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials return QJsonDocument(jConfig).toJson(); } -QString WireguardConfigurator::processConfigWithLocalSettings(const QPair &dns, const bool isApiConfig, - QString &protocolConfigString) +QString WireguardConfigurator::processConfigWithLocalSettings(const QPair &dns, + const bool isApiConfig, QString &protocolConfigString) { processConfigWithDnsSettings(dns, protocolConfigString); return protocolConfigString; } -QString WireguardConfigurator::processConfigWithExportSettings(const QPair &dns, const bool isApiConfig, - QString &protocolConfigString) +QString WireguardConfigurator::processConfigWithExportSettings(const QPair &dns, + const bool isApiConfig, QString &protocolConfigString) { processConfigWithDnsSettings(dns, protocolConfigString); diff --git a/client/configurators/wireguard_configurator.h b/client/configurators/wireguard_configurator.h index 22e8a8be..a4302e3e 100644 --- a/client/configurators/wireguard_configurator.h +++ b/client/configurators/wireguard_configurator.h @@ -1,6 +1,7 @@ #ifndef WIREGUARD_CONFIGURATOR_H #define WIREGUARD_CONFIGURATOR_H +#include #include #include @@ -12,8 +13,8 @@ class WireguardConfigurator : public ConfiguratorBase { Q_OBJECT public: - WireguardConfigurator(std::shared_ptr settings, const QSharedPointer &serverController, bool isAwg, - QObject *parent = nullptr); + WireguardConfigurator(std::shared_ptr settings, const QSharedPointer &serverController, + bool isAwg, QObject *parent = nullptr); struct ConnectionData { @@ -26,15 +27,18 @@ public: QString port; }; - QString createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, - ErrorCode &errorCode); + QString createConfig(const ServerCredentials &credentials, DockerContainer container, + const QJsonObject &containerConfig, ErrorCode &errorCode); - QString processConfigWithLocalSettings(const QPair &dns, const bool isApiConfig, QString &protocolConfigString); - QString processConfigWithExportSettings(const QPair &dns, const bool isApiConfig, QString &protocolConfigString); + QString processConfigWithLocalSettings(const QPair &dns, const bool isApiConfig, + QString &protocolConfigString); + QString processConfigWithExportSettings(const QPair &dns, const bool isApiConfig, + QString &protocolConfigString); static ConnectionData genClientKeys(); private: + QList getIpsFromConf(const QString &input); ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig, ErrorCode &errorCode); diff --git a/client/containers/containers_defs.cpp b/client/containers/containers_defs.cpp index ce673a85..214e2a51 100644 --- a/client/containers/containers_defs.cpp +++ b/client/containers/containers_defs.cpp @@ -110,22 +110,19 @@ QMap ContainerProps::containerDescriptions() QObject::tr("OpenVPN is the most popular VPN protocol, with flexible configuration options. It uses its " "own security protocol with SSL/TLS for key exchange.") }, { DockerContainer::ShadowSocks, - QObject::tr("Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it " - "may be recognized by analysis systems in some highly censored regions.") }, + QObject::tr("Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems.") }, { DockerContainer::Cloak, QObject::tr("OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against " - "active-probing detection. Ideal for bypassing blocking in regions with the highest levels " - "of censorship.") }, + "active-probing detection. It is very resistant to detection, but offers low speed.") }, { DockerContainer::WireGuard, - QObject::tr("WireGuard - New popular VPN protocol with high performance, high speed and low power " - "consumption. Recommended for regions with low levels of censorship.") }, + QObject::tr("WireGuard - popular VPN protocol with high performance, high speed and low power " + "consumption.") }, { DockerContainer::Awg, - QObject::tr("AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, " - "but very resistant to blockages. " - "Recommended for regions with high levels of censorship.") }, + QObject::tr("AmneziaWG is a special protocol from Amnezia based on WireGuard. " + "It provides high connection speed and ensures stable operation even in the most challenging network conditions.") }, { DockerContainer::Xray, - QObject::tr("XRay with REALITY - Suitable for countries with the highest level of internet censorship. " - "Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods.") }, + QObject::tr("XRay with REALITY masks VPN traffic as web traffic and protects against active probing. " + "It is highly resistant to detection and offers high speed.") }, { DockerContainer::Ipsec, QObject::tr("IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after " "signal loss. It has native support on the latest versions of Android and iOS.") }, @@ -143,100 +140,83 @@ QMap ContainerProps::containerDetailedDescriptions() { return { { DockerContainer::OpenVpn, - QObject::tr( - "OpenVPN stands as one of the most popular and time-tested VPN protocols available.\n" - "It employs its unique security protocol, " - "leveraging the strength of SSL/TLS for encryption and key exchange. " - "Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, " - "catering to a wide range of devices and operating systems. " - "Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, " - "which continually reinforces its security. " - "With a strong balance of performance, security, and compatibility, " - "OpenVPN remains a top choice for privacy-conscious individuals and businesses alike.\n\n" - "* Available in the AmneziaVPN across all platforms\n" - "* Normal power consumption on mobile devices\n" - "* Flexible customisation to suit user needs to work with different operating systems and devices\n" - "* Recognised by DPI analysis systems and therefore susceptible to blocking\n" - "* Can operate over both TCP and UDP network protocols.") }, + QObject::tr("OpenVPN is one of the most popular and reliable VPN protocols. " + "It uses SSL/TLS encryption, supports a wide variety of devices and operating systems, " + "and is continuously improved by the community due to its open-source nature. " + "It provides a good balance between speed and security but is easily recognized by DPI systems, " + "making it susceptible to blocking.\n" + "\nFeatures:\n" + "* Available on all AmneziaVPN platforms\n" + "* Normal battery consumption on mobile devices\n" + "* Flexible customization for various devices and OS\n" + "* Operates over both TCP and UDP protocols") }, { DockerContainer::ShadowSocks, - QObject::tr("Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. " - "Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection." - "However, certain traffic analysis systems might still detect a Shadowsocks connection. " - "Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol.\n\n" - "* Available in the AmneziaVPN only on desktop platforms\n" - "* Configurable encryption protocol\n" + QObject::tr("Shadowsocks is based on the SOCKS5 protocol and encrypts connections using AEAD cipher. " + "Although designed to be discreet, it doesn't mimic a standard HTTPS connection and can be detected by some DPI systems. " + "Due to limited support in Amnezia, we recommend using the AmneziaWG protocol.\n" + "\nFeatures:\n" + "* Available in AmneziaVPN only on desktop platforms\n" + "* Customizable encryption protocol\n" "* Detectable by some DPI systems\n" - "* Works over TCP network protocol.") }, + "* Operates over TCP protocol\n") }, { DockerContainer::Cloak, - QObject::tr("This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for " - "protecting against blocking.\n\n" - "OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client " - "and the server.\n\n" - "Cloak protects OpenVPN from detection and blocking. \n\n" - "Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, " - "and also protects the VPN from detection by Active Probing. This makes it very resistant to " - "being detected\n\n" - "Immediately after receiving the first data packet, Cloak authenticates the incoming connection. " - "If authentication fails, the plugin masks the server as a fake website and your VPN becomes " - "invisible to analysis systems.\n\n" - "If there is a extreme level of Internet censorship in your region, we advise you to use only " - "OpenVPN over Cloak from the first connection\n\n" - "* Available in the AmneziaVPN across all platforms\n" + QObject::tr("This combination includes the OpenVPN protocol and the Cloak plugin, specifically designed to protect against blocking.\n" + "\nOpenVPN securely encrypts all internet traffic between your device and the server.\n" + "\nThe Cloak plugin further protects the connection from DPI detection. " + "It modifies traffic metadata to disguise VPN traffic as regular web traffic and prevents detection through active probing. " + "If an incoming connection fails authentication, Cloak serves a fake website, making your VPN invisible to traffic analysis systems.\n" + "\nIn regions with heavy internet censorship, we strongly recommend using OpenVPN with Cloak from your first connection.\n" + "\nFeatures:\n" + "* Available on all AmneziaVPN platforms\n" "* High power consumption on mobile devices\n" - "* Flexible settings\n" - "* Not recognised by DPI analysis systems\n" - "* Works over TCP network protocol, 443 port.\n") }, + "* Flexible configuration options\n" + "* Undetectable by DPI systems\n" + "* Operates over TCP protocol on port 443") }, { DockerContainer::WireGuard, - QObject::tr("A relatively new popular VPN protocol with a simplified architecture.\n" - "WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption " - "settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput.\n" - "WireGuard is very susceptible to blocking due to its distinct packet signatures. " - "Unlike some other VPN protocols that employ obfuscation techniques, " - "the consistent signature patterns of WireGuard packets can be more easily identified and " - "thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools.\n\n" - "* Available in the AmneziaVPN across all platforms\n" - "* Low power consumption\n" - "* Minimum number of settings\n" - "* Easily recognised by DPI analysis systems, susceptible to blocking\n" - "* Works over UDP network protocol.") }, + QObject::tr("WireGuard is a modern, streamlined VPN protocol offering stable connectivity and excellent performance across all devices. " + "It uses fixed encryption settings, delivering lower latency and higher data transfer speeds compared to OpenVPN. " + "However, WireGuard is easily identifiable by DPI systems due to its distinctive packet signatures, making it susceptible to blocking.\n" + "\nFeatures:\n" + "* Available on all AmneziaVPN platforms\n" + "* Low power consumption on mobile devices\n" + "* Minimal configuration required\n" + "* Easily detected by DPI systems (susceptible to blocking)\n" + "* Operates over UDP protocol") }, { DockerContainer::Awg, - QObject::tr("A modern iteration of the popular VPN protocol, " - "AmneziaWG builds upon the foundation set by WireGuard, " - "retaining its simplified architecture and high-performance capabilities across devices.\n" - "While WireGuard is known for its efficiency, " - "it had issues with being easily detected due to its distinct packet signatures. " - "AmneziaWG solves this problem by using better obfuscation methods, " - "making its traffic blend in with regular internet traffic.\n" - "This means that AmneziaWG keeps the fast performance of the original " - "while adding an extra layer of stealth, " - "making it a great choice for those wanting a fast and discreet VPN connection.\n\n" - "* Available in the AmneziaVPN across all platforms\n" - "* Low power consumption\n" - "* Minimum number of settings\n" - "* Not recognised by DPI analysis systems, resistant to blocking\n" - "* Works over UDP network protocol.") }, + QObject::tr("AmneziaWG is a modern VPN protocol based on WireGuard, " + "combining simplified architecture with high performance across all devices. " + "It addresses WireGuard's main vulnerability (easy detection by DPI systems) through advanced obfuscation techniques, " + "making VPN traffic indistinguishable from regular internet traffic.\n" + "\nAmneziaWG is an excellent choice for those seeking a fast, stealthy VPN connection.\n" + "\nFeatures:\n" + "* Available on all AmneziaVPN platforms\n" + "* Low battery consumption on mobile devices\n" + "* Minimal settings required\n" + "* Undetectable by traffic analysis systems (DPI)\n" + "* Operates over UDP protocol") }, { DockerContainer::Xray, - QObject::tr("The REALITY protocol, a pioneering development by the creators of XRay, " - "is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion.\n" - "It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, " - "thus presenting an authentic TLS certificate and data. \n" - "This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, " - "legitimate sites without the need for specific configurations. \n" - "Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, " - "REALITY's innovative \"friend or foe\" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. " - "This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship.") - }, + QObject::tr("REALITY is an innovative protocol developed by the creators of XRay, designed specifically to combat high levels of internet censorship. " + "REALITY identifies censorship systems during the TLS handshake, " + "redirecting suspicious traffic seamlessly to legitimate websites like google.com while providing genuine TLS certificates. " + "This allows VPN traffic to blend indistinguishably with regular web traffic without special configuration." + "\nUnlike older protocols such as VMess, VLESS, and XTLS-Vision, REALITY incorporates an advanced built-in \"friend-or-foe\" detection mechanism, " + "effectively protecting against DPI and other traffic analysis methods.\n" + "\nFeatures:\n" + "* Resistant to active probing and DPI detection\n" + "* No special configuration required to disguise traffic\n" + "* Highly effective in heavily censored regions\n" + "* Minimal battery consumption on devices\n" + "* Operates over TCP protocol") }, { DockerContainer::Ipsec, - QObject::tr("IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol.\n" - "One of its distinguishing features is its ability to swiftly switch between networks and devices, " - "making it particularly adaptive in dynamic network environments. \n" - "While it offers a blend of security, stability, and speed, " - "it's essential to note that IKEv2 can be easily detected and is susceptible to blocking.\n\n" - "* Available in the AmneziaVPN only on Windows\n" - "* Low power consumption, on mobile devices\n" - "* Minimal configuration\n" - "* Recognised by DPI analysis systems\n" - "* Works over UDP network protocol, ports 500 and 4500.") }, + QObject::tr("IKEv2, combined with IPSec encryption, is a modern and reliable VPN protocol. " + "It reconnects quickly when switching networks or devices, making it ideal for dynamic network environments. " + "While it provides good security and speed, it's easily recognized by DPI systems and susceptible to blocking.\n" + "\nFeatures:\n" + "* Available in AmneziaVPN only on Windows\n" + "* Low battery consumption on mobile devices\n" + "* Minimal configuration required\n" + "* Detectable by DPI analysis systems(easily blocked)\n" + "* Operates over UDP protocol(ports 500 and 4500)") }, { DockerContainer::TorWebSite, QObject::tr("Website in Tor network") }, { DockerContainer::Dns, QObject::tr("DNS Service") }, @@ -332,9 +312,7 @@ QStringList ContainerProps::fixedPortsForContainer(DockerContainer c) bool ContainerProps::isEasySetupContainer(DockerContainer container) { switch (container) { - case DockerContainer::WireGuard: return true; case DockerContainer::Awg: return true; - // case DockerContainer::Cloak: return true; default: return false; } } @@ -342,9 +320,7 @@ bool ContainerProps::isEasySetupContainer(DockerContainer container) QString ContainerProps::easySetupHeader(DockerContainer container) { switch (container) { - case DockerContainer::WireGuard: return tr("Low"); - case DockerContainer::Awg: return tr("High"); - // case DockerContainer::Cloak: return tr("Extreme"); + case DockerContainer::Awg: return tr("Automatic"); default: return ""; } } @@ -352,10 +328,8 @@ QString ContainerProps::easySetupHeader(DockerContainer container) QString ContainerProps::easySetupDescription(DockerContainer container) { switch (container) { - case DockerContainer::WireGuard: return tr("I just want to increase the level of my privacy."); - case DockerContainer::Awg: return tr("I want to bypass censorship. This option recommended in most cases."); - // case DockerContainer::Cloak: - // return tr("Most VPN protocols are blocked. Recommended if other options are not working."); + case DockerContainer::Awg: return tr("AmneziaWG protocol will be installed. " + "It provides high connection speed and ensures stable operation even in the most challenging network conditions."); default: return ""; } } @@ -363,9 +337,7 @@ QString ContainerProps::easySetupDescription(DockerContainer container) int ContainerProps::easySetupOrder(DockerContainer container) { switch (container) { - case DockerContainer::WireGuard: return 3; - case DockerContainer::Awg: return 2; - // case DockerContainer::Cloak: return 1; + case DockerContainer::Awg: return 1; default: return 0; } } @@ -384,9 +356,9 @@ bool ContainerProps::isShareable(DockerContainer container) QJsonObject ContainerProps::getProtocolConfigFromContainer(const Proto protocol, const QJsonObject &containerConfig) { QString protocolConfigString = containerConfig.value(ProtocolProps::protoToString(protocol)) - .toObject() - .value(config_key::last_config) - .toString(); + .toObject() + .value(config_key::last_config) + .toString(); return QJsonDocument::fromJson(protocolConfigString.toUtf8()).object(); } diff --git a/client/core/api/apiDefs.h b/client/core/api/apiDefs.h new file mode 100644 index 00000000..12c8051f --- /dev/null +++ b/client/core/api/apiDefs.h @@ -0,0 +1,72 @@ +#ifndef APIDEFS_H +#define APIDEFS_H + +#include + +namespace apiDefs +{ + enum ConfigType { + AmneziaFreeV2 = 0, + AmneziaFreeV3, + AmneziaPremiumV1, + AmneziaPremiumV2, + SelfHosted, + ExternalPremium + }; + + enum ConfigSource { + Telegram = 1, + AmneziaGateway + }; + + namespace key + { + constexpr QLatin1String configVersion("config_version"); + constexpr QLatin1String apiEndpoint("api_endpoint"); + constexpr QLatin1String apiKey("api_key"); + constexpr QLatin1String description("description"); + constexpr QLatin1String name("name"); + constexpr QLatin1String protocol("protocol"); + + constexpr QLatin1String apiConfig("api_config"); + constexpr QLatin1String stackType("stack_type"); + constexpr QLatin1String serviceType("service_type"); + constexpr QLatin1String cliVersion("cli_version"); + constexpr QLatin1String supportedProtocols("supported_protocols"); + + constexpr QLatin1String vpnKey("vpn_key"); + constexpr QLatin1String config("config"); + constexpr QLatin1String configs("configs"); + + constexpr QLatin1String installationUuid("installation_uuid"); + constexpr QLatin1String workerLastUpdated("worker_last_updated"); + constexpr QLatin1String lastDownloaded("last_downloaded"); + constexpr QLatin1String sourceType("source_type"); + + constexpr QLatin1String serverCountryCode("server_country_code"); + constexpr QLatin1String serverCountryName("server_country_name"); + + constexpr QLatin1String osVersion("os_version"); + + constexpr QLatin1String availableCountries("available_countries"); + constexpr QLatin1String activeDeviceCount("active_device_count"); + constexpr QLatin1String maxDeviceCount("max_device_count"); + constexpr QLatin1String subscriptionEndDate("subscription_end_date"); + constexpr QLatin1String issuedConfigs("issued_configs"); + + constexpr QLatin1String supportInfo("support_info"); + constexpr QLatin1String email("email"); + constexpr QLatin1String billingEmail("billing_email"); + constexpr QLatin1String website("website"); + constexpr QLatin1String websiteName("website_name"); + constexpr QLatin1String telegram("telegram"); + + constexpr QLatin1String id("id"); + constexpr QLatin1String orderId("order_id"); + constexpr QLatin1String migrationCode("migration_code"); + } + + const int requestTimeoutMsecs = 12 * 1000; // 12 secs +} + +#endif // APIDEFS_H diff --git a/client/core/api/apiUtils.cpp b/client/core/api/apiUtils.cpp new file mode 100644 index 00000000..7f3e6db3 --- /dev/null +++ b/client/core/api/apiUtils.cpp @@ -0,0 +1,164 @@ +#include "apiUtils.h" + +#include +#include + +namespace +{ + const QByteArray AMNEZIA_CONFIG_SIGNATURE = QByteArray::fromHex("000000ff"); + + QString escapeUnicode(const QString &input) + { + QString output; + for (QChar c : input) { + if (c.unicode() < 0x20 || c.unicode() > 0x7E) { + output += QString("\\u%1").arg(QString::number(c.unicode(), 16).rightJustified(4, '0')); + } else { + output += c; + } + } + return output; + } +} + +bool apiUtils::isSubscriptionExpired(const QString &subscriptionEndDate) +{ + QDateTime now = QDateTime::currentDateTime(); + QDateTime endDate = QDateTime::fromString(subscriptionEndDate, Qt::ISODateWithMs); + return endDate < now; +} + +bool apiUtils::isServerFromApi(const QJsonObject &serverConfigObject) +{ + auto configVersion = serverConfigObject.value(apiDefs::key::configVersion).toInt(); + switch (configVersion) { + case apiDefs::ConfigSource::Telegram: return true; + case apiDefs::ConfigSource::AmneziaGateway: return true; + default: return false; + } +} + +apiDefs::ConfigType apiUtils::getConfigType(const QJsonObject &serverConfigObject) +{ + auto configVersion = serverConfigObject.value(apiDefs::key::configVersion).toInt(); + + switch (configVersion) { + case apiDefs::ConfigSource::Telegram: { + constexpr QLatin1String freeV2Endpoint(FREE_V2_ENDPOINT); + constexpr QLatin1String premiumV1Endpoint(PREM_V1_ENDPOINT); + + auto apiEndpoint = serverConfigObject.value(apiDefs::key::apiEndpoint).toString(); + + if (apiEndpoint.contains(premiumV1Endpoint)) { + return apiDefs::ConfigType::AmneziaPremiumV1; + } else if (apiEndpoint.contains(freeV2Endpoint)) { + return apiDefs::ConfigType::AmneziaFreeV2; + } + }; + case apiDefs::ConfigSource::AmneziaGateway: { + constexpr QLatin1String servicePremium("amnezia-premium"); + constexpr QLatin1String serviceFree("amnezia-free"); + constexpr QLatin1String serviceExternalPremium("external-premium"); + + auto apiConfigObject = serverConfigObject.value(apiDefs::key::apiConfig).toObject(); + auto serviceType = apiConfigObject.value(apiDefs::key::serviceType).toString(); + + if (serviceType == servicePremium) { + return apiDefs::ConfigType::AmneziaPremiumV2; + } else if (serviceType == serviceFree) { + return apiDefs::ConfigType::AmneziaFreeV3; + } else if (serviceType == serviceExternalPremium) { + return apiDefs::ConfigType::ExternalPremium; + } + } + default: { + return apiDefs::ConfigType::SelfHosted; + } + }; +} + +apiDefs::ConfigSource apiUtils::getConfigSource(const QJsonObject &serverConfigObject) +{ + return static_cast(serverConfigObject.value(apiDefs::key::configVersion).toInt()); +} + +amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList &sslErrors, QNetworkReply *reply) +{ + const int httpStatusCodeConflict = 409; + const int httpStatusCodeNotFound = 404; + + if (!sslErrors.empty()) { + qDebug().noquote() << sslErrors; + return amnezia::ErrorCode::ApiConfigSslError; + } else if (reply->error() == QNetworkReply::NoError) { + return amnezia::ErrorCode::NoError; + } else if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError + || reply->error() == QNetworkReply::NetworkError::TimeoutError) { + qDebug() << reply->error(); + return amnezia::ErrorCode::ApiConfigTimeoutError; + } else if (reply->error() == QNetworkReply::NetworkError::OperationNotImplementedError) { + qDebug() << reply->error(); + return amnezia::ErrorCode::ApiUpdateRequestError; + } else { + QString err = reply->errorString(); + int httpStatusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt(); + qDebug() << QString::fromUtf8(reply->readAll()); + qDebug() << reply->error(); + qDebug() << err; + qDebug() << httpStatusCode; + if (httpStatusCode == httpStatusCodeConflict) { + return amnezia::ErrorCode::ApiConfigLimitError; + } else if (httpStatusCode == httpStatusCodeNotFound) { + return amnezia::ErrorCode::ApiNotFoundError; + } + return amnezia::ErrorCode::ApiConfigDownloadError; + } + + qDebug() << "something went wrong"; + return amnezia::ErrorCode::InternalError; +} + +bool apiUtils::isPremiumServer(const QJsonObject &serverConfigObject) +{ + static const QSet premiumTypes = { apiDefs::ConfigType::AmneziaPremiumV1, apiDefs::ConfigType::AmneziaPremiumV2, + apiDefs::ConfigType::ExternalPremium }; + return premiumTypes.contains(getConfigType(serverConfigObject)); +} + +QString apiUtils::getPremiumV1VpnKey(const QJsonObject &serverConfigObject) +{ + if (apiUtils::getConfigType(serverConfigObject) != apiDefs::ConfigType::AmneziaPremiumV1) { + return {}; + } + + QList> orderedFields; + orderedFields.append(qMakePair(apiDefs::key::name, serverConfigObject[apiDefs::key::name].toString())); + orderedFields.append(qMakePair(apiDefs::key::description, serverConfigObject[apiDefs::key::description].toString())); + orderedFields.append(qMakePair(apiDefs::key::configVersion, serverConfigObject[apiDefs::key::configVersion].toDouble())); + orderedFields.append(qMakePair(apiDefs::key::protocol, serverConfigObject[apiDefs::key::protocol].toString())); + orderedFields.append(qMakePair(apiDefs::key::apiEndpoint, serverConfigObject[apiDefs::key::apiEndpoint].toString())); + orderedFields.append(qMakePair(apiDefs::key::apiKey, serverConfigObject[apiDefs::key::apiKey].toString())); + + QString vpnKeyStr = "{"; + for (int i = 0; i < orderedFields.size(); ++i) { + const auto &pair = orderedFields[i]; + if (pair.second.typeId() == QMetaType::Type::QString) { + vpnKeyStr += "\"" + pair.first + "\": \"" + pair.second.toString() + "\""; + } else if (pair.second.typeId() == QMetaType::Type::Double || pair.second.typeId() == QMetaType::Type::Int) { + vpnKeyStr += "\"" + pair.first + "\": " + QString::number(pair.second.toDouble(), 'f', 1); + } + + if (i < orderedFields.size() - 1) { + vpnKeyStr += ", "; + } + } + vpnKeyStr += "}"; + + QByteArray vpnKeyCompressed = escapeUnicode(vpnKeyStr).toUtf8(); + vpnKeyCompressed = qCompress(vpnKeyCompressed, 6); + vpnKeyCompressed = vpnKeyCompressed.mid(4); + + QByteArray signedData = AMNEZIA_CONFIG_SIGNATURE + vpnKeyCompressed; + + return QString("vpn://%1").arg(QString(signedData.toBase64(QByteArray::Base64UrlEncoding))); +} diff --git a/client/core/api/apiUtils.h b/client/core/api/apiUtils.h new file mode 100644 index 00000000..45eaf2de --- /dev/null +++ b/client/core/api/apiUtils.h @@ -0,0 +1,26 @@ +#ifndef APIUTILS_H +#define APIUTILS_H + +#include +#include + +#include "apiDefs.h" +#include "core/defs.h" + +namespace apiUtils +{ + bool isServerFromApi(const QJsonObject &serverConfigObject); + + bool isSubscriptionExpired(const QString &subscriptionEndDate); + + bool isPremiumServer(const QJsonObject &serverConfigObject); + + apiDefs::ConfigType getConfigType(const QJsonObject &serverConfigObject); + apiDefs::ConfigSource getConfigSource(const QJsonObject &serverConfigObject); + + amnezia::ErrorCode checkNetworkReplyErrors(const QList &sslErrors, QNetworkReply *reply); + + QString getPremiumV1VpnKey(const QJsonObject &serverConfigObject); +} + +#endif // APIUTILS_H diff --git a/client/core/controllers/apiController.cpp b/client/core/controllers/apiController.cpp deleted file mode 100644 index 6562632a..00000000 --- a/client/core/controllers/apiController.cpp +++ /dev/null @@ -1,509 +0,0 @@ -#include "apiController.h" - -#include -#include - -#include -#include -#include -#include - -#include "QBlockCipher.h" -#include "QRsa.h" - -#include "amnezia_application.h" -#include "configurators/wireguard_configurator.h" -#include "core/enums/apiEnums.h" -#include "utilities.h" -#include "version.h" - -namespace -{ - namespace configKey - { - constexpr char cloak[] = "cloak"; - constexpr char awg[] = "awg"; - - constexpr char apiEdnpoint[] = "api_endpoint"; - constexpr char accessToken[] = "api_key"; - constexpr char certificate[] = "certificate"; - constexpr char publicKey[] = "public_key"; - constexpr char protocol[] = "protocol"; - - constexpr char uuid[] = "installation_uuid"; - constexpr char osVersion[] = "os_version"; - constexpr char appVersion[] = "app_version"; - - constexpr char userCountryCode[] = "user_country_code"; - constexpr char serverCountryCode[] = "server_country_code"; - constexpr char serviceType[] = "service_type"; - constexpr char serviceInfo[] = "service_info"; - - constexpr char aesKey[] = "aes_key"; - constexpr char aesIv[] = "aes_iv"; - constexpr char aesSalt[] = "aes_salt"; - - constexpr char apiPayload[] = "api_payload"; - constexpr char keyPayload[] = "key_payload"; - - constexpr char apiConfig[] = "api_config"; - constexpr char authData[] = "auth_data"; - } - - const int requestTimeoutMsecs = 12 * 1000; // 12 secs - - ErrorCode checkErrors(const QList &sslErrors, QNetworkReply *reply) - { - if (!sslErrors.empty()) { - qDebug().noquote() << sslErrors; - return ErrorCode::ApiConfigSslError; - } else if (reply->error() == QNetworkReply::NoError) { - return ErrorCode::NoError; - } else if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError - || reply->error() == QNetworkReply::NetworkError::TimeoutError) { - return ErrorCode::ApiConfigTimeoutError; - } else { - QString err = reply->errorString(); - qDebug() << QString::fromUtf8(reply->readAll()); - qDebug() << reply->error(); - qDebug() << err; - qDebug() << reply->attribute(QNetworkRequest::HttpStatusCodeAttribute); - return ErrorCode::ApiConfigDownloadError; - } - } - - bool shouldBypassProxy(QNetworkReply *reply, const QByteArray &responseBody, bool checkEncryption, const QByteArray &key = "", - const QByteArray &iv = "", const QByteArray &salt = "") - { - if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError - || reply->error() == QNetworkReply::NetworkError::TimeoutError) { - qDebug() << "Timeout occurred"; - return true; - } else if (responseBody.contains("html")) { - qDebug() << "The response contains an html tag"; - return true; - } else if (checkEncryption) { - try { - QSimpleCrypto::QBlockCipher blockCipher; - static_cast(blockCipher.decryptAesBlockCipher(responseBody, key, iv, "", salt)); - } catch (...) { - qDebug() << "Failed to decrypt the data"; - return true; - } - } - return false; - } -} - -ApiController::ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent) - : QObject(parent), m_gatewayEndpoint(gatewayEndpoint), m_isDevEnvironment(isDevEnvironment) -{ -} - -void ApiController::fillServerConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, - const QByteArray &apiResponseBody, QJsonObject &serverConfig) -{ - QString data = QJsonDocument::fromJson(apiResponseBody).object().value(config_key::config).toString(); - - data.replace("vpn://", ""); - QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); - - if (ba.isEmpty()) { - emit errorOccurred(ErrorCode::ApiConfigEmptyError); - return; - } - - QByteArray ba_uncompressed = qUncompress(ba); - if (!ba_uncompressed.isEmpty()) { - ba = ba_uncompressed; - } - - QString configStr = ba; - if (protocol == configKey::cloak) { - configStr.replace("", "\n"); - configStr.replace("$OPENVPN_PRIV_KEY", apiPayloadData.certRequest.privKey); - } else if (protocol == configKey::awg) { - configStr.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", apiPayloadData.wireGuardClientPrivKey); - auto newServerConfig = QJsonDocument::fromJson(configStr.toUtf8()).object(); - auto containers = newServerConfig.value(config_key::containers).toArray(); - if (containers.isEmpty()) { - return; // todo process error - } - auto container = containers.at(0).toObject(); - QString containerName = ContainerProps::containerTypeToString(DockerContainer::Awg); - auto containerConfig = container.value(containerName).toObject(); - auto protocolConfig = QJsonDocument::fromJson(containerConfig.value(config_key::last_config).toString().toUtf8()).object(); - containerConfig[config_key::junkPacketCount] = protocolConfig.value(config_key::junkPacketCount); - containerConfig[config_key::junkPacketMinSize] = protocolConfig.value(config_key::junkPacketMinSize); - containerConfig[config_key::junkPacketMaxSize] = protocolConfig.value(config_key::junkPacketMaxSize); - containerConfig[config_key::initPacketJunkSize] = protocolConfig.value(config_key::initPacketJunkSize); - containerConfig[config_key::responsePacketJunkSize] = protocolConfig.value(config_key::responsePacketJunkSize); - containerConfig[config_key::initPacketMagicHeader] = protocolConfig.value(config_key::initPacketMagicHeader); - containerConfig[config_key::responsePacketMagicHeader] = protocolConfig.value(config_key::responsePacketMagicHeader); - containerConfig[config_key::underloadPacketMagicHeader] = protocolConfig.value(config_key::underloadPacketMagicHeader); - containerConfig[config_key::transportPacketMagicHeader] = protocolConfig.value(config_key::transportPacketMagicHeader); - container[containerName] = containerConfig; - containers.replace(0, container); - newServerConfig[config_key::containers] = containers; - configStr = QString(QJsonDocument(newServerConfig).toJson()); - } - - QJsonObject newServerConfig = QJsonDocument::fromJson(configStr.toUtf8()).object(); - serverConfig[config_key::dns1] = newServerConfig.value(config_key::dns1); - serverConfig[config_key::dns2] = newServerConfig.value(config_key::dns2); - serverConfig[config_key::containers] = newServerConfig.value(config_key::containers); - serverConfig[config_key::hostName] = newServerConfig.value(config_key::hostName); - - if (newServerConfig.value(config_key::configVersion).toInt() == ApiConfigSources::AmneziaGateway) { - serverConfig[config_key::configVersion] = newServerConfig.value(config_key::configVersion); - serverConfig[config_key::description] = newServerConfig.value(config_key::description); - serverConfig[config_key::name] = newServerConfig.value(config_key::name); - } - - auto defaultContainer = newServerConfig.value(config_key::defaultContainer).toString(); - serverConfig[config_key::defaultContainer] = defaultContainer; - - QVariantMap map = serverConfig.value(configKey::apiConfig).toObject().toVariantMap(); - map.insert(newServerConfig.value(configKey::apiConfig).toObject().toVariantMap()); - auto apiConfig = QJsonObject::fromVariantMap(map); - - if (newServerConfig.value(config_key::configVersion).toInt() == ApiConfigSources::AmneziaGateway) { - apiConfig.insert(configKey::serviceInfo, QJsonDocument::fromJson(apiResponseBody).object().value(configKey::serviceInfo).toObject()); - } - - serverConfig[configKey::apiConfig] = apiConfig; - - return; -} - -QStringList ApiController::getProxyUrls() -{ - QNetworkRequest request; - request.setTransferTimeout(requestTimeoutMsecs); - request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); - - QEventLoop wait; - QList sslErrors; - QNetworkReply *reply; - - QStringList proxyStorageUrl; - if (m_isDevEnvironment) { - proxyStorageUrl = QStringList { DEV_S3_ENDPOINT }; - } else { - proxyStorageUrl = QStringList { PROD_S3_ENDPOINT }; - } - - QByteArray key = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY; - - for (const auto &proxyStorageUrl : proxyStorageUrl) { - request.setUrl(proxyStorageUrl); - reply = amnApp->manager()->get(request); - - connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); - connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); - wait.exec(); - - if (reply->error() == QNetworkReply::NetworkError::NoError) { - break; - } - reply->deleteLater(); - } - - auto encryptedResponseBody = reply->readAll(); - reply->deleteLater(); - - EVP_PKEY *privateKey = nullptr; - QByteArray responseBody; - try { - if (!m_isDevEnvironment) { - QCryptographicHash hash(QCryptographicHash::Sha512); - hash.addData(key); - QByteArray hashResult = hash.result().toHex(); - - QByteArray key = QByteArray::fromHex(hashResult.left(64)); - QByteArray iv = QByteArray::fromHex(hashResult.mid(64, 32)); - - QByteArray ba = QByteArray::fromBase64(encryptedResponseBody); - - QSimpleCrypto::QBlockCipher blockCipher; - responseBody = blockCipher.decryptAesBlockCipher(ba, key, iv); - } else { - responseBody = encryptedResponseBody; - } - } catch (...) { - Utils::logException(); - qCritical() << "error loading private key from environment variables or decrypting payload"; - return {}; - } - - auto endpointsArray = QJsonDocument::fromJson(responseBody).array(); - - QStringList endpoints; - for (const auto &endpoint : endpointsArray) { - endpoints.push_back(endpoint.toString()); - } - return endpoints; -} - -ApiController::ApiPayloadData ApiController::generateApiPayloadData(const QString &protocol) -{ - ApiController::ApiPayloadData apiPayload; - if (protocol == configKey::cloak) { - apiPayload.certRequest = OpenVpnConfigurator::createCertRequest(); - } else if (protocol == configKey::awg) { - auto connData = WireguardConfigurator::genClientKeys(); - apiPayload.wireGuardClientPubKey = connData.clientPubKey; - apiPayload.wireGuardClientPrivKey = connData.clientPrivKey; - } - return apiPayload; -} - -QJsonObject ApiController::fillApiPayload(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData) -{ - QJsonObject obj; - if (protocol == configKey::cloak) { - obj[configKey::certificate] = apiPayloadData.certRequest.request; - } else if (protocol == configKey::awg) { - obj[configKey::publicKey] = apiPayloadData.wireGuardClientPubKey; - } - - obj[configKey::osVersion] = QSysInfo::productType(); - obj[configKey::appVersion] = QString(APP_VERSION); - - return obj; -} - -void ApiController::updateServerConfigFromApi(const QString &installationUuid, const int serverIndex, QJsonObject serverConfig) -{ -#ifdef Q_OS_IOS - IosController::Instance()->requestInetAccess(); - QThread::msleep(10); -#endif - - if (serverConfig.value(config_key::configVersion).toInt()) { - QNetworkRequest request; - request.setTransferTimeout(requestTimeoutMsecs); - request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); - request.setRawHeader("Authorization", "Api-Key " + serverConfig.value(configKey::accessToken).toString().toUtf8()); - QString endpoint = serverConfig.value(configKey::apiEdnpoint).toString(); - request.setUrl(endpoint); - - QString protocol = serverConfig.value(configKey::protocol).toString(); - - ApiPayloadData apiPayloadData = generateApiPayloadData(protocol); - - QJsonObject apiPayload = fillApiPayload(protocol, apiPayloadData); - apiPayload[configKey::uuid] = installationUuid; - - QByteArray requestBody = QJsonDocument(apiPayload).toJson(); - - QNetworkReply *reply = amnApp->manager()->post(request, requestBody); - - QObject::connect(reply, &QNetworkReply::finished, [this, reply, protocol, apiPayloadData, serverIndex, serverConfig]() mutable { - if (reply->error() == QNetworkReply::NoError) { - auto apiResponseBody = reply->readAll(); - fillServerConfig(protocol, apiPayloadData, apiResponseBody, serverConfig); - emit finished(serverConfig, serverIndex); - } else { - if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError - || reply->error() == QNetworkReply::NetworkError::TimeoutError) { - emit errorOccurred(ErrorCode::ApiConfigTimeoutError); - } else { - QString err = reply->errorString(); - qDebug() << QString::fromUtf8(reply->readAll()); - qDebug() << reply->error(); - qDebug() << err; - qDebug() << reply->attribute(QNetworkRequest::HttpStatusCodeAttribute); - emit errorOccurred(ErrorCode::ApiConfigDownloadError); - } - } - - reply->deleteLater(); - }); - - QObject::connect(reply, &QNetworkReply::errorOccurred, - [this, reply](QNetworkReply::NetworkError error) { qDebug() << reply->errorString() << error; }); - connect(reply, &QNetworkReply::sslErrors, [this, reply](const QList &errors) { - qDebug().noquote() << errors; - emit errorOccurred(ErrorCode::ApiConfigSslError); - }); - } -} - -ErrorCode ApiController::getServicesList(QByteArray &responseBody) -{ -#ifdef Q_OS_IOS - IosController::Instance()->requestInetAccess(); - QThread::msleep(10); -#endif - - QNetworkRequest request; - request.setTransferTimeout(requestTimeoutMsecs); - request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); - - request.setUrl(QString("%1v1/services").arg(m_gatewayEndpoint)); - - QNetworkReply *reply; - reply = amnApp->manager()->get(request); - - QEventLoop wait; - QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); - - QList sslErrors; - connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); - wait.exec(); - - responseBody = reply->readAll(); - - if (sslErrors.isEmpty() && shouldBypassProxy(reply, responseBody, false)) { - m_proxyUrls = getProxyUrls(); - std::random_device randomDevice; - std::mt19937 generator(randomDevice()); - std::shuffle(m_proxyUrls.begin(), m_proxyUrls.end(), generator); - for (const QString &proxyUrl : m_proxyUrls) { - qDebug() << "Go to the next endpoint"; - request.setUrl(QString("%1v1/services").arg(proxyUrl)); - reply->deleteLater(); // delete the previous reply - reply = amnApp->manager()->get(request); - - QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); - connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); - wait.exec(); - - responseBody = reply->readAll(); - if (!sslErrors.isEmpty() || !shouldBypassProxy(reply, responseBody, false)) { - break; - } - } - } - - auto errorCode = checkErrors(sslErrors, reply); - reply->deleteLater(); - - if (errorCode == ErrorCode::NoError) { - if (!responseBody.contains("services")) { - return ErrorCode::ApiServicesMissingError; - } - } - - return errorCode; -} - -ErrorCode ApiController::getConfigForService(const QString &installationUuid, const QString &userCountryCode, const QString &serviceType, - const QString &protocol, const QString &serverCountryCode, const QJsonObject &authData, - QJsonObject &serverConfig) -{ -#ifdef Q_OS_IOS - IosController::Instance()->requestInetAccess(); - QThread::msleep(10); -#endif - - QNetworkRequest request; - request.setTransferTimeout(requestTimeoutMsecs); - request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); - - request.setUrl(QString("%1v1/config").arg(m_gatewayEndpoint)); - - ApiPayloadData apiPayloadData = generateApiPayloadData(protocol); - - QJsonObject apiPayload = fillApiPayload(protocol, apiPayloadData); - apiPayload[configKey::userCountryCode] = userCountryCode; - if (!serverCountryCode.isEmpty()) { - apiPayload[configKey::serverCountryCode] = serverCountryCode; - } - apiPayload[configKey::serviceType] = serviceType; - apiPayload[configKey::uuid] = installationUuid; - if (!authData.isEmpty()) { - apiPayload[configKey::authData] = authData; - } - - QSimpleCrypto::QBlockCipher blockCipher; - QByteArray key = blockCipher.generatePrivateSalt(32); - QByteArray iv = blockCipher.generatePrivateSalt(32); - QByteArray salt = blockCipher.generatePrivateSalt(8); - - QJsonObject keyPayload; - keyPayload[configKey::aesKey] = QString(key.toBase64()); - keyPayload[configKey::aesIv] = QString(iv.toBase64()); - keyPayload[configKey::aesSalt] = QString(salt.toBase64()); - - QByteArray encryptedKeyPayload; - QByteArray encryptedApiPayload; - try { - QSimpleCrypto::QRsa rsa; - - EVP_PKEY *publicKey = nullptr; - try { - QByteArray rsaKey = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY; - QSimpleCrypto::QRsa rsa; - publicKey = rsa.getPublicKeyFromByteArray(rsaKey); - } catch (...) { - Utils::logException(); - qCritical() << "error loading public key from environment variables"; - return ErrorCode::ApiMissingAgwPublicKey; - } - - encryptedKeyPayload = rsa.encrypt(QJsonDocument(keyPayload).toJson(), publicKey, RSA_PKCS1_PADDING); - EVP_PKEY_free(publicKey); - - encryptedApiPayload = blockCipher.encryptAesBlockCipher(QJsonDocument(apiPayload).toJson(), key, iv, "", salt); - } catch (...) { // todo change error handling in QSimpleCrypto? - Utils::logException(); - qCritical() << "error when encrypting the request body"; - return ErrorCode::ApiConfigDecryptionError; - } - - QJsonObject requestBody; - requestBody[configKey::keyPayload] = QString(encryptedKeyPayload.toBase64()); - requestBody[configKey::apiPayload] = QString(encryptedApiPayload.toBase64()); - - QNetworkReply *reply = amnApp->manager()->post(request, QJsonDocument(requestBody).toJson()); - - QEventLoop wait; - connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); - - QList sslErrors; - connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); - wait.exec(); - - auto encryptedResponseBody = reply->readAll(); - - if (sslErrors.isEmpty() && shouldBypassProxy(reply, encryptedResponseBody, true, key, iv, salt)) { - m_proxyUrls = getProxyUrls(); - std::random_device randomDevice; - std::mt19937 generator(randomDevice()); - std::shuffle(m_proxyUrls.begin(), m_proxyUrls.end(), generator); - for (const QString &proxyUrl : m_proxyUrls) { - qDebug() << "Go to the next endpoint"; - request.setUrl(QString("%1v1/config").arg(proxyUrl)); - reply->deleteLater(); // delete the previous reply - reply = amnApp->manager()->post(request, QJsonDocument(requestBody).toJson()); - - QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); - connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); - wait.exec(); - - encryptedResponseBody = reply->readAll(); - if (!sslErrors.isEmpty() || !shouldBypassProxy(reply, encryptedResponseBody, true, key, iv, salt)) { - break; - } - } - } - - auto errorCode = checkErrors(sslErrors, reply); - reply->deleteLater(); - if (errorCode) { - return errorCode; - } - - try { - auto responseBody = blockCipher.decryptAesBlockCipher(encryptedResponseBody, key, iv, "", salt); - fillServerConfig(protocol, apiPayloadData, responseBody, serverConfig); - } catch (...) { // todo change error handling in QSimpleCrypto? - Utils::logException(); - qCritical() << "error when decrypting the request body"; - return ErrorCode::ApiConfigDecryptionError; - } - - return errorCode; -} diff --git a/client/core/controllers/apiController.h b/client/core/controllers/apiController.h deleted file mode 100644 index bcb25f96..00000000 --- a/client/core/controllers/apiController.h +++ /dev/null @@ -1,50 +0,0 @@ -#ifndef APICONTROLLER_H -#define APICONTROLLER_H - -#include - -#include "configurators/openvpn_configurator.h" - -#ifdef Q_OS_IOS - #include "platforms/ios/ios_controller.h" -#endif - -class ApiController : public QObject -{ - Q_OBJECT - -public: - explicit ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent = nullptr); - -public slots: - void updateServerConfigFromApi(const QString &installationUuid, const int serverIndex, QJsonObject serverConfig); - - ErrorCode getServicesList(QByteArray &responseBody); - ErrorCode getConfigForService(const QString &installationUuid, const QString &userCountryCode, const QString &serviceType, - const QString &protocol, const QString &serverCountryCode, const QJsonObject &authData, QJsonObject &serverConfig); - -signals: - void errorOccurred(ErrorCode errorCode); - void finished(const QJsonObject &config, const int serverIndex); - -private: - struct ApiPayloadData - { - OpenVpnConfigurator::ConnectionData certRequest; - - QString wireGuardClientPrivKey; - QString wireGuardClientPubKey; - }; - - ApiPayloadData generateApiPayloadData(const QString &protocol); - QJsonObject fillApiPayload(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData); - void fillServerConfig(const QString &protocol, const ApiController::ApiPayloadData &apiPayloadData, const QByteArray &apiResponseBody, - QJsonObject &serverConfig); - QStringList getProxyUrls(); - - QString m_gatewayEndpoint; - QStringList m_proxyUrls; - bool m_isDevEnvironment = false; -}; - -#endif // APICONTROLLER_H diff --git a/client/core/controllers/coreController.cpp b/client/core/controllers/coreController.cpp new file mode 100644 index 00000000..0e72ef1a --- /dev/null +++ b/client/core/controllers/coreController.cpp @@ -0,0 +1,399 @@ +#include "coreController.h" + +#include +#include + +#if defined(Q_OS_ANDROID) + #include "core/installedAppsImageProvider.h" + #include "platforms/android/android_controller.h" +#endif + +#if defined(Q_OS_IOS) + #include "platforms/ios/ios_controller.h" + #include +#endif + +CoreController::CoreController(const QSharedPointer &vpnConnection, const std::shared_ptr &settings, + QQmlApplicationEngine *engine, QObject *parent) + : QObject(parent), m_vpnConnection(vpnConnection), m_settings(settings), m_engine(engine) +{ + initModels(); + initControllers(); + initSignalHandlers(); + + initAndroidController(); + initAppleController(); + + initNotificationHandler(); + + auto locale = m_settings->getAppLanguage(); + m_translator.reset(new QTranslator()); + updateTranslator(locale); +} + +void CoreController::initModels() +{ + m_containersModel.reset(new ContainersModel(this)); + m_engine->rootContext()->setContextProperty("ContainersModel", m_containersModel.get()); + + m_defaultServerContainersModel.reset(new ContainersModel(this)); + m_engine->rootContext()->setContextProperty("DefaultServerContainersModel", m_defaultServerContainersModel.get()); + + m_serversModel.reset(new ServersModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("ServersModel", m_serversModel.get()); + + m_languageModel.reset(new LanguageModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("LanguageModel", m_languageModel.get()); + + m_sitesModel.reset(new SitesModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("SitesModel", m_sitesModel.get()); + + m_allowedDnsModel.reset(new AllowedDnsModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("AllowedDnsModel", m_allowedDnsModel.get()); + + m_appSplitTunnelingModel.reset(new AppSplitTunnelingModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("AppSplitTunnelingModel", m_appSplitTunnelingModel.get()); + + m_protocolsModel.reset(new ProtocolsModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("ProtocolsModel", m_protocolsModel.get()); + + m_openVpnConfigModel.reset(new OpenVpnConfigModel(this)); + m_engine->rootContext()->setContextProperty("OpenVpnConfigModel", m_openVpnConfigModel.get()); + + m_shadowSocksConfigModel.reset(new ShadowSocksConfigModel(this)); + m_engine->rootContext()->setContextProperty("ShadowSocksConfigModel", m_shadowSocksConfigModel.get()); + + m_cloakConfigModel.reset(new CloakConfigModel(this)); + m_engine->rootContext()->setContextProperty("CloakConfigModel", m_cloakConfigModel.get()); + + m_wireGuardConfigModel.reset(new WireGuardConfigModel(this)); + m_engine->rootContext()->setContextProperty("WireGuardConfigModel", m_wireGuardConfigModel.get()); + + m_awgConfigModel.reset(new AwgConfigModel(this)); + m_engine->rootContext()->setContextProperty("AwgConfigModel", m_awgConfigModel.get()); + + m_xrayConfigModel.reset(new XrayConfigModel(this)); + m_engine->rootContext()->setContextProperty("XrayConfigModel", m_xrayConfigModel.get()); + +#ifdef Q_OS_WINDOWS + m_ikev2ConfigModel.reset(new Ikev2ConfigModel(this)); + m_engine->rootContext()->setContextProperty("Ikev2ConfigModel", m_ikev2ConfigModel.get()); +#endif + + m_sftpConfigModel.reset(new SftpConfigModel(this)); + m_engine->rootContext()->setContextProperty("SftpConfigModel", m_sftpConfigModel.get()); + + m_socks5ConfigModel.reset(new Socks5ProxyConfigModel(this)); + m_engine->rootContext()->setContextProperty("Socks5ProxyConfigModel", m_socks5ConfigModel.get()); + + m_clientManagementModel.reset(new ClientManagementModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get()); + + m_apiServicesModel.reset(new ApiServicesModel(this)); + m_engine->rootContext()->setContextProperty("ApiServicesModel", m_apiServicesModel.get()); + + m_apiCountryModel.reset(new ApiCountryModel(this)); + m_engine->rootContext()->setContextProperty("ApiCountryModel", m_apiCountryModel.get()); + + m_apiAccountInfoModel.reset(new ApiAccountInfoModel(this)); + m_engine->rootContext()->setContextProperty("ApiAccountInfoModel", m_apiAccountInfoModel.get()); + + m_apiDevicesModel.reset(new ApiDevicesModel(m_settings, this)); + m_engine->rootContext()->setContextProperty("ApiDevicesModel", m_apiDevicesModel.get()); +} + +void CoreController::initControllers() +{ + m_connectionController.reset( + new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings)); + m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get()); + + m_pageController.reset(new PageController(m_serversModel, m_settings)); + m_engine->rootContext()->setContextProperty("PageController", m_pageController.get()); + + m_focusController.reset(new FocusController(m_engine, this)); + m_engine->rootContext()->setContextProperty("FocusController", m_focusController.get()); + + m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, m_settings)); + m_engine->rootContext()->setContextProperty("InstallController", m_installController.get()); + + connect(m_installController.get(), &InstallController::currentContainerUpdated, m_connectionController.get(), + &ConnectionController::onCurrentContainerUpdated); // TODO remove this + + m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings)); + m_engine->rootContext()->setContextProperty("ImportController", m_importController.get()); + + m_exportController.reset(new ExportController(m_serversModel, m_containersModel, m_clientManagementModel, m_settings)); + m_engine->rootContext()->setContextProperty("ExportController", m_exportController.get()); + + m_settingsController.reset( + new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_sitesModel, m_appSplitTunnelingModel, m_settings)); + m_engine->rootContext()->setContextProperty("SettingsController", m_settingsController.get()); + + m_sitesController.reset(new SitesController(m_settings, m_vpnConnection, m_sitesModel)); + m_engine->rootContext()->setContextProperty("SitesController", m_sitesController.get()); + + m_allowedDnsController.reset(new AllowedDnsController(m_settings, m_allowedDnsModel)); + m_engine->rootContext()->setContextProperty("AllowedDnsController", m_allowedDnsController.get()); + + m_appSplitTunnelingController.reset(new AppSplitTunnelingController(m_settings, m_appSplitTunnelingModel)); + m_engine->rootContext()->setContextProperty("AppSplitTunnelingController", m_appSplitTunnelingController.get()); + + m_systemController.reset(new SystemController(m_settings)); + m_engine->rootContext()->setContextProperty("SystemController", m_systemController.get()); + + m_apiSettingsController.reset( + new ApiSettingsController(m_serversModel, m_apiAccountInfoModel, m_apiCountryModel, m_apiDevicesModel, m_settings)); + m_engine->rootContext()->setContextProperty("ApiSettingsController", m_apiSettingsController.get()); + + m_apiConfigsController.reset(new ApiConfigsController(m_serversModel, m_apiServicesModel, m_settings)); + m_engine->rootContext()->setContextProperty("ApiConfigsController", m_apiConfigsController.get()); + + m_apiPremV1MigrationController.reset(new ApiPremV1MigrationController(m_serversModel, m_settings, this)); + m_engine->rootContext()->setContextProperty("ApiPremV1MigrationController", m_apiPremV1MigrationController.get()); +} + +void CoreController::initAndroidController() +{ +#ifdef Q_OS_ANDROID + if (!AndroidController::initLogging()) { + qFatal("Android logging initialization failed"); + } + AndroidController::instance()->setSaveLogs(m_settings->isSaveLogs()); + connect(m_settings.get(), &Settings::saveLogsChanged, AndroidController::instance(), &AndroidController::setSaveLogs); + + AndroidController::instance()->setScreenshotsEnabled(m_settings->isScreenshotsEnabled()); + connect(m_settings.get(), &Settings::screenshotsEnabledChanged, AndroidController::instance(), &AndroidController::setScreenshotsEnabled); + + connect(m_settings.get(), &Settings::serverRemoved, AndroidController::instance(), &AndroidController::resetLastServer); + + connect(m_settings.get(), &Settings::settingsCleared, []() { AndroidController::instance()->resetLastServer(-1); }); + + connect(AndroidController::instance(), &AndroidController::initConnectionState, this, [this](Vpn::ConnectionState state) { + m_connectionController->onConnectionStateChanged(state); + if (m_vpnConnection) + m_vpnConnection->restoreConnection(); + }); + if (!AndroidController::instance()->initialize()) { + qFatal("Android controller initialization failed"); + } + + connect(AndroidController::instance(), &AndroidController::importConfigFromOutside, this, [this](QString data) { + emit m_pageController->goToPageHome(); + m_importController->extractConfigFromData(data); + data.clear(); + emit m_pageController->goToPageViewConfig(); + }); + + m_engine->addImageProvider(QLatin1String("installedAppImage"), new InstalledAppsImageProvider); +#endif +} + +void CoreController::initAppleController() +{ +#ifdef Q_OS_IOS + IosController::Instance()->initialize(); + connect(IosController::Instance(), &IosController::importConfigFromOutside, this, [this](QString data) { + emit m_pageController->goToPageHome(); + m_importController->extractConfigFromData(data); + emit m_pageController->goToPageViewConfig(); + }); + + connect(IosController::Instance(), &IosController::importBackupFromOutside, this, [this](QString filePath) { + emit m_pageController->goToPageHome(); + m_pageController->goToPageSettingsBackup(); + emit m_settingsController->importBackupFromOutside(filePath); + }); + + QTimer::singleShot(0, this, [this]() { AmneziaVPN::toggleScreenshots(m_settings->isScreenshotsEnabled()); }); + + connect(m_settings.get(), &Settings::screenshotsEnabledChanged, [](bool enabled) { AmneziaVPN::toggleScreenshots(enabled); }); +#endif +} + +void CoreController::initSignalHandlers() +{ + initErrorMessagesHandler(); + + initApiCountryModelUpdateHandler(); + initContainerModelUpdateHandler(); + initAdminConfigRevokedHandler(); + initPassphraseRequestHandler(); + initTranslationsUpdatedHandler(); + initAutoConnectHandler(); + initAmneziaDnsToggledHandler(); + initPrepareConfigHandler(); + initImportPremiumV2VpnKeyHandler(); + initShowMigrationDrawerHandler(); + initStrictKillSwitchHandler(); +} + +void CoreController::initNotificationHandler() +{ +#ifndef Q_OS_ANDROID + m_notificationHandler.reset(NotificationHandler::create(nullptr)); + + connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, m_notificationHandler.get(), + &NotificationHandler::setConnectionState); + + connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(), &PageController::raiseMainWindow); + connect(m_notificationHandler.get(), &NotificationHandler::connectRequested, m_connectionController.get(), + static_cast(&ConnectionController::openConnection)); + connect(m_notificationHandler.get(), &NotificationHandler::disconnectRequested, m_connectionController.get(), + &ConnectionController::closeConnection); + connect(this, &CoreController::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated); +#endif +} + +void CoreController::updateTranslator(const QLocale &locale) +{ + if (!m_translator->isEmpty()) { + QCoreApplication::removeTranslator(m_translator.get()); + } + + QStringList availableTranslations; + QDirIterator it(":/translations", QStringList("amneziavpn_*.qm"), QDir::Files); + while (it.hasNext()) { + availableTranslations << it.next(); + } + + // This code allow to load translation for the language only, without country code + const QString lang = locale.name().split("_").first(); + const QString translationFilePrefix = QString(":/translations/amneziavpn_") + lang; + QString strFileName = QString(":/translations/amneziavpn_%1.qm").arg(locale.name()); + for (const QString &translation : availableTranslations) { + if (translation.contains(translationFilePrefix)) { + strFileName = translation; + break; + } + } + + if (m_translator->load(strFileName)) { + if (QCoreApplication::installTranslator(m_translator.get())) { + m_settings->setAppLanguage(locale); + } + } else { + m_settings->setAppLanguage(QLocale::English); + } + + m_engine->retranslate(); + + emit translationsUpdated(); +} + +void CoreController::initErrorMessagesHandler() +{ + connect(m_connectionController.get(), &ConnectionController::connectionErrorOccurred, this, [this](ErrorCode errorCode) { + emit m_pageController->showErrorMessage(errorCode); + emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); + }); + + connect(m_apiConfigsController.get(), &ApiConfigsController::errorOccurred, m_pageController.get(), + qOverload(&PageController::showErrorMessage)); +} + +void CoreController::setQmlRoot() +{ + m_systemController->setQmlRoot(m_engine->rootObjects().value(0)); +} + +void CoreController::initApiCountryModelUpdateHandler() +{ + // TODO + connect(m_serversModel.get(), &ServersModel::updateApiCountryModel, this, [this]() { + m_apiCountryModel->updateModel(m_serversModel->getProcessedServerData("apiAvailableCountries").toJsonArray(), + m_serversModel->getProcessedServerData("apiServerCountryCode").toString()); + }); + connect(m_serversModel.get(), &ServersModel::updateApiServicesModel, this, + [this]() { m_apiServicesModel->updateModel(m_serversModel->getProcessedServerData("apiConfig").toJsonObject()); }); +} + +void CoreController::initContainerModelUpdateHandler() +{ + connect(m_serversModel.get(), &ServersModel::containersUpdated, m_containersModel.get(), &ContainersModel::updateModel); + connect(m_serversModel.get(), &ServersModel::defaultServerContainersUpdated, m_defaultServerContainersModel.get(), + &ContainersModel::updateModel); + m_serversModel->resetModel(); +} + +void CoreController::initAdminConfigRevokedHandler() +{ + connect(m_clientManagementModel.get(), &ClientManagementModel::adminConfigRevoked, m_serversModel.get(), + &ServersModel::clearCachedProfile); +} + +void CoreController::initPassphraseRequestHandler() +{ + connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(), + &PageController::showPassphraseRequestDrawer); + connect(m_pageController.get(), &PageController::passphraseRequestDrawerClosed, m_installController.get(), + &InstallController::setEncryptedPassphrase); +} + +void CoreController::initTranslationsUpdatedHandler() +{ + connect(m_languageModel.get(), &LanguageModel::updateTranslations, this, &CoreController::updateTranslator); + connect(this, &CoreController::translationsUpdated, m_languageModel.get(), &LanguageModel::translationsUpdated); + connect(this, &CoreController::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated); +} + +void CoreController::initAutoConnectHandler() +{ + if (m_settingsController->isAutoConnectEnabled() && m_serversModel->getDefaultServerIndex() >= 0) { + QTimer::singleShot(1000, this, [this]() { m_connectionController->openConnection(); }); + } +} + +void CoreController::initAmneziaDnsToggledHandler() +{ + connect(m_settingsController.get(), &SettingsController::amneziaDnsToggled, m_serversModel.get(), &ServersModel::toggleAmneziaDns); +} + +void CoreController::initPrepareConfigHandler() +{ + connect(m_connectionController.get(), &ConnectionController::prepareConfig, this, [this]() { + emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Preparing); + + if (!m_apiConfigsController->isConfigValid()) { + emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); + return; + } + + if (!m_installController->isConfigValid()) { + emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); + return; + } + + m_connectionController->openConnection(); + }); +} + +void CoreController::initImportPremiumV2VpnKeyHandler() +{ + connect(m_apiPremV1MigrationController.get(), &ApiPremV1MigrationController::importPremiumV2VpnKey, this, [this](const QString &vpnKey) { + m_importController->extractConfigFromData(vpnKey); + m_importController->importConfig(); + + emit m_apiPremV1MigrationController->migrationFinished(); + }); +} + +void CoreController::initShowMigrationDrawerHandler() +{ + QTimer::singleShot(1000, this, [this]() { + if (m_apiPremV1MigrationController->isPremV1MigrationReminderActive() && m_apiPremV1MigrationController->hasConfigsToMigration()) { + m_apiPremV1MigrationController->showMigrationDrawer(); + } + }); +} + +void CoreController::initStrictKillSwitchHandler() +{ + connect(m_settingsController.get(), &SettingsController::strictKillSwitchEnabledChanged, m_vpnConnection.get(), + &VpnConnection::onKillSwitchModeChanged); +} + +QSharedPointer CoreController::pageController() const +{ + return m_pageController; +} diff --git a/client/core/controllers/coreController.h b/client/core/controllers/coreController.h new file mode 100644 index 00000000..9ae53562 --- /dev/null +++ b/client/core/controllers/coreController.h @@ -0,0 +1,145 @@ +#ifndef CORECONTROLLER_H +#define CORECONTROLLER_H + +#include +#include +#include + +#include "ui/controllers/api/apiConfigsController.h" +#include "ui/controllers/api/apiSettingsController.h" +#include "ui/controllers/api/apiPremV1MigrationController.h" +#include "ui/controllers/appSplitTunnelingController.h" +#include "ui/controllers/allowedDnsController.h" +#include "ui/controllers/connectionController.h" +#include "ui/controllers/exportController.h" +#include "ui/controllers/focusController.h" +#include "ui/controllers/importController.h" +#include "ui/controllers/installController.h" +#include "ui/controllers/pageController.h" +#include "ui/controllers/settingsController.h" +#include "ui/controllers/sitesController.h" +#include "ui/controllers/systemController.h" + +#include "ui/models/allowed_dns_model.h" +#include "ui/models/containers_model.h" +#include "ui/models/languageModel.h" +#include "ui/models/protocols/cloakConfigModel.h" +#ifdef Q_OS_WINDOWS + #include "ui/models/protocols/ikev2ConfigModel.h" +#endif +#include "ui/models/api/apiAccountInfoModel.h" +#include "ui/models/api/apiCountryModel.h" +#include "ui/models/api/apiDevicesModel.h" +#include "ui/models/api/apiServicesModel.h" +#include "ui/models/appSplitTunnelingModel.h" +#include "ui/models/clientManagementModel.h" +#include "ui/models/protocols/awgConfigModel.h" +#include "ui/models/protocols/openvpnConfigModel.h" +#include "ui/models/protocols/shadowsocksConfigModel.h" +#include "ui/models/protocols/wireguardConfigModel.h" +#include "ui/models/protocols/xrayConfigModel.h" +#include "ui/models/protocols_model.h" +#include "ui/models/servers_model.h" +#include "ui/models/services/sftpConfigModel.h" +#include "ui/models/services/socks5ProxyConfigModel.h" +#include "ui/models/sites_model.h" + +#ifndef Q_OS_ANDROID + #include "ui/notificationhandler.h" +#endif + +class CoreController : public QObject +{ + Q_OBJECT + +public: + explicit CoreController(const QSharedPointer &vpnConnection, const std::shared_ptr &settings, + QQmlApplicationEngine *engine, QObject *parent = nullptr); + + QSharedPointer pageController() const; + void setQmlRoot(); + +signals: + void translationsUpdated(); + +private: + void initModels(); + void initControllers(); + void initAndroidController(); + void initAppleController(); + void initSignalHandlers(); + + void initNotificationHandler(); + + void updateTranslator(const QLocale &locale); + + void initErrorMessagesHandler(); + + void initApiCountryModelUpdateHandler(); + void initContainerModelUpdateHandler(); + void initAdminConfigRevokedHandler(); + void initPassphraseRequestHandler(); + void initTranslationsUpdatedHandler(); + void initAutoConnectHandler(); + void initAmneziaDnsToggledHandler(); + void initPrepareConfigHandler(); + void initImportPremiumV2VpnKeyHandler(); + void initShowMigrationDrawerHandler(); + void initStrictKillSwitchHandler(); + + QQmlApplicationEngine *m_engine {}; // TODO use parent child system here? + std::shared_ptr m_settings; + QSharedPointer m_vpnConnection; + QSharedPointer m_translator; + +#ifndef Q_OS_ANDROID + QScopedPointer m_notificationHandler; +#endif + + QMetaObject::Connection m_reloadConfigErrorOccurredConnection; + + QScopedPointer m_connectionController; + QScopedPointer m_focusController; + QSharedPointer m_pageController; // TODO + QScopedPointer m_installController; + QScopedPointer m_importController; + QScopedPointer m_exportController; + QScopedPointer m_settingsController; + QScopedPointer m_sitesController; + QScopedPointer m_systemController; + QScopedPointer m_appSplitTunnelingController; + QScopedPointer m_allowedDnsController; + + QScopedPointer m_apiSettingsController; + QScopedPointer m_apiConfigsController; + QScopedPointer m_apiPremV1MigrationController; + + QSharedPointer m_containersModel; + QSharedPointer m_defaultServerContainersModel; + QSharedPointer m_serversModel; + QSharedPointer m_languageModel; + QSharedPointer m_protocolsModel; + QSharedPointer m_sitesModel; + QSharedPointer m_allowedDnsModel; + QSharedPointer m_appSplitTunnelingModel; + QSharedPointer m_clientManagementModel; + + QSharedPointer m_apiServicesModel; + QSharedPointer m_apiCountryModel; + QSharedPointer m_apiAccountInfoModel; + QSharedPointer m_apiDevicesModel; + + QScopedPointer m_openVpnConfigModel; + QScopedPointer m_shadowSocksConfigModel; + QScopedPointer m_cloakConfigModel; + QScopedPointer m_xrayConfigModel; + QScopedPointer m_wireGuardConfigModel; + QScopedPointer m_awgConfigModel; +#ifdef Q_OS_WINDOWS + QScopedPointer m_ikev2ConfigModel; +#endif + QScopedPointer m_sftpConfigModel; + QScopedPointer m_socks5ConfigModel; +}; + +#endif // CORECONTROLLER_H diff --git a/client/core/controllers/gatewayController.cpp b/client/core/controllers/gatewayController.cpp new file mode 100644 index 00000000..26855ae6 --- /dev/null +++ b/client/core/controllers/gatewayController.cpp @@ -0,0 +1,364 @@ +#include "gatewayController.h" + +#include +#include + +#include +#include +#include +#include +#include + +#include "QBlockCipher.h" +#include "QRsa.h" + +#include "amnezia_application.h" +#include "core/api/apiUtils.h" +#include "core/networkUtilities.h" +#include "utilities.h" + +#ifdef AMNEZIA_DESKTOP + #include "core/ipcclient.h" +#endif + +namespace +{ + namespace configKey + { + constexpr char aesKey[] = "aes_key"; + constexpr char aesIv[] = "aes_iv"; + constexpr char aesSalt[] = "aes_salt"; + + constexpr char apiPayload[] = "api_payload"; + constexpr char keyPayload[] = "key_payload"; + } + + constexpr QLatin1String errorResponsePattern1("No active configuration found for"); + constexpr QLatin1String errorResponsePattern2("No non-revoked public key found for"); + constexpr QLatin1String errorResponsePattern3("Account not found."); + + constexpr QLatin1String updateRequestResponsePattern("client version update is required"); +} + +GatewayController::GatewayController(const QString &gatewayEndpoint, const bool isDevEnvironment, const int requestTimeoutMsecs, + const bool isStrictKillSwitchEnabled, QObject *parent) + : QObject(parent), + m_gatewayEndpoint(gatewayEndpoint), + m_isDevEnvironment(isDevEnvironment), + m_requestTimeoutMsecs(requestTimeoutMsecs), + m_isStrictKillSwitchEnabled(isStrictKillSwitchEnabled) +{ +} + +ErrorCode GatewayController::get(const QString &endpoint, QByteArray &responseBody) +{ +#ifdef Q_OS_IOS + IosController::Instance()->requestInetAccess(); + QThread::msleep(10); +#endif + + QNetworkRequest request; + request.setTransferTimeout(m_requestTimeoutMsecs); + request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); + + request.setUrl(QString(endpoint).arg(m_gatewayEndpoint)); + + // bypass killSwitch exceptions for API-gateway +#ifdef AMNEZIA_DESKTOP + if (m_isStrictKillSwitchEnabled) { + QString host = QUrl(request.url()).host(); + QString ip = NetworkUtilities::getIPAddress(host); + if (!ip.isEmpty()) { + IpcClient::Interface()->addKillSwitchAllowedRange(QStringList { ip }); + } + } +#endif + + QNetworkReply *reply; + reply = amnApp->networkManager()->get(request); + + QEventLoop wait; + QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); + + QList sslErrors; + connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); + wait.exec(); + + responseBody = reply->readAll(); + + if (sslErrors.isEmpty() && shouldBypassProxy(reply, responseBody, false)) { + auto requestFunction = [&request, &responseBody](const QString &url) { + request.setUrl(url); + return amnApp->networkManager()->get(request); + }; + + auto replyProcessingFunction = [&responseBody, &reply, &sslErrors, this](QNetworkReply *nestedReply, + const QList &nestedSslErrors) { + responseBody = nestedReply->readAll(); + if (!sslErrors.isEmpty() || !shouldBypassProxy(nestedReply, responseBody, false)) { + sslErrors = nestedSslErrors; + reply = nestedReply; + return true; + } + return false; + }; + + bypassProxy(endpoint, reply, requestFunction, replyProcessingFunction); + } + + auto errorCode = apiUtils::checkNetworkReplyErrors(sslErrors, reply); + reply->deleteLater(); + + return errorCode; +} + +ErrorCode GatewayController::post(const QString &endpoint, const QJsonObject apiPayload, QByteArray &responseBody) +{ +#ifdef Q_OS_IOS + IosController::Instance()->requestInetAccess(); + QThread::msleep(10); +#endif + + QNetworkRequest request; + request.setTransferTimeout(m_requestTimeoutMsecs); + request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); + + request.setUrl(endpoint.arg(m_gatewayEndpoint)); + + // bypass killSwitch exceptions for API-gateway +#ifdef AMNEZIA_DESKTOP + if (m_isStrictKillSwitchEnabled) { + QString host = QUrl(request.url()).host(); + QString ip = NetworkUtilities::getIPAddress(host); + if (!ip.isEmpty()) { + IpcClient::Interface()->addKillSwitchAllowedRange(QStringList { ip }); + } + } +#endif + + QSimpleCrypto::QBlockCipher blockCipher; + QByteArray key = blockCipher.generatePrivateSalt(32); + QByteArray iv = blockCipher.generatePrivateSalt(32); + QByteArray salt = blockCipher.generatePrivateSalt(8); + + QJsonObject keyPayload; + keyPayload[configKey::aesKey] = QString(key.toBase64()); + keyPayload[configKey::aesIv] = QString(iv.toBase64()); + keyPayload[configKey::aesSalt] = QString(salt.toBase64()); + + QByteArray encryptedKeyPayload; + QByteArray encryptedApiPayload; + try { + QSimpleCrypto::QRsa rsa; + + EVP_PKEY *publicKey = nullptr; + try { + QByteArray rsaKey = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY; + QSimpleCrypto::QRsa rsa; + publicKey = rsa.getPublicKeyFromByteArray(rsaKey); + } catch (...) { + Utils::logException(); + qCritical() << "error loading public key from environment variables"; + return ErrorCode::ApiMissingAgwPublicKey; + } + + encryptedKeyPayload = rsa.encrypt(QJsonDocument(keyPayload).toJson(), publicKey, RSA_PKCS1_PADDING); + EVP_PKEY_free(publicKey); + + encryptedApiPayload = blockCipher.encryptAesBlockCipher(QJsonDocument(apiPayload).toJson(), key, iv, "", salt); + } catch (...) { // todo change error handling in QSimpleCrypto? + Utils::logException(); + qCritical() << "error when encrypting the request body"; + return ErrorCode::ApiConfigDecryptionError; + } + + QJsonObject requestBody; + requestBody[configKey::keyPayload] = QString(encryptedKeyPayload.toBase64()); + requestBody[configKey::apiPayload] = QString(encryptedApiPayload.toBase64()); + + QNetworkReply *reply = amnApp->networkManager()->post(request, QJsonDocument(requestBody).toJson()); + + QEventLoop wait; + connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); + + QList sslErrors; + connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); + wait.exec(); + + QByteArray encryptedResponseBody = reply->readAll(); + + if (sslErrors.isEmpty() && shouldBypassProxy(reply, encryptedResponseBody, true, key, iv, salt)) { + auto requestFunction = [&request, &encryptedResponseBody, &requestBody](const QString &url) { + request.setUrl(url); + return amnApp->networkManager()->post(request, QJsonDocument(requestBody).toJson()); + }; + + auto replyProcessingFunction = [&encryptedResponseBody, &reply, &sslErrors, &key, &iv, &salt, + this](QNetworkReply *nestedReply, const QList &nestedSslErrors) { + encryptedResponseBody = nestedReply->readAll(); + reply = nestedReply; + if (!sslErrors.isEmpty() || shouldBypassProxy(nestedReply, encryptedResponseBody, true, key, iv, salt)) { + sslErrors = nestedSslErrors; + return false; + } + return true; + }; + + bypassProxy(endpoint, reply, requestFunction, replyProcessingFunction); + } + + auto errorCode = apiUtils::checkNetworkReplyErrors(sslErrors, reply); + reply->deleteLater(); + if (errorCode) { + return errorCode; + } + + try { + responseBody = blockCipher.decryptAesBlockCipher(encryptedResponseBody, key, iv, "", salt); + return ErrorCode::NoError; + } catch (...) { // todo change error handling in QSimpleCrypto? + Utils::logException(); + qCritical() << "error when decrypting the request body"; + return ErrorCode::ApiConfigDecryptionError; + } +} + +QStringList GatewayController::getProxyUrls() +{ + QNetworkRequest request; + request.setTransferTimeout(m_requestTimeoutMsecs); + request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); + + QEventLoop wait; + QList sslErrors; + QNetworkReply *reply; + + QStringList proxyStorageUrls; + if (m_isDevEnvironment) { + proxyStorageUrls = QString(DEV_S3_ENDPOINT).split(", "); + } else { + proxyStorageUrls = QString(PROD_S3_ENDPOINT).split(", "); + } + + QByteArray key = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY; + + for (const auto &proxyStorageUrl : proxyStorageUrls) { + request.setUrl(proxyStorageUrl); + reply = amnApp->networkManager()->get(request); + + connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); + connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); + wait.exec(); + + if (reply->error() == QNetworkReply::NetworkError::NoError) { + auto encryptedResponseBody = reply->readAll(); + reply->deleteLater(); + + EVP_PKEY *privateKey = nullptr; + QByteArray responseBody; + try { + if (!m_isDevEnvironment) { + QCryptographicHash hash(QCryptographicHash::Sha512); + hash.addData(key); + QByteArray hashResult = hash.result().toHex(); + + QByteArray key = QByteArray::fromHex(hashResult.left(64)); + QByteArray iv = QByteArray::fromHex(hashResult.mid(64, 32)); + + QByteArray ba = QByteArray::fromBase64(encryptedResponseBody); + + QSimpleCrypto::QBlockCipher blockCipher; + responseBody = blockCipher.decryptAesBlockCipher(ba, key, iv); + } else { + responseBody = encryptedResponseBody; + } + } catch (...) { + Utils::logException(); + qCritical() << "error loading private key from environment variables or decrypting payload" << encryptedResponseBody; + continue; + } + + auto endpointsArray = QJsonDocument::fromJson(responseBody).array(); + + QStringList endpoints; + for (const auto &endpoint : endpointsArray) { + endpoints.push_back(endpoint.toString()); + } + return endpoints; + } else { + apiUtils::checkNetworkReplyErrors(sslErrors, reply); + qDebug() << "go to the next storage endpoint"; + + reply->deleteLater(); + } + } + return {}; +} + +bool GatewayController::shouldBypassProxy(QNetworkReply *reply, const QByteArray &responseBody, bool checkEncryption, const QByteArray &key, + const QByteArray &iv, const QByteArray &salt) +{ + if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError || reply->error() == QNetworkReply::NetworkError::TimeoutError) { + qDebug() << "timeout occurred"; + qDebug() << reply->error(); + return true; + } else if (responseBody.contains("html")) { + qDebug() << "the response contains an html tag"; + return true; + } else if (reply->error() == QNetworkReply::NetworkError::ContentNotFoundError) { + if (responseBody.contains(errorResponsePattern1) || responseBody.contains(errorResponsePattern2) + || responseBody.contains(errorResponsePattern3)) { + return false; + } else { + qDebug() << reply->error(); + return true; + } + } else if (reply->error() == QNetworkReply::NetworkError::OperationNotImplementedError) { + if (responseBody.contains(updateRequestResponsePattern)) { + return false; + } else { + qDebug() << reply->error(); + return true; + } + } else if (reply->error() != QNetworkReply::NetworkError::NoError) { + qDebug() << reply->error(); + return true; + } else if (checkEncryption) { + try { + QSimpleCrypto::QBlockCipher blockCipher; + static_cast(blockCipher.decryptAesBlockCipher(responseBody, key, iv, "", salt)); + } catch (...) { + qDebug() << "failed to decrypt the data"; + return true; + } + } + return false; +} + +void GatewayController::bypassProxy(const QString &endpoint, QNetworkReply *reply, + std::function requestFunction, + std::function &sslErrors)> replyProcessingFunction) +{ + QStringList proxyUrls = getProxyUrls(); + std::random_device randomDevice; + std::mt19937 generator(randomDevice()); + std::shuffle(proxyUrls.begin(), proxyUrls.end(), generator); + + QEventLoop wait; + QList sslErrors; + QByteArray responseBody; + + for (const QString &proxyUrl : proxyUrls) { + qDebug() << "go to the next proxy endpoint"; + reply->deleteLater(); // delete the previous reply + reply = requestFunction(endpoint.arg(proxyUrl)); + + QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit); + connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList &errors) { sslErrors = errors; }); + wait.exec(); + + if (replyProcessingFunction(reply, sslErrors)) { + break; + } + } +} diff --git a/client/core/controllers/gatewayController.h b/client/core/controllers/gatewayController.h new file mode 100644 index 00000000..9f91df53 --- /dev/null +++ b/client/core/controllers/gatewayController.h @@ -0,0 +1,37 @@ +#ifndef GATEWAYCONTROLLER_H +#define GATEWAYCONTROLLER_H + +#include +#include + +#include "core/defs.h" + +#ifdef Q_OS_IOS + #include "platforms/ios/ios_controller.h" +#endif + +class GatewayController : public QObject +{ + Q_OBJECT + +public: + explicit GatewayController(const QString &gatewayEndpoint, const bool isDevEnvironment, const int requestTimeoutMsecs, + const bool isStrictKillSwitchEnabled, QObject *parent = nullptr); + + amnezia::ErrorCode get(const QString &endpoint, QByteArray &responseBody); + amnezia::ErrorCode post(const QString &endpoint, const QJsonObject apiPayload, QByteArray &responseBody); + +private: + QStringList getProxyUrls(); + bool shouldBypassProxy(QNetworkReply *reply, const QByteArray &responseBody, bool checkEncryption, const QByteArray &key = "", + const QByteArray &iv = "", const QByteArray &salt = ""); + void bypassProxy(const QString &endpoint, QNetworkReply *reply, std::function requestFunction, + std::function &sslErrors)> replyProcessingFunction); + + int m_requestTimeoutMsecs; + QString m_gatewayEndpoint; + bool m_isDevEnvironment = false; + bool m_isStrictKillSwitchEnabled = false; +}; + +#endif // GATEWAYCONTROLLER_H diff --git a/client/core/controllers/serverController.cpp b/client/core/controllers/serverController.cpp index b6795a01..3c24edea 100644 --- a/client/core/controllers/serverController.cpp +++ b/client/core/controllers/serverController.cpp @@ -138,7 +138,7 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, if (overwriteMode == libssh::ScpOverwriteMode::ScpOverwriteExisting) { e = runScript(credentials, - replaceVars(QString("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName).arg(path), + replaceVars(QStringLiteral("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName, path), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); @@ -146,7 +146,7 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, return e; } else if (overwriteMode == libssh::ScpOverwriteMode::ScpAppendToExisting) { e = runScript(credentials, - replaceVars(QString("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName).arg(tmpFileName), + replaceVars(QStringLiteral("sudo docker cp %1 $CONTAINER_NAME:/%2").arg(tmpFileName, tmpFileName), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); @@ -154,7 +154,7 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container, return e; e = runScript(credentials, - replaceVars(QString("sudo docker exec -i $CONTAINER_NAME sh -c \"cat %1 >> %2\"").arg(tmpFileName).arg(path), + replaceVars(QStringLiteral("sudo docker exec -i $CONTAINER_NAME sh -c \"cat %1 >> %2\"").arg(tmpFileName, path), genVarsForScript(credentials, container)), cbReadStd, cbReadStd); @@ -177,7 +177,7 @@ QByteArray ServerController::getTextFileFromContainer(DockerContainer container, errorCode = ErrorCode::NoError; - QString script = QString("sudo docker exec -i %1 sh -c \"xxd -p \'%2\'\"").arg(ContainerProps::containerToString(container)).arg(path); + QString script = QStringLiteral("sudo docker exec -i %1 sh -c \"xxd -p '%2'\"").arg(ContainerProps::containerToString(container), path); QString stdOut; auto cbReadStdOut = [&](const QString &data, libssh::Client &) { @@ -346,8 +346,10 @@ bool ServerController::isReinstallContainerRequired(DockerContainer container, c } if (container == DockerContainer::Awg) { - if ((oldProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort) - != newProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort)) + if ((oldProtoConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) + != newProtoConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress)) + || (oldProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort) + != newProtoConfig.value(config_key::port).toString(protocols::awg::defaultPort)) || (oldProtoConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount) != newProtoConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount)) || (oldProtoConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize) @@ -364,14 +366,21 @@ bool ServerController::isReinstallContainerRequired(DockerContainer container, c != newProtoConfig.value(config_key::responsePacketMagicHeader).toString(protocols::awg::defaultResponsePacketMagicHeader)) || (oldProtoConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader) != newProtoConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader)) - || (oldProtoConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader) - != newProtoConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader))) + || (oldProtoConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader)) + != newProtoConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader)) + // || (oldProtoConfig.value(config_key::cookieReplyPacketJunkSize).toString(protocols::awg::defaultCookieReplyPacketJunkSize) + // != newProtoConfig.value(config_key::cookieReplyPacketJunkSize).toString(protocols::awg::defaultCookieReplyPacketJunkSize)) + // || (oldProtoConfig.value(config_key::transportPacketJunkSize).toString(protocols::awg::defaultTransportPacketJunkSize) + // != newProtoConfig.value(config_key::transportPacketJunkSize).toString(protocols::awg::defaultTransportPacketJunkSize)) + return true; } if (container == DockerContainer::WireGuard) { - if (oldProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) - != newProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort)) + if ((oldProtoConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) + != newProtoConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress)) + || (oldProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) + != newProtoConfig.value(config_key::port).toString(protocols::wireguard::defaultPort))) return true; } @@ -379,6 +388,13 @@ bool ServerController::isReinstallContainerRequired(DockerContainer container, c return true; } + if (container == DockerContainer::Xray) { + if (oldProtoConfig.value(config_key::port).toString(protocols::xray::defaultPort) + != newProtoConfig.value(config_key::port).toString(protocols::xray::defaultPort)) { + return true; + } + } + return false; } @@ -435,15 +451,24 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden stdOut += data + "\n"; return ErrorCode::NoError; }; + auto cbReadStdErr = [&](const QString &data, libssh::Client &) { + stdOut += data + "\n"; + return ErrorCode::NoError; + }; - errorCode = + ErrorCode error = runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)), - cbReadStdOut); - if (errorCode) - return errorCode; + cbReadStdOut, cbReadStdErr); - return errorCode; + if (stdOut.contains("doesn't work on cgroups v2")) + return ErrorCode::ServerDockerOnCgroupsV2; + if (stdOut.contains("cgroup mountpoint does not exist")) + return ErrorCode::ServerCgroupMountpoint; + if (stdOut.contains("have reached") && stdOut.contains("pull rate limit")) + return ErrorCode::DockerPullRateLimit; + + return error; } ErrorCode ServerController::runContainerWorker(const ServerCredentials &credentials, DockerContainer container, QJsonObject &config) @@ -607,6 +632,8 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential vars.append({ { "$SFTP_PASSWORD", sftpConfig.value(config_key::password).toString() } }); // Amnezia wireguard vars + vars.append({ { "$AWG_SUBNET_IP", + amneziaWireguarConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) } }); vars.append({ { "$AWG_SERVER_PORT", amneziaWireguarConfig.value(config_key::port).toString(protocols::awg::defaultPort) } }); vars.append({ { "$JUNK_PACKET_COUNT", amneziaWireguarConfig.value(config_key::junkPacketCount).toString() } }); @@ -619,6 +646,9 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential vars.append({ { "$UNDERLOAD_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::underloadPacketMagicHeader).toString() } }); vars.append({ { "$TRANSPORT_PACKET_MAGIC_HEADER", amneziaWireguarConfig.value(config_key::transportPacketMagicHeader).toString() } }); + vars.append({ { "$COOKIE_REPLY_PACKET_JUNK_SIZE", amneziaWireguarConfig.value(config_key::cookieReplyPacketJunkSize).toString() } }); + vars.append({ { "$TRANSPORT_PACKET_JUNK_SIZE", amneziaWireguarConfig.value(config_key::transportPacketJunkSize).toString() } }); + // Socks5 proxy vars vars.append({ { "$SOCKS5_PROXY_PORT", socks5ProxyConfig.value(config_key::port).toString(protocols::socks5Proxy::defaultPort) } }); auto username = socks5ProxyConfig.value(config_key::userName).toString(); @@ -703,7 +733,7 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential QString transportProto = containerConfig.value(config_key::transport_proto).toString(defaultTransportProto); // TODO reimplement with netstat - QString script = QString("which lsof &>/dev/null || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port); + QString script = QString("which lsof > /dev/null 2>&1 || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port); for (auto &port : fixedPorts) { script = script.append("|:%1").arg(port); } @@ -751,10 +781,6 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, DockerContainer container) { - if (credentials.userName == "root") { - return ErrorCode::NoError; - } - QString stdOut; auto cbReadStdOut = [&](const QString &data, libssh::Client &) { stdOut += data + "\n"; @@ -768,8 +794,16 @@ ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, D const QString scriptData = amnezia::scriptData(SharedScriptType::check_user_in_sudo); ErrorCode error = runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr); - if (!stdOut.contains("sudo")) + if (credentials.userName != "root" && stdOut.contains("sudo:") && !stdOut.contains("uname:") && stdOut.contains("not found")) + return ErrorCode::ServerSudoPackageIsNotPreinstalled; + if (credentials.userName != "root" && !stdOut.contains("sudo") && !stdOut.contains("wheel")) return ErrorCode::ServerUserNotInSudo; + if (stdOut.contains("can't cd to") || stdOut.contains("Permission denied") || stdOut.contains("No such file or directory")) + return ErrorCode::ServerUserDirectoryNotAccessible; + if (stdOut.contains("sudoers") || stdOut.contains("is not allowed to run sudo on")) + return ErrorCode::ServerUserNotAllowedInSudoers; + if (stdOut.contains("password is required")) + return ErrorCode::ServerUserPasswordRequired; return error; } @@ -801,7 +835,7 @@ ErrorCode ServerController::isServerDpkgBusy(const ServerCredentials &credential if (stdOut.contains("Packet manager not found")) return ErrorCode::ServerPacketManagerError; - if (stdOut.contains("fuser not installed")) + if (stdOut.contains("fuser not installed") || stdOut.contains("cat not installed")) return ErrorCode::NoError; if (stdOut.isEmpty()) { diff --git a/client/core/controllers/vpnConfigurationController.cpp b/client/core/controllers/vpnConfigurationController.cpp index 52f42c42..61287972 100644 --- a/client/core/controllers/vpnConfigurationController.cpp +++ b/client/core/controllers/vpnConfigurationController.cpp @@ -77,8 +77,7 @@ ErrorCode VpnConfigurationsController::createProtocolConfigString(const bool isA } QJsonObject VpnConfigurationsController::createVpnConfiguration(const QPair &dns, const QJsonObject &serverConfig, - const QJsonObject &containerConfig, const DockerContainer container, - ErrorCode &errorCode) + const QJsonObject &containerConfig, const DockerContainer container) { QJsonObject vpnConfiguration {}; @@ -103,7 +102,8 @@ QJsonObject VpnConfigurationsController::createVpnConfiguration(const QPair &settings, QSharedPointer serverController, QObject *parent = nullptr); + explicit VpnConfigurationsController(const std::shared_ptr &settings, QSharedPointer serverController, + QObject *parent = nullptr); public slots: ErrorCode createProtocolConfigForContainer(const ServerCredentials &credentials, const DockerContainer container, @@ -21,7 +22,7 @@ public slots: const DockerContainer container, const QJsonObject &containerConfig, const Proto protocol, QString &protocolConfigString); QJsonObject createVpnConfiguration(const QPair &dns, const QJsonObject &serverConfig, - const QJsonObject &containerConfig, const DockerContainer container, ErrorCode &errorCode); + const QJsonObject &containerConfig, const DockerContainer container); static void updateContainerConfigAfterInstallation(const DockerContainer container, QJsonObject &containerConfig, const QString &stdOut); signals: diff --git a/client/core/defs.h b/client/core/defs.h index c0db2e12..64f52ce6 100644 --- a/client/core/defs.h +++ b/client/core/defs.h @@ -6,9 +6,6 @@ namespace amnezia { - - constexpr const qint16 qrMagicCode = 1984; - struct ServerCredentials { QString hostName; @@ -47,6 +44,7 @@ namespace amnezia InternalError = 101, NotImplementedError = 102, AmneziaServiceNotRunning = 103, + NotSupportedOnThisPlatform = 104, // Server errors ServerCheckFailed = 200, @@ -56,6 +54,13 @@ namespace amnezia ServerCancelInstallation = 204, ServerUserNotInSudo = 205, ServerPacketManagerError = 206, + ServerSudoPackageIsNotPreinstalled = 207, + ServerUserDirectoryNotAccessible = 208, + ServerUserNotAllowedInSudoers = 209, + ServerUserPasswordRequired = 210, + ServerDockerOnCgroupsV2 = 211, + ServerCgroupMountpoint = 212, + DockerPullRateLimit = 213, // Ssh connection errors SshRequestDeniedError = 300, @@ -97,6 +102,7 @@ namespace amnezia // import and install errors ImportInvalidConfigError = 900, ImportOpenConfigError = 901, + NoInstalledContainersError = 902, // Android errors AndroidError = 1000, @@ -110,6 +116,10 @@ namespace amnezia ApiMissingAgwPublicKey = 1105, ApiConfigDecryptionError = 1106, ApiServicesMissingError = 1107, + ApiConfigLimitError = 1108, + ApiNotFoundError = 1109, + ApiMigrationError = 1110, + ApiUpdateRequestError = 1111, // QFile errors OpenError = 1200, diff --git a/client/core/enums/apiEnums.h b/client/core/enums/apiEnums.h deleted file mode 100644 index 1f050007..00000000 --- a/client/core/enums/apiEnums.h +++ /dev/null @@ -1,9 +0,0 @@ -#ifndef APIENUMS_H -#define APIENUMS_H - -enum ApiConfigSources { - Telegram = 1, - AmneziaGateway -}; - -#endif // APIENUMS_H diff --git a/client/core/errorstrings.cpp b/client/core/errorstrings.cpp index 70f433c6..bd5ccaba 100644 --- a/client/core/errorstrings.cpp +++ b/client/core/errorstrings.cpp @@ -12,6 +12,7 @@ QString errorString(ErrorCode code) { case(ErrorCode::UnknownError): errorMessage = QObject::tr("Unknown error"); break; case(ErrorCode::NotImplementedError): errorMessage = QObject::tr("Function not implemented"); break; case(ErrorCode::AmneziaServiceNotRunning): errorMessage = QObject::tr("Background service is not running"); break; + case(ErrorCode::NotSupportedOnThisPlatform): errorMessage = QObject::tr("The selected protocol is not supported on the current platform"); break; // Server errors case(ErrorCode::ServerCheckFailed): errorMessage = QObject::tr("Server check failed"); break; @@ -19,8 +20,15 @@ QString errorString(ErrorCode code) { case(ErrorCode::ServerContainerMissingError): errorMessage = QObject::tr("Server error: Docker container missing"); break; case(ErrorCode::ServerDockerFailedError): errorMessage = QObject::tr("Server error: Docker failed"); break; case(ErrorCode::ServerCancelInstallation): errorMessage = QObject::tr("Installation canceled by user"); break; - case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user does not have permission to use sudo"); break; - case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Packet manager error"); break; + case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user is not a member of the sudo group"); break; + case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Package manager error"); break; + case(ErrorCode::ServerSudoPackageIsNotPreinstalled): errorMessage = QObject::tr("The sudo package is not pre-installed on the server"); break; + case(ErrorCode::ServerUserDirectoryNotAccessible): errorMessage = QObject::tr("The server user's home directory is not accessible"); break; + case(ErrorCode::ServerUserNotAllowedInSudoers): errorMessage = QObject::tr("Action not allowed in sudoers"); break; + case(ErrorCode::ServerUserPasswordRequired): errorMessage = QObject::tr("The user's password is required"); break; + case(ErrorCode::ServerDockerOnCgroupsV2): errorMessage = QObject::tr("Docker error: runc doesn't work on cgroups v2"); break; + case(ErrorCode::ServerCgroupMountpoint): errorMessage = QObject::tr("Server error: cgroup mountpoint does not exist"); break; + case(ErrorCode::DockerPullRateLimit): errorMessage = QObject::tr("Docker error: The pull rate limit has been reached"); break; // Libssh errors case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break; @@ -51,6 +59,7 @@ QString errorString(ErrorCode code) { case (ErrorCode::ImportInvalidConfigError): errorMessage = QObject::tr("The config does not contain any containers and credentials for connecting to the server"); break; case (ErrorCode::ImportOpenConfigError): errorMessage = QObject::tr("Unable to open config file"); break; + case(ErrorCode::NoInstalledContainersError): errorMessage = QObject::tr("VPN Protocols is not installed.\n Please install VPN container at first"); break; // Android errors case (ErrorCode::AndroidError): errorMessage = QObject::tr("VPN connection error"); break; @@ -64,6 +73,10 @@ QString errorString(ErrorCode code) { case (ErrorCode::ApiMissingAgwPublicKey): errorMessage = QObject::tr("Missing AGW public key"); break; case (ErrorCode::ApiConfigDecryptionError): errorMessage = QObject::tr("Failed to decrypt response payload"); break; case (ErrorCode::ApiServicesMissingError): errorMessage = QObject::tr("Missing list of available services"); break; + case (ErrorCode::ApiConfigLimitError): errorMessage = QObject::tr("The limit of allowed configurations per subscription has been exceeded"); break; + case (ErrorCode::ApiNotFoundError): errorMessage = QObject::tr("Error when retrieving configuration from API"); break; + case (ErrorCode::ApiMigrationError): errorMessage = QObject::tr("A migration error has occurred. Please contact our technical support"); break; + case (ErrorCode::ApiUpdateRequestError): errorMessage = QObject::tr("Please update the application to use this feature"); break; // QFile errors case(ErrorCode::OpenError): errorMessage = QObject::tr("QFile error: The file could not be opened"); break; diff --git a/client/core/ipcclient.cpp b/client/core/ipcclient.cpp index b44da1bf..69edcd15 100644 --- a/client/core/ipcclient.cpp +++ b/client/core/ipcclient.cpp @@ -5,12 +5,12 @@ IpcClient *IpcClient::m_instance = nullptr; IpcClient::IpcClient(QObject *parent) : QObject(parent) { - } IpcClient::~IpcClient() { - if (m_localSocket) m_localSocket->close(); + if (m_localSocket) + m_localSocket->close(); } bool IpcClient::isSocketConnected() const @@ -25,13 +25,15 @@ IpcClient *IpcClient::Instance() QSharedPointer IpcClient::Interface() { - if (!Instance()) return nullptr; + if (!Instance()) + return nullptr; return Instance()->m_ipcClient; } QSharedPointer IpcClient::InterfaceTun2Socks() { - if (!Instance()) return nullptr; + if (!Instance()) + return nullptr; return Instance()->m_Tun2SocksClient; } @@ -42,15 +44,28 @@ bool IpcClient::init(IpcClient *instance) Instance()->m_localSocket = new QLocalSocket(Instance()); connect(Instance()->m_localSocket.data(), &QLocalSocket::connected, &Instance()->m_ClientNode, []() { Instance()->m_ClientNode.addClientSideConnection(Instance()->m_localSocket.data()); + auto cliNode = Instance()->m_ClientNode.acquire(); + cliNode->waitForSource(5000); + Instance()->m_ipcClient.reset(cliNode); + + if (!Instance()->m_ipcClient) { + qWarning() << "IpcClient is not ready!"; + } - Instance()->m_ipcClient.reset(Instance()->m_ClientNode.acquire()); Instance()->m_ipcClient->waitForSource(1000); if (!Instance()->m_ipcClient->isReplicaValid()) { qWarning() << "IpcClient replica is not connected!"; } - Instance()->m_Tun2SocksClient.reset(Instance()->m_ClientNode.acquire()); + auto t2sNode = Instance()->m_ClientNode.acquire(); + t2sNode->waitForSource(5000); + Instance()->m_Tun2SocksClient.reset(t2sNode); + + if (!Instance()->m_Tun2SocksClient) { + qWarning() << "IpcClient::m_Tun2SocksClient is not ready!"; + } + Instance()->m_Tun2SocksClient->waitForSource(1000); if (!Instance()->m_Tun2SocksClient->isReplicaValid()) { @@ -58,9 +73,8 @@ bool IpcClient::init(IpcClient *instance) } }); - connect(Instance()->m_localSocket, &QLocalSocket::disconnected, [instance](){ - instance->m_isSocketConnected = false; - }); + connect(Instance()->m_localSocket, &QLocalSocket::disconnected, + [instance]() { instance->m_isSocketConnected = false; }); Instance()->m_localSocket->connectToServer(amnezia::getIpcServiceUrl()); Instance()->m_localSocket->waitForConnected(); @@ -77,7 +91,7 @@ bool IpcClient::init(IpcClient *instance) QSharedPointer IpcClient::CreatePrivilegedProcess() { - if (! Instance()->m_ipcClient || ! Instance()->m_ipcClient->isReplicaValid()) { + if (!Instance()->m_ipcClient || !Instance()->m_ipcClient->isReplicaValid()) { qWarning() << "IpcClient::createPrivilegedProcess : IpcClient IpcClient replica is not valid"; return nullptr; } @@ -100,18 +114,15 @@ QSharedPointer IpcClient::CreatePrivilegedProcess() pd->ipcProcess.reset(priv); if (!pd->ipcProcess) { qWarning() << "Acquire PrivilegedProcess failed"; - } - else { + } else { pd->ipcProcess->waitForSource(1000); if (!pd->ipcProcess->isReplicaValid()) { qWarning() << "PrivilegedProcess replica is not connected!"; } - QObject::connect(pd->ipcProcess.data(), &PrivilegedProcess::destroyed, pd->ipcProcess.data(), [pd](){ - pd->replicaNode->deleteLater(); - }); + QObject::connect(pd->ipcProcess.data(), &PrivilegedProcess::destroyed, pd->ipcProcess.data(), + [pd]() { pd->replicaNode->deleteLater(); }); } - }); pd->localSocket->connectToServer(amnezia::getIpcProcessUrl(pid)); pd->localSocket->waitForConnected(); @@ -119,5 +130,3 @@ QSharedPointer IpcClient::CreatePrivilegedProcess() auto processReplica = QSharedPointer(pd->ipcProcess); return processReplica; } - - diff --git a/client/core/networkUtilities.cpp b/client/core/networkUtilities.cpp index a5825f0d..cf33fa55 100644 --- a/client/core/networkUtilities.cpp +++ b/client/core/networkUtilities.cpp @@ -12,6 +12,7 @@ #include #include #include "qendian.h" + #include #endif #ifdef Q_OS_LINUX #include @@ -185,6 +186,17 @@ int NetworkUtilities::AdapterIndexTo(const QHostAddress& dst) { return 0; } +bool NetworkUtilities::checkIpv6Enabled() { +#ifdef Q_OS_WIN + QSettings RegHLM("HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip6\\Parameters", + QSettings::NativeFormat); + int ret = RegHLM.value("DisabledComponents", 0).toInt(); + qDebug() << "Check for Windows disabled IPv6 return " << ret; + return (ret != 255); +#endif + return true; +} + #ifdef Q_OS_WIN DWORD GetAdaptersAddressesWrapper(const ULONG Family, const ULONG Flags, diff --git a/client/core/networkUtilities.h b/client/core/networkUtilities.h index 3057b852..1bd1114c 100644 --- a/client/core/networkUtilities.h +++ b/client/core/networkUtilities.h @@ -5,6 +5,7 @@ #include #include #include +#include class NetworkUtilities : public QObject @@ -15,6 +16,7 @@ public: static QString getStringBetween(const QString &s, const QString &a, const QString &b); static bool checkIPv4Format(const QString &ip); static bool checkIpSubnetFormat(const QString &ip); + static bool checkIpv6Enabled(); static QString getGatewayAndIface(); // Returns the Interface Index that could Route to dst static int AdapterIndexTo(const QHostAddress& dst); @@ -28,9 +30,7 @@ public: static QString netMaskFromIpWithSubnet(const QString ip); static QString ipAddressFromIpWithSubnet(const QString ip); - static QStringList summarizeRoutes(const QStringList &ips, const QString cidr); - }; #endif // NETWORKUTILITIES_H diff --git a/client/core/qrCodeUtils.cpp b/client/core/qrCodeUtils.cpp new file mode 100644 index 00000000..a18af172 --- /dev/null +++ b/client/core/qrCodeUtils.cpp @@ -0,0 +1,35 @@ +#include "qrCodeUtils.h" + +#include +#include + +QList qrCodeUtils::generateQrCodeImageSeries(const QByteArray &data) +{ + double k = 850; + + quint8 chunksCount = std::ceil(data.size() / k); + QList chunks; + for (int i = 0; i < data.size(); i = i + k) { + QByteArray chunk; + QDataStream s(&chunk, QIODevice::WriteOnly); + s << qrCodeUtils::qrMagicCode << chunksCount << (quint8)std::round(i / k) << data.mid(i, k); + + QByteArray ba = chunk.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); + + qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(ba, qrcodegen::QrCode::Ecc::LOW); + QString svg = QString::fromStdString(toSvgString(qr, 1)); + chunks.append(svgToBase64(svg)); + } + + return chunks; +} + +QString qrCodeUtils::svgToBase64(const QString &image) +{ + return "data:image/svg;base64," + QString::fromLatin1(image.toUtf8().toBase64().data()); +} + +qrcodegen::QrCode qrCodeUtils::generateQrCode(const QByteArray &data) +{ + return qrcodegen::QrCode::encodeText(data, qrcodegen::QrCode::Ecc::LOW); +} diff --git a/client/core/qrCodeUtils.h b/client/core/qrCodeUtils.h new file mode 100644 index 00000000..cda0723b --- /dev/null +++ b/client/core/qrCodeUtils.h @@ -0,0 +1,17 @@ +#ifndef QRCODEUTILS_H +#define QRCODEUTILS_H + +#include + +#include "qrcodegen.hpp" + +namespace qrCodeUtils +{ + constexpr const qint16 qrMagicCode = 1984; + + QList generateQrCodeImageSeries(const QByteArray &data); + qrcodegen::QrCode generateQrCode(const QByteArray &data); + QString svgToBase64(const QString &image); +}; + +#endif // QRCODEUTILS_H diff --git a/client/core/serialization/vmess_new.cpp b/client/core/serialization/vmess_new.cpp index 6f3ec3e1..68d32203 100644 --- a/client/core/serialization/vmess_new.cpp +++ b/client/core/serialization/vmess_new.cpp @@ -104,7 +104,7 @@ QJsonObject Deserialize(const QString &vmessStr, QString *alias, QString *errMes server.users.first().security = "auto"; } - const static auto getQueryValue = [&query](const QString &key, const QString &defaultValue) { + const auto getQueryValue = [&query](const QString &key, const QString &defaultValue) { if (query.hasQueryItem(key)) return query.queryItemValue(key, QUrl::FullyDecoded); else diff --git a/client/daemon/daemon.cpp b/client/daemon/daemon.cpp index a234860b..2faff0ef 100644 --- a/client/daemon/daemon.cpp +++ b/client/daemon/daemon.cpp @@ -114,12 +114,23 @@ bool Daemon::activate(const InterfaceConfig& config) { // Bring up the wireguard interface if not already done. if (!wgutils()->interfaceExists()) { + // Create the interface. if (!wgutils()->addInterface(config)) { logger.error() << "Interface creation failed."; return false; } } + // Bring the interface up. + if (supportIPUtils()) { + if (!iputils()->addInterfaceIPs(config)) { + return false; + } + if (!iputils()->setMTUAndUp(config)) { + return false; + } + } + // Configure routing for excluded addresses. for (const QString& i : config.m_excludedAddresses) { addExclusionRoute(IPAddress(i)); @@ -135,20 +146,10 @@ bool Daemon::activate(const InterfaceConfig& config) { return false; } - if (supportIPUtils()) { - if (!iputils()->addInterfaceIPs(config)) { - return false; - } - if (!iputils()->setMTUAndUp(config)) { - return false; - } - } - // set routing for (const IPAddress& ip : config.m_allowedIPAddressRanges) { if (!wgutils()->updateRoutePrefix(ip)) { - logger.debug() << "Routing configuration failed for" - << logger.sensitive(ip.toString()); + logger.debug() << "Routing configuration failed for" << ip.toString(); return false; } } @@ -168,11 +169,14 @@ bool Daemon::maybeUpdateResolvers(const InterfaceConfig& config) { if ((config.m_hopType == InterfaceConfig::MultiHopExit) || (config.m_hopType == InterfaceConfig::SingleHop)) { QList resolvers; - resolvers.append(QHostAddress(config.m_dnsServer)); + resolvers.append(QHostAddress(config.m_primaryDnsServer)); + if (!config.m_secondaryDnsServer.isEmpty()) { + resolvers.append(QHostAddress(config.m_secondaryDnsServer)); + } // If the DNS is not the Gateway, it's a user defined DNS // thus, not add any other :) - if (config.m_dnsServer == config.m_serverIpv4Gateway) { + if (config.m_primaryDnsServer == config.m_serverIpv4Gateway) { resolvers.append(QHostAddress(config.m_serverIpv6Gateway)); } @@ -278,15 +282,26 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) { config.m_serverIpv4Gateway = obj.value("serverIpv4Gateway").toString(); config.m_serverIpv6Gateway = obj.value("serverIpv6Gateway").toString(); - if (!obj.contains("dnsServer")) { - config.m_dnsServer = QString(); + if (!obj.contains("primaryDnsServer")) { + config.m_primaryDnsServer = QString(); } else { - QJsonValue value = obj.value("dnsServer"); + QJsonValue value = obj.value("primaryDnsServer"); if (!value.isString()) { logger.error() << "dnsServer is not a string"; return false; } - config.m_dnsServer = value.toString(); + config.m_primaryDnsServer = value.toString(); + } + + if (!obj.contains("secondaryDnsServer")) { + config.m_secondaryDnsServer = QString(); + } else { + QJsonValue value = obj.value("secondaryDnsServer"); + if (!value.isString()) { + logger.error() << "dnsServer is not a string"; + return false; + } + config.m_secondaryDnsServer = value.toString(); } if (!obj.contains("hopType")) { @@ -369,6 +384,9 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) { if (!parseStringList(obj, "vpnDisabledApps", config.m_vpnDisabledApps)) { return false; } + if (!parseStringList(obj, "allowedDnsServers", config.m_allowedDnsServers)) { + return false; + } config.m_killSwitchEnabled = QVariant(obj.value("killSwitchOption").toString()).toBool(); @@ -387,6 +405,13 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) { if (!obj.value("S2").isNull()) { config.m_responsePacketJunkSize = obj.value("S2").toString(); } + if (!obj.value("S3").isNull()) { + config.m_cookieReplyPacketJunkSize = obj.value("S3").toString(); + } + if (!obj.value("S4").isNull()) { + config.m_transportPacketJunkSize = obj.value("S4").toString(); + } + if (!obj.value("H1").isNull()) { config.m_initPacketMagicHeader = obj.value("H1").toString(); } @@ -400,6 +425,34 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) { config.m_transportPacketMagicHeader = obj.value("H4").toString(); } + if (!obj.value("I1").isNull()) { + config.m_specialJunk["I1"] = obj.value("I1").toString(); + } + if (!obj.value("I2").isNull()) { + config.m_specialJunk["I2"] = obj.value("I2").toString(); + } + if (!obj.value("I3").isNull()) { + config.m_specialJunk["I3"] = obj.value("I3").toString(); + } + if (!obj.value("I4").isNull()) { + config.m_specialJunk["I4"] = obj.value("I4").toString(); + } + if (!obj.value("I5").isNull()) { + config.m_specialJunk["I5"] = obj.value("I5").toString(); + } + if (!obj.value("J1").isNull()) { + config.m_controlledJunk["J1"] = obj.value("J1").toString(); + } + if (!obj.value("J2").isNull()) { + config.m_controlledJunk["J2"] = obj.value("J2").toString(); + } + if (!obj.value("J3").isNull()) { + config.m_controlledJunk["J3"] = obj.value("J3").toString(); + } + if (!obj.value("Itime").isNull()) { + config.m_specialHandshakeTimeout = obj.value("Itime").toString(); + } + return true; } @@ -442,7 +495,7 @@ bool Daemon::deactivate(bool emitSignals) { m_connections.clear(); // Delete the interface - return wgutils()->deleteInterface(); + return wgutils()->deleteInterface(); } QString Daemon::logs() { diff --git a/client/daemon/daemon.h b/client/daemon/daemon.h index 3d418d70..757c9ff0 100644 --- a/client/daemon/daemon.h +++ b/client/daemon/daemon.h @@ -8,6 +8,8 @@ #include #include +#include "daemon/daemonerrors.h" +#include "daemonerrors.h" #include "dnsutils.h" #include "interfaceconfig.h" #include "iputils.h" @@ -51,7 +53,7 @@ class Daemon : public QObject { */ void activationFailure(); void disconnected(); - void backendFailure(); + void backendFailure(DaemonError reason = DaemonError::ERROR_FATAL); private: bool maybeUpdateResolvers(const InterfaceConfig& config); diff --git a/client/daemon/daemonerrors.h b/client/daemon/daemonerrors.h new file mode 100644 index 00000000..3d271244 --- /dev/null +++ b/client/daemon/daemonerrors.h @@ -0,0 +1,17 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#pragma once + +#include + +enum class DaemonError : uint8_t { + ERROR_NONE = 0u, + ERROR_FATAL = 1u, + ERROR_SPLIT_TUNNEL_INIT_FAILURE = 2u, + ERROR_SPLIT_TUNNEL_START_FAILURE = 3u, + ERROR_SPLIT_TUNNEL_EXCLUDE_FAILURE = 4u, + + DAEMON_ERROR_MAX = 5u, +}; diff --git a/client/daemon/daemonlocalserverconnection.cpp b/client/daemon/daemonlocalserverconnection.cpp index edbc4c9b..bc57c71f 100644 --- a/client/daemon/daemonlocalserverconnection.cpp +++ b/client/daemon/daemonlocalserverconnection.cpp @@ -159,9 +159,10 @@ void DaemonLocalServerConnection::disconnected() { write(obj); } -void DaemonLocalServerConnection::backendFailure() { +void DaemonLocalServerConnection::backendFailure(DaemonError err) { QJsonObject obj; obj.insert("type", "backendFailure"); + obj.insert("errorCode", static_cast(err)); write(obj); } diff --git a/client/daemon/daemonlocalserverconnection.h b/client/daemon/daemonlocalserverconnection.h index ec32df75..34170cb3 100644 --- a/client/daemon/daemonlocalserverconnection.h +++ b/client/daemon/daemonlocalserverconnection.h @@ -7,6 +7,8 @@ #include +#include "daemonerrors.h" + class QLocalSocket; class DaemonLocalServerConnection final : public QObject { @@ -23,7 +25,7 @@ class DaemonLocalServerConnection final : public QObject { void connected(const QString& pubkey); void disconnected(); - void backendFailure(); + void backendFailure(DaemonError err); void write(const QJsonObject& obj); diff --git a/client/daemon/interfaceconfig.cpp b/client/daemon/interfaceconfig.cpp index b2ad31c6..53da5d36 100644 --- a/client/daemon/interfaceconfig.cpp +++ b/client/daemon/interfaceconfig.cpp @@ -28,7 +28,8 @@ QJsonObject InterfaceConfig::toJson() const { (m_hopType == InterfaceConfig::SingleHop)) { json.insert("serverIpv4Gateway", QJsonValue(m_serverIpv4Gateway)); json.insert("serverIpv6Gateway", QJsonValue(m_serverIpv6Gateway)); - json.insert("dnsServer", QJsonValue(m_dnsServer)); + json.insert("primaryDnsServer", QJsonValue(m_primaryDnsServer)); + json.insert("secondaryDnsServer", QJsonValue(m_secondaryDnsServer)); } QJsonArray allowedIPAddesses; @@ -48,6 +49,13 @@ QJsonObject InterfaceConfig::toJson() const { } json.insert("excludedAddresses", jsExcludedAddresses); + + QJsonArray jsAllowedDnsServers; + for (const QString& i : m_allowedDnsServers) { + jsAllowedDnsServers.append(QJsonValue(i)); + } + json.insert("allowedDnsServers", jsAllowedDnsServers); + QJsonArray disabledApps; for (const QString& i : m_vpnDisabledApps) { disabledApps.append(QJsonValue(i)); @@ -93,11 +101,15 @@ QString InterfaceConfig::toWgConf(const QMap& extra) const { out << "MTU = " << m_deviceMTU << "\n"; } - if (!m_dnsServer.isNull()) { - QStringList dnsServers(m_dnsServer); + if (!m_primaryDnsServer.isNull()) { + QStringList dnsServers; + dnsServers.append(m_primaryDnsServer); + if (!m_secondaryDnsServer.isNull()) { + dnsServers.append(m_secondaryDnsServer); + } // If the DNS is not the Gateway, it's a user defined DNS // thus, not add any other :) - if (m_dnsServer == m_serverIpv4Gateway) { + if (m_primaryDnsServer == m_serverIpv4Gateway) { dnsServers.append(m_serverIpv6Gateway); } out << "DNS = " << dnsServers.join(", ") << "\n"; @@ -118,6 +130,12 @@ QString InterfaceConfig::toWgConf(const QMap& extra) const { if (!m_responsePacketJunkSize.isNull()) { out << "S2 = " << m_responsePacketJunkSize << "\n"; } + if (!m_cookieReplyPacketJunkSize.isNull()) { + out << "S3 = " << m_cookieReplyPacketJunkSize << "\n"; + } + if (!m_transportPacketJunkSize.isNull()) { + out << "S4 = " << m_transportPacketJunkSize << "\n"; + } if (!m_initPacketMagicHeader.isNull()) { out << "H1 = " << m_initPacketMagicHeader << "\n"; } @@ -131,6 +149,16 @@ QString InterfaceConfig::toWgConf(const QMap& extra) const { out << "H4 = " << m_transportPacketMagicHeader << "\n"; } + for (const QString& key : m_specialJunk.keys()) { + out << key << " = " << m_specialJunk[key] << "\n"; + } + for (const QString& key : m_controlledJunk.keys()) { + out << key << " = " << m_controlledJunk[key] << "\n"; + } + if (!m_specialHandshakeTimeout.isNull()) { + out << "Itime = " << m_specialHandshakeTimeout << "\n"; + } + // If any extra config was provided, append it now. for (const QString& key : extra.keys()) { out << key << " = " << extra[key] << "\n"; diff --git a/client/daemon/interfaceconfig.h b/client/daemon/interfaceconfig.h index 6a816f87..06288e80 100644 --- a/client/daemon/interfaceconfig.h +++ b/client/daemon/interfaceconfig.h @@ -6,6 +6,7 @@ #define INTERFACECONFIG_H #include +#include #include #include "ipaddress.h" @@ -31,12 +32,14 @@ class InterfaceConfig { QString m_serverIpv4AddrIn; QString m_serverPskKey; QString m_serverIpv6AddrIn; - QString m_dnsServer; + QString m_primaryDnsServer; + QString m_secondaryDnsServer; int m_serverPort = 0; int m_deviceMTU = 1420; QList m_allowedIPAddressRanges; QStringList m_excludedAddresses; QStringList m_vpnDisabledApps; + QStringList m_allowedDnsServers; bool m_killSwitchEnabled; #if defined(MZ_ANDROID) || defined(MZ_IOS) QString m_installationId; @@ -47,10 +50,15 @@ class InterfaceConfig { QString m_junkPacketMaxSize; QString m_initPacketJunkSize; QString m_responsePacketJunkSize; + QString m_cookieReplyPacketJunkSize; + QString m_transportPacketJunkSize; QString m_initPacketMagicHeader; QString m_responsePacketMagicHeader; QString m_underloadPacketMagicHeader; QString m_transportPacketMagicHeader; + QMap m_specialJunk; + QMap m_controlledJunk; + QString m_specialHandshakeTimeout; QJsonObject toJson() const; QString toWgConf( diff --git a/client/daemon/wireguardutils.h b/client/daemon/wireguardutils.h index cdee40ef..b600a923 100644 --- a/client/daemon/wireguardutils.h +++ b/client/daemon/wireguardutils.h @@ -45,9 +45,11 @@ class WireguardUtils : public QObject { virtual bool updateRoutePrefix(const IPAddress& prefix) = 0; virtual bool deleteRoutePrefix(const IPAddress& prefix) = 0; - + virtual bool addExclusionRoute(const IPAddress& prefix) = 0; virtual bool deleteExclusionRoute(const IPAddress& prefix) = 0; + + virtual bool excludeLocalNetworks(const QList& addresses) = 0; }; #endif // WIREGUARDUTILS_H diff --git a/client/images/controls/external-link.svg b/client/images/controls/external-link.svg new file mode 100644 index 00000000..6a51c902 --- /dev/null +++ b/client/images/controls/external-link.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/client/images/controls/monitor.svg b/client/images/controls/monitor.svg new file mode 100644 index 00000000..1cdf57c2 --- /dev/null +++ b/client/images/controls/monitor.svg @@ -0,0 +1,5 @@ + + + + + diff --git a/client/ios/networkextension/CMakeLists.txt b/client/ios/networkextension/CMakeLists.txt index c448ed08..64b1c3c4 100644 --- a/client/ios/networkextension/CMakeLists.txt +++ b/client/ios/networkextension/CMakeLists.txt @@ -26,15 +26,22 @@ set_target_properties(networkextension PROPERTIES XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2" XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../Frameworks" - - XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" - XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" - - XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual - XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN.network-extension" - XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN.network-extension" ) +if(DEPLOY) + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "distr ios.org.amnezia.AmneziaVPN" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "dev ios.org.amnezia.AmneziaVPN" + ) +else() + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + set_target_properties(networkextension PROPERTIES XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" diff --git a/client/ios/scripts/openvpn.sh b/client/ios/scripts/openvpn.sh deleted file mode 100755 index 544b8078..00000000 --- a/client/ios/scripts/openvpn.sh +++ /dev/null @@ -1,19 +0,0 @@ -XCODEBUILD="/usr/bin/xcodebuild" -WORKINGDIR=`pwd` -PATCH="/usr/bin/patch" - - cat $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/Project.xcconfig > $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/amnezia.xcconfig - cat << EOF >> $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/amnezia.xcconfig - PROJECT_TEMP_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/OpenVPNAdapter.build - CONFIGURATION_BUILD_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/Release-iphoneos - BUILT_PRODUCTS_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/Release-iphoneos -EOF - - - cd 3rd/OpenVPNAdapter - if $XCODEBUILD -scheme OpenVPNAdapter -configuration Release -xcconfig Configuration/amnezia.xcconfig -sdk iphoneos -destination 'generic/platform=iOS' -project OpenVPNAdapter.xcodeproj ; then - echo "OpenVPNAdapter built successfully" - else - echo "OpenVPNAdapter build failed" - fi - cd ../../ diff --git a/client/mozilla/localsocketcontroller.cpp b/client/mozilla/localsocketcontroller.cpp index 5e9f0f97..9abab81c 100644 --- a/client/mozilla/localsocketcontroller.cpp +++ b/client/mozilla/localsocketcontroller.cpp @@ -1,9 +1,10 @@ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "protocols/protocols_defs.h" #include "localsocketcontroller.h" +#include + #include #include #include @@ -17,6 +18,9 @@ #include "leakdetector.h" #include "logger.h" #include "models/server.h" +#include "daemon/daemonerrors.h" + +#include "protocols/protocols_defs.h" // How many times do we try to reconnect. constexpr int MAX_CONNECTION_RETRY = 10; @@ -34,7 +38,7 @@ LocalSocketController::LocalSocketController() { m_socket = new QLocalSocket(this); connect(m_socket, &QLocalSocket::connected, this, &LocalSocketController::daemonConnected); - connect(m_socket, &QLocalSocket::disconnected, this, + connect(m_socket, &QLocalSocket::disconnected, this, [&] { errorOccurred(QLocalSocket::PeerClosedError); }); connect(m_socket, &QLocalSocket::errorOccurred, this, &LocalSocketController::errorOccurred); @@ -119,6 +123,7 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) { int appSplitTunnelType = rawConfig.value(amnezia::config_key::appSplitTunnelType).toInt(); QJsonArray splitTunnelApps = rawConfig.value(amnezia::config_key::splitTunnelApps).toArray(); + QJsonArray allowedDns = rawConfig.value(amnezia::config_key::allowedDnsServers).toArray(); QJsonObject wgConfig = rawConfig.value(protocolName + "_config_data").toObject(); @@ -130,7 +135,7 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) { // set up IPv6 unique-local-address, ULA, with "fd00::/8" prefix, not globally routable. // this will be default IPv6 gateway, OS recognizes that IPv6 link is local and switches to IPv4. - // Otherwise some OSes (Linux) try IPv6 forever and hang. + // Otherwise some OSes (Linux) try IPv6 forever and hang. // https://en.wikipedia.org/wiki/Unique_local_address (RFC 4193) // https://man7.org/linux/man-pages/man5/gai.conf.5.html json.insert("deviceIpv6Address", "fd58:baa6:dead::1"); // simply "dead::1" is globally-routable, don't use it @@ -144,7 +149,14 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) { json.insert("serverPort", wgConfig.value(amnezia::config_key::port).toInt()); json.insert("serverIpv4Gateway", wgConfig.value(amnezia::config_key::hostName)); // json.insert("serverIpv6Gateway", QJsonValue(hop.m_server.ipv6Gateway())); - json.insert("dnsServer", rawConfig.value(amnezia::config_key::dns1)); + + json.insert("primaryDnsServer", rawConfig.value(amnezia::config_key::dns1)); + + // We don't use secondary DNS if primary DNS is AmneziaDNS + if (!rawConfig.value(amnezia::config_key::dns1).toString(). + contains(amnezia::protocols::dns::amneziaDnsIp)) { + json.insert("secondaryDnsServer", rawConfig.value(amnezia::config_key::dns2)); + } QJsonArray jsAllowedIPAddesses; @@ -222,6 +234,8 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) { json.insert("vpnDisabledApps", splitTunnelApps); + json.insert("allowedDnsServers", allowedDns); + json.insert(amnezia::config_key::killSwitchOption, rawConfig.value(amnezia::config_key::killSwitchOption)); if (protocolName == amnezia::config_key::awg) { @@ -230,28 +244,61 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) { json.insert(amnezia::config_key::junkPacketMaxSize, wgConfig.value(amnezia::config_key::junkPacketMaxSize)); json.insert(amnezia::config_key::initPacketJunkSize, wgConfig.value(amnezia::config_key::initPacketJunkSize)); json.insert(amnezia::config_key::responsePacketJunkSize, wgConfig.value(amnezia::config_key::responsePacketJunkSize)); + json.insert(amnezia::config_key::cookieReplyPacketJunkSize, wgConfig.value(amnezia::config_key::cookieReplyPacketJunkSize)); + json.insert(amnezia::config_key::transportPacketJunkSize, wgConfig.value(amnezia::config_key::transportPacketJunkSize)); json.insert(amnezia::config_key::initPacketMagicHeader, wgConfig.value(amnezia::config_key::initPacketMagicHeader)); json.insert(amnezia::config_key::responsePacketMagicHeader, wgConfig.value(amnezia::config_key::responsePacketMagicHeader)); json.insert(amnezia::config_key::underloadPacketMagicHeader, wgConfig.value(amnezia::config_key::underloadPacketMagicHeader)); json.insert(amnezia::config_key::transportPacketMagicHeader, wgConfig.value(amnezia::config_key::transportPacketMagicHeader)); + json.insert(amnezia::config_key::specialJunk1, wgConfig.value(amnezia::config_key::specialJunk1)); + json.insert(amnezia::config_key::specialJunk2, wgConfig.value(amnezia::config_key::specialJunk2)); + json.insert(amnezia::config_key::specialJunk3, wgConfig.value(amnezia::config_key::specialJunk3)); + json.insert(amnezia::config_key::specialJunk4, wgConfig.value(amnezia::config_key::specialJunk4)); + json.insert(amnezia::config_key::specialJunk5, wgConfig.value(amnezia::config_key::specialJunk5)); + json.insert(amnezia::config_key::controlledJunk1, wgConfig.value(amnezia::config_key::controlledJunk1)); + json.insert(amnezia::config_key::controlledJunk2, wgConfig.value(amnezia::config_key::controlledJunk2)); + json.insert(amnezia::config_key::controlledJunk3, wgConfig.value(amnezia::config_key::controlledJunk3)); + json.insert(amnezia::config_key::specialHandshakeTimeout, wgConfig.value(amnezia::config_key::specialHandshakeTimeout)); } else if (!wgConfig.value(amnezia::config_key::junkPacketCount).isUndefined() && !wgConfig.value(amnezia::config_key::junkPacketMinSize).isUndefined() && !wgConfig.value(amnezia::config_key::junkPacketMaxSize).isUndefined() && !wgConfig.value(amnezia::config_key::initPacketJunkSize).isUndefined() && !wgConfig.value(amnezia::config_key::responsePacketJunkSize).isUndefined() + && !wgConfig.value(amnezia::config_key::cookieReplyPacketJunkSize).isUndefined() + && !wgConfig.value(amnezia::config_key::transportPacketJunkSize).isUndefined() && !wgConfig.value(amnezia::config_key::initPacketMagicHeader).isUndefined() && !wgConfig.value(amnezia::config_key::responsePacketMagicHeader).isUndefined() && !wgConfig.value(amnezia::config_key::underloadPacketMagicHeader).isUndefined() - && !wgConfig.value(amnezia::config_key::transportPacketMagicHeader).isUndefined()) { + && !wgConfig.value(amnezia::config_key::transportPacketMagicHeader).isUndefined() + && !wgConfig.value(amnezia::config_key::specialJunk1).isUndefined() + && !wgConfig.value(amnezia::config_key::specialJunk2).isUndefined() + && !wgConfig.value(amnezia::config_key::specialJunk3).isUndefined() + && !wgConfig.value(amnezia::config_key::specialJunk4).isUndefined() + && !wgConfig.value(amnezia::config_key::specialJunk5).isUndefined() + && !wgConfig.value(amnezia::config_key::controlledJunk1).isUndefined() + && !wgConfig.value(amnezia::config_key::controlledJunk2).isUndefined() + && !wgConfig.value(amnezia::config_key::controlledJunk3).isUndefined() + && !wgConfig.value(amnezia::config_key::specialHandshakeTimeout).isUndefined()) { json.insert(amnezia::config_key::junkPacketCount, wgConfig.value(amnezia::config_key::junkPacketCount)); json.insert(amnezia::config_key::junkPacketMinSize, wgConfig.value(amnezia::config_key::junkPacketMinSize)); json.insert(amnezia::config_key::junkPacketMaxSize, wgConfig.value(amnezia::config_key::junkPacketMaxSize)); json.insert(amnezia::config_key::initPacketJunkSize, wgConfig.value(amnezia::config_key::initPacketJunkSize)); json.insert(amnezia::config_key::responsePacketJunkSize, wgConfig.value(amnezia::config_key::responsePacketJunkSize)); + json.insert(amnezia::config_key::cookieReplyPacketJunkSize, wgConfig.value(amnezia::config_key::cookieReplyPacketJunkSize)); + json.insert(amnezia::config_key::transportPacketJunkSize, wgConfig.value(amnezia::config_key::transportPacketJunkSize)); json.insert(amnezia::config_key::initPacketMagicHeader, wgConfig.value(amnezia::config_key::initPacketMagicHeader)); json.insert(amnezia::config_key::responsePacketMagicHeader, wgConfig.value(amnezia::config_key::responsePacketMagicHeader)); json.insert(amnezia::config_key::underloadPacketMagicHeader, wgConfig.value(amnezia::config_key::underloadPacketMagicHeader)); json.insert(amnezia::config_key::transportPacketMagicHeader, wgConfig.value(amnezia::config_key::transportPacketMagicHeader)); + json.insert(amnezia::config_key::specialJunk1, wgConfig.value(amnezia::config_key::specialJunk1)); + json.insert(amnezia::config_key::specialJunk2, wgConfig.value(amnezia::config_key::specialJunk2)); + json.insert(amnezia::config_key::specialJunk3, wgConfig.value(amnezia::config_key::specialJunk3)); + json.insert(amnezia::config_key::specialJunk4, wgConfig.value(amnezia::config_key::specialJunk4)); + json.insert(amnezia::config_key::specialJunk5, wgConfig.value(amnezia::config_key::specialJunk5)); + json.insert(amnezia::config_key::controlledJunk1, wgConfig.value(amnezia::config_key::controlledJunk1)); + json.insert(amnezia::config_key::controlledJunk2, wgConfig.value(amnezia::config_key::controlledJunk2)); + json.insert(amnezia::config_key::controlledJunk3, wgConfig.value(amnezia::config_key::controlledJunk3)); + json.insert(amnezia::config_key::specialHandshakeTimeout, wgConfig.value(amnezia::config_key::specialHandshakeTimeout)); } write(json); @@ -451,8 +498,39 @@ void LocalSocketController::parseCommand(const QByteArray& command) { } if (type == "backendFailure") { - qCritical() << "backendFailure"; - return; + if (!obj.contains("errorCode")) { + // report a generic error if we dont know what it is. + logger.error() << "generic backend failure error"; + // REPORTERROR(ErrorHandler::ControllerError, "controller"); + return; + } + auto errorCode = static_cast(obj["errorCode"].toInt()); + if (errorCode >= (uint8_t)DaemonError::DAEMON_ERROR_MAX) { + // Also report a generic error if the code is invalid. + logger.error() << "invalid backend failure error code"; + // REPORTERROR(ErrorHandler::ControllerError, "controller"); + return; + } + switch (static_cast(errorCode)) { + case DaemonError::ERROR_NONE: + [[fallthrough]]; + case DaemonError::ERROR_FATAL: + logger.error() << "generic backend failure error (fatal or error none)"; + // REPORTERROR(ErrorHandler::ControllerError, "controller"); + break; + case DaemonError::ERROR_SPLIT_TUNNEL_INIT_FAILURE: + [[fallthrough]]; + case DaemonError::ERROR_SPLIT_TUNNEL_START_FAILURE: + [[fallthrough]]; + case DaemonError::ERROR_SPLIT_TUNNEL_EXCLUDE_FAILURE: + logger.error() << "split tunnel backend failure error"; + //REPORTERROR(ErrorHandler::SplitTunnelError, "controller"); + break; + case DaemonError::DAEMON_ERROR_MAX: + // We should not get here. + Q_ASSERT(false); + break; + } } if (type == "logs") { diff --git a/client/platforms/android/android_controller.cpp b/client/platforms/android/android_controller.cpp index 2790eb1b..d9195f87 100644 --- a/client/platforms/android/android_controller.cpp +++ b/client/platforms/android/android_controller.cpp @@ -163,9 +163,7 @@ QString AndroidController::openFile(const QString &filter) QString fileName; connect(this, &AndroidController::fileOpened, this, [&fileName, &wait](const QString &uri) { - qDebug() << "Android event: file opened; uri:" << uri; - fileName = QQmlFile::urlToLocalFileOrQrc(uri); - qDebug() << "Android opened filename:" << fileName; + fileName = uri; wait.quit(); }, static_cast(Qt::QueuedConnection | Qt::SingleShotConnection)); @@ -175,6 +173,25 @@ QString AndroidController::openFile(const QString &filter) return fileName; } +int AndroidController::getFd(const QString &fileName) +{ + return callActivityMethod("getFd", "(Ljava/lang/String;)I", + QJniObject::fromString(fileName).object()); +} + +void AndroidController::closeFd() +{ + callActivityMethod("closeFd", "()V"); +} + +QString AndroidController::getFileName(const QString &uri) +{ + auto fileName = callActivityMethod("getFileName", "(Ljava/lang/String;)Ljava/lang/String;", + QJniObject::fromString(uri).object()); + QJniEnvironment env; + return AndroidUtils::convertJString(env.jniEnv(), fileName.object()); +} + bool AndroidController::isCameraPresent() { return callActivityMethod("isCameraPresent", "()Z"); @@ -287,6 +304,11 @@ bool AndroidController::requestAuthentication() return result; } +void AndroidController::sendTouch(float x, float y) +{ + callActivityMethod("sendTouch", "(FF)V", x, y); +} + // Moving log processing to the Android side jclass AndroidController::log; jmethodID AndroidController::logDebug; diff --git a/client/platforms/android/android_controller.h b/client/platforms/android/android_controller.h index 759c9c3f..5707771e 100644 --- a/client/platforms/android/android_controller.h +++ b/client/platforms/android/android_controller.h @@ -34,6 +34,9 @@ public: void resetLastServer(int serverIndex); void saveFile(const QString &fileName, const QString &data); QString openFile(const QString &filter); + int getFd(const QString &fileName); + void closeFd(); + QString getFileName(const QString &uri); bool isCameraPresent(); bool isOnTv(); void startQrReaderActivity(); @@ -48,6 +51,7 @@ public: bool isNotificationPermissionGranted(); void requestNotificationPermission(); bool requestAuthentication(); + void sendTouch(float x, float y); static bool initLogging(); static void messageHandler(QtMsgType type, const QMessageLogContext &context, const QString &message); diff --git a/client/platforms/ios/HevSocksTunnel.swift b/client/platforms/ios/HevSocksTunnel.swift index a86a0758..87d995e8 100644 --- a/client/platforms/ios/HevSocksTunnel.swift +++ b/client/platforms/ios/HevSocksTunnel.swift @@ -1,4 +1,5 @@ import HevSocks5Tunnel +import NetworkExtension public enum Socks5Tunnel { diff --git a/client/platforms/ios/ScreenProtection.swift b/client/platforms/ios/ScreenProtection.swift index 1355dc13..200cf0cb 100644 --- a/client/platforms/ios/ScreenProtection.swift +++ b/client/platforms/ios/ScreenProtection.swift @@ -14,10 +14,15 @@ extension UIApplication { var keyWindows: [UIWindow] { connectedScenes .compactMap { + guard let windowScene = $0 as? UIWindowScene else { return nil } if #available(iOS 15.0, *) { - ($0 as? UIWindowScene)?.keyWindow + guard let keywindow = windowScene.keyWindow else { + windowScene.windows.first?.makeKey() + return windowScene.windows.first + } + return keywindow } else { - ($0 as? UIWindowScene)?.windows.first { $0.isKeyWindow } + return windowScene.windows.first { $0.isKeyWindow } } } } diff --git a/client/platforms/ios/WGConfig.swift b/client/platforms/ios/WGConfig.swift index e3b67efe..537687f1 100644 --- a/client/platforms/ios/WGConfig.swift +++ b/client/platforms/ios/WGConfig.swift @@ -4,7 +4,10 @@ struct WGConfig: Decodable { let initPacketMagicHeader, responsePacketMagicHeader: String? let underloadPacketMagicHeader, transportPacketMagicHeader: String? let junkPacketCount, junkPacketMinSize, junkPacketMaxSize: String? - let initPacketJunkSize, responsePacketJunkSize: String? + let initPacketJunkSize, responsePacketJunkSize, cookieReplyPacketJunkSize, transportPacketJunkSize: String? + let specialJunk1, specialJunk2, specialJunk3, specialJunk4, specialJunk5: String? + let controlledJunk1, controlledJunk2, controlledJunk3: String? + let specialHandshakeTimeout: String? let dns1: String let dns2: String let mtu: String @@ -23,7 +26,10 @@ struct WGConfig: Decodable { case initPacketMagicHeader = "H1", responsePacketMagicHeader = "H2" case underloadPacketMagicHeader = "H3", transportPacketMagicHeader = "H4" case junkPacketCount = "Jc", junkPacketMinSize = "Jmin", junkPacketMaxSize = "Jmax" - case initPacketJunkSize = "S1", responsePacketJunkSize = "S2" + case initPacketJunkSize = "S1", responsePacketJunkSize = "S2", cookieReplyPacketJunkSize = "S3", transportPacketJunkSize = "S4" + case specialJunk1 = "I1", specialJunk2 = "I2", specialJunk3 = "I3", specialJunk4 = "I4", specialJunk5 = "I5" + case controlledJunk1 = "J1", controlledJunk2 = "J2", controlledJunk3 = "J3" + case specialHandshakeTimeout = "Itime" case dns1 case dns2 case mtu @@ -40,19 +46,59 @@ struct WGConfig: Decodable { } var settings: String { - junkPacketCount == nil ? "" : - """ - Jc = \(junkPacketCount!) - Jmin = \(junkPacketMinSize!) - Jmax = \(junkPacketMaxSize!) - S1 = \(initPacketJunkSize!) - S2 = \(responsePacketJunkSize!) - H1 = \(initPacketMagicHeader!) - H2 = \(responsePacketMagicHeader!) - H3 = \(underloadPacketMagicHeader!) - H4 = \(transportPacketMagicHeader!) + guard junkPacketCount != nil else { return "" } + + var settingsLines: [String] = [] + + // Required parameters when junkPacketCount is present + settingsLines.append("Jc = \(junkPacketCount!)") + settingsLines.append("Jmin = \(junkPacketMinSize!)") + settingsLines.append("Jmax = \(junkPacketMaxSize!)") + settingsLines.append("S1 = \(initPacketJunkSize!)") + settingsLines.append("S2 = \(responsePacketJunkSize!)") + + settingsLines.append("H1 = \(initPacketMagicHeader!)") + settingsLines.append("H2 = \(responsePacketMagicHeader!)") + settingsLines.append("H3 = \(underloadPacketMagicHeader!)") + settingsLines.append("H4 = \(transportPacketMagicHeader!)") - """ + // Optional parameters - only add if not nil and not empty + if let s3 = cookieReplyPacketJunkSize, !s3.isEmpty { + settingsLines.append("S3 = \(s3)") + } + if let s4 = transportPacketJunkSize, !s4.isEmpty { + settingsLines.append("S4 = \(s4)") + } + + if let i1 = specialJunk1, !i1.isEmpty { + settingsLines.append("I1 = \(i1)") + } + if let i2 = specialJunk2, !i2.isEmpty { + settingsLines.append("I2 = \(i2)") + } + if let i3 = specialJunk3, !i3.isEmpty { + settingsLines.append("I3 = \(i3)") + } + if let i4 = specialJunk4, !i4.isEmpty { + settingsLines.append("I4 = \(i4)") + } + if let i5 = specialJunk5, !i5.isEmpty { + settingsLines.append("I5 = \(i5)") + } + if let j1 = controlledJunk1, !j1.isEmpty { + settingsLines.append("J1 = \(j1)") + } + if let j2 = controlledJunk2, !j2.isEmpty { + settingsLines.append("J2 = \(j2)") + } + if let j3 = controlledJunk3, !j3.isEmpty { + settingsLines.append("J3 = \(j3)") + } + if let itime = specialHandshakeTimeout, !itime.isEmpty { + settingsLines.append("Itime = \(itime)") + } + + return settingsLines.joined(separator: "\n") } var str: String { diff --git a/client/platforms/ios/ios_controller.mm b/client/platforms/ios/ios_controller.mm index 85fb50b7..e64c6dce 100644 --- a/client/platforms/ios/ios_controller.mm +++ b/client/platforms/ios/ios_controller.mm @@ -507,6 +507,8 @@ bool IosController::setupWireGuard() wgConfig.insert(config_key::initPacketJunkSize, config[config_key::initPacketJunkSize]); wgConfig.insert(config_key::responsePacketJunkSize, config[config_key::responsePacketJunkSize]); + wgConfig.insert(config_key::cookieReplyPacketJunkSize, config[config_key::cookieReplyPacketJunkSize]); + wgConfig.insert(config_key::transportPacketJunkSize, config[config_key::transportPacketJunkSize]); wgConfig.insert(config_key::junkPacketCount, config[config_key::junkPacketCount]); wgConfig.insert(config_key::junkPacketMinSize, config[config_key::junkPacketMinSize]); @@ -605,11 +607,23 @@ bool IosController::setupAwg() wgConfig.insert(config_key::initPacketJunkSize, config[config_key::initPacketJunkSize]); wgConfig.insert(config_key::responsePacketJunkSize, config[config_key::responsePacketJunkSize]); + wgConfig.insert(config_key::cookieReplyPacketJunkSize, config[config_key::cookieReplyPacketJunkSize]); + wgConfig.insert(config_key::transportPacketJunkSize, config[config_key::transportPacketJunkSize]); wgConfig.insert(config_key::junkPacketCount, config[config_key::junkPacketCount]); wgConfig.insert(config_key::junkPacketMinSize, config[config_key::junkPacketMinSize]); wgConfig.insert(config_key::junkPacketMaxSize, config[config_key::junkPacketMaxSize]); + wgConfig.insert(config_key::specialJunk1, config[config_key::specialJunk1]); + wgConfig.insert(config_key::specialJunk2, config[config_key::specialJunk2]); + wgConfig.insert(config_key::specialJunk3, config[config_key::specialJunk3]); + wgConfig.insert(config_key::specialJunk4, config[config_key::specialJunk4]); + wgConfig.insert(config_key::specialJunk5, config[config_key::specialJunk5]); + wgConfig.insert(config_key::controlledJunk1, config[config_key::controlledJunk1]); + wgConfig.insert(config_key::controlledJunk2, config[config_key::controlledJunk2]); + wgConfig.insert(config_key::controlledJunk3, config[config_key::controlledJunk3]); + wgConfig.insert(config_key::specialHandshakeTimeout, config[config_key::specialHandshakeTimeout]); + QJsonDocument wgConfigDoc(wgConfig); QString wgConfigDocStr(wgConfigDoc.toJson(QJsonDocument::Compact)); @@ -794,9 +808,9 @@ bool IosController::shareText(const QStringList& filesToSend) { if (!qtController) return; UIActivityViewController *activityController = [[UIActivityViewController alloc] initWithActivityItems:sharingItems applicationActivities:nil]; - + __block bool isAccepted = false; - + [activityController setCompletionWithItemsHandler:^(NSString *activityType, BOOL completed, NSArray *returnedItems, NSError *activityError) { isAccepted = completed; emit finished(); @@ -808,11 +822,11 @@ bool IosController::shareText(const QStringList& filesToSend) { popController.sourceView = qtController.view; popController.sourceRect = CGRectMake(100, 100, 100, 100); } - + QEventLoop wait; QObject::connect(this, &IosController::finished, &wait, &QEventLoop::quit); wait.exec(); - + return isAccepted; } @@ -826,7 +840,7 @@ QString IosController::openFile() { if (!qtController) return; [qtController presentViewController:documentPicker animated:YES completion:nil]; - + __block QString filePath; documentPickerDelegate.documentPickerClosedCallback = ^(NSString *path) { @@ -841,7 +855,7 @@ QString IosController::openFile() { QEventLoop wait; QObject::connect(this, &IosController::finished, &wait, &QEventLoop::quit); wait.exec(); - + return filePath; } diff --git a/client/platforms/linux/daemon/iputilslinux.cpp b/client/platforms/linux/daemon/iputilslinux.cpp index f0f2fbab..25d4f631 100644 --- a/client/platforms/linux/daemon/iputilslinux.cpp +++ b/client/platforms/linux/daemon/iputilslinux.cpp @@ -31,7 +31,9 @@ IPUtilsLinux::~IPUtilsLinux() { } bool IPUtilsLinux::addInterfaceIPs(const InterfaceConfig& config) { - return addIP4AddressToDevice(config) && addIP6AddressToDevice(config); + bool ret = addIP4AddressToDevice(config); + addIP6AddressToDevice(config); + return ret; } bool IPUtilsLinux::setMTUAndUp(const InterfaceConfig& config) { @@ -95,7 +97,7 @@ bool IPUtilsLinux::addIP4AddressToDevice(const InterfaceConfig& config) { // Set ifr to interface int ret = ioctl(sockfd, SIOCSIFADDR, &ifr); if (ret) { - logger.error() << "Failed to set IPv4: " << logger.sensitive(deviceAddr) + logger.error() << "Failed to set IPv4: " << deviceAddr << "error:" << strerror(errno); return false; } @@ -136,7 +138,7 @@ bool IPUtilsLinux::addIP6AddressToDevice(const InterfaceConfig& config) { // Set ifr6 to the interface ret = ioctl(sockfd, SIOCSIFADDR, &ifr6); if (ret && (errno != EEXIST)) { - logger.error() << "Failed to set IPv6: " << logger.sensitive(deviceAddr) + logger.error() << "Failed to set IPv6: " << deviceAddr << "error:" << strerror(errno); return false; } diff --git a/client/platforms/linux/daemon/linuxfirewall.cpp b/client/platforms/linux/daemon/linuxfirewall.cpp index 393c24f2..de88c962 100644 --- a/client/platforms/linux/daemon/linuxfirewall.cpp +++ b/client/platforms/linux/daemon/linuxfirewall.cpp @@ -196,6 +196,8 @@ QStringList LinuxFirewall::getDNSRules(const QStringList& servers) result << QStringLiteral("-o amn0+ -d %1 -p tcp --dport 53 -j ACCEPT").arg(server); result << QStringLiteral("-o tun0+ -d %1 -p udp --dport 53 -j ACCEPT").arg(server); result << QStringLiteral("-o tun0+ -d %1 -p tcp --dport 53 -j ACCEPT").arg(server); + result << QStringLiteral("-o tun2+ -d %1 -p udp --dport 53 -j ACCEPT").arg(server); + result << QStringLiteral("-o tun2+ -d %1 -p tcp --dport 53 -j ACCEPT").arg(server); } return result; } @@ -277,6 +279,7 @@ void LinuxFirewall::install() installAnchor(Both, QStringLiteral("200.allowVPN"), { QStringLiteral("-o amn0+ -j ACCEPT"), QStringLiteral("-o tun0+ -j ACCEPT"), + QStringLiteral("-o tun2+ -j ACCEPT"), }); installAnchor(IPv4, QStringLiteral("120.blockNets"), {}); @@ -452,9 +455,6 @@ void LinuxFirewall::updateDNSServers(const QStringList& servers) void LinuxFirewall::updateAllowNets(const QStringList& servers) { - static QStringList existingServers {}; - - existingServers = servers; execute(QStringLiteral("iptables -F %1.110.allowNets").arg(kAnchorName)); for (const QString& rule : getAllowRule(servers)) execute(QStringLiteral("iptables -A %1.110.allowNets %2").arg(kAnchorName, rule)); diff --git a/client/platforms/linux/daemon/wireguardutilslinux.cpp b/client/platforms/linux/daemon/wireguardutilslinux.cpp index 460a7fe1..cfde73e2 100644 --- a/client/platforms/linux/daemon/wireguardutilslinux.cpp +++ b/client/platforms/linux/daemon/wireguardutilslinux.cpp @@ -17,6 +17,8 @@ #include "leakdetector.h" #include "logger.h" +#include "killswitch.h" + constexpr const int WG_TUN_PROC_TIMEOUT = 5000; constexpr const char* WG_RUNTIME_DIR = "/var/run/amneziawg"; @@ -119,6 +121,12 @@ bool WireguardUtilsLinux::addInterface(const InterfaceConfig& config) { if (!config.m_responsePacketJunkSize.isEmpty()) { out << "s2=" << config.m_responsePacketJunkSize << "\n"; } + if (!config.m_cookieReplyPacketJunkSize.isEmpty()) { + out << "s3=" << config.m_cookieReplyPacketJunkSize << "\n"; + } + if (!config.m_transportPacketJunkSize.isEmpty()) { + out << "s4=" << config.m_transportPacketJunkSize << "\n"; + } if (!config.m_initPacketMagicHeader.isEmpty()) { out << "h1=" << config.m_initPacketMagicHeader << "\n"; } @@ -132,13 +140,26 @@ bool WireguardUtilsLinux::addInterface(const InterfaceConfig& config) { out << "h4=" << config.m_transportPacketMagicHeader << "\n"; } + for (const QString& key : config.m_specialJunk.keys()) { + out << key.toLower() << "=" << config.m_specialJunk.value(key) << "\n"; + } + for (const QString& key : config.m_controlledJunk.keys()) { + out << key.toLower() << "=" << config.m_controlledJunk.value(key) << "\n"; + } + if (!config.m_specialHandshakeTimeout.isEmpty()) { + out << "itime=" << config.m_specialHandshakeTimeout << "\n"; + } + int err = uapiErrno(uapiCommand(message)); if (err != 0) { logger.error() << "Interface configuration failed:" << strerror(err); } else { if (config.m_killSwitchEnabled) { FirewallParams params { }; - params.dnsServers.append(config.m_dnsServer); + params.dnsServers.append(config.m_primaryDnsServer); + if (!config.m_secondaryDnsServer.isEmpty()) { + params.dnsServers.append(config.m_secondaryDnsServer); + } if (config.m_allowedIPAddressRanges.contains(IPAddress("0.0.0.0/0"))) { params.blockAll = true; if (config.m_excludedAddresses.size()) { @@ -182,7 +203,7 @@ bool WireguardUtilsLinux::deleteInterface() { QFile::remove(wgRuntimeDir.filePath(QString(WG_INTERFACE) + ".name")); // double-check + ensure our firewall is installed and enabled - LinuxFirewall::uninstall(); + KillSwitch::instance()->disableKillSwitch(); return true; } @@ -297,31 +318,6 @@ QList WireguardUtilsLinux::getPeerStatus() { return peerList; } - -void WireguardUtilsLinux::applyFirewallRules(FirewallParams& params) -{ - // double-check + ensure our firewall is installed and enabled - if (!LinuxFirewall::isInstalled()) LinuxFirewall::install(); - - // Note: rule precedence is handled inside IpTablesFirewall - LinuxFirewall::ensureRootAnchorPriority(); - - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), params.blockAll); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), params.allowNets); - LinuxFirewall::updateAllowNets(params.allowAddrs); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), params.blockNets); - LinuxFirewall::updateBlockNets(params.blockAddrs); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true); - LinuxFirewall::updateDNSServers(params.dnsServers); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true); -} - bool WireguardUtilsLinux::updateRoutePrefix(const IPAddress& prefix) { if (!m_rtmonitor) { return false; @@ -377,6 +373,26 @@ bool WireguardUtilsLinux::deleteExclusionRoute(const IPAddress& prefix) { return m_rtmonitor->deleteExclusionRoute(prefix); } +bool WireguardUtilsLinux::excludeLocalNetworks(const QList& routes) { + if (!m_rtmonitor) { + return false; + } + + // Explicitly discard LAN traffic that makes its way into the tunnel. This + // doesn't really exclude the LAN traffic, we just don't take any action to + // overrule the routes of other interfaces. + bool result = true; + for (const auto& prefix : routes) { + logger.error() << "Attempting to exclude:" << prefix.toString(); + if (!m_rtmonitor->insertRoute(prefix)) { + result = false; + } + } + + // TODO: A kill switch would be nice though :) + return result; +} + QString WireguardUtilsLinux::uapiCommand(const QString& command) { QLocalSocket socket; QTimer uapiTimeout; @@ -450,3 +466,27 @@ QString WireguardUtilsLinux::waitForTunnelName(const QString& filename) { return QString(); } + +void WireguardUtilsLinux::applyFirewallRules(FirewallParams& params) +{ + // double-check + ensure our firewall is installed and enabled + if (!LinuxFirewall::isInstalled()) LinuxFirewall::install(); + + // Note: rule precedence is handled inside IpTablesFirewall + LinuxFirewall::ensureRootAnchorPriority(); + + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), params.blockAll); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), params.allowNets); + LinuxFirewall::updateAllowNets(params.allowAddrs); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), params.blockNets); + LinuxFirewall::updateBlockNets(params.blockAddrs); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true); + LinuxFirewall::updateDNSServers(params.dnsServers); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true); +} diff --git a/client/platforms/linux/daemon/wireguardutilslinux.h b/client/platforms/linux/daemon/wireguardutilslinux.h index 9746ea4b..c324111d 100644 --- a/client/platforms/linux/daemon/wireguardutilslinux.h +++ b/client/platforms/linux/daemon/wireguardutilslinux.h @@ -37,6 +37,9 @@ public: bool addExclusionRoute(const IPAddress& prefix) override; bool deleteExclusionRoute(const IPAddress& prefix) override; + + bool excludeLocalNetworks(const QList& lanAddressRanges) override; + void applyFirewallRules(FirewallParams& params); signals: void backendFailure(); diff --git a/client/platforms/macos/daemon/iputilsmacos.cpp b/client/platforms/macos/daemon/iputilsmacos.cpp index 0599e2eb..901436ae 100644 --- a/client/platforms/macos/daemon/iputilsmacos.cpp +++ b/client/platforms/macos/daemon/iputilsmacos.cpp @@ -122,7 +122,7 @@ bool IPUtilsMacos::addIP4AddressToDevice(const InterfaceConfig& config) { // Set ifr to interface int ret = ioctl(sockfd, SIOCAIFADDR, &ifr); if (ret) { - logger.error() << "Failed to set IPv4: " << logger.sensitive(deviceAddr) + logger.error() << "Failed to set IPv4: " << deviceAddr << "error:" << strerror(errno); return false; } @@ -162,7 +162,7 @@ bool IPUtilsMacos::addIP6AddressToDevice(const InterfaceConfig& config) { // Set ifr to interface int ret = ioctl(sockfd, SIOCAIFADDR_IN6, &ifr6); if (ret) { - logger.error() << "Failed to set IPv6: " << logger.sensitive(deviceAddr) + logger.error() << "Failed to set IPv6: " << deviceAddr << "error:" << strerror(errno); return false; } diff --git a/client/platforms/macos/daemon/macosfirewall.cpp b/client/platforms/macos/daemon/macosfirewall.cpp index 0fe51f23..5211c440 100644 --- a/client/platforms/macos/daemon/macosfirewall.cpp +++ b/client/platforms/macos/daemon/macosfirewall.cpp @@ -43,8 +43,16 @@ namespace { #include "macosfirewall.h" -#define ResourceDir qApp->applicationDirPath() + "/pf" -#define DaemonDataDir qApp->applicationDirPath() + "/pf" +#include +#include + +// Read-only rules bundled with the application. +#define ResourceDir (qApp->applicationDirPath() + "/pf") + +// Writable location that does NOT live inside the signed bundle. Using a +// constant path under /Library/Application Support keeps the signature intact +// and is accessible to the root helper. +#define DaemonDataDir QStringLiteral("/Library/Application Support/AmneziaVPN/pf") #include @@ -121,6 +129,8 @@ void MacOSFirewall::install() logger.info() << "Installing PF root anchor"; installRootAnchors(); + // Ensure writable directory exists, then store the token there. + QDir().mkpath(DaemonDataDir); execute(QStringLiteral("pfctl -E 2>&1 | grep -F 'Token : ' | cut -c9- > '%1/pf.token'").arg(DaemonDataDir)); } diff --git a/client/platforms/macos/daemon/macosroutemonitor.cpp b/client/platforms/macos/daemon/macosroutemonitor.cpp index 395f008a..062f97f3 100644 --- a/client/platforms/macos/daemon/macosroutemonitor.cpp +++ b/client/platforms/macos/daemon/macosroutemonitor.cpp @@ -144,7 +144,7 @@ void MacosRouteMonitor::handleRtmDelete(const struct rt_msghdr* rtm, for (const IPAddress& prefix : m_exclusionRoutes) { if (prefix.address().protocol() == protocol) { logger.debug() << "Removing exclusion route to" - << logger.sensitive(prefix.toString()); + << prefix.toString(); rtmSendRoute(RTM_DELETE, prefix, rtm->rtm_index, nullptr); } } @@ -259,7 +259,7 @@ void MacosRouteMonitor::handleRtmUpdate(const struct rt_msghdr* rtm, for (const IPAddress& prefix : m_exclusionRoutes) { if (prefix.address().protocol() == protocol) { logger.debug() << "Updating exclusion route to" - << logger.sensitive(prefix.toString()); + << prefix.toString(); rtmSendRoute(rtm_type, prefix, ifindex, addrlist[1].constData()); } } @@ -358,8 +358,8 @@ void MacosRouteMonitor::rtmAppendAddr(struct rt_msghdr* rtm, size_t maxlen, } bool MacosRouteMonitor::rtmSendRoute(int action, const IPAddress& prefix, - unsigned int ifindex, - const void* gateway) { + unsigned int ifindex, const void* gateway, + int flags) { constexpr size_t rtm_max_size = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in6) * 2 + sizeof(struct sockaddr_storage); @@ -370,7 +370,7 @@ bool MacosRouteMonitor::rtmSendRoute(int action, const IPAddress& prefix, rtm->rtm_version = RTM_VERSION; rtm->rtm_type = action; rtm->rtm_index = ifindex; - rtm->rtm_flags = RTF_STATIC | RTF_UP; + rtm->rtm_flags = flags | RTF_STATIC | RTF_UP; rtm->rtm_addrs = 0; rtm->rtm_pid = 0; rtm->rtm_seq = m_rtseq++; @@ -490,7 +490,7 @@ bool MacosRouteMonitor::rtmFetchRoutes(int family) { return false; } -bool MacosRouteMonitor::insertRoute(const IPAddress& prefix) { +bool MacosRouteMonitor::insertRoute(const IPAddress& prefix, int flags) { struct sockaddr_dl datalink; memset(&datalink, 0, sizeof(datalink)); datalink.sdl_family = AF_LINK; @@ -502,16 +502,15 @@ bool MacosRouteMonitor::insertRoute(const IPAddress& prefix) { datalink.sdl_slen = 0; memcpy(&datalink.sdl_data, qPrintable(m_ifname), datalink.sdl_nlen); - return rtmSendRoute(RTM_ADD, prefix, m_ifindex, &datalink); + return rtmSendRoute(RTM_ADD, prefix, m_ifindex, &datalink, flags); } -bool MacosRouteMonitor::deleteRoute(const IPAddress& prefix) { - return rtmSendRoute(RTM_DELETE, prefix, m_ifindex, nullptr); +bool MacosRouteMonitor::deleteRoute(const IPAddress& prefix, int flags) { + return rtmSendRoute(RTM_DELETE, prefix, m_ifindex, nullptr, flags); } bool MacosRouteMonitor::addExclusionRoute(const IPAddress& prefix) { - logger.debug() << "Adding exclusion route for" - << logger.sensitive(prefix.toString()); + logger.debug() << "Adding exclusion route for" << prefix.toString(); if (m_exclusionRoutes.contains(prefix)) { logger.warning() << "Exclusion route already exists"; @@ -536,8 +535,7 @@ bool MacosRouteMonitor::addExclusionRoute(const IPAddress& prefix) { } bool MacosRouteMonitor::deleteExclusionRoute(const IPAddress& prefix) { - logger.debug() << "Deleting exclusion route for" - << logger.sensitive(prefix.toString()); + logger.debug() << "Deleting exclusion route for" << prefix.toString(); m_exclusionRoutes.removeAll(prefix); if (prefix.address().protocol() == QAbstractSocket::IPv4Protocol) { diff --git a/client/platforms/macos/daemon/macosroutemonitor.h b/client/platforms/macos/daemon/macosroutemonitor.h index b2483d76..78396690 100644 --- a/client/platforms/macos/daemon/macosroutemonitor.h +++ b/client/platforms/macos/daemon/macosroutemonitor.h @@ -24,8 +24,8 @@ class MacosRouteMonitor final : public QObject { MacosRouteMonitor(const QString& ifname, QObject* parent = nullptr); ~MacosRouteMonitor(); - bool insertRoute(const IPAddress& prefix); - bool deleteRoute(const IPAddress& prefix); + bool insertRoute(const IPAddress& prefix, int flags = 0); + bool deleteRoute(const IPAddress& prefix, int flags = 0); int interfaceFlags() { return m_ifflags; } bool addExclusionRoute(const IPAddress& prefix); @@ -37,7 +37,7 @@ class MacosRouteMonitor final : public QObject { void handleRtmUpdate(const struct rt_msghdr* msg, const QByteArray& payload); void handleIfaceInfo(const struct if_msghdr* msg, const QByteArray& payload); bool rtmSendRoute(int action, const IPAddress& prefix, unsigned int ifindex, - const void* gateway); + const void* gateway, int flags = 0); bool rtmFetchRoutes(int family); static void rtmAppendAddr(struct rt_msghdr* rtm, size_t maxlen, int rtaddr, const void* sa); diff --git a/client/platforms/macos/daemon/wireguardutilsmacos.cpp b/client/platforms/macos/daemon/wireguardutilsmacos.cpp index e2802ebc..cce4afab 100644 --- a/client/platforms/macos/daemon/wireguardutilsmacos.cpp +++ b/client/platforms/macos/daemon/wireguardutilsmacos.cpp @@ -5,6 +5,7 @@ #include "wireguardutilsmacos.h" #include +#include #include #include @@ -15,6 +16,8 @@ #include "leakdetector.h" #include "logger.h" +#include "killswitch.h" + constexpr const int WG_TUN_PROC_TIMEOUT = 5000; constexpr const char* WG_RUNTIME_DIR = "/var/run/amneziawg"; @@ -116,6 +119,12 @@ bool WireguardUtilsMacos::addInterface(const InterfaceConfig& config) { if (!config.m_responsePacketJunkSize.isEmpty()) { out << "s2=" << config.m_responsePacketJunkSize << "\n"; } + if (!config.m_cookieReplyPacketJunkSize.isEmpty()) { + out << "s3=" << config.m_cookieReplyPacketJunkSize << "\n"; + } + if (!config.m_transportPacketJunkSize.isEmpty()) { + out << "s4=" << config.m_transportPacketJunkSize << "\n"; + } if (!config.m_initPacketMagicHeader.isEmpty()) { out << "h1=" << config.m_initPacketMagicHeader << "\n"; } @@ -129,31 +138,43 @@ bool WireguardUtilsMacos::addInterface(const InterfaceConfig& config) { out << "h4=" << config.m_transportPacketMagicHeader << "\n"; } - int err = uapiErrno(uapiCommand(message)); + for (const QString& key : config.m_specialJunk.keys()) { + out << key.toLower() << "=" << config.m_specialJunk.value(key) << "\n"; + } + for (const QString& key : config.m_controlledJunk.keys()) { + out << key.toLower() << "=" << config.m_controlledJunk.value(key) << "\n"; + } + if (!config.m_specialHandshakeTimeout.isEmpty()) { + out << "itime=" << config.m_specialHandshakeTimeout << "\n"; + } + int err = uapiErrno(uapiCommand(message)); if (err != 0) { logger.error() << "Interface configuration failed:" << strerror(err); } else { - if (config.m_killSwitchEnabled) { - FirewallParams params { }; - params.dnsServers.append(config.m_dnsServer); + if (config.m_killSwitchEnabled) { + FirewallParams params { }; + params.dnsServers.append(config.m_primaryDnsServer); + if (!config.m_secondaryDnsServer.isEmpty()) { + params.dnsServers.append(config.m_secondaryDnsServer); + } - if (config.m_allowedIPAddressRanges.contains(IPAddress("0.0.0.0/0"))) { + if (config.m_allowedIPAddressRanges.contains(IPAddress("0.0.0.0/0"))) { params.blockAll = true; if (config.m_excludedAddresses.size()) { - params.allowNets = true; - foreach (auto net, config.m_excludedAddresses) { - params.allowAddrs.append(net.toUtf8()); - } + params.allowNets = true; + foreach (auto net, config.m_excludedAddresses) { + params.allowAddrs.append(net.toUtf8()); + } } - } else { + } else { params.blockNets = true; foreach (auto net, config.m_allowedIPAddressRanges) { - params.blockAddrs.append(net.toString()); + params.blockAddrs.append(net.toString()); } - } - applyFirewallRules(params); } + applyFirewallRules(params); + } } return (err == 0); } @@ -180,7 +201,7 @@ bool WireguardUtilsMacos::deleteInterface() { QFile::remove(wgRuntimeDir.filePath(QString(WG_INTERFACE) + ".name")); // double-check + ensure our firewall is installed and enabled - MacOSFirewall::uninstall(); + KillSwitch::instance()->disableKillSwitch(); return true; } @@ -211,7 +232,6 @@ bool WireguardUtilsMacos::updatePeer(const InterfaceConfig& config) { logger.warning() << "Failed to create peer with no endpoints"; return false; } - out << config.m_serverPort << "\n"; out << "replace_allowed_ips=true\n"; @@ -323,10 +343,10 @@ bool WireguardUtilsMacos::deleteRoutePrefix(const IPAddress& prefix) { if (!m_rtmonitor) { return false; } - if (prefix.prefixLength() > 0) { - return m_rtmonitor->insertRoute(prefix); - } + if (prefix.prefixLength() > 0) { + return m_rtmonitor->deleteRoute(prefix); + } // Ensure that we do not replace the default route. if (prefix.type() == QAbstractSocket::IPv4Protocol) { return m_rtmonitor->deleteRoute(IPAddress("0.0.0.0/1")) && @@ -346,31 +366,6 @@ bool WireguardUtilsMacos::addExclusionRoute(const IPAddress& prefix) { return m_rtmonitor->addExclusionRoute(prefix); } -void WireguardUtilsMacos::applyFirewallRules(FirewallParams& params) -{ - // double-check + ensure our firewall is installed and enabled. This is necessary as - // other software may disable pfctl before re-enabling with their own rules (e.g other VPNs) - if (!MacOSFirewall::isInstalled()) MacOSFirewall::install(); - - MacOSFirewall::ensureRootAnchorPriority(); - MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), params.blockAll); - MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), params.allowNets); - MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), params.allowNets, - QStringLiteral("allownets"), params.allowAddrs); - - MacOSFirewall::setAnchorEnabled(QStringLiteral("120.blockNets"), params.blockNets); - MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), params.blockNets, - QStringLiteral("blocknets"), params.blockAddrs); - - MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true); - MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), params.dnsServers); -} - bool WireguardUtilsMacos::deleteExclusionRoute(const IPAddress& prefix) { if (!m_rtmonitor) { return false; @@ -378,6 +373,26 @@ bool WireguardUtilsMacos::deleteExclusionRoute(const IPAddress& prefix) { return m_rtmonitor->deleteExclusionRoute(prefix); } +bool WireguardUtilsMacos::excludeLocalNetworks(const QList& routes) { + if (!m_rtmonitor) { + return false; + } + + // Explicitly discard LAN traffic that makes its way into the tunnel. This + // doesn't really exclude the LAN traffic, we just don't take any action to + // overrule the routes of other interfaces. + bool result = true; + for (const auto& prefix : routes) { + logger.error() << "Attempting to exclude:" << prefix.toString(); + if (!m_rtmonitor->insertRoute(prefix, RTF_IFSCOPE | RTF_REJECT)) { + result = false; + } + } + + // TODO: A kill switch would be nice though :) + return result; +} + QString WireguardUtilsMacos::uapiCommand(const QString& command) { QLocalSocket socket; QTimer uapiTimeout; @@ -454,3 +469,28 @@ QString WireguardUtilsMacos::waitForTunnelName(const QString& filename) { return QString(); } + +void WireguardUtilsMacos::applyFirewallRules(FirewallParams& params) +{ + // double-check + ensure our firewall is installed and enabled. This is necessary as + // other software may disable pfctl before re-enabling with their own rules (e.g other VPNs) + if (!MacOSFirewall::isInstalled()) MacOSFirewall::install(); + + MacOSFirewall::ensureRootAnchorPriority(); + MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), params.blockAll); + MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), params.allowNets); + MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), params.allowNets, + QStringLiteral("allownets"), params.allowAddrs); + + MacOSFirewall::setAnchorEnabled(QStringLiteral("120.blockNets"), params.blockNets); + MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), params.blockNets, + QStringLiteral("blocknets"), params.blockAddrs); + + MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true); + MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), params.dnsServers); +} diff --git a/client/platforms/macos/daemon/wireguardutilsmacos.h b/client/platforms/macos/daemon/wireguardutilsmacos.h index 243f4b64..3f0d3391 100644 --- a/client/platforms/macos/daemon/wireguardutilsmacos.h +++ b/client/platforms/macos/daemon/wireguardutilsmacos.h @@ -35,6 +35,9 @@ class WireguardUtilsMacos final : public WireguardUtils { bool addExclusionRoute(const IPAddress& prefix) override; bool deleteExclusionRoute(const IPAddress& prefix) override; + + bool excludeLocalNetworks(const QList& lanAddressRanges) override; + void applyFirewallRules(FirewallParams& params); signals: diff --git a/client/platforms/windows/daemon/windowsdaemon.cpp b/client/platforms/windows/daemon/windowsdaemon.cpp index 00435f0b..620e0a1c 100644 --- a/client/platforms/windows/daemon/windowsdaemon.cpp +++ b/client/platforms/windows/daemon/windowsdaemon.cpp @@ -5,6 +5,7 @@ #include "windowsdaemon.h" #include +#include #include #include @@ -15,28 +16,34 @@ #include #include +#include "daemon/daemonerrors.h" #include "dnsutilswindows.h" #include "leakdetector.h" #include "logger.h" -#include "core/networkUtilities.h" +#include "platforms/windows/daemon/windowsfirewall.h" +#include "platforms/windows/daemon/windowssplittunnel.h" #include "platforms/windows/windowscommons.h" -#include "platforms/windows/windowsservicemanager.h" #include "windowsfirewall.h" +#include "core/networkUtilities.h" + namespace { Logger logger("WindowsDaemon"); } -WindowsDaemon::WindowsDaemon() : Daemon(nullptr), m_splitTunnelManager(this) { +WindowsDaemon::WindowsDaemon() : Daemon(nullptr) { MZ_COUNT_CTOR(WindowsDaemon); + m_firewallManager = WindowsFirewall::create(this); + Q_ASSERT(m_firewallManager != nullptr); - m_wgutils = new WireguardUtilsWindows(this); + m_wgutils = WireguardUtilsWindows::create(m_firewallManager, this); m_dnsutils = new DnsUtilsWindows(this); + m_splitTunnelManager = WindowsSplitTunnel::create(m_firewallManager); - connect(m_wgutils, &WireguardUtilsWindows::backendFailure, this, + connect(m_wgutils.get(), &WireguardUtilsWindows::backendFailure, this, &WindowsDaemon::monitorBackendFailure); connect(this, &WindowsDaemon::activationFailure, - []() { WindowsFirewall::instance()->disableKillSwitch(); }); + [this]() { m_firewallManager->disableKillSwitch(); }); } WindowsDaemon::~WindowsDaemon() { @@ -57,28 +64,42 @@ void WindowsDaemon::prepareActivation(const InterfaceConfig& config, int inetAda void WindowsDaemon::activateSplitTunnel(const InterfaceConfig& config, int vpnAdapterIndex) { if (config.m_vpnDisabledApps.length() > 0) { - m_splitTunnelManager.start(m_inetAdapterIndex, vpnAdapterIndex); - m_splitTunnelManager.setRules(config.m_vpnDisabledApps); + m_splitTunnelManager->start(m_inetAdapterIndex, vpnAdapterIndex); + m_splitTunnelManager->excludeApps(config.m_vpnDisabledApps); } else { - m_splitTunnelManager.stop(); + m_splitTunnelManager->stop(); } } bool WindowsDaemon::run(Op op, const InterfaceConfig& config) { - if (op == Down) { - m_splitTunnelManager.stop(); + if (!m_splitTunnelManager) { + if (config.m_vpnDisabledApps.length() > 0) { + // The Client has sent us a list of disabled apps, but we failed + // to init the the split tunnel driver. + // So let the client know this was not possible + emit backendFailure(DaemonError::ERROR_SPLIT_TUNNEL_INIT_FAILURE); + } return true; } - if (op == Up) { - logger.debug() << "Tunnel UP, Starting SplitTunneling"; - if (!WindowsSplitTunnel::isInstalled()) { - logger.warning() << "Split Tunnel Driver not Installed yet, fixing this."; - WindowsSplitTunnel::installDriver(); - } + if (op == Down) { + m_splitTunnelManager->stop(); + return true; } - - activateSplitTunnel(config); + if (config.m_vpnDisabledApps.length() > 0) { + if (!m_splitTunnelManager->start(m_inetAdapterIndex)) { + emit backendFailure(DaemonError::ERROR_SPLIT_TUNNEL_START_FAILURE); + }; + if (!m_splitTunnelManager->excludeApps(config.m_vpnDisabledApps)) { + emit backendFailure(DaemonError::ERROR_SPLIT_TUNNEL_EXCLUDE_FAILURE); + }; + // Now the driver should be running (State == 4) + if (!m_splitTunnelManager->isRunning()) { + emit backendFailure(DaemonError::ERROR_SPLIT_TUNNEL_START_FAILURE); + } + return true; + } + m_splitTunnelManager->stop(); return true; } diff --git a/client/platforms/windows/daemon/windowsdaemon.h b/client/platforms/windows/daemon/windowsdaemon.h index 7e38c41e..b17dc811 100644 --- a/client/platforms/windows/daemon/windowsdaemon.h +++ b/client/platforms/windows/daemon/windowsdaemon.h @@ -5,8 +5,11 @@ #ifndef WINDOWSDAEMON_H #define WINDOWSDAEMON_H +#include + #include "daemon/daemon.h" #include "dnsutilswindows.h" +#include "windowsfirewall.h" #include "windowssplittunnel.h" #include "windowstunnelservice.h" #include "wireguardutilswindows.h" @@ -25,7 +28,7 @@ class WindowsDaemon final : public Daemon { protected: bool run(Op op, const InterfaceConfig& config) override; - WireguardUtils* wgutils() const override { return m_wgutils; } + WireguardUtils* wgutils() const override { return m_wgutils.get(); } DnsUtils* dnsutils() override { return m_dnsutils; } private: @@ -39,9 +42,10 @@ class WindowsDaemon final : public Daemon { int m_inetAdapterIndex = -1; - WireguardUtilsWindows* m_wgutils = nullptr; + std::unique_ptr m_wgutils; DnsUtilsWindows* m_dnsutils = nullptr; - WindowsSplitTunnel m_splitTunnelManager; + std::unique_ptr m_splitTunnelManager; + QPointer m_firewallManager; }; #endif // WINDOWSDAEMON_H diff --git a/client/platforms/windows/daemon/windowsfirewall.cpp b/client/platforms/windows/daemon/windowsfirewall.cpp index 3d45f228..2556c417 100644 --- a/client/platforms/windows/daemon/windowsfirewall.cpp +++ b/client/platforms/windows/daemon/windowsfirewall.cpp @@ -9,11 +9,12 @@ #include #include #include -//#include -#include - +#include +#include #include #include +#include +#include "winsock.h" #include #include @@ -27,7 +28,8 @@ #include "leakdetector.h" #include "logger.h" #include "platforms/windows/windowsutils.h" -#include "winsock.h" + +#include "killswitch.h" #define IPV6_ADDRESS_SIZE 16 @@ -49,18 +51,13 @@ constexpr uint8_t HIGH_WEIGHT = 13; constexpr uint8_t MAX_WEIGHT = 15; } // namespace -WindowsFirewall* WindowsFirewall::instance() { - if (s_instance == nullptr) { - s_instance = new WindowsFirewall(qApp); +WindowsFirewall* WindowsFirewall::create(QObject* parent) { + if (s_instance != nullptr) { + // Only one instance of the firewall is allowed +// Q_ASSERT(false); + return s_instance; } - return s_instance; -} - -WindowsFirewall::WindowsFirewall(QObject* parent) : QObject(parent) { - MZ_COUNT_CTOR(WindowsFirewall); - Q_ASSERT(s_instance == nullptr); - - HANDLE engineHandle = NULL; + HANDLE engineHandle = nullptr; DWORD result = ERROR_SUCCESS; // Use dynamic sessions for efficiency and safety: // -> Filtering policy objects are deleted even when the application crashes/ @@ -71,15 +68,24 @@ WindowsFirewall::WindowsFirewall(QObject* parent) : QObject(parent) { logger.debug() << "Opening the filter engine."; - result = - FwpmEngineOpen0(NULL, RPC_C_AUTHN_WINNT, NULL, &session, &engineHandle); + result = FwpmEngineOpen0(nullptr, RPC_C_AUTHN_WINNT, nullptr, &session, + &engineHandle); if (result != ERROR_SUCCESS) { WindowsUtils::windowsLog("FwpmEngineOpen0 failed"); - return; + return nullptr; } logger.debug() << "Filter engine opened successfully."; - m_sessionHandle = engineHandle; + if (!initSublayer()) { + return nullptr; + } + s_instance = new WindowsFirewall(engineHandle, parent); + return s_instance; +} + +WindowsFirewall::WindowsFirewall(HANDLE session, QObject* parent) + : QObject(parent), m_sessionHandle(session) { + MZ_COUNT_CTOR(WindowsFirewall); } WindowsFirewall::~WindowsFirewall() { @@ -89,15 +95,8 @@ WindowsFirewall::~WindowsFirewall() { } } -bool WindowsFirewall::init() { - if (m_init) { - logger.warning() << "Alread initialised FW_WFP layer"; - return true; - } - if (m_sessionHandle == INVALID_HANDLE_VALUE) { - logger.error() << "Cant Init Sublayer with invalid wfp handle"; - return false; - } +// static +bool WindowsFirewall::initSublayer() { // If we were not able to aquire a handle, this will fail anyway. // We need to open up another handle because of wfp rules: // If a wfp resource was created with SESSION_DYNAMIC, @@ -157,11 +156,10 @@ bool WindowsFirewall::init() { return false; } logger.debug() << "Initialised Sublayer"; - m_init = true; return true; } -bool WindowsFirewall::enableKillSwitch(int vpnAdapterIndex) { +bool WindowsFirewall::enableInterface(int vpnAdapterIndex) { // Checks if the FW_Rule was enabled succesfully, // disables the whole killswitch and returns false if not. #define FW_OK(rule) \ @@ -185,21 +183,95 @@ bool WindowsFirewall::enableKillSwitch(int vpnAdapterIndex) { } logger.info() << "Enabling Killswitch Using Adapter:" << vpnAdapterIndex; + if (vpnAdapterIndex < 0) + { + IPAddress allv4("0.0.0.0/0"); + if (!blockTrafficTo(allv4, MED_WEIGHT, + "Block Internet", "killswitch")) { + return false; + } + IPAddress allv6("::/0"); + if (!blockTrafficTo(allv6, MED_WEIGHT, + "Block Internet", "killswitch")) { + return false; + } + } else FW_OK(allowTrafficOfAdapter(vpnAdapterIndex, MED_WEIGHT, - "Allow usage of VPN Adapter")); + "Allow usage of VPN Adapter")); FW_OK(allowDHCPTraffic(MED_WEIGHT, "Allow DHCP Traffic")); - FW_OK(allowHyperVTraffic(MED_WEIGHT, "Allow Hyper-V Traffic")); + FW_OK(allowHyperVTraffic(MAX_WEIGHT, "Allow Hyper-V Traffic")); FW_OK(allowTrafficForAppOnAll(getCurrentPath(), MAX_WEIGHT, "Allow all for AmneziaVPN.exe")); FW_OK(blockTrafficOnPort(53, MED_WEIGHT, "Block all DNS")); - FW_OK( - allowLoopbackTraffic(MED_WEIGHT, "Allow Loopback traffic on device %1")); + FW_OK(allowLoopbackTraffic(MED_WEIGHT, + "Allow Loopback traffic on device %1")); logger.debug() << "Killswitch on! Rules:" << m_activeRules.length(); return true; #undef FW_OK } +// Allow unprotected traffic sent to the following local address ranges. +bool WindowsFirewall::enableLanBypass(const QList& ranges) { + // Start the firewall transaction + auto result = FwpmTransactionBegin(m_sessionHandle, NULL); + if (result != ERROR_SUCCESS) { + disableKillSwitch(); + return false; + } + auto cleanup = qScopeGuard([&] { + FwpmTransactionAbort0(m_sessionHandle); + disableKillSwitch(); + }); + + // Blocking unprotected traffic + for (const IPAddress& prefix : ranges) { + if (!allowTrafficTo(prefix, LOW_WEIGHT + 1, "Allow LAN bypass traffic")) { + return false; + } + } + + result = FwpmTransactionCommit0(m_sessionHandle); + if (result != ERROR_SUCCESS) { + logger.error() << "FwpmTransactionCommit0 failed with error:" << result; + return false; + } + + cleanup.dismiss(); + return true; +} + +// Allow unprotected traffic sent to the following address ranges. +bool WindowsFirewall::allowTrafficRange(const QStringList& ranges) { + // Start the firewall transaction + auto result = FwpmTransactionBegin(m_sessionHandle, NULL); + if (result != ERROR_SUCCESS) { + disableKillSwitch(); + return false; + } + auto cleanup = qScopeGuard([&] { + FwpmTransactionAbort0(m_sessionHandle); + disableKillSwitch(); + }); + + for (const QString& addr : ranges) { + logger.debug() << "Allow killswitch exclude: " << addr; + if (!allowTrafficTo(QHostAddress(addr), HIGH_WEIGHT, "Allow killswitch bypass traffic")) { + return false; + } + } + + result = FwpmTransactionCommit0(m_sessionHandle); + if (result != ERROR_SUCCESS) { + logger.error() << "FwpmTransactionCommit0 failed with error:" << result; + return false; + } + + cleanup.dismiss(); + return true; +} + + bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) { // Start the firewall transaction auto result = FwpmTransactionBegin(m_sessionHandle, NULL); @@ -219,15 +291,15 @@ bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) { "Block Internet", config.m_serverPublicKey)) { return false; } - if (!config.m_dnsServer.isEmpty()) { - if (!allowTrafficTo(QHostAddress(config.m_dnsServer), 53, HIGH_WEIGHT, + if (!config.m_primaryDnsServer.isEmpty()) { + if (!allowTrafficTo(QHostAddress(config.m_primaryDnsServer), 53, HIGH_WEIGHT, "Allow DNS-Server", config.m_serverPublicKey)) { return false; } // In some cases, we might configure a 2nd DNS server for IPv6, however // this should probably be cleaned up by converting m_dnsServer into // a QStringList instead. - if (config.m_dnsServer == config.m_serverIpv4Gateway) { + if (config.m_primaryDnsServer == config.m_serverIpv4Gateway) { if (!allowTrafficTo(QHostAddress(config.m_serverIpv6Gateway), 53, HIGH_WEIGHT, "Allow extra IPv6 DNS-Server", config.m_serverPublicKey)) { @@ -236,11 +308,36 @@ bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) { } } + if (!config.m_secondaryDnsServer.isEmpty()) { + if (!allowTrafficTo(QHostAddress(config.m_secondaryDnsServer), 53, HIGH_WEIGHT, + "Allow DNS-Server", config.m_serverPublicKey)) { + return false; + } + // In some cases, we might configure a 2nd DNS server for IPv6, however + // this should probably be cleaned up by converting m_dnsServer into + // a QStringList instead. + if (config.m_secondaryDnsServer == config.m_serverIpv4Gateway) { + if (!allowTrafficTo(QHostAddress(config.m_serverIpv6Gateway), 53, + HIGH_WEIGHT, "Allow extra IPv6 DNS-Server", + config.m_serverPublicKey)) { + return false; + } + } + } + + for (const QString& dns : config.m_allowedDnsServers) { + logger.debug() << "Allow DNS: " << dns; + if (!allowTrafficTo(QHostAddress(dns), 53, HIGH_WEIGHT, + "Allow DNS-Server", config.m_serverPublicKey)) { + return false; + } + } + if (!config.m_excludedAddresses.empty()) { for (const QString& i : config.m_excludedAddresses) { - logger.debug() << "range: " << i; + logger.debug() << "excludedAddresses range: " << i; - if (!allowTrafficToRange(i, HIGH_WEIGHT, + if (!allowTrafficTo(i, HIGH_WEIGHT, "Allow Ecxlude route", config.m_serverPublicKey)) { return false; } @@ -287,37 +384,41 @@ bool WindowsFirewall::disablePeerTraffic(const QString& pubkey) { } bool WindowsFirewall::disableKillSwitch() { - auto result = FwpmTransactionBegin(m_sessionHandle, NULL); - auto cleanup = qScopeGuard([&] { + return KillSwitch::instance()->disableKillSwitch(); +} + +bool WindowsFirewall::allowAllTraffic() { + auto result = FwpmTransactionBegin(m_sessionHandle, NULL); + auto cleanup = qScopeGuard([&] { + if (result != ERROR_SUCCESS) { + FwpmTransactionAbort0(m_sessionHandle); + } + }); if (result != ERROR_SUCCESS) { - FwpmTransactionAbort0(m_sessionHandle); + logger.error() << "FwpmTransactionBegin0 failed. Return value:.\n" + << result; + return false; } - }); - if (result != ERROR_SUCCESS) { - logger.error() << "FwpmTransactionBegin0 failed. Return value:.\n" - << result; - return false; - } - for (const auto& filterID : m_peerRules.values()) { - FwpmFilterDeleteById0(m_sessionHandle, filterID); - } + for (const auto& filterID : m_peerRules.values()) { + FwpmFilterDeleteById0(m_sessionHandle, filterID); + } - for (const auto& filterID : qAsConst(m_activeRules)) { - FwpmFilterDeleteById0(m_sessionHandle, filterID); - } + for (const auto& filterID : qAsConst(m_activeRules)) { + FwpmFilterDeleteById0(m_sessionHandle, filterID); + } - // Commit! - result = FwpmTransactionCommit0(m_sessionHandle); - if (result != ERROR_SUCCESS) { - logger.error() << "FwpmTransactionCommit0 failed. Return value:.\n" - << result; - return false; - } - m_peerRules.clear(); - m_activeRules.clear(); - logger.debug() << "Firewall Disabled!"; - return true; + // Commit! + result = FwpmTransactionCommit0(m_sessionHandle); + if (result != ERROR_SUCCESS) { + logger.error() << "FwpmTransactionCommit0 failed. Return value:.\n" + << result; + return false; + } + m_peerRules.clear(); + m_activeRules.clear(); + logger.debug() << "Firewall Disabled!"; + return true; } bool WindowsFirewall::allowTrafficForAppOnAll(const QString& exePath, @@ -421,9 +522,59 @@ bool WindowsFirewall::allowTrafficOfAdapter(int networkAdapter, uint8_t weight, return true; } +bool WindowsFirewall::allowTrafficTo(const IPAddress& addr, int weight, + const QString& title, + const QString& peer) { + GUID layerKeyOut; + GUID layerKeyIn; + if (addr.type() == QAbstractSocket::IPv4Protocol) { + layerKeyOut = FWPM_LAYER_ALE_AUTH_CONNECT_V4; + layerKeyIn = FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4; + } else { + layerKeyOut = FWPM_LAYER_ALE_AUTH_CONNECT_V6; + layerKeyIn = FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6; + } + + // Match the IP address range. + FWPM_FILTER_CONDITION0 cond[1] = {}; + FWP_RANGE0 ipRange; + QByteArray lowIpV6Buffer; + QByteArray highIpV6Buffer; + + importAddress(addr.address(), ipRange.valueLow, &lowIpV6Buffer); + importAddress(addr.broadcastAddress(), ipRange.valueHigh, &highIpV6Buffer); + + cond[0].fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS; + cond[0].matchType = FWP_MATCH_RANGE; + cond[0].conditionValue.type = FWP_RANGE_TYPE; + cond[0].conditionValue.rangeValue = &ipRange; + + // Assemble the Filter base + FWPM_FILTER0 filter; + memset(&filter, 0, sizeof(filter)); + filter.action.type = FWP_ACTION_PERMIT; + filter.weight.type = FWP_UINT8; + filter.weight.uint8 = weight; + filter.subLayerKey = ST_FW_WINFW_BASELINE_SUBLAYER_KEY; + filter.numFilterConditions = 1; + filter.filterCondition = cond; + + // Send the filters down to the firewall. + QString description = "Permit traffic %1 " + addr.toString(); + filter.layerKey = layerKeyOut; + if (!enableFilter(&filter, title, description.arg("to"), peer)) { + return false; + } + filter.layerKey = layerKeyIn; + if (!enableFilter(&filter, title, description.arg("from"), peer)) { + return false; + } + return true; +} + bool WindowsFirewall::allowTrafficTo(const QHostAddress& targetIP, uint port, - int weight, const QString& title, - const QString& peer) { + int weight, const QString& title, + const QString& peer) { bool isIPv4 = targetIP.protocol() == QAbstractSocket::IPv4Protocol; GUID layerOut = isIPv4 ? FWPM_LAYER_ALE_AUTH_CONNECT_V4 : FWPM_LAYER_ALE_AUTH_CONNECT_V6; @@ -484,57 +635,6 @@ bool WindowsFirewall::allowTrafficTo(const QHostAddress& targetIP, uint port, return true; } -bool WindowsFirewall::allowTrafficToRange(const IPAddress& addr, uint8_t weight, - const QString& title, - const QString& peer) { - QString description("Allow traffic %1 %2 "); - - auto lower = addr.address(); - auto upper = addr.broadcastAddress(); - - const bool isV4 = addr.type() == QAbstractSocket::IPv4Protocol; - const GUID layerKeyOut = - isV4 ? FWPM_LAYER_ALE_AUTH_CONNECT_V4 : FWPM_LAYER_ALE_AUTH_CONNECT_V6; - const GUID layerKeyIn = isV4 ? FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4 - : FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6; - - // Assemble the Filter base - FWPM_FILTER0 filter; - memset(&filter, 0, sizeof(filter)); - filter.action.type = FWP_ACTION_PERMIT; - filter.weight.type = FWP_UINT8; - filter.weight.uint8 = weight; - filter.subLayerKey = ST_FW_WINFW_BASELINE_SUBLAYER_KEY; - - FWPM_FILTER_CONDITION0 cond[1] = {0}; - FWP_RANGE0 ipRange; - QByteArray lowIpV6Buffer; - QByteArray highIpV6Buffer; - - importAddress(lower, ipRange.valueLow, &lowIpV6Buffer); - importAddress(upper, ipRange.valueHigh, &highIpV6Buffer); - - cond[0].fieldKey = FWPM_CONDITION_IP_REMOTE_ADDRESS; - cond[0].matchType = FWP_MATCH_RANGE; - cond[0].conditionValue.type = FWP_RANGE_TYPE; - cond[0].conditionValue.rangeValue = &ipRange; - - filter.numFilterConditions = 1; - filter.filterCondition = cond; - - filter.layerKey = layerKeyOut; - if (!enableFilter(&filter, title, description.arg("to").arg(addr.toString()), - peer)) { - return false; - } - filter.layerKey = layerKeyIn; - if (!enableFilter(&filter, title, - description.arg("from").arg(addr.toString()), peer)) { - return false; - } - return true; -} - bool WindowsFirewall::allowDHCPTraffic(uint8_t weight, const QString& title) { // Allow outbound DHCPv4 { @@ -734,7 +834,7 @@ bool WindowsFirewall::blockTrafficTo(const IPAddress& addr, uint8_t weight, filter.weight.uint8 = weight; filter.subLayerKey = ST_FW_WINFW_BASELINE_SUBLAYER_KEY; - FWPM_FILTER_CONDITION0 cond[1] = {0}; + FWPM_FILTER_CONDITION0 cond[1] = {}; FWP_RANGE0 ipRange; QByteArray lowIpV6Buffer; QByteArray highIpV6Buffer; diff --git a/client/platforms/windows/daemon/windowsfirewall.h b/client/platforms/windows/daemon/windowsfirewall.h index e0d5ebe8..9a0062da 100644 --- a/client/platforms/windows/daemon/windowsfirewall.h +++ b/client/platforms/windows/daemon/windowsfirewall.h @@ -26,18 +26,29 @@ struct FWP_CONDITION_VALUE0_; class WindowsFirewall final : public QObject { public: - ~WindowsFirewall(); + /** + * @brief Opens the Windows Filtering Platform, initializes the session, + * sublayer. Returns a WindowsFirewall object if successful, otherwise + * nullptr. If there is already a WindowsFirewall object, it will be returned. + * + * @param parent - parent QObject + * @return WindowsFirewall* - nullptr if failed to open the Windows Filtering + * Platform. + */ + static WindowsFirewall* create(QObject* parent); + ~WindowsFirewall() override; - static WindowsFirewall* instance(); - bool init(); - - bool enableKillSwitch(int vpnAdapterIndex); + bool enableInterface(int vpnAdapterIndex); + bool enableLanBypass(const QList& ranges); bool enablePeerTraffic(const InterfaceConfig& config); bool disablePeerTraffic(const QString& pubkey); bool disableKillSwitch(); + bool allowAllTraffic(); + bool allowTrafficRange(const QStringList& ranges); private: - WindowsFirewall(QObject* parent); + static bool initSublayer(); + WindowsFirewall(HANDLE session, QObject* parent); HANDLE m_sessionHandle; bool m_init = false; QList m_activeRules; @@ -50,11 +61,10 @@ class WindowsFirewall final : public QObject { bool blockTrafficTo(const IPAddress& addr, uint8_t weight, const QString& title, const QString& peer = QString()); bool blockTrafficOnPort(uint port, uint8_t weight, const QString& title); + bool allowTrafficTo(const IPAddress& addr, int weight, const QString& title, + const QString& peer = QString()); bool allowTrafficTo(const QHostAddress& targetIP, uint port, int weight, const QString& title, const QString& peer = QString()); - bool allowTrafficToRange(const IPAddress& addr, uint8_t weight, - const QString& title, - const QString& peer); bool allowTrafficOfAdapter(int networkAdapter, uint8_t weight, const QString& title); bool allowDHCPTraffic(uint8_t weight, const QString& title); diff --git a/client/platforms/windows/daemon/windowsroutemonitor.cpp b/client/platforms/windows/daemon/windowsroutemonitor.cpp index 69967526..1d0ce4c2 100644 --- a/client/platforms/windows/daemon/windowsroutemonitor.cpp +++ b/client/platforms/windows/daemon/windowsroutemonitor.cpp @@ -13,6 +13,12 @@ namespace { Logger logger("WindowsRouteMonitor"); }; // namespace +// Attempt to mark routing entries that we create with a relatively +// high metric. This ensures that we can skip over routes of our own +// creation when processing route changes, and ensures that we give +// way to other routing entries. +constexpr const ULONG EXCLUSION_ROUTE_METRIC = 0x5e72; + // Called by the kernel on route changes - perform some basic filtering and // invoke the routeChanged slot to do the real work. static void routeChangeCallback(PVOID context, PMIB_IPFORWARD_ROW2 row, @@ -20,22 +26,17 @@ static void routeChangeCallback(PVOID context, PMIB_IPFORWARD_ROW2 row, WindowsRouteMonitor* monitor = (WindowsRouteMonitor*)context; Q_UNUSED(type); - // Ignore host route changes, and unsupported protocols. - if (row->DestinationPrefix.Prefix.si_family == AF_INET6) { - if (row->DestinationPrefix.PrefixLength >= 128) { - return; - } - } else if (row->DestinationPrefix.Prefix.si_family == AF_INET) { - if (row->DestinationPrefix.PrefixLength >= 32) { - return; - } - } else { + // Ignore route changes that we created. + if ((row->Protocol == MIB_IPPROTO_NETMGMT) && + (row->Metric == EXCLUSION_ROUTE_METRIC)) { + return; + } + if (monitor->getLuid() == row->InterfaceLuid.Value) { return; } - if (monitor->getLuid() != row->InterfaceLuid.Value) { - QMetaObject::invokeMethod(monitor, "routeChanged", Qt::QueuedConnection); - } + // Invoke the route changed signal to do the real work in Qt. + QMetaObject::invokeMethod(monitor, "routeChanged", Qt::QueuedConnection); } // Perform prefix matching comparison on IP addresses in host order. @@ -57,7 +58,8 @@ static int prefixcmp(const void* a, const void* b, size_t bits) { return 0; } -WindowsRouteMonitor::WindowsRouteMonitor(QObject* parent) : QObject(parent) { +WindowsRouteMonitor::WindowsRouteMonitor(quint64 luid, QObject* parent) + : QObject(parent), m_luid(luid) { MZ_COUNT_CTOR(WindowsRouteMonitor); logger.debug() << "WindowsRouteMonitor created."; @@ -67,11 +69,13 @@ WindowsRouteMonitor::WindowsRouteMonitor(QObject* parent) : QObject(parent) { WindowsRouteMonitor::~WindowsRouteMonitor() { MZ_COUNT_DTOR(WindowsRouteMonitor); CancelMibChangeNotify2(m_routeHandle); - flushExclusionRoutes(); + + flushRouteTable(m_exclusionRoutes); + flushRouteTable(m_clonedRoutes); logger.debug() << "WindowsRouteMonitor destroyed."; } -void WindowsRouteMonitor::updateValidInterfaces(int family) { +void WindowsRouteMonitor::updateInterfaceMetrics(int family) { PMIB_IPINTERFACE_TABLE table; DWORD result = GetIpInterfaceTable(family, &table); if (result != NO_ERROR) { @@ -82,10 +86,10 @@ void WindowsRouteMonitor::updateValidInterfaces(int family) { // Flush the list of interfaces that are valid for routing. if ((family == AF_INET) || (family == AF_UNSPEC)) { - m_validInterfacesIpv4.clear(); + m_interfaceMetricsIpv4.clear(); } if ((family == AF_INET6) || (family == AF_UNSPEC)) { - m_validInterfacesIpv6.clear(); + m_interfaceMetricsIpv6.clear(); } // Rebuild the list of interfaces that are valid for routing. @@ -101,12 +105,12 @@ void WindowsRouteMonitor::updateValidInterfaces(int family) { if (row->Family == AF_INET) { logger.debug() << "Interface" << row->InterfaceIndex << "is valid for IPv4 routing"; - m_validInterfacesIpv4.append(row->InterfaceLuid.Value); + m_interfaceMetricsIpv4[row->InterfaceLuid.Value] = row->Metric; } if (row->Family == AF_INET6) { logger.debug() << "Interface" << row->InterfaceIndex << "is valid for IPv6 routing"; - m_validInterfacesIpv6.append(row->InterfaceLuid.Value); + m_interfaceMetricsIpv6[row->InterfaceLuid.Value] = row->Metric; } } } @@ -126,72 +130,72 @@ void WindowsRouteMonitor::updateExclusionRoute(MIB_IPFORWARD_ROW2* data, if (row->InterfaceLuid.Value == m_luid) { continue; } - // Ignore host routes, and shorter potential matches. - if (row->DestinationPrefix.PrefixLength >= - data->DestinationPrefix.PrefixLength) { + if (row->DestinationPrefix.PrefixLength < bestMatch) { continue; } - if (row->DestinationPrefix.PrefixLength < bestMatch) { + // Ignore routes of our own creation. + if ((row->Protocol == data->Protocol) && (row->Metric == data->Metric)) { continue; } // Check if the routing table entry matches the destination. + if (!routeContainsDest(&row->DestinationPrefix, &data->DestinationPrefix)) { + continue; + } + + // Compute the combined interface and routing metric. + ULONG routeMetric = row->Metric; if (data->DestinationPrefix.Prefix.si_family == AF_INET6) { - if (row->DestinationPrefix.Prefix.Ipv6.sin6_family != AF_INET6) { - continue; - } - if (!m_validInterfacesIpv6.contains(row->InterfaceLuid.Value)) { - continue; - } - if (prefixcmp(&data->DestinationPrefix.Prefix.Ipv6.sin6_addr, - &row->DestinationPrefix.Prefix.Ipv6.sin6_addr, - row->DestinationPrefix.PrefixLength) != 0) { + if (!m_interfaceMetricsIpv6.contains(row->InterfaceLuid.Value)) { continue; } + routeMetric += m_interfaceMetricsIpv6[row->InterfaceLuid.Value]; } else if (data->DestinationPrefix.Prefix.si_family == AF_INET) { - if (row->DestinationPrefix.Prefix.Ipv4.sin_family != AF_INET) { - continue; - } - if (!m_validInterfacesIpv4.contains(row->InterfaceLuid.Value)) { - continue; - } - if (prefixcmp(&data->DestinationPrefix.Prefix.Ipv4.sin_addr, - &row->DestinationPrefix.Prefix.Ipv4.sin_addr, - row->DestinationPrefix.PrefixLength) != 0) { + if (!m_interfaceMetricsIpv4.contains(row->InterfaceLuid.Value)) { continue; } + routeMetric += m_interfaceMetricsIpv4[row->InterfaceLuid.Value]; } else { // Unsupported destination address family. continue; } + if (routeMetric < row->Metric) { + routeMetric = ULONG_MAX; + } // Prefer routes with lower metric if we find multiple matches // with the same prefix length. if ((row->DestinationPrefix.PrefixLength == bestMatch) && - (row->Metric >= bestMetric)) { + (routeMetric >= bestMetric)) { continue; } // If we got here, then this is the longest prefix match so far. memcpy(&nexthop, &row->NextHop, sizeof(SOCKADDR_INET)); - bestLuid = row->InterfaceLuid.Value; bestMatch = row->DestinationPrefix.PrefixLength; - bestMetric = row->Metric; + bestMetric = routeMetric; + if (bestMatch == data->DestinationPrefix.PrefixLength) { + bestLuid = 0; // Don't write to the table if we find an exact match. + } else { + bestLuid = row->InterfaceLuid.Value; + } } // If neither the interface nor next-hop have changed, then do nothing. - if ((data->InterfaceLuid.Value) == bestLuid && + if (data->InterfaceLuid.Value == bestLuid && memcmp(&nexthop, &data->NextHop, sizeof(SOCKADDR_INET)) == 0) { return; } - // Update the routing table entry. + // Delete the previous routing table entry, if any. if (data->InterfaceLuid.Value != 0) { DWORD result = DeleteIpForwardEntry2(data); if ((result != NO_ERROR) && (result != ERROR_NOT_FOUND)) { logger.error() << "Failed to delete route:" << result; } } + + // Update the routing table entry. data->InterfaceLuid.Value = bestLuid; memcpy(&data->NextHop, &nexthop, sizeof(SOCKADDR_INET)); if (data->InterfaceLuid.Value != 0) { @@ -202,9 +206,174 @@ void WindowsRouteMonitor::updateExclusionRoute(MIB_IPFORWARD_ROW2* data, } } +// static +bool WindowsRouteMonitor::routeContainsDest(const IP_ADDRESS_PREFIX* route, + const IP_ADDRESS_PREFIX* dest) { + if (route->Prefix.si_family != dest->Prefix.si_family) { + return false; + } + if (route->PrefixLength > dest->PrefixLength) { + return false; + } + if (route->Prefix.si_family == AF_INET) { + return prefixcmp(&route->Prefix.Ipv4.sin_addr, &dest->Prefix.Ipv4.sin_addr, + route->PrefixLength) == 0; + } else if (route->Prefix.si_family == AF_INET6) { + return prefixcmp(&route->Prefix.Ipv6.sin6_addr, + &dest->Prefix.Ipv6.sin6_addr, route->PrefixLength) == 0; + } else { + return false; + } +} + +// static +QHostAddress WindowsRouteMonitor::prefixToAddress( + const IP_ADDRESS_PREFIX* dest) { + if (dest->Prefix.si_family == AF_INET6) { + return QHostAddress(dest->Prefix.Ipv6.sin6_addr.s6_addr); + } else if (dest->Prefix.si_family == AF_INET) { + quint32 addr = htonl(dest->Prefix.Ipv4.sin_addr.s_addr); + return QHostAddress(addr); + } else { + return QHostAddress(); + } +} + +bool WindowsRouteMonitor::isRouteExcluded(const IP_ADDRESS_PREFIX* dest) const { + auto i = m_exclusionRoutes.constBegin(); + while (i != m_exclusionRoutes.constEnd()) { + const MIB_IPFORWARD_ROW2* row = i.value(); + if (routeContainsDest(&row->DestinationPrefix, dest)) { + return true; + } + i++; + } + return false; +} + +void WindowsRouteMonitor::updateCapturedRoutes(int family) { + if (!m_defaultRouteCapture) { + return; + } + + PMIB_IPFORWARD_TABLE2 table; + DWORD error = GetIpForwardTable2(family, &table); + if (error != NO_ERROR) { + updateCapturedRoutes(family, table); + FreeMibTable(table); + } +} + +void WindowsRouteMonitor::updateCapturedRoutes(int family, void* ptable) { + PMIB_IPFORWARD_TABLE2 table = reinterpret_cast(ptable); + if (!m_defaultRouteCapture) { + return; + } + + for (ULONG i = 0; i < table->NumEntries; i++) { + MIB_IPFORWARD_ROW2* row = &table->Table[i]; + // Ignore routes into the VPN interface. + if (row->InterfaceLuid.Value == m_luid) { + continue; + } + // Ignore the default route + if (row->DestinationPrefix.PrefixLength == 0) { + continue; + } + // Ignore routes of our own creation. + if ((row->Protocol == MIB_IPPROTO_NETMGMT) && + (row->Metric == EXCLUSION_ROUTE_METRIC)) { + continue; + } + // Ignore routes which should be excluded. + if (isRouteExcluded(&row->DestinationPrefix)) { + continue; + } + QHostAddress destination = prefixToAddress(&row->DestinationPrefix); + if (destination.isLoopback() || destination.isBroadcast() || + destination.isLinkLocal() || destination.isMulticast()) { + continue; + } + + // If we get here, this route should be cloned. + IPAddress prefix(destination, row->DestinationPrefix.PrefixLength); + MIB_IPFORWARD_ROW2* data = m_clonedRoutes.value(prefix, nullptr); + if (data != nullptr) { + // Count the number of matching entries in the main table. + data->Age++; + continue; + } + logger.debug() << "Capturing route to" << prefix.toString(); + + // Clone the route and direct it into the VPN tunnel. + data = new MIB_IPFORWARD_ROW2; + InitializeIpForwardEntry(data); + data->InterfaceLuid.Value = m_luid; + data->DestinationPrefix = row->DestinationPrefix; + data->NextHop.si_family = data->DestinationPrefix.Prefix.si_family; + + // Set the rest of the flags for a static route. + data->ValidLifetime = 0xffffffff; + data->PreferredLifetime = 0xffffffff; + data->Metric = 0; + data->Protocol = MIB_IPPROTO_NETMGMT; + data->Loopback = false; + data->AutoconfigureAddress = false; + data->Publish = false; + data->Immortal = false; + data->Age = 0; + + // Route this traffic into the VPN tunnel. + DWORD result = CreateIpForwardEntry2(data); + if (result != NO_ERROR) { + logger.error() << "Failed to update route:" << result; + delete data; + } else { + m_clonedRoutes.insert(prefix, data); + data->Age++; + } + } + + // Finally scan for any routes which were removed from the table. We do this + // by reusing the age field to count the number of matching entries in the + // main table. + auto i = m_clonedRoutes.begin(); + while (i != m_clonedRoutes.end()) { + MIB_IPFORWARD_ROW2* data = i.value(); + if (data->Age > 0) { + // Entry is in use, don't delete it. + data->Age = 0; + i++; + continue; + } + if ((family != AF_UNSPEC) && + (data->DestinationPrefix.Prefix.si_family != family)) { + // We are not processing updates to this address family. + i++; + continue; + } + + logger.debug() << "Removing route capture for" << i.key().toString(); + + // Otherwise, this route is no longer in use. + DWORD result = DeleteIpForwardEntry2(data); + if ((result != NO_ERROR) && (result != ERROR_NOT_FOUND)) { + logger.error() << "Failed to delete route:" << result; + } + delete data; + i = m_clonedRoutes.erase(i); + } +} + bool WindowsRouteMonitor::addExclusionRoute(const IPAddress& prefix) { - logger.debug() << "Adding exclusion route for" - << logger.sensitive(prefix.toString()); + logger.debug() << "Adding exclusion route for" << prefix.toString(); + + // Silently ignore non-routeable addresses. + QHostAddress addr = prefix.address(); + if (addr.isLoopback() || addr.isBroadcast() || addr.isLinkLocal() || + addr.isMulticast()) { + return true; + } if (m_exclusionRoutes.contains(prefix)) { logger.warning() << "Exclusion route already exists"; @@ -232,7 +401,7 @@ bool WindowsRouteMonitor::addExclusionRoute(const IPAddress& prefix) { // Set the rest of the flags for a static route. data->ValidLifetime = 0xffffffff; data->PreferredLifetime = 0xffffffff; - data->Metric = 0; + data->Metric = EXCLUSION_ROUTE_METRIC; data->Protocol = MIB_IPPROTO_NETMGMT; data->Loopback = false; data->AutoconfigureAddress = false; @@ -254,7 +423,8 @@ bool WindowsRouteMonitor::addExclusionRoute(const IPAddress& prefix) { delete data; return false; } - updateValidInterfaces(family); + updateInterfaceMetrics(family); + updateCapturedRoutes(family, table); updateExclusionRoute(data, table); FreeMibTable(table); @@ -264,38 +434,50 @@ bool WindowsRouteMonitor::addExclusionRoute(const IPAddress& prefix) { bool WindowsRouteMonitor::deleteExclusionRoute(const IPAddress& prefix) { logger.debug() << "Deleting exclusion route for" - << logger.sensitive(prefix.address().toString()); + << prefix.address().toString(); - for (;;) { - MIB_IPFORWARD_ROW2* data = m_exclusionRoutes.take(prefix); - if (data == nullptr) { - break; - } - - DWORD result = DeleteIpForwardEntry2(data); - if ((result != ERROR_NOT_FOUND) && (result != NO_ERROR)) { - logger.error() << "Failed to delete route to" - << logger.sensitive(prefix.toString()) - << "result:" << result; - } - delete data; + MIB_IPFORWARD_ROW2* data = m_exclusionRoutes.take(prefix); + if (data == nullptr) { + return true; } + DWORD result = DeleteIpForwardEntry2(data); + if ((result != ERROR_NOT_FOUND) && (result != NO_ERROR)) { + logger.error() << "Failed to delete route to" + << prefix.toString() + << "result:" << result; + } + + // Captured routes might have changed. + updateCapturedRoutes(data->DestinationPrefix.Prefix.si_family); + + delete data; return true; } -void WindowsRouteMonitor::flushExclusionRoutes() { - for (auto i = m_exclusionRoutes.begin(); i != m_exclusionRoutes.end(); i++) { +void WindowsRouteMonitor::flushRouteTable( + QHash& table) { + for (auto i = table.begin(); i != table.end(); i++) { MIB_IPFORWARD_ROW2* data = i.value(); DWORD result = DeleteIpForwardEntry2(data); if ((result != ERROR_NOT_FOUND) && (result != NO_ERROR)) { logger.error() << "Failed to delete route to" - << logger.sensitive(i.key().toString()) + << i.key().toString() << "result:" << result; } delete data; } - m_exclusionRoutes.clear(); + table.clear(); +} + +void WindowsRouteMonitor::setDetaultRouteCapture(bool enable) { + m_defaultRouteCapture = enable; + + // Flush any captured routes when disabling the feature. + if (!m_defaultRouteCapture) { + flushRouteTable(m_clonedRoutes); + return; + } } void WindowsRouteMonitor::routeChanged() { @@ -308,7 +490,8 @@ void WindowsRouteMonitor::routeChanged() { return; } - updateValidInterfaces(AF_UNSPEC); + updateInterfaceMetrics(AF_UNSPEC); + updateCapturedRoutes(AF_UNSPEC, table); for (MIB_IPFORWARD_ROW2* data : m_exclusionRoutes) { updateExclusionRoute(data, table); } diff --git a/client/platforms/windows/daemon/windowsroutemonitor.h b/client/platforms/windows/daemon/windowsroutemonitor.h index 0ae9a8a2..fa04f646 100644 --- a/client/platforms/windows/daemon/windowsroutemonitor.h +++ b/client/platforms/windows/daemon/windowsroutemonitor.h @@ -11,6 +11,8 @@ #include #include +#include +#include #include #include "ipaddress.h" @@ -19,28 +21,41 @@ class WindowsRouteMonitor final : public QObject { Q_OBJECT public: - WindowsRouteMonitor(QObject* parent); + WindowsRouteMonitor(quint64 luid, QObject* parent); ~WindowsRouteMonitor(); + void setDetaultRouteCapture(bool enable); + bool addExclusionRoute(const IPAddress& prefix); bool deleteExclusionRoute(const IPAddress& prefix); - void flushExclusionRoutes(); + void flushExclusionRoutes() { return flushRouteTable(m_exclusionRoutes); }; - void setLuid(quint64 luid) { m_luid = luid; } - quint64 getLuid() { return m_luid; } + quint64 getLuid() const { return m_luid; } public slots: void routeChanged(); private: + bool isRouteExcluded(const IP_ADDRESS_PREFIX* dest) const; + static bool routeContainsDest(const IP_ADDRESS_PREFIX* route, + const IP_ADDRESS_PREFIX* dest); + static QHostAddress prefixToAddress(const IP_ADDRESS_PREFIX* dest); + + void flushRouteTable(QHash& table); void updateExclusionRoute(MIB_IPFORWARD_ROW2* data, void* table); - void updateValidInterfaces(int family); + void updateInterfaceMetrics(int family); + void updateCapturedRoutes(int family); + void updateCapturedRoutes(int family, void* table); QHash m_exclusionRoutes; - QList m_validInterfacesIpv4; - QList m_validInterfacesIpv6; + QMap m_interfaceMetricsIpv4; + QMap m_interfaceMetricsIpv6; - quint64 m_luid = 0; + // Default route cloning + bool m_defaultRouteCapture = false; + QHash m_clonedRoutes; + + const quint64 m_luid = 0; HANDLE m_routeHandle = INVALID_HANDLE_VALUE; }; diff --git a/client/platforms/windows/daemon/windowssplittunnel.cpp b/client/platforms/windows/daemon/windowssplittunnel.cpp index c4e893b2..63de153d 100644 --- a/client/platforms/windows/daemon/windowssplittunnel.cpp +++ b/client/platforms/windows/daemon/windowssplittunnel.cpp @@ -4,9 +4,15 @@ #include "windowssplittunnel.h" +#include + +#include + #include "../windowscommons.h" #include "../windowsservicemanager.h" #include "logger.h" +#include "platforms/windows/daemon/windowsfirewall.h" +#include "platforms/windows/daemon/windowssplittunnel.h" #include "platforms/windows/windowsutils.h" #include "windowsfirewall.h" @@ -18,34 +24,252 @@ #include #include #include -#include + +#pragma region + +// Driver Configuration structures +using CONFIGURATION_ENTRY = struct { + // Offset into buffer region that follows all entries. + // The image name uses the device path. + SIZE_T ImageNameOffset; + // Length of the String + USHORT ImageNameLength; +}; + +using CONFIGURATION_HEADER = struct { + // Number of entries immediately following the header. + SIZE_T NumEntries; + + // Total byte length: header + entries + string buffer. + SIZE_T TotalLength; +}; + +// Used to Configure Which IP is network/vpn +using IP_ADDRESSES_CONFIG = struct { + IN_ADDR TunnelIpv4; + IN_ADDR InternetIpv4; + + IN6_ADDR TunnelIpv6; + IN6_ADDR InternetIpv6; +}; + +// Used to Define Which Processes are alive on activation +using PROCESS_DISCOVERY_HEADER = struct { + SIZE_T NumEntries; + SIZE_T TotalLength; +}; + +using PROCESS_DISCOVERY_ENTRY = struct { + HANDLE ProcessId; + HANDLE ParentProcessId; + + SIZE_T ImageNameOffset; + USHORT ImageNameLength; +}; + +using ProcessInfo = struct { + DWORD ProcessId; + DWORD ParentProcessId; + FILETIME CreationTime; + std::wstring DevicePath; +}; + +#ifndef CTL_CODE + +# define FILE_ANY_ACCESS 0x0000 + +# define METHOD_BUFFERED 0 +# define METHOD_IN_DIRECT 1 +# define METHOD_NEITHER 3 + +# define CTL_CODE(DeviceType, Function, Method, Access) \ + (((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)) +#endif + +// Known ControlCodes +#define IOCTL_INITIALIZE CTL_CODE(0x8000, 1, METHOD_NEITHER, FILE_ANY_ACCESS) + +#define IOCTL_DEQUEUE_EVENT \ + CTL_CODE(0x8000, 2, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_REGISTER_PROCESSES \ + CTL_CODE(0x8000, 3, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_REGISTER_IP_ADDRESSES \ + CTL_CODE(0x8000, 4, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_GET_IP_ADDRESSES \ + CTL_CODE(0x8000, 5, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_SET_CONFIGURATION \ + CTL_CODE(0x8000, 6, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_GET_CONFIGURATION \ + CTL_CODE(0x8000, 7, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_CLEAR_CONFIGURATION \ + CTL_CODE(0x8000, 8, METHOD_NEITHER, FILE_ANY_ACCESS) + +#define IOCTL_GET_STATE CTL_CODE(0x8000, 9, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_QUERY_PROCESS \ + CTL_CODE(0x8000, 10, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_ST_RESET CTL_CODE(0x8000, 11, METHOD_NEITHER, FILE_ANY_ACCESS) + +constexpr static const auto DRIVER_SYMLINK = L"\\\\.\\MULLVADSPLITTUNNEL"; +constexpr static const auto DRIVER_FILENAME = "mullvad-split-tunnel.sys"; +constexpr static const auto DRIVER_SERVICE_NAME = L"AmneziaVPNSplitTunnel"; +constexpr static const auto MV_SERVICE_NAME = L"MullvadVPN"; + +#pragma endregion namespace { Logger logger("WindowsSplitTunnel"); + +ProcessInfo getProcessInfo(HANDLE process, const PROCESSENTRY32W& processMeta) { + ProcessInfo pi; + pi.ParentProcessId = processMeta.th32ParentProcessID; + pi.ProcessId = processMeta.th32ProcessID; + pi.CreationTime = {0, 0}; + pi.DevicePath = L""; + + FILETIME creationTime, null_time; + auto ok = GetProcessTimes(process, &creationTime, &null_time, &null_time, + &null_time); + if (ok) { + pi.CreationTime = creationTime; + } + wchar_t imagepath[MAX_PATH + 1]; + if (K32GetProcessImageFileNameW( + process, imagepath, sizeof(imagepath) / sizeof(*imagepath)) != 0) { + pi.DevicePath = imagepath; + } + return pi; } -WindowsSplitTunnel::WindowsSplitTunnel(QObject* parent) : QObject(parent) { +} // namespace + +std::unique_ptr WindowsSplitTunnel::create( + WindowsFirewall* fw) { + if (fw == nullptr) { + // Pre-Condition: + // Make sure the Windows Firewall has created the sublayer + // otherwise the driver will fail to initialize + logger.error() << "Failed to did not pass a WindowsFirewall obj" + << "The Driver cannot work with the sublayer not created"; + return nullptr; + } + // 00: Check if we conflict with mullvad, if so. if (detectConflict()) { logger.error() << "Conflict detected, abort Split-Tunnel init."; - uninstallDriver(); - return; + return nullptr; } - - m_tries = 0; - + // 01: Check if the driver is installed, if not do so. if (!isInstalled()) { logger.debug() << "Driver is not Installed, doing so"; auto handle = installDriver(); if (handle == INVALID_HANDLE_VALUE) { WindowsUtils::windowsLog("Failed to install Driver"); - return; + return nullptr; } logger.debug() << "Driver installed"; CloseServiceHandle(handle); } else { - logger.debug() << "Driver is installed"; + logger.debug() << "Driver was installed"; } - initDriver(); + // 02: Now check if the service is running + auto driver_manager = + WindowsServiceManager::open(QString::fromWCharArray(DRIVER_SERVICE_NAME)); + if (Q_UNLIKELY(driver_manager == nullptr)) { + // Let's be fair if we end up here, + // after checking it exists and installing it, + // this is super unlikeley + Q_ASSERT(false); + logger.error() + << "WindowsServiceManager was unable fo find Split Tunnel service?"; + return nullptr; + } + if (!driver_manager->isRunning()) { + logger.debug() << "Driver is not running, starting it"; + // Start the service + if (!driver_manager->startService()) { + logger.error() << "Failed to start Split Tunnel Service"; + return nullptr; + }; + } + // 03: Open the Driver Symlink + auto driverFile = CreateFileW(DRIVER_SYMLINK, GENERIC_READ | GENERIC_WRITE, 0, + nullptr, OPEN_EXISTING, 0, nullptr); + ; + if (driverFile == INVALID_HANDLE_VALUE) { + WindowsUtils::windowsLog("Failed to open Driver: "); + // Only once, if the opening did not work. Try to reboot it. # + logger.info() + << "Failed to open driver, attempting only once to reboot driver"; + if (!driver_manager->stopService()) { + logger.error() << "Unable stop driver"; + return nullptr; + }; + logger.info() << "Stopped driver, starting it again."; + if (!driver_manager->startService()) { + logger.error() << "Unable start driver"; + return nullptr; + }; + logger.info() << "Opening again."; + driverFile = CreateFileW(DRIVER_SYMLINK, GENERIC_READ | GENERIC_WRITE, 0, + nullptr, OPEN_EXISTING, 0, nullptr); + if (driverFile == INVALID_HANDLE_VALUE) { + logger.error() << "Opening Failed again, sorry!"; + return nullptr; + } + } + if (!initDriver(driverFile)) { + logger.error() << "Failed to init driver"; + return nullptr; + } + // We're ready to talk to the driver, it's alive and setup. + return std::make_unique(driverFile); +} + +bool WindowsSplitTunnel::initDriver(HANDLE driverIO) { + // We need to now check the state and init it, if required + auto state = getState(driverIO); + if (state == STATE_UNKNOWN) { + logger.debug() << "Cannot check if driver is initialized"; + return false; + } + if (state >= STATE_INITIALIZED) { + logger.debug() << "Driver already initialized: " << state; + // Reset Driver as it has wfp handles probably >:( + resetDriver(driverIO); + + auto newState = getState(driverIO); + logger.debug() << "New state after reset:" << newState; + if (newState >= STATE_INITIALIZED) { + logger.debug() << "Reset unsuccesfull"; + return false; + } + } + + DWORD bytesReturned; + auto ok = DeviceIoControl(driverIO, IOCTL_INITIALIZE, nullptr, 0, nullptr, 0, + &bytesReturned, nullptr); + if (!ok) { + auto err = GetLastError(); + logger.error() << "Driver init failed err -" << err; + logger.error() << "State:" << getState(driverIO); + + return false; + } + logger.debug() << "Driver initialized" << getState(driverIO); + return true; +} + +WindowsSplitTunnel::WindowsSplitTunnel(HANDLE driverIO) : m_driver(driverIO) { + logger.debug() << "Connected to the Driver"; + + Q_ASSERT(getState() == STATE_INITIALIZED); } WindowsSplitTunnel::~WindowsSplitTunnel() { @@ -53,73 +277,12 @@ WindowsSplitTunnel::~WindowsSplitTunnel() { uninstallDriver(); } -void WindowsSplitTunnel::initDriver() { - if (detectConflict()) { - logger.error() << "Conflict detected, abort Split-Tunnel init."; - return; - } - logger.debug() << "Try to open Split Tunnel Driver"; - // Open the Driver Symlink - m_driver = CreateFileW(DRIVER_SYMLINK, GENERIC_READ | GENERIC_WRITE, 0, - nullptr, OPEN_EXISTING, 0, nullptr); - ; - if (m_driver == INVALID_HANDLE_VALUE && m_tries < 500) { - WindowsUtils::windowsLog("Failed to open Driver: "); - m_tries++; - Sleep(100); - // If the handle is not present, try again after the serivce has started; - auto driver_manager = WindowsServiceManager(DRIVER_SERVICE_NAME); - QObject::connect(&driver_manager, &WindowsServiceManager::serviceStarted, - this, &WindowsSplitTunnel::initDriver); - driver_manager.startService(); - return; - } - - logger.debug() << "Connected to the Driver"; - // Reset Driver as it has wfp handles probably >:( - - if (!WindowsFirewall::instance()->init()) { - logger.error() << "Init WFP-Sublayer failed, driver won't be functional"; - return; - } - - // We need to now check the state and init it, if required - - auto state = getState(); - if (state == STATE_UNKNOWN) { - logger.debug() << "Cannot check if driver is initialized"; - } - if (state >= STATE_INITIALIZED) { - logger.debug() << "Driver already initialized: " << state; - reset(); - - auto newState = getState(); - logger.debug() << "New state after reset:" << newState; - if (newState >= STATE_INITIALIZED) { - logger.debug() << "Reset unsuccesfull"; - return; - } - } - - DWORD bytesReturned; - auto ok = DeviceIoControl(m_driver, IOCTL_INITIALIZE, nullptr, 0, nullptr, 0, - &bytesReturned, nullptr); - if (!ok) { - auto err = GetLastError(); - logger.error() << "Driver init failed err -" << err; - logger.error() << "State:" << getState(); - - return; - } - logger.debug() << "Driver initialized" << getState(); -} - -void WindowsSplitTunnel::setRules(const QStringList& appPaths) { +bool WindowsSplitTunnel::excludeApps(const QStringList& appPaths) { auto state = getState(); if (state != STATE_READY && state != STATE_RUNNING) { logger.warning() << "Driver is not in the right State to set Rules" << state; - return; + return false; } logger.debug() << "Pushing new Ruleset for Split-Tunnel " << state; @@ -133,12 +296,13 @@ void WindowsSplitTunnel::setRules(const QStringList& appPaths) { auto err = GetLastError(); WindowsUtils::windowsLog("Set Config Failed:"); logger.error() << "Failed to set Config err code " << err; - return; + return false; } - logger.debug() << "New Configuration applied: " << getState(); + logger.debug() << "New Configuration applied: " << stateString(); + return true; } -void WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) { +bool WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) { // To Start we need to send 2 things: // Network info (what is vpn what is network) logger.debug() << "Starting SplitTunnel"; @@ -151,7 +315,7 @@ void WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) { 0, &bytesReturned, nullptr); if (!ok) { logger.error() << "Driver init failed"; - return; + return false; } } @@ -164,16 +328,16 @@ void WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) { nullptr); if (!ok) { logger.error() << "Failed to set Process Config"; - return; + return false; } - logger.debug() << "Set Process Config ok || new State:" << getState(); + logger.debug() << "Set Process Config ok || new State:" << stateString(); } if (getState() == STATE_INITIALIZED) { logger.warning() << "Driver is still not ready after process list send"; - return; + return false; } - logger.debug() << "Driver is ready || new State:" << getState(); + logger.debug() << "Driver is ready || new State:" << stateString(); auto config = generateIPConfiguration(inetAdapterIndex, vpnAdapterIndex); auto ok = DeviceIoControl(m_driver, IOCTL_REGISTER_IP_ADDRESSES, &config[0], @@ -181,9 +345,10 @@ void WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) { nullptr); if (!ok) { logger.error() << "Failed to set Network Config"; - return; + return false; } - logger.debug() << "New Network Config Applied || new State:" << getState(); + logger.debug() << "New Network Config Applied || new State:" << stateString(); + return true; } void WindowsSplitTunnel::stop() { @@ -197,25 +362,27 @@ void WindowsSplitTunnel::stop() { logger.debug() << "Stopping Split tunnel successfull"; } -void WindowsSplitTunnel::reset() { +bool WindowsSplitTunnel::resetDriver(HANDLE driverIO) { DWORD bytesReturned; - auto ok = DeviceIoControl(m_driver, IOCTL_ST_RESET, nullptr, 0, nullptr, 0, + auto ok = DeviceIoControl(driverIO, IOCTL_ST_RESET, nullptr, 0, nullptr, 0, &bytesReturned, nullptr); if (!ok) { logger.error() << "Reset Split tunnel not successfull"; - return; + return false; } logger.debug() << "Reset Split tunnel successfull"; + return true; } -DRIVER_STATE WindowsSplitTunnel::getState() { - if (m_driver == INVALID_HANDLE_VALUE) { +// static +WindowsSplitTunnel::DRIVER_STATE WindowsSplitTunnel::getState(HANDLE driverIO) { + if (driverIO == INVALID_HANDLE_VALUE) { logger.debug() << "Can't query State from non Opened Driver"; return STATE_UNKNOWN; } DWORD bytesReturned; SIZE_T outBuffer; - bool ok = DeviceIoControl(m_driver, IOCTL_GET_STATE, nullptr, 0, &outBuffer, + bool ok = DeviceIoControl(driverIO, IOCTL_GET_STATE, nullptr, 0, &outBuffer, sizeof(outBuffer), &bytesReturned, nullptr); if (!ok) { WindowsUtils::windowsLog("getState response failure"); @@ -225,7 +392,10 @@ DRIVER_STATE WindowsSplitTunnel::getState() { WindowsUtils::windowsLog("getState response is empty"); return STATE_UNKNOWN; } - return static_cast(outBuffer); + return static_cast(outBuffer); +} +WindowsSplitTunnel::DRIVER_STATE WindowsSplitTunnel::getState() { + return getState(m_driver); } std::vector WindowsSplitTunnel::generateAppConfiguration( @@ -273,58 +443,59 @@ std::vector WindowsSplitTunnel::generateAppConfiguration( return outBuffer; } -std::vector WindowsSplitTunnel::generateIPConfiguration( +std::vector WindowsSplitTunnel::generateIPConfiguration( int inetAdapterIndex, int vpnAdapterIndex) { - std::vector out(sizeof(IP_ADDRESSES_CONFIG)); + std::vector out(sizeof(IP_ADDRESSES_CONFIG)); auto config = reinterpret_cast(&out[0]); auto ifaces = QNetworkInterface::allInterfaces(); - if (vpnAdapterIndex == 0) { + if (vpnAdapterIndex == 0) { vpnAdapterIndex = WindowsCommons::VPNAdapterIndex(); } - // Always the VPN - getAddress(vpnAdapterIndex, &config->TunnelIpv4, - &config->TunnelIpv6); - // 2nd best route - getAddress(inetAdapterIndex, &config->InternetIpv4, &config->InternetIpv6); + if (!getAddress(vpnAdapterIndex, &config->TunnelIpv4, + &config->TunnelIpv6)) { + return {}; + } + // 2nd best route is usually the internet adapter + if (!getAddress(inetAdapterIndex, &config->InternetIpv4, + &config->InternetIpv6)) { + return {}; + }; return out; } -void WindowsSplitTunnel::getAddress(int adapterIndex, IN_ADDR* out_ipv4, +bool WindowsSplitTunnel::getAddress(int adapterIndex, IN_ADDR* out_ipv4, IN6_ADDR* out_ipv6) { QNetworkInterface target = QNetworkInterface::interfaceFromIndex(adapterIndex); logger.debug() << "Getting adapter info for:" << target.humanReadableName(); - // take the first v4/v6 Adress and convert to in_addr - for (auto address : target.addressEntries()) { - if (address.ip().protocol() == QAbstractSocket::IPv4Protocol) { - auto adrr = address.ip().toString(); - std::wstring wstr = adrr.toStdWString(); - logger.debug() << "IpV4" << logger.sensitive(adrr); - PCWSTR w_str_ip = wstr.c_str(); - auto ok = InetPtonW(AF_INET, w_str_ip, out_ipv4); - if (ok != 1) { - logger.debug() << "Ipv4 Conversation error" << WSAGetLastError(); + auto get = [&target](QAbstractSocket::NetworkLayerProtocol protocol) { + for (auto address : target.addressEntries()) { + if (address.ip().protocol() != protocol) { + continue; } - break; + return address.ip().toString().toStdWString(); } + return std::wstring{}; + }; + auto ipv4 = get(QAbstractSocket::IPv4Protocol); + auto ipv6 = get(QAbstractSocket::IPv6Protocol); + + if (InetPtonW(AF_INET, ipv4.c_str(), out_ipv4) != 1) { + logger.debug() << "Ipv4 Conversation error" << WSAGetLastError(); + return false; } - for (auto address : target.addressEntries()) { - if (address.ip().protocol() == QAbstractSocket::IPv6Protocol) { - auto adrr = address.ip().toString(); - std::wstring wstr = adrr.toStdWString(); - logger.debug() << "IpV6" << logger.sensitive(adrr); - PCWSTR w_str_ip = wstr.c_str(); - auto ok = InetPtonW(AF_INET6, w_str_ip, out_ipv6); - if (ok != 1) { - logger.error() << "Ipv6 Conversation error" << WSAGetLastError(); - } - break; - } + if (ipv6.empty()) { + std::memset(out_ipv6, 0x00, sizeof(IN6_ADDR)); + return true; } + if (InetPtonW(AF_INET6, ipv6.c_str(), out_ipv6) != 1) { + logger.debug() << "Ipv6 Conversation error" << WSAGetLastError(); + } + return true; } std::vector WindowsSplitTunnel::generateProcessBlob() { @@ -411,33 +582,6 @@ std::vector WindowsSplitTunnel::generateProcessBlob() { return out; } -void WindowsSplitTunnel::close() { - CloseHandle(m_driver); - m_driver = INVALID_HANDLE_VALUE; -} - -ProcessInfo WindowsSplitTunnel::getProcessInfo( - HANDLE process, const PROCESSENTRY32W& processMeta) { - ProcessInfo pi; - pi.ParentProcessId = processMeta.th32ParentProcessID; - pi.ProcessId = processMeta.th32ProcessID; - pi.CreationTime = {0, 0}; - pi.DevicePath = L""; - - FILETIME creationTime, null_time; - auto ok = GetProcessTimes(process, &creationTime, &null_time, &null_time, - &null_time); - if (ok) { - pi.CreationTime = creationTime; - } - wchar_t imagepath[MAX_PATH + 1]; - if (K32GetProcessImageFileNameW( - process, imagepath, sizeof(imagepath) / sizeof(*imagepath)) != 0) { - pi.DevicePath = imagepath; - } - return pi; -} - // static SC_HANDLE WindowsSplitTunnel::installDriver() { LPCWSTR displayName = L"Amnezia Split Tunnel Service"; @@ -448,15 +592,15 @@ SC_HANDLE WindowsSplitTunnel::installDriver() { return (SC_HANDLE)INVALID_HANDLE_VALUE; } auto path = driver.absolutePath() + "/" + DRIVER_FILENAME; - LPCWSTR binPath = (const wchar_t*)path.utf16(); + auto binPath = (const wchar_t*)path.utf16(); auto scm_rights = SC_MANAGER_ALL_ACCESS; - auto serviceManager = OpenSCManager(NULL, // local computer - NULL, // servicesActive database + auto serviceManager = OpenSCManager(nullptr, // local computer + nullptr, // servicesActive database scm_rights); - auto service = CreateService(serviceManager, DRIVER_SERVICE_NAME, displayName, - SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, - SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, - binPath, nullptr, 0, nullptr, nullptr, nullptr); + auto service = CreateService( + serviceManager, DRIVER_SERVICE_NAME, displayName, SERVICE_ALL_ACCESS, + SERVICE_KERNEL_DRIVER, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, binPath, + nullptr, nullptr, nullptr, nullptr, nullptr); CloseServiceHandle(serviceManager); return service; } @@ -554,3 +698,25 @@ bool WindowsSplitTunnel::detectConflict() { CloseServiceHandle(servicehandle); return err == ERROR_SERVICE_DOES_NOT_EXIST; } + +bool WindowsSplitTunnel::isRunning() { return getState() == STATE_RUNNING; } +QString WindowsSplitTunnel::stateString() { + switch (getState()) { + case STATE_UNKNOWN: + return "STATE_UNKNOWN"; + case STATE_NONE: + return "STATE_NONE"; + case STATE_STARTED: + return "STATE_STARTED"; + case STATE_INITIALIZED: + return "STATE_INITIALIZED"; + case STATE_READY: + return "STATE_READY"; + case STATE_RUNNING: + return "STATE_RUNNING"; + case STATE_ZOMBIE: + return "STATE_ZOMBIE"; + break; + } + return {}; +} diff --git a/client/platforms/windows/daemon/windowssplittunnel.h b/client/platforms/windows/daemon/windowssplittunnel.h index 466036d6..85c827f6 100644 --- a/client/platforms/windows/daemon/windowssplittunnel.h +++ b/client/platforms/windows/daemon/windowssplittunnel.h @@ -8,6 +8,7 @@ #include #include #include +#include // Note: the ws2tcpip.h import must come before the others. // clang-format off @@ -18,160 +19,78 @@ #include #include -// States for GetState -enum DRIVER_STATE { - STATE_UNKNOWN = -1, - STATE_NONE = 0, - STATE_STARTED = 1, - STATE_INITIALIZED = 2, - STATE_READY = 3, - STATE_RUNNING = 4, - STATE_ZOMBIE = 5, -}; +class WindowsFirewall; -#ifndef CTL_CODE - -# define FILE_ANY_ACCESS 0x0000 - -# define METHOD_BUFFERED 0 -# define METHOD_IN_DIRECT 1 -# define METHOD_NEITHER 3 - -# define CTL_CODE(DeviceType, Function, Method, Access) \ - (((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method)) -#endif - -// Known ControlCodes -#define IOCTL_INITIALIZE CTL_CODE(0x8000, 1, METHOD_NEITHER, FILE_ANY_ACCESS) - -#define IOCTL_DEQUEUE_EVENT \ - CTL_CODE(0x8000, 2, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_REGISTER_PROCESSES \ - CTL_CODE(0x8000, 3, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_REGISTER_IP_ADDRESSES \ - CTL_CODE(0x8000, 4, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_GET_IP_ADDRESSES \ - CTL_CODE(0x8000, 5, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_SET_CONFIGURATION \ - CTL_CODE(0x8000, 6, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_GET_CONFIGURATION \ - CTL_CODE(0x8000, 7, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_CLEAR_CONFIGURATION \ - CTL_CODE(0x8000, 8, METHOD_NEITHER, FILE_ANY_ACCESS) - -#define IOCTL_GET_STATE CTL_CODE(0x8000, 9, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_QUERY_PROCESS \ - CTL_CODE(0x8000, 10, METHOD_BUFFERED, FILE_ANY_ACCESS) - -#define IOCTL_ST_RESET CTL_CODE(0x8000, 11, METHOD_NEITHER, FILE_ANY_ACCESS) - -// Driver Configuration structures - -typedef struct { - // Offset into buffer region that follows all entries. - // The image name uses the device path. - SIZE_T ImageNameOffset; - // Length of the String - USHORT ImageNameLength; -} CONFIGURATION_ENTRY; - -typedef struct { - // Number of entries immediately following the header. - SIZE_T NumEntries; - - // Total byte length: header + entries + string buffer. - SIZE_T TotalLength; -} CONFIGURATION_HEADER; - -// Used to Configure Which IP is network/vpn -typedef struct { - IN_ADDR TunnelIpv4; - IN_ADDR InternetIpv4; - - IN6_ADDR TunnelIpv6; - IN6_ADDR InternetIpv6; -} IP_ADDRESSES_CONFIG; - -// Used to Define Which Processes are alive on activation -typedef struct { - SIZE_T NumEntries; - SIZE_T TotalLength; -} PROCESS_DISCOVERY_HEADER; - -typedef struct { - HANDLE ProcessId; - HANDLE ParentProcessId; - - SIZE_T ImageNameOffset; - USHORT ImageNameLength; -} PROCESS_DISCOVERY_ENTRY; - -typedef struct { - DWORD ProcessId; - DWORD ParentProcessId; - FILETIME CreationTime; - std::wstring DevicePath; -} ProcessInfo; - -class WindowsSplitTunnel final : public QObject { - Q_OBJECT - Q_DISABLE_COPY_MOVE(WindowsSplitTunnel) +class WindowsSplitTunnel final { public: - explicit WindowsSplitTunnel(QObject* parent); + /** + * @brief Installs and Initializes the Split Tunnel Driver. + * + * @param fw - + * @return std::unique_ptr - Is null on failure. + */ + static std::unique_ptr create(WindowsFirewall* fw); + + /** + * @brief Construct a new Windows Split Tunnel object + * + * @param driverIO - The Handle to the Driver's IO file, it assumes the driver + * is in STATE_INITIALIZED and the Firewall has been setup. + * Prefer using create() to get to this state. + */ + WindowsSplitTunnel(HANDLE driverIO); + /** + * @brief Destroy the Windows Split Tunnel object and uninstalls the Driver. + */ ~WindowsSplitTunnel(); // void excludeApps(const QStringList& paths); // Excludes an Application from the VPN - void setRules(const QStringList& appPaths); + bool excludeApps(const QStringList& appPaths); // Fetches and Pushed needed info to move to engaged mode - void start(int inetAdapterIndex, int vpnAdapterIndex = 0); + bool start(int inetAdapterIndex, int vpnAdapterIndex = 0); // Deletes Rules and puts the driver into passive mode void stop(); - // Resets the Whole Driver - void reset(); - // Just close connection, leave state as is - void close(); + // Returns true if the split-tunnel driver is now up and running. + bool isRunning(); + static bool detectConflict(); + + // States for GetState + enum DRIVER_STATE { + STATE_UNKNOWN = -1, + STATE_NONE = 0, + STATE_STARTED = 1, + STATE_INITIALIZED = 2, + STATE_READY = 3, + STATE_RUNNING = 4, + STATE_ZOMBIE = 5, + }; + + private: // Installes the Kernel Driver as Driver Service static SC_HANDLE installDriver(); static bool uninstallDriver(); static bool isInstalled(); - static bool detectConflict(); + static bool initDriver(HANDLE driverIO); + static DRIVER_STATE getState(HANDLE driverIO); + static bool resetDriver(HANDLE driverIO); - private slots: - void initDriver(); - - private: HANDLE m_driver = INVALID_HANDLE_VALUE; - constexpr static const auto DRIVER_SYMLINK = L"\\\\.\\MULLVADSPLITTUNNEL"; - constexpr static const auto DRIVER_FILENAME = "mullvad-split-tunnel.sys"; - constexpr static const auto DRIVER_SERVICE_NAME = L"AmneziaVPNSplitTunnel"; - constexpr static const auto MV_SERVICE_NAME = L"MullvadVPN"; DRIVER_STATE getState(); - - int m_tries; - // Initializes the WFP Sublayer - bool initSublayer(); + QString stateString(); // Generates a Configuration for Each APP std::vector generateAppConfiguration(const QStringList& appPaths); // Generates a Configuration which IP's are VPN and which network - std::vector generateIPConfiguration(int inetAdapterIndex, int vpnAdapterIndex = 0); + std::vector generateIPConfiguration(int inetAdapterIndex, int vpnAdapterIndex = 0); std::vector generateProcessBlob(); - void getAddress(int adapterIndex, IN_ADDR* out_ipv4, IN6_ADDR* out_ipv6); + [[nodiscard]] bool getAddress(int adapterIndex, IN_ADDR* out_ipv4, + IN6_ADDR* out_ipv6); // Collects info about an Opened Process - ProcessInfo getProcessInfo(HANDLE process, - const PROCESSENTRY32W& processMeta); // Converts a path to a Dos Path: // e.g C:/a.exe -> /harddisk0/a.exe diff --git a/client/platforms/windows/daemon/wireguardutilswindows.cpp b/client/platforms/windows/daemon/wireguardutilswindows.cpp index 1a220235..a5c9c84d 100644 --- a/client/platforms/windows/daemon/wireguardutilswindows.cpp +++ b/client/platforms/windows/daemon/wireguardutilswindows.cpp @@ -14,8 +14,6 @@ #include "leakdetector.h" #include "logger.h" -#include "platforms/windows/windowscommons.h" -#include "windowsdaemon.h" #include "windowsfirewall.h" #pragma comment(lib, "iphlpapi.lib") @@ -24,8 +22,20 @@ namespace { Logger logger("WireguardUtilsWindows"); }; // namespace -WireguardUtilsWindows::WireguardUtilsWindows(QObject* parent) - : WireguardUtils(parent), m_tunnel(this), m_routeMonitor(this) { +std::unique_ptr WireguardUtilsWindows::create( + WindowsFirewall* fw, QObject* parent) { + if (!fw) { + logger.error() << "WireguardUtilsWindows::create: no wfp handle"; + return {}; + } + + // Can't use make_unique here as the Constructor is private :( + auto utils = new WireguardUtilsWindows(parent, fw); + return std::unique_ptr(utils); +} + +WireguardUtilsWindows::WireguardUtilsWindows(QObject* parent, WindowsFirewall* fw) + : WireguardUtils(parent), m_tunnel(this), m_firewall(fw) { MZ_COUNT_CTOR(WireguardUtilsWindows); logger.debug() << "WireguardUtilsWindows created."; @@ -114,13 +124,14 @@ bool WireguardUtilsWindows::addInterface(const InterfaceConfig& config) { return false; } m_luid = luid.Value; - m_routeMonitor.setLuid(luid.Value); + m_routeMonitor = new WindowsRouteMonitor(luid.Value, this); if (config.m_killSwitchEnabled) { // Enable the windows firewall NET_IFINDEX ifindex; ConvertInterfaceLuidToIndex(&luid, &ifindex); - WindowsFirewall::instance()->enableKillSwitch(ifindex); + m_firewall->allowAllTraffic(); + m_firewall->enableInterface(ifindex); } logger.debug() << "Registration completed"; @@ -128,7 +139,11 @@ bool WireguardUtilsWindows::addInterface(const InterfaceConfig& config) { } bool WireguardUtilsWindows::deleteInterface() { - WindowsFirewall::instance()->disableKillSwitch(); + if (m_routeMonitor) { + m_routeMonitor->deleteLater(); + } + + m_firewall->disableKillSwitch(); m_tunnel.stop(); return true; } @@ -141,7 +156,7 @@ bool WireguardUtilsWindows::updatePeer(const InterfaceConfig& config) { if (config.m_killSwitchEnabled) { // Enable the windows firewall for this peer. - WindowsFirewall::instance()->enablePeerTraffic(config); + m_firewall->enablePeerTraffic(config); } logger.debug() << "Configuring peer" << publicKey.toHex() << "via" << config.m_serverIpv4AddrIn; @@ -171,9 +186,9 @@ bool WireguardUtilsWindows::updatePeer(const InterfaceConfig& config) { } // Exclude the server address, except for multihop exit servers. - if (config.m_hopType != InterfaceConfig::MultiHopExit) { - m_routeMonitor.addExclusionRoute(IPAddress(config.m_serverIpv4AddrIn)); - m_routeMonitor.addExclusionRoute(IPAddress(config.m_serverIpv6AddrIn)); + if (m_routeMonitor && config.m_hopType != InterfaceConfig::MultiHopExit) { + m_routeMonitor->addExclusionRoute(IPAddress(config.m_serverIpv4AddrIn)); + m_routeMonitor->addExclusionRoute(IPAddress(config.m_serverIpv6AddrIn)); } QString reply = m_tunnel.uapiCommand(message); @@ -186,13 +201,13 @@ bool WireguardUtilsWindows::deletePeer(const InterfaceConfig& config) { QByteArray::fromBase64(qPrintable(config.m_serverPublicKey)); // Clear exclustion routes for this peer. - if (config.m_hopType != InterfaceConfig::MultiHopExit) { - m_routeMonitor.deleteExclusionRoute(IPAddress(config.m_serverIpv4AddrIn)); - m_routeMonitor.deleteExclusionRoute(IPAddress(config.m_serverIpv6AddrIn)); + if (m_routeMonitor && config.m_hopType != InterfaceConfig::MultiHopExit) { + m_routeMonitor->deleteExclusionRoute(IPAddress(config.m_serverIpv4AddrIn)); + m_routeMonitor->deleteExclusionRoute(IPAddress(config.m_serverIpv6AddrIn)); } // Disable the windows firewall for this peer. - WindowsFirewall::instance()->disablePeerTraffic(config.m_serverPublicKey); + m_firewall->disablePeerTraffic(config.m_serverPublicKey); QString message; QTextStream out(&message); @@ -238,6 +253,13 @@ void WireguardUtilsWindows::buildMibForwardRow(const IPAddress& prefix, } bool WireguardUtilsWindows::updateRoutePrefix(const IPAddress& prefix) { + if (m_routeMonitor && (prefix.prefixLength() == 0)) { + // If we are setting up a default route, instruct the route monitor to + // capture traffic to all non-excluded destinations + m_routeMonitor->setDetaultRouteCapture(true); + } + // Build the route + MIB_IPFORWARD_ROW2 entry; buildMibForwardRow(prefix, &entry); @@ -246,6 +268,13 @@ bool WireguardUtilsWindows::updateRoutePrefix(const IPAddress& prefix) { if (result == ERROR_OBJECT_ALREADY_EXISTS) { return true; } + + // Case for ipv6 route with disabled ipv6 + if (prefix.address().protocol() == QAbstractSocket::IPv6Protocol + && result == ERROR_NOT_FOUND) { + return true; + } + if (result != NO_ERROR) { logger.error() << "Failed to create route to" << prefix.toString() @@ -255,6 +284,12 @@ bool WireguardUtilsWindows::updateRoutePrefix(const IPAddress& prefix) { } bool WireguardUtilsWindows::deleteRoutePrefix(const IPAddress& prefix) { + if (m_routeMonitor && (prefix.prefixLength() == 0)) { + // Deactivate the route capture feature. + m_routeMonitor->setDetaultRouteCapture(false); + } + // Build the route + MIB_IPFORWARD_ROW2 entry; buildMibForwardRow(prefix, &entry); @@ -272,9 +307,28 @@ bool WireguardUtilsWindows::deleteRoutePrefix(const IPAddress& prefix) { } bool WireguardUtilsWindows::addExclusionRoute(const IPAddress& prefix) { - return m_routeMonitor.addExclusionRoute(prefix); + return m_routeMonitor->addExclusionRoute(prefix); } bool WireguardUtilsWindows::deleteExclusionRoute(const IPAddress& prefix) { - return m_routeMonitor.deleteExclusionRoute(prefix); + return m_routeMonitor->deleteExclusionRoute(prefix); +} + +bool WireguardUtilsWindows::excludeLocalNetworks( + const QList& addresses) { + // If the interface isn't up then something went horribly wrong. + Q_ASSERT(m_routeMonitor); + // For each destination - attempt to exclude it from the VPN tunnel. + bool result = true; + for (const IPAddress& prefix : addresses) { + if (!m_routeMonitor->addExclusionRoute(prefix)) { + result = false; + } + } + // Permit LAN traffic through the firewall. + if (!m_firewall->enableLanBypass(addresses)) { + result = false; + } + + return result; } diff --git a/client/platforms/windows/daemon/wireguardutilswindows.h b/client/platforms/windows/daemon/wireguardutilswindows.h index 4fd67fad..276966b4 100644 --- a/client/platforms/windows/daemon/wireguardutilswindows.h +++ b/client/platforms/windows/daemon/wireguardutilswindows.h @@ -9,16 +9,21 @@ #include #include +#include #include "daemon/wireguardutils.h" #include "windowsroutemonitor.h" #include "windowstunnelservice.h" +class WindowsFirewall; +class WindowsRouteMonitor; + class WireguardUtilsWindows final : public WireguardUtils { Q_OBJECT public: - WireguardUtilsWindows(QObject* parent); + static std::unique_ptr create(WindowsFirewall* fw, + QObject* parent); ~WireguardUtilsWindows(); bool interfaceExists() override { return m_tunnel.isRunning(); } @@ -39,15 +44,19 @@ class WireguardUtilsWindows final : public WireguardUtils { bool addExclusionRoute(const IPAddress& prefix) override; bool deleteExclusionRoute(const IPAddress& prefix) override; + bool WireguardUtilsWindows::excludeLocalNetworks(const QList& addresses) override; + signals: void backendFailure(); private: + WireguardUtilsWindows(QObject* parent, WindowsFirewall* fw); void buildMibForwardRow(const IPAddress& prefix, void* row); quint64 m_luid = 0; WindowsTunnelService m_tunnel; - WindowsRouteMonitor m_routeMonitor; + QPointer m_routeMonitor; + QPointer m_firewall; }; #endif // WIREGUARDUTILSWINDOWS_H diff --git a/client/platforms/windows/windowsservicemanager.cpp b/client/platforms/windows/windowsservicemanager.cpp index 3a334224..d5a21170 100644 --- a/client/platforms/windows/windowsservicemanager.cpp +++ b/client/platforms/windows/windowsservicemanager.cpp @@ -4,6 +4,7 @@ #include "windowsservicemanager.h" +#include #include #include "Windows.h" @@ -16,35 +17,44 @@ namespace { Logger logger("WindowsServiceManager"); } -WindowsServiceManager::WindowsServiceManager(LPCWSTR serviceName) { +WindowsServiceManager::WindowsServiceManager(SC_HANDLE serviceManager, + SC_HANDLE service) + : QObject(qApp), m_serviceManager(serviceManager), m_service(service) { + m_timer.setSingleShot(false); +} + +std::unique_ptr WindowsServiceManager::open( + const QString serviceName) { + LPCWSTR service = (const wchar_t*)serviceName.utf16(); + DWORD err = NULL; auto scm_rights = SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE | SC_MANAGER_QUERY_LOCK_STATUS | STANDARD_RIGHTS_READ; - m_serviceManager = OpenSCManager(NULL, // local computer - NULL, // servicesActive database - scm_rights); + auto manager = OpenSCManager(NULL, // local computer + NULL, // servicesActive database + scm_rights); err = GetLastError(); if (err != NULL) { logger.error() << " OpenSCManager failed code: " << err; - return; + return {}; } logger.debug() << "OpenSCManager access given - " << err; - logger.debug() << "Opening Service - " - << QString::fromWCharArray(serviceName); + logger.debug() << "Opening Service - " << serviceName; // Try to get an elevated handle - m_service = OpenService(m_serviceManager, // SCM database - serviceName, // name of service - (GENERIC_READ | SERVICE_START | SERVICE_STOP)); + auto serviceHandle = + OpenService(manager, // SCM database + service, // name of service + (GENERIC_READ | SERVICE_START | SERVICE_STOP)); err = GetLastError(); if (err != NULL) { + CloseServiceHandle(manager); WindowsUtils::windowsLog("OpenService failed"); - return; + return {}; } - m_has_access = true; - m_timer.setSingleShot(false); logger.debug() << "Service manager execute access granted"; + return std::make_unique(manager, serviceHandle); } WindowsServiceManager::~WindowsServiceManager() { @@ -85,10 +95,6 @@ bool WindowsServiceManager::startPolling(DWORD goal_state, int max_wait_sec) { SERVICE_STATUS_PROCESS WindowsServiceManager::getStatus() { SERVICE_STATUS_PROCESS serviceStatus; - if (!m_has_access) { - logger.debug() << "Need read access to get service state"; - return serviceStatus; - } DWORD dwBytesNeeded; // Contains missing bytes if struct is too small? QueryServiceStatusEx(m_service, // handle to service SC_STATUS_PROCESS_INFO, // information level @@ -119,10 +125,6 @@ bool WindowsServiceManager::startService() { } bool WindowsServiceManager::stopService() { - if (!m_has_access) { - logger.error() << "Need execute access to stop services"; - return false; - } auto state = getStatus().dwCurrentState; if (state != SERVICE_RUNNING && state != SERVICE_START_PENDING) { logger.warning() << ("Service stop not possible, as its not running"); diff --git a/client/platforms/windows/windowsservicemanager.h b/client/platforms/windows/windowsservicemanager.h index 7638588f..31521245 100644 --- a/client/platforms/windows/windowsservicemanager.h +++ b/client/platforms/windows/windowsservicemanager.h @@ -12,7 +12,7 @@ #include "Winsvc.h" /** - * @brief The WindowsServiceManager provides control over the MozillaVPNBroker + * @brief The WindowsServiceManager provides control over the a * service via SCM */ class WindowsServiceManager : public QObject { @@ -20,7 +20,10 @@ class WindowsServiceManager : public QObject { Q_DISABLE_COPY_MOVE(WindowsServiceManager) public: - WindowsServiceManager(LPCWSTR serviceName); + // Creates a WindowsServiceManager for the Named service. + // returns nullptr if + static std::unique_ptr open(const QString serviceName); + WindowsServiceManager(SC_HANDLE serviceManager, SC_HANDLE service); ~WindowsServiceManager(); // true if the Service is running @@ -45,8 +48,6 @@ class WindowsServiceManager : public QObject { // See // SERVICE_STOPPED,SERVICE_STOP_PENDING,SERVICE_START_PENDING,SERVICE_RUNNING SERVICE_STATUS_PROCESS getStatus(); - bool m_has_access = false; - LPWSTR m_serviceName; SC_HANDLE m_serviceManager; SC_HANDLE m_service; // Service handle with r/w priv. DWORD m_state_target; diff --git a/client/protocols/ikev2_vpn_protocol_windows.cpp b/client/protocols/ikev2_vpn_protocol_windows.cpp index e2e4ca90..b4110f03 100644 --- a/client/protocols/ikev2_vpn_protocol_windows.cpp +++ b/client/protocols/ikev2_vpn_protocol_windows.cpp @@ -238,7 +238,7 @@ ErrorCode Ikev2Protocol::start() "-CipherTransformConstants GCMAES128 " "-EncryptionMethod AES256 " "-IntegrityCheckMethod SHA256 " - "-PfsGroup None " + "-PfsGroup PFS2048 " "-DHGroup Group14 " "-PassThru -Force\"") .arg(tunnelName()); diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp index 4c2feb52..0bbdbd07 100644 --- a/client/protocols/openvpnprotocol.cpp +++ b/client/protocols/openvpnprotocol.cpp @@ -171,6 +171,11 @@ ErrorCode OpenVpnProtocol::start() return lastError(); } +#ifdef AMNEZIA_DESKTOP + IpcClient::Interface()->addKillSwitchAllowedRange(QStringList(NetworkUtilities::getIPAddress( + m_configData.value(amnezia::config_key::hostName).toString()))); +#endif + // Detect default gateway #ifdef Q_OS_MAC QProcess p; @@ -338,7 +343,7 @@ void OpenVpnProtocol::updateVpnGateway(const QString &line) // killSwitch toggle if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) { if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) { - IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index()); + IpcClient::Interface()->enableKillSwitch(m_configData, netInterfaces.at(i).index()); } m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index()); m_configData.insert("vpnGateway", m_vpnGateway); diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h index 865edae4..b4cbb6de 100644 --- a/client/protocols/protocols_defs.h +++ b/client/protocols/protocols_defs.h @@ -72,10 +72,21 @@ namespace amnezia constexpr char junkPacketMaxSize[] = "Jmax"; constexpr char initPacketJunkSize[] = "S1"; constexpr char responsePacketJunkSize[] = "S2"; + constexpr char cookieReplyPacketJunkSize[] = "S3"; + constexpr char transportPacketJunkSize[] = "S4"; constexpr char initPacketMagicHeader[] = "H1"; constexpr char responsePacketMagicHeader[] = "H2"; constexpr char underloadPacketMagicHeader[] = "H3"; constexpr char transportPacketMagicHeader[] = "H4"; + constexpr char specialJunk1[] = "I1"; + constexpr char specialJunk2[] = "I2"; + constexpr char specialJunk3[] = "I3"; + constexpr char specialJunk4[] = "I4"; + constexpr char specialJunk5[] = "I5"; + constexpr char controlledJunk1[] = "J1"; + constexpr char controlledJunk2[] = "J2"; + constexpr char controlledJunk3[] = "J3"; + constexpr char specialHandshakeTimeout[] = "Itime"; constexpr char openvpn[] = "openvpn"; constexpr char wireguard[] = "wireguard"; @@ -95,12 +106,16 @@ namespace amnezia constexpr char splitTunnelApps[] = "splitTunnelApps"; constexpr char appSplitTunnelType[] = "appSplitTunnelType"; + constexpr char allowedDnsServers[] = "allowedDnsServers"; + constexpr char killSwitchOption[] = "killSwitchOption"; constexpr char crc[] = "crc"; constexpr char clientId[] = "clientId"; + constexpr char nameOverriddenByUser[] = "nameOverriddenByUser"; + } namespace protocols @@ -212,10 +227,22 @@ namespace amnezia constexpr char defaultJunkPacketMaxSize[] = "30"; constexpr char defaultInitPacketJunkSize[] = "15"; constexpr char defaultResponsePacketJunkSize[] = "18"; + constexpr char defaultCookieReplyPacketJunkSize[] = "20"; + constexpr char defaultTransportPacketJunkSize[] = "23"; + constexpr char defaultInitPacketMagicHeader[] = "1020325451"; constexpr char defaultResponsePacketMagicHeader[] = "3288052141"; constexpr char defaultTransportPacketMagicHeader[] = "2528465083"; constexpr char defaultUnderloadPacketMagicHeader[] = "1766607858"; + constexpr char defaultSpecialJunk1[] = ""; + constexpr char defaultSpecialJunk2[] = ""; + constexpr char defaultSpecialJunk3[] = ""; + constexpr char defaultSpecialJunk4[] = ""; + constexpr char defaultSpecialJunk5[] = ""; + constexpr char defaultControlledJunk1[] = ""; + constexpr char defaultControlledJunk2[] = ""; + constexpr char defaultControlledJunk3[] = ""; + constexpr char defaultSpecialHandshakeTimeout[] = ""; } namespace socks5Proxy diff --git a/client/protocols/xrayprotocol.cpp b/client/protocols/xrayprotocol.cpp index 2dfbcc21..84922634 100755 --- a/client/protocols/xrayprotocol.cpp +++ b/client/protocols/xrayprotocol.cpp @@ -1,17 +1,14 @@ #include "xrayprotocol.h" -#include "utilities.h" -#include "containers/containers_defs.h" -#include "core/networkUtilities.h" - #include #include #include #include +#include "core/networkUtilities.h" +#include "utilities.h" -XrayProtocol::XrayProtocol(const QJsonObject &configuration, QObject *parent): - VpnProtocol(configuration, parent) +XrayProtocol::XrayProtocol(const QJsonObject &configuration, QObject *parent) : VpnProtocol(configuration, parent) { readXrayConfiguration(configuration); m_routeGateway = NetworkUtilities::getGatewayAndIface(); @@ -22,9 +19,8 @@ XrayProtocol::XrayProtocol(const QJsonObject &configuration, QObject *parent): XrayProtocol::~XrayProtocol() { + qDebug() << "XrayProtocol::~XrayProtocol()"; XrayProtocol::stop(); - QThread::msleep(200); - m_xrayProcess.close(); } ErrorCode XrayProtocol::start() @@ -36,10 +32,6 @@ ErrorCode XrayProtocol::start() return lastError(); } - if (Utils::processIsRunning(Utils::executable(xrayExecPath(), true))) { - Utils::killProcessByName(Utils::executable(xrayExecPath(), true)); - } - #ifdef QT_DEBUG m_xrayCfgFile.setAutoRemove(false); #endif @@ -51,12 +43,16 @@ ErrorCode XrayProtocol::start() QStringList args = QStringList() << "-c" << m_xrayCfgFile.fileName() << "-format=json"; - qDebug().noquote() << "XrayProtocol::start()" - << xrayExecPath() << args.join(" "); + qDebug().noquote() << "XrayProtocol::start()" << xrayExecPath() << args.join(" "); m_xrayProcess.setProcessChannelMode(QProcess::MergedChannels); - m_xrayProcess.setProgram(xrayExecPath()); + + if (Utils::processIsRunning(Utils::executable("xray", false))) { + qDebug().noquote() << "kill previos xray"; + Utils::killProcessByName(Utils::executable("xray", false)); + } + m_xrayProcess.setArguments(args); connect(&m_xrayProcess, &QProcess::readyReadStandardOutput, this, [this]() { @@ -65,18 +61,15 @@ ErrorCode XrayProtocol::start() #endif }); - connect(&m_xrayProcess, QOverload::of(&QProcess::finished), this, [this](int exitCode, QProcess::ExitStatus exitStatus) { - qDebug().noquote() << "XrayProtocol finished, exitCode, exitStatus" << exitCode << exitStatus; - setConnectionState(Vpn::ConnectionState::Disconnected); - if (exitStatus != QProcess::NormalExit) { - emit protocolError(amnezia::ErrorCode::XrayExecutableCrashed); - stop(); - } - if (exitCode != 0) { - emit protocolError(amnezia::ErrorCode::InternalError); - stop(); - } - }); + connect(&m_xrayProcess, QOverload::of(&QProcess::finished), this, + [this](int exitCode, QProcess::ExitStatus exitStatus) { + qDebug().noquote() << "XrayProtocol finished, exitCode, exitStatus" << exitCode << exitStatus; + setConnectionState(Vpn::ConnectionState::Disconnected); + if ((exitStatus != QProcess::NormalExit) || (exitCode != 0)) { + emit protocolError(amnezia::ErrorCode::XrayExecutableCrashed); + emit setConnectionState(Vpn::ConnectionState::Error); + } + }); m_xrayProcess.start(); m_xrayProcess.waitForStarted(); @@ -85,11 +78,10 @@ ErrorCode XrayProtocol::start() setConnectionState(Vpn::ConnectionState::Connecting); QThread::msleep(1000); return startTun2Sock(); - } - else return ErrorCode::XrayExecutableMissing; + } else + return ErrorCode::XrayExecutableMissing; } - ErrorCode XrayProtocol::startTun2Sock() { m_t2sProcess->start(); @@ -101,71 +93,73 @@ ErrorCode XrayProtocol::startTun2Sock() connect(m_t2sProcess.data(), &IpcProcessTun2SocksReplica::stateChanged, this, [&](QProcess::ProcessState newState) { qDebug() << "PrivilegedProcess stateChanged" << newState; }); - connect(m_t2sProcess.data(), &IpcProcessTun2SocksReplica::setConnectionState, this, - [&](int vpnState) { - qDebug() << "PrivilegedProcess setConnectionState " << vpnState; - if (vpnState == Vpn::ConnectionState::Connected) - { - setConnectionState(Vpn::ConnectionState::Connecting); - QList dnsAddr; - dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns1).toString())); - dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns2).toString())); + connect(m_t2sProcess.data(), &IpcProcessTun2SocksReplica::setConnectionState, this, [&](int vpnState) { + qDebug() << "PrivilegedProcess setConnectionState " << vpnState; + if (vpnState == Vpn::ConnectionState::Connected) { + setConnectionState(Vpn::ConnectionState::Connecting); + QList dnsAddr; + + dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns1).toString())); + // We don't use secondary DNS if primary DNS is AmneziaDNS + if (!m_configData.value(amnezia::config_key::dns1).toString(). + contains(amnezia::protocols::dns::amneziaDnsIp)) { + dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns2).toString())); + } #ifdef Q_OS_WIN - QThread::msleep(8000); + QThread::msleep(8000); #endif #ifdef Q_OS_MACOS - QThread::msleep(5000); - IpcClient::Interface()->createTun("utun22", amnezia::protocols::xray::defaultLocalAddr); - IpcClient::Interface()->updateResolvers("utun22", dnsAddr); + QThread::msleep(5000); + IpcClient::Interface()->createTun("utun22", amnezia::protocols::xray::defaultLocalAddr); + IpcClient::Interface()->updateResolvers("utun22", dnsAddr); #endif #ifdef Q_OS_LINUX - QThread::msleep(1000); - IpcClient::Interface()->createTun("tun2", amnezia::protocols::xray::defaultLocalAddr); - IpcClient::Interface()->updateResolvers("tun2", dnsAddr); + QThread::msleep(1000); + IpcClient::Interface()->createTun("tun2", amnezia::protocols::xray::defaultLocalAddr); + IpcClient::Interface()->updateResolvers("tun2", dnsAddr); #endif #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) - // killSwitch toggle - if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) { - m_configData.insert("vpnServer", m_remoteAddress); - IpcClient::Interface()->enableKillSwitch(m_configData, 0); - } + // killSwitch toggle + if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) { + m_configData.insert("vpnServer", m_remoteAddress); + IpcClient::Interface()->enableKillSwitch(m_configData, 0); + } #endif - if (m_routeMode == 0) { - IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1"); - IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1"); - IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress); - } - IpcClient::Interface()->StopRoutingIpv6(); + if (m_routeMode == Settings::RouteMode::VpnAllSites) { + IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1"); + IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1"); + IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress); + } + IpcClient::Interface()->StopRoutingIpv6(); #ifdef Q_OS_WIN - IpcClient::Interface()->updateResolvers("tun2", dnsAddr); - QList netInterfaces = QNetworkInterface::allInterfaces(); - for (int i = 0; i < netInterfaces.size(); i++) { - for (int j = 0; j < netInterfaces.at(i).addressEntries().size(); j++) - { - // killSwitch toggle - if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) { - if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) { - IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index()); - } - m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index()); - m_configData.insert("vpnGateway", m_vpnGateway); - m_configData.insert("vpnServer", m_remoteAddress); - IpcClient::Interface()->enablePeerTraffic(m_configData); - } + IpcClient::Interface()->updateResolvers("tun2", dnsAddr); + QList netInterfaces = QNetworkInterface::allInterfaces(); + for (int i = 0; i < netInterfaces.size(); i++) { + for (int j = 0; j < netInterfaces.at(i).addressEntries().size(); j++) { + // killSwitch toggle + if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) { + if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) { + IpcClient::Interface()->enableKillSwitch(m_configData, netInterfaces.at(i).index()); } + m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index()); + m_configData.insert("vpnGateway", m_vpnGateway); + m_configData.insert("vpnServer", m_remoteAddress); + IpcClient::Interface()->enablePeerTraffic(m_configData); } -#endif - setConnectionState(Vpn::ConnectionState::Connected); } + } +#endif + setConnectionState(Vpn::ConnectionState::Connected); + } #if !defined(Q_OS_MACOS) - if (vpnState == Vpn::ConnectionState::Disconnected) { - setConnectionState(Vpn::ConnectionState::Disconnected); - IpcClient::Interface()->deleteTun("tun2"); - IpcClient::Interface()->StartRoutingIpv6(); - IpcClient::Interface()->clearSavedRoutes(); - } + if (vpnState == Vpn::ConnectionState::Disconnected) { + setConnectionState(Vpn::ConnectionState::Disconnected); + IpcClient::Interface()->deleteTun("tun2"); + IpcClient::Interface()->StartRoutingIpv6(); + IpcClient::Interface()->clearSavedRoutes(); + } #endif - }); + }); return ErrorCode::NoError; } @@ -177,14 +171,14 @@ void XrayProtocol::stop() IpcClient::Interface()->StartRoutingIpv6(); #endif qDebug() << "XrayProtocol::stop()"; - m_xrayProcess.terminate(); + m_xrayProcess.disconnect(); + m_xrayProcess.kill(); + m_xrayProcess.waitForFinished(3000); if (m_t2sProcess) { m_t2sProcess->stop(); } -#ifdef Q_OS_WIN - Utils::signalCtrl(m_xrayProcess.processId(), CTRL_C_EVENT); -#endif + setConnectionState(Vpn::ConnectionState::Disconnected); } QString XrayProtocol::xrayExecPath() @@ -207,7 +201,7 @@ void XrayProtocol::readXrayConfiguration(const QJsonObject &configuration) m_localPort = QString(amnezia::protocols::xray::defaultLocalProxyPort).toInt(); m_remoteHost = configuration.value(amnezia::config_key::hostName).toString(); m_remoteAddress = NetworkUtilities::getIPAddress(m_remoteHost); - m_routeMode = configuration.value(amnezia::config_key::splitTunnelType).toInt(); + m_routeMode = static_cast(configuration.value(amnezia::config_key::splitTunnelType).toInt()); m_primaryDNS = configuration.value(amnezia::config_key::dns1).toString(); m_secondaryDNS = configuration.value(amnezia::config_key::dns2).toString(); } diff --git a/client/protocols/xrayprotocol.h b/client/protocols/xrayprotocol.h index ee632333..c79ef608 100644 --- a/client/protocols/xrayprotocol.h +++ b/client/protocols/xrayprotocol.h @@ -1,14 +1,16 @@ #ifndef XRAYPROTOCOL_H #define XRAYPROTOCOL_H -#include "openvpnprotocol.h" #include "QProcess" + #include "containers/containers_defs.h" +#include "openvpnprotocol.h" +#include "settings.h" class XrayProtocol : public VpnProtocol { public: - XrayProtocol(const QJsonObject& configuration, QObject* parent = nullptr); + XrayProtocol(const QJsonObject &configuration, QObject *parent = nullptr); virtual ~XrayProtocol() override; ErrorCode start() override; @@ -24,11 +26,12 @@ protected: private: static QString xrayExecPath(); static QString tun2SocksExecPath(); + private: int m_localPort; QString m_remoteHost; QString m_remoteAddress; - int m_routeMode; + Settings::RouteMode m_routeMode; QJsonObject m_configData; QString m_primaryDNS; QString m_secondaryDNS; @@ -37,7 +40,6 @@ private: QSharedPointer m_t2sProcess; #endif QTemporaryFile m_xrayCfgFile; - }; #endif // XRAYPROTOCOL_H diff --git a/client/resources.qrc b/client/resources.qrc index a10a784d..54b5846c 100644 --- a/client/resources.qrc +++ b/client/resources.qrc @@ -1,225 +1,245 @@ + fonts/pt-root-ui_vf.ttf + images/amneziaBigLogo.png + images/AmneziaVPN.png + images/controls/alert-circle.svg + images/controls/amnezia.svg + images/controls/app.svg + images/controls/archive-restore.svg + images/controls/arrow-left.svg + images/controls/arrow-right.svg + images/controls/bug.svg + images/controls/check.svg + images/controls/chevron-down.svg + images/controls/chevron-right.svg + images/controls/chevron-up.svg + images/controls/close.svg + images/controls/copy.svg + images/controls/delete.svg + images/controls/download.svg + images/controls/edit-3.svg + images/controls/eye-off.svg + images/controls/eye.svg + images/controls/external-link.svg + images/controls/file-check-2.svg + images/controls/file-cog-2.svg + images/controls/folder-open.svg + images/controls/folder-search-2.svg + images/controls/gauge.svg + images/controls/github.svg + images/controls/help-circle.svg + images/controls/history.svg + images/controls/home.svg + images/controls/info.svg + images/controls/mail.svg + images/controls/map-pin.svg + images/controls/more-vertical.svg + images/controls/plus.svg + images/controls/qr-code.svg + images/controls/radio-button-inner-circle-pressed.png + images/controls/radio-button-inner-circle.png + images/controls/radio-button-pressed.svg + images/controls/radio-button.svg + images/controls/radio.svg + images/controls/refresh-cw.svg + images/controls/save.svg + images/controls/scan-line.svg + images/controls/search.svg + images/controls/server.svg + images/controls/settings-2.svg + images/controls/settings.svg + images/controls/share-2.svg + images/controls/split-tunneling.svg + images/controls/tag.svg + images/controls/telegram.svg + images/controls/text-cursor.svg + images/controls/trash.svg + images/controls/x-circle.svg images/tray/active.png images/tray/default.png images/tray/error.png - images/AmneziaVPN.png - server_scripts/remove_container.sh - server_scripts/setup_host_firewall.sh - server_scripts/openvpn_cloak/Dockerfile + server_scripts/awg/configure_container.sh + server_scripts/awg/Dockerfile + server_scripts/awg/run_container.sh + server_scripts/awg/start.sh + server_scripts/awg/template.conf + server_scripts/build_container.sh + server_scripts/check_connection.sh + server_scripts/check_server_is_busy.sh + server_scripts/check_user_in_sudo.sh + server_scripts/dns/configure_container.sh + server_scripts/dns/Dockerfile + server_scripts/dns/run_container.sh + server_scripts/install_docker.sh + server_scripts/ipsec/configure_container.sh + server_scripts/ipsec/Dockerfile + server_scripts/ipsec/mobileconfig.plist + server_scripts/ipsec/run_container.sh + server_scripts/ipsec/start.sh + server_scripts/ipsec/strongswan.profile server_scripts/openvpn_cloak/configure_container.sh + server_scripts/openvpn_cloak/Dockerfile + server_scripts/openvpn_cloak/run_container.sh server_scripts/openvpn_cloak/start.sh server_scripts/openvpn_cloak/template.ovpn - server_scripts/install_docker.sh - server_scripts/build_container.sh - server_scripts/prepare_host.sh - server_scripts/check_connection.sh - server_scripts/remove_all_containers.sh - server_scripts/openvpn_cloak/run_container.sh - server_scripts/openvpn/configure_container.sh - server_scripts/openvpn/run_container.sh - server_scripts/openvpn/template.ovpn - server_scripts/openvpn/Dockerfile - server_scripts/openvpn/start.sh server_scripts/openvpn_shadowsocks/configure_container.sh server_scripts/openvpn_shadowsocks/Dockerfile server_scripts/openvpn_shadowsocks/run_container.sh server_scripts/openvpn_shadowsocks/start.sh server_scripts/openvpn_shadowsocks/template.ovpn + server_scripts/openvpn/configure_container.sh + server_scripts/openvpn/Dockerfile + server_scripts/openvpn/run_container.sh + server_scripts/openvpn/start.sh + server_scripts/openvpn/template.ovpn + server_scripts/prepare_host.sh + server_scripts/remove_all_containers.sh + server_scripts/remove_container.sh + server_scripts/setup_host_firewall.sh + server_scripts/sftp/configure_container.sh + server_scripts/sftp/Dockerfile + server_scripts/sftp/run_container.sh + server_scripts/socks5_proxy/configure_container.sh + server_scripts/socks5_proxy/Dockerfile + server_scripts/socks5_proxy/run_container.sh + server_scripts/socks5_proxy/start.sh + server_scripts/website_tor/configure_container.sh + server_scripts/website_tor/Dockerfile + server_scripts/website_tor/run_container.sh server_scripts/wireguard/configure_container.sh server_scripts/wireguard/Dockerfile server_scripts/wireguard/run_container.sh server_scripts/wireguard/start.sh server_scripts/wireguard/template.conf - server_scripts/website_tor/configure_container.sh - server_scripts/website_tor/run_container.sh - ui/qml/Config/GlobalConfig.qml - ui/qml/Config/qmldir - server_scripts/check_server_is_busy.sh - server_scripts/dns/configure_container.sh - server_scripts/dns/Dockerfile - server_scripts/dns/run_container.sh - server_scripts/sftp/configure_container.sh - server_scripts/sftp/Dockerfile - server_scripts/sftp/run_container.sh - server_scripts/ipsec/configure_container.sh - server_scripts/ipsec/Dockerfile - server_scripts/ipsec/run_container.sh - server_scripts/ipsec/start.sh - server_scripts/ipsec/mobileconfig.plist - server_scripts/ipsec/strongswan.profile - server_scripts/website_tor/Dockerfile - server_scripts/check_user_in_sudo.sh - ui/qml/Controls2/BasicButtonType.qml - ui/qml/Controls2/TextFieldWithHeaderType.qml - ui/qml/Controls2/LabelWithButtonType.qml - images/controls/arrow-right.svg - images/controls/chevron-right.svg - ui/qml/Controls2/ImageButtonType.qml - ui/qml/Controls2/CardType.qml - ui/qml/Controls2/CheckBoxType.qml - images/controls/check.svg - ui/qml/Controls2/DropDownType.qml - ui/qml/Pages2/PageSetupWizardStart.qml - ui/qml/main2.qml - images/amneziaBigLogo.png - ui/qml/Controls2/FlickableType.qml - ui/qml/Pages2/PageSetupWizardCredentials.qml - ui/qml/Controls2/HeaderType.qml - images/controls/arrow-left.svg - ui/qml/Pages2/PageSetupWizardProtocols.qml - ui/qml/Pages2/PageSetupWizardEasy.qml - images/controls/chevron-down.svg - images/controls/chevron-up.svg - ui/qml/Controls2/TextTypes/ParagraphTextType.qml - ui/qml/Controls2/TextTypes/Header2TextType.qml - ui/qml/Controls2/HorizontalRadioButton.qml - ui/qml/Controls2/VerticalRadioButton.qml - ui/qml/Controls2/SwitcherType.qml - ui/qml/Controls2/TabButtonType.qml - ui/qml/Pages2/PageSetupWizardProtocolSettings.qml - ui/qml/Pages2/PageSetupWizardInstalling.qml - ui/qml/Pages2/PageSetupWizardConfigSource.qml - images/controls/folder-open.svg - images/controls/qr-code.svg - images/controls/text-cursor.svg - ui/qml/Pages2/PageSetupWizardTextKey.qml - ui/qml/Pages2/PageStart.qml - ui/qml/Controls2/TabImageButtonType.qml - images/controls/home.svg - images/controls/settings-2.svg - images/controls/share-2.svg - ui/qml/Pages2/PageHome.qml - ui/qml/Pages2/PageSettingsServersList.qml - ui/qml/Pages2/PageShare.qml - ui/qml/Controls2/TextTypes/Header1TextType.qml - ui/qml/Controls2/TextTypes/LabelTextType.qml - ui/qml/Controls2/TextTypes/ButtonTextType.qml - ui/qml/Controls2/Header2Type.qml - images/controls/plus.svg - ui/qml/Components/ConnectButton.qml - images/controls/download.svg - ui/qml/Controls2/ProgressBarType.qml - ui/qml/Components/ConnectionTypeSelectionDrawer.qml - ui/qml/Components/HomeContainersListView.qml - ui/qml/Controls2/TextTypes/CaptionTextType.qml - images/controls/settings.svg - ui/qml/Pages2/PageSettingsServerInfo.qml - ui/qml/Controls2/PageType.qml - ui/qml/Controls2/PopupType.qml - images/controls/edit-3.svg - ui/qml/Pages2/PageSettingsServerData.qml - ui/qml/Components/SettingsContainersListView.qml - ui/qml/Controls2/TextTypes/ListItemTitleType.qml - ui/qml/Controls2/DividerType.qml - ui/qml/Controls2/StackViewType.qml - ui/qml/Pages2/PageSettings.qml - images/controls/amnezia.svg - images/controls/app.svg - images/controls/radio.svg - images/controls/save.svg - images/controls/server.svg - ui/qml/Pages2/PageSettingsServerProtocols.qml - ui/qml/Pages2/PageSettingsServerServices.qml - ui/qml/Pages2/PageSetupWizardViewConfig.qml - images/controls/file-cog-2.svg - ui/qml/Components/QuestionDrawer.qml - ui/qml/Pages2/PageDeinstalling.qml - ui/qml/Controls2/BackButtonType.qml - ui/qml/Pages2/PageSettingsServerProtocol.qml - ui/qml/Components/TransportProtoSelector.qml - ui/qml/Controls2/ListViewWithRadioButtonType.qml - images/controls/radio-button.svg - images/controls/radio-button-inner-circle.png - images/controls/radio-button-pressed.svg - images/controls/radio-button-inner-circle-pressed.png - ui/qml/Components/ShareConnectionDrawer.qml - ui/qml/Pages2/PageSettingsConnection.qml - ui/qml/Pages2/PageSettingsDns.qml - ui/qml/Pages2/PageSettingsApplication.qml - ui/qml/Pages2/PageSettingsBackup.qml - images/controls/delete.svg - ui/qml/Pages2/PageSettingsAbout.qml - images/controls/github.svg - images/controls/mail.svg - images/controls/telegram.svg - ui/qml/Controls2/TextTypes/SmallTextType.qml - ui/qml/Filters/ContainersModelFilters.qml - ui/qml/Components/SelectLanguageDrawer.qml - ui/qml/Controls2/BusyIndicatorType.qml - ui/qml/Pages2/PageProtocolOpenVpnSettings.qml - ui/qml/Pages2/PageProtocolShadowSocksSettings.qml - ui/qml/Pages2/PageProtocolCloakSettings.qml - ui/qml/Pages2/PageProtocolXraySettings.qml - ui/qml/Pages2/PageProtocolRaw.qml - ui/qml/Pages2/PageSettingsLogging.qml - ui/qml/Pages2/PageServiceSftpSettings.qml - images/controls/copy.svg - ui/qml/Pages2/PageServiceTorWebsiteSettings.qml - ui/qml/Pages2/PageSetupWizardQrReader.qml - images/controls/eye.svg - images/controls/eye-off.svg - ui/qml/Pages2/PageSettingsSplitTunneling.qml - ui/qml/Controls2/ContextMenuType.qml - ui/qml/Controls2/TextAreaType.qml - images/controls/trash.svg - images/controls/more-vertical.svg - ui/qml/Controls2/ListViewWithLabelsType.qml - ui/qml/Pages2/PageServiceDnsSettings.qml - ui/qml/Controls2/TopCloseButtonType.qml - images/controls/x-circle.svg - ui/qml/Pages2/PageProtocolAwgSettings.qml - server_scripts/awg/template.conf - server_scripts/awg/start.sh - server_scripts/awg/configure_container.sh - server_scripts/awg/run_container.sh - server_scripts/awg/Dockerfile - ui/qml/Pages2/PageShareFullAccess.qml - images/controls/close.svg - images/controls/search.svg server_scripts/xray/configure_container.sh server_scripts/xray/Dockerfile server_scripts/xray/run_container.sh server_scripts/xray/start.sh server_scripts/xray/template.json - ui/qml/Pages2/PageProtocolWireGuardSettings.qml + ui/qml/Components/AdLabel.qml + ui/qml/Components/ConnectButton.qml + ui/qml/Components/ConnectionTypeSelectionDrawer.qml + ui/qml/Components/HomeContainersListView.qml ui/qml/Components/HomeSplitTunnelingDrawer.qml - images/controls/split-tunneling.svg - ui/qml/Controls2/DrawerType2.qml - ui/qml/Pages2/PageSettingsAppSplitTunneling.qml ui/qml/Components/InstalledAppsDrawer.qml - images/controls/alert-circle.svg - images/controls/file-check-2.svg + ui/qml/Components/QuestionDrawer.qml + ui/qml/Components/SelectLanguageDrawer.qml + ui/qml/Components/ServersListView.qml + ui/qml/Components/SettingsContainersListView.qml + ui/qml/Components/ShareConnectionDrawer.qml + ui/qml/Components/TransportProtoSelector.qml + ui/qml/Components/AddSitePanel.qml + ui/qml/Config/GlobalConfig.qml + ui/qml/Config/qmldir + ui/qml/Controls2/BackButtonType.qml + ui/qml/Controls2/BasicButtonType.qml + ui/qml/Controls2/BusyIndicatorType.qml + ui/qml/Controls2/CardType.qml + ui/qml/Controls2/CardWithIconsType.qml + ui/qml/Controls2/CheckBoxType.qml + ui/qml/Controls2/ContextMenuType.qml + ui/qml/Controls2/DividerType.qml + ui/qml/Controls2/DrawerType2.qml + ui/qml/Controls2/DropDownType.qml + ui/qml/Controls2/FlickableType.qml + ui/qml/Controls2/Header2Type.qml + ui/qml/Controls2/BaseHeaderType.qml + ui/qml/Controls2/HeaderTypeWithButton.qml + ui/qml/Controls2/HeaderTypeWithSwitcher.qml + ui/qml/Controls2/HorizontalRadioButton.qml + ui/qml/Controls2/ImageButtonType.qml + ui/qml/Controls2/LabelWithButtonType.qml + ui/qml/Controls2/LabelWithImageType.qml + ui/qml/Controls2/ListViewWithLabelsType.qml + ui/qml/Controls2/ListViewWithRadioButtonType.qml + ui/qml/Controls2/PageType.qml + ui/qml/Controls2/PopupType.qml + ui/qml/Controls2/ProgressBarType.qml + ui/qml/Controls2/ScrollBarType.qml + ui/qml/Controls2/StackViewType.qml + ui/qml/Controls2/SwitcherType.qml + ui/qml/Controls2/TabButtonType.qml + ui/qml/Controls2/TabImageButtonType.qml + ui/qml/Controls2/TextAreaType.qml + ui/qml/Controls2/TextAreaWithFooterType.qml + ui/qml/Controls2/TextFieldWithHeaderType.qml + ui/qml/Controls2/TextTypes/ButtonTextType.qml + ui/qml/Controls2/TextTypes/CaptionTextType.qml + ui/qml/Controls2/TextTypes/Header1TextType.qml + ui/qml/Controls2/TextTypes/Header2TextType.qml + ui/qml/Controls2/TextTypes/LabelTextType.qml + ui/qml/Controls2/TextTypes/ListItemTitleType.qml + ui/qml/Controls2/TextTypes/ParagraphTextType.qml + ui/qml/Controls2/TextTypes/SmallTextType.qml + ui/qml/Controls2/TopCloseButtonType.qml + ui/qml/Controls2/VerticalRadioButton.qml ui/qml/Controls2/WarningType.qml - fonts/pt-root-ui_vf.ttf - ui/qml/Modules/Style/qmldir + ui/qml/Filters/ContainersModelFilters.qml + ui/qml/main2.qml ui/qml/Modules/Style/AmneziaStyle.qml + ui/qml/Modules/Style/qmldir + ui/qml/Pages2/PageDeinstalling.qml + ui/qml/Pages2/PageDevMenu.qml + ui/qml/Pages2/PageHome.qml + ui/qml/Pages2/PageProtocolAwgSettings.qml + ui/qml/Pages2/PageProtocolCloakSettings.qml + ui/qml/Pages2/PageProtocolOpenVpnSettings.qml + ui/qml/Pages2/PageProtocolRaw.qml + ui/qml/Pages2/PageProtocolShadowSocksSettings.qml + ui/qml/Pages2/PageProtocolWireGuardSettings.qml + ui/qml/Pages2/PageProtocolXraySettings.qml + ui/qml/Pages2/PageServiceDnsSettings.qml + ui/qml/Pages2/PageServiceSftpSettings.qml ui/qml/Pages2/PageServiceSocksProxySettings.qml - server_scripts/socks5_proxy/run_container.sh - server_scripts/socks5_proxy/Dockerfile - server_scripts/socks5_proxy/configure_container.sh - server_scripts/socks5_proxy/start.sh + ui/qml/Pages2/PageServiceTorWebsiteSettings.qml + ui/qml/Pages2/PageSettings.qml + ui/qml/Pages2/PageSettingsAbout.qml + ui/qml/Pages2/PageSettingsApiAvailableCountries.qml + ui/qml/Pages2/PageSettingsApiServerInfo.qml + ui/qml/Pages2/PageSettingsApplication.qml + ui/qml/Pages2/PageSettingsAppSplitTunneling.qml + ui/qml/Pages2/PageSettingsBackup.qml + ui/qml/Pages2/PageSettingsConnection.qml + ui/qml/Pages2/PageSettingsDns.qml + ui/qml/Pages2/PageSettingsKillSwitch.qml + ui/qml/Pages2/PageSettingsKillSwitchExceptions.qml + ui/qml/Pages2/PageSettingsLogging.qml + ui/qml/Pages2/PageSettingsServerData.qml + ui/qml/Pages2/PageSettingsServerInfo.qml + ui/qml/Pages2/PageSettingsServerProtocol.qml + ui/qml/Pages2/PageSettingsServerProtocols.qml + ui/qml/Pages2/PageSettingsServerServices.qml + ui/qml/Pages2/PageSettingsServersList.qml + ui/qml/Pages2/PageSettingsSplitTunneling.qml ui/qml/Pages2/PageProtocolAwgClientSettings.qml ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml - ui/qml/Pages2/PageSetupWizardApiServicesList.qml ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml - ui/qml/Controls2/CardWithIconsType.qml - images/controls/tag.svg - images/controls/history.svg - images/controls/gauge.svg - images/controls/map-pin.svg - ui/qml/Controls2/LabelWithImageType.qml - images/controls/info.svg - ui/qml/Controls2/TextAreaWithFooterType.qml - images/controls/scan-line.svg - images/controls/folder-search-2.svg - ui/qml/Pages2/PageSettingsApiServerInfo.qml - images/controls/bug.svg - ui/qml/Pages2/PageDevMenu.qml - images/controls/refresh-cw.svg - ui/qml/Pages2/PageSettingsApiLanguageList.qml - images/controls/archive-restore.svg - images/controls/help-circle.svg + ui/qml/Pages2/PageSetupWizardApiServicesList.qml + ui/qml/Pages2/PageSetupWizardConfigSource.qml + ui/qml/Pages2/PageSetupWizardCredentials.qml + ui/qml/Pages2/PageSetupWizardEasy.qml + ui/qml/Pages2/PageSetupWizardInstalling.qml + ui/qml/Pages2/PageSetupWizardProtocols.qml + ui/qml/Pages2/PageSetupWizardProtocolSettings.qml + ui/qml/Pages2/PageSetupWizardQrReader.qml + ui/qml/Pages2/PageSetupWizardStart.qml + ui/qml/Pages2/PageSetupWizardTextKey.qml + ui/qml/Pages2/PageSetupWizardViewConfig.qml + ui/qml/Pages2/PageShare.qml + ui/qml/Pages2/PageShareFullAccess.qml + ui/qml/Pages2/PageStart.qml + ui/qml/Components/RenameServerDrawer.qml + ui/qml/Controls2/ListViewType.qml + ui/qml/Pages2/PageSettingsApiSupport.qml + ui/qml/Pages2/PageSettingsApiInstructions.qml + ui/qml/Pages2/PageSettingsApiNativeConfigs.qml + ui/qml/Pages2/PageSettingsApiDevices.qml + images/controls/monitor.svg + ui/qml/Components/ApiPremV1MigrationDrawer.qml + ui/qml/Components/ApiPremV1SubListDrawer.qml + ui/qml/Components/OtpCodeDrawer.qml + ui/qml/Components/AwgTextField.qml images/flagKit/ZW.svg diff --git a/client/secure_qsettings.cpp b/client/secure_qsettings.cpp index 88c0242b..8df24e74 100644 --- a/client/secure_qsettings.cpp +++ b/client/secure_qsettings.cpp @@ -1,7 +1,7 @@ #include "secure_qsettings.h" -#include "QAead.h" -#include "QBlockCipher.h" +#include "../client/3rd/QSimpleCrypto/src/include/QAead.h" +#include "../client/3rd/QSimpleCrypto/src/include/QBlockCipher.h" #include "utilities.h" #include #include @@ -15,6 +15,12 @@ using namespace QKeychain; +namespace { + constexpr const char *settingsKeyTag = "settingsKeyTag"; + constexpr const char *settingsIvTag = "settingsIvTag"; + constexpr const char *keyChainName = "AmneziaVPN-Keychain"; +} + SecureQSettings::SecureQSettings(const QString &organization, const QString &application, QObject *parent) : QObject { parent }, m_settings(organization, application, parent), encryptedKeys({ "Servers/serversList" }) { @@ -49,7 +55,7 @@ QVariant SecureQSettings::value(const QString &key, const QVariant &defaultValue // check if value is not encrypted, v. < 2.0.x retVal = m_settings.value(key); if (retVal.isValid()) { - if (retVal.userType() == QVariant::ByteArray && retVal.toByteArray().mid(0, magicString.size()) == magicString) { + if (retVal.userType() == QMetaType::QByteArray && retVal.toByteArray().mid(0, magicString.size()) == magicString) { if (getEncKey().isEmpty() || getEncIv().isEmpty()) { qCritical() << "SecureQSettings::setValue Decryption requested, but key is empty"; diff --git a/client/secure_qsettings.h b/client/secure_qsettings.h index 43890578..8878e1d5 100644 --- a/client/secure_qsettings.h +++ b/client/secure_qsettings.h @@ -6,11 +6,7 @@ #include #include -#include "keychain.h" - -constexpr const char *settingsKeyTag = "settingsKeyTag"; -constexpr const char *settingsIvTag = "settingsIvTag"; -constexpr const char *keyChainName = "AmneziaVPN-Keychain"; +#include "../client/3rd/qtkeychain/qtkeychain/keychain.h" class SecureQSettings : public QObject { @@ -44,7 +40,7 @@ public: private: QSettings m_settings; - mutable QMap m_cache; + mutable QHash m_cache; QStringList encryptedKeys; // encode only key listed here // only this fields need for backup diff --git a/client/server_scripts/awg/Dockerfile b/client/server_scripts/awg/Dockerfile index 8c536fc7..a6118a84 100644 --- a/client/server_scripts/awg/Dockerfile +++ b/client/server_scripts/awg/Dockerfile @@ -10,7 +10,7 @@ RUN mkdir -p /opt/amnezia RUN echo -e "#!/bin/bash\ntail -f /dev/null" > /opt/amnezia/start.sh RUN chmod a+x /opt/amnezia/start.sh -# Tune network +# Tune network RUN echo -e " \n\ fs.file-max = 51200 \n\ \n\ @@ -40,7 +40,8 @@ RUN echo -e " \n\ echo -e " \n\ * soft nofile 51200 \n\ * hard nofile 51200 \n\ - " | sed -e 's/^\s\+//g' | tee -a /etc/security/limits.conf + " | sed -e 's/^\s\+//g' | tee -a /etc/security/limits.conf ENTRYPOINT [ "dumb-init", "/opt/amnezia/start.sh" ] CMD [ "" ] + diff --git a/client/server_scripts/awg/configure_container.sh b/client/server_scripts/awg/configure_container.sh index 322cc38f..e327f080 100644 --- a/client/server_scripts/awg/configure_container.sh +++ b/client/server_scripts/awg/configure_container.sh @@ -12,7 +12,7 @@ echo $WIREGUARD_PSK > /opt/amnezia/awg/wireguard_psk.key cat > /opt/amnezia/awg/wg0.conf < /dev/null 2>&1; then LOCK_FILE="/var/lib/dpkg/lock-frontend";\ -elif which dnf > /dev/null 2>&1; then LOCK_FILE="/var/run/dnf.pid";\ -elif which yum > /dev/null 2>&1; then LOCK_FILE="/var/run/yum.pid";\ -elif which pacman > /dev/null 2>&1; then LOCK_FILE="/var/lib/pacman/db.lck";\ +if which apt-get > /dev/null 2>&1; then LOCK_CMD="fuser"; LOCK_FILE="/var/lib/dpkg/lock-frontend";\ +elif which dnf > /dev/null 2>&1; then LOCK_CMD="fuser"; LOCK_FILE="/var/cache/dnf/* /var/run/dnf/* /var/lib/dnf/* /var/lib/rpm/*";\ +elif which yum > /dev/null 2>&1; then LOCK_CMD="cat"; LOCK_FILE="/var/run/yum.pid";\ +elif which zypper > /dev/null 2>&1; then LOCK_CMD="cat"; LOCK_FILE="/var/run/zypp.pid";\ +elif which pacman > /dev/null 2>&1; then LOCK_CMD="fuser"; LOCK_FILE="/var/lib/pacman/db.lck";\ else echo "Packet manager not found"; echo "Internal error"; exit 1; fi;\ -if command -v fuser > /dev/null 2>&1; then sudo fuser $LOCK_FILE 2>/dev/null; else echo "fuser not installed"; fi +if command -v $LOCK_CMD > /dev/null 2>&1; then sudo $LOCK_CMD $LOCK_FILE 2>/dev/null; else echo "$LOCK_CMD not installed"; fi diff --git a/client/server_scripts/check_user_in_sudo.sh b/client/server_scripts/check_user_in_sudo.sh index e7ee953c..f83f2fd7 100644 --- a/client/server_scripts/check_user_in_sudo.sh +++ b/client/server_scripts/check_user_in_sudo.sh @@ -1,2 +1,14 @@ -CUR_USER=$(whoami);\ -groups $CUR_USER \ No newline at end of file +if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); opt="--version";\ +elif which dnf > /dev/null 2>&1; then pm=$(which dnf); opt="--version";\ +elif which yum > /dev/null 2>&1; then pm=$(which yum); opt="--version";\ +elif which zypper > /dev/null 2>&1; then pm=$(which zypper); opt="--version";\ +elif which pacman > /dev/null 2>&1; then pm=$(which pacman); opt="--version";\ +else pm="uname"; opt="-a";\ +fi;\ +CUR_USER=$(whoami 2>/dev/null || echo $HOME | sed 's/.*\///');\ +echo $LANG | grep -qE '^(en_US.UTF-8|C.UTF-8|C)$' || export LC_ALL=C;\ +sudo -K;\ +cd ~;\ +if [ "$CUR_USER" = "root" ] || ( groups "$CUR_USER" | grep -E '\<(sudo|wheel)\>' ); then \ + sudo -nu $CUR_USER $pm $opt > /dev/null; sudo -n $pm $opt > /dev/null;\ +fi diff --git a/client/server_scripts/install_docker.sh b/client/server_scripts/install_docker.sh index 6fed78c0..1e41bb5a 100644 --- a/client/server_scripts/install_docker.sh +++ b/client/server_scripts/install_docker.sh @@ -1,7 +1,8 @@ if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); silent_inst="-yq install"; check_pkgs="-yq update"; docker_pkg="docker.io"; dist="debian";\ elif which dnf > /dev/null 2>&1; then pm=$(which dnf); silent_inst="-yq install"; check_pkgs="-yq check-update"; docker_pkg="docker"; dist="fedora";\ elif which yum > /dev/null 2>&1; then pm=$(which yum); silent_inst="-y -q install"; check_pkgs="-y -q check-update"; docker_pkg="docker"; dist="centos";\ -elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="> /dev/null 2>&1"; docker_pkg="docker"; dist="archlinux";\ +elif which zypper > /dev/null 2>&1; then pm=$(which zypper); silent_inst="-nq install"; check_pkgs="-nq refresh"; docker_pkg="docker"; dist="opensuse";\ +elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="-Sup"; docker_pkg="docker"; dist="archlinux";\ else echo "Packet manager not found"; exit 1; fi;\ echo "Dist: $dist, Packet manager: $pm, Install command: $silent_inst, Check pkgs command: $check_pkgs, Docker pkg: $docker_pkg";\ if [ "$dist" = "debian" ]; then export DEBIAN_FRONTEND=noninteractive; fi;\ @@ -12,6 +13,9 @@ if ! command -v docker > /dev/null 2>&1; then \ sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\ sleep 5; sudo systemctl enable --now docker; sleep 5;\ fi;\ +if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = "Y" ]; then \ + if ! command -v apparmor_parser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst apparmor; fi;\ +fi;\ if [ "$(systemctl is-active docker)" != "active" ]; then \ sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\ sleep 5; sudo systemctl start docker; sleep 5;\ diff --git a/client/server_scripts/ipsec/configure_container.sh b/client/server_scripts/ipsec/configure_container.sh index 76c4dfaf..1f0a45cb 100644 --- a/client/server_scripts/ipsec/configure_container.sh +++ b/client/server_scripts/ipsec/configure_container.sh @@ -33,14 +33,14 @@ conn shared right=%any encapsulation=yes authby=secret - pfs=no + pfs=yes rekey=no keyingtries=5 dpddelay=30 dpdtimeout=120 dpdaction=clear ikev2=never - ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024 + ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp2048,aes128-sha1;modp2048 phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2 ikelifetime=24h salifetime=24h @@ -244,9 +244,9 @@ conn ikev2-cp auto=add ikev2=insist rekey=no - pfs=no - ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1 - phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2 + pfs=yes + ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp2048,aes128-sha1;modp2048 + phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2 ikelifetime=24h salifetime=24h encapsulation=yes diff --git a/client/server_scripts/prepare_host.sh b/client/server_scripts/prepare_host.sh index c6defdb0..1cc56a01 100644 --- a/client/server_scripts/prepare_host.sh +++ b/client/server_scripts/prepare_host.sh @@ -1,4 +1,4 @@ -CUR_USER=$(whoami);\ +CUR_USER=$(whoami 2>/dev/null || echo $HOME | sed 's/.*\///');\ sudo mkdir -p $DOCKERFILE_FOLDER;\ sudo chown $CUR_USER $DOCKERFILE_FOLDER;\ if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network create \ diff --git a/client/settings.cpp b/client/settings.cpp index 7a572a13..fb9c72c1 100644 --- a/client/settings.cpp +++ b/client/settings.cpp @@ -443,6 +443,16 @@ void Settings::setKillSwitchEnabled(bool enabled) setValue("Conf/killSwitchEnabled", enabled); } +bool Settings::isStrictKillSwitchEnabled() const +{ + return value("Conf/strictKillSwitchEnabled", false).toBool(); +} + +void Settings::setStrictKillSwitchEnabled(bool enabled) +{ + setValue("Conf/strictKillSwitchEnabled", enabled); +} + QString Settings::getInstallationUuid(const bool needCreate) { auto uuid = value("Conf/installationUuid", "").toString(); @@ -538,3 +548,33 @@ void Settings::toggleDevGatewayEnv(bool enabled) { m_isDevGatewayEnv = enabled; } + +bool Settings::isHomeAdLabelVisible() +{ + return value("Conf/homeAdLabelVisible", true).toBool(); +} + +void Settings::disableHomeAdLabel() +{ + setValue("Conf/homeAdLabelVisible", false); +} + +bool Settings::isPremV1MigrationReminderActive() +{ + return value("Conf/premV1MigrationReminderActive", true).toBool(); +} + +void Settings::disablePremV1MigrationReminder() +{ + setValue("Conf/premV1MigrationReminderActive", false); +} + +QStringList Settings::allowedDnsServers() const +{ + return value("Conf/allowedDnsServers").toStringList(); +} + +void Settings::setAllowedDnsServers(const QStringList &servers) +{ + setValue("Conf/allowedDnsServers", servers); +} diff --git a/client/settings.h b/client/settings.h index f41f4d29..7c244cd4 100644 --- a/client/settings.h +++ b/client/settings.h @@ -174,11 +174,12 @@ public: QLocale getAppLanguage() { - return value("Conf/appLanguage", QLocale()).toLocale(); + QString localeStr = m_settings.value("Conf/appLanguage").toString(); + return QLocale(localeStr); }; void setAppLanguage(QLocale locale) { - setValue("Conf/appLanguage", locale); + setValue("Conf/appLanguage", locale.name()); }; bool isScreenshotsEnabled() const @@ -213,6 +214,10 @@ public: bool isKillSwitchEnabled() const; void setKillSwitchEnabled(bool enabled); + + bool isStrictKillSwitchEnabled() const; + void setStrictKillSwitchEnabled(bool enabled); + QString getInstallationUuid(const bool needCreate); void resetGatewayEndpoint(); @@ -222,6 +227,15 @@ public: bool isDevGatewayEnv(); void toggleDevGatewayEnv(bool enabled); + bool isHomeAdLabelVisible(); + void disableHomeAdLabel(); + + bool isPremV1MigrationReminderActive(); + void disablePremV1MigrationReminder(); + + QStringList allowedDnsServers() const; + void setAllowedDnsServers(const QStringList &servers); + signals: void saveLogsChanged(bool enabled); void screenshotsEnabledChanged(bool enabled); diff --git a/client/translations/amneziavpn_ar_EG.ts b/client/translations/amneziavpn_ar_EG.ts index e176d8eb..4b84502b 100644 --- a/client/translations/amneziavpn_ar_EG.ts +++ b/client/translations/amneziavpn_ar_EG.ts @@ -1,55 +1,132 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + تم تحميل %1 بنجاح + + + + API config reloaded + تمت إعادة تحميل تكوين API + + + + Successfully changed the country of connection to %1 + تم تغيير بلد الاتصال بنجاح إلى %1 + + ApiServicesModel - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - شبكة VPN كلاسيكية للعمل المريح وتنزيل الملفات الكبيرة ومشاهدة مقاطع الفيديو. تعمل مع أي موقع. تصل السرعة إلى %1 ميجابت/ثانية + شبكة VPN كلاسيكية للعمل المريح وتنزيل الملفات الكبيرة ومشاهدة مقاطع الفيديو. تعمل مع أي موقع. تصل السرعة إلى %1 ميجابت/ثانية - VPN to access blocked sites in regions with high levels of Internet censorship. - شبكة VPN للولوج للمواقع المحظورة في بلاد ذو مستوي عالي من الرقابة علي الانترنت. + شبكة VPN للولوج للمواقع المحظورة في بلاد ذو مستوي عالي من الرقابة علي الانترنت. - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. - Amenzia Premium - شبكة VPN للعمل المريح, تحميل ملفات كبيرة الحجم, ومشاهدة مقاطع الفيديو ب جودة عالية. تعمل لجميع المواقع, حتي في البلاد ذو مستوي عالي من الرقابة علي الانترنت + Amenzia Premium - شبكة VPN للعمل المريح, تحميل ملفات كبيرة الحجم, ومشاهدة مقاطع الفيديو ب جودة عالية. تعمل لجميع المواقع, حتي في البلاد ذو مستوي عالي من الرقابة علي الانترنت - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship - Amnezia Free هو VPN مجاني لتخطي الحظر في البلاد ذو مستوي عالي من الرقابة علي الانترنت + Amnezia Free هو VPN مجاني لتخطي الحظر في البلاد ذو مستوي عالي من الرقابة علي الانترنت - + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. + + + + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. + + + + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s %1 ميجابت/ثانية - + %1 days %1 ايام - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> سيقوم VPN فقط بفتح المواقع المشهورة المحظورة في بلدك, مثل Instagram, Facebook, Twitter و مواقع اخري. المواقع الاخري ستٌفتح من عنوان ال IP الحقيقي الخاص بك, <a href="%1/free" style="color: #FBB26A;">معلومات اخري علي الموقع.</a> - + Free مجاني - + %1 $/month %1 دولار/الشهر @@ -80,7 +157,7 @@ ConnectButton - + Unable to disconnect during configuration preparation غير قادر علي قطع الاتصال اثناء إعداد التكوين @@ -88,79 +165,76 @@ ConnectionController - - - - + + + + Connect اتصل - VPN Protocols is not installed. Please install VPN container at first - لم يتم تثبيت بروتوكولات VPN, من فضلك قم بتنزيل حاوية VPN اولاً + لم يتم تثبيت بروتوكولات VPN, من فضلك قم بتنزيل حاوية VPN اولاً - + Connecting... اتصال... - + Connected تم الاتصال - + Reconnecting... إعادة الاتصال... - + Disconnecting... إنهاء الاتصال... - + Preparing... جاري التحضير... - + Settings updated successfully, reconnnection... تم تحديث الاعدادات بنجاح, جاري إعادة الاتصال... - + Settings updated successfully تم تحديث الاعدادات بنجاح - The selected protocol is not supported on the current platform - البروتوكول المحدد غير مدعوم علي المنصة الحالية + البروتوكول المحدد غير مدعوم علي المنصة الحالية - unable to create configuration - غير قادر علي إنشاء تكوين + غير قادر علي إنشاء تكوين ConnectionTypeSelectionDrawer - + Add new connection إضافة اتصال جديد - + Configure your server قم بتهيئة الخادم الخاص بك - + Open config file, key or QR code افتح ملف تعريف, مفتاح تعريف او رمز QR @@ -198,7 +272,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection غير قادر علي تغيير البروتوكول اثناء تواجد اتصال @@ -206,46 +280,46 @@ HomeSplitTunnelingDrawer - + Split tunneling تقسيم الانفاق - + Allows you to connect to some sites or applications through a VPN connection and bypass others يسمح لك بألاتصال ببعض المواقع او البرامج خلال اتصال VPN و تجاوز الاخرين - + Split tunneling on the server تقسيم الانفاق علي الخادم - + Enabled Can't be disabled for current server مٌفعل لا يمكن إقافة للخادم الحالي - + Site-based split tunneling انقسام الانفاق القائم علي الموقع - - + + Enabled مٌفعل - - + + Disabled مٌعطل - + App-based split tunneling انقسام الانفاق القائم علي التطبيق @@ -253,48 +327,54 @@ Can't be disabled for current server ImportController - Unable to open file - غير قادر علي فتح الملف + غير قادر علي فتح الملف - - Invalid configuration file - ملف تكوين غير صحيح + ملف تكوين غير صحيح - + Scanned %1 of %2. تم فحص%1 من %2. - + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: + + + In the imported configuration, potentially dangerous lines were found: - في التكوين المستورد، تم العثور على سطور يحتمل أن تكون خطرة: + في التكوين المستورد، تم العثور على سطور يحتمل أن تكون خطرة: InstallController - + %1 installed successfully. %1 تم التثبيت بنجاح. - + %1 is already installed on the server. %1 بالفعل مٌثبت علي الخادم. - + Added containers that were already installed on the server تمت إضافة الحاويات التي كانت مٌثبتة بالفعل علي الخادم - + Already installed containers were found on the server. All installed containers have been added to the application @@ -302,64 +382,61 @@ Already installed containers were found on the server. All installed containers تمت إضافة جميع الحاويات المٌثبتة إلي التطبيق - + Settings updated successfully تم تحديث الاعدادات بنجاح - + Server '%1' was rebooted تمت إعادة تشغيل الخادم%1 - + Server '%1' was removed تمت إزالة الخادم '%1' - + All containers from server '%1' have been removed قد تم حذفها '%1' جميع الحاويات من الخادم - + %1 has been removed from the server '%2' %1 تم حدف '%2' اسم الخادم - + Api config removed تم حذف تكوين Api - + %1 cached profile cleared تم مسح ملف تعريف %1 المخزن مؤقتًا - + Please login as the user من فضلك قم بتسجيل الدخول كمستخدم - + Server added successfully تمت إضافة الخادم بنجاح - %1 installed successfully. - تم تحميل %1 بنجاح + تم تحميل %1 بنجاح - API config reloaded - تمت إعادة تحميل تكوين API + تمت إعادة تحميل تكوين API - Successfully changed the country of connection to %1 - تم تغيير بلد الاتصال بنجاح إلى %1 + تم تغيير بلد الاتصال بنجاح إلى %1 @@ -370,12 +447,12 @@ Already installed containers were found on the server. All installed containers اختر تطبيق - + application name اسم التطبيق - + Add selected اضف اختيارك @@ -443,12 +520,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint نقطة نهاية البوابة - + Dev gateway environment @@ -456,85 +533,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled تم تمكين التسجيل - + Split tunneling enabled تقسيم الانفاق مٌفعل - + Split tunneling disabled تقسيم الانفاق مٌعطل - + VPN protocol بروتوكول VPN - + Servers الخوادم - Unable change server while there is an active connection - لا يمكن تغير الخادم بينما هناك اتصال مفعل + لا يمكن تغير الخادم بينما هناك اتصال مفعل PageProtocolAwgClientSettings - + AmneziaWG settings اعدادات AmneziaWG - + MTU - + Server settings - + Port منفذ - + Save احفظ - + Save settings? احفظ الإعدادات؟ - + Only the settings for this device will be changed - + Continue واصل - + Cancel إلغاء - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -542,97 +618,102 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings اعدادات AmneziaWG - + Port منفذ - + All users with whom you shared a connection with will no longer be able to connect to it. جميع المستخدمين الذين شاركت معهم اتصال لن يكونو قادرين علي الاتصال مرة اخري. - + Save احفظ - + + VPN address subnet + الشبكة الفرعية لعنوان VPN + + + Jc - Junk packet count Jc - عدد الحزم غير المرغوب فيها - + Jmin - Junk packet minimum size Jmin - الحجم الادني للحزم الغير مرغوب فيها - + Jmax - Junk packet maximum size Jmax - الحجم الاقصي للحزم الغير مرغوب فيها - + S1 - Init packet junk size S1 - حجم حزمة البيانات العشوائية الأولية - + S2 - Response packet junk size S2 - حجم حزمة الاستجابة غير المرغوب فيها - + H1 - Init packet magic header H1 - حزمة رأس سحرية مبدئية - + H2 - Response packet magic header H2 - رأس حزمة الاستجابة السحرية - + H4 - Transport packet magic header H4 - رأس حزمة النقل السحرية - + H3 - Underload packet magic header H3 - رأس حزمة السحر غير المحمل - + The values of the H1-H4 fields must be unique يجب أن تكون قيم الحقول H1-H4 فريدة - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) يجب ألا تساوي قيمة الحقل S1 + حجم بدء الرسالة (148) S2 + حجم استجابة الرسالة (92) - + Save settings? احفظ الإعدادات؟ - + Continue واصل - + Cancel إلغاء - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -640,33 +721,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings Cloak إعدادات - + Disguised as traffic from متنكراً في حركة مرور من - + Port منفذ - - + + Cipher الشفرة - + Save احفظ - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -674,175 +755,175 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings OpenVPN اعدادات - + VPN address subnet الشبكة الفرعية لعنوان VPN - + Network protocol بروتوكول الشبكة - + Port منفذ - + Auto-negotiate encryption التفاوض التلقائي علي الشبكة - - + + Hash - + SHA512 - + SHA384 - + SHA256 - + SHA3-512 - + SHA3-384 - + SHA3-256 - + whirlpool - + BLAKE2b512 - + BLAKE2s256 - + SHA1 - - + + Cipher شفرة - + AES-256-GCM - + AES-192-GCM - + AES-128-GCM - + AES-256-CBC - + AES-192-CBC - + AES-128-CBC - + ChaCha20-Poly1305 - + ARIA-256-CBC - + CAMELLIA-256-CBC - + none لا شئ - + TLS auth TLS مصادقة - + Block DNS requests outside of VPN احظر طلبات DNS خارج ال VPN - + Additional client configuration commands اوامر تكوين العميل الاضافية - - + + Commands: الاوامر: - + Additional server configuration commands اوامر تكوين الخادم الاضافية - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط - + Save احفظ @@ -850,42 +931,42 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings إعدادات - + Show connection options اظهر اختيارات الاتصال - + Connection options %1 %1 اختيارات الاتصال - + Remove احذف - + Remove %1 from server? احذف %1 من الخادم ? - + All users with whom you shared a connection with will no longer be able to connect to it. جميع المستخدمين الذين شاركت معهم اتصال لن يكونو قادرين علي الاتصال مرة اخري. - + Continue واصل - + Cancel إلغاء @@ -893,28 +974,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings Shadowsocks إعدادات - + Port منفذ - - + + Cipher تشفير - + Save احفظ - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -922,52 +1003,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings إعدادات WG - + MTU - + Server settings - + Port منفذ - + Save احفظ - + Save settings? احفظ الإعدادات؟ - + Only the settings for this device will be changed - + Continue واصل - + Cancel إلغاء - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -975,42 +1056,47 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings إعدادات WG - + + VPN address subnet + الشبكة الفرعية لعنوان VPN + + + Port منفذ - + Save settings? احفظ الإعدادات؟ - + All users with whom you shared a connection with will no longer be able to connect to it. جميع المستخدمين الذين شاركت معهم اتصال لن يكونو قادرين علي الاتصال مرة اخري. - + Continue واصل - + Cancel إلغاء - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط - + Save احفظ @@ -1018,22 +1104,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings إعدادات XRay - + Disguised as traffic from متنكراً في حركة مرور من - + Save احفظ - + Unable change settings while there is an active connection لا يمكن تغيير الإعدادات أثناء وجود اتصال نشط @@ -1041,39 +1127,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. تم تثبيت خدمة DNS علي الخادم الخاص بك, و فقط متاح من خلال VPN. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. عنوان ال DNS متطابق لنفس عنوان الخادم بك, يمكنك تهيئة DNS في الاعدادات, تحت علامة تبويب الاتصال. - + Remove احذف - + Remove %1 from server? احذف %1 ? - + Cannot remove AmneziaDNS from running server لا يمكن إزالة AmneziaDNS من الخادم قيد التشغيل - + Continue واصل - + Cancel إلغاء @@ -1081,67 +1167,67 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully تم تحديث الإعدادات بنجاح - + SFTP settings SFTP إعدادات - + Host استضافة - - - - + + + + Copied تم الاستنساخ - + Port منفذ - + User name اسم المستخدم - + Password كلمة المرور - + Mount folder on device قم بتثبيت المجلد علي الجهاز - + In order to mount remote SFTP folder as local drive, perform following steps: <br> لتثبيت مجلد SFTP كمحرك اقراص محلي, اتبع هذه الخطوات : <br> - - + + <br>1. Install the latest version of <br>1. تحميل اخر اصدار من - - + + <br>2. Install the latest version of <br>2. تحمير اخر اصدار من - + Detailed instructions تعليمات مفصلة @@ -1149,69 +1235,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully تم تحديث الإعدادات بنجاح - - + + SOCKS5 settings إعدادات SOCKS5 - + Host استضافة - - - - + + + + Copied تم النسخ - - + + Port منفذ - + User name اسم المستخدم - - + + Password كلمة المرور - + Username اسم المستخدم - - + + Change connection settings تغيير إعدادات الاتصال - + The port must be in the range of 1 to 65535 يجب أن يكون المنفذ في النطاق من 1 إلى 65535 - + Password cannot be empty لا يمكن ان تكون كلمة المرور فارغة - + Username cannot be empty اسم المستخدم لا يمكن ان يكون فارغ @@ -1219,37 +1305,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully تم تحديث الإعدادات بنجاح - + Tor website settings Tor إعدادات متصفح - + Website address عنوان المتصفح - + Copied تم الاستنساخ - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. - + When configuring WordPress set the this onion address as domain. عند تكوين WordPress قم بتعيين عنوان ال onion هذا ك domain. @@ -1257,42 +1343,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings إعدادات - + Servers الخوادم - + Connection الاتصال - + Application تطبيق - + Backup نسخة احتياطية - + About AmneziaVPN عن AmneziaVPN - + Dev console وحدة تحكم التطوير - + Close application إغلاق التطبيق @@ -1300,32 +1386,32 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia دعم Amenzia - + Amnezia is a free and open-source application. You can support the developers if you like it. هو تطبيق مجاني ومفتوح المصدر يمكنك دعم مطورين Amnezia إذا اعجبك. - + Contacts التواصل - + Telegram group مجموعة ال Telegram - + To discuss features لمناقشة الميزات - + https://t.me/amnezia_vpn_en @@ -1334,135 +1420,526 @@ Already installed containers were found on the server. All installed containers البريد - + support@amnezia.org - + For reviews and bug reports لل مراجعات والابلاغات عن المشاكل - - Copied + + mailto:support@amnezia.org - + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client - + Website موقع - + + Visit official website + + + + Software version: %1 %1 :إصدار البرنامج - + Check for updates تحقق من وجود تحديثات - + Privacy Policy سياسات الخصوصية + + PageSettingsApiAvailableCountries + + + Location for connection + + + + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices + + + + + Manage currently connected devices + + + + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. + + + + + (current device) + + + + + Support tag: + + + + + Last updated: + + + + + Cannot unlink device during active connection + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Continue + واصل + + + + Cancel + إلغاء + + + + PageSettingsApiInstructions + + + Windows + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows + + + + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + احفظ تكوين AmneziaVPN + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + واصل + + + + Cancel + إلغاء + + PageSettingsApiServerInfo - For the region - للمنطقة + للمنطقة - Price - السعر + السعر - Work period - مدة العمل + مدة العمل - Speed - السرعة + السرعة - Support tag - علامة الدعم + علامة الدعم - Copied - تم النسخ + تم النسخ - + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + + + + + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + Reload API config إعادة تحميل تكوين API - + Reload API config? إعادة تحميل تكوين API - - + + + Continue واصل - - + + + Cancel إلغاء - + Cannot reload API config during active connection لا يمكن إعادة تحميل تكوين API اثناء تواجد اتصال نشط - + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + Remove from application احذف من التطبيق - + Remove from application? احذف من التطبيق؟ - + Cannot remove server during active connection لا يمكن إزالة الخادم أثناء الاتصال النشط + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + موقع + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + علامة الدعم + + + + Copied + + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection لا يمكن تغير إعدادات تقسيم الانفاق بينما هناك اتصال مٌفعل - + Only the apps from the list should have access via VPN يجب أن تتمتع التطبيقات الموجودة في القائمة فقط بإمكانية الوصول عبر VPN @@ -1472,42 +1949,42 @@ Already installed containers were found on the server. All installed containers لا يجب ان تتمتع التطبيقات في القائمة بولوج ل VPN - + App split tunneling تقسيم نفق التطبيق - + Mode وضع - + Remove احذف - + Continue واصل - + Cancel إلغاء - + application name اسم التطبيق - + Open executable file افتح ملف قابل للتنفيذ - + Executable files (*.*) ملفات قابلة للتنفيذ (*.*) @@ -1515,102 +1992,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application تطبيق - + Allow application screenshots اسمح بلقطات شاشة التطبيق - + Enable notifications تفعيل الإشعارات - + Enable notifications to show the VPN state in the status bar تفعيل الإشعارات لإظهار حالة ال VPN في شريط الحالة - + Auto start تشغيل تلقائي - + Launch the application every time the device is starts قم بتشغيل التطبيق فكل مرة يتم فيها تشغيل الجهاز - + Auto connect اتصال تلقائي - + Connect to VPN on app start اتصل ب ال VPN عند تشغيل التطبيق - + Start minimized ابدأ ب الحجم الادني - + Launch application minimized تشغيل التطبيق في الحد الادني - + Language اللغة - + Logging تسجيل - + Enabled مٌفعل - + Disabled مٌعطل - + Reset settings and remove all data from the application إعادة ضبط الاعدادات ومسح جميع البيانات من التطبيق - + Reset settings and remove all data from the application? إعادة ضبط الاعدادات ومسح جميع البيانات من التطبيق؟ - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. سيتم ضبط الاعدادات الافتراضية. جميع خدمات AmneziaVPN المٌثبتة ستبقي علي الخادم. - + Continue واصل - + Cancel إلغاء - + Cannot reset settings during active connection لا يمكن إعادة ضبط الإعدادات اثناء تواجد اتصال فعال @@ -1618,78 +2095,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - + Settings restored from backup file تم إعادة الاعدادات من ملف نسخة احتياطية - + Back up your configuration قم بعمل نسخة احتياطية - + You can save your settings to a backup file to restore them the next time you install the application. يمكنك حفظ الإعدادات في ملف نسخة احتياطية لأعادتهم في المرة القادمة التي تثبت فيها التطبيق. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. ستحتوي النسخة الاحتياطية علي كلمات مرورك و المفاتيح الخاصة للخوادم المٌضافة إلي AmneziaVPN. احفظ هذه المعلومات في مكان امن. - + Make a backup إضافة نسخة احتياطية - + Save backup file احفظ ملف النسخه الاحتياطيه - - + + Backup files (*.backup) ملفات نٌسخ احتياطية (*.backup) - + Backup file saved تم حفظ ملف النسخ الاحتياطي - + Restore from backup استرجاع من ملف يحتوي علي نسخة احتياطية - + Open backup file افتح ملف نسخ احتياطي - + Import settings from a backup file? استرد الإعدادات من ملف نسخ احتياطي؟ - + All current settings will be reset ستتم إعادة ضبط جميع الإعدادات الحالية - + Continue واصل - + Cancel إلغاء - + Cannot restore backup settings during active connection لا يمكن استعادة إعدادات النسخ الاحتياطي أثناء الاتصال النشط @@ -1697,125 +2174,129 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection الاتصال - + When AmneziaDNS is not used or installed عندما يكون AmneziaDNS غير مٌثبت او غير مستخدم - + Allows you to use the VPN only for certain Apps يسمح لك بأستخدام ال VPN علي تطبيقات معينة - + Use AmneziaDNS استخدم AmneziaDNS - + If AmneziaDNS is installed on the server في حالة كان AmneziaDNS مٌثبت علي الخادم - + DNS servers خوادم DNS - + Site-based split tunneling انقسام الانفاق القائم علي الموقع - + Allows you to select which sites you want to access through the VPN يسمح لك بتحديد اي موقع تريد الوصول له عن طريق ال VPN - + App-based split tunneling انقسام الانفاق القائم علي التطبيق - + KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. يعطل اتصال الإنترنت الخاص بك إذا انقطع اتصال VPN المشفر لأي سبب من الأسباب. - + + Cannot change KillSwitch settings during active connection + + + Cannot change killSwitch settings during active connection - لا يمكن تغيير إعدادات KillSwitch اثناء تواجد اتصال فعال + لا يمكن تغيير إعدادات KillSwitch اثناء تواجد اتصال فعال PageSettingsDns - + Default server does not support custom DNS الخادم الافتراضي لا يدعم DNS مخصص - + DNS servers خوادم ال DNS - + If AmneziaDNS is not used or installed AmneziaVPN ليس مٌستخدم او مٌثبت - + Primary DNS الرئيسي DNS - + Secondary DNS الثانوي DNS - + Restore default استعادة الافتراضي - + Restore default DNS settings? قم بأعادة ضبط إعدادات ال DNS الافتراضية؟ - + Continue واصل - + Cancel إلغاء - + Settings have been reset لم يتم إعادة ضبط الإعدادات - + Save احفظ - + Settings saved تم حفظ الإعدادات @@ -1827,12 +2308,12 @@ Already installed containers were found on the server. All installed containers تم تمكين التسجيل. لاحظ أنه سيتم تعطيل السجلات تلقائيًا بعد 14 يومًا، وسيتم حذف جميع ملفات السجل. - + Logging التسجيل - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. سيتم حفظ سجلات البرنامج بشكل تلقائي عند تفعيل هذه الميزة, بشكل افتراضي, هذه الميزة مٌعطلة. قم بتفعيل هذه الميزة في حالة هناك خلل في التطبيق. @@ -1845,20 +2326,20 @@ Already installed containers were found on the server. All installed containers افتح مجلد يحتوي علي سجلات - - + + Save احفظ - - + + Logs files (*.log) ملفات الولوج (*.log) - - + + Logs file saved تم حفظ ملف السجل @@ -1867,64 +2348,62 @@ Already installed containers were found on the server. All installed containers احفظ السجلات في ملف - + Enable logs - + Clear logs? مسح السجلات؟ - + Continue واصل - + Cancel إلغاء - + Logs have been cleaned up تم مسح السجلات - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs احذف السجلات @@ -1942,12 +2421,12 @@ Already installed containers were found on the server. All installed containers لم يتم العثور علي اي خدمات مٌثبتة سابقاً - + Do you want to reboot the server? هل تريد إعادة تشغيل الخادم؟ - + Do you want to clear server from Amnezia software? هل تريد حذف الخادم من Amnezia? @@ -1957,93 +2436,93 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue واصل - - - - + + + + Cancel إلغاء - + Check the server for previously installed Amnezia services افحص الخادم عن اي خدمات Amnezia مٌثبتة سابقاُ - + Add them to the application if they were not displayed اضفهم إلي التطبيق إذا لم يكونو ظاهرين - + Reboot server إعادة تشغيل الخادم - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? عملية إعادة التشغيل قد تستغرق 30 ثانية, هل تريد الاستكمال؟ - + Cannot reboot server during active connection لا يمكن إعادة تشغيل الخادم أثناء الاتصال النشط - + Remove server from application احذف خادم من التطبيق - + Do you want to remove the server from application? هل تريد حذف الخادم من التطبيق؟ - + Cannot remove server during active connection لا يمكن إزالة الخادم أثناء الاتصال النشط - + All users whom you shared a connection with will no longer be able to connect to it. جميع المستخدمين الذين شاركت معهم اتصال لن يستطيعو الاتصال مرة اخري. - + Cannot clear server from Amnezia software during active connection لا يمكن مسح الخادم من برنامج Amnezia أثناء الاتصال النشط - + Reset API config إعادة تكوين API - + Do you want to reset API config? هل تريد إعادة تكوين API? - + Cannot reset API config during active connection لا يمكن إعادة تعيين تكوين API أثناء الاتصال النشط - + All installed AmneziaVPN services will still remain on the server. جميع خدمات AmneziaVPN المٌثبتة ستظل علي الخادم. - + Clear server from Amnezia software احذف خادم من Amnezia @@ -2051,27 +2530,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - اسم الخادم + اسم الخادم - Save - احفظ + احفظ - + Protocols البروتوكولات - + Services الخدمات - + Management الإدارة @@ -2079,7 +2556,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings الإعدادات @@ -2088,7 +2565,7 @@ Already installed containers were found on the server. All installed containers مسح ملف تعريف %1 - + Clear %1 profile? مسح ملف تعريف %1؟ @@ -2098,64 +2575,64 @@ Already installed containers were found on the server. All installed containers - + Unable to clear %1 profile while there is an active connection غير قادر على مسح ملف تعريف %1 أثناء وجود اتصال نشط - + Remove احذف - + Remove %1 from server? احذف %1 من الخادم؟ - + All users with whom you shared a connection will no longer be able to connect to it. جميع المستخدمين الذين شاركت معاهم اتصال لن يستطيعو الاتصال بعد الان. - + Cannot remove active container لا يمكن إزالة الحاوية النشطة - - + + Continue واصل - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - - + + Cancel إلغاء @@ -2163,7 +2640,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers الخوادم @@ -2171,100 +2648,100 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function السرفر الافتراضي لا يدعم ميزة تقسيم الانفاق - + Addresses from the list should not be accessed via VPN لا يجب الولوج للعنواين المذكورة هنا من خلال ال VPN - + Split tunneling تقسيم الانفاق - + Mode وضع - + Remove احذف - + Continue واصل - + Cancel إلغاء - + Only the sites listed here will be accessed through the VPN سيتم الولوج للمواقع المذكورة هنا فقط عن طريق ال VPN - + Cannot change split tunneling settings during active connection لا يمكن تغير إعدادات تقسيم الانفاق بينما هناك اتصال مٌفعل - + website or IP موقع او IP - + Import / Export Sites - + Import استرد - + Save site list احفظ قائمة المواقع - + Save sites احفظ المواقع - - - + + + Sites files (*.json) - + Import a list of sites استرد قائمة من المواقع - + Replace site list تبديل قائمة المواقع - - + + Open sites file افتح ملف المواقع - + Add imported sites to existing ones إضافة المواقع المستردة للمواقع الموجودة @@ -2272,32 +2749,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region للمنطقة - + Price السعر - + Work period مدة العمل - + Speed السرعة - + Features المميزات - + Connect اتصل @@ -2305,12 +2782,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia VPN بواسطة Amnezia - + Choose a VPN service that suits your needs. اختر خدمة VPN تلبي احتياجاتك @@ -2318,7 +2795,7 @@ Already installed containers were found on the server. All installed containers PageSetupWizardConfigSource - + Connection الاتصال @@ -2328,87 +2805,107 @@ Already installed containers were found on the server. All installed containers إعدادات - + Enable logs - + + Support tag + علامة الدعم + + + + Copied + + + + Insert the key, add a configuration file or scan the QR-code أدخل المفتاح، أضف ملف تكوين أو امسح رمز الاستجابة السريعة - + Insert key أدخل مفتاح - + Insert أدخل - + Continue واصل - + Other connection options اختيارات اتصال اخري - + + Site Amnezia + + + + VPN by Amnezia VPN بواسطة Amnezia - + Connect to classic paid and free VPN services from Amnezia اتصل بخدمات VPN الكلاسيكية المدفوعة والمجانية من Amnezia - + Self-hosted VPN VPN ذاتية الاستضافة - + Configure Amnezia VPN on your own server قم بتكوين Amnezia VPN على الخادم الخاص بك - + Restore from backup استرجاع من ملف يحتوي علي نسخة احتياطية - + + + + + + Open backup file افتح ملف نسخ احتياطي - + Backup files (*.backup) ملفات نٌسخ احتياطية (*.backup) - + File with connection settings ملف إعدادات اتصال - + Open config file افتح ملف تكوين - + QR code رمز QR - + I have nothing ليس لدي اي شئ @@ -2416,67 +2913,67 @@ Already installed containers were found on the server. All installed containers PageSetupWizardCredentials - + Configure your server تكوين الخادم الخاص بك - + Server IP address [:port] عنوان خادم IP [:منفذ] - + Continue واصل - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties ستظل جميع البيانات التي تدخلها سرية للغاية ولن تتم مشاركتها أو الكشف عنها ل Amnezia أو أي طرف ثالث - + 255.255.255.255:22 - + SSH Username - + Password or SSH private key كلمة مرور او مفتاح SSH خاص - + How to run your VPN server كيف تقوم بتشغيل خادم ال VPN الخاص بك - + Where to get connection data, step-by-step instructions for buying a VPS اين تحصل علي بيانات الاتصال, تعليمات خطوة ب خطوة لشراء VPS - + Ip address cannot be empty لا يمكن لعنوان IP ان يكون فارغ - + Enter the address in the format 255.255.255.255:88 ادخل العنوان في شكل 255.255.255.255:88 - + Login cannot be empty تسجيل دخول لا يمكن ان يكون فارغ - + Password/private key cannot be empty كلمة مرور/مفتاح خاص لأ يمكن ان يكونو فارغين @@ -2484,22 +2981,31 @@ Already installed containers were found on the server. All installed containers PageSetupWizardEasy - What is the level of internet control in your region? - ما هو مستوي التحكم في الانترنت في منطقتك؟ + ما هو مستوي التحكم في الانترنت في منطقتك؟ - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol اختر بروتوكول VPN - + Skip setup تخطي الإعداد - + Continue واصل @@ -2546,37 +3052,37 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocolSettings - + Installing %1 تثبيت %1 - + More detailed اكثر تفصيلاً - + Close اغلق - + Network protocol بروتوكول شبكة - + Port منفذ - + Install تثبيت - + The port must be in the range of 1 to 65535 يجب أن يكون المنفذ في النطاق من 1 إلى 65535 @@ -2584,12 +3090,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocols - + VPN protocol VPN بروتوكول - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. اختر بالنسبة للأولوية القصوى بالنسبة لك. ويمكنك لاحقًا تثبيت بروتوكولات وخدمات إضافية أخرى، مثل وكيل DNS وSFTP. @@ -2605,7 +3111,7 @@ Already installed containers were found on the server. All installed containers PageSetupWizardStart - + Let's get started هيا نبدأ @@ -2613,28 +3119,28 @@ Already installed containers were found on the server. All installed containers PageSetupWizardTextKey - + Connection key مفتاح اتصال - + A line that starts with vpn://... يجب ان تٌكتب بهذه الطريقة حتي بوجود التحذير كي تظهر بشكل صحيح داخل التطبيق سطر يبدأ ب ...//:vpn - + Key مفتاح - + Insert ادخل - + Continue واصل @@ -2642,32 +3148,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardViewConfig - + New connection اتصال جديد - + Collapse content طي المحتوي - + Show content اظهر المحتوي - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. تمكين تشويش WireGuard. قد يكون من المفيد إذا تم حظر WireGuard على مزود الخدمة الخاص بك. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. استخدم رموز اتصال فقط من المصادر التي تثق بها, ربما تم إنشاء رموز من مصادر عامة لاعتراض بياناتك. - + Connect اتصل @@ -2675,207 +3181,212 @@ Already installed containers were found on the server. All installed containers PageShare - + Save OpenVPN config احفظ تكوين OpenVPN - + Save WireGuard config احفظ تكوين WireGuard - + Save AmneziaWG config احفظ تكوين AmneziaWG - + Save Shadowsocks config احفظ تكوين Shadowsocks - + Save Cloak config احفظ تكوين Cloak - + Save XRay config حفظ تكوين XRay - + For the AmneziaVPN app AmneziaVPN من اجل تطبيق - + OpenVPN native format تنسيق OpenVPN الاصلي - + WireGuard native format تنسيق WireGuard الاصلي - + AmneziaWG native format تنسيق AmneziaWG اصلي - + Shadowsocks native format تنسيق Shadowsocks الاصلي - + Cloak native format تنسيق Cloak الاصلي - + XRay native format الشكل الاصلي ل XRay - + Share VPN Access شارك اتصال VPN - + Share full access to the server and VPN شارك ولوج كامل للخادم و ال VPN - + Use for your own devices, or share with those you trust to manage the server. استخدمه للأجهزة الخاصة بك، أو شاركه مع من تثق بهم لإدارة الخادم. - - + + Users المستخدمين - + Share VPN access without the ability to manage the server شارك اتصال VPN بدون القدرة علي إدارة الخادم - + Search ابحث - + Creation date: %1 تاريخ الإنشاء: %1 - + Latest handshake: %1 اخر تصافح: %1 - + Data received: %1 البيانات المستلمة: %1 - + Data sent: %1 البيانات المٌرسلة: %1 - + + Allowed IPs: %1 + + + + Rename إعادة التسمية - + Client name اسم العميل - + Save احفظ - + Revoke سحب وإبطال - + Revoke the config for a user - %1? سحب وإبطال للمستخدم - %1? - + The user will no longer be able to connect to your server. المستخدم لن يكون قادر علي الاتصال بعد الان. - + Continue واصل - + Cancel إلغاء - + Connection الاتصال - - + + Server خادم - + File with connection settings to ملف بإعدادات إلي - - + + Protocol بروتوكول - + Connection to اتصال إلي - + Config revoked تم سحب وإبطال التكوين - + User name اسم المستخدم - - + + Connection format تنسيق الاتصال - - + + Share شارك @@ -2883,55 +3394,55 @@ Already installed containers were found on the server. All installed containers PageShareFullAccess - + Full access to the server and VPN ولوج كامل للخادم و ال VPN - + We recommend that you use full access to the server only for your own additional devices. نحن ننصحك بأستخدام ولوج كامل للخادم فقط لأجهزتك الاضافية. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. إذا شاركت ولوج كامل مع الاشخاص, سيكونو قادرين علي حذف وإضافة بروتوكولات و خدمات إلي الخادم, والذي سيجعل VPN يعمل بشكل غير صحيح لجميع المستخدمين. - - + + Server خادم - + Accessing التواصل - + File with accessing settings to ملف مع إعدادات الوصول إلي - + Share مشاركة - + Access error! خطأ في الوصول! - + Connection to اتصال إلي - + File with connection settings to معلف مع إعدادات الاتصال إلي @@ -2939,17 +3450,17 @@ Already installed containers were found on the server. All installed containers PageStart - + Logging was disabled after 14 days, log files were deleted تم تعطيل التسجيل بعد 14 يومًا، وتم حذف ملفات السجل - + Settings restored from backup file تم تحميل الإعدادات من ملف نسخة احتياطية - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -2957,7 +3468,7 @@ Already installed containers were found on the server. All installed containers PopupType - + Close اغلاق @@ -3207,7 +3718,7 @@ Already installed containers were found on the server. All installed containers - + SOCKS5 proxy server @@ -3228,87 +3739,88 @@ Already installed containers were found on the server. All installed containers لم يتم تنفيذ الوظيفة - + Server check failed فشل في فحص الخادم - + Server port already used. Check for another software منفذ الخادم بالفعل مٌستخدم, تحقق من باقي التطبيقات - + Server error: Docker container missing خطأ من الخادم: حاوية Docker مفقودة - + Server error: Docker failed خطأ من الخادم: فشل Docker - + Installation canceled by user تم اغلاق التثبيت بواسطة المستخدم - - The user does not have permission to use sudo - ليس لدي المستخدم الصلحيات لأستخدام sudo + + The user is not a member of the sudo group + المستخدم ليس عضوًا في مجموعة sudo - + SSH request was denied طلب SSH محظو - + SSH request was interrupted إنقطع طلب SSH - + SSH internal error مشكلة داخلية SSH - + Invalid private key or invalid passphrase entered مفتا ح خاص غير صحيح او عبارة مرور غير صحيحة - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types التنسيق المٌحدد للمفتاح الخاص غير مدعوم, استخدم نوع مفتاح openssh ED25519 او نوع مفتاح PEM - + Timeout connecting to server انتهت مدة الاتصال بالخادم - + VPN connection error - + + Error when retrieving configuration from API خطأ عند استرداد التكوين من API - + This config has already been added to the application هذا التكوين بالفعل تمت إضافتة للبرنامج - + ErrorCode: %1. - + OpenVPN config missing OpenVPN تكوين مفقود @@ -3318,117 +3830,168 @@ Already installed containers were found on the server. All installed containers خدمة الخلفية ليست قيد التشغيل - - Server error: Packet manager error + + The selected protocol is not supported on the current platform + البروتوكول المحدد غير مدعوم علي المنصة الحالية + + + + Server error: Package manager error خطأ في الخادم: خطأ في مدير الحزم - + + The sudo package is not pre-installed on the server + + + + + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SCP error: Generic failure خطأ SCP: فشل عام - + OpenVPN management server error OpenVPN خطأ في إدارة الخادم - + OpenVPN executable missing OpenVPN executable مفقود - + Shadowsocks (ss-local) executable missing Shadowsocks (ss-local) executable مفقود - + Cloak (ck-client) executable missing Cloak (ck-client) executable مفقود - + Amnezia helper service error خطأ في خدمة مٌساعد Amnezia - + OpenSSL failed فشل OpenSSL - + Can't connect: another VPN connection is active لا يمكن الاتصال: هناك اتصال VPN اخر بالفعل يعمل - + Can't setup OpenVPN TAP network adapter لا يمك نتثبيت محول شبكة OpenVPN TAP - + VPN pool error: no available addresses VPN pool error: لا يوجد عنواين مٌتاحة - + The config does not contain any containers and credentials for connecting to the server التكوين لا يحتوي علي اي حاويات و اعتماد للأتصال بالخادم - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + لم يتم تثبيت بروتوكولات VPN, من فضلك قم بتنزيل حاوية VPN اولاً + + + In the response from the server, an empty config was received في الاستجابة من الخادم، تم تلقي تكوين فارغ - + SSL error occurred حدث خطأ SSL - + Server response timeout on api request انتهت مهلة استجابة الخادم عند طلب واجهة برمجة التطبيقات - + Missing AGW public key مفتاح AGW عام مفقود - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened خطأ QFile: لا يمكن فتح الملف - + QFile error: An error occurred when reading from the file خطأ QFile: ظهر خطأ اثناء القراءه من الملف - + QFile error: The file could not be accessed خطأ QFile: لا يمكن الوصول للملف - + QFile error: An unspecified error occurred خطأ QFile: ظهر خطأ غير محدد - + QFile error: A fatal error occurred خطأ QFile: حدث خطأ فادح - + QFile error: The operation was aborted خطأ QFile: تم إحباط العملية - + Internal error خطأ داخلي @@ -3439,7 +4002,7 @@ Already installed containers were found on the server. All installed containers - + Website in Tor network موقع في شبكة Tor @@ -3460,33 +4023,120 @@ Already installed containers were found on the server. All installed containers + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - بروتوكول Shadowsocks- يتنكر في حركة مرور VPN, يبدو ك حركة مرور الويب العادية + بروتوكول Shadowsocks- يتنكر في حركة مرور VPN, يبدو ك حركة مرور الويب العادية ولكن قد يتم التعرف عليه من خلال أنظمة التحليل في بعض المناطق شديدة الرقابة. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - بروتوكول OpenVPN over Cloak هو OpenVPN مع VPN يتنكر كحركة مرور على الويب ويوفر الحماية + بروتوكول OpenVPN over Cloak هو OpenVPN مع VPN يتنكر كحركة مرور على الويب ويوفر الحماية ضد عمليات الكشف النشط. مثالية لتجاوز الحجب في المناطق ذات أعلى مستويات الرقابة. - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - XRay مع REALITY - مناسبة للبلدان التي لديها أعلى مستوى من الرقابة على الإنترنت. إخفاء حركة المرور كحركة مرور على الويب على مستوى TLS، والحماية من الكشف عن طريق طرق التحقيق النشطة. + XRay مع REALITY - مناسبة للبلدان التي لديها أعلى مستوى من الرقابة على الإنترنت. إخفاء حركة المرور كحركة مرور على الويب على مستوى TLS، والحماية من الكشف عن طريق طرق التحقيق النشطة. - + IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. IKEv2/IPsec - بروتوكول مستقر حديث، أسرع قليلاً من البروتوكولات الأخرى، يستعيد الاتصال بعد فقدان الإشارة. يتمتع بدعم أصلي على أحدث إصدارات Android وiOS. - + Create a file vault on your server to securely store and transfer files. انشأ مخزن ملفات علي الخادم الخاص بك حتي تخزن الملفات و تنقلها بسرية. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3505,7 +4155,7 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - هذه مجموعة من بروتوكول OpenVPN و برنامج Cloak المساعد مٌصمم خصيصاً للحماية ضد الحجب + هذه مجموعة من بروتوكول OpenVPN و برنامج Cloak المساعد مٌصمم خصيصاً للحماية ضد الحجب يوفر OpenVPN اتصال VPN امن عن طريق تشفير جميع حركات المرور بين العميل والخادم @@ -3527,7 +4177,6 @@ Cloak يحمي OpenVPN من ان يٌكتشف والحجب - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3537,7 +4186,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - بروتوكول VPN جديد وشارع ذو بنية مبسطة. + بروتوكول VPN جديد وشارع ذو بنية مبسطة. يوفر WireGuard اتصال VPN مستقر و اداء عالي علي جميع الاجهزة. يستعمل إعدادات تشفير معقدة. WireGuard مٌقارنة مع OpenVPN يتمتع بزمن وصول أقل وتحسين إنتاجية نقل البيانات. بسبب توقيعات الحزمة المميزة WireGuard عرضة جداُ للحجب. علي عكس باقي برتوكولات VPN التي تستعمل تقنيات تشويش. حزمة أنماط التوقيع المتسقة الخاصة ب WireGuard يمكن التعرف عليها بسهولة ولذلك تٌحجب بواسطة أنظمة الفحص العميق للحزم (DPI) المتقدمة وأدوات مراقبة الشبكة الأخرى. @@ -3548,18 +4197,17 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * يعمل عبر بروتوكول شبكة UDP. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - تم تصميم بروتوكول REALITY، وهو تطور رائد قام به مبدعو XRay، خصيصًا لمواجهة أعلى مستويات الرقابة على الإنترنت من خلال نهجه الجديد في التهرب. + تم تصميم بروتوكول REALITY، وهو تطور رائد قام به مبدعو XRay، خصيصًا لمواجهة أعلى مستويات الرقابة على الإنترنت من خلال نهجه الجديد في التهرب. فهو يحدد بشكل فريد الرقباء أثناء مرحلة مصافحة TLS، ويعمل بسلاسة كوكيل للعملاء الشرعيين بينما يحول الرقباء إلى مواقع الويب الأصلية مثل google.com، وبالتالي يقدم شهادة وبيانات TLS أصلية. هذه الإمكانية المتقدمة تميز REALITY عن التقنيات المشابهة من خلال قدرتها على إخفاء حركة مرور الويب على أنها قادمة من مواقع عشوائية وشرعية دون الحاجة إلى تكوينات محددة. على عكس البروتوكولات القديمة مثل VMess وVLESS ونقل XTLS-Vision، فإن التعرف المبتكر على "الصديق أو العدو" من REALITY عند مصافحة TLS يعزز الأمان ويتحايل على الكشف بواسطة أنظمة DPI المتطورة التي تستخدم تقنيات التحقيق النشطة. وهذا يجعل من REALITY حلاً قويًا للحفاظ على حرية الإنترنت في البيئات التي تخضع لرقابة صارمة. - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3578,27 +4226,24 @@ For more detailed information, you can إيجادها في قسم الدعم تحت "انشاء مخزن ملفات SFTP." - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - بروتوكول WireGuard - بروتوكول شائع ب اداء عالي, سرعة عالية واستهلاك قليل للطاقة. ينصح للمناطق ذات مستوي منخفض من الرقابة. + بروتوكول WireGuard - بروتوكول شائع ب اداء عالي, سرعة عالية واستهلاك قليل للطاقة. ينصح للمناطق ذات مستوي منخفض من الرقابة. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - بروتوكول AmneziaWG - بروتوكول خاص من Amnezia, يعتمد علي WireGuard. سريع مثل WireGuard, لكن مقاوم جداً للحجب. ينصح للمناطق ذات مستوي عالي من الرقابة. + بروتوكول AmneziaWG - بروتوكول خاص من Amnezia, يعتمد علي WireGuard. سريع مثل WireGuard, لكن مقاوم جداً للحجب. ينصح للمناطق ذات مستوي عالي من الرقابة. - + Deploy a WordPress site on the Tor network in two clicks. انشر موقع WordPress علي شبكة Tor في ضغطتين. - + Replace the current DNS server with your own. This will increase your privacy level. استبدل خادم ال DNS الحالي مع الخادم الخاص بك, هذا سيزيد من خصوصيتك. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -3607,7 +4252,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - يبقا OpenVPN كأحد اشهر بروتوكولات VPN و التي تم اختبارها عبر الزمن. + يبقا OpenVPN كأحد اشهر بروتوكولات VPN و التي تم اختبارها عبر الزمن. ينشأ بروتوكول امان مميز, يستفيد من SSL/TLS للتشفير و تغير المفاتيح. واكثر من ذلك, OpenVPN يدعم تعدد طرق المصادقة يجعلة متعدد الاستخدامات وقابلة للتكيف, تلبية مجموعة واسعة من الأجهزة وأنظمة التشغيل. بسبب طبيعتة مفتوحة المصدر, يستفيد OpenVPN من التدقيق الشامل من قبل المجتمع العالمي, مما يعزز أمنها باستمرار. مع توازن قوي بين الأداء والأمان والتوافق, يظل OpenVPN الخيار الأفضل للأفراد والشركات المهتمين بالخصوصية على حدٍ سواء. * مٌتاح في AmneziaVPN عبر جميع المنصات @@ -3617,7 +4262,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * يمكن ان يعمل علي بروتوكولات شبكة TCP و UDP. - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -3632,7 +4277,6 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * يعمل عبر بروتوكول شبكة TCP. - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -3642,7 +4286,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - لفة سريعة من بروتوكولات VPN الحديثة والشائعة, يٌبني AmneziaWG علي الاساس الموضع من قبل WireGuard, مع الاحتفاظ ببنيته المبسطة وقدرات الأداء العالي عبر الاجهزة. + لفة سريعة من بروتوكولات VPN الحديثة والشائعة, يٌبني AmneziaWG علي الاساس الموضع من قبل WireGuard, مع الاحتفاظ ببنيته المبسطة وقدرات الأداء العالي عبر الاجهزة. بينما WireGuard معروف بأدائة العالي. لدية مشاكل مع سهولة التعرف علية بسبب توقيعات الحزمة المميزة الخاصة بة. يٌصلح AmneziaWG هذه المشكلة عن طريق استخدام طرق تشويش افضل, يجعل حركة المرور تبقا مع حركة مرور انترنت عادية. هذا يعني ان AmneziaWG يبقا الاداء العالي الاساسي بينما يضيف طبقة من العزل, هذا يجعلة اختيار ممتاز لهولاء الذين يريدون اتصال VPN سريع و متخفي. @@ -3653,7 +4297,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * يعمل عبر بروتوكول شبكة UDP. - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3673,7 +4317,7 @@ While it offers a blend of security, stability, and speed, it's essential t * يعمل عبر بروتوكول شبكة UDP, منفذ 500 و منفذ 4500. - + DNS Service خدمة ال DNS @@ -3864,14 +4508,35 @@ While it offers a blend of security, stability, and speed, it's essential t لا يمكن العثور على فاصل النقطتين بين اسم المستضيف و المنفذ + + RenameServerDrawer + + + Server name + اسم الخادم + + + + Save + احفظ + + SelectLanguageDrawer - + Choose language اختر لغة + + ServersListView + + + Unable change server while there is an active connection + لا يمكن تغير الخادم بينما هناك اتصال مفعل + + Settings @@ -3889,12 +4554,12 @@ While it offers a blend of security, stability, and speed, it's essential t SettingsController - + Backup file is corrupted ملف النسخه الاحتياطيه تالف - + All settings have been reset to default values تم استرجاع جميع الإعدادات للإعدادات الافتراضية @@ -3902,39 +4567,39 @@ While it offers a blend of security, stability, and speed, it's essential t ShareConnectionDrawer - - + + Save AmneziaVPN config احفظ تكوين AmneziaVPN - + Share شارك - + Copy انسخ - - + + Copied تم النسخ - + Copy config string انسخ نص التكوين - + Show connection settings اظهر إعدادات الاتصال - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" حتي تقرأ رمز ال QR في تطبيق Amnezia, اختار "إضافة خادم" - "لدي بيانات الاتصال" - "رمز Qr, او مفتاح تعريف او ملف إعدادات" @@ -3947,37 +4612,37 @@ While it offers a blend of security, stability, and speed, it's essential t اسم المضيف لا يشبه عنوان IP أو اسم ال domain - + New site added: %1 تمت إضافة موقع جديد: %1 - + Site removed: %1 تم حذف الموقع: %1 - + Can't open file: %1 لا يمكن فتح ملف: %1 - + Failed to parse JSON data from file: %1 فشل قراءه بيانات JSON من الملف: %1 - + The JSON data is not an array in file: %1 بيانات ال JSON ليست مصفوفة في الملف: %1 - + Import completed اكتمل الاستيراد - + Export completed اكتمل التصدير @@ -4018,7 +4683,7 @@ While it offers a blend of security, stability, and speed, it's essential t TextFieldWithHeaderType - + The field can't be empty الحقل لا يمكن ان يكون فارغ @@ -4026,7 +4691,7 @@ While it offers a blend of security, stability, and speed, it's essential t VpnConnection - + Mbps @@ -4077,35 +4742,41 @@ While it offers a blend of security, stability, and speed, it's essential t amnezia::ContainerProps - Low - منخفض + منخفض + + + High + متوسط او عالي + + + I just want to increase the level of my privacy. + انا فقط اريد زيادة مستوي الخصوصية. + + + I want to bypass censorship. This option recommended in most cases. + أريد تجاوز الرقابة. يوصى بهذا الخيار في معظم الحالات. + + + + Automatic + - High - متوسط او عالي - - - - I just want to increase the level of my privacy. - انا فقط اريد زيادة مستوي الخصوصية. - - - - I want to bypass censorship. This option recommended in most cases. - أريد تجاوز الرقابة. يوصى بهذا الخيار في معظم الحالات. + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + main2 - + Private key passphrase عبارة المرور الخاصة بالمفتاح - + Save احفظ diff --git a/client/translations/amneziavpn_fa_IR.ts b/client/translations/amneziavpn_fa_IR.ts index 6cd78e77..c1155b9b 100644 --- a/client/translations/amneziavpn_fa_IR.ts +++ b/client/translations/amneziavpn_fa_IR.ts @@ -1,55 +1,132 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + %1 با موفقیت نصب شد. + + + + API config reloaded + پیکربندی API دوباره بارگذاری شد. + + + + Successfully changed the country of connection to %1 + کشور اتصال با موفقیت به %1 تغییر یافت. + + ApiServicesModel - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - برای کار راحت، دانلود فایل‌های بزرگ و تماشای ویدیوها، از VPN کلاسیک استفاده کنید. این VPN برای هر سایتی کار می‌کند و سرعت آن تا %1 مگابیت بر ثانیه است. + برای کار راحت، دانلود فایل‌های بزرگ و تماشای ویدیوها، از VPN کلاسیک استفاده کنید. این VPN برای هر سایتی کار می‌کند و سرعت آن تا %1 مگابیت بر ثانیه است. - VPN to access blocked sites in regions with high levels of Internet censorship. - وی پی ان برای دسترسی به سایت‌های مسدود شده در مناطق با سانسور شدید اینترنت. + وی پی ان برای دسترسی به سایت‌های مسدود شده در مناطق با سانسور شدید اینترنت. - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. - امنزیا پریمیوم - یک وی پی ان کلاسیک برای کار راحت، دانلود فایل‌های بزرگ و تماشای ویدیو با کیفیت بالا. قابل استفاده برای تمامی سایت‌ها، حتی در کشورهایی با بالاترین سطح سانسور اینترنت. + امنزیا پریمیوم - یک وی پی ان کلاسیک برای کار راحت، دانلود فایل‌های بزرگ و تماشای ویدیو با کیفیت بالا. قابل استفاده برای تمامی سایت‌ها، حتی در کشورهایی با بالاترین سطح سانسور اینترنت. - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship - امنزیا رایگان یک وی پی ان رایگان برای دور زدن مسدودیت‌ها در کشورهایی با سطح بالای سانسور اینترنت است. + امنزیا رایگان یک وی پی ان رایگان برای دور زدن مسدودیت‌ها در کشورهایی با سطح بالای سانسور اینترنت است. - + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. + + + + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. + + + + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s %1 MBit/s - + %1 days %1 روز - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> وی پی ان فقط سایت‌های محبوبی را که در منطقه شما مسدود شده‌اند، مانند اینستاگرام، فیسبوک، توییتر و غیره باز می‌کند. سایر سایت‌ها با آدرس آی‌پی واقعی شما باز خواهند شد. <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> - + Free رایگان - + %1 $/month %1 $/ماه @@ -80,7 +157,7 @@ ConnectButton - + Unable to disconnect during configuration preparation در هنگام آماده‌سازی پیکربندی، نمی‌توان از اتصال خارج شد. @@ -88,63 +165,60 @@ ConnectionController - VPN Protocols is not installed. Please install VPN container at first - پروتکل وی‎پی‎ان نصب نشده است + پروتکل وی‎پی‎ان نصب نشده است لطفا کانتینر وی‎پی‎ان را نصب کنید - + Connecting... در حال ارتباط... - + Connected متصل - + Preparing... در حال آماده‌سازی... - + Settings updated successfully, reconnnection... تنظیمات به روز رسانی شد در حال اتصال دوباره... - + Settings updated successfully تنظیمات با موفقیت به‎روز‎رسانی شدند - The selected protocol is not supported on the current platform - پروتکل انتخاب‌شده در پلتفرم فعلی پشتیبانی نمی‌شود. + پروتکل انتخاب‌شده در پلتفرم فعلی پشتیبانی نمی‌شود. - unable to create configuration - نمی‌توان پیکربندی را ایجاد کرد. + نمی‌توان پیکربندی را ایجاد کرد. - + Reconnecting... اتصال دوباره... - - - - + + + + Connect اتصال - + Disconnecting... قطع ارتباط... @@ -152,17 +226,17 @@ ConnectionTypeSelectionDrawer - + Add new connection ایجاد ارتباط جدید - + Configure your server تنظیم سرور - + Open config file, key or QR code بارگذاری فایل تنظیمات، کلید یا QR Code @@ -200,7 +274,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection امکان تغییر پروتکل در هنگام متصل بودن وجود ندارد @@ -212,45 +286,45 @@ HomeSplitTunnelingDrawer - + Split tunneling جداسازی ترافیک - + Allows you to connect to some sites or applications through a VPN connection and bypass others اجازه می‌دهد به شما که از طریق اتصال VPN به برخی از وب‌سایت‌ها یا برنامه‌ها وصل شوید و از دیگران عبور کنید - + Split tunneling on the server تقسیم تونل‌ها در سرور - + Enabled Can't be disabled for current server فعال - + Site-based split tunneling جداسازی ترافیک بر اساس سایت - - + + Enabled فعال - - + + Disabled غیر فعال - + App-based split tunneling جداسازی ترافیک بر اساس نرم‎افزار @@ -258,112 +332,115 @@ Can't be disabled for current server ImportController - Unable to open file - نمی‌توان فایل را باز کرد. + نمی‌توان فایل را باز کرد. - - Invalid configuration file - فایل پیکربندی نامعتبر است. + فایل پیکربندی نامعتبر است. - + Scanned %1 of %2. ارزیابی %1 از %2. - + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: + + + In the imported configuration, potentially dangerous lines were found: - در پیکربندی وارد شده، خطوطی که ممکن است خطرناک باشند، یافت شدند: + در پیکربندی وارد شده، خطوطی که ممکن است خطرناک باشند، یافت شدند: InstallController - + %1 installed successfully. %1 با موفقیت نصب شد. - + %1 is already installed on the server. %1 در حال حاضر بر روی سرور نصب شده است. - + Added containers that were already installed on the server کانتینرهایی که بر روی سرور موجود بودند اضافه شدند - + Already installed containers were found on the server. All installed containers have been added to the application کانتینرهای نصب شده بر روی سرور شناسایی شدند. تمام کانتینترهای نصب شده به نرم افزار اضافه شدند - + Settings updated successfully تنظیمات با موفقیت به‎روز‎رسانی شدند - + Server '%1' was rebooted سرور %1 راه اندازی مجدد شد - + Server '%1' was removed سرور %1 حذف شد - + All containers from server '%1' have been removed تمام کانتینترها از سرور %1 حذف شدند - + %1 has been removed from the server '%2' %1 از سرور %2 حذف شد - + Api config removed پیکربندی API حذف شد. - + %1 cached profile cleared %1 پروفایل ذخیره شده پاک شد. - + Please login as the user لطفا به عنوان کاربر وارد شوید - + Server added successfully سرور با موفقیت اضافه شد - %1 installed successfully. - %1 با موفقیت نصب شد. + %1 با موفقیت نصب شد. - API config reloaded - پیکربندی API دوباره بارگذاری شد. + پیکربندی API دوباره بارگذاری شد. - Successfully changed the country of connection to %1 - کشور اتصال با موفقیت به %1 تغییر یافت. + کشور اتصال با موفقیت به %1 تغییر یافت. @@ -374,12 +451,12 @@ Already installed containers were found on the server. All installed containers انتخاب برنامه - + application name نام برنامه - + Add selected اضافه کردن انتخاب شده @@ -447,12 +524,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Dev gateway environment @@ -460,85 +537,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled لاگ‌برداری فعال شد - + Split tunneling enabled فعال شدن تونل تقسیم‌شده - + Split tunneling disabled تونل تقسیم‌شده غیرفعال شده - + VPN protocol پروتکل وی‎پی‎ان - + Servers سرورها - Unable change server while there is an active connection - امکان تغییر سرور در هنگام متصل بودن وجود ندارد + امکان تغییر سرور در هنگام متصل بودن وجود ندارد PageProtocolAwgClientSettings - + AmneziaWG settings تنظیمات AmneziaWG - + MTU - + Server settings - + Port پورت - + Save ذخیره - + Save settings? تنظیمات را ذخیره کن? - + Only the settings for this device will be changed - + Continue - + Cancel - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -546,12 +622,12 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings تنظیمات AmneziaWG - + Port پورت @@ -564,87 +640,92 @@ Already installed containers were found on the server. All installed containers آیا میخواهید AmneziaWG از سرور حذف شود؟ - + All users with whom you shared a connection with will no longer be able to connect to it. همه کاربرانی که با آن‌ها ارتباطی به اشتراک گذاشته‌اید دیگر قادر به اتصال به آن نخواهند بود. - + Save ذخیره - + + VPN address subnet + زیرشبکه آدرس VPN + + + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + The values of the H1-H4 fields must be unique - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) - + Save settings? تنظیمات را ذخیره کن? - + Continue ادامه - + Cancel کنسل - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -652,33 +733,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings تنظیمات Cloak - + Disguised as traffic from پنهان کردن به عنوان ترافیک از - + Port پورت - - + + Cipher رمزگذاری - + Save ذخیره - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -686,170 +767,170 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings تنظیمات OpenVPN - + VPN address subnet زیرشبکه آدرس VPN - + Network protocol پروتکل شبکه - + Port پورت - + Auto-negotiate encryption رمزگذاری خودکار - - + + Hash هش - + SHA512 SHA512 - + SHA384 SHA384 - + SHA256 SHA256 - + SHA3-512 SHA3-512 - + SHA3-384 SHA3-384 - + SHA3-256 SHA3-256 - + whirlpool whirlpool - + BLAKE2b512 BLAKE2b512 - + BLAKE2s256 BLAKE2s256 - + SHA1 SHA1 - - + + Cipher رمزگذاری - + AES-256-GCM AES-256-GCM - + AES-192-GCM AES-192-GCM - + AES-128-GCM AES-128-GCM - + AES-256-CBC AES-256-CBC - + AES-192-CBC AES-192-CBC - + AES-128-CBC AES-128-CBC - + ChaCha20-Poly1305 ChaCha20-Poly1305 - + ARIA-256-CBC ARIA-256-CBC - + CAMELLIA-256-CBC CAMELLIA-256-CBC - + none none - + TLS auth اعتبار TLS - + Block DNS requests outside of VPN مسدود کردن درخواست‎های DNS خارج از وی‎پی‎ان - + Additional client configuration commands تنظیمات و دستورات اضافه برنامه متصل شونده - - + + Commands: دستورات: - + Additional server configuration commands تنظیمات و دستورات اضافه سرور - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -874,7 +955,7 @@ Already installed containers were found on the server. All installed containers کنسل - + Save ذخیره @@ -882,32 +963,32 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings تنظیمات - + Show connection options نمایش تنظیمات اتصال - + Connection options %1 تنظیمات اتصال %1 - + Remove حذف - + Remove %1 from server? %1 از سرور حذف شود؟ - + All users with whom you shared a connection with will no longer be able to connect to it. همه کاربرانی که با آن‌ها ارتباطی به اشتراک گذاشته‌اید دیگر قادر به اتصال به آن نخواهند بود. @@ -916,12 +997,12 @@ Already installed containers were found on the server. All installed containers همه کاربرانی که با آن این پروتکل VPN را به اشتراک گذاشته‌اید دیگر نمی‌توانند به آن متصل شوند. - + Continue ادامه - + Cancel کنسل @@ -929,28 +1010,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings تنظیمات Shadowsocks - + Port پورت - - + + Cipher رمزگذاری - + Save ذخیره - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -958,52 +1039,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings تنظیمات WG - + MTU - + Server settings - + Port پورت - + Save ذخیره - + Save settings? تنظیمات را ذخیره کن? - + Only the settings for this device will be changed - + Continue - + Cancel - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -1011,32 +1092,37 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings تنظیمات WG - + + VPN address subnet + زیرشبکه آدرس VPN + + + Port پورت - + Save settings? تنظیمات را ذخیره کن? - + All users with whom you shared a connection with will no longer be able to connect to it. همه کاربرانی که با آن‌ها ارتباطی به اشتراک گذاشته‌اید دیگر قادر به اتصال به آن نخواهند بود. - + Continue - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -1045,12 +1131,12 @@ Already installed containers were found on the server. All installed containers تمام کاربرانی که این ارتباط را با آنها به اشتراک گذاشته‎اید دیگر نمی‎توانند به آن متصل شوند. - + Cancel کنسل - + Save ذخیره @@ -1058,22 +1144,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings تنظیمات XRay - + Disguised as traffic from به‌عنوان ترافیک از طرف زیر نمایش داده می‌شود - + Save ذخیره - + Unable change settings while there is an active connection نمی‌توان تنظیمات را تغییر داد در حالی که اتصال فعال است. @@ -1088,39 +1174,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. یک سرویس DSN بر روی سرور شما نصب شده و فقط از طریق وی‎پی‎ان قابل دسترسی می‎باشد. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. آدرس DSN همان آدرس سرور شماست. میتوانید از قسمت تنظیمات و تب اتصالات DSN خود را تنظیم کنید. - + Remove جذف - + Remove %1 from server? %1 از سرور حذف شود؟ - + Continue ادامه - + Cancel کنسل - + Cannot remove AmneziaDNS from running server نمی‌توان AmneziaDNS را از سرور در حال اجرا حذف کرد. @@ -1128,67 +1214,67 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully تنظیمات با موفقیت به‎روز‎رسانی شد - + SFTP settings تنظیمات SFTP - + Host هاست - - - - + + + + Copied کپی شد - + Port پورت - + User name نام کاربری - + Password رمز عبور - + Mount folder on device بارگذاری پوشه بر روی دستگاه - + In order to mount remote SFTP folder as local drive, perform following steps: <br> برای بارگذاری پوشه SFTP بر روی درایو محلی قدم‎های زیر را انجام دهید: <br> - - + + <br>1. Install the latest version of <br> 1. آخرین نسخه را نصب کنید - - + + <br>2. Install the latest version of <br> 2. آخرین نسخه را نصب کنید - + Detailed instructions جزییات دستورالعمل‎ها @@ -1212,69 +1298,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully تنظیمات با موفقیت به‌روزرسانی شد. - - + + SOCKS5 settings تنظیمات SOCKS5 - + Host هاستمیزبان - - - - + + + + Copied کپی شد - - + + Port پورت - + User name نام کاربری - - + + Password رمز عبور - + Username نام کاربری - - + + Change connection settings تغییر تنظیمات اتصال - + The port must be in the range of 1 to 65535 پورت باید در محدوده ۱ تا ۶۵۵۳۵ باشد - + Password cannot be empty رمز عبور نمی‌تواند خالی باشد - + Username cannot be empty نام کاربری نمی‌تواند خالی باشد @@ -1282,37 +1368,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully تنظیمات با موفقیت به‎روز‎‌رسانی شد - + Tor website settings تنظیمات وب‎سایت Tor - + Website address آدرس وب‎سایت - + Copied کپی شد - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. پس از ایجاد سایت پیاز خود، چند دقیقه طول می‌کشد تا شبکه تور آن را برای استفاده فراهم کند. - + When configuring WordPress set the this onion address as domain. زمانی که سایت وردپرس را تنظیم میکنید این آدرس پیازی را به عنوان دامنه قرار دهید. @@ -1336,42 +1422,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings تنظیمات - + Servers سرورها - + Connection ارتباط - + Application نرم‎افزار - + Backup بک‎آپ - + About AmneziaVPN درباره Amnezia - + Dev console - + Close application بستن نرم‎افزار @@ -1379,37 +1465,37 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia پشتیبانی از Amnezia - + Amnezia is a free and open-source application. You can support the developers if you like it. Amnezia یک برنامه رایگان و متن باز است. اگر دوست دارید می توانید از توسعه دهندگان حمایت کنید. - + Contacts مخاطب - + Telegram group گروه تلگرام - + To discuss features برای گفتگو در مورد ویژگی‎ها - + https://t.me/amnezia_vpn_en https://t.me/amnezia_vpn_ir - + support@amnezia.org @@ -1418,134 +1504,525 @@ Already installed containers were found on the server. All installed containers ایمیل - + For reviews and bug reports برای ارائه نظرات و گزارشات باگ - Copied - کپی شد + کپی شد - + + mailto:support@amnezia.org + + + + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website وب سایت + + + Visit official website + + https://amnezia.org https://amnezia.org - + Software version: %1 %1 :نسخه نرم‎افزار - + Check for updates بررسی بروز‎رسانی - + Privacy Policy - PageSettingsApiServerInfo + PageSettingsApiAvailableCountries - - For the region - برای منطقه - - - - Price - قیمت - - - - Work period - مدت زمان کار - - - - Speed - سرعت - - - - Support tag + + Location for connection - - Copied - کپی شد + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices + - + + Manage currently connected devices + + + + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. + + + + + (current device) + + + + + Support tag: + + + + + Last updated: + + + + + Cannot unlink device during active connection + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Continue + + + + + Cancel + + + + + PageSettingsApiInstructions + + + Windows + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows + + + + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + ذخیره تنظیمات AmneziaVPN + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + + + + + Cancel + + + + + PageSettingsApiServerInfo + + For the region + برای منطقه + + + Price + قیمت + + + Work period + مدت زمان کار + + + Speed + سرعت + + + Copied + کپی شد + + + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + + + + + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + Reload API config بارگذاری مجدد پیکربندی API - + Reload API config? آیا می‌خواهید پیکربندی API را دوباره بارگذاری کنید؟ - - + + + Continue ادامه دهید - - + + + Cancel لغو - + Cannot reload API config during active connection نمی‌توان پیکربندی API را در حین اتصال فعال دوباره بارگذاری کرد. - + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + Remove from application حذف از برنامه - + Remove from application? آیا می‌خواهید از برنامه حذف کنید؟ - + Cannot remove server during active connection نمی‌توان سرور را در حین اتصال فعال حذف کرد. + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + وب سایت + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + + + + + Copied + کپی شد + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection نمی توان تنظیمات تونل تقسیم را در طول اتصال فعال تغییر دادنمی‌توان تنظیمات تقسیم تونلینگ را در حین اتصال فعال تغییر داد. - + Only the apps from the list should have access via VPN فقط برنامه‌های موجود در لیست باید از طریق VPN دسترسی داشته باشند. @@ -1555,42 +2032,42 @@ Already installed containers were found on the server. All installed containers برنامه‌های موجود در لیست نباید از طریق VPN دسترسی داشته باشند. - + App split tunneling تقسیم تونلینگ برنامه‌ها - + Mode حالت - + Remove حذف - + Continue ادامه دهید - + Cancel کنسل - + application name نام برنامه - + Open executable file فایل اجرایی را باز کنید - + Executable files (*.*) فایل‌های اجرایی (*.*) @@ -1598,102 +2075,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application نرم افزار - + Allow application screenshots مجوز اسکرین‎شات در برنامه - + Enable notifications فعال کردن اعلان‌ها - + Enable notifications to show the VPN state in the status bar اعلان ها را فعال کنید تا وضعیت VPN را در نوار وضعیت ببینید - + Auto start شروع خودکار - + Launch the application every time the device is starts راه‎اندازی نرم‎افزار با هر بار روشن شدن دستگاه - + Auto connect اتصال خودکار - + Connect to VPN on app start اتصال به وی‎‎پی‎ان با شروع نرم‎افزار - + Start minimized شروع به صورت کوچک - + Launch application minimized راه‎اندازی برنامه به صورت کوچک - + Language زبان - + Logging گزارشات - + Enabled فعال - + Disabled غیر فعال - + Reset settings and remove all data from the application ریست کردن تنظیمات و حذف تمام داده‎ها از نرم‎افزار - + Reset settings and remove all data from the application? ریست کردن تنظیمات و حذف تمام داده‎ها از نرم‎افزار؟ - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. تمام تنظیمات به حالت پیش‎فرض ریست می‎شوند. تمام سرویس‎های Amnezia بر روی سرور باقی می‎مانند. - + Continue ادامه - + Cancel کنسل - + Cannot reset settings during active connection نمی‌توان تنظیمات را در حین اتصال فعال بازنشانی کرد. @@ -1701,78 +2178,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - + Settings restored from backup file تنظیمات از فایل پشتیبان بازیابی شد - + Back up your configuration یک نسخه پشتیبان از تنظیمات خود تهیه - + You can save your settings to a backup file to restore them the next time you install the application. می‎توانید تنظیمات را در یک فایل پشتیبان ذخیره کرده و دفعه بعد که نرم‎افزار را نصب کردید آن‎ها را بازیابی کنید. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. پشتیبان حاوی رمزهای عبور و کلیدهای خصوصی شما برای تمام سرورهای اضافه شده به AmneziaVPN خواهد بود. این اطلاعات را در یک مکان امن نگه دارید - + Make a backup ایجاد یک پشتیبان - + Save backup file ذخیره فایل پشتیبان - - + + Backup files (*.backup) Backup files (*.backup) - + Backup file saved فایل پشتیبان ذخیره شد - + Restore from backup بازیابی از پشتیبان - + Open backup file باز کردن فایل پشتیبان - + Import settings from a backup file? ورود تنظیمات از فایل پشتیبان؟ - + All current settings will be reset تمام تنظیمات جاری ریست خواهد شد - + Continue ادامه - + Cancel کنسل - + Cannot restore backup settings during active connection نمی‌توان تنظیمات پشتیبان را در حین اتصال فعال بازیابی کرد. @@ -1780,62 +2257,66 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection ارتباط - + Use AmneziaDNS استفاده از AmneziaDNS - + If AmneziaDNS is installed on the server اگر AmneziaDNS بر روی سرور نصب شده باشد - + DNS servers سرورهای DNS - + When AmneziaDNS is not used or installed وقتی AmneziaDNS استفاده نشده یا نصب نشده است - + Allows you to use the VPN only for certain Apps به شما امکان می دهد از VPN فقط برای برخی برنامه ها استفاده کنید - + KillSwitch KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. اگر به هر دلیلی اتصال VPN رمزگذاری شده شما قطع شود، اینترنت شما را غیرفعال می‌کند. - - Cannot change killSwitch settings during active connection - نمی‌توان تنظیمات Kill Switch را در حین اتصال فعال تغییر داد. + + Cannot change KillSwitch settings during active connection + - + Cannot change killSwitch settings during active connection + نمی‌توان تنظیمات Kill Switch را در حین اتصال فعال تغییر داد. + + + Site-based split tunneling جداسازی ترافیک بر اساس سایت - + Allows you to select which sites you want to access through the VPN میتوانید مشخص کنید که چه سایت‎هایی از وی‎پی‎ان استفاده کنند - + App-based split tunneling جداسازی ترافیک بر اساس نرم‎افزار @@ -1843,62 +2324,62 @@ Already installed containers were found on the server. All installed containers PageSettingsDns - + Default server does not support custom DNS سرور پیش‌فرض از دی‌ان‌اس سفارشی پشتیبانی نمی‌کند - + DNS servers سرورهای DNS - + If AmneziaDNS is not used or installed اگر AmneziaDNS نصب نباشد یا استفاده نشود - + Primary DNS DNS اصلی - + Secondary DNS DNS ثانویه - + Restore default بازگشت به پیش‎فرض - + Restore default DNS settings? بازگشت به تنظیمات پیش‎فرض DNS؟ - + Continue ادامه - + Cancel کنسل - + Settings have been reset تنظیمات ریست شد - + Save ذخیره - + Settings saved ذخیره تنظیمات @@ -1910,12 +2391,12 @@ Already installed containers were found on the server. All installed containers ثبت وقایع فعال است. توجه داشته باشید که ثبت وقایع به‌طور خودکار پس از ۱۴ روز غیرفعال شده و تمام فایل‌های ثبت وقایع حذف خواهند شد. - + Logging گزارشات - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. فعال کردن این عملکرد باعث ذخیره خودکار لاگ‌های برنامه می‌شود. به طور پیش‌فرض، قابلیت ثبت لاگ غیرفعال است. در صورت بروز خطا در برنامه، ذخیره لاگ را فعال کنید. @@ -1928,20 +2409,20 @@ Already installed containers were found on the server. All installed containers باز کردن پوشه گزارشات - - + + Save ذخیره - - + + Logs files (*.log) Logs files (*.log) - - + + Logs file saved فایل گزارشات ذخیره شد @@ -1950,64 +2431,62 @@ Already installed containers were found on the server. All installed containers ذخیره گزارشات در فایل - + Enable logs - + Clear logs? پاک کردن گزارشات؟ - + Continue ادامه - + Cancel کنسل - + Logs have been cleaned up گزارشات پاک شدند - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs پاک کردن گزارشات @@ -2042,103 +2521,103 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue ادامه - - - - + + + + Cancel کنسل - + Check the server for previously installed Amnezia services چک کردن سرویس‎های نصب شده Amnezia بر روی سرور - + Add them to the application if they were not displayed اضافه کردن آنها به نرم‎افزار اگر نمایش داده نشده‎اند - + Reboot server سرور را دوباره راه‌اندازی کنید - + Do you want to reboot the server? آیا می‌خواهید سرور را دوباره راه‌اندازی کنید؟ - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? فرآیند راه‌اندازی ممکن است حدود ۳۰ ثانیه طول بکشد. آیا مطمئن هستید که می‌خواهید ادامه دهید؟ - + Cannot reboot server during active connection نمی‌توان سرور را در حین اتصال فعال راه‌اندازی مجدد کرد. - + Do you want to remove the server from application? آیا می‌خواهید سرور را از برنامه حذف کنید؟ - + Cannot remove server during active connection نمی‌توان سرور را در حین اتصال فعال حذف کرد. - + Do you want to clear server from Amnezia software? آیا می‌خواهید سرور را از نرم‌افزار Amnezia پاک کنید؟ - + All users whom you shared a connection with will no longer be able to connect to it. همه کاربرانی که با آن‌ها ارتباطی به اشتراک گذاشته‌اید دیگر قادر به اتصال به آن نخواهند بود. - + Cannot clear server from Amnezia software during active connection نمی‌توان سرور را در حین اتصال فعال از نرم‌افزار Amnezia پاک کرد. - + Reset API config تنظیمات API را بازنشانی کنید - + Do you want to reset API config? آیا می خواهید پیکربندی API را بازنشانی کنید؟ - + Cannot reset API config during active connection نمی‌توان پیکربندی API را در حین اتصال فعال بازنشانی کرد. - + Remove server from application حذف کردن سرور از نرم‎افزار - + All installed AmneziaVPN services will still remain on the server. تمام سرویس‎های نصب‎شده Amnezia همچنان بر روی سرور باقی خواهند ماند. - + Clear server from Amnezia software پاک کردن سرور از نرم‎افزار Amnezia @@ -2146,27 +2625,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - نام سرور + نام سرور - Save - ذخیره + ذخیره - + Protocols پروتکل‎ها - + Services سرویس‎ها - + Management مدیریت @@ -2174,7 +2651,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings تنظیمات @@ -2183,7 +2660,7 @@ Already installed containers were found on the server. All installed containers پاک کردن پروفایل %1 - + Clear %1 profile? آیا می‌خواهید پروفایل %1 را پاک کنید؟ @@ -2193,64 +2670,64 @@ Already installed containers were found on the server. All installed containers - + Unable to clear %1 profile while there is an active connection نمی‌توان پروفایل %1 را در حین اتصال فعال پاک کرد. - + Remove حذف - + Remove %1 from server? حذف %1 از سرور؟ - + All users with whom you shared a connection will no longer be able to connect to it. تمام کاربرانی که این ارتباط را با آنها به اشتراک گذاشته‎اید دیگر نمی‎توانند به آن متصل شوند. - + Cannot remove active container نمی‌توان کانتینر فعال را حذف کرد. - - + + Continue ادامه - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - - + + Cancel کنسل @@ -2258,7 +2735,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers سرورها @@ -2266,100 +2743,100 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function سرور پیش‌فرض از عملکرد تونل‌سازی تقسیم شده پشتیبانی نمی‌کند - + Addresses from the list should not be accessed via VPN دسترسی به آدرس‎های لیست بدون وی‎پی‎ان - + Split tunneling جداسازی ترافیک - + Mode حالت - + Remove حذف - + Continue ادامه - + Cancel کنسل - + Cannot change split tunneling settings during active connection نمی توان تنظیمات تونل تقسیم را در طول اتصال فعال تغییر داد - + Only the sites listed here will be accessed through the VPN تنها سایت‌های موجود در اینجا از طریق VPN دسترسی داده خواهند شد - + website or IP وب‌سایت یا آدرس IP - + Import / Export Sites وارد کردن / صادر کردن وب‌سایت‌ها - + Import بارگذاری - + Save site list ذخیره لیست سایت‎ها - + Save sites ذخیره سایت‎ها - - - + + + Sites files (*.json) Sites files (*.json) - + Import a list of sites بارگذاری لیست سایت‎ها - + Replace site list جایگزین کردن لیست سایت - - + + Open sites file باز کردن فایل سایت‎ها - + Add imported sites to existing ones اضافه کردن سایت‎های بارگذاری شده به سایت‎های موجود @@ -2367,32 +2844,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region برای منطقه - + Price قیمت - + Work period مدت زمان کار - + Speed سرعت - + Features ویژگی‌ها - + Connect اتصال @@ -2400,12 +2877,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia VPN توسط Amnezia - + Choose a VPN service that suits your needs. یک سرویس VPN که مناسب نیازهای شما باشد را انتخاب کنید. @@ -2433,7 +2910,7 @@ It's okay as long as it's from someone you trust. چی داری؟ - + File with connection settings فایل شامل تنظیمات اتصال @@ -2442,7 +2919,7 @@ It's okay as long as it's from someone you trust. فایل شامل تنظیمات اتصال یا بک‎آپ - + Connection ارتباط @@ -2452,82 +2929,102 @@ It's okay as long as it's from someone you trust. تنظیمات - + Enable logs - + + Support tag + + + + + Copied + کپی شد + + + Insert the key, add a configuration file or scan the QR-code کلید را وارد کنید، فایل پیکربندی را اضافه کنید یا کد QR را اسکن کنید - + Insert key کلید را وارد کنید - + Insert وارد کردن - + Continue ادامه دهید - + Other connection options گزینه‌های اتصال دیگر - + + Site Amnezia + + + + VPN by Amnezia VPN توسط Amnezia - + Connect to classic paid and free VPN services from Amnezia اتصال به سرویس‌های VPN کلاسیک پولی و رایگان از Amnezia - + Self-hosted VPN Self-hosted VPN - + Configure Amnezia VPN on your own server پیکربندی VPN Amnezia بر روی سرور خودتان - + Restore from backup بازیابی از پشتیبان - + + + + + + Open backup file باز کردن فایل پشتیبان - + Backup files (*.backup) Backup files (*.backup) - + Open config file باز کردن فایل تنظیمات - + QR code QR-Code - + I have nothing من هیچی ندارم @@ -2539,67 +3036,67 @@ It's okay as long as it's from someone you trust. PageSetupWizardCredentials - + Server IP address [:port] آدرس آی‎پی سرور (:پورت) - + Continue ادامه - + Enter the address in the format 255.255.255.255:88 آدرس را با فرمت 255.255.255.255:88 وارد کنید - + Configure your server سرور خود را پیکربندی کنید - + 255.255.255.255:22 - + SSH Username - + Password or SSH private key رمز عبور یا کلید خصوصی SSH - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties تمام داده‎هایی که شما وارد می‎کنید به شدت محرمانه‎ است و با Amnezia یا هر شخص ثالث دیگری به اشتراک گذاشته نمی‎شود - + How to run your VPN server چگونه سرور VPN خود را اجرا کنید - + Where to get connection data, step-by-step instructions for buying a VPS داده‌های اتصال را از کجا دریافت کنید و دستورالعمل‌های مرحله به مرحله برای خرید یک VPS - + Ip address cannot be empty آدرس آی‎پی نمی‎تواند خالی باشد - + Login cannot be empty نام‎کاربری نمی‎تواند خالی باشد - + Password/private key cannot be empty پسورد یا کلید خصوصی نمی‎تواند خالی باشد @@ -2607,22 +3104,31 @@ It's okay as long as it's from someone you trust. PageSetupWizardEasy - What is the level of internet control in your region? - سطح کنترل اینترنت در منطقه شما چگونه است؟ + سطح کنترل اینترنت در منطقه شما چگونه است؟ - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol یک پروتکل VPN را انتخاب کنید - + Skip setup رد شدن از تنظیم - + Continue ادامه @@ -2669,37 +3175,37 @@ It's okay as long as it's from someone you trust. PageSetupWizardProtocolSettings - + Installing %1 در حال نصب %1 - + More detailed جزییات بیشتر - + Close بستن - + Network protocol پروتکل شبکه - + Port پورت - + Install نصب - + The port must be in the range of 1 to 65535 پورت باید در محدوده ۱ تا ۶۵۵۳۵ باشد @@ -2707,12 +3213,12 @@ It's okay as long as it's from someone you trust. PageSetupWizardProtocols - + VPN protocol پروتکل وی‎پی‎ان - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. پروتکلی که بیشترین اولویت را برای شما دارد انتخاب کنید. بعدا، میتوانید پروتکل‎ها و سرویس‎های اضافه مانند پروکسی DNS و SFTP را هم نصب کنید. @@ -2748,7 +3254,7 @@ It's okay as long as it's from someone you trust. من هیچی ندارم - + Let's get started بیایید شروع کنیم @@ -2756,27 +3262,27 @@ It's okay as long as it's from someone you trust. PageSetupWizardTextKey - + Connection key کلید ارتباط - + A line that starts with vpn://... خطی که با آن شروع می شود vpn://... - + Key کلید - + Insert وارد کردن - + Continue ادامه @@ -2784,32 +3290,32 @@ It's okay as long as it's from someone you trust. PageSetupWizardViewConfig - + New connection ارتباط جدید - + Collapse content جمع کردن محتوا - + Show content نمایش محتوا - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. فعال‌سازی استتار WireGuard. این ممکن است مفید باشد اگر WireGuard توسط ارائه‌دهنده شما مسدود شده باشد. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. از کدهای اتصال فقط از منابع مورد اعتماد خود استفاده کنید. ممکن است کدهایی از منابع عمومی برای رهگیری داده های شما ایجاد شده باشند - + Connect اتصال @@ -2817,211 +3323,216 @@ It's okay as long as it's from someone you trust. PageShare - + OpenVPN native format فرمت OpenVPN - + WireGuard native format فرمت WireGuard - + Connection ارتباط - - + + Server سرور - + Config revoked تنظیمات ابطال‎شد - + Connection to ارتباط با - + File with connection settings to فایل شامل تنظیمات ارتباط با - + Save OpenVPN config ذخیره تنظیمات OpenVPN - + Save WireGuard config ذخیره تنظیمات WireGuard - + Save AmneziaWG config تنظیمات AmneziaWG را ذخیره کنید - + Save Shadowsocks config ذخیره تنظیمات Shadowsocks - + Save Cloak config ذخیره تنظیمات Cloak - + Save XRay config ذخیره پیکربندی XRay - + For the AmneziaVPN app برای نرم‎افزار AmneziaVPN - + AmneziaWG native format فرمت بومی AmneziaWG - + Shadowsocks native format فرمت Shadowsocks - + Cloak native format فرمت Cloak - + XRay native format فرمت بومی XRay - + Share VPN Access اتصال vpn را به اشتراک بگذارید - + Share full access to the server and VPN به اشتراک گذاشتن دسترسی کامل به سرور و وی‎پی‎ان - + Use for your own devices, or share with those you trust to manage the server. برای دستگاه‎های خودتان استفاده کنید یا با آنهایی که برای مدیریت سرور به آن‎ها اعتماد دارید به اشتراک بگذارید. - - + + Users کاربران - + User name نام کاربری - + Search جستجو - + Creation date: %1 تاریخ ایجاد: %1 - + Latest handshake: %1 آخرین ارتباط: %1 - + Data received: %1 داده‌های دریافت شده: %1 - + Data sent: %1 داده‌های ارسال شده: %1 + + + Allowed IPs: %1 + + Creation date: تاریخ ایجاد: - + Rename تغییر نام - + Client name نام کلاینت - + Save ذخیره - + Revoke ابطال - + Revoke the config for a user - %1? لغو پیکربندی برای یک کاربر - %1? - + The user will no longer be able to connect to your server. کاربر دیگر نمی‎تواند به سرور وصل شود. - + Continue ادامه - + Cancel کنسل - + Share VPN access without the ability to manage the server به اشتراک گذاشتن دسترسی وی‎پی‎ان بدون امکان مدیریت سرور - - + + Protocol پروتکل - - + + Connection format فرمت ارتباط - - + + Share اشتراک‎گذاری @@ -3029,55 +3540,55 @@ It's okay as long as it's from someone you trust. PageShareFullAccess - + Full access to the server and VPN دسترسی کامل به سرور و وی‎پی‎ان - + We recommend that you use full access to the server only for your own additional devices. ما پیشنهاد میکنیم که ازحالت دسترسی کامل به سرور فقط برای دستگاه‎های دیگر خودتان استفاده کنید. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. اگر دسترسی کامل را با دیگران به اشتراک بگذارید، آن‎ها می‎توانند پروتکل‎ها و سرویس‎ها را حذف یا اضافه کنند که باعث می‎شود که وی‎پی‎ان دیگر برای سایر کاربران کار نکند. - - + + Server سرور - + Accessing در حال دسترسی به - + File with accessing settings to فایل شامل تنظیمات دسترسی به - + Share اشتراک‎گذاری - + Access error! خطای دسترسی! - + Connection to ارتباط با - + File with connection settings to فایل شامل تنظیمات ارتباط با @@ -3085,17 +3596,17 @@ It's okay as long as it's from someone you trust. PageStart - + Logging was disabled after 14 days, log files were deleted ثبت وقایع پس از ۱۴ روز غیرفعال شد و فایل‌های ثبت وقایع حذف شدند - + Settings restored from backup file تنظیمات از فایل پشتیبان بازیابی شد - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -3103,7 +3614,7 @@ It's okay as long as it's from someone you trust. PopupType - + Close بستن @@ -3362,62 +3873,62 @@ It's okay as long as it's from someone you trust. Function not implemented - + Server check failed Server check failed - + Server port already used. Check for another software Server port already used. Check for another software - + Server error: Docker container missing Server error: Docker container missing - + Server error: Docker failed Server error: Docker failed - + Installation canceled by user Installation canceled by user - - The user does not have permission to use sudo - The user does not have permission to use sudo + + The user is not a member of the sudo group + کاربر عضو گروه sudo نیست - + SSH request was denied SSH request was denied - + SSH request was interrupted SSH request was interrupted - + SSH internal error SSH internal error - + Invalid private key or invalid passphrase entered Invalid private key or invalid passphrase entered - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types The selected private key format is not supported, use openssh ED25519 key types or PEM key types - + Timeout connecting to server Timeout connecting to server @@ -3474,32 +3985,33 @@ It's okay as long as it's from someone you trust. Sftp error: No media was in remote drive - + The config does not contain any containers and credentials for connecting to the server تنظیمات شامل هیچ کانتینر یا اعتبارنامه‎ای برای اتصال به سرور نیست - + VPN connection error خطای اتصال VPN - + + Error when retrieving configuration from API خطا هنگام بازیابی پیکربندی از API - + This config has already been added to the application این پیکربندی قبلاً به برنامه اضافه شده است - + ErrorCode: %1. کد خطا: %1. - + OpenVPN config missing OpenVPN config missing @@ -3509,112 +4021,164 @@ It's okay as long as it's from someone you trust. Background service is not running - - Server error: Packet manager error - Server error: Packet manager error + + The selected protocol is not supported on the current platform + - + + Server error: Package manager error + خطای سرور: خطای مدیر بسته + + + + The sudo package is not pre-installed on the server + + + + + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SCP error: Generic failure SCP error: Generic failure - + OpenVPN management server error OpenVPN management server error - + OpenVPN executable missing OpenVPN executable missing - + Shadowsocks (ss-local) executable missing Shadowsocks (ss-local) executable missing - + Cloak (ck-client) executable missing Cloak (ck-client) executable missing - + Amnezia helper service error Amnezia helper service error - + OpenSSL failed OpenSSL failed - + Can't connect: another VPN connection is active Can't connect: another VPN connection is active - + Can't setup OpenVPN TAP network adapter Can't setup OpenVPN TAP network adapter - + VPN pool error: no available addresses VPN pool error: no available addresses - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + پروتکل وی‎پی‎ان نصب نشده است +لطفا کانتینر وی‎پی‎ان را نصب کنید + + + In the response from the server, an empty config was received در پاسخ از سرور، پیکربندی خالی دریافت شد - + SSL error occurred SSL error occurred - + Server response timeout on api request Server response timeout on api request - + Missing AGW public key - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened - + QFile error: An error occurred when reading from the file - + QFile error: The file could not be accessed - + QFile error: An unspecified error occurred - + QFile error: A fatal error occurred - + QFile error: The operation was aborted - + Internal error Internal error @@ -3624,32 +4188,28 @@ It's okay as long as it's from someone you trust. IPsec - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - شدوساکس - ترافیک VPN را پنهان می کند، به طوری که مشابه ترافیک وب عادی می شود، اما ممکن است توسط سیستم های تجزیه و تحلیل در برخی از مناطق با سانسور شدید شناسایی شود. + شدوساکس - ترافیک VPN را پنهان می کند، به طوری که مشابه ترافیک وب عادی می شود، اما ممکن است توسط سیستم های تجزیه و تحلیل در برخی از مناطق با سانسور شدید شناسایی شود. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - OpenVPN روی Cloak - OpenVPN با VPN که به عنوان ترافیک وب پنهان می‌شود و مقاومت در برابر تشخیص فعال از طریق پیشرفته. ایده‌آل برای دور زدن مسدود کردن در مناطق با بالاترین سطوح سانسور. + OpenVPN روی Cloak - OpenVPN با VPN که به عنوان ترافیک وب پنهان می‌شود و مقاومت در برابر تشخیص فعال از طریق پیشرفته. ایده‌آل برای دور زدن مسدود کردن در مناطق با بالاترین سطوح سانسور. + + + XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. + XRay با REALITY - مناسب برای کشورهایی با بالاترین سطح سانسور اینترنت. استتار ترافیک به عنوان ترافیک وب در سطح TLS و حفاظت در برابر شناسایی با روش‌های پروب فعال. - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - XRay با REALITY - مناسب برای کشورهایی با بالاترین سطح سانسور اینترنت. استتار ترافیک به عنوان ترافیک وب در سطح TLS و حفاظت در برابر شناسایی با روش‌های پروب فعال. - - - IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. IKEv2/IPsec - پروتکل مدرن و پایدار، کمی سریع‌تر از سایرین است و پس از قطع شدن سیگنال، اتصال را بازیابی می‌کند. از پشتیبانی بومی در آخرین نسخه‌های Android و iOS برخوردار است. - + Create a file vault on your server to securely store and transfer files. ساختن یک گنجانده فایل بر روی سرور شما برای ذخیره و انتقال ایمن فایل‌ها. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3668,7 +4228,7 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - این ترکیبی از پروتکل OpenVPN و پلاگین Cloak به طور خاص برای محافظت در برابر مسدود کردن طراحی شده است. + این ترکیبی از پروتکل OpenVPN و پلاگین Cloak به طور خاص برای محافظت در برابر مسدود کردن طراحی شده است. OpenVPN ارتباط امن VPN را با رمزگذاری تمام ترافیک اینترنتی بین مشتری و سرور فراهم می‌کند. @@ -3688,7 +4248,6 @@ Cloak می‌تواند اطلاعات فراداده بسته را تغییر - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3698,7 +4257,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - یک پروتکل VPN محبوب نسبتا جدید با معماری ساده شده. + یک پروتکل VPN محبوب نسبتا جدید با معماری ساده شده. WireGuard اتصال VPN پایدار و عملکرد بالا را در همه دستگاه ها فراهم می کند. از تنظیمات رمزگذاری سخت کد شده استفاده می کند. WireGuard در مقایسه با OpenVPN دارای تأخیر کمتر و توان انتقال داده بهتر است. WireGuard به دلیل امضاهای بسته متمایز خود، بسیار مستعد مسدود شدن است. برخلاف برخی دیگر از پروتکل‌های VPN که از تکنیک‌های مبهم سازی استفاده می‌کنند، الگوهای امضای ثابت بسته‌های WireGuard را می‌توان به راحتی شناسایی کرد و بنابراین توسط Deep پیشرفته مسدود شدسیستم های بازرسی بسته (DPI) و سایر ابزارهای نظارت بر شبکه. @@ -3709,19 +4268,18 @@ WireGuard به دلیل امضاهای بسته متمایز خود، بسیار * روی پروتکل شبکه UDP کار می کند. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - پروتکل REALITY، یک توسعه پیشگامانه توسط خالقان XRay، به‌طور خاص برای مقابله با بالاترین سطح سانسور اینترنتی طراحی شده است و از رویکرد نوآورانه‌ای برای دور زدن محدودیت‌ها استفاده می‌کند. + پروتکل REALITY، یک توسعه پیشگامانه توسط خالقان XRay، به‌طور خاص برای مقابله با بالاترین سطح سانسور اینترنتی طراحی شده است و از رویکرد نوآورانه‌ای برای دور زدن محدودیت‌ها استفاده می‌کند. REALITY به‌طور منحصربه‌فردی سانسورچیان را در مرحله دست‌دهی TLS شناسایی می‌کند و به‌صورت یکپارچه به‌عنوان پراکسی برای کاربران قانونی عمل می‌کند، در حالی که سانسورچیان را به سایت‌های معتبر مانند google.com هدایت می‌کند و در نتیجه یک گواهی TLS واقعی و داده‌های اصلی ارائه می‌دهد. این قابلیت پیشرفته، REALITY را از فناوری‌های مشابه متمایز می‌کند، زیرا می‌تواند ترافیک وب را بدون نیاز به پیکربندی‌های خاص، به‌عنوان ترافیک از سایت‌های تصادفی و معتبر جا بزند. برخلاف پروتکل‌های قدیمی‌تر مانند VMess، VLESS و انتقال XTLS-Vision، تشخیص نوآورانه "دوست یا دشمن" REALITY در مرحله دست‌دهی TLS امنیت را افزایش داده و از شناسایی توسط سیستم‌های پیشرفته DPI که از تکنیک‌های پروب فعال استفاده می‌کنند، جلوگیری می‌کند. این ویژگی REALITY را به یک راه‌حل قوی برای حفظ آزادی اینترنت در محیط‌هایی با سانسور شدید تبدیل می‌کند. - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3742,7 +4300,7 @@ While it offers a blend of security, stability, and speed, it's essential t * روی پروتکل شبکه UDP، پورت‎های 500 و 4500 کار می‎کند. - + DNS Service سرویس DNS @@ -3753,7 +4311,7 @@ While it offers a blend of security, stability, and speed, it's essential t - + Website in Tor network وب سایت در شبکه Tor @@ -3768,31 +4326,119 @@ While it offers a blend of security, stability, and speed, it's essential t پروتکل OpenVPN یکی از پروتکل‎های وی‎پی‎ان محبوب می‎باشد با تنظیمات و پیکربندی‎های قابل تغییر. از پروتکل امنیتی داخلی خود با تبادل کلید SSL/TLS استفاده می‎کند. - - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - پروتکل WireGuard یک پروتکل وی‎پی‎ان جدید با عملکرد بسیار خوب، سرعت بالا و مصرف انرژی پایین. برای مناطقی که سطح سانسور پایینی دارند پیشنهاد می‎شود. + + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + + WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. + پروتکل WireGuard یک پروتکل وی‎پی‎ان جدید با عملکرد بسیار خوب، سرعت بالا و مصرف انرژی پایین. برای مناطقی که سطح سانسور پایینی دارند پیشنهاد می‎شود. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - پروتکل AmneziaWG یک پروتکل اختصاصی Amnezia که بر اساس WireGaurd کار میکند. به اندازه WireGaurd پرسرعت است و در عین حال بسیار مقاوم به بلاک شدن توسط شبکه ست. مناسب برای مناطق با سطح سانسور بالاست. + پروتکل AmneziaWG یک پروتکل اختصاصی Amnezia که بر اساس WireGaurd کار میکند. به اندازه WireGaurd پرسرعت است و در عین حال بسیار مقاوم به بلاک شدن توسط شبکه ست. مناسب برای مناطق با سطح سانسور بالاست. IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. پروتکل IKEv2/IPsec پروتکلی پایدار و مدرن که مقداری سریعتر از سایر پروتکل‎هاست. بعد از قطع سیگنال دوباره اتصال را بازیابی می‎کند. - + Deploy a WordPress site on the Tor network in two clicks. با دو کلیک یک سایت وردپرس در شبکه Tor راه‎اندازی کنید. - + Replace the current DNS server with your own. This will increase your privacy level. سرور DNS را با مال خودتان جایگزین کنید. این کار سطح حریم خصوصی شما را افزایش می‎دهد. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -3801,7 +4447,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - پروتکل OpenVPN یکی از پروتکل‎های محبوب و تست شده در دسترس می‎باشد که از پروتکل امنیتی مخصوص خودش استفاده میکند. + پروتکل OpenVPN یکی از پروتکل‎های محبوب و تست شده در دسترس می‎باشد که از پروتکل امنیتی مخصوص خودش استفاده میکند. از امتیازات SSL/TLS برای رمزنگاری و تبادل کلید استفاده میکند. همچنین OpenVPN از روش‎های چندگانه‎ای برای احراز هویت پشتیبانی می‎کند که آن را قابل انطباق و منعطف میکند. از طیف وسیعی از دستگاه‎ها و سیستم عامل‎ها نیز پشتیبانی می‎کند. @@ -3815,7 +4461,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * امکان کار بر روی دو پروتکل TCP و UDP - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -3830,7 +4476,6 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * عملکرد بر روی پروتکل شبکه TCP - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -3840,7 +4485,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - یک نسخه مدرن از پروتکل وی‎پی‎ان محبوب، AmneziaWG بر روی پایه‎های WireGuard ساخته شده و معماری ساده و عملکرد بالای آن را بر روی تمام دستگاه‎ها حفظ کرده است. + یک نسخه مدرن از پروتکل وی‎پی‎ان محبوب، AmneziaWG بر روی پایه‎های WireGuard ساخته شده و معماری ساده و عملکرد بالای آن را بر روی تمام دستگاه‎ها حفظ کرده است. در حالی‎که WireGuard به دلیل بازدهی آن شناخته می‎شود اما امکان شناسایی شدن بالا به دلیل امضای ثابت بسته داده‎های آن یکی از مشکلات آن است. AmneziaWG این مشکل را با استفاده از متدهای مخفی سازی حل کرده و در نتیجه ترافیک آن همانند با ترافیک عادی اینترنت است. این بدین معنی است که AmneziaWG عملکرد سریع اصلی را حفظ کرده و یک لایه پنهان سازی به آن اضافه کرده که باعث می‎شود که به انتخابی عالی برای آنها که وی‎پی‎ان امن و سریع می‎خواهند تبدیل شود. @@ -3851,7 +4496,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * کار بر روی پروتکل شبکه UDP - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3877,7 +4522,7 @@ For more detailed information, you can - + SOCKS5 proxy server سرور پروکسی SOCKS5 @@ -4068,14 +4713,35 @@ For more detailed information, you can + + RenameServerDrawer + + + Server name + نام سرور + + + + Save + ذخیره + + SelectLanguageDrawer - + Choose language انتخاب زبان + + ServersListView + + + Unable change server while there is an active connection + امکان تغییر سرور در هنگام متصل بودن وجود ندارد + + Settings @@ -4093,7 +4759,7 @@ For more detailed information, you can SettingsController - + All settings have been reset to default values تمام تنظیمات به مقادیر پیش فرض ریست شد @@ -4102,7 +4768,7 @@ For more detailed information, you can پروفایل ذخیره شده پاک شد - + Backup file is corrupted فایل بک‎آپ خراب شده است @@ -4110,39 +4776,39 @@ For more detailed information, you can ShareConnectionDrawer - - + + Save AmneziaVPN config ذخیره تنظیمات AmneziaVPN - + Share اشتراک‎گذاری - + Copy کپی - - + + Copied کپی شد - + Copy config string کپی‎کردن متن تنظیمات - + Show connection settings نمایش تنظیمات ارتباط - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" برای خواندن QR Code در نرم‎افزار AmneziaVPN "اضافه کردن سرور" -> "من داده برای اتصال دارم" -> "QR Code، کلید یا فایل تنظیمات" @@ -4155,37 +4821,37 @@ For more detailed information, you can فرمت هاست شبیه آدرس آی‎پی یا نام دامنه نیست - + New site added: %1 سایت جدید اضافه‎شد: %1 - + Site removed: %1 سایت حذف شد: %1 - + Can't open file: %1 فایل باز نشد: %1 - + Failed to parse JSON data from file: %1 مشکل در تحلیل داده‎های JSON در فایل: %1 - + The JSON data is not an array in file: %1 داده‎های JSON در فایل به صورت آرایه نیستند: %1 - + Import completed بارگذاری کامل شد - + Export completed خروجی گرفتن کامل شد @@ -4226,7 +4892,7 @@ For more detailed information, you can TextFieldWithHeaderType - + The field can't be empty این فیلد نمی‌تواند خالی باشد. @@ -4234,7 +4900,7 @@ For more detailed information, you can VpnConnection - + Mbps Mbps @@ -4285,43 +4951,49 @@ For more detailed information, you can amnezia::ContainerProps - Low - پایین + پایین - High - متوسط یا بالا + متوسط یا بالا Extreme شدید - I just want to increase the level of my privacy. - من فقط میخواهم سطح حریم شخصی خودم را بالا ببرم + من فقط میخواهم سطح حریم شخصی خودم را بالا ببرم - I want to bypass censorship. This option recommended in most cases. - من میخواهم از سانسور عبور کنم. این گزینه در اکثر موارد توصیه می‎‌شود + من میخواهم از سانسور عبور کنم. این گزینه در اکثر موارد توصیه می‎‌شود Most VPN protocols are blocked. Recommended if other options are not working. اکثر پروتکل‎های وی‎پی‎ان مسدود شده‎اند. در مواردی که بقیه گزینه‎ها کار نمی‎کنند توصی می‎شود. + + + Automatic + + + + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + main2 - + Private key passphrase عبارت کلید خصوصی - + Save ذخیره diff --git a/client/translations/amneziavpn_hi_IN.ts b/client/translations/amneziavpn_hi_IN.ts index ab459b7c..18dcfc65 100644 --- a/client/translations/amneziavpn_hi_IN.ts +++ b/client/translations/amneziavpn_hi_IN.ts @@ -1,55 +1,116 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + + + + + API config reloaded + + + + + Successfully changed the country of connection to %1 + + + ApiServicesModel - - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - - - - - VPN to access blocked sites in regions with high levels of Internet censorship. - - - - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. - - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. - + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s - + %1 days - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> - + Free - + %1 $/month @@ -80,7 +141,7 @@ ConnectButton - + Unable to disconnect during configuration preparation कॉन्फ़िगरेशन तैयारी के दौरान डिस्कनेक्ट करने में असमर्थ @@ -88,62 +149,59 @@ ConnectionController - - - - + + + + Connect कनेक्ट - VPN Protocols is not installed. Please install VPN container at first - पीएन प्रोटोकॉल स्थापित नहीं है. + पीएन प्रोटोकॉल स्थापित नहीं है. कृपया पहले वीपीएन कंटेनर स्थापित करें - + Connected जुड़ा हुआ - The selected protocol is not supported on the current platform - चयनित प्रोटोकॉल वर्तमान प्लेटफ़ॉर्म पर समर्थित नहीं है + चयनित प्रोटोकॉल वर्तमान प्लेटफ़ॉर्म पर समर्थित नहीं है - unable to create configuration - कॉन्फ़िगरेशन बनाने में असमर्थ + कॉन्फ़िगरेशन बनाने में असमर्थ - + Connecting... कनेक्ट... - + Reconnecting... पुनः कनेक्ट हो रहा है... - + Disconnecting... डिस्कनेक्ट हो रहा है... - + Preparing... तैयार कर रहे हैं... - + Settings updated successfully, reconnnection... सेटिंग्स सफलतापूर्वक अपडेट हो गईं... - + Settings updated successfully सेटिंग्स सफलतापूर्वक अपडेट हो गईं @@ -151,17 +209,17 @@ ConnectionTypeSelectionDrawer - + Add new connection नया कनेक्शन जोड़ें - + Configure your server अपना सर्वर कॉन्फ़िगर करें - + Open config file, key or QR code कॉन्फ़िग फ़ाइल, कुंजी या QR कोड खोलें @@ -199,7 +257,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection सक्रिय कनेक्शन होने पर प्रोटोकॉल बदलने में असमर्थ @@ -207,46 +265,46 @@ HomeSplitTunnelingDrawer - + Split tunneling विभाजित सुरंग - + Allows you to connect to some sites or applications through a VPN connection and bypass others आपको वीपीएन कनेक्शन के माध्यम से कुछ साइटों या एप्लिकेशन से जुड़ने और अन्य को बायपास करने की अनुमति देता है - + Split tunneling on the server सर्वर पर स्प्लिट टनलिंग - + Enabled Can't be disabled for current server सक्रिय वर्तमान सर्वर के लिए अक्षम नहीं किया जा सकता - + Site-based split tunneling साइट-आधारित विभाजित टनलिंग - - + + Enabled सक्षम किया - - + + Disabled अक्षम - + App-based split tunneling ऐप-आधारित स्प्लिट टनलिंग @@ -254,113 +312,100 @@ Can't be disabled for current server ImportController - Unable to open file - फाइल खोलने में असमर्थ + फाइल खोलने में असमर्थ - - Invalid configuration file - अमान्य कॉन्फ़िगरेशन फ़ाइल + अमान्य कॉन्फ़िगरेशन फ़ाइल - + Scanned %1 of %2. %2 में से %1 स्कैन किया गया. - - In the imported configuration, potentially dangerous lines were found: + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: InstallController - + %1 installed successfully. %1 सफलतापूर्वक स्थापित हुआ. - + %1 is already installed on the server. %1 पहले से ही सर्वर पर स्थापित है. - + Added containers that were already installed on the server सर्वर पर पहले से स्थापित कंटेनर जोड़े गए - + Already installed containers were found on the server. All installed containers have been added to the application सर्वर पर पहले से स्थापित कंटेनर पाए गए। सभी स्थापित कंटेनरों को एप्लिकेशन में जोड़ दिया गया है - + Settings updated successfully सेटिंग्स सफलतापूर्वक अपडेट हो गईं - + Server '%1' was rebooted सर्वर '%1' रीबूट किया गया था - + Server '%1' was removed सर्वर '%1' रीबूट किया गया था - + All containers from server '%1' have been removed सर्वर '%1' से सभी कंटेनर हटा दिए गए हैं - + %1 has been removed from the server '%2' %1 को सर्वर '%2' से हटा दिया गया है - + Api config removed - + %1 cached profile cleared %1 कैश्ड प्रोफ़ाइल साफ़ की गई - + Please login as the user कृपया उपयोगकर्ता के रूप में लॉगिन करें - + Server added successfully सर्वर सफलतापूर्वक जोड़ा गया - - - %1 installed successfully. - - - - - API config reloaded - - - - - Successfully changed the country of connection to %1 - - InstalledAppsDrawer @@ -370,12 +415,12 @@ Already installed containers were found on the server. All installed containers एप्लिकेशन चुनें - + application name आवेदन का नाम - + Add selected चुने हुए को जोड़ो @@ -443,12 +488,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Dev gateway environment @@ -456,85 +501,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled लॉगिंग सक्षम - + Split tunneling enabled स्प्लिट टनलिंग सक्षम - + Split tunneling disabled स्प्लिट टनलिंग अक्षम - + VPN protocol VPN प्रोटोकॉल - + Servers सर्वर - Unable change server while there is an active connection - सक्रिय कनेक्शन होने पर सर्वर बदलने में असमर्थ + सक्रिय कनेक्शन होने पर सर्वर बदलने में असमर्थ PageProtocolAwgClientSettings - + AmneziaWG settings Amneziaडब्ल्यूजी सेटिंग्स - + MTU एमटीयू - + Server settings - + Port - + Save सहेजें - + Save settings? सेटिंग्स सेव करें? - + Only the settings for this device will be changed - + Continue जारी रखना - + Cancel रद्द करना - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -542,12 +586,17 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings Amneziaडब्ल्यूजी सेटिंग्स - + + VPN address subnet + VPN एड्रेस सबनेट + + + Port पोर्ट @@ -556,87 +605,87 @@ Already installed containers were found on the server. All installed containers एमटीयू - + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + Save सहेजें - + The values of the H1-H4 fields must be unique H1-H4 फ़ील्ड का मान अद्वितीय होना चाहिए - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) फ़ील्ड S1 + संदेश आरंभ आकार (148) का मान S2 + संदेश प्रतिक्रिया आकार (92) के बराबर नहीं होना चाहिए - + Save settings? सेटिंग्स सेव करें? - + All users with whom you shared a connection with will no longer be able to connect to it. वे सभी उपयोगकर्ता जिनके साथ आपने कनेक्शन साझा किया था, वे अब इससे कनेक्ट नहीं हो पाएंगे. - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ - + Continue जारी रखना - + Cancel रद्द करना @@ -644,33 +693,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings लबादा सेटिंग - + Disguised as traffic from से यातायात के रूप में प्रच्छन्न - + Port पोर्ट - - + + Cipher साइफर - + Save सहेजें - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -678,175 +727,175 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings OpenVPN सेटिंग्स - + VPN address subnet VPN एड्रेस सबनेट - + Network protocol नेटवर्क प्रोटोकॉल - + Port पोर्ट - + Auto-negotiate encryption स्वतः-निगोशिएट एन्क्रिप्शन - - + + Hash - + SHA512 - + SHA384 - + SHA256 - + SHA3-512 - + SHA3-384 - + SHA3-256 - + whirlpool - + BLAKE2b512 - + BLAKE2s256 अक्षम - + SHA1 - - + + Cipher साइफर - + AES-256-GCM - + AES-192-GCM - + AES-128-GCM एईएस-128-जीसीएम - + AES-256-CBC - + AES-192-CBC - + AES-128-CBC एईएस-128-सीबीसी - + ChaCha20-Poly1305 चाचा20-पॉली1305 - + ARIA-256-CBC एआरआईए-256-सीबीसी - + CAMELLIA-256-CBC कैमेलिया-256-सीबीसी - + none कोई नहीं - + TLS auth टीएलएस प्राधिकरण - + Block DNS requests outside of VPN VPN के बाहर डीएनएस अनुरोधों को ब्लॉक करें - + Additional client configuration commands अतिरिक्त क्लाइंट कॉन्फ़िगरेशन आदेश - - + + Commands: आदेश: - + Additional server configuration commands अतिरिक्त सर्वर कॉन्फ़िगरेशन आदेश - + Save सहेजें - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -854,42 +903,42 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings समायोजन - + Show connection options कनेक्शन विकल्प दिखाएँ - + Connection options %1 कनेक्शन विकल्प%1 - + Remove निकालना - + Remove %1 from server? सर्वर से %1 हटाएँ? - + All users with whom you shared a connection with will no longer be able to connect to it. वे सभी उपयोगकर्ता जिनके साथ आपने कनेक्शन साझा किया था, वे अब इससे कनेक्ट नहीं हो पाएंगे. - + Continue जारी रखना - + Cancel रद्द करना @@ -897,28 +946,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings शैडोसॉक्स सेटिंग्स - + Port पोर्ट - - + + Cipher साइफर - + Save सहेजें - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -926,52 +975,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings डब्ल्यूजी सेटिंग्स - + MTU एमटीयू - + Server settings - + Port - + Save सहेजें - + Save settings? सेटिंग्स सेव करें? - + Only the settings for this device will be changed - + Continue जारी रखना - + Cancel रद्द करना - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -979,12 +1028,17 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings डब्ल्यूजी सेटिंग्स - + + VPN address subnet + VPN एड्रेस सबनेट + + + Port बंदरगाह @@ -993,32 +1047,32 @@ Already installed containers were found on the server. All installed containers एमटीयू - + Save सहेजें - + Save settings? सेटिंग्स सेव करें? - + All users with whom you shared a connection with will no longer be able to connect to it. वे सभी उपयोगकर्ता जिनके साथ आपने कनेक्शन साझा किया था, वे अब इससे कनेक्ट नहीं हो पाएंगे. - + Continue जारी रखना - + Cancel रद्द करना - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -1026,22 +1080,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings एक्सरे सेटिंग्स - + Disguised as traffic from से यातायात के रूप में प्रच्छन्न - + Save सहेजें - + Unable change settings while there is an active connection सक्रिय कनेक्शन होने पर सेटिंग बदलने में असमर्थ @@ -1049,39 +1103,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. आपके सर्वर पर एक DNS सेवा स्थापित है, और यह केवल वीपीएन के माध्यम से पहुंच योग्य है. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. DNS पता आपके सर्वर के पते के समान है। आप कनेक्शन टैब के अंतर्गत सेटिंग्स में DNS को कॉन्फ़िगर कर सकते हैं. - + Remove निकालना - + Remove %1 from server? सर्वर से %1 हटाएँ? - + Continue जारी रखना - + Cancel रद्द करना - + Cannot remove AmneziaDNS from running server चल रहे सर्वर से एम्नेज़िया डीएनएस को नहीं हटाया जा सकता @@ -1089,67 +1143,67 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully सेटिंग्स सफलतापूर्वक अपडेट हो गईं - + SFTP settings एसएफटीपी सेटिंग्स - + Host मेज़बान - - - - + + + + Copied कॉपी किया गया - + Port पोर्ट - + User name उपयोगकर्ता नाम - + Password पासवर्ड - + Mount folder on device डिवाइस पर फ़ोल्डर माउंट करें - + In order to mount remote SFTP folder as local drive, perform following steps: <br> दूरस्थ SFTP फ़ोल्डर को स्थानीय ड्राइव के रूप में माउंट करने के लिए, निम्नलिखित चरण निष्पादित करें: <br> - - + + <br>1. Install the latest version of <br>1. का नवीनतम संस्करण स्थापित करें - - + + <br>2. Install the latest version of <br>2. का नवीनतम संस्करण स्थापित करें - + Detailed instructions विस्तृत निर्देश @@ -1173,69 +1227,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully सेटिंग्स सफलतापूर्वक अपडेट हो गईं - - + + SOCKS5 settings - + Host मेज़बान - - - - + + + + Copied कॉपी किया गया - - + + Port - + User name उपयोगकर्ता नाम - - + + Password पासवर्ड - + Username - - + + Change connection settings - + The port must be in the range of 1 to 65535 - + Password cannot be empty - + Username cannot be empty @@ -1243,37 +1297,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully सेटिंग्स सफलतापूर्वक अपडेट हो गईं - + Tor website settings टोर वेबसाइट सेटिंग्स - + Website address वेबसाइट का पता - + Copied कॉपी किया गया - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. इस यूआरएल को खोलने के लिए <a href='https://www.torproject.org/download/' style='color: #FBB26A;'>Tor ब्राउज़र</a> का उपयोग करें। - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. आपकी onionसाइट बनाने के बाद, टोर नेटवर्क को इसे उपयोग के लिए उपलब्ध कराने में कुछ मिनट लगते हैं. - + When configuring WordPress set the this onion address as domain. वर्डप्रेस को कॉन्फ़िगर करते समय इस प्याज पते को डोमेन के रूप में सेट करें. @@ -1297,42 +1351,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings समायोजन - + Servers सर्वर - + Connection कनेक्शन - + Application एप्लिकेशन - + Backup बैकअप - + About AmneziaVPN AmneziaVPN के बारे में - + Dev console - + Close application एप्लिकेशन बंद करो @@ -1340,32 +1394,32 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia Amnezia का समर्थन करें - + Amnezia is a free and open-source application. You can support the developers if you like it. एमनेज़िया एक निःशुल्क और ओपन-सोर्स एप्लिकेशन है। यदि आपको यह पसंद है तो आप डेवलपर्स का समर्थन कर सकते हैं।. - + Contacts संपर्क - + Telegram group टेलीग्राम समूह - + To discuss features सुविधाओं पर चर्चा करना - + https://t.me/amnezia_vpn_en @@ -1374,130 +1428,505 @@ Already installed containers were found on the server. All installed containers मेल - + support@amnezia.org - + For reviews and bug reports समीक्षाओं और बग रिपोर्टों के लिए - Copied - कॉपी किया गया + कॉपी किया गया - + + mailto:support@amnezia.org + + + + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website वेबसाइट - + + Visit official website + + + + Software version: %1 सॉफ़्टवेयर संस्करण: %1 - + Check for updates अद्यतन के लिए जाँच - + Privacy Policy गोपनीयता नीति - PageSettingsApiServerInfo + PageSettingsApiAvailableCountries - - For the region + + Location for connection - - Price + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices - - Work period + + Manage currently connected devices - - Speed + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. - - Support tag + + (current device) - - Copied - कॉपी किया गया - - - - Reload API config + + Support tag: - - Reload API config? + + Last updated: - - + + Cannot unlink device during active connection + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + Continue जारी रखना - - + Cancel रद्द करना + + + PageSettingsApiInstructions - - Cannot reload API config during active connection + + Windows - - Remove from application + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows - - Remove from application? + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + AmneziaVPN कॉन्फ़िगरेशन सहेजें + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + जारी रखना + + + + Cancel + रद्द करना + + + + PageSettingsApiServerInfo + + Copied + कॉपी किया गया + + + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + + Reload API config + + + + + Reload API config? + + + + + + + Continue + जारी रखना + + + + + + Cancel + रद्द करना + + + + Cannot reload API config during active connection + + + + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + + Remove from application + + + + + Remove from application? + + + + Cannot remove server during active connection सक्रिय कनेक्शन के दौरान सर्वर को हटाया नहीं जा सकता + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + वेबसाइट + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + + + + + Copied + कॉपी किया गया + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection सक्रिय कनेक्शन के दौरान स्प्लिट टनलिंग सेटिंग्स को नहीं बदला जा सकता @@ -1510,7 +1939,7 @@ Already installed containers were found on the server. All installed containers सूची के ऐप्स को वीपीएन के माध्यम से एक्सेस नहीं किया जाना चाहिए - + Only the apps from the list should have access via VPN @@ -1520,42 +1949,42 @@ Already installed containers were found on the server. All installed containers - + App split tunneling ऐप स्प्लिट टनलिंग - + Mode तरीका - + Remove निकालना - + Continue जारी रखना - + Cancel रद्द करना - + application name आवेदन का नाम - + Open executable file निष्पादन योग्य फ़ाइल खोलें - + Executable files (*.*) निष्पादनीय फाइल (*.*) @@ -1563,102 +1992,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application एप्लिकेशन - + Allow application screenshots एप्लिकेशन स्क्रीनशॉट की अनुमति दें - + Enable notifications - + Enable notifications to show the VPN state in the status bar - + Auto start ऑटो स्टार्ट - + Launch the application every time the device is starts हर बार डिवाइस चालू होने पर एप्लिकेशन लॉन्च करें - + Auto connect ऑटो कनेक्ट - + Connect to VPN on app start ऐप शुरू होने पर वीपीएन से कनेक्ट करें - + Start minimized स्टार्ट को मिनिमाइज किया गया - + Launch application minimized लॉन्च एप्लिकेशन को न्यूनतम किया गया - + Language भाषा - + Logging लॉगिंग - + Enabled सक्रिय किया - + Disabled अक्षम - + Reset settings and remove all data from the application सेटिंग्स रीसेट करें और एप्लिकेशन से सभी डेटा हटा दें - + Reset settings and remove all data from the application? सेटिंग्स रीसेट करें और एप्लिकेशन से सभी डेटा हटा दें? - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. सभी सेटिंग्स डिफ़ॉल्ट पर रीसेट हो जाएंगी. सभी स्थापित AmneziaVPN सेवाएँ अभी भी सर्वर पर रहेंगी।. - + Continue जारी रखना - + Cancel रद्द करना - + Cannot reset settings during active connection सक्रिय कनेक्शन के दौरान सेटिंग्स रीसेट नहीं की जा सकतीं @@ -1666,78 +2095,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - + Settings restored from backup file बैकअप फ़ाइल से सेटिंग्स पुनर्स्थापित की गईं - + Back up your configuration अपने कॉन्फ़िगरेशन का बैकअप लें - + You can save your settings to a backup file to restore them the next time you install the application. अगली बार जब आप एप्लिकेशन इंस्टॉल करेंगे तो उन्हें पुनर्स्थापित करने के लिए आप अपनी सेटिंग्स को बैकअप फ़ाइल में सहेज सकते हैं. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. बैकअप में AmneziaVPN में जोड़े गए सभी सर्वरों के लिए आपके पासवर्ड और निजी कुंजी शामिल होंगी। इस जानकारी को सुरक्षित स्थान पर रखें. - + Make a backup बैकअप बनाएं - + Save backup file बैकअप फ़ाइल सहेजें - - + + Backup files (*.backup) बैकअप फ़ाइलें (*.backup) - + Backup file saved बैकअप फ़ाइल सहेजी गई - + Restore from backup बैकअप से बहाल करना - + Open backup file बैकअप फ़ाइल खोलें - + Import settings from a backup file? बैकअप फ़ाइल से सेटिंग्स आयात करें? - + All current settings will be reset सभी मौजूदा सेटिंग्स रीसेट कर दी जाएंगी - + Continue जारी रखना - + Cancel रद्द करना - + Cannot restore backup settings during active connection सक्रिय कनेक्शन के दौरान बैकअप सेटिंग्स को पुनर्स्थापित नहीं किया जा सकता @@ -1745,125 +2174,129 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection कनेक्शन - + When AmneziaDNS is not used or installed जब AmneziaDNS का उपयोग या स्थापित नहीं किया जाता है - + Allows you to use the VPN only for certain Apps आपको केवल कुछ ऐप्स के लिए वीपीएन का उपयोग करने की अनुमति देता है - + Use AmneziaDNS Amneziaडीएनएस का प्रयोग करें - + If AmneziaDNS is installed on the server यदि AmneziaDNS सर्वर पर स्थापित है - + DNS servers DNS सर्वर - + Site-based split tunneling साइट-आधारित विभाजित टनलिंग - + Allows you to select which sites you want to access through the VPN आपको यह चुनने की अनुमति देता है कि आप वीपीएन के माध्यम से किन साइटों तक पहुंचना चाहते हैं - + App-based split tunneling ऐप-आधारित स्प्लिट टनलिंग - + KillSwitch स्विच बन्द कर दो - + Disables your internet if your encrypted VPN connection drops out for any reason. यदि आपका एन्क्रिप्टेड वीपीएन कनेक्शन किसी भी कारण से बंद हो जाता है तो आपका इंटरनेट अक्षम कर देता है. - + + Cannot change KillSwitch settings during active connection + + + Cannot change killSwitch settings during active connection - सक्रिय कनेक्शन के दौरान किलस्विच सेटिंग्स को नहीं बदला जा सकता + सक्रिय कनेक्शन के दौरान किलस्विच सेटिंग्स को नहीं बदला जा सकता PageSettingsDns - + Default server does not support custom DNS डिफ़ॉल्ट सर्वर कस्टम डीएनएस का समर्थन नहीं करता है - + DNS servers DNS सर्वर - + If AmneziaDNS is not used or installed यदि AmneziaDNS का उपयोग या स्थापित नहीं किया गया है - + Primary DNS प्राथमिक डीएनएस - + Secondary DNS द्वितीयक डीएनएस - + Restore default डिफ़ॉल्ट बहाल - + Restore default DNS settings? डिफ़ॉल्ट DNS सेटिंग्स पुनर्स्थापित करें? - + Continue जारी रखना - + Cancel रद्द करना - + Settings have been reset सेटिंग्स रीसेट कर दी गई हैं - + Save सहेजें - + Settings saved सेटिंग्स को सहेजा गया @@ -1875,12 +2308,12 @@ Already installed containers were found on the server. All installed containers लॉगिंग सक्षम है. ध्यान दें कि 14 दिनों के बाद लॉग स्वचालित रूप से अक्षम हो जाएंगे, और सभी लॉग फ़ाइलें हटा दी जाएंगी. - + Logging लॉगिंग - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. इस फ़ंक्शन को सक्षम करने से एप्लिकेशन के लॉग स्वचालित रूप से सहेजे जाएंगे, डिफ़ॉल्ट रूप से, लॉगिंग कार्यक्षमता अक्षम है। एप्लिकेशन की खराबी की स्थिति में लॉग सेविंग सक्षम करें. @@ -1893,20 +2326,20 @@ Already installed containers were found on the server. All installed containers लॉग के साथ फ़ोल्डर खोलें - - + + Save सहेजें - - + + Logs files (*.log) लॉग फ़ाइलें (*.log) - - + + Logs file saved लॉग फ़ाइल सहेजी गई @@ -1915,64 +2348,62 @@ Already installed containers were found on the server. All installed containers फ़ाइल में लॉग सहेजें - + Enable logs - + Clear logs? लॉग साफ़ करें? - + Continue जारी रखना - + Cancel रद्द करना - + Logs have been cleaned up लॉग साफ़ कर दिए गए हैं - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs लॉग साफ़ करें @@ -1990,12 +2421,12 @@ Already installed containers were found on the server. All installed containers कोई नया स्थापित कंटेनर नहीं मिला - + Do you want to reboot the server? क्या आप सर्वर को रीबूट करना चाहते हैं? - + Do you want to clear server from Amnezia software? क्या आप एमनेज़िया सॉफ़्टवेयर से सर्वर साफ़ करना चाहते हैं? @@ -2005,93 +2436,93 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue जारी रखना - - - - + + + + Cancel रद्द करना - + Check the server for previously installed Amnezia services पहले से स्थापित एमनेज़िया सेवाओं के लिए सर्वर की जाँच करें - + Add them to the application if they were not displayed यदि वे प्रदर्शित नहीं थे तो उन्हें एप्लिकेशन में जोड़ें - + Reboot server सर्वर रीबूट करें - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? रीबूट प्रक्रिया में लगभग 30 सेकंड लग सकते हैं। आप निश्चित है आप आगे बढ़ना चाहते है? - + Cannot reboot server during active connection सक्रिय कनेक्शन के दौरान सर्वर को रीबूट नहीं किया जा सकता - + Remove server from application एप्लिकेशन से सर्वर हटाएं - + Do you want to remove the server from application? क्या आप एप्लिकेशन से सर्वर हटाना चाहते हैं? - + Cannot remove server during active connection सक्रिय कनेक्शन के दौरान सर्वर को हटाया नहीं जा सकता - + All users whom you shared a connection with will no longer be able to connect to it. वे सभी उपयोगकर्ता जिनके साथ आपने कनेक्शन साझा किया था, वे अब इससे कनेक्ट नहीं हो पाएंगे. - + Cannot clear server from Amnezia software during active connection सक्रिय कनेक्शन के दौरान एमनेज़िया सॉफ़्टवेयर से सर्वर साफ़ नहीं किया जा सकता - + Reset API config एपीआई कॉन्फिगरेशन रीसेट करें - + Do you want to reset API config? क्या आप एपीआई कॉन्फिगरेशन रीसेट करना चाहते हैं? - + Cannot reset API config during active connection सक्रिय कनेक्शन के दौरान एपीआई कॉन्फिगरेशन को रीसेट नहीं किया जा सकता - + All installed AmneziaVPN services will still remain on the server. सभी स्थापित AmneziaVPN सेवाएँ अभी भी सर्वर पर रहेंगी. - + Clear server from Amnezia software एमनेज़िया सॉफ़्टवेयर से सर्वर साफ़ करें @@ -2099,27 +2530,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - सर्वर का नाम + सर्वर का नाम - Save - सहेजें + सहेजें - + Protocols प्रोटोकॉल - + Services सेवाएं - + Management प्रबंध @@ -2127,7 +2556,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings समायोजन @@ -2136,7 +2565,7 @@ Already installed containers were found on the server. All installed containers %1 प्रोफ़ाइल साफ़ करें - + Clear %1 profile? %1 प्रोफ़ाइल साफ़ करें? @@ -2146,64 +2575,64 @@ Already installed containers were found on the server. All installed containers - + Unable to clear %1 profile while there is an active connection सक्रिय कनेक्शन होने पर %1 प्रोफ़ाइल साफ़ करने में असमर्थ - + Remove निकालना - + All users with whom you shared a connection will no longer be able to connect to it. वे सभी उपयोगकर्ता जिनके साथ आपने कनेक्शन साझा किया था, वे अब इससे कनेक्ट नहीं हो पाएंगे. - + Cannot remove active container सक्रिय कंटेनर को हटाया नहीं जा सकता - + Remove %1 from server? सर्वर से %1 हटाएँ? - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - - + + Continue जारी रखना - - + + Cancel रद्द करना @@ -2211,7 +2640,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers सर्वर @@ -2219,100 +2648,100 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function डिफ़ॉल्ट सर्वर स्प्लिट टनलिंग फ़ंक्शन का समर्थन नहीं करता है - + Addresses from the list should not be accessed via VPN सूची के पतों को वीपीएन के माध्यम से एक्सेस नहीं किया जाना चाहिए - + Split tunneling विभाजित सुरंग - + Mode तरीका - + Remove निकालना - + Continue जारी रखना - + Cancel रद्द करना - + Only the sites listed here will be accessed through the VPN केवल यहां सूचीबद्ध साइटों को ही वीपीएन के माध्यम से एक्सेस किया जाएगा - + Cannot change split tunneling settings during active connection सक्रिय कनेक्शन के दौरान स्प्लिट टनलिंग सेटिंग्स को नहीं बदला जा सकता - + website or IP वेबसाइट या आईपी - + Import / Export Sites आयात/निर्यात साइटें - + Import आयात - + Save site list साइट सूची सहेजें - + Save sites साइटें सहेजें - - - + + + Sites files (*.json) - + Import a list of sites साइटों की सूची आयात करें - + Replace site list साइट सूची बदलें - - + + Open sites file साइट फ़ाइल खोलें - + Add imported sites to existing ones आयातित साइटों को मौजूदा साइटों में जोड़ें @@ -2320,32 +2749,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region - + Price - + Work period - + Speed - + Features - + Connect कनेक्ट @@ -2353,12 +2782,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia - + Choose a VPN service that suits your needs. @@ -2382,7 +2811,7 @@ Already installed containers were found on the server. All installed containers कनेक्शन सेटिंग्स वाली फ़ाइल - + Connection कनेक्शन @@ -2392,87 +2821,107 @@ Already installed containers were found on the server. All installed containers समायोजन - + Enable logs - + + Support tag + + + + + Copied + कॉपी किया गया + + + Insert the key, add a configuration file or scan the QR-code - + Insert key - + Insert डालना - + Continue जारी रखना - + Other connection options - + + Site Amnezia + + + + VPN by Amnezia - + Connect to classic paid and free VPN services from Amnezia - + Self-hosted VPN - + Configure Amnezia VPN on your own server - + Restore from backup बैकअप से बहाल करना - + + + + + + Open backup file बैकअप फ़ाइल खोलें - + Backup files (*.backup) बैकअप फ़ाइलें (*.backup) - + File with connection settings कनेक्शन सेटिंग्स वाली फ़ाइल - + Open config file कॉन्फ़िग फ़ाइल खोलें - + QR code क्यू आर संहिता - + I have nothing मेरे पास कुछ नहीं है @@ -2484,67 +2933,67 @@ Already installed containers were found on the server. All installed containers PageSetupWizardCredentials - + Configure your server अपना सर्वर कॉन्फ़िगर करें - + Server IP address [:port] सर्वर आईपी पता [:पोर्ट] - + Continue जारी रखना - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties आपके द्वारा दर्ज किया गया सभी डेटा पूरी तरह से गोपनीय रहेगा और एमनेज़िया या किसी तीसरे पक्ष को साझा या प्रकट नहीं किया जाएगा - + 255.255.255.255:22 255.255.255.255:22 - + SSH Username SSH उपयोगकर्ता नाम - + Password or SSH private key पासवर्ड या SSH निजी कुंजी - + How to run your VPN server - + Where to get connection data, step-by-step instructions for buying a VPS - + Ip address cannot be empty आईपी ​​पता खाली नहीं हो सकता - + Enter the address in the format 255.255.255.255:88 पता 255.255.255.255:88 प्रारूप में दर्ज करें - + Login cannot be empty लॉगिन खाली नहीं हो सकता - + Password/private key cannot be empty पासवर्ड/निजी कुंजी खाली नहीं हो सकती @@ -2552,22 +3001,31 @@ Already installed containers were found on the server. All installed containers PageSetupWizardEasy - What is the level of internet control in your region? - आपके क्षेत्र में इंटरनेट नियंत्रण का स्तर क्या है? + आपके क्षेत्र में इंटरनेट नियंत्रण का स्तर क्या है? - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol एक वीपीएन प्रोटोकॉल चुनें - + Continue जारी रखना - + Skip setup सेटअप छोड़ें @@ -2614,37 +3072,37 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocolSettings - + Installing %1 %1 स्थापित किया जा रहा है - + More detailed अधिक विवरण - + Close बंद करना - + Network protocol नेटवर्क प्रोटोकॉल - + Port منفذ - + Install स्थापित करना - + The port must be in the range of 1 to 65535 @@ -2652,12 +3110,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocols - + VPN protocol VPN प्रोटोकॉल - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. वह चुनें जो आपके लिए सर्वोच्च प्राथमिकता हो। बाद में, आप अन्य प्रोटोकॉल और अतिरिक्त सेवाएँ, जैसे DNS प्रॉक्सी और SFTP स्थापित कर सकते हैं. @@ -2693,7 +3151,7 @@ Already installed containers were found on the server. All installed containers मेरे पास कुछ नहीं है - + Let's get started @@ -2701,27 +3159,27 @@ Already installed containers were found on the server. All installed containers PageSetupWizardTextKey - + Connection key कनेक्शन कुंजी - + A line that starts with vpn://... एक लाइन जो vpn://... से शुरू होती है... - + Key चाबी - + Insert डालना - + Continue जारी रखना @@ -2729,32 +3187,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardViewConfig - + New connection नया कनेक्शन - + Collapse content सामग्री संक्षिप्त करें - + Show content सामग्री दिखाओ - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. वायरगार्ड अस्पष्टीकरण सक्षम करें. यदि आपके प्रदाता पर वायरगार्ड अवरुद्ध है तो यह उपयोगी हो सकता है. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. केवल उन स्रोतों से कनेक्शन कोड का उपयोग करें जिन पर आपको भरोसा है। हो सकता है कि आपके डेटा को इंटरसेप्ट करने के लिए सार्वजनिक स्रोतों से कोड बनाए गए हों. - + Connect कनेक्ट @@ -2762,37 +3220,37 @@ Already installed containers were found on the server. All installed containers PageShare - + Save OpenVPN config OpenVPN कॉन्फ़िगरेशन सहेजें - + Save WireGuard config वायरगार्ड कॉन्फ़िगरेशन सहेजें - + Save AmneziaWG config AmneziaWG कॉन्फ़िगरेशन सहेजें - + Save Shadowsocks config शैडोसॉक्स कॉन्फ़िगरेशन सहेजें - + Save Cloak config क्लोक कॉन्फ़िगरेशन सहेजें - + Save XRay config एक्सरे कॉन्फिगरेशन सहेजें - + For the AmneziaVPN app AmneziaVPN ऐप के लिए @@ -2801,176 +3259,181 @@ Already installed containers were found on the server. All installed containers OpenVpn मूल स्वरूप - + WireGuard native format वायरगार्ड मूल प्रारूप - + AmneziaWG native format AmneziaWG मूल प्रारूप - + Shadowsocks native format शैडोसॉक्स मूल प्रारूप - + Cloak native format लबादा देशी स्वरूप - + XRay native format एक्सरे देशी प्रारूप - + Share VPN Access VPN एक्सेस साझा करें - + Share full access to the server and VPN सर्वर और वीपीएन तक पूर्ण पहुंच साझा करें - + Use for your own devices, or share with those you trust to manage the server. अपने स्वयं के उपकरणों के लिए उपयोग करें, या सर्वर को प्रबंधित करने के लिए उन लोगों के साथ साझा करें जिन पर आप भरोसा करते हैं. - - + + Users उपयोगकर्ताओं - + Share VPN access without the ability to manage the server सर्वर को प्रबंधित करने की क्षमता के बिना वीपीएन एक्सेस साझा करें - + Search खोज - + Creation date: %1 निर्माण दिनांक: %1 - + Latest handshake: %1 नवीनतम हाथ मिलाना: %1 - + Data received: %1 प्राप्त डेटा: %1 - + Data sent: %1 डेटा भेजा गया: %1 + + + Allowed IPs: %1 + + Creation date: निर्माण तिथि: - + Rename नाम बदलें - + Client name ग्राहक नाम - + Save सहेजें - + Revoke निरस्त करें - + Revoke the config for a user - %1? किसी उपयोक्ता के लिए कॉन्फ़िगरेशन निरस्त करें - %1? - + The user will no longer be able to connect to your server. उपयोगकर्ता अब आपके सर्वर से कनेक्ट नहीं हो पाएगा. - + Continue जारी रखना - + Cancel रद्द करना - + Connection कनेक्शन - - + + Server सर्वर - + File with connection settings to कनेक्शन सेटिंग्स वाली फ़ाइल - - + + Protocol शिष्टाचार - + Connection to कनेक्शन के लिए - + Config revoked कॉन्फ़िगरेशन निरस्त कर दिया गया - + OpenVPN native format - + User name उपयोगकर्ता नाम - - + + Connection format कनेक्शन प्रारूप - - + + Share शेयर करना @@ -2978,55 +3441,55 @@ Already installed containers were found on the server. All installed containers PageShareFullAccess - + Full access to the server and VPN सर्वर और वीपीएन तक पूर्ण पहुंच - + We recommend that you use full access to the server only for your own additional devices. हम अनुशंसा करते हैं कि आप सर्वर तक पूर्ण पहुंच का उपयोग केवल अपने अतिरिक्त उपकरणों के लिए करें. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. यदि आप अन्य लोगों के साथ पूर्ण पहुंच साझा करते हैं, तो वे सर्वर पर प्रोटोकॉल और सेवाओं को हटा और जोड़ सकते हैं, जिससे वीपीएन सभी उपयोगकर्ताओं के लिए गलत तरीके से काम करेगा. - - + + Server सर्वर - + Accessing एक्सेस करना - + File with accessing settings to एक्सेस सेटिंग्स वाली फ़ाइल - + Share शेयर करना - + Access error! प्रवेश त्रुटि! - + Connection to के लिए कनेक्शन - + File with connection settings to कनेक्शन सेटिंग्स वाली फ़ाइल @@ -3034,17 +3497,17 @@ Already installed containers were found on the server. All installed containers PageStart - + Logging was disabled after 14 days, log files were deleted 14 दिनों के बाद लॉगिंग अक्षम कर दी गई, लॉग फ़ाइलें हटा दी गईं - + Settings restored from backup file बैकअप फ़ाइल से सेटिंग्स पुनर्स्थापित की गईं - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -3052,7 +3515,7 @@ Already installed containers were found on the server. All installed containers PopupType - + Close बंद करना @@ -3302,7 +3765,7 @@ Already installed containers were found on the server. All installed containers - + SOCKS5 proxy server @@ -3328,202 +3791,255 @@ Already installed containers were found on the server. All installed containers - + + The selected protocol is not supported on the current platform + चयनित प्रोटोकॉल वर्तमान प्लेटफ़ॉर्म पर समर्थित नहीं है + + + Server check failed सर्वर जाँच विफल रही - + Server port already used. Check for another software सर्वर पोर्ट पहले ही उपयोग किया जा चुका है. किसी अन्य सॉफ़्टवेयर की जाँच करें - + Server error: Docker container missing सर्वर त्रुटि: डॉकर कंटेनर गायब है - + Server error: Docker failed सर्वर त्रुटि: डॉकर विफल - + Installation canceled by user उपयोगकर्ता द्वारा इंस्टॉलेशन रद्द कर दिया गया - - The user does not have permission to use sudo - उपयोगकर्ता के पास sudo का उपयोग करने की अनुमति नहीं है + + The user is not a member of the sudo group + उपयोगकर्ता sudo समूह का सदस्य नहीं है - - Server error: Packet manager error - सर्वर त्रुटि: पैकेट प्रबंधक त्रुटि + + Server error: Package manager error + सर्वर त्रुटि: पैकेज प्रबंधक त्रुटि + + + + The sudo package is not pre-installed on the server + + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SSH request was denied SSH अनुरोध अस्वीकार कर दिया गया - + SSH request was interrupted SSH अनुरोध बाधित हो गया था - + SSH internal error SSH आंतरिक त्रुटि - + Invalid private key or invalid passphrase entered अमान्य निजी कुंजी या अमान्य पासफ़्रेज़ दर्ज किया गया - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types चयनित निजी कुंजी प्रारूप समर्थित नहीं है, ओपनश ED25519 कुंजी प्रकार या PEM कुंजी प्रकार का उपयोग करें - + Timeout connecting to server सर्वर से कनेक्ट होने का समय समाप्त - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + पीएन प्रोटोकॉल स्थापित नहीं है. +कृपया पहले वीपीएन कंटेनर स्थापित करें + + + VPN connection error VPN कनेक्शन त्रुटि - + + Error when retrieving configuration from API एपीआई से कॉन्फ़िगरेशन पुनर्प्राप्त करते समय त्रुटि - + This config has already been added to the application यह कॉन्फ़िगरेशन पहले ही एप्लिकेशन में जोड़ा जा चुका है - + In the response from the server, an empty config was received - + SSL error occurred - + Server response timeout on api request - + Missing AGW public key - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + ErrorCode: %1. ErrorCode: %1. - + OpenVPN config missing OpenVPN प्रबंधन सर्वर त्रुटि - + SCP error: Generic failure एससीपी त्रुटि: सामान्य विफलता - + OpenVPN management server error OpenVPN प्रबंधन सर्वर त्रुटि - + OpenVPN executable missing OpenVPN निष्पादन योग्य गायब है - + Shadowsocks (ss-local) executable missing शैडोसॉक्स (एसएस-स्थानीय) निष्पादन योग्य गायब है - + Cloak (ck-client) executable missing क्लोक (सीके-क्लाइंट) निष्पादन योग्य गायब है - + Amnezia helper service error Amnezia भूलने की बीमारी सहायक सेवा त्रुटि - + OpenSSL failed ओपनएसएसएल विफल रहा - + Can't connect: another VPN connection is active कनेक्ट नहीं हो सकता: कोई अन्य वीपीएन कनेक्शन सक्रिय है - + Can't setup OpenVPN TAP network adapter OpenVPN TAP नेटवर्क एडाप्टर सेटअप नहीं कर सकता - + VPN pool error: no available addresses VPN pool error: لا يوجد عنواين مٌتاحة - + The config does not contain any containers and credentials for connecting to the server कॉन्फ़िगरेशन में सर्वर से कनेक्ट करने के लिए कोई कंटेनर और क्रेडेंशियल नहीं है - + QFile error: The file could not be opened Qफ़ाइल त्रुटि: फ़ाइल खोली नहीं जा सकी - + QFile error: An error occurred when reading from the file Qफ़ाइल त्रुटि: फ़ाइल से पढ़ते समय एक त्रुटि उत्पन्न हुई - + QFile error: The file could not be accessed Qफ़ाइल त्रुटि: फ़ाइल तक नहीं पहुंचा जा सका - + QFile error: An unspecified error occurred Qफ़ाइल त्रुटि: एक अनिर्दिष्ट त्रुटि उत्पन्न हुई - + QFile error: A fatal error occurred Qफ़ाइल त्रुटि: एक घातक त्रुटि उत्पन्न हुई - + QFile error: The operation was aborted Qफ़ाइल त्रुटि: ऑपरेशन निरस्त कर दिया गया था - + Internal error आंतरिक त्रुटि @@ -3534,7 +4050,7 @@ Already installed containers were found on the server. All installed containers - + Website in Tor network टोर नेटवर्क में वेबसाइट @@ -3555,31 +4071,118 @@ Already installed containers were found on the server. All installed containers - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - शैडोसॉक्स - वीपीएन ट्रैफ़िक को मास्क करता है, जिससे यह सामान्य वेब ट्रैफ़िक के समान हो जाता है, लेकिन इसे कुछ अत्यधिक सेंसर किए गए क्षेत्रों में विश्लेषण प्रणालियों द्वारा पहचाना जा सकता है. + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + + Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. + शैडोसॉक्स - वीपीएन ट्रैफ़िक को मास्क करता है, जिससे यह सामान्य वेब ट्रैफ़िक के समान हो जाता है, लेकिन इसे कुछ अत्यधिक सेंसर किए गए क्षेत्रों में विश्लेषण प्रणालियों द्वारा पहचाना जा सकता है. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - क्लोक पर ओपनवीपीएन - ओपनवीपीएन वीपीएन के साथ वेब ट्रैफिक और सक्रिय-जांच पहचान के खिलाफ सुरक्षा का मुखौटा लगाता है। उच्चतम स्तर की सेंसरशिप वाले क्षेत्रों में अवरोध को दूर करने के लिए आदर्श. + क्लोक पर ओपनवीपीएन - ओपनवीपीएन वीपीएन के साथ वेब ट्रैफिक और सक्रिय-जांच पहचान के खिलाफ सुरक्षा का मुखौटा लगाता है। उच्चतम स्तर की सेंसरशिप वाले क्षेत्रों में अवरोध को दूर करने के लिए आदर्श. + + + XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. + वास्तविकता के साथ एक्सरे - उच्चतम स्तर की इंटरनेट सेंसरशिप वाले देशों के लिए उपयुक्त। टीएलएस स्तर पर ट्रैफ़िक को वेब ट्रैफ़िक के रूप में छिपाया जाता है, और सक्रिय जांच विधियों द्वारा पता लगाने से सुरक्षा प्रदान की जाती है. - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - वास्तविकता के साथ एक्सरे - उच्चतम स्तर की इंटरनेट सेंसरशिप वाले देशों के लिए उपयुक्त। टीएलएस स्तर पर ट्रैफ़िक को वेब ट्रैफ़िक के रूप में छिपाया जाता है, और सक्रिय जांच विधियों द्वारा पता लगाने से सुरक्षा प्रदान की जाती है. - - - IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. - + Create a file vault on your server to securely store and transfer files. फ़ाइलों को सुरक्षित रूप से संग्रहीत और स्थानांतरित करने के लिए अपने सर्वर पर एक फ़ाइल वॉल्ट बनाएं. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3598,7 +4201,7 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - यह OpenVPN प्रोटोकॉल और क्लॉक प्लगइन का एक संयोजन है जिसे विशेष रूप से ब्लॉकिंग से बचाने के लिए डिज़ाइन किया गया है। + यह OpenVPN प्रोटोकॉल और क्लॉक प्लगइन का एक संयोजन है जिसे विशेष रूप से ब्लॉकिंग से बचाने के लिए डिज़ाइन किया गया है। OpenVPN क्लाइंट और सर्वर के बीच सभी इंटरनेट ट्रैफ़िक को एन्क्रिप्ट करके एक सुरक्षित वीपीएन कनेक्शन प्रदान करता है। @@ -3618,7 +4221,6 @@ OpenVPN क्लाइंट और सर्वर के बीच सभी - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3628,7 +4230,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - सरलीकृत वास्तुकला के साथ एक अपेक्षाकृत नया लोकप्रिय वीपीएन प्रोटोकॉल। + सरलीकृत वास्तुकला के साथ एक अपेक्षाकृत नया लोकप्रिय वीपीएन प्रोटोकॉल। वायरगार्ड सभी उपकरणों पर स्थिर वीपीएन कनेक्शन और उच्च प्रदर्शन प्रदान करता है। यह हार्ड-कोडित एन्क्रिप्शन सेटिंग्स का उपयोग करता है। ओपनवीपीएन की तुलना में वायरगार्ड में कम विलंबता और बेहतर डेटा ट्रांसफर थ्रूपुट है। वायरगार्ड अपने विशिष्ट पैकेट हस्ताक्षरों के कारण अवरुद्ध होने के प्रति अतिसंवेदनशील है। कुछ अन्य वीपीएन प्रोटोकॉल के विपरीत, जो अस्पष्टता तकनीकों को नियोजित करते हैं, वायरगार्ड पैकेट के सुसंगत हस्ताक्षर पैटर्न को अधिक आसानी से पहचाना जा सकता है और इस प्रकार उन्नत डीप पैकेट निरीक्षण (डीपीआई) सिस्टम और अन्य नेटवर्क निगरानी उपकरणों द्वारा अवरुद्ध किया जा सकता है। @@ -3639,7 +4241,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * यूडीपी नेटवर्क प्रोटोकॉल पर काम करता है।. - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3658,31 +4260,28 @@ For more detailed information, you can इसे "एसएफटीपी फ़ाइल संग्रहण बनाएं" के अंतर्गत सहायता अनुभाग में ढूंढें - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - वायरगार्ड - उच्च प्रदर्शन, उच्च गति और कम बिजली की खपत के साथ नया लोकप्रिय वीपीएन प्रोटोकॉल। सेंसरशिप के निम्न स्तर वाले क्षेत्रों के लिए अनुशंसित. + वायरगार्ड - उच्च प्रदर्शन, उच्च गति और कम बिजली की खपत के साथ नया लोकप्रिय वीपीएन प्रोटोकॉल। सेंसरशिप के निम्न स्तर वाले क्षेत्रों के लिए अनुशंसित. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG - वायरगार्ड पर आधारित Amnezia का विशेष प्रोटोकॉल। यह वायरगार्ड की तरह तेज़ है, लेकिन रुकावटों के प्रति बहुत प्रतिरोधी है। उच्च स्तर की सेंसरशिप वाले क्षेत्रों के लिए अनुशंसित. + AmneziaWG - वायरगार्ड पर आधारित Amnezia का विशेष प्रोटोकॉल। यह वायरगार्ड की तरह तेज़ है, लेकिन रुकावटों के प्रति बहुत प्रतिरोधी है। उच्च स्तर की सेंसरशिप वाले क्षेत्रों के लिए अनुशंसित. IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. IKEv2/IPsec - आधुनिक स्थिर प्रोटोकॉल, दूसरों की तुलना में थोड़ा तेज़, सिग्नल हानि के बाद कनेक्शन पुनर्स्थापित करता है। - + Deploy a WordPress site on the Tor network in two clicks. दो क्लिक में टोर नेटवर्क पर एक वर्डप्रेस साइट तैनात करें।. - + Replace the current DNS server with your own. This will increase your privacy level. वर्तमान DNS सर्वर को अपने स्वयं के DNS सर्वर से बदलें। इससे आपकी गोपनीयता का स्तर बढ़ जाएगा. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -3691,7 +4290,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - OpenVPN उपलब्ध सबसे लोकप्रिय और समय-परीक्षणित वीपीएन प्रोटोकॉल में से एक है। + OpenVPN उपलब्ध सबसे लोकप्रिय और समय-परीक्षणित वीपीएन प्रोटोकॉल में से एक है। यह एन्क्रिप्शन और कुंजी विनिमय के लिए एसएसएल/टीएलएस की ताकत का लाभ उठाते हुए, अपने अद्वितीय सुरक्षा प्रोटोकॉल को नियोजित करता है। इसके अलावा, कई प्रमाणीकरण विधियों के लिए ओपनवीपीएन का समर्थन इसे उपकरणों और ऑपरेटिंग सिस्टम की एक विस्तृत श्रृंखला को पूरा करते हुए बहुमुखी और अनुकूलनीय बनाता है। अपनी ओपन-सोर्स प्रकृति के कारण, ओपनवीपीएन को वैश्विक समुदाय द्वारा व्यापक जांच से लाभ मिलता है, जो लगातार इसकी सुरक्षा को मजबूत करता है। प्रदर्शन, सुरक्षा और अनुकूलता के मजबूत संतुलन के साथ, ओपनवीपीएन गोपनीयता के प्रति जागरूक व्यक्तियों और व्यवसायों के लिए शीर्ष विकल्प बना हुआ है। * सभी प्लेटफार्मों पर AmneziaVPN में उपलब्ध है @@ -3701,7 +4300,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * टीसीपी और यूडीपी दोनों नेटवर्क प्रोटोकॉल पर काम कर सकता है।. - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -3716,7 +4315,6 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * टीसीपी नेटवर्क प्रोटोकॉल पर काम करता है।. - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -3726,7 +4324,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - लोकप्रिय वीपीएन प्रोटोकॉल का एक आधुनिक पुनरावृत्ति, एमनेज़ियाडब्ल्यूजी वायरगार्ड द्वारा निर्धारित नींव पर आधारित है, जो सभी उपकरणों में इसकी सरलीकृत वास्तुकला और उच्च-प्रदर्शन क्षमताओं को बरकरार रखता है। + लोकप्रिय वीपीएन प्रोटोकॉल का एक आधुनिक पुनरावृत्ति, एमनेज़ियाडब्ल्यूजी वायरगार्ड द्वारा निर्धारित नींव पर आधारित है, जो सभी उपकरणों में इसकी सरलीकृत वास्तुकला और उच्च-प्रदर्शन क्षमताओं को बरकरार रखता है। जबकि वायरगार्ड अपनी दक्षता के लिए जाना जाता है, इसके विशिष्ट पैकेट हस्ताक्षरों के कारण इसे आसानी से पहचाने जाने में समस्याएँ थीं। AmneziaWG बेहतर अस्पष्टीकरण विधियों का उपयोग करके इस समस्या को हल करता है, जिससे इसका ट्रैफ़िक नियमित इंटरनेट ट्रैफ़िक के साथ मिश्रित हो जाता है। इसका मतलब यह है कि AmneziaWG स्टील्थ की एक अतिरिक्त परत जोड़ते हुए मूल के तेज़ प्रदर्शन को बनाए रखता है, जिससे यह तेज़ और विवेकपूर्ण वीपीएन कनेक्शन चाहने वालों के लिए एक बढ़िया विकल्प बन जाता है। @@ -3737,18 +4335,17 @@ This means that AmneziaWG keeps the fast performance of the original while addin * यूडीपी नेटवर्क प्रोटोकॉल पर काम करता है।. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - रियलिटी प्रोटोकॉल, एक्सरे के रचनाकारों द्वारा एक अग्रणी विकास, विशेष रूप से चोरी के अपने नए दृष्टिकोण के माध्यम से इंटरनेट सेंसरशिप के उच्चतम स्तर का प्रतिकार करने के लिए डिज़ाइन किया गया है। + रियलिटी प्रोटोकॉल, एक्सरे के रचनाकारों द्वारा एक अग्रणी विकास, विशेष रूप से चोरी के अपने नए दृष्टिकोण के माध्यम से इंटरनेट सेंसरशिप के उच्चतम स्तर का प्रतिकार करने के लिए डिज़ाइन किया गया है। यह टीएलएस हैंडशेक चरण के दौरान सेंसर की विशिष्ट रूप से पहचान करता है, सेंसर को google.com जैसी वास्तविक वेबसाइटों की ओर मोड़ते हुए वैध ग्राहकों के लिए प्रॉक्सी के रूप में निर्बाध रूप से काम करता है, इस प्रकार एक प्रामाणिक टीएलएस प्रमाणपत्र और डेटा प्रस्तुत करता है। यह उन्नत क्षमता विशिष्ट कॉन्फ़िगरेशन की आवश्यकता के बिना यादृच्छिक, वैध साइटों से आने वाले वेब ट्रैफ़िक को छिपाने की क्षमता के कारण REALITY को समान तकनीकों से अलग करती है। VMess, VLESS और XTLS-Vision ट्रांसपोर्ट जैसे पुराने प्रोटोकॉल के विपरीत, TLS हैंडशेक पर REALITY की अभिनव "दोस्त या दुश्मन" पहचान सुरक्षा को बढ़ाती है और सक्रिय जांच तकनीकों को नियोजित करने वाले परिष्कृत DPI सिस्टम द्वारा पहचान को रोकती है। यह REALITY को कठोर सेंसरशिप वाले वातावरण में इंटरनेट की स्वतंत्रता बनाए रखने के लिए एक मजबूत समाधान बनाता है. - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3769,7 +4366,7 @@ While it offers a blend of security, stability, and speed, it's essential t * यूडीपी नेटवर्क प्रोटोकॉल, पोर्ट 500 और 4500 पर काम करता है. - + DNS Service DNS सेवाएँ @@ -3960,14 +4557,35 @@ While it offers a blend of security, stability, and speed, it's essential t + + RenameServerDrawer + + + Server name + सर्वर का नाम + + + + Save + सहेजें + + SelectLanguageDrawer - + Choose language भाषा चुनें + + ServersListView + + + Unable change server while there is an active connection + सक्रिय कनेक्शन होने पर सर्वर बदलने में असमर्थ + + Settings @@ -3985,12 +4603,12 @@ While it offers a blend of security, stability, and speed, it's essential t SettingsController - + Backup file is corrupted बैकअप फ़ाइल दूषित है - + All settings have been reset to default values सभी सेटिंग्स को डिफ़ॉल्ट मानों पर रीसेट कर दिया गया है @@ -3998,39 +4616,39 @@ While it offers a blend of security, stability, and speed, it's essential t ShareConnectionDrawer - - + + Save AmneziaVPN config AmneziaVPN कॉन्फ़िगरेशन सहेजें - + Share शेयर करना - + Copy कॉपी - - + + Copied कॉपी किया गया - + Copy config string कॉन्फिग स्ट्रिंग कॉपी करें - + Show connection settings कनेक्शन सेटिंग दिखाएं - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" एमनेज़िया ऐप में क्यूआर कोड पढ़ने के लिए, "सर्वर जोड़ें" → "मेरे पास कनेक्ट करने के लिए डेटा है" → "क्यूआर कोड, कुंजी या सेटिंग्स फ़ाइल" चुनें। @@ -4043,37 +4661,37 @@ While it offers a blend of security, stability, and speed, it's essential t होस्टनाम आईपी एड्रेस या डोमेन नाम जैसा नहीं दिखता - + New site added: %1 नई साइट जोड़ी गई: %1 - + Site removed: %1 साइट हटाई गई: %1 - + Can't open file: %1 फ़ाइल नहीं खुल सकती: %1 - + Failed to parse JSON data from file: %1 फ़ाइल से JSON डेटा पार्स करने में विफल:%1 - + The JSON data is not an array in file: %1 JSON डेटा फ़ाइल में कोई सरणी नहीं है: %1 - + Import completed आयात पूरा हुआ - + Export completed निर्यात पूरा हुआ @@ -4114,7 +4732,7 @@ While it offers a blend of security, stability, and speed, it's essential t TextFieldWithHeaderType - + The field can't be empty फ़ील्ड खाली नहीं हो सकती @@ -4122,7 +4740,7 @@ While it offers a blend of security, stability, and speed, it's essential t VpnConnection - + Mbps @@ -4173,9 +4791,8 @@ While it offers a blend of security, stability, and speed, it's essential t amnezia::ContainerProps - Low - कम + कम Medium or High @@ -4186,34 +4803,37 @@ While it offers a blend of security, stability, and speed, it's essential t चरम - - High - - - - I just want to increase the level of my privacy. - मैं बस अपनी गोपनीयता का स्तर बढ़ाना चाहता हूं. + मैं बस अपनी गोपनीयता का स्तर बढ़ाना चाहता हूं. - I want to bypass censorship. This option recommended in most cases. - मैं सेंसरशिप को दरकिनार करना चाहता हूं। अधिकांश मामलों में इस विकल्प की अनुशंसा की जाती है. + मैं सेंसरशिप को दरकिनार करना चाहता हूं। अधिकांश मामलों में इस विकल्प की अनुशंसा की जाती है. Most VPN protocols are blocked. Recommended if other options are not working. अधिकांश वीपीएन प्रोटोकॉल अवरुद्ध हैं। यदि अन्य विकल्प काम नहीं कर रहे हों तो अनुशंसित. + + + Automatic + + + + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + main2 - + Private key passphrase निजी कुंजी पासफ़्रेज़ - + Save सहेजें diff --git a/client/translations/amneziavpn_my_MM.ts b/client/translations/amneziavpn_my_MM.ts index 3e964cc9..1e81c5aa 100644 --- a/client/translations/amneziavpn_my_MM.ts +++ b/client/translations/amneziavpn_my_MM.ts @@ -1,55 +1,132 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + %1 ခုကို အောင်မြင်စွာ ထည့်သွင်းပြီးပါပြီ. + + + + API config reloaded + API config ကို ပြန်လည်စတင်လိုက်ပါပြီ + + + + Successfully changed the country of connection to %1 + ချိတ်ဆက်မှုနိုင်ငံကို %1 သို့ အောင်မြင်စွာ ပြောင်းလဲလိုက်ပါပြီ + + ApiServicesModel - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - သက်တောင့်သက်သာအလုပ်လုပ်နိုင်ဖို့အတွက်နှင့် ကြီးမားသောဖိုင်များကိုဒေါင်းလုဒ်လုပ်ခြင်းနှင့် ဗီဒီယိုများကြည့်ရှုခြင်းတို့အတွက် အသုံးပြုနိုင်သော VPN ဖြစ်ပါတယ်။ မည်သည့်ဆိုက်များအတွက်မဆိုအလုပ်လုပ်ပြီး လိုင်းအရှိန် %1 MBit/s အထိအသုံးပြုနိုင်ပါတယ်။ + သက်တောင့်သက်သာအလုပ်လုပ်နိုင်ဖို့အတွက်နှင့် ကြီးမားသောဖိုင်များကိုဒေါင်းလုဒ်လုပ်ခြင်းနှင့် ဗီဒီယိုများကြည့်ရှုခြင်းတို့အတွက် အသုံးပြုနိုင်သော VPN ဖြစ်ပါတယ်။ မည်သည့်ဆိုက်များအတွက်မဆိုအလုပ်လုပ်ပြီး လိုင်းအရှိန် %1 MBit/s အထိအသုံးပြုနိုင်ပါတယ်။ - VPN to access blocked sites in regions with high levels of Internet censorship. - အင်တာနက် ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသော ဒေသများရှိ ပိတ်ဆို့ထားသော ဆိုက်များကို ဝင်ရောက်ရန် VPN။. + အင်တာနက် ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသော ဒေသများရှိ ပိတ်ဆို့ထားသော ဆိုက်များကို ဝင်ရောက်ရန် VPN။. - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. - Amnezia Premium - သက်တောင့်သက်သာအလုပ်လုပ်နိုင်ဖို့အတွက်နှင့် ကြီးမားသောဖိုင်များကိုဒေါင်းလုဒ်လုပ်ခြင်းနှင့် ဗီဒီယိုများကိုကြည်လင်ပြတ်သားစွာကြည့်ရှုခြင်းတို့အတွက် အသုံးပြုနိုင်သော VPN ဖြစ်ပါတယ်။ အင်တာနက်ဆင်ဆာဖြတ်မှု အဆင့်အမြင့်ဆုံးနိုင်ငံများတွင်ပင် မည်သည့်ဆိုက်များအတွက်မဆို အလုပ်လုပ်ပါသည်။. + Amnezia Premium - သက်တောင့်သက်သာအလုပ်လုပ်နိုင်ဖို့အတွက်နှင့် ကြီးမားသောဖိုင်များကိုဒေါင်းလုဒ်လုပ်ခြင်းနှင့် ဗီဒီယိုများကိုကြည်လင်ပြတ်သားစွာကြည့်ရှုခြင်းတို့အတွက် အသုံးပြုနိုင်သော VPN ဖြစ်ပါတယ်။ အင်တာနက်ဆင်ဆာဖြတ်မှု အဆင့်အမြင့်ဆုံးနိုင်ငံများတွင်ပင် မည်သည့်ဆိုက်များအတွက်မဆို အလုပ်လုပ်ပါသည်။. - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship - Amnezia Free သည် အင်တာနက်ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသောနိုင်ငံများတွင် ပိတ်ဆို့ခြင်းကို ကျော်ဖြတ်ရန်အတွက် အခမဲ့ VPN တစ်ခုဖြစ်ပါသည်။ + Amnezia Free သည် အင်တာနက်ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသောနိုင်ငံများတွင် ပိတ်ဆို့ခြင်းကို ကျော်ဖြတ်ရန်အတွက် အခမဲ့ VPN တစ်ခုဖြစ်ပါသည်။ - + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. + + + + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. + + + + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s %1 MBit/s - + %1 days %1 ရက် - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> ဤ VPN သည် သင့်ဒေသရှိ Instagram၊ Facebook၊ Twitter နှင့် အခြားသော လူကြိုက်များသော ဆိုက်များကိုသာ ဖွင့်ပေးပါမည်။ အခြားဝဘ်ဆိုက်များကိုမူ သင်၏ IP လိပ်စာအစစ်အမှန်ဖြင့်သာ ဖွင့်ပေးပါမည်၊ <a href="%1/free" style="color: #FBB26A;">နောက်ထပ်အသေးစိတ်အချက်အလက်များကို ဝဘ်ဆိုဒ်ပေါ်တွင်ကြည့်ရန်</a> - + Free အခမဲ့ - + %1 $/month %1 $/တစ်လ @@ -80,7 +157,7 @@ ConnectButton - + Unable to disconnect during configuration preparation Configuration ပြင်ဆင်ခြင်းလုပ်ဆောင်နေချိန်အတွင်း ချိတ်ဆက်မှုဖြတ်တောက်၍မရပါ @@ -88,62 +165,59 @@ ConnectionController - VPN Protocols is not installed. Please install VPN container at first - VPN ပရိုတိုကောများကို မထည့်သွင်းရသေးပါ။ + VPN ပရိုတိုကောများကို မထည့်သွင်းရသေးပါ။ ကျေးဇူးပြု၍ VPN ကွန်တိန်နာကို အရင်ထည့်သွင်းပါ။ - + Connecting... ချိတ်ဆက်နေပါပြီ... - + Connected ချိတ်ဆက်ပြီးသွားပါပြီ - + Preparing... ပြင်ဆင်နေသည်... - + Settings updated successfully, reconnnection... ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ၊ ပြန်လည်ချိတ်ဆက်နေပါသည်... - + Settings updated successfully ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ - The selected protocol is not supported on the current platform - ရွေးချယ်ထားသော ပရိုတိုကောကို လက်ရှိပလက်ဖောင်းပေါ်တွင် အ‌ထောက်အပံ့မပေးထားပါ + ရွေးချယ်ထားသော ပရိုတိုကောကို လက်ရှိပလက်ဖောင်းပေါ်တွင် အ‌ထောက်အပံ့မပေးထားပါ - unable to create configuration - configuration ဖန်တီး၍မရပါ + configuration ဖန်တီး၍မရပါ - + Reconnecting... ပြန်လည်ချိတ်ဆက်နေပါသည်... - - - - + + + + Connect ချိတ်ဆက်မည် - + Disconnecting... အဆက်အသွယ်ဖြတ်နေပါသည်... @@ -151,17 +225,17 @@ ConnectionTypeSelectionDrawer - + Add new connection ချိတ်ဆက်မှုအသစ်ထည့်သွင်းမည် - + Configure your server သင်၏ဆာဗာကို စီစဉ်ချိန်ညှိမည် - + Open config file, key or QR code config ဖိုင်၊ key သို့မဟုတ် QR ကုဒ်ကို ဖွင့်မည် @@ -199,7 +273,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ပရိုတိုကောကို ပြောင်းလဲ၍မရပါ။ @@ -207,46 +281,46 @@ HomeSplitTunnelingDrawer - + Split tunneling Split tunneling - + Allows you to connect to some sites or applications through a VPN connection and bypass others VPN ချိတ်ဆက်မှုကြားခံ၍ အချို့သောဆိုက်များ သို့မဟုတ် အပလီကေးရှင်းများသို့ ချိတ်ဆက်ဖို့ရန်နှင့် အခြားအရာများကို ကျော်ဖြတ်ရန် လုပ်ဆောင်ပေးသည်။ - + Split tunneling on the server ဆာဗာပေါ်တွင် split tunneling အသုံးပြုထားပါသည်။ - + Enabled Can't be disabled for current server ဖွင့်ထားပါသည်။ လက်ရှိဆာဗာအတွက် ပိတ်၍မရပါ။ - + Site-based split tunneling ဝက်ဆိုဒ်အခြေပြု split tunneling - - + + Enabled ဖွင့်ထားပါသည်။ - - + + Disabled ပိတ်ထားပါသည်။ - + App-based split tunneling App အခြေပြု split tunneling @@ -254,112 +328,115 @@ Can't be disabled for current server ImportController - Unable to open file - ဖိုင်ကိုဖွင့်၍မရပါ + ဖိုင်ကိုဖွင့်၍မရပါ - - Invalid configuration file - Configuration ဖိုင် မမှန်ကန်ပါ + Configuration ဖိုင် မမှန်ကန်ပါ - + Scanned %1 of %2. %2 ၏ %1 ကို စကင်န်ဖတ်ထားသည်. - + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: + + + In the imported configuration, potentially dangerous lines were found: - တင်သွင်းသည့် configuration တွင်၊ အန္တရာယ်ရှိနိုင်သည့်စာလိုင်းများကို တွေ့ရှိခဲ့သည်: + တင်သွင်းသည့် configuration တွင်၊ အန္တရာယ်ရှိနိုင်သည့်စာလိုင်းများကို တွေ့ရှိခဲ့သည်: InstallController - + %1 installed successfully. %1 ကို အောင်မြင်စွာ ထည့်သွင်းပြီးပါပြီ. - + %1 is already installed on the server. %1 ကို ဆာဗာတွင် ထည့်သွင်းပြီးဖြစ်သည်. - + Added containers that were already installed on the server ဆာဗာတွင် ထည့်သွင်းပြီးသား ကွန်တိန်နာများကို ပေါင်းထည့်ပြီးပါပြီ။ - + Already installed containers were found on the server. All installed containers have been added to the application ထည့်သွင်းပြီးသား ကွန်တိန်နာများကို ဆာဗာပေါ်တွင် တွေ့ရှိခဲ့သည်။ ထည့်သွင်းထားသည့် ကွန်တိန်နာအားလုံးကို အပလီကေးရှင်းထဲသို့ ပေါင်းထည့်ပြီးပါပြီ။ - + Settings updated successfully ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ။ - + Server '%1' was rebooted ဆာဗာ '%1' ကို ပြန်လည်စတင်ခဲ့သည်။ - + Server '%1' was removed ဆာဗာ '%1' ကို ဖယ်ရှားခဲ့သည်။ - + All containers from server '%1' have been removed ဆာဗာ '%1' မှ ကွန်တိန်နာအားလုံးကို ဖယ်ရှားလိုက်ပါပြီ။ - + %1 has been removed from the server '%2' %1 ကို ဆာဗာ '%2' မှ ဖယ်ရှားလိုက်ပါပြီ - + Api config removed Api config ကိုဖယ်ရှားလိုက်သည် - + %1 cached profile cleared ကက်ရှ်လုပ်ထားတဲ့ ပရိုဖိုင် %1 ခုကို ရှင်းပြီးပါပြီ - + Please login as the user အသုံးပြုသူအဖြစ် log in ဝင်ရောက်ပါ - + Server added successfully ဆာဗာကို အောင်မြင်စွာ ထည့်သွင်းပြီးပါပြီ - %1 installed successfully. - %1 ခုကို အောင်မြင်စွာ ထည့်သွင်းပြီးပါပြီ. + %1 ခုကို အောင်မြင်စွာ ထည့်သွင်းပြီးပါပြီ. - API config reloaded - API config ကို ပြန်လည်စတင်လိုက်ပါပြီ + API config ကို ပြန်လည်စတင်လိုက်ပါပြီ - Successfully changed the country of connection to %1 - ချိတ်ဆက်မှုနိုင်ငံကို %1 သို့ အောင်မြင်စွာ ပြောင်းလဲလိုက်ပါပြီ + ချိတ်ဆက်မှုနိုင်ငံကို %1 သို့ အောင်မြင်စွာ ပြောင်းလဲလိုက်ပါပြီ @@ -370,12 +447,12 @@ Already installed containers were found on the server. All installed containers အပလီကေးရှင်းရွေးမည် - + application name အပလီကေးရှင်းအမည် - + Add selected ရွေးချယ်ထားသည်များကိုထည့်မည် @@ -443,12 +520,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint Gateway အဆုံးမှတ် - + Dev gateway environment @@ -456,85 +533,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled Logging ဖွင့်ထားပါသည် - + Split tunneling enabled split tunnelling ဖွင့်ထားပါသည် - + Split tunneling disabled split tunnelling ပိတ်ထားပါသည် - + VPN protocol VPN ပရိုတိုကော - + Servers ဆာဗာများ - Unable change server while there is an active connection - လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆာဗာကို ပြောင်းလဲ၍မရပါ + လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆာဗာကို ပြောင်းလဲ၍မရပါ PageProtocolAwgClientSettings - + AmneziaWG settings AmneziaWG ဆက်တင်များ - + MTU MTU - + Server settings - + Port Port - + Save သိမ်းဆည်းမည် - + Save settings? ဆက်တင်များကို သိမ်းဆည်းမည်လား? - + Only the settings for this device will be changed - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -542,12 +618,12 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings AmneziaWG ဆက်တင်များ - + Port Port @@ -556,87 +632,92 @@ Already installed containers were found on the server. All installed containers MTU - + All users with whom you shared a connection with will no longer be able to connect to it. သင်နှင့်အတူချိတ်ဆက်မှုတစ်ခုကို မျှဝေထားသည့် အသုံးပြုသူအားလုံး ချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Save သိမ်းဆည်းမည် - + + VPN address subnet + VPN လိပ်စာ ကွန်ရက်ခွဲ + + + Jc - Junk packet count Jc - Junk packet အရေအတွက် - + Jmin - Junk packet minimum size Jmin - Junk packet အသေးငယ်ဆုံးလက်ခံနိုင်မှုအရွယ်အစား - + Jmax - Junk packet maximum size Jmax - Junk packet အကြီးဆုံးလက်ခံနိုင်မှုအရွယ်အစား - + S1 - Init packet junk size S1 - Init packet junk အရွယ်အစား - + S2 - Response packet junk size S2 - Response packet junk အရွယ်အစား - + H1 - Init packet magic header H1 - Init packet magic header - + H2 - Response packet magic header H2 - Response packet magic header - + H4 - Transport packet magic header H4 - Transport packet magic header - + H3 - Underload packet magic header H3 - Underload packet magic header - + The values of the H1-H4 fields must be unique H1-H4 အကွက်များ၏ တန်ဖိုးများသည် အခြားတန်ဖိုးများနှင့်မတူ တမူထူးခြားနေရပါမည် - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) အကွက် S1 + မက်ဆေ့ချ် စတင်ခြင်း အရွယ်အစား (148) ၏ တန်ဖိုးသည် S2 + မက်ဆေ့ချ် တုံ့ပြန်မှု အရွယ်အစား (92) နှင့် မညီမျှရပါ - + Save settings? ဆက်တင်များကို သိမ်းဆည်းမည်လား? - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -644,33 +725,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings ဖုံးကွယ်အသွင်ယူမှု ဆက်တင်များ - + Disguised as traffic from traffic အဖြစ် အသွင်ယူထားသည် - + Port Port - - + + Cipher စာဝှက် - + Save သိမ်းဆည်းမည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -678,175 +759,175 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings OpenVPN ဆက်တင်များ - + VPN address subnet VPN လိပ်စာ ကွန်ရက်ခွဲ - + Network protocol ကွန်ယက် ပရိုတိုကော - + Port Port - + Auto-negotiate encryption အလိုအလျောက် ညှိနှိုင်း ကုဒ်ဝှက်ခြင်း - - + + Hash Hash - + SHA512 SHA512 - + SHA384 SHA384 - + SHA256 SHA256 - + SHA3-512 SHA3-512 - + SHA3-384 SHA3-384 - + SHA3-256 SHA3-256 - + whirlpool whirlpool - + BLAKE2b512 BLAKE2b512 - + BLAKE2s256 BLAKE2s256 - + SHA1 SHA1 - - + + Cipher စာဝှက် - + AES-256-GCM AES-256-GCM - + AES-192-GCM AES-192-GCM - + AES-128-GCM AES-128-GCM - + AES-256-CBC AES-256-CBC - + AES-192-CBC AES-192-CBC - + AES-128-CBC AES-128-CBC - + ChaCha20-Poly1305 ChaCha20-Poly1305 - + ARIA-256-CBC ARIA-256-CBC - + CAMELLIA-256-CBC CAMELLIA-256-CBC - + none none - + TLS auth TLS auth - + Block DNS requests outside of VPN VPN ပြင်ပရှိ DNS တောင်းဆိုမှုများကို ပိတ်ပင်မည်။ - + Additional client configuration commands ထပ်တိုး client ဖွဲ့စည်းမှုဆိုင်ရာ ညွှန်ကြားချက်များ - - + + Commands: အမိန့်ပေးခိုင်းစေချက်များ: - + Additional server configuration commands ထပ်တိုး ဆာဗာ ဖွဲ့စည်းမှုဆိုင်ရာ ညွှန်ကြားချက်များ - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ - + Save သိမ်းဆည်းမည် @@ -854,42 +935,42 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings ဆက်တင်များ - + Show connection options ချိတ်ဆက်မှုရွေးချယ်စရာများကို ပြပါ။ - + Connection options %1 ချိတ်ဆက်မှုရွေးချယ်စရာများ %1 - + Remove ဖယ်ရှားမည် - + Remove %1 from server? %1 ကို ဆာဗာမှ ဖယ်ရှားမည်လား? - + All users with whom you shared a connection with will no longer be able to connect to it. သင်နှင့်အတူချိတ်ဆက်မှုတစ်ခုကို မျှဝေထားသည့် အသုံးပြုသူအားလုံး ချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် @@ -897,28 +978,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings Shadowsocks ဆက်တင်များ - + Port Port - - + + Cipher စာဝှက် - + Save သိမ်းဆည်းမည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -926,52 +1007,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings WG ဆက်တင်များ - + MTU MTU - + Server settings - + Port Port - + Save သိမ်းဆည်းမည် - + Save settings? ဆက်တင်များကို သိမ်းဆည်းမည်လား? - + Only the settings for this device will be changed - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -979,32 +1060,37 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings WG ဆက်တင်များ - + + VPN address subnet + VPN လိပ်စာ ကွန်ရက်ခွဲ + + + Port Port - + Save settings? ဆက်တင်များကို သိမ်းဆည်းမည်လား? - + All users with whom you shared a connection with will no longer be able to connect to it. သင်နှင့်အတူချိတ်ဆက်မှုတစ်ခုကို မျှဝေထားသည့် အသုံးပြုသူအားလုံး ချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် @@ -1013,12 +1099,12 @@ Already installed containers were found on the server. All installed containers MTU - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ - + Save သိမ်းဆည်းမည် @@ -1026,22 +1112,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings XRay ဆက်တင်များ - + Disguised as traffic from traffic အဖြစ် အသွင်ယူထားသည် - + Save သိမ်းဆည်းမည် - + Unable change settings while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆက်တင်များကို ပြောင်းလဲ၍မရပါ @@ -1049,39 +1135,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. DNS ဝန်ဆောင်မှုကို သင့်ဆာဗာတွင် ထည့်သွင်းထားပြီးဖြစ်ပြီး ၎င်းကို VPN မှတစ်ဆင့်သာ အသုံးပြုနိုင်သည်. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. DNS လိပ်စာသည် သင့်ဆာဗာလိပ်စာနှင့် အတူတူပင်ဖြစ်ပါသည်။ ချိတ်ဆက်မှုတက်ဘ်အောက်ရှိ ဆက်တင်များတွင် DNS ကို ပြင်ဆင်ချိန်ညှိနိုင်ပါသည်. - + Remove ဖယ်ရှားမည် - + Remove %1 from server? %1 ကို ဆာဗာမှ ဖယ်ရှားမည်လား? - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Cannot remove AmneziaDNS from running server AmneziaDNS ကို လည်ပတ်နေသည့်ဆာဗာမှ ဖယ်ရှား၍မရပါ @@ -1089,67 +1175,67 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ။ - + SFTP settings SFTP ဆက်တင်များ - + Host Host - - - - + + + + Copied ကူးယူပြီးပါပြီ - + Port Port - + User name အသုံးပြုသူနာမည် - + Password စကားဝှက် - + Mount folder on device ဖိုင်တွဲကို စက်တွင် တပ်ဆင်မည်။ - + In order to mount remote SFTP folder as local drive, perform following steps: <br> အဝေးမှ SFTP ဖိုင်တွဲကို စက်တွင်း drive အဖြစ် တပ်ဆင်ရန်အတွက် အောက်ပါအဆင့်များကို လုပ်ဆောင်ပါ: <br> - - + + <br>1. Install the latest version of <br>၁။ နောက်ဆုံးထွက်ဗားရှင်းကို ထည့်သွင်းမည် - - + + <br>2. Install the latest version of <br>၂။ နောက်ဆုံးထွက်ဗားရှင်းကို ထည့်သွင်းမည် - + Detailed instructions အသေးစိတ်ညွှန်ကြားချက်များ @@ -1157,69 +1243,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ - - + + SOCKS5 settings SOCKS5 ဆက်တင်များ - + Host Host - - - - + + + + Copied ကူးယူပြီးပါပြီ - - + + Port Port - + User name အသုံးပြုသူနာမည် - - + + Password စကားဝှက် - + Username အသုံးပြုသူနာမည် - - + + Change connection settings ချက်ဆက်မှုဆက်တင်များကို ပြောင်းလဲမည် - + The port must be in the range of 1 to 65535 Port သည် 1 မှ 65535 အတွင်း ဖြစ်ရမည် - + Password cannot be empty စကားဝှက် သည် ဗလာမဖြစ်ရပါ - + Username cannot be empty အသုံးပြုသူနာမည် သည် ဗလာမဖြစ်ရပါ @@ -1227,37 +1313,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully ဆက်တင်များကို အောင်မြင်စွာ အပ်ဒိတ်လုပ်ပြီးပါပြီ။ - + Tor website settings Tor ဝဘ်ဆိုက်ဆက်တင်များ - + Website address ဝဘ်ဆိုဒ်လိပ်စာ - + Copied ကူးယူပြီးပါပြီ - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. ဤ URL ကိုဖွင့်ရန် <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> ကို အသုံးပြုပါ. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. သင်၏ onion ဆိုက်ကို ဖန်တီးပြီးနောက်၊ Tor ကွန်ရက်က ၄င်းကိုအသုံးပြုနိုင်အောင်ပြုလုပ်‌ပေးရန် မိနစ်အနည်းငယ်အချိန်ယူသည်. - + When configuring WordPress set the this onion address as domain. WordPress ကို ချိန်ညှိသည့်အခါ ဤ onion လိပ်စာကို domain အဖြစ် သတ်မှတ်ပါ. @@ -1265,42 +1351,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings ဆက်တင်များ - + Servers ဆာဗာများ - + Connection ချိတ်ဆက်မှု - + Application အပလီကေးရှင်း - + Backup backup ယူမည် - + About AmneziaVPN AmneziaVPN အကြောင်း - + Dev console ဒက်ဗယ်လော်ပါ console - + Close application အပလီကေးရှင်းကို ပိတ်မည် @@ -1308,32 +1394,32 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia Amnezia ကိုကူညီပံ့ပိုးမည် - + Amnezia is a free and open-source application. You can support the developers if you like it. Amnezia သည် အခမဲ့ open-source application တစ်ခုဖြစ်သည်။ သင်နှစ်သက်ပါက developer များကို ပံ့ပိုးနိုင်ပါသည်. - + Contacts ဆက်သွယ်ရန်လိပ်စာများ - + Telegram group Telegram ဂရု - + To discuss features feature များကိုဆွေးနွေးရန် - + https://t.me/amnezia_vpn_en https://t.me/amnezia_vpn @@ -1342,135 +1428,530 @@ Already installed containers were found on the server. All installed containers မေးလ် - + support@amnezia.org - + For reviews and bug reports သုံးသပ်ချက်များနှင့် ချွတ်ယွင်းချက်အစီရင်ခံစာများအတွက် - Copied - ကူးယူပြီးပါပြီ + ကူးယူပြီးပါပြီ - + + mailto:support@amnezia.org + + + + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website ဝဘ်ဆိုက် - + + Visit official website + + + + Software version: %1 ဆော့ဖ်ဝဲဗားရှင်း: %1 - + Check for updates အပ်ဒိတ်များရှိမရှိ စစ်ဆေးမည် - + Privacy Policy ကိုယ်ရေးအချက်အလက်မူဝါဒ + + PageSettingsApiAvailableCountries + + + Location for connection + + + + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices + + + + + Manage currently connected devices + + + + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. + + + + + (current device) + + + + + Support tag: + + + + + Last updated: + + + + + Cannot unlink device during active connection + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Continue + ဆက်လက်လုပ်ဆောင်မည် + + + + Cancel + ပယ်ဖျက်မည် + + + + PageSettingsApiInstructions + + + Windows + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows + + + + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + AmneziaWG config ကိုသိမ်းဆည်းမည် + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + ဆက်လက်လုပ်ဆောင်မည် + + + + Cancel + ပယ်ဖျက်မည် + + PageSettingsApiServerInfo - For the region - ဒေသအတွက် + ဒေသအတွက် - Price - စျေးနှုန်း + စျေးနှုန်း - Work period - အလုပ်လုပ်မည့်ကာလ + အလုပ်လုပ်မည့်ကာလ - Speed - မြန်နှုန်း + မြန်နှုန်း - Support tag - ကူညီပံ့ပိုးမှု tag + ကူညီပံ့ပိုးမှု tag - Copied - ကူးယူပြီးပါပြီ + ကူးယူပြီးပါပြီ - + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + + + + + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + Reload API config API config ကို ပြန်လည်စတင်မည် - + Reload API config? API config ကို ပြန်လည်စတင်မည်လား? - - + + + Continue ဆက်လက်လုပ်ဆောင်မည် - - + + + Cancel ပယ်ဖျက်မည် - + Cannot reload API config during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း API config ကို ပြန်လည်စတင်၍မရပါ - + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + Remove from application အပလီကေးရှင်းမှဖယ်ရှားမည် - + Remove from application? အပလီကေးရှင်းမှဖယ်ရှားမည်လား? - + Cannot remove server during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း ဆာဗာကို ဖယ်ရှား၍မရပါ + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + ဝဘ်ဆိုက် + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + ကူညီပံ့ပိုးမှု tag + + + + Copied + ကူးယူပြီးပါပြီ + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် split tunneling ဆက်တင်များကို ပြောင်းလဲ၍မရပါ - + Only the apps from the list should have access via VPN စာရင်းတွင်းပါဝင်သောအက်ပ်များသာလျှင် VPN မှတစ်ဆင့် ဝင်ရောက်ခွင့်ရှိလိမ့်မည်ဖြစ်သည် @@ -1480,42 +1961,42 @@ Already installed containers were found on the server. All installed containers စာရင်းတွင်းပါဝင်သောအက်ပ်များကို VPN မှတစ်ဆင့် ဝင်ရောက်ခွင့်ရရှိလိမ့်မည်မဟုတ်ပေ - + App split tunneling App split tunneling - + Mode Mode - + Remove ဖယ်ရှားမည် - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + application name အပလီကေးရှင်းအမည် - + Open executable file စီမံလုပ်ဆောင်နိုင်မှုဖိုင်ကိုဖွင့်မည် - + Executable files (*.*) စီမံလုပ်ဆောင်နိုင်မှုဖိုင်များ (*.*) @@ -1523,102 +2004,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application အပလီကေးရှင်း - + Allow application screenshots အပလီကေးရှင်းကို screenshot ရိုက်ရန်ခွင့်ပြုမည် - + Enable notifications နိုတီများဖွင့်မည် - + Enable notifications to show the VPN state in the status bar စတေးတပ်ဘားတွင် VPN အခြေအနေကိုပြသရန် နိုတီများကို ဖွင့်မည် - + Auto start အလိုအ‌လျှောက်စတင်မည် - + Launch the application every time the device is starts စက်စတင်ချိန်တိုင်း အပလီကေးရှင်းကို စတင်မည် - + Auto connect အလိုအ‌လျှောက်ချိတ်ဆက်မည် - + Connect to VPN on app start အက်ပ်စတင်ချိန်တွင် VPN သို့ ချိတ်ဆက်မည် - + Start minimized အက်ပ်စတင်သည့်အခါ minimized ထားပြီးစတင်မည် - + Launch application minimized အက်ပ်ဖွင့်သည့်အခါ minimized ထားပြီးဖွင့်မည် - + Language ဘာသာစကား - + Logging Logging - + Enabled ဖွင့်ထားပါသည် - + Disabled ပိတ်ထားပါသည် - + Reset settings and remove all data from the application ဆက်တင်များနဂိုတိုင်းထားပြီး အပလီကေးရှင်းမှဒေတာအားလုံးဖယ်ရှားမည် - + Reset settings and remove all data from the application? ဆက်တင်များကို ပြန်လည်သတ်မှတ်ပြီး အပလီကေးရှင်းမှ ဒေတာအားလုံးကို ဖယ်ရှားမည်လား? - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. ဆက်တင်အားလုံးကို မူရင်းအတိုင်း ပြန်လည်သတ်မှတ်ပါမည်။ ထည့်သွင်းထားသော AmneziaVPN ဝန်ဆောင်မှုများအားလုံးသည် ဆာဗာပေါ်တွင် ဆက်လက်ရှိနေမည်ဖြစ်သည်။. - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Cannot reset settings during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း ဆက်တင်များကို မူရင်းအတိုင်း ပြန်လည်သတ်မှတ်၍မရပါ @@ -1626,78 +2107,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - + Settings restored from backup file ဆက်တင်များကို အရန်ဖိုင်မှ ပြန်လည်ရယူပြီးပါပြီ - + Back up your configuration သင်၏ဖွဲ့စည်းပုံကို အရန်သိမ်းပါ။ - + You can save your settings to a backup file to restore them the next time you install the application. သင်၏ဆက်တင်များကို အရန်ဖိုင်တွင် သိမ်းဆည်းထားခြင်းဖြင့် အပလီကေးရှင်းကို နောက်တစ်ကြိမ်ထည့်သွင်းသည့်အခါ ၎င်းဆက်တင်များကို ပြန်လည်ရယူနိုင်သည်. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. အရံဖိုင်တွင် AmneziaVPN သို့ ထည့်ထားသော ဆာဗာအားလုံးအတွက် သင့်စကားဝှက်များနှင့် လျှို့ဝှက်သော့များ ပါဝင်ပါမည်။ ဤအချက်အလက်ကို လုံခြုံသောနေရာတွင် ထားပါ။. - + Make a backup အရံဖိုင်တစ်ခု ပြုလုပ်မည် - + Save backup file အရံဖိုင်ကို သိမ်းဆည်းမည် - - + + Backup files (*.backup) အရံဖိုင်များ (*.backup) - + Backup file saved အရံဖိုင်ကိုသိမ်းဆည်းပြီးပါပြီ - + Restore from backup အရံဖိုင်မှ ပြန်လည်ရယူမည် - + Open backup file အရံဖိုင်ကို ဖွင့်မည် - + Import settings from a backup file? ဆက်တင်များကို အရံဖိုင်တစ်ခုမှ ပြန်လည်တင်သွင်းမည်လား? - + All current settings will be reset လက်ရှိဆက်တင်များအားလုံးကို ပြန်လည်သတ်မှတ်ပါမည် - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Cannot restore backup settings during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း အရံဆက်တင်များကို ပြန်လည်ရယူ၍မရပါ @@ -1705,62 +2186,66 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection ချိတ်ဆက်မှု - + Use AmneziaDNS AmneziaDNS ကို အသုံးပြုမည် - + If AmneziaDNS is installed on the server အကယ်၍ AmneziaDNS ကို ဆာဗာတွင် ထည့်သွင်းထားလျှင် - + DNS servers DNS ဆာဗာများ - + When AmneziaDNS is not used or installed AmneziaDNS ကို အသုံးမပြု သို့မဟုတ် ထည့်သွင်းခြင်းမပြုသည့်အခါ - + Allows you to use the VPN only for certain Apps အချို့သောအက်ပ်များအတွက်သာ VPN ကို အသုံးပြုခွင့်ပေးသည် - + KillSwitch KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. အကြောင်းတစ်ခုခုကြောင့် VPN ချိတ်ဆက်မှု ပျက်သွားပါက သင့်အင်တာနက်ကို ချက်ချင်းရပ်ဆိုင်းပေးသည်. - - Cannot change killSwitch settings during active connection - လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် killSwitch ဆက်တင်များကို ပြောင်းလဲ၍မရပါ + + Cannot change KillSwitch settings during active connection + - + Cannot change killSwitch settings during active connection + လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် killSwitch ဆက်တင်များကို ပြောင်းလဲ၍မရပါ + + + Site-based split tunneling ဝက်ဆိုဒ်အခြေပြု split tunneling - + Allows you to select which sites you want to access through the VPN VPN မှတဆင့် သင်ဝင်ရောက်လိုသည့်ဆိုဒ်များကို ရွေးချယ်စေနိုင်သည် - + App-based split tunneling App အခြေပြု split tunneling @@ -1768,62 +2253,62 @@ Already installed containers were found on the server. All installed containers PageSettingsDns - + Default server does not support custom DNS မူရင်းဆာဗာသည် စိတ်ကြိုက်ထားနိုင်သည့် DNS ကို အထောက်အပံ့မပေးပါ - + DNS servers DNS ဆာဗာများ - + If AmneziaDNS is not used or installed AmneziaDNS ကို အသုံးမပြု သို့မဟုတ် ထည့်သွင်းခြင်းမပြုသည့်အခါ - + Primary DNS Primary DNS - + Secondary DNS Secondary DNS - + Restore default မူရင်းအတိုင်းပြန်လည်ထားရှိမည် - + Restore default DNS settings? မူရင်း DNS ဆက်တင်များကို ပြန်လည်ရယူလိုပါသလား? - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Settings have been reset ဆက်တင်များကို ပြန်လည်သတ်မှတ်ပြီးပါပြီ - + Save သိမ်းဆည်းမည် - + Settings saved ဆက်တင်များကို သိမ်းဆည်းပြီးပြီ @@ -1835,12 +2320,12 @@ Already installed containers were found on the server. All installed containers Logging ကို ဖွင့်ထားသည်။ မှတ်တမ်းများကို ၁၄ ရက်အကြာတွင် အလိုအလျောက်ပိတ်ထားမည်ဖြစ်ပြီး မှတ်တမ်းဖိုင်များအားလုံး ပျက်သွားမည်ဖြစ်ကြောင်း သတိပြုပါ။. - + Logging Logging - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. ဤလုပ်ဆောင်ချက်ကို ဖွင့်ခြင်းဖြင့် အပလီကေးရှင်း၏ မှတ်တမ်းများကို အလိုအလျောက် သိမ်းဆည်းပေးမည် ဖြစ်သည်။ ပုံမှန်အတိုင်းဆိုလျှင် Logging လုပ်ဆောင်ချက်ကို ပိတ်ထားမည်ဖြစ်သည်။ အပလီကေးရှင်းချို့ယွင်းချက်ရှိခဲ့ပါသော် မှတ်တမ်းကိုပြန်လည်ကြည့်ရှုနိုင်ရန် မှတ်တမ်းသိမ်းဆည်းမှုကို ဖွင့်ထားလိုက်ပါ။. @@ -1853,21 +2338,21 @@ Already installed containers were found on the server. All installed containers မှတ်တမ်းများရှိသောဖိုင်တွဲကိုဖွင့်မည် - - + + Save သိမ်းဆည်းမည် - - + + Logs files (*.log) မှတ်တမ်းဖိုင်များ (*.log) မှတ်တမ်းဖိုင်များ (*.log) - - + + Logs file saved မှတ်တမ်းဖိုင်များသိမ်းဆည်းပြီးပါပြီ @@ -1876,64 +2361,62 @@ Already installed containers were found on the server. All installed containers မှတ်တမ်းများကို ဖိုင်တွင်သိမ်းဆည်းမည် - + Enable logs - + Clear logs? မှတ်တမ်းများရှင်းလင်းမည်လား? - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Logs have been cleaned up မှတ်တမ်းများကို ရှင်းလင်းပြီးပါပြီ - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs မှတ်တမ်းများရှင်းလင်းမည် @@ -1956,103 +2439,103 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue ဆက်လက်လုပ်ဆောင်မည် - - - - + + + + Cancel ပယ်ဖျက်မည် - + Check the server for previously installed Amnezia services ယခင်က ထည့်သွင်းထားသော Amnezia ဝန်ဆောင်မှုများရှိမရှိ ဆာဗာကို စစ်ဆေးမည် - + Add them to the application if they were not displayed ဖော်ဆောင်ပြသခြင်းမရှိပါက ၎င်းတို့ကို အပလီကေးရှင်းထဲသို့ ထည့်မည် - + Reboot server ဆာဗာကို ပြန်လည်စတင်မည် - + Do you want to reboot the server? ဆာဗာကို ပြန်လည်စတင်ချင်ပါသလား? - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? ပြန်လည်စတင်သည့် လုပ်ငန်းစဉ်သည် စက္ကန့် 30 ခန့် ကြာနိုင်သည်. ဆက်လက်လုပ်ဆောင်လိုပါသလား? - + Cannot reboot server during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း ဆာဗာကို ပြန်လည်စတင်၍မရပါ - + Do you want to remove the server from application? ဆာဗာကို အပလီကေးရှင်းမှဖယ်ရှားချင်ပါသလား? - + Cannot remove server during active connection ချိတ်ဆက်မှုရှိနေချိန်အတွင်း ဆာဗာကို ဖယ်ရှား၍မရပါ - + Do you want to clear server from Amnezia software? ဆာဗာကို Amnezia ဆော့ဖ်ဝဲလ်မှ ရှင်းလင်းလိုပါသလား? - + All users whom you shared a connection with will no longer be able to connect to it. သင်၏ချိတ်ဆက်မှကို မျှဝေထားသည့် အသုံးပြုသူအားလုံး ချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Cannot clear server from Amnezia software during active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆာဗာကို Amnezia ဆော့ဖ်ဝဲလ်မှ ရှင်းလင်း၍မရပါ - + Reset API config API config ကို ပြန်လည်သတ်မှတ်မည် - + Do you want to reset API config? API config ကို ပြန်လည်သတ်မှတ်ချင်ပါသလား? - + Cannot reset API config during active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် API config ကို ပြန်လည်သတ်မှတ်၍မရပါ - + Remove server from application ဆာဗာကို အပလီကေးရှင်းမှဖယ်ရှားမည် - + All installed AmneziaVPN services will still remain on the server. ထည့်သွင်းထားသော AmneziaVPN ဝန်ဆောင်မှုများအားလုံးသည် ဆာဗာပေါ်တွင် ဆက်လက်ရှိနေမည်ဖြစ်သည်. - + Clear server from Amnezia software ဆာဗာကို Amnezia ဆော့ဖ်ဝဲလ်မှ ရှင်းလင်းမည် @@ -2060,27 +2543,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - ဆာဗာအမည် + ဆာဗာအမည် - Save - သိမ်းဆည်းမည် + သိမ်းဆည်းမည် - + Protocols ပရိုတိုကောများ - + Services ဝန်ဆောင်မှုများ - + Management စီမံခန့်ခွဲမှု @@ -2088,7 +2569,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings ဆက်တင်များ @@ -2097,7 +2578,7 @@ Already installed containers were found on the server. All installed containers %1 ပရိုဖိုင်ကို ရှင်းလင်းမည် - + Clear %1 profile? %1 ပရိုဖိုင်ကို ရှင်းလင်းမည်လား? @@ -2107,64 +2588,64 @@ Already installed containers were found on the server. All installed containers - + Unable to clear %1 profile while there is an active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် %1 ပရိုဖိုင်ကို ရှင်းလင်း၍မရပါ - + Remove ဖယ်ရှားမည် - + Remove %1 from server? %1 ကို ဆာဗာမှ ဖယ်ရှားမည်လား? - + All users with whom you shared a connection will no longer be able to connect to it. သင်နှင့်အတူချိတ်ဆက်မှုတစ်ခုကို မျှဝေထားသည့် အသုံးပြုသူအားလုံး ဤချိတ်ဆက်မှုကိုချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Cannot remove active container Active container ကိုဖယ်ရှား၍မရပါ - - + + Continue ဆက်လက်လုပ်ဆောင်မည် - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - - + + Cancel ပယ်ဖျက်မည် @@ -2172,7 +2653,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers ဆာဗာများ @@ -2180,100 +2661,100 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function မူရင်းဆာဗာသည် split tunneling လုပ်ဆောင်ချက်ကို အထောက်အပံ့မပေးပါ - + Addresses from the list should not be accessed via VPN စာရင်းတွင်ဖော်ပြထားသောလိပ်စာများကို VPN ဖြင့် ဝင်ရောက်ခြင်းပြုနိုင်လိမ့်မည် မဟုတ်ပေ - + Split tunneling Split tunneling - + Mode Mode - + Remove ဖယ်ရှားမည် - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Import / Export Sites ဆိုက်များ သွင်း/ထုတ်မည် - + Only the sites listed here will be accessed through the VPN ဤနေရာတွင်ဖော်ပြထားသောဆိုက်များကိုသာ VPN မှတဆင့်ဝင်ရောက်ပါမည် - + Cannot change split tunneling settings during active connection လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် split tunneling ဆက်တင်များကို ပြောင်းလဲ၍မရပါ - + website or IP ဝဘ်ဆိုက် သို့မဟုတ် IP - + Import တင်သွင်းမည် - + Save site list ဆိုက်စာရင်းကို သိမ်းဆည်းမည် - + Save sites ဆိုက်များသိမ်းဆည်းမည် - - - + + + Sites files (*.json) ဆိုက်ဖိုင်များ (*.json) - + Import a list of sites ဆိုက်စာရင်းတစ်ခု တင်သွင်းမည် - + Replace site list ဆိုက်စာရင်းကို အစားထိုးမည် - - + + Open sites file ဆိုက်ဖိုင်များ ဖွင့်မည် - + Add imported sites to existing ones တင်သွင်းထားသော ဆိုက်များကို ရှိပြီးသားဆိုက်များထဲသို့ ထည့်မည် @@ -2281,32 +2762,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region ဒေသအတွက် - + Price စျေးနှုန်း - + Work period အလုပ်လုပ်မည့်ကာလ - + Speed မြန်နှုန်း - + Features Feature များ - + Connect ချိတ်ဆက်မည် @@ -2314,12 +2795,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia Amnezia မှ VPN - + Choose a VPN service that suits your needs. သင့်လိုအပ်ချက်များနှင့် ကိုက်ညီသော VPN ဝန်ဆောင်မှုကို ရွေးချယ်ပါ. @@ -2327,12 +2808,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardConfigSource - + File with connection settings ချိတ်ဆက်မှုဆက်တင်များပါဝင်သောဖိုင် - + Connection ချိတ်ဆက်မှု @@ -2342,82 +2823,102 @@ Already installed containers were found on the server. All installed containers ဆက်တင်များ - + Enable logs - + + Support tag + ကူညီပံ့ပိုးမှု tag + + + + Copied + ကူးယူပြီးပါပြီ + + + Insert the key, add a configuration file or scan the QR-code Key ကိုထည့်မည်၊ ဖွဲ့စည်းမှုဖိုင်တစ်ခုကိုထည့်မည် သို့မဟုတ် QR-ကုဒ်ကို စကင်န်ဖတ်မည် - + Insert key Key ကိုထည့်သွင်းမည် - + Insert ထည့်သွင်းမည် - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Other connection options အခြားချိတ်ဆက်မှုရွေးချယ်စရာများ - + + Site Amnezia + + + + VPN by Amnezia Amnezia မှ VPN - + Connect to classic paid and free VPN services from Amnezia Amnezia မှ အခပေးနှင့် အခမဲ့ မူလ VPN ဝန်ဆောင်မှုများသို့ ချိတ်ဆက်မည် - + Self-hosted VPN ကိုယ်တိုင် host လုပ်ထားသော VPN - + Configure Amnezia VPN on your own server Amnezia VPN ကို သင်၏ကိုယ်ပိုင်ဆာဗာပေါ်တွင် စီစဥ်ချိန်ညှိမည် - + Restore from backup အရံဖိုင်မှ ပြန်လည်ရယူမည် - + + + + + + Open backup file အရံဖိုင်ကို ဖွင့်မည် - + Backup files (*.backup) အရံဖိုင်များ (*.backup) - + Open config file config ဖိုင်ကိုဖွင့်မည် - + QR code QR-ကုဒ် - + I have nothing ကျွန်ုပ်တွင်ဘာမှမရှိပါ @@ -2425,67 +2926,67 @@ Already installed containers were found on the server. All installed containers PageSetupWizardCredentials - + Server IP address [:port] ဆာဗာ IP လိပ်စာ [:port] - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Enter the address in the format 255.255.255.255:88 လိပ်စာကို 255.255.255.255:88 ဖော်မတ်ဖြင့် ထည့်ပါ - + Configure your server သင်၏ဆာဗာကို စီစဉ်ချိန်ညှိမည် - + 255.255.255.255:22 255.255.255.255:22 - + SSH Username SSH အသုံးပြုသူအမည် - + Password or SSH private key စကားဝှက် သိုမဟုတ် SSH private key - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties သင်ထည့်သွင်းသည့်ဒေတာအားလုံးကို တင်းကြပ်လုံခြုံစွာလျှို့ဝှက်ထားမည်ဖြစ်ပြီး Amnezia သို့မဟုတ် မည်သည့်ပြင်ပအဖွဲ့အစည်းကိုမျှ မျှဝေမည် သို့မဟုတ် ထုတ်ဖော်မည်မဟုတ်ပါ - + How to run your VPN server သင်၏ဆာဗာကို လည်ပတ်ပုံလည်ပတ်နည်း - + Where to get connection data, step-by-step instructions for buying a VPS ချိတ်ဆက်မှုဒေတာကို ဘယ်မှာရနိုင်မလဲ၊ VPS ဝယ်ယူပုံဝယ်ယူနည်းအတွက် အဆင့်ဆင့် ညွှန်ကြားချက်များ - + Ip address cannot be empty IP လိပ်စာသည် ဗလာမဖြစ်ရပါ - + Login cannot be empty လော့ဂ်အင်အချက်အလက်သည် ဗလာမဖြစ်ရပါ - + Password/private key cannot be empty စကားဝှက်/private key သည် ဗလာမဖြစ်ရပါ @@ -2493,22 +2994,31 @@ Already installed containers were found on the server. All installed containers PageSetupWizardEasy - What is the level of internet control in your region? - သင့်ဒေသရှိ အင်တာနက်ထိန်းချုပ်မှုအဆင့်က ဘယ်လောက်ရှိပါသလဲ? + သင့်ဒေသရှိ အင်တာနက်ထိန်းချုပ်မှုအဆင့်က ဘယ်လောက်ရှိပါသလဲ? - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol VPN ပရိုတိုကောကို ရွေးပါ - + Skip setup စနစ်ထည့်သွင်းမှုကို ကျော်မည် - + Continue ဆက်လက်လုပ်ဆောင်မည် @@ -2555,37 +3065,37 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocolSettings - + Installing %1 %1 ကိုထည့်သွင်းနေသည် - + More detailed ပိုမိုအသေးစိတ် - + Close ပိတ်မည် - + Network protocol ကွန်ရက်ပရိုတိုကော - + Port Port - + Install ထည်သွင်းမည် - + The port must be in the range of 1 to 65535 Port သည် 1 မှ 65535 အတွင်း ဖြစ်ရမည် @@ -2593,12 +3103,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocols - + VPN protocol VPN ပရိုတိုကော - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. သင့်အတွက် ဦးစားပေးအဖြစ်ဆုံးကို ရွေးချယ်ပါ။ နောက်ပိုင်းတွင် DNS proxy နှင့် SFTP ကဲ့သို့သော အခြားပရိုတိုကောများနှင့် ထပ်ဆောင်းဝန်ဆောင်မှုများကို ထည့်သွင်းနိုင်သည်။. @@ -2614,7 +3124,7 @@ Already installed containers were found on the server. All installed containers PageSetupWizardStart - + Let's get started စတင်လိုက်ကြရအောင် @@ -2622,27 +3132,27 @@ Already installed containers were found on the server. All installed containers PageSetupWizardTextKey - + Connection key ချိန်ဆက်မှု key - + A line that starts with vpn://... vpn://... ဖြင့် စတင်သော စာကြောင်း... - + Key Key - + Insert ထည်သွင်းမည် - + Continue ဆက်လက်လုပ်ဆောင်မည် @@ -2650,32 +3160,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardViewConfig - + New connection ချိတ်ဆက်မှုအသစ် - + Collapse content အကြောင်းအရာများကိုဖြန့်ချမည် - + Show content အကြောင်းအရာများကိုပြမည် - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. WireGuard obfuscation ကိုဖွင့်ထားပါ။ အကယ်၍ သင်၏အင်တာနက်ဝန်ဆောင်မှုပေးသောကုမ္ပဏီက WireGuard ပိတ်ဆို့ထားသော် ၎င်းကိုဖွင့်ထားခြင်းအားဖြင့်အသုံးဝင်နိုင်သည်။. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. သင်ယုံကြည်ရသော ရင်းမြစ်များမှရရှိသော ချိတ်ဆက်ကုဒ်များကိုသာ အသုံးပြုပါ။ လူတိုင်းဝင်ရောက်ရယူနေနိုင်သော ရင်းမြစ်များမှကုဒ်များသည် သင့်ဒေတာကို ကြားဖြတ်ရယူရန် ဖန်တီးထားသောကုဒ်များဖြစ်နေနိုင်သည်။. - + Connect ချိတ်ဆက်မည် @@ -2683,207 +3193,212 @@ Already installed containers were found on the server. All installed containers PageShare - + OpenVPN native format OpenVPN မူရင်းဖောမတ် - + WireGuard native format WireGuard မူရင်းဖော်မတ် - + Connection ချိတ်ဆက်မှု - - + + Server ဆာဗာ - + Config revoked Config ကိုပြန်ရုပ်သိမ်းလိုက်ပါပြီ - + Connection to ဤဆာဗာသို့ချိတ်ဆက်မှု - + File with connection settings to ဤဆာဗာနှင့်ချိတ်ဆက်မှု ဆက်တင်များပါရှိသော ဖိုင် - + Save OpenVPN config OpenVPN config ကိုသိမ်းဆည်းမည် - + Save WireGuard config WireGuard config ကိုသိမ်းဆည်းမည် - + Save AmneziaWG config AmneziaWG config ကိုသိမ်းဆည်းမည် - + Save Shadowsocks config Shadowsocks config ကိုသိမ်းဆည်းမည် - + Save Cloak config Cloak config ကိုသိမ်းဆည်းမည် - + Save XRay config XRay config ကိုသိမ်းဆည်းမည် - + For the AmneziaVPN app AmneziaVPN အက်ပ်အတွက် - + AmneziaWG native format AmneziaWG မူရင်းဖော်မတ် - + Shadowsocks native format Shadowsocks မူရင်းဖောမတ် - + Cloak native format Cloak မူရင်းဖော်မတ် - + XRay native format XRay မူရင်းဖော်မတ် - + Share VPN Access VPN အသုံးပြုခွင့်ကိုမျှဝေမည် - + Share full access to the server and VPN ဆာဗာနှင့် VPN သို့ အပြည့်အဝဝင်ရောက်ခွင့်ကို မျှဝေမည် - + Use for your own devices, or share with those you trust to manage the server. သင့်ကိုယ်ပိုင်စက်ပစ္စည်းများအတွက် အသုံးပြုရန် သို့မဟုတ် ဆာဗာကို စီမံခန့်ခွဲရန် သင်ယုံကြည်ရသူများနှင့် မျှဝေရန်. - - + + Users အသုံးပြုသူများ - + User name အသုံးပြုသူနာမည် - + Search ရှာဖွေမည် - + Creation date: %1 ဖန်တီးပြုလုပ်သည့်ရက်စွဲ: %1 - + Latest handshake: %1 နောက်ဆုံး handshake လုပ်ခြင်း: %1 - + Data received: %1 လက်ခံရရှိသည့်ဒေတာ: %1 - + Data sent: %1 ပေးပို့လိုက်သည့်ဒေတာ: %1 - + + Allowed IPs: %1 + + + + Rename အမည်ပြောင်းမည် - + Client name ကလိုင်းရင့်အမည် - + Save သိမ်းဆည်းမည် - + Revoke ပြန်ရုပ်သိမ်းမည် - + Revoke the config for a user - %1? အသုံးပြုသူ %1 အတွက် config ကို ပြန်လည်ရုပ်သိမ်းမည်လား? - + The user will no longer be able to connect to your server. ဤအသုံးပြုသူသည် သင့်ဆာဗာသို့ ချိတ်ဆက်နိုင်တော့မည်မဟုတ်ပါ. - + Continue ဆက်လက်လုပ်ဆောင်မည် - + Cancel ပယ်ဖျက်မည် - + Share VPN access without the ability to manage the server ဆာဗာကို စီမံခန့်ခွဲနိုင်စွမ်းမပါရှိဘဲ VPN အသုံးပြုခွင့်ကို မျှဝေမည် - - + + Protocol ပရိုတိုကော - - + + Connection format ချိတ်ဆက်မှုဖောမတ် - - + + Share မျှဝေမည် @@ -2891,55 +3406,55 @@ Already installed containers were found on the server. All installed containers PageShareFullAccess - + Full access to the server and VPN ဆာဗာနှင့် VPN ကို အပြည့်အဝဝင်ရောက်ခွင့် - + We recommend that you use full access to the server only for your own additional devices. သင့်ကိုယ်ပိုင်အပိုပစ္စည်းများအတွက်သာ ဆာဗာသို့ အပြည့်အဝဝင်ရောက်ခွင့်ကို အသုံးပြုရန် ကျွန်ုပ်တို့ အကြံပြုပါသည်. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. သင်သည် အခြားသူများနှင့် အပြည့်အဝဝင်ရောက်ခွင့်ကို မျှဝေပါက၊ ၎င်းတို့သည် ပရိုတိုကောများနှင့် ဝန်ဆောင်မှုများကို ဆာဗာသို့ထည့်သွင်းခြင်း ဆာဗာမှဖယ်ရှားခြင်းများ ပြုလုပ်နိုင်သောကြောင့် အသုံးပြုသူများအားလုံးအတွက် VPN မှားယွင်းစွာ လုပ်ဆောင်ခြင်းများဖြစ်စေနိုင်ပါသည်. - - + + Server ဆာဗာ - + Accessing ဝင်ရောက်နေသည် - + File with accessing settings to ဤဆာဗာနှင့်ဝင်ရောက်နိုင်မှု ဆက်တင်များပါရှိသော ဖိုင် - + Share မျှဝေမည် - + Access error! အသုံးပြုခွင့်တွင်အမှားပါနေပါသည်! - + Connection to ဤဆာဗာသို့ချိတ်ဆက်မှု - + File with connection settings to ဤဆာဗာနှင့်ချိတ်ဆက်မှု ဆက်တင်များပါရှိသော ဖိုင် @@ -2947,17 +3462,17 @@ Already installed containers were found on the server. All installed containers PageStart - + Logging was disabled after 14 days, log files were deleted ၁၄ ရက်အကြာတွင် Logging ကို ပိတ်ခဲ့သည်၊ မှတ်တမ်းဖိုင်များကို ဖျက်ပစ်လိုက်ပြီဖြစ်သည် - + Settings restored from backup file ဆက်တင်များကို အရံဖိုင်မှ ပြန်လည်ရယူပြီးပါပြီ - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -2965,7 +3480,7 @@ Already installed containers were found on the server. All installed containers PopupType - + Close ပိတ်မည် @@ -3224,87 +3739,88 @@ Already installed containers were found on the server. All installed containers လုပ်ဆောင်ချက်ကို မတတ်ဆင်ရသေးပါ - + Server check failed ဆာဗာစစ်ဆေးမှု မအောင်မြင်ပါ - + Server port already used. Check for another software ဆာဗာ Port ကို အသုံးပြုပြီးဖြစ်သည်. အခြားဆော့ဖ်ဝဲရှိမရှိ စစ်ဆေးပါ - + Server error: Docker container missing ဆာဗာ မှားယွင်းမှု: Docker ကွန်တိန်နာ ပျောက်နေသည် - + Server error: Docker failed ဆာဗာ မှားယွင်းမှု: Docker မအောင်မြင်ပါ - + Installation canceled by user ထည့်သွင်းမှုကို အသုံးပြုသူမှ ပယ်ဖျက်လိုက်သည် - - The user does not have permission to use sudo - ဤအသုံးပြုသူသည် sudo ကိုအသုံးပြုရန်ခွင့်ပြုချက်မရှိပါ + + The user is not a member of the sudo group + ဤအသုံးပြုသူသည် sudo အုပ်စု၏အဖွဲ့ဝင်မဟုတ်ပါ - + SSH request was denied SSH တောင်းဆိုမှု ငြင်းဆိုခံလိုက်ရပါသည် - + SSH request was interrupted SSH တောင်းဆိုမှု အနှောက်အယက်ခံလိုက်ရပါသည် - + SSH internal error စက်တွင်းဖြစ်သော SSH မှားယွင်းမှု - + Invalid private key or invalid passphrase entered မမှန်ကန်သော ကိုယ်ပိုင် key သို့မဟုတ် မမှန်ကန်သော စကားဝှက်ကို ထည့်သွင်းထားသည် - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types ရွေးချယ်ထားသော ကိုယ်ပိုင် key ဖော်မတ်ကို ထောက်ပံ့မှုမပေးပါ၊ openssh ED25519 key အမျိုးအစားများ သို့မဟုတ် PEM သော့အမျိုးအစားများကို အသုံးပြုပါ - + Timeout connecting to server ဆာဗာသို့ ချိတ်ဆက်ခြင်း အချိန်ကုန်သွားသည် - + The config does not contain any containers and credentials for connecting to the server Config တွင် ဆာဗာသို့ချိတ်ဆက်ရန်အတွက် ကွန်တိန်နာများနှင့် အထောက်အထားများ မပါဝင်ပါ - + + Error when retrieving configuration from API API မှ စီစဉ်သတ်မှတ်မှုကို ရယူသည့်အခါ အမှားအယွင်းဖြစ်ပေါ်နေသည် - + This config has already been added to the application ဤ config ကို အပလီကေးရှင်းထဲသို့ ထည့်သွင်းပြီးဖြစ်သည် - + ErrorCode: %1. မှားယွင်းမှုကုတ်: %1. - + OpenVPN config missing OpenVPN config ပျောက်ဆုံးနေပါသည် @@ -3314,117 +3830,169 @@ Already installed containers were found on the server. All installed containers နောက်ခံဝန်ဆောင်မှု လည်ပတ်နေခြင်းမရှိပါ - - Server error: Packet manager error - ဆာဗာ မှားယွင်းမှု: Packet Manager မှားယွင်းမှု + + The selected protocol is not supported on the current platform + ရွေးချယ်ထားသော ပရိုတိုကောကို လက်ရှိပလက်ဖောင်းပေါ်တွင် အ‌ထောက်အပံ့မပေးထားပါ - + + Server error: Package manager error + ဆာဗာ အမှား- Package manager အမှား + + + + The sudo package is not pre-installed on the server + + + + + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SCP error: Generic failure SCP မှားယွင်းမှု: ယေဘုယ မအောင်မြင်ခြင်း - + OpenVPN management server error OpenVPN စီမံခန့်ခွဲမှုဆာဗာ အမှားအယွင်း - + OpenVPN executable missing OpenVPN စီမံလုပ်ဆောင်နိုင်မှု ပျောက်ဆုံးနေပါသည် - + Shadowsocks (ss-local) executable missing Shadowsocks (ss-local) executable ပျောက်နေပါသည် - + Cloak (ck-client) executable missing Cloak (ck-client) စီမံလုပ်ဆောင်နိုင်မှု ပျောက်ဆုံးနေပါသည် - + Amnezia helper service error Amnezia helper ဝန်ဆောင်မှု မှားယွင်းမှု - + OpenSSL failed OpenSSL မအောင်မြင်ပါ - + Can't connect: another VPN connection is active ချိတ်ဆက်၍မရပါ: အခြား VPN ချိတ်ဆက်မှုတစ်ခုရှိနေပါသည် - + Can't setup OpenVPN TAP network adapter OpenVPN TAP ကွန်ရက် adapter ကို စနစ်တည်ဆောက်၍မရပါ - + VPN pool error: no available addresses VPN pool မှားယွင်းမှု: ရရှိနိုင်သောလိပ်စာများမရှိပါ - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + VPN ပရိုတိုကောများကို မထည့်သွင်းရသေးပါ။ +ကျေးဇူးပြု၍ VPN ကွန်တိန်နာကို အရင်ထည့်သွင်းပါ။ + + + VPN connection error VPN ချိတ်ဆက်မှုမှားယွင်းနေပါသည် - + In the response from the server, an empty config was received ဆာဗာမှ တုံ့ပြန်မှုတွင်၊ config အလွတ်တစ်ခုကို လက်ခံရရှိခဲ့သည် - + SSL error occurred SSL မှားယွင်းမှုဖြစ်သွားသည် - + Server response timeout on api request Api တောင်းဆိုမှုတွင် ဆာဗာတုံ့ပြန်မှု အချိန်ကုန်သွားသည် - + Missing AGW public key AGW public key ပျောက်ဆုံးနေသည် - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened QFile မှားယွင်းမှု: ဖိုင်ကို ဖွင့်၍မရပါ - + QFile error: An error occurred when reading from the file QFile မှားယွင်းမှု: ဖိုင်ကိုဖတ်နေစဥ်အတွင်း မှားယွင်းမှုဖြစ်သွားသည် - + QFile error: The file could not be accessed QFile မှားယွင်းမှု: ဖိုင်ကို ဝင်၍မရပါ - + QFile error: An unspecified error occurred QFile မှားယွင်းမှု: သတ်မှတ်မထားသော မှားယွင်းမှုတစ်ခု ဖြစ်ပွားခဲ့သည် - + QFile error: A fatal error occurred QFile မှားယွင်းမှု: ကြီးမားသော မှားယွင်းမှုတစ်ခု ဖြစ်ပွားခဲ့သည် - + QFile error: The operation was aborted QFile မှားယွင်းမှု: လုပ်ငန်းစဥ်ကို ဖျက်သိမ်းလိုက်ရသည် - + Internal error စက်တွင်းဖြစ်သော မှားယွင်းမှု @@ -3434,32 +4002,28 @@ Already installed containers were found on the server. All installed containers IPsec - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - Shadowsocks - ၎င်းသည် ပုံမှန်ဝဘ်လမ်းကြောင်းနှင့် ဆင်တူစေရန် VPN အသွားအလာကို ဖုံးကွယ်ထားသော်လည်း ၎င်းကို အချို့သော ဆင်ဆာဖြတ်ထားသော ဒေသများရှိ ခွဲခြမ်းစိတ်ဖြာမှုစနစ်များက ထောက်လှန်းသိရှိနိုင်ပါသည်. + Shadowsocks - ၎င်းသည် ပုံမှန်ဝဘ်လမ်းကြောင်းနှင့် ဆင်တူစေရန် VPN အသွားအလာကို ဖုံးကွယ်ထားသော်လည်း ၎င်းကို အချို့သော ဆင်ဆာဖြတ်ထားသော ဒေသများရှိ ခွဲခြမ်းစိတ်ဖြာမှုစနစ်များက ထောက်လှန်းသိရှိနိုင်ပါသည်. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - OpenVPN over Cloak - ဝဘ်အသွားအလာအဖြစ် ဟန်ဆောင်ထားသည့် VPN ပါသော OpenVPN နှင့် active-probing ထောက်လှမ်းခြင်းမှ ကာကွယ်ပေးခြင်း. ဆင်ဆာဖြတ်တောက်မှု အမြင့်ဆုံးအဆင့်ရှိသော ဒေသများတွင် ပိတ်ဆို့ခြင်းများကို ကျော်ဖြတ်ရန်အတွက် အကောင်းဆုံးဖြစ်သည်. + OpenVPN over Cloak - ဝဘ်အသွားအလာအဖြစ် ဟန်ဆောင်ထားသည့် VPN ပါသော OpenVPN နှင့် active-probing ထောက်လှမ်းခြင်းမှ ကာကွယ်ပေးခြင်း. ဆင်ဆာဖြတ်တောက်မှု အမြင့်ဆုံးအဆင့်ရှိသော ဒေသများတွင် ပိတ်ဆို့ခြင်းများကို ကျော်ဖြတ်ရန်အတွက် အကောင်းဆုံးဖြစ်သည်. + + + XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. + REALITY ပါဝင်သော XRay - အင်တာနက်ဆင်ဆာဖြတ်တောက်မှုအပြင်းထန်ဆုံးနိုင်ငံများအတွက် သင့်လျော်သည်။ Web traffic အဖြစ် အသွားအလာကို TLS အဆင့်ဖြင့် ဖုံးကွယ်ပေးထားခြင်း၊ Active probing နည်းလမ်းများဖြင့် ထောက်လှမ်းခံရခြင်းမှ ကာကွယ်ပေးခြင်းများ။. - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - REALITY ပါဝင်သော XRay - အင်တာနက်ဆင်ဆာဖြတ်တောက်မှုအပြင်းထန်ဆုံးနိုင်ငံများအတွက် သင့်လျော်သည်။ Web traffic အဖြစ် အသွားအလာကို TLS အဆင့်ဖြင့် ဖုံးကွယ်ပေးထားခြင်း၊ Active probing နည်းလမ်းများဖြင့် ထောက်လှမ်းခံရခြင်းမှ ကာကွယ်ပေးခြင်းများ။. - - - IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. IKEv2/IPsec - ခေတ်မီပြီးတည်ငြိမ်သော ပရိုတိုကော၊ အခြားပရိုတိုကောများထက် အနည်းငယ်ပိုမြန်သည်၊ Signal ဆုံးရှုံးပြီးနောက် ချိတ်ဆက်မှုကို ပြန်လည်ရယူနိုင်သည်။ Android နှင့် iOS ၏ နောက်ဆုံးဗားရှင်းများတွင် native ပံ့ပိုးမှုရရှိသည်။. - + Create a file vault on your server to securely store and transfer files. ဖိုင်များကို လုံခြုံစွာသိမ်းဆည်းရန်နှင့် လွှဲပြောင်းရန်အတွက် သင့်ဆာဗာပေါ်တွင် fire vault တစ်ခု ဖန်တီးပါ. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3478,7 +4042,7 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - ဤပစ္စည်းသည်ပိတ်ဆို့ခြင်းမှကာကွယ်ရန်အတွက် အထူးထုတ်လုပ်ထားသည့် OpenVPN ပရိုတိုကောနှင့် Cloak plugin ၏ပေါင်းစပ်မှုဖြစ်သည်. + ဤပစ္စည်းသည်ပိတ်ဆို့ခြင်းမှကာကွယ်ရန်အတွက် အထူးထုတ်လုပ်ထားသည့် OpenVPN ပရိုတိုကောနှင့် Cloak plugin ၏ပေါင်းစပ်မှုဖြစ်သည်. OpenVPN သည် ကလိုင်းယင့်နှင့် ဆာဗာကြားရှိ အင်တာနက်အသွားအလာအားလုံးကို ကုဒ်ဝှက်ခြင်းဖြင့် လုံခြုံသော VPN ချိတ်ဆက်မှုကို ပံ့ပိုးပေးပါသည် @@ -3498,7 +4062,6 @@ Cloak သည် ပက်ကတ်မက်တာဒေတာကို မွမ - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3508,7 +4071,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - ရိုးရှင်းသော တည်ဆောက်ပုံဖြင့် အတော်လေးနာမည်ကြီးသော VPN ပရိုတိုကောအသစ်။ + ရိုးရှင်းသော တည်ဆောက်ပုံဖြင့် အတော်လေးနာမည်ကြီးသော VPN ပရိုတိုကောအသစ်။ WireGuard သည် ၎င်းအားအသုံးပြုထားသောစက်အားလုံးကို တည်ငြိမ်သော VPN ချိတ်ဆက်မှုနှင့် စွမ်းဆောင်ရည်မြင့်မားမှုကို ရရှိစေပါသည်။ Hard-coded encryption ဆက်တင်များကို အသုံးပြုထားပါသည်။ OpenVPN နှင့် နှိုင်းယှဉ်ပါက WireGuard သည် latency နည်းပါးပြီး ဒေတာလွှဲပြောင်းမှု ပိုမိုကောင်းမွန်ပါသည်။ WireGuard သည် ၎င်း၏ ကွဲပြားသော packet လက်မှတ်များ ကြောင့် ပိတ်ဆို့ခြင်းကို အလွန်ခံရနိုင်ချေရှိသည်။ ရှုပ်ထွေးသောနည်းပညာများကို အသုံးပြုသည့် အခြားသော VPN ပရိုတိုကောများနှင့် မတူဘဲ၊ WireGuard ပက်ကတ်များ၏ တသမတ်တည်း လက်မှတ်ပုံစံများကြောင့် ၎င်းတို့ကိုပိုမိုလွယ်ကူစွာ ရှာဖွေဖော်ထုတ်နိုင်ကာ အဆင့်မြင့် Deep Packet Inspection (DPI) စနစ်များနှင့် အခြားသော ကွန်ရက်စောင့်ကြည့်ရေးကိရိယာများဖြင့် ပိတ်ဆို့ထားနိုင်သည်။ @@ -3519,18 +4082,17 @@ WireGuard သည် ၎င်း၏ ကွဲပြားသော packet လက * UDP ကွန်ရက်ပရိုတိုကောပေါ်တွင် အလုပ်လုပ်သည်။. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. + The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3551,7 +4113,7 @@ IKEv2 သည် လုံခြုံရေး၊ တည်ငြိမ်မှ * UDP ကွန်ရက်ပရိုတိုကော၊ port 500 နှင့် 4500 ကျော်တွင် အလုပ်လုပ်သည်။. - + DNS Service DNS ဝန်ဆောင်မှု @@ -3562,7 +4124,7 @@ IKEv2 သည် လုံခြုံရေး၊ တည်ငြိမ်မှ - + Website in Tor network Tor ကွန်ရက်ထဲရှိ ဝဘ်ဆိုဒ် @@ -3577,27 +4139,115 @@ IKEv2 သည် လုံခြုံရေး၊ တည်ငြိမ်မှ OpenVPN သည် ပြောင်းလွယ်ပြင်လွယ် ဖွဲ့စည်းမှုရွေးချယ်စရာများပါရှိသော လူကြိုက်အများဆုံး VPN ပရိုတိုကောဖြစ်သည်. ၎င်းသည် key လဲလှယ်မှုအတွက် SSL/TLS ဖြင့် ၎င်း၏ကိုယ်ပိုင်လုံခြုံရေးပရိုတိုကောကို အသုံးပြုသည်. - + + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - WireGuard - မြင့်မားသောစွမ်းဆောင်ရည်၊ မြန်နှုန်းမြင့်နှင့် ပါဝါသုံးစွဲမှုနည်းသော လူကြိုက်များသော VPN ပရိုတိုကောအသစ်. ဆင်ဆာဖြတ်မှုအဆင့်နိမ့်သော ဒေသများတွင်အသုံးပြုရန်အကြံပြုထားသည်. + WireGuard - မြင့်မားသောစွမ်းဆောင်ရည်၊ မြန်နှုန်းမြင့်နှင့် ပါဝါသုံးစွဲမှုနည်းသော လူကြိုက်များသော VPN ပရိုတိုကောအသစ်. ဆင်ဆာဖြတ်မှုအဆင့်နိမ့်သော ဒေသများတွင်အသုံးပြုရန်အကြံပြုထားသည်. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG - WireGuard ကိုအခြေခံထားသော Amnezia မှ အထူးပရိုတိုကော. ၎င်းသည် WireGuard ကဲ့သို့မြန်ဆန်သော်ပြီး ပိတ်ဆို့ခြင်းများကိုလည်း ခံနိုင်ရည်ရှိပါသည်. ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသော ဒေသများတွင်အသုံးပြုရန် အကြံပြုပါသည်. + AmneziaWG - WireGuard ကိုအခြေခံထားသော Amnezia မှ အထူးပရိုတိုကော. ၎င်းသည် WireGuard ကဲ့သို့မြန်ဆန်သော်ပြီး ပိတ်ဆို့ခြင်းများကိုလည်း ခံနိုင်ရည်ရှိပါသည်. ဆင်ဆာဖြတ်တောက်မှု မြင့်မားသော ဒေသများတွင်အသုံးပြုရန် အကြံပြုပါသည်. - + Deploy a WordPress site on the Tor network in two clicks. ကလစ်နှစ်ချက်နှိပ်ရုံဖြင့် Tor ကွန်ရက်ပေါ်တွင် WordPress ဆိုက်တစ်ခုကို ဖြန့်ကျက်လိုက်ပါ. - + Replace the current DNS server with your own. This will increase your privacy level. လက်ရှိ DNS ဆာဗာကို သင့်ကိုယ်ပိုင် DNS ဆာဗာဖြင့် အစားထိုးပါ. ဤသို့ပြုလုပ်ခြင်းသည် သင်၏ကိုယ်ရေးကိုယ်တာလုံခြုံမှုအဆင့်ကို တိုးမြှင့်ပေးလိမ့်မည်. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -3606,7 +4256,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - OpenVPN သည်ပေါ်ပြူလာအဖြစ်ဆုံးနှင့် ကာလရှည်ကြာအသုံးဝင်ခဲ့ အသုံးဝင်နေစဲဖြစ်သော VPN ပရိုတိုကောများထဲမှတစ်ခုဖြစ်သည်။ + OpenVPN သည်ပေါ်ပြူလာအဖြစ်ဆုံးနှင့် ကာလရှည်ကြာအသုံးဝင်ခဲ့ အသုံးဝင်နေစဲဖြစ်သော VPN ပရိုတိုကောများထဲမှတစ်ခုဖြစ်သည်။ ကုဒ်ဝှက်ခြင်းနှင့် key လဲလှယ်ခြင်းအတွက် SSL/TLS ၏ ခွန်အားကို အသုံးချခြင်းဖြင့် OpenVPN သည် ၎င်း၏ထူးခြားသော လုံခြုံရေးပရိုတိုကောကို အသုံးပြုထားသည်။ ထို့အပြင် OpenVPN ၏ အထောက်အထားစိစစ်ခြင်းနည်းလမ်းများစွာအတွက်အထောက်အပံ့ပေးထားမှုသည် ၎င်းကို စွယ်စုံရလိုက်လျောညီထွေဖြစ်စေပြီး စက်ပစ္စည်းများနှင့် လည်ပတ်မှုစနစ်များစွာကို အထောက်အပံ့ပေးစေပါသည်။ ၎င်း၏ open-source သဘောသဘာဝကြောင့် OpenVPN သည် ၎င်းကို ကျယ်ကျယ်ပြန့်ပြန့် စိစစ်စောင့်ကြည့်ပေးသည့် global community ကြောင့် လုံခြုံရေးပိုမိုကောင်းမွန်လာသည့်အကျိုးကျေးဇူးများ ရရှိခဲ့သည်။ စွမ်းဆောင်ရည်၊ လုံခြုံရေးနှင့် မည်သည့်စက်ပစ္စည်းနှင့်မဆိုလိုက်လျှောညီထွေရှိမှုဂုဏ်သတ္တိတို့ကို မျှတစွာပိုင်ဆိုင်ထားသော OpenVPN သည် ကိုယ်ရေးကိုယ်တာလုံခြုံမှုကိုအထူးဂရုစိုက်သော ပုဂ္ဂိုလ်များနှင့် စီးပွားရေးလုပ်ငန်းများအတွက် ထိပ်တန်းရွေးချယ်မှုတစ်ခုအဖြစ် ရပ်တည်နေစဲဖြစ်ပါသည်။ * ပလက်ဖောင်းအားလုံးရှိ AmneziaVPN တွင်အသုံးပြုနိုင်သည်။ @@ -3616,7 +4266,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * TCP နှင့် UDP ကွန်ရက် ပရိုတိုကော နှစ်ခုလုံးတွင် လည်ပတ်နိုင်သည်။. - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -3631,7 +4281,6 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * TCP ကွန်ရက် ပရိုတိုကောပေါ်တွင် အလုပ်လုပ်သည်။. - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -3641,7 +4290,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - လူကြိုက်များသော VPN ပရိုတိုကော၏ ခေတ်မီပြန်လည်တည်ဆောက်မှုတစ်ခုဖြစ်သော AmneziaWG သည် WireGuard မှသတ်မှတ်ထားသော အခြေခံအုတ်မြစ်ပေါ်တွင် တည်ဆောက်ထားပြီး ၎င်း၏ရိုးရှင်းသောတည်ဆောက်ပုံနှင့် စွမ်းဆောင်ရည်မြင့်မားသောစွမ်းရည်များကို ဆက်လက်ထိန်းသိမ်းထားပါသည်။ + လူကြိုက်များသော VPN ပရိုတိုကော၏ ခေတ်မီပြန်လည်တည်ဆောက်မှုတစ်ခုဖြစ်သော AmneziaWG သည် WireGuard မှသတ်မှတ်ထားသော အခြေခံအုတ်မြစ်ပေါ်တွင် တည်ဆောက်ထားပြီး ၎င်း၏ရိုးရှင်းသောတည်ဆောက်ပုံနှင့် စွမ်းဆောင်ရည်မြင့်မားသောစွမ်းရည်များကို ဆက်လက်ထိန်းသိမ်းထားပါသည်။ WireGuard သည် ၎င်း၏ စွမ်းဆောင်ရည်အတွက် လူသိများသော်လည်း ၎င်း၏ ထူးခြားသော packet လက်မှတ်များ ကြောင့် အလွယ်တကူ ထောက်လှန်းရှာဖွေတွေ့ရှိနိုင်သည့် ပြဿနာများ ရှိခဲ့ပါသည်။ AmneziaWG သည် ၎င်း၏ အသွားအလာကို ပုံမှန်အင်တာနက်အသွားအလာနှင့် ရောနှောကာ ပိုမိုကောင်းမွန်သော ရှုပ်ထွေးသော နည်းလမ်းများကို အသုံးပြုခြင်းဖြင့် ဤပြဿနာကို ဖြေရှင်းပေးထားပါသည်။ ဆိုလိုသည်မှာ AmneziaWG သည် နောက်ထပ်ထောက်လှန်းရခက်စေသည့်အလွှာတစ်ခုထပ်ထည့်စဉ်တွင် မူရင်းမြန်ဆန်သောစွမ်းဆောင်ရည်ကို ထိန်းသိမ်းထားနိုင်သောကြောင့် မြန်ဆန်ပြီးပါးနပ်သော VPN ချိတ်ဆက်မှုကိုလိုချင်သူများအတွက် အကောင်းဆုံးရွေးချယ်မှုတစ်ခုဖြစ်ပါသည်။ @@ -3652,7 +4301,7 @@ WireGuard သည် ၎င်း၏ စွမ်းဆောင်ရည်အ * UDP ကွန်ရက်ပရိုတိုကောပေါ်တွင် အလုပ်လုပ်သည်။. - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3678,7 +4327,7 @@ For more detailed information, you can - + SOCKS5 proxy server SOCKS5 proxy ဆာဗာ @@ -3869,14 +4518,35 @@ For more detailed information, you can Hostname နှင့် port ကြားရှိ colon separator ကို ရှာမတွေ့ပါ + + RenameServerDrawer + + + Server name + ဆာဗာအမည် + + + + Save + သိမ်းဆည်းမည် + + SelectLanguageDrawer - + Choose language ဘာသာစကားကို ရွေးချယ်ပါ + + ServersListView + + + Unable change server while there is an active connection + လက်ရှိချိတ်ဆက်မှုတစ်ခုရှိနေချိန်တွင် ဆာဗာကို ပြောင်းလဲ၍မရပါ + + Settings @@ -3894,12 +4564,12 @@ For more detailed information, you can SettingsController - + All settings have been reset to default values ဆက်တင်အားလုံးကို မူရင်းတန်ဖိုးများအဖြစ် ပြန်လည်သတ်မှတ်ထားသည် - + Backup file is corrupted အရံဖိုင်ပျက်ဆီးနေသည် @@ -3907,39 +4577,39 @@ For more detailed information, you can ShareConnectionDrawer - - + + Save AmneziaVPN config AmneziaWG config ကိုသိမ်းဆည်းမည် - + Share မျှဝေမည် - + Copy ကူးယူမည် - - + + Copied ကူးယူပြီးပါပြီ - + Copy config string config string ကိုကူးယူမည် - + Show connection settings ချိတ်ဆက်မှုဆက်တင်များကို ပြပါ - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" Amnezia အက်ပ်ရှိ QR ကုဒ်ကိုဖတ်ရန်အတွက်အောက်ပါအတိုင်း ရွေးချယ်ပါ "ဆာဗာထည့်ရန်" → "ချိတ်ဆက်ရန် ဒေတာရှိသည်" → "QR ကုဒ်၊ key သို့မဟုတ် ဆက်တင်ဖိုင်" @@ -3952,37 +4622,37 @@ For more detailed information, you can လက်ခံသူအမည်သည် ip လိပ်စာ သို့မဟုတ် ဒိုမိန်းအမည်နှင့် မတူပါ - + New site added: %1 ဆိုဒ်အသစ်ထပ်ထည့်ပြီးပါပြီ: %1 - + Site removed: %1 ဆိုက်ကို ဖယ်ရှားလိုက်သည်: %1 - + Can't open file: %1 ဖိုင်ကိုဖွင့်၍မရပါ: %1 - + Failed to parse JSON data from file: %1 JSON ဒေတာကို ဖိုင်မှ ခွဲခြမ်းထုပ်ယူမှု မအောင်မြင်ပါ: %1 - + The JSON data is not an array in file: %1 JSON ဒေတာသည် ဖိုင်ထဲရှိ array တစ်ခုမဟုတ်ပါ: %1 - + Import completed တင်သွင်းခြင်းပြီးဆုံးသွားပါပြီ - + Export completed ထုတ်ယူခြင်းပြီးဆုံးသွားပါပြီ @@ -4023,7 +4693,7 @@ For more detailed information, you can TextFieldWithHeaderType - + The field can't be empty ဖြည့်သွင်းရမည့်နေရာသည် အလွတ်မဖြစ်ရပါ @@ -4031,7 +4701,7 @@ For more detailed information, you can VpnConnection - + Mbps Mbps @@ -4082,35 +4752,41 @@ For more detailed information, you can amnezia::ContainerProps - Low - Low + Low + + + High + High + + + I just want to increase the level of my privacy. + ကျွန်ုပ်၏ကိုယ်ရေးကိုယ်တာလုံခြုံမှုအဆင့်ကို မြှင့်တင်လိုပါသည်. + + + I want to bypass censorship. This option recommended in most cases. + ဆင်ဆာဖြတ်တောက်ခြင်းကို ကျော်ဖြတ်ချင်ပါသည်. ဤရွေးချယ်မှုကို ကိစ္စအများစုအတွက် အကြံပြုထားသည်. + + + + Automatic + - High - High - - - - I just want to increase the level of my privacy. - ကျွန်ုပ်၏ကိုယ်ရေးကိုယ်တာလုံခြုံမှုအဆင့်ကို မြှင့်တင်လိုပါသည်. - - - - I want to bypass censorship. This option recommended in most cases. - ဆင်ဆာဖြတ်တောက်ခြင်းကို ကျော်ဖြတ်ချင်ပါသည်. ဤရွေးချယ်မှုကို ကိစ္စအများစုအတွက် အကြံပြုထားသည်. + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + main2 - + Private key passphrase ကိုယ်ပိုင် key စကားဝှက် - + Save သိမ်းဆည်းမည် diff --git a/client/translations/amneziavpn_ru_RU.ts b/client/translations/amneziavpn_ru_RU.ts index c0d855b2..1d8766ac 100644 --- a/client/translations/amneziavpn_ru_RU.ts +++ b/client/translations/amneziavpn_ru_RU.ts @@ -1,55 +1,261 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + Amnezia Premium - доступ ко всем сайтам и онлайн ресурсам + + + + AllowedDnsController + + + The address does not look like a valid IP address + Адрес не похож на корректный IP-адрес + + + + New DNS server added: %1 + Добавлен новый DNS сервер: %1 + + + + DNS server already exists: %1 + DNS сервер уже существует: %1 + + + + DNS server removed: %1 + DNS сервер удален: %1 + + + + Can't open file: %1 + Невозможно открыть файл: %1 + + + + Failed to parse JSON data from file: %1 + Не удалось разобрать JSON-данные из файла: %1 + + + + The JSON data is not an array in file: %1 + JSON-данные не являются массивом в файле: %1 + + + + Import completed + Импорт завершён + + + + Export completed + Экспорт завершён + + + + ApiAccountInfoModel + + + + Active + Активна + + + + Inactive + Не активна + + + + %1 out of %2 + %1 из %2 + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + Классический VPN для комфортной работы, загрузки больших файлов и просмотра видео. Доступ ко всем сайтам и онлайн-ресурсам. Скорость — до 200 Мбит/с + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + Бесплатный неограниченный доступ к базовому набору сайтов и приложений, таким как Facebook, Instagram, Twitter (X), Discord, Telegram и другим. YouTube не включён в бесплатный тариф. + + + + ApiConfigsController + + + %1 installed successfully. + %1 успешно установлен. + + + + API config reloaded + Конфигурация API перезагружена + + + + Successfully changed the country of connection to %1 + Страна подключения изменена на %1 + + + + ApiPremV1MigrationDrawer + + + Switch to the new Amnezia Premium subscription + Перейдите на новый тип подписки Amnezia Premium + + + + We'll preserve all remaining days of your current subscription and give you an extra month as a thank you. + Мы сохраним все оставшиеся дни текущей подписки и подарим дополнительный месяц в благодарность за переход. + + + + This new subscription type will be actively developed with more locations and features added regularly. Currently available: + Именно новый тип подписки будет активно развиваться и пополняться новыми локациями и функциями. Уже доступны: + + + + <li>13 locations (with more coming soon)</li> + <li>13 локаций (их число будет расти)</li> + + + + <li>Easier switching between countries in the app</li> + <li>Удобное переключение между странами в приложении</li> + + + + <li>Personal dashboard to manage your subscription</li> + <li>Личный кабинет для управления подпиской</li> + + + + Old keys will be deactivated after switching. + После перехода старые ключи перестанут работать. + + + + Email + Email + + + + mail@example.com + mail@example.com + + + + No old format subscriptions for a given email + Для указанного адреса электронной почты нет подписок старого типа + + + + Enter the email you used for your current subscription + Укажите адрес почты, который использовали при заказе текущей подписки + + + + + Continue + Продолжить + + + + Remind me later + Напомнить позже + + + + Don't remind me again + Больше не напоминать + + + + No more reminders? You can always switch to the new format in the server settings + Отключить напоминания? Вы всегда сможете перейти на новый тип подписки в настройках сервера + + + + Cancel + Отменить + + + + ApiPremV1SubListDrawer + + + Choose Subscription + Выбрать подписку + + + + Order ID: + ID заказа: + + + + Purchase Date: + Дата покупки: + + ApiServicesModel - - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - Классический VPN для комфортной работы, загрузки больших файлов и просмотра видео. Работает для любых сайтов. Скорость до %1 Мбит/с - - - - VPN to access blocked sites in regions with high levels of Internet censorship. - VPN для доступа к заблокированным сайтам в регионах с высоким уровнем интернет-цензуры. - - - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - + <p><a style="color: #EB5757;">Недоступно в вашем регионе. Если у вас включен VPN, отключите его, вернитесь на предыдущий экран и попробуйте снова.</a> - - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. - Amnezia Premium — классический VPN для комфортной работы, загрузки больших файлов и просмотра видео в высоком разрешении. Работает на всех сайтах, даже в странах с самым высоким уровнем интернет-цензуры. + + + Amnezia Free provides unlimited, free access to a basic set of websites and apps, including Facebook, Instagram, Twitter (X), Discord, Telegram, and more. YouTube is not included in the free plan. + Amnezia Free позволяет бесплатно и без ограничений пользоваться базовым набором сайтов и приложений, включая Facebook, Instagram, Twitter (X), Discord, Telegram и другие. YouTube не входит в бесплатный тариф. - - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship - Amnezia Free - это бесплатный VPN для обхода блокировок в странах с высоким уровнем интернет-цензуры + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. + Amnezia Premium - это классический VPN для комфортной работы, загрузки больших файлов и просмотра видео. Доступ ко всем сайтам и онлайн ресурсам. Скорость - до %1 Мбит/с. - + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + Amnezia Premium - это классический VPN для комфортной работы, загрузки больших файлов и просмотра видео. Доступ ко всем сайтам и онлайн ресурсам. + + + %1 MBit/s - + %1 Мбит/с - + %1 days %1 дней - + + + + + + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> Через VPN будут открываться только популярные сайты, заблокированные в вашем регионе, такие как Instagram, Facebook, Twitter и другие. Остальные сайты будут открываться с вашего реального IP-адреса, <a href="%1/free" style="color: #FBB26A;">подробности на сайте.</a> - + Free Бесплатно - + %1 $/month %1 $/месяц @@ -80,7 +286,7 @@ ConnectButton - + Unable to disconnect during configuration preparation Невозможно отключиться во время подготовки конфигурации @@ -88,62 +294,45 @@ ConnectionController - - VPN Protocols is not installed. - Please install VPN container at first - VPN-протоколы не установлены. - Пожалуйста, установите протокол - - - + Connecting... Подключение... - + Connected Подключено - + Preparing... Подготовка... - + Settings updated successfully, reconnnection... Настройки успешно обновлены, переподключение... - + Settings updated successfully Настройки успешно обновлены - - The selected protocol is not supported on the current platform - Выбранный протокол не поддерживается на данном устройстве - - - - unable to create configuration - не удалось создать конфигурацию - - - + Reconnecting... Переподключение... - - - - + + + + Connect Подключиться - + Disconnecting... Отключение... @@ -151,17 +340,17 @@ ConnectionTypeSelectionDrawer - + Add new connection Добавить новое соединение - + Configure your server Настроить свой сервер - + Open config file, key or QR code Открыть файл конфигурации, ключ или QR-код @@ -169,7 +358,7 @@ ContextMenuType - + C&ut Вырезать @@ -179,78 +368,67 @@ Копировать - + &Paste Вставить - + &SelectAll Выбрать всё - - ExportController - - Access error! - Ошибка доступа! - - HomeContainersListView - + Unable change protocol while there is an active connection Невозможно изменить протокол во время активного соединения - - The selected protocol is not supported on the current platform - Выбранный протокол не поддерживается на данном устройстве - HomeSplitTunnelingDrawer - + Split tunneling Раздельное VPN-туннелирование - + Allows you to connect to some sites or applications through a VPN connection and bypass others Позволяет подключаться к одним сайтам или приложениям через VPN-соединение, а к другим — в обход него - + Split tunneling on the server Раздельное туннелирование на сервере - + Enabled Can't be disabled for current server Включено Невозможно отключить для текущего сервера - + Site-based split tunneling Раздельное туннелирование сайтов - - + + Enabled Включено - - + + Disabled Отключено - + App-based split tunneling Раздельное туннелирование приложений @@ -258,113 +436,92 @@ Can't be disabled for current server ImportController - - Unable to open file - Невозможно открыть файл - - - - - Invalid configuration file - Неверный файл конфигурации - - - + Scanned %1 of %2. Отсканировано %1 из %2. - - In the imported configuration, potentially dangerous lines were found: - В импортированной конфигурации были обнаружены потенциально опасные строки: + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + Эта конфигурация содержит настройки OpenVPN. Конфигурации OpenVPN могут содержать вредоносные скрипты, поэтому добавляйте их только в том случае, если полностью доверяете источнику этого файла. + + + + <br>In the imported configuration, potentially dangerous lines were found: + <br>В импортированной конфигурации обнаружены потенциально опасные строки: InstallController - + %1 installed successfully. %1 успешно установлен. - + %1 is already installed on the server. %1 уже установлен на сервер. - + Added containers that were already installed on the server Добавлены сервисы и протоколы, которые были ранее установлены на сервер - + Already installed containers were found on the server. All installed containers have been added to the application На сервере обнаружены установленные протоколы и сервисы. Все они были добавлены в приложение - + Settings updated successfully Настройки успешно обновлены - + Server '%1' was rebooted Сервер '%1' был перезагружен - + Server '%1' was removed Сервер '%1' был удален - + All containers from server '%1' have been removed Все протоколы и сервисы были удалены с сервера '%1' - + %1 has been removed from the server '%2' %1 был удален с сервера '%2' - + Api config removed Конфигурация API удалена - + %1 cached profile cleared %1 закэшированный профиль очищен - + Please login as the user Пожалуйста, войдите в систему от имени пользователя - + Server added successfully Сервер успешно добавлен - - - %1 installed successfully. - %1 успешно установлен. - - - - API config reloaded - Конфигурация API перезагружена - - - - Successfully changed the country of connection to %1 - Изменение страны подключения на %1 - InstalledAppsDrawer @@ -374,12 +531,12 @@ Already installed containers were found on the server. All installed containers Выберите приложение - + application name название приложения - + Add selected Добавить выбранные @@ -431,6 +588,24 @@ Already installed containers were found on the server. All installed containers Обнаружена незащищенная сеть: + + OtpCodeDrawer + + + OTP code was sent to your email + Одноразовый код был отправлен на ваш email + + + + OTP Code + Одноразовый код + + + + Continue + Продолжить + + PageDeinstalling @@ -447,208 +622,213 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Gateway endpoint - + Dev gateway environment - + Dev gateway environment PageHome - + + You've successfully switched to the new Amnezia Premium subscription! + Вы успешно перешли на новый тип подписки Amnezia Premium! + + + + Old keys will no longer work. Please use your new subscription key to connect. +Thank you for staying with us! + Старые ключи перестанут работать. Пожалуйста, используйте новый ключ для подключения. +Спасибо, что остаетесь с нами! + + + + Continue + Продолжить + + + Logging enabled Логирование включено - + Split tunneling enabled Раздельное туннелирование включено - + Split tunneling disabled Раздельное туннелирование выключено - + VPN protocol VPN-протокол - + Servers Серверы - - - Unable change server while there is an active connection - Невозможно изменить сервер во время активного соединения - PageProtocolAwgClientSettings - + AmneziaWG settings - Настройки AmneziaWG + Настройки AmneziaWG - + MTU - MTU + MTU - + Server settings - + Настройки сервера - + Port - Порт + Порт - + Save - Сохранить + Сохранить + + + + Save settings? + Сохранить настройки? + + + + Only the settings for this device will be changed + Будут изменены настройки только для этого устройства - Save settings? - Сохранить настройки? + Continue + Продолжить - Only the settings for this device will be changed - - - - - Continue - Продолжить - - - Cancel - Отменить + Отменить - + Unable change settings while there is an active connection - Невозможно изменить настройки во время активного соединения + Невозможно изменить настройки во время активного соединения PageProtocolAwgSettings - + AmneziaWG settings Настройки AmneziaWG - + Port Порт - MTU - MTU - - - Remove AmneziaWG - Удалить AmneziaWG - - - Remove AmneziaWG from server? - Удалить AmneziaWG с сервера? - - - + All users with whom you shared a connection with will no longer be able to connect to it. Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - + Save Сохранить - + + VPN address subnet + Подсеть VPN-адресов + + + Jc - Junk packet count - + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S1 - Init packet junk size - + S2 - Response packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H1 - Init packet magic header - + H2 - Response packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + H3 - Underload packet magic header - + The values of the H1-H4 fields must be unique Значения в полях H1-H4 должны быть уникальными - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) Значение в поле S1 + размер инициации сообщения (148) не должно равняться значению в поле S2 + размер ответа на сообщение (92) - + Save settings? Сохранить настройки? - + Continue Продолжить - + Cancel Отменить - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения @@ -656,33 +836,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings Настройки Cloak - + Disguised as traffic from Замаскировать трафик под - + Port Порт - - + + Cipher Шифрование - + Save Сохранить - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения @@ -690,195 +870,175 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings Настройки OpenVPN - + VPN address subnet Подсеть VPN-адресов - + Network protocol Сетевой протокол - + Port Порт - + Auto-negotiate encryption Шифрование с автоматическим согласованием - - + + Hash Хэш - + SHA512 SHA512 - + SHA384 SHA384 - + SHA256 SHA256 - + SHA3-512 SHA3-512 - + SHA3-384 SHA3-384 - + SHA3-256 SHA3-256 - + whirlpool whirlpool - + BLAKE2b512 BLAKE2b512 - + BLAKE2s256 BLAKE2s256 - + SHA1 SHA1 - - + + Cipher Шифрование - + AES-256-GCM AES-256-GCM - + AES-192-GCM AES-192-GCM - + AES-128-GCM AES-128-GCM - + AES-256-CBC AES-256-CBC - + AES-192-CBC AES-192-CBC - + AES-128-CBC AES-128-CBC - + ChaCha20-Poly1305 ChaCha20-Poly1305 - + ARIA-256-CBC ARIA-256-CBC - + CAMELLIA-256-CBC CAMELLIA-256-CBC - + none none - + TLS auth TLS авторизация - + Block DNS requests outside of VPN Блокировать DNS-запросы за пределами VPN - + Additional client configuration commands Дополнительные команды конфигурации клиента - - + + Commands: Команды: - + Additional server configuration commands Дополнительные команды конфигурации сервера - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения - Remove OpenVPN - Удалить OpenVPN - - - Remove OpenVPN from server? - Удалить OpenVPN с сервера? - - - All users with whom you shared a connection with will no longer be able to connect to it. - Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - - - Continue - Продолжить - - - Cancel - Отменить - - - + Save Сохранить @@ -886,32 +1046,32 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings настройки - + Show connection options Показать параметры подключения - + Connection options %1 Параметры подключения %1 - + Remove Удалить - + Remove %1 from server? Удалить %1 с сервера? - + All users with whom you shared a connection with will no longer be able to connect to it. Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. @@ -920,12 +1080,12 @@ Already installed containers were found on the server. All installed containers Все пользователи, с которыми вы поделились этим VPN-протоколом, больше не смогут к нему подключаться. - + Continue Продолжить - + Cancel Отменить @@ -933,28 +1093,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings Настройки Shadowsocks - + Port Порт - - + + Cipher Шифрование - + Save Сохранить - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения @@ -962,111 +1122,100 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings - Настройки WG + Настройки WG - + MTU - MTU + MTU - + Server settings - + Настройки сервера - + Port - Порт + Порт - + Save - Сохранить + Сохранить - + Save settings? - Сохранить настройки? + Сохранить настройки? - + Only the settings for this device will be changed - + Будут изменены настройки только для этого устройства - + Continue - Продолжить + Продолжить + + + + Cancel + Отменить - Cancel - Отменить - - - Unable change settings while there is an active connection - Невозможно изменить настройки во время активного соединения + Невозможно изменить настройки во время активного соединения PageProtocolWireGuardSettings - + WG settings Настройки WG - + + VPN address subnet + Подсеть VPN-адресов + + + Port Порт - - - Save settings? - Сохранить настройки? - + Save settings? + Сохранить настройки? + + + All users with whom you shared a connection with will no longer be able to connect to it. - Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. + Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - MTU - MTU - - - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения - Remove WG - Удалить WG - - - Remove WG from server? - Удалить WG с сервера? - - - All users with whom you shared a connection will no longer be able to connect to it. - Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - - - + Continue Продолжить - + Cancel Отменить - + Save Сохранить @@ -1074,22 +1223,27 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings Настройки XRay - + Disguised as traffic from Замаскировать трафик под - + + Port + Порт + + + Save Сохранить - + Unable change settings while there is an active connection Невозможно изменить настройки во время активного соединения @@ -1104,39 +1258,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. На вашем сервере установлен DNS-сервис, доступ к нему возможен только через VPN. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. Адрес DNS совпадает с адресом вашего сервера. Настроить DNS можно во вкладке "Соединение" настроек приложения. - + Remove Удалить - + Remove %1 from server? Удалить %1 с сервера? - + Continue Продолжить - + Cancel Отменить - + Cannot remove AmneziaDNS from running server Невозможно удалить AmneziaDNS с работающего сервера @@ -1144,153 +1298,137 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully Настройки успешно обновлены - + SFTP settings Настройки SFTP - + Host Хост - - - - + + + + Copied Скопировано - + Port Порт - + User name Имя пользователя - + Password Пароль - + Mount folder on device Смонтировать папку на устройстве - + In order to mount remote SFTP folder as local drive, perform following steps: <br> Чтобы смонтировать SFTP-папку как локальный диск, выполните следующие действия: <br> - - + + <br>1. Install the latest version of <br>1. Установите последнюю версию - - + + <br>2. Install the latest version of <br>2. Установите последнюю версию - + Detailed instructions Подробные инструкции - - Remove SFTP and all data stored there - Удалить SFTP-хранилище со всеми данными - - - Remove SFTP and all data stored there? - Удалить SFTP-хранилище и все хранящиеся там данные? - - - Continue - Продолжить - - - Cancel - Отменить - PageServiceSocksProxySettings - + Settings updated successfully Настройки успешно обновлены - - + + SOCKS5 settings Настройки SOCKS5 - + Host Хост - - - - + + + + Copied Скопировано - - + + Port Порт - + User name Имя пользователя - - + + Password Пароль - + Username Имя пользователя - - + + Change connection settings Изменить настройки соединения - + The port must be in the range of 1 to 65535 Порт должен быть в диапазоне от 1 до 65535 - + Password cannot be empty Пароль не может быть пустым - + Username cannot be empty Имя пользователя не может быть пустым @@ -1298,96 +1436,80 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully Настройки успешно обновлены - + Tor website settings Настройки сайта в сети Тоr - + Website address Адрес сайта - + Copied Скопировано - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. Используйте <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> для открытия этой ссылки. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. Через несколько минут после установки ваш onion-сайт станет доступен в сети Tor. - + When configuring WordPress set the this onion address as domain. При настройке WordPress укажите этот onion-адрес в качестве домена. - - Remove website - Удалить сайт - - - The site with all data will be removed from the tor network. - Сайт со всеми данными будет удален из сети Tor. - - - Continue - Продолжить - - - Cancel - Отменить - PageSettings - + Settings Настройки - + Servers Серверы - + Connection Соединение - + Application Приложение - + Backup Резервное копирование - + About AmneziaVPN Об AmneziaVPN - + Dev console - + Dev console - + Close application Закрыть приложение @@ -1395,7 +1517,7 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia Поддержите Amnezia @@ -1404,168 +1526,512 @@ Already installed containers were found on the server. All installed containers Показать другие способы на GitHub - + Amnezia is a free and open-source application. You can support the developers if you like it. Amnezia — это бесплатное приложение с открытым исходным кодом. Поддержите разработчиков, если оно вам нравится. - + Contacts Контакты - + Telegram group Группа в Telegram - + To discuss features Для обсуждения возможностей - + https://t.me/amnezia_vpn_en https://t.me/amnezia_vpn - + support@amnezia.org - + support@amnezia.org - Mail - Почта - - - + For reviews and bug reports Для отзывов и сообщений об ошибках - - Copied - Скопировано + + mailto:support@amnezia.org + - + GitHub GitHub - + + Discover the source code + Посмотреть исходный код + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website Веб-сайт - https://amnezia.org - https://amnezia.org + + Visit official website + Посетить официальный сайт - + Software version: %1 Версия ПО: %1 - + Check for updates Проверить обновления - + Privacy Policy Политика конфиденциальности - PageSettingsApiServerInfo + PageSettingsApiAvailableCountries - - For the region - Для региона + + Location for connection + Страны для подключения - - Price - Цена + + Unable change server location while there is an active connection + Невозможно изменить локацию во время активного соединения + + + + PageSettingsApiDevices + + + Active Devices + Активные устройства - - Work period - Период работы + + Manage currently connected devices + Управление подключенными устройствами - - Speed - Скорость + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. + Вы можете найти support tag во вкладке «Поддержка» или, в более ранних версиях приложения, нажав «+» на нижней панели, а затем три точки вверху страницы. - - Support tag - + + (current device) + (текущее устройство) - - Copied - Скопировано + + Support tag: + Support tag: - - Reload API config - Перезагрузить конфигурацию API + + Last updated: + Последнее обновление: - - Reload API config? - Перезагрузить конфигурацию API? + + Cannot unlink device during active connection + Невозможно отвязать устройство во время активного соединения - - + + Are you sure you want to unlink this device? + Вы уверены, что хотите отвязать это устройство? + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing "Reload API config" in subscription settings on device. + Это отключит устройство от вашей подписки. Вы можете повторно подключить его в любое время, нажав "Перезагрузить конфигурацию API" в настройках подписки на устройстве. + + + Continue Продолжить - + + Cancel + Отменить + + + + PageSettingsApiInstructions + + + Windows + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows + + + + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + Как подключить другие устройства + + + + Setup guides on the Amnezia website + Инструкции по настройке + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + Сохранить конфигурацию AmneziaVPN + + + + Configuration Files + Файлы конфигурации + + + + For router setup or the AmneziaWG app + Для настройки роутера или приложения AmneziaWG + + + + The configuration needs to be reissued + Необходимо заново скачать конфигурацию и добавить ее в приложение + + + + configuration file + файл конфигурации + + + + Generate a new configuration file + Создать новый файл конфигурации + + + + The previously created one will stop working + Ранее созданный файл перестанет работать + + + + Revoke the current configuration file + Отозвать текущий файл конфигурации + + + + Config file saved + Файл конфигурации сохранен + + + + The config has been revoked + Конфигурация была отозвана + + + + Generate a new %1 configuration file? + Создать новый %1 файл конфигурации? + + + + Revoke the current %1 configuration file? + Отозвать текущий %1 файл конфигурации? + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + Ваш предыдущий файл конфигурации не будет работать, и вы больше не сможете использовать его для подключения + + + + Download + Скачать + + + + Continue + Продолжить + + + + Cancel + Отменить + + + + PageSettingsApiServerInfo + + + Configurations have been updated for some countries. Download and install the updated configuration files + Сетевые адреса одного или нескольких серверов были обновлены. Пожалуйста, удалите старые конфигурацию и загрузите новые файлы + + + + Amnezia Premium subscription key + Ключ подписки Amnezia Premium + + + + Copy VPN key + Скопировать VPN ключ + + + + Manage configuration files + Управление файлами конфигурации + + + + Subscription Status + Статус подписки + + + + Valid Until + Действительна до + + + + Active Connections + Активные соединения + + + Subscription Key + Ключ для подключения + + + + Save VPN key as a file + Сохранить VPN-ключ в файл + + + + Configuration Files + Файлы конфигурации + + + + Active Devices + Активные устройства + + + + Manage currently connected devices + Управление подключенными устройствами + + + + Support + Поддержка + + + + How to connect on another device + Как подключить другие устройства + + + + Reload API config + Перезагрузить конфигурацию API + + + + Reload API config? + Перезагрузить конфигурацию API? + + + + + + Continue + Продолжить + + + + + Cancel Отменить - + Cannot reload API config during active connection Невозможно перзагрузить API конфигурацию при активном соединении - + + Unlink this device + Отвязать это устройство + + + + Are you sure you want to unlink this device? + Вы уверены, что хотите отвязать это устройство? + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing "Reload API config" in subscription settings on device. + Это отключит устройство от вашей подписки. Вы можете повторно подключить его в любое время, нажав "Перезагрузить конфигурацию API" в настройках подписки на устройстве. + + + + Cannot unlink device during active connection + Невозможно отвязать устройство во время активного соединения + + + Remove from application Удалить из приложения - + Remove from application? Удалить из приложения? - + Cannot remove server during active connection Невозможно удалить сервер во время активного соединения + + PageSettingsApiSupport + + + Telegram + + + + + Email + Email + + + + Email Billing & Orders + По вопросам оплаты + + + + Website + Сайт + + + + Support + Поддержка + + + + Our technical support specialists are available to assist you at any time + Наши специалисты технической поддержки всегда готовы помочь вам. + + + + Support tag + + + + + Copied + Скопировано + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection Невозможно изменить настройки раздельного туннелирования во время активного соединения - + Only the apps from the list should have access via VPN Только приложения из списка должны работать через VPN @@ -1575,42 +2041,42 @@ Already installed containers were found on the server. All installed containers Приложения из списка не должны работать через VPN - + App split tunneling Раздельное туннелирование приложений - + Mode Режим - + Remove Удалить - + Continue Продолжить - + Cancel Отменить - + application name название приложения - + Open executable file Открыть исполняемый файл - + Executable files (*.*) Исполняемые файлы (*.*) @@ -1618,102 +2084,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application Приложение - + Allow application screenshots Разрешить скриншоты приложения - + Auto start Автозапуск - + Launch the application every time the device is starts Запускать приложение при загрузке устройства - + Auto connect Автоподключение - + Connect to VPN on app start Подключаться к VPN при запуске приложения - + Start minimized Запускать в свернутом виде - + Launch application minimized Запускать приложение в свернутом виде - + Language Язык - + Enable notifications Включить уведомления - + Enable notifications to show the VPN state in the status bar Включить уведомления для отображения статуса VPN в строке состояния - + Logging Логирование - + Enabled Включено - + Disabled Отключено - + Reset settings and remove all data from the application Сбросить настройки и удалить все данные из приложения - + Reset settings and remove all data from the application? Сбросить настройки и удалить все данные из приложения? - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. Все настройки будут сброшены до значений по умолчанию. Все установленные сервисы AmneziaVPN останутся на сервере. - + Continue Продолжить - + Cancel Отменить - + Cannot reset settings during active connection Невозможно сбросить настройки во время активного соединения @@ -1721,86 +2187,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - Backup - Резервное копирование - - - + Settings restored from backup file Настройки восстановлены из файла резервной копии - + Back up your configuration Создать резервную копию конфигурации - Configuration backup - Резервная копия конфигурации - - - + You can save your settings to a backup file to restore them the next time you install the application. Вы можете сохранить настройки в файл резервной копии, чтобы восстановить их при следующей установке приложения. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. Резервная копия будет содержать ваши пароли и закрытые ключи для всех серверов, добавленных в AmneziaVPN. Храните эту информацию в надежном месте. - + Make a backup Создать резервную копию - + Save backup file Сохранить резервную копию - - + + Backup files (*.backup) Файлы резервных копий (*.backup) - + Backup file saved Резервная копия сохранена - + Restore from backup Восстановить из резервной копии - + Open backup file Открыть резервную копию - + Import settings from a backup file? Импортировать настройки из резервной копии? - + All current settings will be reset Все текущие настройки будут сброшены - + Continue Продолжить - + Cancel Отменить - + Cannot restore backup settings during active connection Невозможно восстановить настройки из резервной копии во время активного соединения @@ -1808,250 +2266,368 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection Соединение - Auto connect - Автоподключение - - - Connect to VPN on app start - Подключение к VPN при запуске приложения - - - + Use AmneziaDNS Использовать AmneziaDNS - + If AmneziaDNS is installed on the server Если AmneziaDNS установлен на сервере - + DNS servers DNS-серверы - + When AmneziaDNS is not used or installed Когда AmneziaDNS не используется или не установлен - + Allows you to use the VPN only for certain Apps Позволяет использовать VPN только для определенных приложений - + KillSwitch KillSwitch - - Disables your internet if your encrypted VPN connection drops out for any reason. - Отключает ваше интернет-соединение, если ваше зашифрованное VPN-соединение по какой-либо причине прерывается. + + Blocks network connections without VPN + Блокирует интернет-соединение без VPN - - Cannot change killSwitch settings during active connection - Невозможно изменить настройки аварийного выключателя во время активного соединения - - - + Site-based split tunneling Раздельное туннелирование сайтов - + Allows you to select which sites you want to access through the VPN Позволяет выбирать, к каким сайтам подключаться через VPN - + App-based split tunneling Раздельное туннелирование приложений - - Allows you to use the VPN only for certain applications - Позволяет использовать VPN только для определённых приложений - PageSettingsDns - + Default server does not support custom DNS Сервер по умолчанию не поддерживает пользовательские DNS - + DNS servers DNS-серверы - When AmneziaDNS is not used or installed - Когда AmneziaDNS не используется или не установлен - - - + If AmneziaDNS is not used or installed Если AmneziaDNS не используется или не установлен - + Primary DNS Первичный DNS - + Secondary DNS Вторичный DNS - + Restore default Восстановить по умолчанию - + Restore default DNS settings? Восстановить настройки DNS по умолчанию? - + Continue Продолжить - + Cancel Отменить - + Settings have been reset - Настройки сброшены + Настройки были сброшены - + Save Сохранить - + Settings saved Настройки сохранены - PageSettingsLogging + PageSettingsKillSwitch - Logging is enabled. Note that logs will be automatically disabled after 14 days, and all log files will be deleted. - Логирование включено. Обратите внимание, что логирование будет автоматически отключено через 14 дней, и все логи будут удалены. + + KillSwitch + KillSwitch - - Logging - Логирование + + Enable to ensure network traffic goes through a secure VPN tunnel, preventing accidental exposure of your IP and DNS queries if the connection drops + Включите, чтобы весь сетевой трафик проходил только через безопасный VPN-туннель. Это предотвратит случайное раскрытие вашего IP-адреса и DNS-запросов при разрыве соединения - - Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. - Включение этой функции позволяет сохранять логи на вашем устройстве. По умолчанию она отключена. Включите сохранение логов в случае сбоев в работе приложения. + + KillSwitch settings cannot be changed during an active connection + Настройки KillSwitch нельзя изменить во время активного подключения - Save logs - Сохранять логи + + Soft KillSwitch + Soft KillSwitch - Open folder with logs - Открыть папку с логами + + Internet access is blocked if the VPN disconnects unexpectedly + Доступ в интернет блокируется при разрыве VPN-соединения - - - Save - Сохранить + + Strict KillSwitch + Strict KillSwitch - - - Logs files (*.log) - Файлы логов (*.log) + + Internet connection is blocked even when VPN is turned off manually or hasn't started + Доступ в интернет блокируется, даже если VPN отключен вручную или не был запущен - - - Logs file saved - Файл с логами сохранен + + Just a little heads-up + Небольшое предупреждение - Save logs to file - Сохранить логи в файл + + If the VPN disconnects or drops while Strict KillSwitch is enabled, internet access will be blocked. To restore access, reconnect VPN or disable/change the KillSwitch. + Если VPN отключится или соединение прервётся при включённом Strict KillSwitch, доступ в интернет будет заблокирован. Чтобы восстановить доступ, снова подключитесь к VPN или отключите (измените) режим KillSwitch. - - Enable logs - - - - - Clear logs? - Очистить логи? - - - + Continue Продолжить - + Cancel Отменить - + + DNS Exceptions + Исключения для DNS + + + + DNS servers listed here will remain accessible when KillSwitch is active. + DNS-серверы из этого списка останутся доступными при активном KillSwitch. + + + + PageSettingsKillSwitchExceptions + + + DNS Exceptions + Исключения для DNS + + + DNS servers listed here will be excluded from KillSwitch restrictions and remain accessible when KillSwitch is active. + Перечисленные DNS-серверы будут исключены из ограничений KillSwitch и останутся доступными при активном KillSwitch. + + + DNS servers from the list will remain accessible when KillSwitch is triggered + DNS-серверы из этого списка будут исключены из ограничений KillSwitch и останутся доступными при активном KillSwitch. + + + + DNS servers listed here will remain accessible when KillSwitch is active + DNS-серверы из этого списка останутся доступными при активном KillSwitch + + + + Delete + Удалить + + + + Continue + Продолжить + + + + Cancel + Отменить + + + + IPv4 address + IPv4 адрес + + + + Import / Export addresses + Импорт / Экспорт адресов + + + + Import + Импорт + + + + Save address list + Сохранить список адресов + + + + Save addresses + Сохранить адреса + + + + + + Address files (*.json) + Файлы адресов (*.json) + + + + Import address list + Импорт списка адресов + + + + Replace address list + Заменить список адресов + + + + + Open address file + Открыть файл адресов + + + + Add imported addresses to existing ones + Добавить импортированные адреса к существующим + + + + PageSettingsLogging + + + Logging + Логирование + + + + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. + Включение этой функции позволяет сохранять логи на вашем устройстве. По умолчанию она отключена. Включите сохранение логов в случае сбоев в работе приложения. + + + + + Save + Сохранить + + + + + Logs files (*.log) + Файлы логов (*.log) + + + + + Logs file saved + Файл с логами сохранен + + + + Enable logs + Включить запись логов + + + + Clear logs? + Очистить логи? + + + + Continue + Продолжить + + + + Cancel + Отменить + + + Logs have been cleaned up Логи очищены - + Client logs - + Логи приложения - + AmneziaVPN logs - + AmneziaVPN logs - - + Open logs folder - + Открыть папку с логами - - + Export logs - + Сохранить логи - + Service logs - + Логи службы - + AmneziaVPN-service logs - + AmneziaVPN-service logs - + Clear logs Очистить логи @@ -2063,166 +2639,132 @@ Already installed containers were found on the server. All installed containers All installed containers have been added to the application Все установленные протоколы и сервисы были добавлены в приложение - - Clear Amnezia cache - Очистить кэш Amnezia - - - May be needed when changing other settings - Может понадобиться при изменении других настроек - - - Clear cached profiles? - Удалить кэш Amnezia? - No new installed containers found Новые установленные протоколы и сервисы не обнаружены - - - - - - - - - + + + + Continue Продолжить - - - - + + + + Cancel Отменить - + Check the server for previously installed Amnezia services Проверить сервер на наличие ранее установленных сервисов Amnezia - + Add them to the application if they were not displayed Добавить их в приложение, если они не отображаются - + Reboot server Перезагрузить сервер - + Do you want to reboot the server? Вы уверены, что хотите перезагрузить сервер? - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? Процесс перезагрузки может занять около 30 секунд. Вы уверены, что хотите продолжить? - + Cannot reboot server during active connection Невозможно перезагрузить сервер во время активного соединения - + Do you want to remove the server from application? Вы уверены, что хотите удалить сервер из приложения? - + Cannot remove server during active connection Невозможно удалить сервер во время активного соединения - + Do you want to clear server from Amnezia software? Вы хотите очистить сервер от всех сервисов Amnezia? - + All users whom you shared a connection with will no longer be able to connect to it. Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - + Cannot clear server from Amnezia software during active connection Невозможно очистить сервер от сервисов Amnezia во время активного соединения - + Reset API config Сбросить конфигурацию API - + Do you want to reset API config? Вы хотите сбросить конфигурацию API? - + Cannot reset API config during active connection Невозможно сбросить конфигурацию API во время активного соединения - + + Switch to the new Amnezia Premium subscription + Перейти на новый тип подписки Amnezia Premium + + + Remove server from application Удалить сервер из приложения - Remove server? - Удалить сервер? - - - + All installed AmneziaVPN services will still remain on the server. Все установленные сервисы и протоколы Amnezia останутся на сервере. - + Clear server from Amnezia software Очистить сервер от протоколов и сервисов Amnezia - - Clear server from Amnezia software? - Удалить все сервисы и протоколы Amnezia с сервера? - - - All containers will be deleted on the server. This means that configuration files, keys and certificates will be deleted. - На сервере будут удалены все данные, связанные с Amnezia: протоколы, сервисы, конфигурационные файлы, ключи и сертификаты. - PageSettingsServerInfo - - Server name - Имя сервера - - - - Save - Сохранить - - - + Protocols Протоколы - + Services Сервисы - + Management Управление @@ -2234,87 +2776,74 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings настройки - Clear %1 profile - Очистить профиль %1 - - - + Clear %1 profile? Очистить профиль %1? - - - - - - + connection settings - + настройки подключения - + Click the "connect" button to create a connection configuration - + Нажмите кнопку «Подключиться», чтобы создать конфигурацию - + server settings - + настройки сервера - + Clear profile - + Очистить профиль - + The connection configuration will be deleted for this device only - + Конфигурация подключения будет удалена только на этом устройстве - + Unable to clear %1 profile while there is an active connection Невозможно очистить профиль %1 во время активного соединения - + Remove Удалить - + Remove %1 from server? Удалить %1 с сервера? - + All users with whom you shared a connection will no longer be able to connect to it. Все пользователи, с которыми вы поделились конфигурацией вашего VPN, больше не смогут к нему подключаться. - + Cannot remove active container Невозможно удалить активный контейнер - All users who you shared a connection with will no longer be able to connect to it. - Все пользователи, с которыми вы поделились VPN, больше не смогут к нему подключаться. - - - - + + Continue Продолжить - - + + Cancel Отменить @@ -2322,7 +2851,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers Серверы @@ -2330,7 +2859,7 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function Сервер по умолчанию не поддерживает раздельное туннелирование @@ -2339,99 +2868,95 @@ Already installed containers were found on the server. All installed containers Только адреса из списка должны открываться через VPN - + Addresses from the list should not be accessed via VPN Адреса из списка не должны открываться через VPN - + Split tunneling - Раздельное туннелирование + Раздельное туннелирование сайтов - + Mode Режим - + Remove Удалить - + Continue Продолжить - + Cancel Отменить - Website or IP - Сайт или IP - - - + Import / Export Sites Импорт/экспорт сайтов - + Only the sites listed here will be accessed through the VPN Только адреса из списка должны открываться через VPN - + Cannot change split tunneling settings during active connection Невозможно изменить настройки раздельного туннелирования во время активного соединения - + website or IP веб-сайт или IP - + Import Импорт - + Save site list Сохранить список сайтов - + Save sites Сохранить сайты - - - + + + Sites files (*.json) Файлы сайтов (*.json) - + Import a list of sites Импортировать список с сайтами - + Replace site list Заменить список с сайтами - - + + Open sites file Открыть список с сайтами - + Add imported sites to existing ones Добавить импортированные сайты к существующим @@ -2439,32 +2964,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region Для региона - + Price Цена - + Work period Период работы - + Speed Скорость - + Features Особенности - + Connect Подключиться @@ -2472,12 +2997,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia VPN от Amnezia - + Choose a VPN service that suits your needs. Выберите VPN-сервис, который подходит именно вам. @@ -2485,214 +3010,208 @@ Already installed containers were found on the server. All installed containers PageSetupWizardConfigSource - Server connection - Подключение к серверу - - - Do not use connection code from public sources. It may have been created to intercept your data. - -It's okay as long as it's from someone you trust. - Не используйте код подключения из публичных источников. Его могли создать, чтобы перехватить ваши данные. - -Всё в порядке, если кодом поделился пользователь, которому вы доверяете. - - - Do not use connection codes from untrusted sources, as they may be created to intercept your data. - Не используйте коды подключения из ненадежных источников, так как они могут быть созданы для перехвата ваших данных. - - - What do you have? - Что у вас есть? - - - + File with connection settings Файл с настройками подключения - File with connection settings or backup - Файл с настройками подключения или резервной копией - - - + Connection Соединение - + Settings - Настройки + Настройки - + Enable logs - + Включить запись логов - + + Export client logs + Экспорт логов клиента + + + + Save + Сохранить + + + + Logs files (*.log) + Файлы логов (*.log) + + + + Logs file saved + Файл с логами сохранен + + + + Support tag + Support tag + + + + Copied + Скопировано + + + Insert the key, add a configuration file or scan the QR-code Вставьте ключ, добавьте файл конфигурации или отсканируйте QR-код - + Insert key Вставьте ключ - + Insert Вставить - + Continue Продолжить - + Other connection options Другие варианты подключения - + + Site Amnezia + Сайт Amnezia + + + VPN by Amnezia VPN от Amnezia - + Connect to classic paid and free VPN services from Amnezia Подключайтесь к классическим платным и бесплатным VPN-сервисам от Amnezia - + Self-hosted VPN Self-hosted VPN - + Configure Amnezia VPN on your own server Настроить VPN на собственном сервере - + Restore from backup Восстановить из резервной копии - + + + + + + + + + Open backup file Открыть резервную копию - + Backup files (*.backup) Файлы резервных копий (*.backup) - + Open config file Открыть файл с конфигурацией - + QR code QR-код - + I have nothing У меня ничего нет - - Key as text - Ключ в виде текста - PageSetupWizardCredentials - Server connection - Подключение к серверу - - - + Server IP address [:port] IP-адрес[:порт] сервера - 255.255.255.255:88 - 255.255.255.255:88 - - - Password / SSH private key - Password / SSH private key - - - + Continue Продолжить - All data you enter will remain strictly confidential -and will not be shared or disclosed to the Amnezia or any third parties - Все данные, которые вы вводите, останутся строго конфиденциальными и не будут переданы или раскрыты Amnezia или каким-либо третьим лицам - - - + Enter the address in the format 255.255.255.255:88 Введите адрес в формате 255.255.255.255:88 - Login to connect via SSH - Login to connect via SSH - - - + Configure your server Настроить ваш сервер - + 255.255.255.255:22 255.255.255.255:22 - + SSH Username Имя пользователя SSH - + Password or SSH private key Пароль или закрытый ключ SSH - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties Все данные, которые вы вводите, останутся строго конфиденциальными и не будут переданы или раскрыты Amnezia или каким-либо третьим лицам - + How to run your VPN server Как создать VPN на собственном сервере - + Where to get connection data, step-by-step instructions for buying a VPS Где взять данные для подключения, пошаговые инструкции по покупке VPS - + Ip address cannot be empty Поле с IP-адресом не может быть пустым - + Login cannot be empty Поле с логином не может быть пустым - + Password/private key cannot be empty Поле с паролем/закрытым ключом не может быть пустым @@ -2700,37 +3219,30 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardEasy - - What is the level of internet control in your region? - Какой уровень контроля над интернетом в вашем регионе? + + Choose Installation Type + Выберите тип установки - + + Manual + Ручная + + + Choose a VPN protocol - Выберите VPN-протокол + Выбрать VPN-протокол - + Skip setup Пропустить настройку - Set up a VPN yourself - Настроить VPN самостоятельно - - - I want to choose a VPN protocol - Выбрать VPN-протокол - - - + Continue Продолжить - - Set up later - Настроить позднее - PageSetupWizardInstalling @@ -2774,37 +3286,37 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocolSettings - + Installing %1 Устанавливается %1 - + More detailed Подробнее - + Close Закрыть - + Network protocol Сетевой протокол - + Port Порт - + Install Установить - + The port must be in the range of 1 to 65535 Порт должен быть в диапазоне от 1 до 65535 @@ -2812,12 +3324,12 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocols - + VPN protocol VPN-протокол - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. Выберите протокол, который вам больше подходит. В дальнейшем можно установить другие протоколы и дополнительные сервисы, такие как DNS-прокси и SFTP. @@ -2833,31 +3345,7 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardStart - Settings restored from backup file - Настройки восстановлены из резервной копии - - - Free service for creating a personal VPN on your server. - Простое и бесплатное приложение для запуска собственного VPN на своем сервере. - - - Helps you access blocked content without revealing your privacy, even to VPN providers. - Помогает получить доступ к заблокированному контенту, не раскрывая вашу конфиденциальность даже провайдерам VPN. - - - I have the data to connect - У меня есть данные для подключения - - - I have nothing - У меня ничего нет - - - https://amnezia.org/instructions/0_starter-guide - https://amnezia.org/ru/starter-guide - - - + Let's get started Приступим @@ -2865,27 +3353,27 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardTextKey - + Connection key Ключ для подключения - + A line that starts with vpn://... Строка, которая начинается с vpn://... - + Key Ключ - + Insert Вставить - + Continue Продолжить @@ -2893,36 +3381,32 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardViewConfig - + New connection Новое соединение - Do not use connection code from public sources. It could be created to intercept your data. - Не используйте код подключения из публичных источников. Его могли создать, чтобы перехватить ваши данные. - - - + Collapse content Свернуть - + Show content Показать - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. Включить обфускацию WireGuard. Это может быть полезно, если WireGuard блокируется вашим провайдером. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. Используйте файлы конфигурации только из тех источников, которым вы доверяете. Файлы из общедоступных источников могли быть созданы с целью перехвата ваших личных данных. - + Connect Подключиться @@ -2930,231 +3414,212 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShare - + OpenVPN native format Оригинальный формат OpenVPN - + WireGuard native format Оригинальный формат WireGuard - VPN Access - VPN-Доступ - - - + Connection Соединение - VPN access without the ability to manage the server - Доступ к VPN без возможности управления сервером - - - Access to server management. The user with whom you share full access to the connection will be able to add and remove your protocols and services to the server, as well as change settings. - Доступ к управлению сервером. Пользователь, с которым вы делитесь полным доступом к соединению, сможет добавлять и удалять ваши протоколы и службы на сервере, а также изменять настройки. - - - - + + Server Сервер - Accessing - Доступ - - - + Config revoked Конфигурация отозвана - + Connection to Подключение к - + File with connection settings to Файл с настройками подключения к - + Save OpenVPN config Сохранить конфигурацию OpenVPN - + Save WireGuard config Сохранить конфигурацию WireGuard - + Save AmneziaWG config Сохранить конфигурацию AmneziaWG - + Save Shadowsocks config Сохранить конфигурацию Shadowsocks - + Save Cloak config Сохранить конфигурацию Cloak - + Save XRay config Сохранить конфигурацию XRay - + For the AmneziaVPN app Для приложения AmneziaVPN - + AmneziaWG native format Оригинальный формат AmneziaWG - + Shadowsocks native format Оригинальный формат Shadowsocks - + Cloak native format Оригинальный формат Cloak - + XRay native format Оригинальный формат XRay - + Share VPN Access Поделиться VPN - + Share full access to the server and VPN Поделиться полным доступом к серверу и VPN - + Use for your own devices, or share with those you trust to manage the server. Используйте для собственных устройств или передайте управление сервером тем, кому вы доверяете. - - + + Users Пользователи - + User name Имя пользователя - + Search Поиск - + Creation date: %1 Дата создания: %1 - + Latest handshake: %1 Последнее рукопожатие: %1 - + Data received: %1 Получено данных: %1 - + Data sent: %1 Отправлено данных: %1 - Creation date: - Дата создания: + + Allowed IPs: %1 + Разрешенные подсети: %1 - + Rename Переименовать - + Client name Имя клиента - + Save Сохранить - + Revoke Отозвать - + Revoke the config for a user - %1? Отозвать конфигурацию для пользователя - %1? - + The user will no longer be able to connect to your server. Пользователь больше не сможет подключаться к вашему серверу. - + Continue Продолжить - + Cancel Отменить - Full access - Полный доступ - - - + Share VPN access without the ability to manage the server Поделиться доступом к VPN без возможности управления сервером - - + + Protocol Протокол - - + + Connection format Формат подключения - - + + Share Поделиться @@ -3162,55 +3627,55 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShareFullAccess - + Full access to the server and VPN Полный доступ к серверу и VPN - + We recommend that you use full access to the server only for your own additional devices. Мы рекомендуем использовать полный доступ к серверу только для собственных устройств. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. Если вы поделитесь полным доступом с другими людьми, то они смогут удалять и добавлять протоколы и сервисы на сервер, что приведет к некорректной работе VPN для всех пользователей. - - + + Server Сервер - + Accessing Доступ - + File with accessing settings to Файл с настройками доступа к - + Share Поделиться - + Access error! - Ошибка доступа! + Ошибка доступа! - + Connection to Подключение к - + File with connection settings to Файл с настройками подключения к @@ -3218,25 +3683,25 @@ and will not be shared or disclosed to the Amnezia or any third parties PageStart - + Logging was disabled after 14 days, log files were deleted Логирование было отключено по прошествии 14 дней, файлы логов были удалены. - + Settings restored from backup file Настройки восстановлены из бэкап файла - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. - + Логирование включено. Обратите внимание, что через 14 дней оно будет автоматически отключено, а все файлы логов будут удалены. PopupType - + Close Закрыть @@ -3483,10 +3948,6 @@ and will not be shared or disclosed to the Amnezia or any third parties No error Нет ошибки - - Unknown Error - Неизвестная ошибка - Function not implemented @@ -3498,258 +3959,279 @@ and will not be shared or disclosed to the Amnezia or any third parties Фоновая служба не запущена - + + The selected protocol is not supported on the current platform + Выбранный протокол не поддерживается на данном устройстве + + + Server check failed Проверка сервера завершилась неудачей - + Server port already used. Check for another software Порт сервера уже используется. Проверьте наличие другого ПО - + Server error: Docker container missing Ошибка сервера: отсутствует Docker-контейнер - + Server error: Docker failed Ошибка сервера: сбой в работе Docker - + Installation canceled by user Установка отменена пользователем - - The user does not have permission to use sudo - У пользователя нет прав на использование sudo + + The user is not a member of the sudo group + Пользователь не входит в группу sudo - - Server error: Packet manager error - Ошибка сервера: ошибка менеджера пакетов + + Server error: Package manager error + Ошибка сервера: Ошибка менеджера пакетов + + + + The sudo package is not pre-installed on the server + Пакет sudo не установлен на сервере по умолчанию + The server user's home directory is not accessible + Домашний каталог пользователя сервера недоступен + + + + Action not allowed in sudoers + Действие не разрешено в sudoers + + + + The user's password is required + Требуется пароль пользователя + + + + Docker error: runc doesn't work on cgroups v2 + Docker error: runc не работает на cgroups v2 + + + + Server error: cgroup mountpoint does not exist + Server error: cgroup mountpoint не существует + + + SSH request was denied SSH-запрос был отклонён - + SSH request was interrupted SSH-запрос был прерван - + SSH internal error Внутренняя ошибка SSH - + Invalid private key or invalid passphrase entered Введен неверный закрытый ключ или неверная парольная фраза - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types Выбранный формат закрытого ключа не поддерживается, используйте типы ключей openssh ED25519 или PEM - + Timeout connecting to server Тайм-аут подключения к серверу - + SCP error: Generic failure Ошибка SCP: общий сбой - Sftp error: End-of-file encountered - Sftp error: End-of-file encountered - - - Sftp error: File does not exist - Sftp error: File does not exist - - - Sftp error: Permission denied - Sftp error: Permission denied - - - Sftp error: Generic failure - Sftp error: Generic failure - - - Sftp error: Garbage received from server - Sftp error: Garbage received from server - - - Sftp error: No connection has been set up - Sftp error: No connection has been set up - - - Sftp error: There was a connection, but we lost it - Sftp error: There was a connection, but we lost it - - - Sftp error: Operation not supported by libssh yet - Sftp error: Operation not supported by libssh yet - - - Sftp error: Invalid file handle - Sftp error: Invalid file handle - - - Sftp error: No such file or directory path exists - Sftp error: No such file or directory path exists - - - Sftp error: An attempt to create an already existing file or directory has been made - Sftp error: An attempt to create an already existing file or directory has been made - - - Sftp error: Write-protected filesystem - Sftp error: Write-protected filesystem - - - Sftp error: No media was in remote drive - Sftp error: No media was in remote drive - - - + The config does not contain any containers and credentials for connecting to the server Конфигурация не содержит каких-либо контейнеров и учетных данных для подключения к серверу - + + Error when retrieving configuration from API Ошибка при получении конфигурации из API - + This config has already been added to the application Данная конфигурация уже была добавлена в приложение + + + A migration error has occurred. Please contact our technical support + Произошла ошибка миграции. Обратитесь в нашу техническую поддержку + + Please update the application to use this feature + Пожалуйста, обновите приложение, чтобы использовать эту функцию + + + ErrorCode: %1. Код ошибки: %1. - Failed to save config to disk - Failed to save config to disk - - - + OpenVPN config missing Отсутствует конфигурация OpenVPN - + OpenVPN management server error Серверная ошибка управлением OpenVPN - + OpenVPN executable missing Отсутствует исполняемый файл OpenVPN - + Shadowsocks (ss-local) executable missing Отсутствует исполняемый файл Shadowsocks (ss-local) - + Cloak (ck-client) executable missing Отсутствует исполняемый файл Cloak (ck-client) - + Amnezia helper service error Ошибка вспомогательной службы Amnezia - + OpenSSL failed Ошибка OpenSSL - + Can't connect: another VPN connection is active Невозможно подключиться: активно другое VPN-соединение - + Can't setup OpenVPN TAP network adapter Невозможно настроить сетевой адаптер OpenVPN TAP - + VPN pool error: no available addresses Ошибка пула VPN: нет доступных адресов - + + Unable to open config file + Не удалось открыть файл конфигурации + + + + VPN Protocols is not installed. + Please install VPN container at first + VPN-протоколы не установлены. + Пожалуйста, установите протокол + + + VPN connection error Ошибка VPN-соединения - + In the response from the server, an empty config was received В ответе от сервера была получена пустая конфигурация - + SSL error occurred Произошла ошибка SSL - + Server response timeout on api request Тайм-аут ответа сервера на запрос API - + Missing AGW public key - + Отсутствует публичный ключ AGW - + + Failed to decrypt response payload + + + + + Missing list of available services + Отсутствует список доступных сервисов + + + + The limit of allowed configurations per subscription has been exceeded + Превышен лимит разрешенных конфигураций для одной подписки + + + A migration has error occurred. Please contact our technical support + Произошла ошибка миграции. Обратитесь в нашу техническую поддержку + + + QFile error: The file could not be opened Ошибка QFile: не удалось открыть файл - + QFile error: An error occurred when reading from the file Ошибка QFile: произошла ошибка при чтении из файла - + QFile error: The file could not be accessed Ошибка QFile: не удалось получить доступ к файлу - + QFile error: An unspecified error occurred Ошибка QFile: произошла неизвестная ошибка - + QFile error: A fatal error occurred Ошибка QFile: произошла фатальная ошибка - + QFile error: The operation was aborted Ошибка QFile: операция была прервана - + Internal error Внутренняя ошибка @@ -3759,118 +4241,66 @@ and will not be shared or disclosed to the Amnezia or any third parties IPsec - - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - Shadowsocks маскирует VPN-трафик под обычный веб-трафик, но распознается системами анализа в некоторых регионах с высоким уровнем цензуры. - - - - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - OpenVPN over Cloak — это OpenVPN с маскировкой VPN-трафика под обычный веб-трафик и защитой от обнаружения активным зондированием. Подходит для регионов с самым высоким уровнем цензуры. - - - + IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. IKEv2/IPsec — современный стабильный протокол, немного быстрее других, восстанавливает соединение после потери сигнала. Он имеет встроенную поддержку в последних версиях Android и iOS. - + Create a file vault on your server to securely store and transfer files. Создайте на сервере файловое хранилище для безопасного хранения и передачи файлов. - - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. + + AmneziaWG is a modern VPN protocol based on WireGuard, combining simplified architecture with high performance across all devices. It addresses WireGuard's main vulnerability (easy detection by DPI systems) through advanced obfuscation techniques, making VPN traffic indistinguishable from regular internet traffic. -OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. +AmneziaWG is an excellent choice for those seeking a fast, stealthy VPN connection. -Cloak protects OpenVPN from detection and blocking. +Features: +* Available on all AmneziaVPN platforms +* Low battery consumption on mobile devices +* Minimal settings required +* Undetectable by traffic analysis systems (DPI) +* Operates over UDP protocol + AmneziaWG — современный VPN-протокол на основе WireGuard, сочетающий простую архитектуру и высокую производительность на всех устройствах. Он устраняет основной недостаток WireGuard (лёгкое обнаружение трафика системами DPI) за счёт эффективного маскирования VPN-трафика под обычный интернет-трафик. -Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected +Таким образом, AmneziaWG идеально подойдёт тем, кто ищет быстрое и незаметное VPN-соединение. -Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. - -If there is a extreme level of Internet censorship in your region, we advise you to use only OpenVPN over Cloak from the first connection - -* Available in the AmneziaVPN across all platforms -* High power consumption on mobile devices -* Flexible settings -* Not recognised by DPI analysis systems -* Works over TCP network protocol, 443 port. - - Это связка протокола OpenVPN и плагина Cloak, разработанная специально для защиты от блокировки. - -OpenVPN обеспечивает безопасное VPN-соединение, шифруя весь интернет-трафик между клиентом и сервером. - -Cloak защищает OpenVPN от обнаружения и блокировки. - -Cloak изменяет метаданные пакетов таким образом, что полностью маскирует VPN-трафик под обычный веб-трафик, а также защищает VPN от обнаружения с помощью активного зондирования. Это делает его очень защищенным от обнаружения. - -Сразу после получения первого пакета данных Cloak устанавливает подлинность входящего соединения. Если аутентификация не проходит, плагин маскирует сервер под фальшивый веб-сайт, и ваш VPN становится невидимым для систем анализа трафика. - -Если в вашем регионе наблюдается жесткая интернет-цензура, мы советуем вам уже при первом подключении использовать только OpenVPN over Cloak. - -* Доступен в AmneziaVPN на всех платформах -* Высокое энергопотребление на мобильных устройствах -* Гибкие настройки -* Не распознается системами DPI-анализа -* Работает по сетевому протоколу TCP, использует порт 443 - - - - A relatively new popular VPN protocol with a simplified architecture. -WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. -WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. - -* Available in the AmneziaVPN across all platforms -* Low power consumption -* Minimum number of settings -* Easily recognised by DPI analysis systems, susceptible to blocking -* Works over UDP network protocol. - Относительно новый и популярный VPN-протокол с простой архитектурой. -WireGuard обеспечивает стабильное VPN-соединение и высокую производительность на всех устройствах. Он использует строго заданные настройки шифрования. WireGuard по сравнению с OpenVPN имеет меньшую задержку и лучшую пропускную способность при передаче данных. -WireGuard очень уязвим для блокировки из-за характерных сигнатур пакетов. В отличие от некоторых других VPN-протоколов, использующих методы обфускации, последовательные сигнатуры пакетов WireGuard легче идентифицируются и, следовательно, могут блокироваться современными Deep Packet Inspection (DPI) системами и другими инструментами для сетевого мониторинга. - -* Доступен в AmneziaVPN на всех платформах +Особенности: +* Доступен во всех версиях AmneziaVPN * Низкое энергопотребление на мобильных устройствах -* Минимальная конфигурация -* Легко распознается системами DPI-анализа, поддается блокировке -* Работает по сетевому протоколу UDP +* Минимум настроек +* Незаметен для систем анализа трафика (DPI) +* Работает по протоколу UDP + - - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. -It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. -This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. -Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - Протокол REALITY, новаторская разработка создателей XRay, специально спроектирован для противодействия самой строгой цензуре с помощью нового способа обхода блокировок. -Он уникальным образом идентифицирует цензоров на этапе TLS-рукопожатия, беспрепятственно работая в качестве прокси для реальных клиентов и перенаправляя цензоров на реальные сайты, такие как google.com, тем самым предъявляя подлинный TLS-сертификат и данные. -REALITY отличается от аналогичных технологий благодаря способности без специальной настройки маскировать веб-трафик так, как будто он поступает со случайных легитимных сайтов. -В отличие от более старых протоколов, таких как VMess, VLESS и транспорт XTLS-Vision, технология распознавания "друг или враг" на этапе TLS-рукопожатия повышает безопасность и обходит обнаружение сложными системами DPI-анализа, которые используют методы активного зондирования. Это делает REALITY эффективным решением для поддержания свободы интернета в регионах с жесткой цензурой. - - - - IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. -One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. -While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. + + REALITY is an innovative protocol developed by the creators of XRay, designed specifically to combat high levels of internet censorship. REALITY identifies censorship systems during the TLS handshake, redirecting suspicious traffic seamlessly to legitimate websites like google.com while providing genuine TLS certificates. This allows VPN traffic to blend indistinguishably with regular web traffic without special configuration. +Unlike older protocols such as VMess, VLESS, and XTLS-Vision, REALITY incorporates an advanced built-in "friend-or-foe" detection mechanism, effectively protecting against DPI and other traffic analysis methods. -* Available in the AmneziaVPN only on Windows -* Low power consumption, on mobile devices -* Minimal configuration -* Recognised by DPI analysis systems -* Works over UDP network protocol, ports 500 and 4500. - IKEv2 в сочетании с уровнем шифрования IPSec представляет собой современный и стабильный VPN-протокол. -Он может быстро переключаться между сетями и устройствами, что делает его особенно адаптивным в динамичных сетевых средах. -Несмотря на сочетание безопасности, стабильности и скорости, необходимо отметить, что IKEv2 легко обнаруживается и подвержен блокировке. +Features: +* Resistant to active probing and DPI detection +* No special configuration required to disguise traffic +* Highly effective in heavily censored regions +* Minimal battery consumption on devices +* Operates over TCP protocol + REALITY — это инновационный протокол от разработчиков XRay, специально созданный для эффективного противодействия жесткой интернет-цензуре. -* Доступен в AmneziaVPN только для Windows -* Низкое энергопотребление на мобильных устройствах -* Минимальная конфигурация -* Распознается системами DPI-анализа -* Работает по сетевому протоколу UDP, использует порты 500 и 4500 +REALITY распознаёт системы блокировки во время TLS-рукопожатия и незаметно перенаправляет подозрительные запросы на реальные сайты, такие как google.com, предъявляя подлинные TLS-сертификаты. Это позволяет маскировать VPN-трафик под обычный веб-трафик без дополнительных настроек. + +В отличие от протоколов старого поколения (VMess, VLESS и XTLS-Vision), REALITY использует встроенную технологию распознавания «свой-чужой», надёжно защищая от DPI и других методов сетевого анализа. + +Особенности: +* Устойчив к активному зондированию и DPI-системам +* Не требует специальной настройки для маскировки трафика +* Эффективен в регионах с жесткой цензурой +* Минимальное энергопотребление на устройствах +* Работает по протоколу TCP + - + DNS Service Сервис DNS @@ -3881,7 +4311,7 @@ While it offers a blend of security, stability, and speed, it's essential t - + Website in Tor network Веб-сайт в сети Tor @@ -3896,80 +4326,178 @@ While it offers a blend of security, stability, and speed, it's essential t OpenVPN — самый популярный VPN-протокол с гибкой настройкой. Имеет собственный протокол безопасности с SSL/TLS для обмена ключами. - - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - WireGuard — новый популярный VPN-протокол с высокой производительностью, высокой скоростью и низким энергопотреблением. Рекомендуется для регионов с низким уровнем цензуры. + + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + Shadowsocks маскирует VPN-трафик, делая его похожим на обычный веб-трафик, но он все равно может быть обнаружен некоторыми системами анализа. - - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG — специальный протокол от Amnezia, основанный на протоколе WireGuard. Он такой же быстрый, как WireGuard, но очень устойчив к блокировкам. Рекомендуется для регионов с высоким уровнем цензуры. + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + OpenVPN over Cloak — OpenVPN с маскировкой под веб-трафик , а также с защитой от обнаружения и систем анализа трафика. Он очень устойчив к обнаружению, но имеет низкую скорость работы в сравнении с другими похожими протоколами. - - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - XRay with REALITY подойдет для стран с самым высоким уровнем цензуры. Маскировка трафика под веб-трафик на уровне TLS и защита от обнаружения методами активного зондирования. + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + WireGuard — популярный VPN-протокол с высокой производительностью, высокой скоростью и низким энергопотреблением. - IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. - IKEv2/IPsec — современный стабильный протокол, немного быстрее других, восстанавливает соединение после потери сигнала. + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + AmneziaWG — специальный протокол от Amnezia, основанный на WireGuard. Он обеспечивает высокую скорость соединения и гарантирует стабильную работу даже в самых сложных условиях. - + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + XRay с REALITY маскирует VPN-трафик под веб-трафик. Обладает высокой устойчивостью к обнаружению и обеспечивает высокую скорость соединения. + + + + + + + + + OpenVPN is one of the most popular and reliable VPN protocols. It uses SSL/TLS encryption, supports a wide variety of devices and operating systems, and is continuously improved by the community due to its open-source nature. It provides a good balance between speed and security but is easily recognized by DPI systems, making it susceptible to blocking. + +Features: +* Available on all AmneziaVPN platforms +* Normal battery consumption on mobile devices +* Flexible customization for various devices and OS +* Operates over both TCP and UDP protocols + OpenVPN — один из самых популярных и надежных VPN-протоколов. Он использует шифрование SSL/TLS, совместим со множеством устройств и ОС, а благодаря открытому коду постоянно совершенствуется сообществом. Имеет хороший баланс скорости и безопасности, но легко распознаётся системами DPI, что делает его уязвимым к блокировкам. + +Особенности: +* Доступен во всех приложениях AmneziaVPN +* Нормальное энергопотребление на мобильных устройствах +* Гибкие настройки под разные устройства и ОС +* Работает по TCP и UDP + + + + Shadowsocks is based on the SOCKS5 protocol and encrypts connections using AEAD cipher. Although designed to be discreet, it doesn't mimic a standard HTTPS connection and can be detected by some DPI systems. Due to limited support in Amnezia, we recommend using the AmneziaWG protocol. + +Features: +* Available in AmneziaVPN only on desktop platforms +* Customizable encryption protocol +* Detectable by some DPI systems +* Operates over TCP protocol + + Shadowsocks основан на протоколе SOCKS5 и шифрует соединение алгоритмом AEAD. Он разработан так, чтобы быть малозаметным, однако не идентичен HTTPS, поэтому может распознаваться некоторыми системами DPI. В связи с ограниченной поддержкой в Amnezia, рекомендуем использовать протокол AmneziaWG. + +Особенности: +* Доступен только на ПК в AmneziaVPN +* Настраиваемое шифрование +* Может обнаруживаться некоторыми DPI-системами +* Работает по протоколу TCP + + + + This combination includes the OpenVPN protocol and the Cloak plugin, specifically designed to protect against blocking. + +OpenVPN securely encrypts all internet traffic between your device and the server. + +The Cloak plugin further protects the connection from DPI detection. It modifies traffic metadata to disguise VPN traffic as regular web traffic and prevents detection through active probing. If an incoming connection fails authentication, Cloak serves a fake website, making your VPN invisible to traffic analysis systems. + +In regions with heavy internet censorship, we strongly recommend using OpenVPN with Cloak from your first connection. + +Features: +* Available on all AmneziaVPN platforms +* High power consumption on mobile devices +* Flexible configuration options +* Undetectable by DPI systems +* Operates over TCP protocol on port 443 + Эта комбинация состоит из протокола OpenVPN и плагина Cloak, специально разработанных для защиты от блокировок. + +OpenVPN надёжно шифрует весь интернет-трафик между вами и сервером. + +Плагин Cloak дополнительно защищает соединение от распознавания системами DPI. Он изменяет метаданные трафика, маскируя VPN-подключение под обычный веб-трафик, и предотвращает обнаружение с помощью активного зондирования. Если попытка подключения не прошла аутентификацию, Cloak выдаёт поддельный веб-сайт, делая VPN невидимым для анализирующих систем. + +Если в вашем регионе сильная интернет-цензура, мы рекомендуем сразу использовать OpenVPN с плагином Cloak. + +Особенности: +* Доступен на всех платформах AmneziaVPN +* Высокое энергопотребление на мобильных устройствах +* Гибкие настройки +* Незаметен для систем DPI-анализа +* Использует протокол TCP на порту 443 + + + + WireGuard is a modern, streamlined VPN protocol offering stable connectivity and excellent performance across all devices. It uses fixed encryption settings, delivering lower latency and higher data transfer speeds compared to OpenVPN. However, WireGuard is easily identifiable by DPI systems due to its distinctive packet signatures, making it susceptible to blocking. + +Features: +* Available on all AmneziaVPN platforms +* Low power consumption on mobile devices +* Minimal configuration required +* Easily detected by DPI systems (susceptible to blocking) +* Operates over UDP protocol + WireGuard — современный и простой VPN-протокол, который обеспечивает стабильное соединение и высокую скорость передачи данных на любых устройствах. Он использует фиксированные настройки шифрования, имеет меньшую задержку и выше пропускную способность по сравнению с OpenVPN. + +Однако WireGuard легко распознаётся системами DPI из-за характерных сигнатур трафика, что делает его уязвимым к блокировкам. + +Особенности: +* Доступен на всех платформах AmneziaVPN +* Низкое энергопотребление на мобильных устройствах +* Минимум настроек +* Легко определяется DPI-системами (подвержен блокировкам) +* Работает по протоколу UDP + + + + IKEv2, combined with IPSec encryption, is a modern and reliable VPN protocol. It reconnects quickly when switching networks or devices, making it ideal for dynamic network environments. While it provides good security and speed, it's easily recognized by DPI systems and susceptible to blocking. + +Features: +* Available in AmneziaVPN only on Windows +* Low battery consumption on mobile devices +* Minimal configuration required +* Detectable by DPI analysis systems(easily blocked) +* Operates over UDP protocol(ports 500 and 4500) + IKEv2 — современный и стабильный VPN-протокол, работающий совместно с шифрованием IPSec. Он обеспечивает быстрое переподключение при смене сети или устройства, отлично подходит для динамичных сетевых условий. Несмотря на хорошую скорость и безопасность, легко распознаётся системами DPI и подвержен блокировкам. + +Особенности: +* Доступен в AmneziaVPN только на Windows +* Низкое энергопотребление на мобильных устройствах +* Минимум настроек +* Распознаётся DPI-системами (легко блокируется) +* Работает по UDP (порты 500 и 4500) + + + + AmneziaWG is a modern VPN protocol based on WireGuard, combining simplified architecture with high performance across all devices. It addresses WireGuard’s main vulnerability (easy detection by DPI systems) through advanced obfuscation techniques, making VPN traffic indistinguishable from regular internet traffic. + + AmneziaWG is an excellent choice for those seeking a fast, stealthy VPN connection. + + Features: + + * Available on all AmneziaVPN platforms + * Low battery consumption on mobile devices + * Minimal settings required + * Undetectable by traffic analysis systems (DPI) + * Operates over UDP protocol + + AmneziaWG — современный VPN-протокол на основе WireGuard, сочетающий простую архитектуру и высокую производительность на всех устройствах. Он устраняет основной недостаток WireGuard (лёгкое обнаружение трафика системами DPI) за счёт эффективного маскирования VPN-трафика под обычный интернет-трафик. + +Таким образом, AmneziaWG идеально подойдёт тем, кто ищет быстрое и незаметное VPN-соединение. + +Особенности: +* Доступен во всех версиях AmneziaVPN +* Низкое энергопотребление на мобильных устройствах +* Минимум настроек +* Незаметен для систем анализа трафика (DPI) +* Работает по протоколу UDP + + + Deploy a WordPress site on the Tor network in two clicks. Разверните сайт на WordPress в сети Tor в два клика. - + Replace the current DNS server with your own. This will increase your privacy level. Замените текущий DNS-сервер на свой собственный. Это повысит уровень вашей конфиденциальности. - - OpenVPN stands as one of the most popular and time-tested VPN protocols available. -It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. - -* Available in the AmneziaVPN across all platforms -* Normal power consumption on mobile devices -* Flexible customisation to suit user needs to work with different operating systems and devices -* Recognised by DPI analysis systems and therefore susceptible to blocking -* Can operate over both TCP and UDP network protocols. - OpenVPN — один из самых популярных и проверенных временем VPN-протоколов. -В нем используется уникальный протокол безопасности, опирающийся на SSL/TLS для шифрования и обмена ключами. Кроме того, OpenVPN поддерживает множество методов аутентификации, что делает его универсальным и адаптируемым к широкому спектру устройств и операционных систем. Благодаря открытому исходному коду OpenVPN подвергается тщательному анализу со стороны мирового сообщества, что постоянно повышает его безопасность. Оптимальное соотношение производительности, безопасности и совместимости делает OpenVPN лучшим выбором как для частных лиц, так и для компаний, заботящихся о конфиденциальности. - -* Доступен в AmneziaVPN на всех платформах -* Нормальное энергопотребление на мобильных устройствах -* Гибкая настройка под нужды пользователя для работы с различными операционными системами и устройствами -* Распознается системами DPI-анализа и поэтому подвержен блокировке -* Может работать по сетевым протоколам TCP и UDP - - - - Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. - -* Available in the AmneziaVPN only on desktop platforms -* Configurable encryption protocol -* Detectable by some DPI systems -* Works over TCP network protocol. - Shadowsocks создан на основе протокола SOCKS5, защищает соединение с помощью шифра AEAD. Несмотря на то, что протокол Shadowsocks разработан таким образом, чтобы быть незаметным и сложным для идентификации, он не идентичен стандартному HTTPS-соединению. Поэтому некоторые системы анализа трафика всё же могут обнаружить соединение Shadowsocks. В связи с ограниченной поддержкой в Amnezia рекомендуется использовать протокол AmneziaWG. - -* Доступен в AmneziaVPN только для ПК и ноутбуков -* Настраиваемый протокол шифрования -* Распознается некоторыми системами DPI-анализа -* Работает по сетевому протоколу TCP - - - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. - It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. - This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. - Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - Протокол REALITY, новаторская разработка создателей XRay, специально спроектирован для противодействия самой строгой цензуре с помощью нового способа обхода блокировок. - Он уникальным образом идентифицирует цензоров на этапе TLS-рукопожатия, беспрепятственно работая в качестве прокси для реальных клиентов и перенаправляя цензоров на реальные сайты, такие как google.com, тем самым предъявляя подлинный TLS-сертификат и данные. - REALITY отличается от аналогичных технологий благодаря способности без специальной настройки маскировать веб-трафик так, как будто он поступает со случайных легитимных сайтов. - В отличие от более старых протоколов, таких как VMess, VLESS и XTLS-Vision, технология распознавания "друг или враг" на этапе TLS-рукопожатия повышает безопасность и обходит обнаружение сложными системами DPI-анализа, которые используют методы активного зондирования. Это делает REALITY эффективным решением для поддержания свободы интернета в регионах с жесткой цензурой. - - - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3987,97 +4515,6 @@ For more detailed information, you can Более подробную информацию вы можете найти в разделе поддержки "Создание файлового хранилища SFTP." - - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for blocking protection. - -OpenVPN provides a secure VPN connection by encrypting all Internet traffic between the client and the server. - -Cloak protects OpenVPN from detection and blocking. - -Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected - -Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. - -If there is a extreme level of Internet censorship in your region, we advise you to use only OpenVPN over Cloak from the first connection - -* Available in the AmneziaVPN across all platforms -* High power consumption on mobile devices -* Flexible settings -* Not recognised by DPI analysis systems -* Works over TCP network protocol, 443 port. - - OpenVPN over Cloak - это комбинация протокола OpenVPN и плагина Cloak, разработанного специально для защиты от обнаружения и блокировок. - -Протокол OpenVPN обеспечивает безопасное VPN-соединение за счет шифрования всего интернет-трафика между клиентом и сервером. - -Плагин Cloak защищает OpenVPN от обнаружения и блокировок. - -Cloak может изменять метаданные пакетов. Он полностью маскирует VPN-трафик под обычный веб-трафик, а также защищает VPN от обнаружения с помощью Active Probing. Это делает его очень устойчивым к обнаружению - -Сразу же после получения первого пакета данных Cloak проверяет подлинность входящего соединения. Если аутентификация не проходит, плагин маскирует сервер под поддельный сайт, и ваш VPN становится невидимым для аналитических систем. - -Если в вашем регионе экстремальный уровень цензуры в Интернете, мы советуем вам с первого подключения использовать только OpenVPN over Cloak - -* Доступен в AmneziaVPN для всех платформ -* Высокое энергопотребление на мобильных устройствах -* Гибкие настройки -* Не распознается системами DPI-анализа -* Работает по сетевому протоколу TCP, 443 порт. - - - - A relatively new popular VPN protocol with a simplified architecture. -Provides stable VPN connection, high performance on all devices. Uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. -WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. - -* Available in the AmneziaVPN across all platforms -* Low power consumption -* Minimum number of settings -* Easily recognised by DPI analysis systems, susceptible to blocking -* Works over UDP network protocol. - WireGuard - относительно новый популярный VPN-протокол с упрощенной архитектурой. -Обеспечивает стабильное VPN-соединение, высокую производительность на всех устройствах. Использует жестко заданные настройки шифрования. WireGuard по сравнению с OpenVPN имеет меньшую задержку и лучшую пропускную способность при передаче данных. -WireGuard очень восприимчив к блокированию из-за особенностей сигнатур пакетов. В отличие от некоторых других VPN-протоколов, использующих методы обфускации, последовательные сигнатуры пакетов WireGuard легче выявляются и, соответственно, блокируются современными системами глубокой проверки пакетов (DPI) и другими средствами сетевого мониторинга. - -* Доступен в AmneziaVPN для всех платформ -* Низкое энергопотребление -* Минимальное количество настроек -* Легко распознается системами DPI-анализа, подвержен блокировке -* Работает по сетевому протоколу UDP. - - - - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. -While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. -This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. - -* Available in the AmneziaVPN across all platforms -* Low power consumption -* Minimum number of settings -* Not recognised by DPI analysis systems, resistant to blocking -* Works over UDP network protocol. - AmneziaWG — усовершенствованная версия популярного VPN-протокола WireGuard. AmneziaWG опирается на фундамент, заложенный WireGuard, сохраняя упрощенную архитектуру и высокую производительность на различных устройствах. -Хотя WireGuard известен своей эффективностью, у него были проблемы с обнаружением из-за характерных сигнатур пакетов. AmneziaWG решает эту проблему за счет использования более совершенных методов обфускации, благодаря чему его трафик сливается с обычным интернет-трафиком. -Таким образом, AmneziaWG сохраняет высокую производительность оригинального протокола, добавляя при этом дополнительный уровень скрытности, что делает его отличным выбором для тех, кому нужно быстрое и незаметное VPN-соединение. - -* Доступен в AmneziaVPN на всех платформах -* Низкое энергопотребление на мобильных устройствах -* Минимальное количество настроек -* Не распознается системами DPI-анализа, устойчив к блокировке -* Работает по сетевому протоколу UDP - - - AmneziaWG container - AmneziaWG протокол - - - Sftp file sharing service - is secure FTP service - Файловое хранилище для безопасного хранения данных - - - Sftp service - SFTP-сервис - Entry not found @@ -4147,7 +4584,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin - + SOCKS5 proxy server Прокси-сервер SOCKS5 @@ -4283,14 +4720,35 @@ This means that AmneziaWG keeps the fast performance of the original while addin Невозможно найти разделитель-двоеточие между именем хоста и портом + + RenameServerDrawer + + + Server name + Имя сервера + + + + Save + Сохранить + + SelectLanguageDrawer - + Choose language Выберите язык + + ServersListView + + + Unable change server while there is an active connection + Невозможно изменить сервер во время активного соединения + + Settings @@ -4308,16 +4766,12 @@ This means that AmneziaWG keeps the fast performance of the original while addin SettingsController - + All settings have been reset to default values Все настройки сброшены до значений по умолчанию - Cached profiles cleared - Закэшированные профили очищены - - - + Backup file is corrupted Файл резервной копии поврежден @@ -4325,39 +4779,39 @@ This means that AmneziaWG keeps the fast performance of the original while addin ShareConnectionDrawer - - + + Save AmneziaVPN config Сохранить конфигурацию AmneziaVPN - + Share Поделиться - + Copy Скопировать - - + + Copied Скопировано - + Copy config string Скопировать строку конфигурации - + Show connection settings Показать настройки подключения - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" Для считывания QR-кода в приложении Amnezia выберите "Добавить сервер" → "У меня есть данные для подключения" → "Открыть файл конфигурации, ключ или QR-код" @@ -4370,37 +4824,37 @@ This means that AmneziaWG keeps the fast performance of the original while addin Имя хоста не похоже на IP-адрес или доменное имя - + New site added: %1 Добавлен новый сайт: %1 - + Site removed: %1 Сайт удален: %1 - + Can't open file: %1 Невозможно открыть файл: %1 - + Failed to parse JSON data from file: %1 Не удалось разобрать JSON-данные из файла: %1 - + The JSON data is not an array in file: %1 JSON-данные не являются массивом в файле: %1 - + Import completed Импорт завершен - + Export completed Экспорт завершен @@ -4441,7 +4895,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin TextFieldWithHeaderType - + The field can't be empty Поле не может быть пустым @@ -4449,7 +4903,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin VpnConnection - + Mbps Мбит/с @@ -4500,59 +4954,25 @@ This means that AmneziaWG keeps the fast performance of the original while addin amnezia::ContainerProps - - Low - Низкий + + Automatic + Автоматическая - - High - Высокий - - - Extreme - Экстремальный - - - - I just want to increase the level of my privacy. - Я просто хочу повысить уровень своей приватности. - - - - I want to bypass censorship. This option recommended in most cases. - Я хочу обойти блокировки. Этот вариант рекомендуется в большинстве случаев. - - - Most VPN protocols are blocked. Recommended if other options are not working. - Большинство VPN-протоколов заблокированы. Рекомендуется, если другие варианты не работают. - - - Medium - Средний - - - Many foreign websites and VPN providers are blocked - Многие иностранные сайты и VPN-провайдеры заблокированы - - - Some foreign sites are blocked, but VPN providers are not blocked - Некоторые иностранные сайты заблокированы, но VPN-провайдеры не блокируются - - - I just want to increase the level of privacy - Хочу просто повысить уровень приватности + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + Будет установлен протокол AmneziaWG. Он обеспечивает высокую скорость соединения и гарантирует стабильную работу даже в самых сложных условиях. main2 - + Private key passphrase Парольная фраза для закрытого ключа - + Save Сохранить diff --git a/client/translations/amneziavpn_uk_UA.ts b/client/translations/amneziavpn_uk_UA.ts index c7195119..3fa42c9f 100644 --- a/client/translations/amneziavpn_uk_UA.ts +++ b/client/translations/amneziavpn_uk_UA.ts @@ -1,6 +1,14 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + AmneziaApplication @@ -24,55 +32,124 @@ VPN Підключено + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + %1 встановлено успішно. + + + + API config reloaded + Конфігурацію API перезавантажено + + + + Successfully changed the country of connection to %1 + Успішно змінено країну підключення на %1 + + ApiServicesModel - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - Звичайний VPN для комфортної роботи, завантаження великих файлів та перегляду відео. Працює для будь-яких сайтів. Швидкість до %1 MBit/s + Звичайний VPN для комфортної роботи, завантаження великих файлів та перегляду відео. Працює для будь-яких сайтів. Швидкість до %1 MBit/s - VPN to access blocked sites in regions with high levels of Internet censorship. - VPN для доступу до заблокованих сайтів у регіонах з високим рівнем інтернет-цензури. + VPN для доступу до заблокованих сайтів у регіонах з високим рівнем інтернет-цензури. - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. - Amnezia Premium - звичайний VPN для комфортної роботи, завантаження великих файлів та перегляду відео у високій роздільній здатності. Працює для всіх вебсайтів, навіть у країнах з найвищим рівнем інтернет-цензури. + Amnezia Premium - звичайний VPN для комфортної роботи, завантаження великих файлів та перегляду відео у високій роздільній здатності. Працює для всіх вебсайтів, навіть у країнах з найвищим рівнем інтернет-цензури. - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship - Amnezia Free — це безкоштовний VPN для обходу блокувань у країнах з високим рівнем інтернет-цензури + Amnezia Free — це безкоштовний VPN для обходу блокувань у країнах з високим рівнем інтернет-цензури - + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. + + + + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. + + + + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s %1 MBit/s - + %1 days %1 днів - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> Лише популярні сайти, які заблоковані у вашому регіоні, будуть відкриватись за допомогою VPN підключення (Instagram, Facebook, Twitter та ін.). Звичайні сайти будуть відкриватися без використання VPN, <a href="%1/free" style="color: #FBB26A;">більш детально на нашому сайті.</a> - + Free Безкоштовно - + %1 $/month %1 $/місяць @@ -103,7 +180,7 @@ ConnectButton - + Unable to disconnect during configuration preparation Неможливо відключитися під час підготовки конфігурації @@ -111,62 +188,59 @@ ConnectionController - VPN Protocols is not installed. Please install VPN container at first - VPN протоколи не встановлено. + VPN протоколи не встановлено. Будь-ласка, встановіть VPN контейнер - unable to create configuration - Неможливо створити конфігурацію + Неможливо створити конфігурацію - + Connecting... Підключення... - + Connected Підключено - + Preparing... Підготовка... - + Settings updated successfully, reconnnection... Налаштування оновлено, підключення... - + Settings updated successfully Налаштування оновлено - The selected protocol is not supported on the current platform - Вибраний протокол не підтримується на цьому пристрої + Вибраний протокол не підтримується на цьому пристрої - + Reconnecting... Перепідключення... - - - - + + + + Connect Підключитись - + Disconnecting... Відключаємось... @@ -174,17 +248,17 @@ ConnectionTypeSelectionDrawer - + Add new connection Додати нове з'єднання - + Configure your server Налаштувати свій сервер - + Open config file, key or QR code Відкрити файл конфігурації, ключ або QR код @@ -222,7 +296,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection Неможливо змінити протокол при активному підключенні @@ -238,46 +312,46 @@ HomeSplitTunnelingDrawer - + Split tunneling Роздільне тунелювання - + Allows you to connect to some sites or applications through a VPN connection and bypass others Дозволяє підключатись до одних сайтів та застосунків через захищене з'єднання, а іншим в обхід нього - + Split tunneling on the server Роздільне тунелювання на сервері - + Enabled Can't be disabled for current server Увімкнено. Не може бути вимкнено для даного сервера - + Site-based split tunneling Роздільне тунелювання по сайтам - - + + Enabled Увімкнено - - + + Disabled Вимкнено - + App-based split tunneling Роздільне тунелювання застосунків @@ -285,111 +359,114 @@ Can't be disabled for current server ImportController - Unable to open file - Неможливо відкрити файл + Неможливо відкрити файл - - Invalid configuration file - Недійсний файл конфігурації + Недійсний файл конфігурації - + Scanned %1 of %2. Відскановано %1 з %2. - + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: + + + In the imported configuration, potentially dangerous lines were found: - У імпортованій конфігурації знайдено потенційно небезпечні рядки: + У імпортованій конфігурації знайдено потенційно небезпечні рядки: InstallController - + %1 installed successfully. %1 встановлено. - + %1 is already installed on the server. %1 вже встановлено на сервері. - + Added containers that were already installed on the server Додані сервіси і протоколи, які були раніше встановлені на сервері - + Already installed containers were found on the server. All installed containers have been added to the application На сервері знайдені сервіси та протоколи, всі вони додані в застосунок - + Settings updated successfully Налаштування оновлено - + Server '%1' was rebooted Сервер '%1' перезавантажено - + Server '%1' was removed Сервер '%1' був видалений - + All containers from server '%1' have been removed Всі сервіси та протоколи були видалені з сервера '%1' - + %1 has been removed from the server '%2' %1 був видалений з сервера '%2' - + Api config removed Конфігурацію API видалено - + %1 cached profile cleared Кешований профіль %1 очищено - + Please login as the user Буль-ласка, увійдіть в систему від імені користувача - + Server added successfully Сервер додано - %1 installed successfully. - %1 встановлено успішно. + %1 встановлено успішно. - API config reloaded - Конфігурацію API перезавантажено + Конфігурацію API перезавантажено - Successfully changed the country of connection to %1 - Успішно змінено країну підключення на %1 + Успішно змінено країну підключення на %1 @@ -400,12 +477,12 @@ Already installed containers were found on the server. All installed containers Виберіть застосунок - + application name назва застосунку - + Add selected Додати вибране @@ -473,12 +550,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Dev gateway environment @@ -486,85 +563,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled Логування увімкнено - + Split tunneling enabled Роздільне тунелювання увімкнено - + Split tunneling disabled Роздільне тунелювання вимкнено - + VPN protocol VPN протокол - + Servers Сервери - Unable change server while there is an active connection - Не можна змінити сервер при активному підключенні + Не можна змінити сервер при активному підключенні PageProtocolAwgClientSettings - + AmneziaWG settings налаштування AmneziaWG - + MTU MTU - + Server settings - + Port Порт - + Save Зберегти - + Save settings? Зберегти налаштування? - + Only the settings for this device will be changed - + Continue Продовжити - + Cancel Відмінити - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -572,87 +648,92 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings налаштування AmneziaWG - + + VPN address subnet + VPN address subnet + + + Port Порт - + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + Save Зберегти - + The values of the H1-H4 fields must be unique Значення полів H1-H4 мають бути унікальними - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) Значення поля S1 + розмір повідомлення ініціалізації (148) не має бути рівним значенню S2 + розмір повідомлення відповіді (92) - + Save settings? Зберегти налаштування? - + All users with whom you shared a connection with will no longer be able to connect to it. Усі користувачі, з якими ви поділилися підключенням, більше не зможуть підключитися до нього. - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -673,12 +754,12 @@ Already installed containers were found on the server. All installed containers Користувачі, з якими ви поділились цим протоколм, більше не зможуть до нього підключитись. - + Continue Продовжити - + Cancel Відмінити @@ -690,33 +771,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings Налаштування Cloak - + Disguised as traffic from Замаскувати трафік під - + Port Порт - - + + Cipher Шифрування - + Save Зберегти - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -728,7 +809,7 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings налаштування OpenVPN @@ -737,170 +818,170 @@ Already installed containers were found on the server. All installed containers Підмережа для VPN - + VPN address subnet VPN address subnet - + Network protocol Мережевий притокол - + Port Порт - + Auto-negotiate encryption Автоматично отримувати шифрування - - + + Hash Хеш - + SHA512 SHA512 - + SHA384 SHA384 - + SHA256 SHA256 - + SHA3-512 SHA3-512 - + SHA3-384 SHA3-384 - + SHA3-256 SHA3-256 - + whirlpool whirlpool - + BLAKE2b512 BLAKE2b512 - + BLAKE2s256 BLAKE2s256 - + SHA1 SHA1 - - + + Cipher Шифрування - + AES-256-GCM AES-256-GCM - + AES-192-GCM AES-192-GCM - + AES-128-GCM AES-128-GCM - + AES-256-CBC AES-256-CBC - + AES-192-CBC AES-192-CBC - + AES-128-CBC AES-128-CBC - + ChaCha20-Poly1305 ChaCha20-Poly1305 - + ARIA-256-CBC ARIA-256-CBC - + CAMELLIA-256-CBC CAMELLIA-256-CBC - + none none - + TLS auth TLS авторизація - + Block DNS requests outside of VPN Блокувати DNS запити за межами VPN тунеля - + Additional client configuration commands Додаткові команди конфігурації клієнта - - + + Commands: Команди: - + Additional server configuration commands Додаткові команти конфігурації сервера - + Save Зберегти - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -936,32 +1017,32 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings налаштування - + Show connection options Показати параметри підключення - + Connection options %1 Параметри підключення %1 - + Remove Видалити - + Remove %1 from server? Видалити %1 з сервера? - + All users with whom you shared a connection with will no longer be able to connect to it. Усі користувачі, з якими ви поділилися підключенням, більше не зможуть підключитися до нього. @@ -974,12 +1055,12 @@ Already installed containers were found on the server. All installed containers Користувачі, з якими ви поділились цим протоколм, більше не зможуть до нього підключитись. - + Continue Продовжити - + Cancel Відмінити @@ -987,28 +1068,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings Налаштування Shadowsocks - + Port Порт - - + + Cipher Шифрування - + Save Зберегти - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -1020,52 +1101,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings - + MTU MTU - + Server settings - + Port Порт - + Save Зберегти - + Save settings? Зберегти налаштування? - + Only the settings for this device will be changed - + Continue Продовжити - + Cancel Відмінити - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -1073,12 +1154,17 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings - + + VPN address subnet + VPN address subnet + + + Port Порт @@ -1087,32 +1173,32 @@ Already installed containers were found on the server. All installed containers MTU - + Save Зберегти - + Save settings? Зберегти налаштування? - + All users with whom you shared a connection with will no longer be able to connect to it. Усі користувачі, з якими ви поділилися підключенням, більше не зможуть підключитися до нього. - + Continue Продовжити - + Cancel Відмінити - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -1120,22 +1206,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings Налаштування XRay - + Disguised as traffic from Замаскувати трафік під - + Save Зберегти - + Unable change settings while there is an active connection Неможливо змінити налаштування, поки є активне підключення @@ -1150,39 +1236,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. На вашому сервері встановлено DNS-сервіс, доступ до нього можливо тільки через VPN. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. Адреса DNS сервера співпадає з адресою вашого сервера. Налаштувати DNS можливо на вкладці "Підключення" налаштувань застосунку. - + Remove Видалити - + Remove %1 from server? Видалити %1 з сервера? - + Continue Продовжити - + Cancel Відмінити - + Cannot remove AmneziaDNS from running server Не вдається видалити AmneziaDNS з працюючого сервера @@ -1190,30 +1276,30 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully Налаштування оновлено - + SFTP settings Налаштування SFTP - + Host Хост - - - - + + + + Copied Скопійовано - + Port Порт @@ -1222,39 +1308,39 @@ Already installed containers were found on the server. All installed containers Логін - + User name Імя користувача - + Password Пароль - + Mount folder on device Змонтувати папку з вашого пристрою - + In order to mount remote SFTP folder as local drive, perform following steps: <br> Для того щоб додати SFTP-папку, як локальний диск на вашому пристрої, виконайте наступні дії: <br> - - + + <br>1. Install the latest version of <br>1. Встановіть останню версію - - + + <br>2. Install the latest version of <br>2. Встановіть останню версію - + Detailed instructions Детальні інструкції @@ -1278,69 +1364,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully Налаштування успішно оновлено - - + + SOCKS5 settings Налаштування SOCKS5 - + Host Хост - - - - + + + + Copied Скопійовано - - + + Port Порт - + User name User name - - + + Password Пароль - + Username Username - - + + Change connection settings Змінити налаштування підключення - + The port must be in the range of 1 to 65535 Порт повинен бути в межах від 1 до 65535 - + Password cannot be empty Пароль не може бути порожнім - + Username cannot be empty Ім'я користувача не може бути порожнім @@ -1348,37 +1434,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully Налаштування оновлено - + Tor website settings Налаштування сайту в мережі Тоr - + Website address Адреса сайту - + Copied Скопійовано - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. Використовуйте <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> для відкриття цього посилання. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. Через кілька хвилин після встановлення ваш сайт Onion стане доступним у мережі Tor. - + When configuring WordPress set the this onion address as domain. При налаштуванні WordPress, вкажіть цей Onion в якості домена. @@ -1406,42 +1492,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings Налаштування - + Servers Сервери - + Connection Підключення - + Application Застосунок - + Backup Резервне копіювання - + About AmneziaVPN Про AmneziaVPN - + Dev console - + Close application Закрити застосунок @@ -1453,7 +1539,7 @@ Already installed containers were found on the server. All installed containers Підтримайте проект донатом - + Support Amnezia Підтримайте Amnezia @@ -1478,32 +1564,32 @@ Already installed containers were found on the server. All installed containers Показати інші способи на Github - + Amnezia is a free and open-source application. You can support the developers if you like it. Amnezia — це безкоштовний додаток з відкритим кодом. Якщо вам подобається цей додаток, ви можете підтримати розробників. - + Contacts Контакти - + Telegram group Група в Telegram - + To discuss features Для дискусій - + https://t.me/amnezia_vpn_en https://t.me/amnezia_vpn - + support@amnezia.org @@ -1512,134 +1598,525 @@ Already installed containers were found on the server. All installed containers Пошта - + For reviews and bug reports Для відгуків і повідомлень про помилки - Copied - Скопійовано + Скопійовано - + + mailto:support@amnezia.org + + + + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website Веб-сайт + + + Visit official website + + https://amnezia.org https://amnezia.org - + Software version: %1 Версія ПЗ: %1 - + Check for updates Перевірити оновлення - + Privacy Policy Політика конфіденційності + + PageSettingsApiAvailableCountries + + + Location for connection + + + + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices + + + + + Manage currently connected devices + + + + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. + + + + + (current device) + + + + + Support tag: + + + + + Last updated: + + + + + Cannot unlink device during active connection + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Continue + Продовжити + + + + Cancel + Відмінити + + + + PageSettingsApiInstructions + + + Windows + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows + + + + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + Зберегти config AmneziaVPN + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + Продовжити + + + + Cancel + Відмінити + + PageSettingsApiServerInfo - For the region - Для регіону + Для регіону - Price - Ціна + Ціна - Work period - Період роботи + Період роботи - Speed - Швидкість + Швидкість - - Support tag - - - - Copied - Скопійовано + Скопійовано - + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + + + + + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + Reload API config Перезавантажити конфігурацію API - + Reload API config? Перезавантажити конфігурацію API? - - + + + Continue Продовжити - - + + + Cancel Відмінити - + Cannot reload API config during active connection Неможливо перезавантажити конфігурацію API під час активного підключення - + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + Remove from application Видалити з додатку - + Remove from application? Видалити з додатку? - + Cannot remove server during active connection Неможливо видалити сервер під час активного підключення + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + Веб-сайт + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + + + + + Copied + Скопійовано + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection Не можна змінити налаштування роздільного тунелювання при підключеному VPN - + Only the apps from the list should have access via VPN Доступ через VPN мають лише програми зі списку @@ -1649,42 +2126,42 @@ Already installed containers were found on the server. All installed containers Програми зі списку не мають доступ через VPN - + App split tunneling Split tunneling для додатка - + Mode Режим - + Remove Видалити - + Continue Продовжити - + Cancel Відмінити - + application name назва додатка - + Open executable file Відкрити виконуваний файл - + Executable files (*.*) Виконувані файли (*.*) @@ -1692,102 +2169,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application Застосунок - + Allow application screenshots Дозволити скріншоти у застосунку - + Enable notifications Увімкнути сповіщення - + Enable notifications to show the VPN state in the status bar Увімкнути сповіщення (показує стан VPN у статус барі) - + Auto start Автозапуск - + Launch the application every time the device is starts Запускати застосунок при старті - + Auto connect Автопідключення - + Connect to VPN on app start Підключення до VPN при старті застосунку - + Start minimized Запускати в згорнутому вигляді - + Launch application minimized Запускати застосунок в згорнутому вигляді - + Language Мова - + Logging Логування - + Enabled Увімкнено - + Disabled Вимкнено - + Reset settings and remove all data from the application Скинути налаштування і видалити всі дані із застосунку - + Reset settings and remove all data from the application? Скинути налаштування і видалити всі дані із застосунку? - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. Всі дані із застосунку будуть видалені, всі встановлені сервіси AmneziaVPN залишаться на сервері. - + Continue Продовжити - + Cancel Відмінити - + Cannot reset settings during active connection Неможливо скинути налаштування під час активного підключення @@ -1799,7 +2276,7 @@ Already installed containers were found on the server. All installed containers Резервне копіювання - + Settings restored from backup file Відновлення налаштувань із бекап файлу @@ -1808,73 +2285,73 @@ Already installed containers were found on the server. All installed containers Бекап конфігурація - + Back up your configuration Резервне копіювання вашої конфігурації - + You can save your settings to a backup file to restore them the next time you install the application. Ви можете зберегти свої налаштування у бекап файл (резервну копію), щоб відновити їх під час наступного встановлення програми. - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. Резервна копія міститиме ваші паролі та приватні ключі для всіх серверів, доданих до AmneziaVPN. Зберігайте цю інформацію у безпечному місці. - + Make a backup Зробити бекап (резервну копію) - + Save backup file Зберегти бекап файл - - + + Backup files (*.backup) Файли резервної копії (*.backup) - + Backup file saved Бекап файл збережено - + Restore from backup Відновити із бекапа - + Open backup file Відкрити бекап файл - + Import settings from a backup file? Імпортувати налаштування із бекап файлу? - + All current settings will be reset Всі поточні налаштування будуть скинуті - + Continue Продовжити - + Cancel Відмінити - + Cannot restore backup settings during active connection Неможливо відновити резервну копію налаштувань під час активного підключення @@ -1882,7 +2359,7 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection З'єднання @@ -1895,57 +2372,61 @@ Already installed containers were found on the server. All installed containers Підключення до VPN при старті застосунку - + Use AmneziaDNS Використовувати AmneziaDNS - + If AmneziaDNS is installed on the server Якщо він встановлений на сервері - + DNS servers DNS сервер - + When AmneziaDNS is not used or installed Ці адреси будуть використовуватись коли вимкнений AmneziaDNS - + Allows you to use the VPN only for certain Apps Дозволяє використовувати VPN тільки для вибраних застосунків - + KillSwitch KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. Вимикає ваш інтернет, якщо ваше захищене VPN-підключення зникає з будь-якої причини. - - Cannot change killSwitch settings during active connection - Неможливо змінити налаштування killSwitch під час активного підключення + + Cannot change KillSwitch settings during active connection + - + Cannot change killSwitch settings during active connection + Неможливо змінити налаштування killSwitch під час активного підключення + + + Site-based split tunneling Роздільне тунелювання сайтів - + Allows you to select which sites you want to access through the VPN Дозволяє доступ до одних сайтів через VPN, а для інших в обхід VPN - + App-based split tunneling Роздільне VPN-тунелювання застосунків @@ -1957,12 +2438,12 @@ Already installed containers were found on the server. All installed containers PageSettingsDns - + Default server does not support custom DNS Сервер за замовчуванням не підтримує користувацький DNS - + DNS servers DNS сервер @@ -1971,52 +2452,52 @@ Already installed containers were found on the server. All installed containers Ці адреси будуть використовуватись, коли вимкнено або не встановлено AmneziaDNS - + If AmneziaDNS is not used or installed Якщо AmneziaDNS вимкнено або не встановлено - + Primary DNS Основний DNS - + Secondary DNS Допоміжний DNS - + Restore default Відновити за замовчуванням - + Restore default DNS settings? Відновити налаштування DNS за замовчуванням? - + Continue Продовжити - + Cancel Відмінити - + Settings have been reset Налаштування скинуті - + Save Зберегти - + Settings saved Зберегти налаштування @@ -2028,12 +2509,12 @@ Already installed containers were found on the server. All installed containers Логування увімкнене. Зверніть увагу, що логування буде автоматично вимкнене через 14 днів, а всі файли журналів будуть видалені. - + Logging Логування - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. Увімкнення цієї функції автоматично зберігатиме журнали додатка. За замовчуванням функція логування вимкнена. Увімкніть збереження журналів у випадку збою додатка. @@ -2046,20 +2527,20 @@ Already installed containers were found on the server. All installed containers Відкрити папку з логами - - + + Save Зберегти - - + + Logs files (*.log) Logs files (*.log) - - + + Logs file saved Файл з логами збережено @@ -2068,64 +2549,62 @@ Already installed containers were found on the server. All installed containers Зберегти логи в файл - + Enable logs - + Clear logs? Очистити логи? - + Continue Продовжити - + Cancel Відмінити - + Logs have been cleaned up Логи видалено - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs Видалити логи @@ -2160,88 +2639,88 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue Продовжити - - - - + + + + Cancel Відмінити - + Check the server for previously installed Amnezia services Проверить сервер на наличие ранее установленных сервисов Amnezia - + Add them to the application if they were not displayed Додати їх в застосунок, якщо вони не були відображені - + Reboot server Перезавантажити сервер - + Do you want to reboot the server? Ви впевнені, що хочете перезавантажити сервер? - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? Процес перезавантаження може зайняти близько 30 сек. Ви впевені, що хочете продовжити? - + Cannot reboot server during active connection Неможливо перезавантажити сервер під час активного підключення - + Remove server from application Видалити сервер з додатка - + Do you want to remove the server from application? Ви впевнені, що хочете видалити сервер із застосунку? - + Cannot remove server during active connection Неможливо видалити сервер під час активного підключення - + Clear server from Amnezia software Очистити сервер від програмного забезпечення Amnezia - + Do you want to clear server from Amnezia software? Ви дійсно хочете очистити сервер від програмного забезпечення Amnezia? - + All users whom you shared a connection with will no longer be able to connect to it. Усі користувачі, з якими ви поділилися підключенням, більше не зможуть підключитися до нього. - + Cannot clear server from Amnezia software during active connection Неможливо очистити сервер від програмного забезпечення Amnezia під час активного підключення - + Cannot reset API config during active connection Неможливо скинути конфігурацію API під час активного підключення @@ -2250,12 +2729,12 @@ Already installed containers were found on the server. All installed containers Ви хочете очистити сервер від сервісів Amnezia? - + Reset API config Скинути API конфігурацію - + Do you want to reset API config? Ви хочете скинути API конфігурацію? @@ -2268,7 +2747,7 @@ Already installed containers were found on the server. All installed containers Видалити сервер із застосунку? - + All installed AmneziaVPN services will still remain on the server. Всі встановлені сервіси та протоколи Amnezia все ще залишаться на сервері. @@ -2288,27 +2767,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - Імя сервера + Імя сервера - Save - Зберегти + Зберегти - + Protocols Протоколи - + Services Сервіси - + Management Управління @@ -2320,7 +2797,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings Налаштування @@ -2329,42 +2806,42 @@ Already installed containers were found on the server. All installed containers Очистити профіль %1 - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + Clear %1 profile? Очистити профіль %1? - + The connection configuration will be deleted for this device only - + Unable to clear %1 profile while there is an active connection Неможливо очистити профіль %1 під час активного підключення - + Cannot remove active container Неможливо видалити активний контейнер @@ -2374,17 +2851,17 @@ Already installed containers were found on the server. All installed containers - + Remove Видалити - + Remove %1 from server? Видалити %1 з сервера? - + All users with whom you shared a connection will no longer be able to connect to it. Користувачі, з якими ви поділились цим протоколм, більше не зможуть до нього підключитись. @@ -2393,14 +2870,14 @@ Already installed containers were found on the server. All installed containers Користувачі, з якими ви поділились цим протоколм, більше не зможуть до нього підключитись. - - + + Continue Продовжити - - + + Cancel Відмінити @@ -2408,7 +2885,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers Сервери @@ -2420,32 +2897,32 @@ Already installed containers were found on the server. All installed containers Тільки адреси із списку мають відкриватись через VPN - + Addresses from the list should not be accessed via VPN Адреси із списку не повинні відкриватись через VPN - + Split tunneling Роздільне VPN-тунелювання - + Mode Режим - + Remove Видалити - + Continue Продовжити - + Cancel Відмінити @@ -2454,70 +2931,70 @@ Already installed containers were found on the server. All installed containers Сайт чи IP - + Import / Export Sites Імпорт / Експорт Сайтів - + Only the sites listed here will be accessed through the VPN Тільки адреси зі списку повинні відкриватись через VPN - + Cannot change split tunneling settings during active connection Не можна змінити налаштування роздільного тунелювання при підключеному VPN - + Default server does not support split tunneling function - + website or IP вебсайт або IP - + Import Імпорт - + Save site list Зберегти список сайтів - + Save sites Зберегти - - - + + + Sites files (*.json) Sites files (*.json) - + Import a list of sites Імпортувати список із сайтами - + Replace site list Замінити список із сайтами - - + + Open sites file Відкрити список із сайтами - + Add imported sites to existing ones Додати імпортовані сайти до існуючих @@ -2525,32 +3002,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region Для регіону - + Price Ціна - + Work period Період роботи - + Speed Швидкість - + Features Особливості - + Connect Підключитись @@ -2558,12 +3035,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia VPN від Amnezia - + Choose a VPN service that suits your needs. Виберіть VPN-сервіс, який відповідає вашим потребам. @@ -2591,7 +3068,7 @@ It's okay as long as it's from someone you trust. Виберіть що у вас є - + File with connection settings Файл з налаштуваннями підключення @@ -2600,7 +3077,7 @@ It's okay as long as it's from someone you trust. Файл з налаштуваннями підключення або бекап - + Connection Підключення @@ -2610,82 +3087,102 @@ It's okay as long as it's from someone you trust. Налаштування - + Enable logs - + + Support tag + + + + + Copied + Скопійовано + + + Insert the key, add a configuration file or scan the QR-code Вставте ключ, додайте файл конфігурації або відскануйте QR-код - + Insert key Вставити ключ - + Insert Вставити - + Continue Продовжити - + Other connection options Інші параметри підключення - + + Site Amnezia + + + + VPN by Amnezia VPN від Amnezia - + Connect to classic paid and free VPN services from Amnezia Підключайтеся до звичайних платних та безкоштовних VPN-сервісів від Amnezia - + Self-hosted VPN Self-hosted VPN - + Configure Amnezia VPN on your own server Налаштуйте Amnezia VPN на власному сервері - + Restore from backup Відновити із бекапа - + + + + + + Open backup file Відкрити бекап файл - + Backup files (*.backup) Файли резервної копії (*.backup) - + Open config file Відкрити файл з конфігурацією - + QR code QR-код - + I have nothing У мене нічого нема @@ -2701,7 +3198,7 @@ It's okay as long as it's from someone you trust. Підключення до сервера - + Server IP address [:port] Server IP address [:port] @@ -2714,7 +3211,7 @@ It's okay as long as it's from someone you trust. Password / SSH private key - + Continue Продовжити @@ -2725,7 +3222,7 @@ and will not be shared or disclosed to the Amnezia or any third parties і не будуть передані чи розголошені Amnezia або будь-яким третім особам - + Enter the address in the format 255.255.255.255:88 Введіть адресу в форматі 255.255.255.255:88 @@ -2734,52 +3231,52 @@ and will not be shared or disclosed to the Amnezia or any third parties Login to connect via SSH - + Configure your server Налаштувати свій сервер - + 255.255.255.255:22 255.255.255.255:22 - + SSH Username SSH Username - + Password or SSH private key Пароль або SSH ключ - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties Усі дані, які ви вводите, залишатимуться суворо конфіденційними та не будуть передані чи розголошені Amnezia або будь-яким третім особам - + How to run your VPN server Як запустити ваш VPN-сервер - + Where to get connection data, step-by-step instructions for buying a VPS Де отримати дані для підключення: покрокові інструкції з придбання VPS - + Ip address cannot be empty Поле IP address не може бути пустим - + Login cannot be empty Поле Login не може бути пустим - + Password/private key cannot be empty Поле Password/Private key не може бути пустим @@ -2787,17 +3284,26 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardEasy - What is the level of internet control in your region? - Який рівень контроля над інтернетом у вашому регіоні? + Який рівень контроля над інтернетом у вашому регіоні? - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol Виберіть протокол VPN - + Skip setup Пропустити налаштування @@ -2810,7 +3316,7 @@ and will not be shared or disclosed to the Amnezia or any third parties Вибрати VPN-протокол - + Continue Продовжити @@ -2869,37 +3375,37 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocolSettings - + Installing %1 Встановити %1 - + More detailed Детальніше - + Close Закрити - + Network protocol Мережевий протокол - + Port Порт - + Install Встановити - + The port must be in the range of 1 to 65535 Порт повинен бути в межах від 1 до 65535 @@ -2907,12 +3413,12 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocols - + VPN protocol VPN протокол - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. Виберіть протокол, який вам більше підходить. Пізніше можна встановити інші протоколи і додаткові сервіси, такі як DNS-проксі, TOR-сайт и SFTP. @@ -2948,7 +3454,7 @@ and will not be shared or disclosed to the Amnezia or any third parties У мене нічого нема - + Let's get started Почнемо @@ -2956,27 +3462,27 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardTextKey - + Connection key Ключ для підключення - + A line that starts with vpn://... Стрічка, яка починається з vpn://... - + Key Ключ - + Insert Вставити - + Continue Продовжити @@ -2984,7 +3490,7 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardViewConfig - + New connection Нове підключення @@ -2997,27 +3503,27 @@ and will not be shared or disclosed to the Amnezia or any third parties Не використовуйте код підключення з загальнодоступних джерел. Він може бути створений для перехоплення ваших даних. - + Collapse content Згорнути - + Show content Показати вміст ключа - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. Увімкніть обфускацію WireGuard. Це може бути корисним, якщо WireGuard заблокований у вашого провайдера. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. Використовуйте коди підключення тільки з джерел, яким ви довіряєте. Коди з публічних джерел можуть бути створені для перехоплення ваших даних. - + Connect Підключитись @@ -3025,12 +3531,12 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShare - + OpenVPN native format OpenVPN нативний формат - + WireGuard native format WireGuard нативний формат @@ -3039,7 +3545,7 @@ and will not be shared or disclosed to the Amnezia or any third parties VPN-Доступ - + Connection З'єднання @@ -3052,8 +3558,8 @@ and will not be shared or disclosed to the Amnezia or any third parties Доступ до керування сервером. Користувач, з яким ви ділитесь повним доступом до підключення, зможе додавати та видаляти протоколи і служби на сервері, а також змінювати налаштування. - - + + Server Сервер @@ -3062,167 +3568,172 @@ and will not be shared or disclosed to the Amnezia or any third parties Доступ - + Config revoked Кофігурацію відкликано - + Connection to Підключення до - + File with connection settings to Файл з налаштуванням доступу до - + Save OpenVPN config Зберегти OpenVPN конфігурацію - + Save WireGuard config Збергти WireGuard конфігурацію - + Save AmneziaWG config Зберегти AmneziaWG конфігурацію - + Save Shadowsocks config Зберегти конфігурацію Shadowsocks - + Save Cloak config Зберегти конфігурацію Cloak - + Save XRay config Зберегти конфігурацію XRay - + For the AmneziaVPN app Для AmneziaVPN - + AmneziaWG native format нативний формат AmneziaWG - + Shadowsocks native format Shadowsocks нативний формат - + Cloak native format Cloak нативний формат - + XRay native format XRay нативний формат - + Share VPN Access Поділитись VPN з'єднанням - + Share full access to the server and VPN Поділитись повним доступом до серверу - + Use for your own devices, or share with those you trust to manage the server. Використовуйте для власних пристроїв або передайте керування сервером тим, кому довіряєте. - - + + Users Користувачі - + User name Ім'я користувача - + Search Пошук - + Creation date: %1 Дата створення: %1 - + Latest handshake: %1 Останнє з'єднання: %1 - + Data received: %1 Отримано даних: %1 - + Data sent: %1 Відправлено даних: %1 + + + Allowed IPs: %1 + + Creation date: Дата створення: - + Rename Перейменувати - + Client name Назва клієнта - + Save Зберегти - + Revoke Відкликати - + Revoke the config for a user - %1? Відкликати доступ для користувача - %1? - + The user will no longer be able to connect to your server. Користувач більше не зможе підключатись до вашого сервера - + Continue Продовжити - + Cancel Відмінити @@ -3231,25 +3742,25 @@ and will not be shared or disclosed to the Amnezia or any third parties Повний доступ - + Share VPN access without the ability to manage the server Поділитись доступом до VPN, без можливості керування сервером - - + + Protocol Протокол - - + + Connection format Формат підключення - - + + Share Поділитись @@ -3257,54 +3768,54 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShareFullAccess - + Full access to the server and VPN Повний доступ до серверу та VPN - + We recommend that you use full access to the server only for your own additional devices. Ми рекомендуємо використовувати повний доступ тілки для власних пристроїв. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. Якщо ви ділитеся повним доступом з іншими людьми, вони можуть видаляти та додавати протоколи та служби на сервер, що призведе до некоректної роботи VPN для всіх користувачів. - - + + Server Сервер - + Accessing Доступ - + File with accessing settings to Файл з налаштуваннями доступу до - + Share Поділитись - + Access error! Помилка доступу! - + Connection to Підключення до - + File with connection settings to Файл з налаштуванням доступу до @@ -3312,17 +3823,17 @@ and will not be shared or disclosed to the Amnezia or any third parties PageStart - + Logging was disabled after 14 days, log files were deleted Логування було вимкнене через 14 днів, файли журналів були видалені - + Settings restored from backup file Відновлення налаштувань із бекап файлу - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -3330,7 +3841,7 @@ and will not be shared or disclosed to the Amnezia or any third parties PopupType - + Close Закрити @@ -3594,72 +4105,97 @@ and will not be shared or disclosed to the Amnezia or any third parties - + + The selected protocol is not supported on the current platform + Вибраний протокол не підтримується на цьому пристрої + + + Server check failed Server check failed - + Server port already used. Check for another software Server port already used. Check for another software - + Server error: Docker container missing Server error: Docker container missing - + Server error: Docker failed Server error: Docker failed - + Installation canceled by user Installation canceled by user - - The user does not have permission to use sudo - The user does not have permission to use sudo + + The user is not a member of the sudo group + Користувач не входить до групи sudo - - Server error: Packet manager error + + Server error: Package manager error + Помилка сервера: Помилка менеджера пакетів + + + + The sudo package is not pre-installed on the server + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SSH request was denied SSH request was denied - + SSH request was interrupted SSH request was interrupted - + SSH internal error SSH internal error - + Invalid private key or invalid passphrase entered Invalid private key or invalid passphrase entered - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types The selected private key format is not supported, use openssh ED25519 key types or PEM key types - + Timeout connecting to server Timeout connecting to server - + SCP error: Generic failure @@ -3716,22 +4252,23 @@ and will not be shared or disclosed to the Amnezia or any third parties Sftp error: No media was in remote drive - + The config does not contain any containers and credentials for connecting to the server Конфігурація не містить контейнерів і облікових даних для підключення до серверу - + + Error when retrieving configuration from API - + This config has already been added to the application Ця конфігурація вже була додана в застосунок - + ErrorCode: %1. @@ -3740,112 +4277,139 @@ and will not be shared or disclosed to the Amnezia or any third parties Failed to save config to disk - + OpenVPN config missing OpenVPN config missing - + OpenVPN management server error OpenVPN management server error - + OpenVPN executable missing OpenVPN executable missing - + Shadowsocks (ss-local) executable missing Shadowsocks (ss-local) executable missing - + Cloak (ck-client) executable missing Cloak (ck-client) executable missing - + Amnezia helper service error Amnezia helper service error - + OpenSSL failed OpenSSL failed - + Can't connect: another VPN connection is active Can't connect: another VPN connection is active - + Can't setup OpenVPN TAP network adapter Can't setup OpenVPN TAP network adapter - + VPN pool error: no available addresses VPN pool error: no available addresses - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + VPN протоколи не встановлено. + Будь-ласка, встановіть VPN контейнер + + + VPN connection error - + In the response from the server, an empty config was received - + SSL error occurred - + Server response timeout on api request - + Missing AGW public key - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened - + QFile error: An error occurred when reading from the file - + QFile error: The file could not be accessed - + QFile error: An unspecified error occurred - + QFile error: A fatal error occurred - + QFile error: The operation was aborted - + Internal error Internal error @@ -3855,27 +4419,24 @@ and will not be shared or disclosed to the Amnezia or any third parties IPsec - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - Shadowsocks - маскує VPN-трафік під звичайний веб-трафік, але розпізнається системами аналізу трафіка в деяких регіонах з високим рівнем цензури. + Shadowsocks - маскує VPN-трафік під звичайний веб-трафік, але розпізнається системами аналізу трафіка в деяких регіонах з високим рівнем цензури. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - OpenVPN over Cloak - OpenVPN з маскуванням VPN під HTTPS трафік і захистом від active-probing. Підходить для регіонів з самим високим рівнем цензури. + OpenVPN over Cloak - OpenVPN з маскуванням VPN під HTTPS трафік і захистом від active-probing. Підходить для регіонів з самим високим рівнем цензури. - + IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. IKEv2/IPsec — сучасний стабільний протокол, який дещо швидший за інші та відновлює підключення після втрати сигналу. Має нативну підтримку на останніх версіях Android та iOS. - + Create a file vault on your server to securely store and transfer files. Створіть на сервері файлове сховище для безпечного зберігання та передачі файлів. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3894,7 +4455,7 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - Це комбінація протоколу OpenVPN та плагіна Cloak, розроблена спеціально для захисту від блокувань. + Це комбінація протоколу OpenVPN та плагіна Cloak, розроблена спеціально для захисту від блокувань. OpenVPN забезпечує безпечне VPN-підключення шляхом шифрування всього інтернет-трафіку між клієнтом і сервером. @@ -3914,7 +4475,6 @@ Cloak може змінювати метадані пакетів так, що - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3924,7 +4484,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - Відносно новий популярний VPN-протокол з спрощеною архітектурою. + Відносно новий популярний VPN-протокол з спрощеною архітектурою. WireGuard забезпечує стабільне VPN-підключення та високу продуктивність на всіх пристроях. Він використовує жорстко закодовані налаштування шифрування. Порівняно з OpenVPN, WireGuard має нижчу затримку та кращу пропускну здатність передачі даних. WireGuard дуже чутливий до блокувань через свої чіткі підписи пакетів. На відміну від деяких інших VPN-протоколів, які використовують техніки обфускації, постійні шаблони підписів пакетів WireGuard легше ідентифікуються та можуть бути заблоковані просунутими системами глибокого аналізу пакетів (DPI) та іншими інструментами моніторингу мережі. @@ -3936,18 +4496,17 @@ WireGuard дуже чутливий до блокувань через свої * Працює через UDP мережевий протокол. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - Протокол **REALITY**, сучасна розробка XRay. Спеціально розроблений для протидії найвищим рівням інтернет-цензури завдяки новому підходу до маскування. + Протокол **REALITY**, сучасна розробка XRay. Спеціально розроблений для протидії найвищим рівням інтернет-цензури завдяки новому підходу до маскування. REALITY унікально ідентифікує цензорів під час фази TLS-handshake, працюючи як проксі для VPN клієнтів, при цьому перенаправляючи цензорів на справжні вебсайти, такі як google.com, надаючи справжній TLS-сертифікат та інші дані. Цей функціонал, відрізняє REALITY від подібних технологій, своєю здатністю маскувати веб-трафік у такий такий, що походить із випадкових справжніх сайтів без необхідності спеціальних налаштувань. На відміну від старіших протоколів, таких як VMess, VLESS та XTLS-Vision transport, продвиуте розпізнавання "Свій — Чужий" REALITY під час TLS-handshake підвищує безпеку та протидіє виявленню складними системами DPI, що використовують активні техніки аналізу. Це робить REALITY надійним рішенням для підтримання інтернет-свободи в середовищах з жорсткою цензурою. - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3968,7 +4527,7 @@ While it offers a blend of security, stability, and speed, it's essential t * Працює по мережевому протоколу UDP, порти 500 і 4500. - + DNS Service DNS Сервіс @@ -3979,7 +4538,7 @@ While it offers a blend of security, stability, and speed, it's essential t - + Website in Tor network Веб-сайт в мережі Tor @@ -3994,36 +4553,69 @@ While it offers a blend of security, stability, and speed, it's essential t OpenVPN - популярний VPN-протокол, гнучний в налаштуваннях. Має власний протокол оснований на обміні ключами SSL/TLS. - + + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - WireGuard - новий популярний VPN-протокол, з високою швидістю та низьким енергоспоживанням. Для регіонів з низьким рівнем цензури. + WireGuard - новий популярний VPN-протокол, з високою швидістю та низьким енергоспоживанням. Для регіонів з низьким рівнем цензури. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG - фірмовий протокол Amnezia, оснований на протоколі WireGuard. Такий же швидкий, як і WireGuard, але стійкий до блокувань. Рекомендується для регіонів з високим рівнем цензури. + AmneziaWG - фірмовий протокол Amnezia, оснований на протоколі WireGuard. Такий же швидкий, як і WireGuard, але стійкий до блокувань. Рекомендується для регіонів з високим рівнем цензури. - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - XRay with REALITY — підходить для країн з найвищим рівнем інтернет-цензури. Маскування трафіку під веб-трафік на рівні TLS. Захист від виявлення активними методами сканування (active-probing). + XRay with REALITY — підходить для країн з найвищим рівнем інтернет-цензури. Маскування трафіку під веб-трафік на рівні TLS. Захист від виявлення активними методами сканування (active-probing). IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. IKEv2/IPsec сучасний стабільний протокол, трішки швидше за інших відновлює підключення. - + Deploy a WordPress site on the Tor network in two clicks. Розгорніть сайт WordPress в мережі Tor в два кліка. - + Replace the current DNS server with your own. This will increase your privacy level. Замініть DNS-сервер на AmneziaDNS. Це підвищить вашу рівень захищеності в інтернеті. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -4032,7 +4624,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - OpenVPN один із самих популярних і перевірених часом протоколів VPN. + OpenVPN один із самих популярних і перевірених часом протоколів VPN. Він використовує власний протокол, який опирається на протокол SSL/TLS для шифрування та обміну ключами. Крім того, підтримка OpenVPN багатьох методів аутентифікації робить його універсальним і адаптованим до широкого спектру пристроїв і операційних систем. Завдяки відкритому коду, OpenVPN піддається ретельному аналізу зі сторони світової спільноти, що постійно підвищує його безпеку. Завдяки оптимальному співвідношенню продуктивності, безпеки та сумісності OpenVPN залишається найкращим вибором як для приватних осіб, так і для компаній. * Доступний в AmneziaVPN для всіх платформ @@ -4042,7 +4634,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Може працювати за протоколом TCP і UDP. - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -4057,7 +4649,61 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Працює по мережевому протоколу TCP. - + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -4133,7 +4779,6 @@ WireGuard дуже вразливий до блокування. На відмі * Працює по протоколу UDP. - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -4143,7 +4788,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - Сучасна ітерація популярного протоколу VPN, AmneziaWG спирається на протокол WireGuard, зберігаючи його просту архітектуру та високопродуктивні можливості на різних пристроях. + Сучасна ітерація популярного протоколу VPN, AmneziaWG спирається на протокол WireGuard, зберігаючи його просту архітектуру та високопродуктивні можливості на різних пристроях. Незважаючи на те, що WireGuard відомий своєю ефективністю, він має проблеми з легким виявленням через чіткі підписи пакетів. AmneziaWG вирішує цю проблему, використовуючи кращі методи обфускації, завдяки чому її трафік змішується зі звичайним інтернет-трафіком. Це означає, що AmneziaWG зберігає швидку роботу оригінального протоколу WireGuard, додаючи додатковий рівень скритності, що робить його чудовим вибором для тих, хто бажає швидкого та непомітного VPN-з’єднання. @@ -4169,7 +4814,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin - + SOCKS5 proxy server SOCKS5 proxy server @@ -4360,14 +5005,35 @@ This means that AmneziaWG keeps the fast performance of the original while addin + + RenameServerDrawer + + + Server name + Імя сервера + + + + Save + Зберегти + + SelectLanguageDrawer - + Choose language Выберите язык + + ServersListView + + + Unable change server while there is an active connection + Не можна змінити сервер при активному підключенні + + Settings @@ -4385,7 +5051,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin SettingsController - + All settings have been reset to default values Всі налаштування були скинуті до значення "По замовчуванню" @@ -4394,7 +5060,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin Кеш профілю очищено - + Backup file is corrupted Backup файл пошкодженно @@ -4402,39 +5068,39 @@ This means that AmneziaWG keeps the fast performance of the original while addin ShareConnectionDrawer - - + + Save AmneziaVPN config Зберегти config AmneziaVPN - + Share Поділитись - + Copy Скопіювати - - + + Copied Скопійовано - + Copy config string Скопіювати стрічку конфігурації - + Show connection settings Показати налаштування підключення - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" Для зчитування QR-коду в застосунку Amnezia виберіть "Додати сервер" → "У мене є дані підключенн" → "QR-код, ключ чи файл налаштувань" @@ -4447,37 +5113,37 @@ This means that AmneziaWG keeps the fast performance of the original while addin Ім’я хосту не схоже на ip-адресу чи доменне ім’я - + New site added: %1 Додано новий сайт %1 - + Site removed: %1 Сайт видалено %1 - + Can't open file: %1 Неможливо відкрити файл: %1 - + Failed to parse JSON data from file: %1 Не вдалося розібрати JSON-данні із файлу: %1 - + The JSON data is not an array in file: %1 Данні JSON не являються масивом в файлі: %1 - + Import completed Імпорт завершено - + Export completed Експорт завершено @@ -4518,7 +5184,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin TextFieldWithHeaderType - + The field can't be empty Поле не може бути пустим @@ -4526,7 +5192,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin VpnConnection - + Mbps Mbps @@ -4577,28 +5243,24 @@ This means that AmneziaWG keeps the fast performance of the original while addin amnezia::ContainerProps - Low - Низький + Низький - High - Високий + Високий Extreme Екстремальний - I just want to increase the level of my privacy. - Я просто хочу підвищити свій рівень безпеки в інтернеті. + Я просто хочу підвищити свій рівень безпеки в інтернеті. - I want to bypass censorship. This option recommended in most cases. - Я хочу обійти блокування. Цей варіант рекомендується в більшості випадків. + Я хочу обійти блокування. Цей варіант рекомендується в більшості випадків. Most VPN protocols are blocked. Recommended if other options are not working. @@ -4620,16 +5282,26 @@ This means that AmneziaWG keeps the fast performance of the original while addin I just want to increase the level of privacy Я просто хочу підвищити свій рівень безпеки в інтернеті. + + + Automatic + + + + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + main2 - + Private key passphrase Пароль для особистого ключа - + Save Зберегти diff --git a/client/translations/amneziavpn_ur_PK.ts b/client/translations/amneziavpn_ur_PK.ts index cf445bfa..3a8b8172 100644 --- a/client/translations/amneziavpn_ur_PK.ts +++ b/client/translations/amneziavpn_ur_PK.ts @@ -1,55 +1,116 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + + + + + API config reloaded + + + + + Successfully changed the country of connection to %1 + + + ApiServicesModel - - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - - - - - VPN to access blocked sites in regions with high levels of Internet censorship. - - - - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. - - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. - + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s - + %1 days - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> - + Free - + %1 $/month @@ -80,7 +141,7 @@ ConnectButton - + Unable to disconnect during configuration preparation تشکیل کی تیاری کے دوران منقطع ہونا ممکن نہیں ہے @@ -88,61 +149,58 @@ ConnectionController - - - - + + + + Connect جوڑنا - The selected protocol is not supported on the current platform - منتخب کردہ پروٹوکول موجودہ پلیٹ فارم پر تعاون یافتہ نہیں ہے + منتخب کردہ پروٹوکول موجودہ پلیٹ فارم پر تعاون یافتہ نہیں ہے - VPN Protocols is not installed. Please install VPN container at first - وی پی این پروٹوکول انسٹال نہیں ہے,براہ کرم پہلےوی پی این کنٹینر انسٹال کریں + وی پی این پروٹوکول انسٹال نہیں ہے,براہ کرم پہلےوی پی این کنٹینر انسٹال کریں - unable to create configuration - تشکیل تیار کرنے میں ناکام + تشکیل تیار کرنے میں ناکام - + Connecting... جوڑاجارھاھے.... - + Connected جوڑاجارھاھے - + Reconnecting... دوبارہ جوڑنےکی کوشش... - + Disconnecting... منقطع کرنا... - + Preparing... تیاری کیا جا رہا ہے... - + Settings updated successfully, reconnnection... ترتیب ک ھوگی،دوبارہ جوڑنےکی کوشش... - + Settings updated successfully دوبارہ ترتیب تاذہ کامیاب @@ -150,17 +208,17 @@ ConnectionTypeSelectionDrawer - + Add new connection نیا کنکشن کا اندراج کریں - + Configure your server اپنے سرور کو ترتیب دیں - + Open config file, key or QR code کھولو کنفیگ فاءیل،کی یا کور کوڈ @@ -198,7 +256,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection موجودہ کنکشن ہونے کے دوران پروٹوکول کو تبدیل کرنے سے قاصر ہے @@ -206,45 +264,45 @@ HomeSplitTunnelingDrawer - + Split tunneling سپلٹ ٹنلنگ - + Allows you to connect to some sites or applications through a VPN connection and bypass others آپ کو VPN کنکشن کے ذریعے کچھ سائٹس یا ایپلیکیشنز سے جڑنے اور دوسروں کو نظرانداز کرنے کی اجازت دیتا ہے - + Split tunneling on the server سرور پر سپلٹ ٹنلنگ - + Enabled Can't be disabled for current server فعال کو موجودہ سرور کے لیے غیر فعال نہیں کیا جا سکتا - + Site-based split tunneling سائٹ پر مبنی ٹونلنگ - - + + Enabled فعال - - + + Disabled فعال نہیں - + App-based split tunneling ایپ پر مبنی سپلٹ ٹونلنگ @@ -252,113 +310,100 @@ Can't be disabled for current server ImportController - Unable to open file - فائل کو کھولنے سے قاصر ہے + فائل کو کھولنے سے قاصر ہے - - Invalid configuration file - غلط کنفیگریشن فائل + غلط کنفیگریشن فائل - + Scanned %1 of %2. سکین%1 کی%2. - - In the imported configuration, potentially dangerous lines were found: + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: InstallController - + %1 installed successfully. %1 کامیابی سےنصب. - + %1 is already installed on the server. %1 پہلے ہی سرور پر انسٹال ہے. - + Added containers that were already installed on the server وہ کنٹینرز شامل کیے گئے جو پہلے سے سرور پر نصب تھے - + Already installed containers were found on the server. All installed containers have been added to the application سرور پر پہلے سے نصب کنٹینرز پائے گئے۔ تمام نصب کنٹینرز کو ایپلی کیشن میں شامل کر دیا گیا ہے - + Settings updated successfully ترتیب کامیابی کے ساتھ اپ ڈیٹ ہو گئی - + Server '%1' was rebooted سرور %1 دوبارہ چالو کیا گیا تھا - + Server '%1' was removed سرور %1 ہٹا دیا گیا تھا - + All containers from server '%1' have been removed سرور '%1' سے تمام کنٹینرز ہٹا دیے گئے ہیں - + %1 has been removed from the server '%2' سرور '%2' سے %1 ہٹا دیا گیا ہے - + Api config removed - + %1 cached profile cleared %1 کیش کردہ پروفائل ختم کر دی گئی - + Please login as the user براہ کرم صارف کے طور پر لاگ ان کریں - + Server added successfully سرور کامیابی سے شامل کیا گیا - - - %1 installed successfully. - - - - - API config reloaded - - - - - Successfully changed the country of connection to %1 - - InstalledAppsDrawer @@ -368,12 +413,12 @@ Already installed containers were found on the server. All installed containers ایپلیکیشن کو منتخب کریں - + application name ایپلیکیشن کا نام - + Add selected ایپلیکیشن کا نام @@ -443,12 +488,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Dev gateway environment @@ -456,85 +501,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled لاگنگ فعال ہے - + Split tunneling enabled سپلٹ ٹنلنگ فعال ہے - + Split tunneling disabled سپلٹ ٹنلنگ غیر فعال ہے - + VPN protocol وی پی این پروٹوکول - + Servers سرور - Unable change server while there is an active connection - فعال کنکشن موجود ہونے کی وجہ سے سرور تبدیل کرنے میں ناکام ہیں + فعال کنکشن موجود ہونے کی وجہ سے سرور تبدیل کرنے میں ناکام ہیں PageProtocolAwgClientSettings - + AmneziaWG settings امنیزیا وی جی کی ترتیبات - + MTU ام ٹی یو - + Server settings - + Port پورٹ - + Save - + Save settings? ترتیبات محفوظ کریں? - + Only the settings for this device will be changed - + Continue - + Cancel - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -542,12 +586,12 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings امنیزیا وی جی کی ترتیبات - + Port پورٹ @@ -556,87 +600,92 @@ Already installed containers were found on the server. All installed containers ام ٹی یو - + All users with whom you shared a connection with will no longer be able to connect to it. آپ جن لوگوں کے ساتھ آپ نے اس کنکشن کا اشتراک کیا تھا، وہ اس سے مزید جڑ نہیں سکیں گے۔ - + Save محفوظ کریں - + + VPN address subnet + وی پی این ایڈریس سب نیٹ + + + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + The values of the H1-H4 fields must be unique H1 تا H4 فیلڈز کی قیمتیں مخصوص ہونی چاہیے - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) S1 + پیغام شروع کار (148) کے فیلڈ کی قیمت S2 + پیغام جواب (92) کے سائز کے برابر نہیں ہونی چاہئے - + Save settings? ترتیبات محفوظ کریں? - + Continue جاری رکھیں - + Cancel منسوخ کریں - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -644,33 +693,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings پوشیدہ ترتیب - + Disguised as traffic from کے طور پر ٹریفک کی طرح - + Port پورٹ - - + + Cipher رمز - + Save محفوظ کریں - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -678,175 +727,175 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings اوپن وی پی این ترتیبات - + VPN address subnet وی پی این ایڈریس سب نیٹ - + Network protocol نیٹ ورک پروٹوکول - + Port پورٹ - + Auto-negotiate encryption خود کار مذاکرتی رمزنگاری - - + + Hash ہیش - + SHA512 - + SHA384 - + SHA256 - + SHA3-512 - + SHA3-384 - + SHA3-256 - + whirlpool بھنور - + BLAKE2b512 - + BLAKE2s256 - + SHA1 - - + + Cipher رمز - + AES-256-GCM - + AES-192-GCM - + AES-128-GCM - + AES-256-CBC - + AES-192-CBC - + AES-128-CBC - + ChaCha20-Poly1305 - + ARIA-256-CBC - + CAMELLIA-256-CBC - + none کوئی نہیں - + TLS auth TLS توثیق - + Block DNS requests outside of VPN وی پی این کے باہر DNS درخواستوں کو بلاک کریں - + Additional client configuration commands مزید کلائنٹ ترتیباتی احکامات - - + + Commands: احکامات: - + Additional server configuration commands اضافی سرور کنفیگریشن احکامات - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا - + Save احفظ @@ -854,42 +903,42 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings ترتیبات - + Show connection options کنکشن کے اختیارات دکھائیں - + Connection options %1 کنکشن کے اختیارات %1 - + Remove ہٹائیں - + Remove %1 from server? سرور سے %1 کو ہٹائیں؟ - + All users with whom you shared a connection with will no longer be able to connect to it. آپ جن لوگوں کے ساتھ آپ نے ایک کنکشن شیئر کیا تھا، وہ اب اس سے مزید جڑ نہیں سکیں گے. - + Continue جاری رکھیں - + Cancel منسوخ کریں @@ -897,28 +946,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings شیڈو ساکس ترتیبات - + Port پورٹ - - + + Cipher رمز - + Save محفوظ کریں - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -926,52 +975,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings وائر گارڈ ترتیبات - + MTU ام ٹی یو - + Server settings - + Port پورٹ - + Save - + Save settings? ترتیبات محفوظ کریں? - + Only the settings for this device will be changed - + Continue - + Cancel - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -979,32 +1028,37 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings وائر گارڈ ترتیبات - + + VPN address subnet + وی پی این ایڈریس سب نیٹ + + + Port پورٹ - + Save settings? ترتیبات محفوظ کریں? - + All users with whom you shared a connection with will no longer be able to connect to it. - + Continue - + Cancel @@ -1013,12 +1067,12 @@ Already installed containers were found on the server. All installed containers ام ٹی یو - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا - + Save محفوظ کریں @@ -1026,22 +1080,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings XRay کی ترتیبات - + Disguised as traffic from کے طور پر ٹریفک کی طرح - + Save محفوظ - + Unable change settings while there is an active connection جب ایک فعال کنکشن موجود ہو تو ترتیبات کو تبدیل نہیں کیا جا سکتا @@ -1049,39 +1103,39 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. ایک DNS سروس آپ کے سرور پر انسٹال کی گئی ہے، اور صرف VPN کے ذریعے یہ قابل رسائی ہے. - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. ایڈریس وہی ہے جو آپ کے سرور کا پتہ ہے۔ آپ کنکشنز ٹیب کے نیچے سیٹنگز میں DNS کنفیگر کر سکتے ہیں. - + Remove ہٹائیں - + Remove %1 from server? سرور سے %1 کو ہٹا دیں? - + Cannot remove AmneziaDNS from running server آمنیزیا ڈی این ایس کو چل رہے سرور سے ہٹا نہیں سکتے - + Continue جاری رہے - + Cancel منسوخ کریں @@ -1089,69 +1143,69 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully ترتیبات کامیابی سے اپ ڈیٹ ہوگئیں - + SFTP settings ایس ایف ٹی پی ترتیبات - + Host The term "Host" in the context of SFTP (Secure File Transfer Protocol) can be translated into Urdu as: میزبان - - - - + + + + Copied نقل کر دیا گیا - + Port پورٹ - + User name صارف کا نام - + Password پاس ورڈ - + Mount folder on device آلے پر فولڈر ماؤنٹ کریں - + In order to mount remote SFTP folder as local drive, perform following steps: <br> ریموٹ SFTP فولڈر کو لوکل ڈرائیو کے طور پر ماؤنٹ کرنے کے لیے، درج ذیل اقدامات کریں - - + + <br>1. Install the latest version of <br>1کا تازہ ترین ورژن انسٹال کریں - - + + <br>2. Install the latest version of .<br>2کا تازہ ترین ورژن انسٹال کریں ۔ - + Detailed instructions تفصیلی ہدایات @@ -1175,71 +1229,71 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully - - + + SOCKS5 settings - + Host The term "Host" in the context of SFTP (Secure File Transfer Protocol) can be translated into Urdu as: میزبان - - - - + + + + Copied - - + + Port پورٹ - + User name صارف کا نام - - + + Password پاس ورڈ - + Username - - + + Change connection settings - + The port must be in the range of 1 to 65535 - + Password cannot be empty - + Username cannot be empty @@ -1247,37 +1301,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully ترتیبات کامیابی سے اپ ڈیٹ ہوگئی ہیں - + Tor website settings ویب سائٹ کی ترتیبات - + Website address ویب سائٹ کا پتہ - + Copied نقل کر لیا گیا - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. اپنی اونین ویب سائٹ بنانے کے بعد، ٹور نیٹ ورک کو اسے دستیاب کرنے میں کچھ منٹ لگ سکتے ہیں۔ - + When configuring WordPress set the this onion address as domain. وورڈپریس کو ترتیب دیتے وقت، اس انیون ایڈریس کو ڈومین کے طور پر مقرر کریں. @@ -1301,42 +1355,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings ترتیبات - + Servers سرور - + Connection کنکشن - + Application ایپلیکیشن - + Backup بیک اپ - + About AmneziaVPN AmneziaVPN کے بارے میں - + Dev console - + Close application براہ کرم ایپلیکیشن بند کریں @@ -1344,32 +1398,32 @@ Already installed containers were found on the server. All installed containers PageSettingsAbout - + Support Amnezia Amnezia کی حمایت کریں - + Amnezia is a free and open-source application. You can support the developers if you like it. ایمنیزیا ایک مفت اور آزاد سورس ایپلیکیشن ہے۔ آپ اگر اسے پسند کریں تو ڈویلپرز کی حمایت کرسکتے ہیں. - + Contacts رابطے - + Telegram group ٹیلیگرام گروپ - + To discuss features "فیچرز" پر گفتگو کرنے کے لئے - + https://t.me/amnezia_vpn_en @@ -1378,130 +1432,497 @@ Already installed containers were found on the server. All installed containers میل - + support@amnezia.org - + For reviews and bug reports جائزہ اور بگ رپورٹس کے لئے - - Copied + + mailto:support@amnezia.org - + GitHub گِٹ ہَب - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website ویب سائٹ - + + Visit official website + + + + Software version: %1 سافٹ ویئر ورژن: %1 - + Check for updates اپ ڈیٹس چیک کریں - + Privacy Policy رازداری کی پالیسی - PageSettingsApiServerInfo + PageSettingsApiAvailableCountries - - For the region + + Location for connection - - Price + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices - - Work period + + Manage currently connected devices - - Speed + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. - - Support tag + + (current device) - - Copied + + Support tag: - - Reload API config + + Last updated: - - Reload API config? + + Cannot unlink device during active connection - - + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + Continue - - + Cancel + + + PageSettingsApiInstructions - - Cannot reload API config during active connection + + Windows - - Remove from application + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows - - Remove from application? + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + AmneziaVPN ترتیب کو محفوظ کریں + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + + + + + Cancel + + + + + PageSettingsApiServerInfo + + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + + Reload API config + + + + + Reload API config? + + + + + + + Continue + + + + + + + Cancel + + + + + Cannot reload API config during active connection + + + + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + + Remove from application + + + + + Remove from application? + + + + Cannot remove server during active connection چالو کنکشن کے دوران سرور کو ہٹایا نہیں جا سکتا + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + ویب سائٹ + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + + + + + Copied + + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection فعال کنکشن کے دوران سپلٹ ٹنلنگ کی ترتیبات تبدیل نہیں کی جا سکتیں @@ -1514,7 +1935,7 @@ Already installed containers were found on the server. All installed containers فہرست میں شامل ایپ کو وی پی این کے ذریعے دسترس نہیں کیا جائے گا - + Only the apps from the list should have access via VPN @@ -1524,42 +1945,42 @@ Already installed containers were found on the server. All installed containers - + App split tunneling ایپ اسپلٹ ٹنلنگ - + Mode موڈ - + Remove ہٹائیں - + Continue جاری رکھیں - + Cancel منسوخ - + application name ایپ کا نام - + Open executable file قابل اجراء فائل کو کھولیں - + Executable files (*.*) قابل اجراء فائل (*.*) @@ -1567,102 +1988,102 @@ Already installed containers were found on the server. All installed containers PageSettingsApplication - + Application ایپلیکیشن - + Allow application screenshots ایپلیکیشن میں تصویریں لینے کی اجازت دیں - + Enable notifications - + Enable notifications to show the VPN state in the status bar - + Auto start خود کار شروع - + Launch the application every time the device is starts جب بھی آلہ چلائے، ایپلیکیشن کو لانچ کریں - + Auto connect خودکار منسلک - + Connect to VPN on app start ایپ شروع ہونے پر VPN سے جڑیں - + Start minimized کمینائز شروع کریں - + Launch application minimized ایپلیکیشن کو کمینائز کر کے لانچ کریں - + Language زبان - + Logging لاگنگ - + Enabled فعال - + Disabled غیر فعال - + Reset settings and remove all data from the application ترتیبات کو دوبارہ ترتیب کریں اور ایپلیکیشن سے تمام ڈیٹا کو ختم کریں - + Reset settings and remove all data from the application? ترتیبات کو دوبارہ ترتیب دیں اور ایپلیکیشن سے تمام ڈیٹا کو ہٹا دیں؟ - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. تمام ترتیبات کو معمولی حالت پر لوٹایا جائے گا۔ سب انسٹال کیے گئے امنیزیا وی پی این سروسزسرورپرموجودرہیںگی. - + Continue جاری رکھیں - + Cancel منسوخ - + Cannot reset settings during active connection چالو کنکشن کے دوران ترتیبات کو دوبارہ ترتیب نہیں دی جا سکتی @@ -1670,78 +2091,78 @@ Already installed containers were found on the server. All installed containers PageSettingsBackup - + Settings restored from backup file ترتیبات بیک اپ فائل سے بحال کردی گئی ہیں - + Back up your configuration اپنی ترتیبات کا بیک اپ بنائیں - + You can save your settings to a backup file to restore them the next time you install the application. آپ اپنی ترتیبات کو بیک اپ فائل میں محفوظ کرکے اگلی دفعہ جب آپ ایپلیکیشن کو انسٹال کریں تو انہیں بحال کرنے کے لئے استعمال کرسکتے ہیں۔ - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. بیک اپ میں آپ کے تمام سرورز جنہیں AmneziaVPN میں شامل کیا گیا ہے، ان کے پاسورڈ اور نجی کلید شامل ہوں گے۔ اس معلومات کو ایک محفوظ جگہ میں محفوظ رکھیں. - + Make a backup ایک بیک اپ بنائیں - + Save backup file بیک اپ فائل کو محفوظ کریں - - + + Backup files (*.backup) بیک اپ فائلیں (*.backup) - + Backup file saved بیک اپ فائل محفوظ ہو گئی - + Restore from backup بیک اپ سے بحال کریں - + Open backup file بیک اپ فائل کو کھولیں - + Import settings from a backup file? بیک اپ فائل سے ترتیبات کو درآمد کریں؟ - + All current settings will be reset تمام موجودہ ترتیبات کو دوبارہ ترتیب دیں - + Continue جاری رکھیں - + Cancel منسوخ - + Cannot restore backup settings during active connection چالو کنکشن کے دوران بیک اپ ترتیبات کو دوبارہ قائم نہیں کیا جا سکتا @@ -1749,125 +2170,125 @@ Already installed containers were found on the server. All installed containers PageSettingsConnection - + Connection کنکشن - + When AmneziaDNS is not used or installed ایمنیزیا ڈی این ایس کو استعمال نہیں کیا گیا ہو یا اسے انسٹال نہیں کیا گیاہے - + Allows you to use the VPN only for certain Apps آپ کو صرف مخصوص ایپلیکیشنز کے لئے وی پی این استعمال کرنے کی اجازت دیتا ہے - + Use AmneziaDNS AmneziaDNS استعمال کریں - + If AmneziaDNS is installed on the server اگر سرور پر AmneziaDNS انسٹال کیا گیا ہو تو - + DNS servers ڈی این ایس سرور - + Site-based split tunneling سائٹ کے بنیادی سپلٹ ٹنلنگ - + Allows you to select which sites you want to access through the VPN آپ کو یہ امکان فراہم کرتا ہے کہ آپ وی پی این کے ذریعہ کس سائٹ کو دسترس دینا چاہتے ہیں وہ منتخب کریں - + App-based split tunneling ایپ کے بنیاد پر سپلٹ ٹنلنگ - + KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. - - Cannot change killSwitch settings during active connection + + Cannot change KillSwitch settings during active connection PageSettingsDns - + Default server does not support custom DNS افتراضی سرور کا مخصوص DNS کو سپورٹ نہیں کرتا ہے - + DNS servers ڈی این ایس سرور - + If AmneziaDNS is not used or installed اگر AmneziaDNS استعمال نہیں کیا گیا ہو یا انسٹال نہیں کیا گیا ہو تو - + Primary DNS اولین DNS - + Secondary DNS ثانوی DNS - + Restore default اصل حالت کو بحال کریں - + Restore default DNS settings? اصل DNS ترتیبات کو بحال کریں؟ - + Continue براہ کرم جاری رکھیں - + Cancel منسوخ - + Settings have been reset ترتیبات کو دوبارہ ترتیب دیا گیا ہے - + Save محفوظ - + Settings saved ترتیبات محفوظ ہوگئیں @@ -1879,12 +2300,12 @@ Already installed containers were found on the server. All installed containers لاگنگ فعال ہے۔ یاد رہے کہ لاگوں کو 14 دنوں کے بعد خود بخود غیر فعال کر دیا جائے گا، اور تمام لاگ فائلیں حذف کردی جائیں گی. - + Logging لاگنگ - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. اس فعل کو فعال کرنے سے، ایپلیکیشن کے لاگ خود بخود محفوظ ہوجائیں گے۔ پہلے سے، لاگنگ کی فعالیت غیر فعال ہوتی ہے۔ اگر ایپلیکیشن میں کوئی خرابی ہو، تو لاگ کو بچانا فعال کریں. @@ -1897,20 +2318,20 @@ Already installed containers were found on the server. All installed containers فائلوں کے فولڈر کو کھولیں - - + + Save محفوظ - - + + Logs files (*.log) لاگ فائلیں (*.log) - - + + Logs file saved لاگ فائل محفوظ ہوگئی @@ -1919,64 +2340,62 @@ Already installed containers were found on the server. All installed containers لاگوں کو فائل میں محفوظ کریں - + Enable logs - + Clear logs? کیا آپ لاگوں کو صاف کرنا چاہتے ہیں؟ - + Continue براہ کرم جاری رکھیں - + Cancel منسوخ - + Logs have been cleaned up تم مسح السجلاتلاگوں کو صاف کر دیا گیا ہے - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs لاگوں کو صاف کریں @@ -1994,12 +2413,12 @@ Already installed containers were found on the server. All installed containers کوئی نئے انسٹال شدہ کنٹینرز نہیں ملے - + Do you want to reboot the server? کیا آپ سرور کو دوبارہ چالو کرنا چاہتے ہیں؟ - + Do you want to clear server from Amnezia software? هل تريد حذف الخادم من Amnezia?کیا آپ سرور کو Amnezia سافٹ ویئر سے صاف کرنا چاہتے ہیں؟ @@ -2009,93 +2428,93 @@ Already installed containers were found on the server. All installed containers - - - - + + + + Continue براہ کرم جاری رکھیں - - - - + + + + Cancel منسوخ - + Check the server for previously installed Amnezia services سرور پر پہلے سے انسٹال کی گئی Amnezia سروسز کو چیک کریں - + Add them to the application if they were not displayed اگر وہ دکھایا نہیں گیا تو انہیں ایپلیکیشن میں شامل کریں - + Reboot server سرور کو دوبارہ چالو کریں - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? ریبوٹ کا عمل تقریباً 30 سیکنڈ لے سکتا ہے۔ کیا آپ براہ کرم جاری رکھنا چاہتے ہیں؟ - + Cannot reboot server during active connection چالو کنکشن کے دوران سرور کو دوبارہ چالو نہیں کیا جا سکتا - + Remove server from application ایپلیکیشن سے سرور کو ہٹا دیں - + Do you want to remove the server from application? کیا آپ ایپلیکیشن سے سرور کو ہٹانا چاہتے ہیں؟ - + Cannot remove server during active connection چالو کنکشن کے دوران سرور کو ہٹایا نہیں جا سکتا - + All users whom you shared a connection with will no longer be able to connect to it. آپ نے اپنی کنکشن کا اشتراک دینے والے تمام صارفین کو اس سے جڑنے کی اجازت نہیں ہوگی. - + Cannot clear server from Amnezia software during active connection چالو کنکشن کے دوران سرور کو ایمنیزیا سافٹ ویئر سے صاف کرنا ممکن نہیں - + Reset API config API کونفیگ کو دوبارہ ترتیب دیں - + Do you want to reset API config? کیا آپ API کونفیگ کو دوبارہ ترتیب دینا چاہتے ہیں؟ - + Cannot reset API config during active connection چالو کنکشن کے دوران API ترتیبات کو دوبارہ ترتیب نہیں دی جا سکتی - + All installed AmneziaVPN services will still remain on the server. سرور پر تمام انسٹال شدہ AmneziaVPN سروسز محفوظ رہیں گے. - + Clear server from Amnezia software Amnezia سافٹ ویئر کو سرور سے صاف کریں @@ -2103,27 +2522,25 @@ Already installed containers were found on the server. All installed containers PageSettingsServerInfo - Server name - سرور کا نام + سرور کا نام - Save - محفوظ + محفوظ - + Protocols پروٹوکولات - + Services خدمات - + Management مینجمنٹ @@ -2131,7 +2548,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServerProtocol - + settings ترتیبات @@ -2140,17 +2557,17 @@ Already installed containers were found on the server. All installed containers %1 پروفائل کو صاف کریں - + Clear %1 profile? کیا آپ واقعی %1 پروفائل کو صاف کرنا چاہتے ہیں؟ - + Unable to clear %1 profile while there is an active connection فعال کنکشن کے دوران %1 پروفائل کو صاف نہیں کیا جا سکتا - + Cannot remove active container فعال کنٹینر کو ہٹانا ممکن نہیں @@ -2160,54 +2577,54 @@ Already installed containers were found on the server. All installed containers - + Remove ہٹائیں - + All users with whom you shared a connection will no longer be able to connect to it. آپ نے جن کے ساتھ کنکشن شئیر کیا تھا، ان تمام صارفین کو اس سے جڑنے کی اجازت نہیں ہوگی. - + Remove %1 from server? کیا آپ سرور سے %1 کو ہٹانا چاہتے ہیں؟ - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - - + + Continue براہ کرم جاری رکھیں - - + + Cancel منسوخ @@ -2215,7 +2632,7 @@ Already installed containers were found on the server. All installed containers PageSettingsServersList - + Servers سرور @@ -2223,100 +2640,100 @@ Already installed containers were found on the server. All installed containers PageSettingsSplitTunneling - + Default server does not support split tunneling function افتراضی سرور سپلٹ ٹنلنگ فعال نہیں کرتا - + Addresses from the list should not be accessed via VPN اس فہرست سے پتوں کا وی پی این کے ذریعے دسترس حاصل نہیں کیا جانا چاہئے - + Split tunneling اسپلٹ ٹنلنگ - + Mode موڈ - + Remove ہٹائیں - + Continue براہ کرم جاری رکھیں - + Cancel منسوخ - + Only the sites listed here will be accessed through the VPN صرف یہاں درج کردہ سائٹس وی پی این کے ذریعے دسترس حاصل کریں گی - + Cannot change split tunneling settings during active connection فعال کنکشن کے دوران سپلٹ ٹنلنگ کی ترتیبات تبدیل نہیں کی جا سکتیں - + website or IP ویب سائٹ یا آئی پی - + Import / Export Sites سائٹس درآمد / برآمد - + Import درآمد - + Save site list سائٹ کی فہرست کو محفوظ کریں - + Save sites سائٹس کو محفوظ کریں - - - + + + Sites files (*.json) سائٹس فائلیں (*.json) - + Import a list of sites ایک فہرست کو درآمد کریں - + Replace site list سائٹ کی فہرست کو بدلیں - - + + Open sites file سائٹس فائل کو کھولیں - + Add imported sites to existing ones آمدہ سائٹس کو موجودہ میں شامل کریں @@ -2324,32 +2741,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServiceInfo - + For the region - + Price - + Work period - + Speed - + Features - + Connect @@ -2357,12 +2774,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardApiServicesList - + VPN by Amnezia - + Choose a VPN service that suits your needs. @@ -2386,7 +2803,7 @@ Already installed containers were found on the server. All installed containers کنکشن کی ترتیبات یا بیک اپ والی فائل - + Connection کنکشن @@ -2396,87 +2813,107 @@ Already installed containers were found on the server. All installed containers ترتیبات - + Enable logs - + + Support tag + + + + + Copied + + + + Insert the key, add a configuration file or scan the QR-code - + Insert key - + Insert داخل کریں - + Continue - + Other connection options - + + Site Amnezia + + + + VPN by Amnezia - + Connect to classic paid and free VPN services from Amnezia - + Self-hosted VPN - + Configure Amnezia VPN on your own server - + Restore from backup بیک اپ سے بحال کریں - + + + + + + Open backup file بیک اپ فائل کو کھولیں - + Backup files (*.backup) بیک اپ فائلیں (*.backup) - + File with connection settings کنکشن کی ترتیبات والی فائل - + Open config file کنفیگ فائل کو کھولیں - + QR code QR کوڈ - + I have nothing میرے پاس کچھ نہیں ہے @@ -2488,67 +2925,67 @@ Already installed containers were found on the server. All installed containers PageSetupWizardCredentials - + Configure your server اپنے سرور کو ترتیب دیں - + Server IP address [:port] سرور آئی پی پتہ [:پورٹ] - + Continue براہ کرم جاری رکھیں - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties آپ جو ڈیٹا داخل کریں گے وہ بالکل خفیہ رہے گا اور نہ تو امنیزیا یا کسی تیسری شخصیت کے ساتھ اشتراک کیا جائے گا - + 255.255.255.255:22 - + SSH Username ایس ایس ایچ صارف نام - + Password or SSH private key پاس ورڈ یا SSH نجی کلید - + How to run your VPN server - + Where to get connection data, step-by-step instructions for buying a VPS - + Ip address cannot be empty آئی پی پتہ خالی نہیں ہو سکتا - + Enter the address in the format 255.255.255.255:88 ایڈریس درج کریں فارمیٹ 255.255.255.255:88 - + Login cannot be empty لاگ ان نام خالی نہیں ہو سکتا - + Password/private key cannot be empty پاس ورڈ یا نجی کلید خالی نہیں ہو سکتی @@ -2556,22 +2993,31 @@ Already installed containers were found on the server. All installed containers PageSetupWizardEasy - What is the level of internet control in your region? - آپ کے علاقے میں انٹرنیٹ کنٹرول کا سطح کیا ہے؟ + آپ کے علاقے میں انٹرنیٹ کنٹرول کا سطح کیا ہے؟ - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol ایک VPN پروٹوکول کا انتخاب کریں - + Skip setup ترتیب چھوڑیں - + Continue جاری رکھیں @@ -2618,37 +3064,37 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocolSettings - + Installing %1 %1 کی انسٹالیشن - + More detailed مزید تفصیلات والا - + Close بند - + Network protocol نیٹ ورک پروٹوکول - + Port پورٹ - + Install انسٹال - + The port must be in the range of 1 to 65535 @@ -2656,12 +3102,12 @@ Already installed containers were found on the server. All installed containers PageSetupWizardProtocols - + VPN protocol وی پی این پروٹوکول - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. آپ کے لئے سب سے زیادہ اہم پروٹوکول کا انتخاب کریں۔ بعد میں، آپ دوسرے پروٹوکول اور اضافی خدمات، جیسے DNS پراکسی اور SFTP، انسٹال کر سکتے ہیں۔ @@ -2697,7 +3143,7 @@ Already installed containers were found on the server. All installed containers میرے پاس کچھ نہیں ہے - + Let's get started @@ -2705,27 +3151,27 @@ Already installed containers were found on the server. All installed containers PageSetupWizardTextKey - + Connection key کنکشن کی کلید - + A line that starts with vpn://... ایک لائن جو vpn:// سے شروع ہوتی ہے... - + Key کلید - + Insert داخل کریں - + Continue جاری رہنے دیں @@ -2733,32 +3179,32 @@ Already installed containers were found on the server. All installed containers PageSetupWizardViewConfig - + New connection نیا کنکشن - + Collapse content مواد کو غیر فعال کریں - + Show content مواد دکھائیں - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. وائر گارڈ کی غلط شناخت کو بروئے کار لانے کے لئے وائر گارڈ غلط شناخت کو فعال کریں۔ آپ کے پرووائیڈر پر وائر گارڈ بند ہونے کی صورت میں یہ کار آمد ہو سکتی ہے۔ - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. صرف ان ماخذ سے کنکشن کوڈ استعمال کریں جن پر آپ کو اعتماد ہو۔ عوامی ماخذوں سے کوڈز آپ کے ڈیٹا کو منسلک کرنے کے لیے بنائے گئے ہو سکتے ہیں. - + Connect کنکٹ @@ -2766,37 +3212,37 @@ Already installed containers were found on the server. All installed containers PageShare - + Save OpenVPN config اوپن وی پی این کی ترتیبات کو محفوظ کریں - + Save WireGuard config وائر گارڈ کی ترتیبات کو محفوظ کریں - + Save AmneziaWG config ایمنیزیا ڈبلیو جی کی ترتیبات کو محفوظ کریں - + Save Shadowsocks config شیڈو ساکس کی ترتیبات کو محفوظ کریں - + Save Cloak config چادر کی ترتیبات کو محفوظ کریں - + Save XRay config "XRay کنفیگ کو محفوظ کریں - + For the AmneziaVPN app AmneziaVPN ایپ کے لئے @@ -2805,176 +3251,181 @@ Already installed containers were found on the server. All installed containers OpenVPN کا اصل فارمیٹ - + WireGuard native format وائر گارڈ کا اصل فارمیٹ - + AmneziaWG native format ایمنیزیا ڈبلیو جی کا اصل فارمیٹ - + Shadowsocks native format شیڈو ساکس کا اصل فارمیٹ - + Cloak native format Cloak کا اصل فارمیٹ - + XRay native format ایکس رے کا نیٹویٹ فارمیٹ - + Share VPN Access VPN دسترسی شیئر - + Share full access to the server and VPN سرور اور وی پی این کے لئے مکمل دسترسی کو شیئر کریں - + Use for your own devices, or share with those you trust to manage the server. اپنی خود کی ڈیوائسز کے لئے استعمال کریں، یا ان لوگوں کے ساتھ شیئر کریں جن پر آپ کا بھروسہ ہو کہ وہ سرور کو منظم کر سکیں. - - + + Users صارفین - + Share VPN access without the ability to manage the server سرور کو منظم کرنے کی صلاحیت کے بغیر وی پی این کی دسترسی شیئر - + Search تلاش - + Creation date: %1 - + Latest handshake: %1 - + Data received: %1 - + Data sent: %1 + + + Allowed IPs: %1 + + Creation date: تخلیق کی تاریخ: - + Rename نام تبدیل - + Client name کلائنٹ کا نام - + Save محفوظ - + Revoke واپس لین - + Revoke the config for a user - %1? کیا آپ مستعمل کے لئے کنفیگ کو واپس لینا چاہتے ہیں - %1؟ - + The user will no longer be able to connect to your server. صارف آپ کے سرور سے متصل ہونے کا اختیار نہیں رہے گا. - + Continue جاری رکھیں - + Cancel منسوخ - + Connection کنکشن - - + + Server سرور - + File with connection settings to کنکشن کی ترتیبات کی فائل - - + + Protocol پروٹوکول - + Connection to کنکشن کو - + Config revoked کنفیگ منسوخ - + OpenVPN native format - + User name صارف کا نام - - + + Connection format کنکشن فارمیٹ - - + + Share شیئر @@ -2982,55 +3433,55 @@ Already installed containers were found on the server. All installed containers PageShareFullAccess - + Full access to the server and VPN سرور اور وی پی این کی مکمل رسائی - + We recommend that you use full access to the server only for your own additional devices. ہم آپ کو سرور کا مکمل رسائی صرف اپنی اضافی ڈیوائسز کے لئے استعمال کرنے کی تجویز دیتے ہیں. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. "اگر آپ دوسروں کے ساتھ مکمل رسائی شیئر کریں تو وہ سرور پروٹوکول اور خدمات کو ہٹا سکتے ہیں اور شامل کر سکتے ہیں، جس سے وی پی این تمام صارفین کے لئے غلط کام کرے گا. - - + + Server سرور - + Accessing رسائی - + File with accessing settings to ترتیبات کے ساتھ دسترسی کی فائل - + Share شیئر - + Access error! رساءی ناممکن! - + Connection to کنکشن کو - + File with connection settings to کنکشن کی ترتیبات کی فائل @@ -3038,17 +3489,17 @@ Already installed containers were found on the server. All installed containers PageStart - + Logging was disabled after 14 days, log files were deleted لاگنگ کو 14 دنوں کے بعد غیر فعال کر دیا گیا، لاگ فائلوں کو حذف کر دیا گیا - + Settings restored from backup file ترتیبات بیک اپ فائل سے بحال کردی گئی ہیں - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -3056,7 +3507,7 @@ Already installed containers were found on the server. All installed containers PopupType - + Close بند @@ -3306,7 +3757,7 @@ Already installed containers were found on the server. All installed containers - + SOCKS5 proxy server @@ -3327,87 +3778,88 @@ Already installed containers were found on the server. All installed containers فنکشن نافذ نہیں ہوا - + Server check failed سرور کی جانچ ناکام ہوگئی - + Server port already used. Check for another software سرور پورٹ پہلے ہی استعمال ہو چکا ہے۔ دوسرا سافٹ ویئر چیک کریں - + Server error: Docker container missing سرور کی خرابی: ڈوکر کنٹینر غائب ہے - + Server error: Docker failed سرور کی خرابی: ڈوکر ناکام ہو گیا - + Installation canceled by user صارف کے ذریعے انسٹالیشن منسوخ کر دی گئی - - The user does not have permission to use sudo - صارف کو sudo استعمال کرنے کی اجازت نہیں ہے + + The user is not a member of the sudo group + صارف sudo گروپ کا رکن نہیں ہے - + SSH request was denied SSH درخواست مسترد کر دی گئی - + SSH request was interrupted SSH درخواست میں خلل پڑ - + SSH internal error SSH اندرونی خرابی - + Invalid private key or invalid passphrase entered غلط نجی کلید یا غلط پاسفریز درج کیا گیا - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types منتخب کردہ پرائیویٹ کلیدی فارمیٹ تعاون یافتہ نہیں ہے، openssh ED25519 کلیدی اقسام یا PEM کلیدی اقسام استعمال کریں - + Timeout connecting to server سرور سے منسلک ہونے کا ٹائم آؤٹ - + VPN connection error VPN کنکشن کی خرابی - + + Error when retrieving configuration from API آپی سے کنفیگریشن بازیافت کرتے وقت خرابی - + This config has already been added to the application یہ تشکیل پہلے ہی ایپلی کیشن میں شامل کی جا چکی ہے - + ErrorCode: %1. ایرر کوڈ: %1. - + OpenVPN config missing OpenVPN تشکیل غائب ہے @@ -3417,117 +3869,168 @@ Already installed containers were found on the server. All installed containers - - Server error: Packet manager error + + The selected protocol is not supported on the current platform + منتخب کردہ پروٹوکول موجودہ پلیٹ فارم پر تعاون یافتہ نہیں ہے + + + + Server error: Package manager error سرور خطا: پیکیج منیجر خطا - + + The sudo package is not pre-installed on the server + + + + + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SCP error: Generic failure ایس سی پی کی خرابی: عام ناکامی - + OpenVPN management server error OpenVPN مینجمنٹ سرور کی خرابی - + OpenVPN executable missing OpenVPN قابل عمل غائب ہے - + Shadowsocks (ss-local) executable missing شیڈو ساکس (ss-local) قابل عمل غائب - + Cloak (ck-client) executable missing Cloak (ck-client) قابل عمل غائب - + Amnezia helper service error ایمنیزیا مددگار سروس کی خرابی - + OpenSSL failed OpenSSL ناکام ہوگیا - + Can't connect: another VPN connection is active منسلک نہیں ہو سکتا: دوسرا VPN کنکشن فعال ہے - + Can't setup OpenVPN TAP network adapter OpenVPN TAP نیٹ ورک اڈاپٹر سیٹ اپ نہیں کر سکتے - + VPN pool error: no available addresses VPN پول کی خرابی: کوئی پتہ دستیاب نہیں ہے - + The config does not contain any containers and credentials for connecting to the server ترتیب میں سرور سے منسلک ہونے کے لیے کوئی کنٹینرز اور اسناد نہیں ہیں - + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + وی پی این پروٹوکول انسٹال نہیں ہے,براہ کرم پہلےوی پی این کنٹینر انسٹال کریں + + + In the response from the server, an empty config was received - + SSL error occurred - + Server response timeout on api request - + Missing AGW public key - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened QFile کی خرابی: فائل کو نہیں کھولا جا سکا - + QFile error: An error occurred when reading from the file کیو فائل کی خرابی: فائل سے پڑھتے وقت ایک خرابی پیش آگئی - + QFile error: The file could not be accessed QFile کی خرابی: فائل تک رسائی نہیں ہو سکی - + QFile error: An unspecified error occurred کیو فائل میں خرابی: ایک غیر متعینہ خرابی پیش آگئی - + QFile error: A fatal error occurred کیو فائل میں خرابی: ایک مہلک خرابی پیش آگئی - + QFile error: The operation was aborted کیو فائل کی خرابی: آپریشن روک دیا گیا تھا - + Internal error داخلی خامی @@ -3538,7 +4041,7 @@ Already installed containers were found on the server. All installed containers - + Website in Tor network ٹور نیٹ ورک میں ویب سائٹ @@ -3559,31 +4062,118 @@ Already installed containers were found on the server. All installed containers - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - شیڈو ساکس - VPN ٹریفک کو ماسک کرتا ہے، جو اسے عام ویب ٹریفک جیسا بناتا ہے، لیکن اسے کچھ انتہائی سنسر والے علاقوں میں تجزیہ کے نظام کے ذریعے پہچانا جا سکتا ہے. + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. + + + + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + + Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. + شیڈو ساکس - VPN ٹریفک کو ماسک کرتا ہے، جو اسے عام ویب ٹریفک جیسا بناتا ہے، لیکن اسے کچھ انتہائی سنسر والے علاقوں میں تجزیہ کے نظام کے ذریعے پہچانا جا سکتا ہے. - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - اوپن وی پی این اوور کلوک - اوپن وی پی این کے ساتھ وی پی این کو ویب ٹریفک کے طور پر چھپانا اور ایکٹیو پروبنگ ڈٹیکشن کے خلاف تحفظ۔ سنسرشپ کی اعلی ترین سطح والے خطوں میں بلاکنگ کو نظرانداز کرنے کے لیے مثالی. + اوپن وی پی این اوور کلوک - اوپن وی پی این کے ساتھ وی پی این کو ویب ٹریفک کے طور پر چھپانا اور ایکٹیو پروبنگ ڈٹیکشن کے خلاف تحفظ۔ سنسرشپ کی اعلی ترین سطح والے خطوں میں بلاکنگ کو نظرانداز کرنے کے لیے مثالی. + + + XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. + حقیقت کے ساتھ ایکسرےواقعیت کے ساتھ ایکس رے - سب سے زیادہ انٹرنیٹ سینسرشپ والے ممالک کے لئے مناسب ہے۔ ٹریفک ویب ٹریفک کی سطح TLS پر ماسکنگ اور فعال پرابنگ کے طریقوں سے شناخت سے بچائے جانے کی حفاظت۔ - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. - حقیقت کے ساتھ ایکسرےواقعیت کے ساتھ ایکس رے - سب سے زیادہ انٹرنیٹ سینسرشپ والے ممالک کے لئے مناسب ہے۔ ٹریفک ویب ٹریفک کی سطح TLS پر ماسکنگ اور فعال پرابنگ کے طریقوں سے شناخت سے بچائے جانے کی حفاظت۔ - - - IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. - + Create a file vault on your server to securely store and transfer files. فائلوں کو محفوظ طریقے سے اسٹور اور ٹرانسفر کرنے کے لیے اپنے سرور پر ایک فائل والٹ بنائیں. - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. @@ -3602,11 +4192,10 @@ If there is a extreme level of Internet censorship in your region, we advise you * Not recognised by DPI analysis systems * Works over TCP network protocol, 443 port. - یہ اوپن وی پی این پروٹوکول اور کلوک پلگ ان کا مجموعہ ہے جو خاص طور پر بلاکنگ سے تحفظ کے لیے ڈیزائن کیا گیا ہے۔ اوپن وی پی این کلائنٹ اور سرور کے درمیان تمام انٹرنیٹ ٹریفک کو انکرپٹ کرکے ایک محفوظ وی پی این کنکشن فراہم کرتا ہے۔ Cloak OpenVPN کو پتہ لگانے اور بلاک کرنے سے بچاتا ہے۔ کلوک پیکٹ میٹا ڈیٹا میں ترمیم کر سکتا ہے تاکہ یہ VPN ٹریفک کو عام ویب ٹریفک کے طور پر مکمل طور پر ماسک کر دے، اور VPN کو ایکٹیو پروبنگ کے ذریعے پتہ لگانے سے بھی محفوظ رکھتا ہے۔ یہ پہلا ڈیٹا پیکٹ حاصل کرنے کے فوراً بعد پتہ لگانے کے لیے بہت مزاحم بناتا ہے، کلوک آنے والے کنکشن کی تصدیق کرتا ہے۔ اگر تصدیق ناکام ہو جاتی ہے، تو پلگ ان سرور کو ایک جعلی ویب سائٹ کے طور پر ماسک کر دیتا ہے اور آپ کا VPN تجزیہ کے نظام کے لیے پوشیدہ ہو جاتا ہے۔ اگر آپ کے علاقے میں انتہائی درجے کی انٹرنیٹ سنسرشپ ہے، تو ہم آپ کو مشورہ دیتے ہیں کہ پہلے کنکشن سے صرف اوپن وی پی این اوور کلوک استعمال کریں * تمام پلیٹ فارمز پر ایمنیزیا وی پی این میں دستیاب ہے * موبائل ڈیوائسز پر زیادہ بجلی کی کھپت * لچکدار ترتیبات * ڈی پی آئی تجزیہ کے ذریعے تسلیم شدہ نہیں سسٹمز * TCP نیٹ ورک پروٹوکول، 443 پورٹ پر کام کرتا ہے. + یہ اوپن وی پی این پروٹوکول اور کلوک پلگ ان کا مجموعہ ہے جو خاص طور پر بلاکنگ سے تحفظ کے لیے ڈیزائن کیا گیا ہے۔ اوپن وی پی این کلائنٹ اور سرور کے درمیان تمام انٹرنیٹ ٹریفک کو انکرپٹ کرکے ایک محفوظ وی پی این کنکشن فراہم کرتا ہے۔ Cloak OpenVPN کو پتہ لگانے اور بلاک کرنے سے بچاتا ہے۔ کلوک پیکٹ میٹا ڈیٹا میں ترمیم کر سکتا ہے تاکہ یہ VPN ٹریفک کو عام ویب ٹریفک کے طور پر مکمل طور پر ماسک کر دے، اور VPN کو ایکٹیو پروبنگ کے ذریعے پتہ لگانے سے بھی محفوظ رکھتا ہے۔ یہ پہلا ڈیٹا پیکٹ حاصل کرنے کے فوراً بعد پتہ لگانے کے لیے بہت مزاحم بناتا ہے، کلوک آنے والے کنکشن کی تصدیق کرتا ہے۔ اگر تصدیق ناکام ہو جاتی ہے، تو پلگ ان سرور کو ایک جعلی ویب سائٹ کے طور پر ماسک کر دیتا ہے اور آپ کا VPN تجزیہ کے نظام کے لیے پوشیدہ ہو جاتا ہے۔ اگر آپ کے علاقے میں انتہائی درجے کی انٹرنیٹ سنسرشپ ہے، تو ہم آپ کو مشورہ دیتے ہیں کہ پہلے کنکشن سے صرف اوپن وی پی این اوور کلوک استعمال کریں * تمام پلیٹ فارمز پر ایمنیزیا وی پی این میں دستیاب ہے * موبائل ڈیوائسز پر زیادہ بجلی کی کھپت * لچکدار ترتیبات * ڈی پی آئی تجزیہ کے ذریعے تسلیم شدہ نہیں سسٹمز * TCP نیٹ ورک پروٹوکول، 443 پورٹ پر کام کرتا ہے. - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3616,22 +4205,21 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - ایک نسبتاً نیا مقبول وی پی این پروٹوکول جس میں سادہ معماری ہے۔ وائر گارڈ تمام آلات پر مضبوط وی پی این کنکشن اور اعلی کارکردگی فراہم کرتا ہے۔ اس میں ہارڈ کوڈ کردہ انکرپشن سیٹنگز استعمال کی جاتی ہیں۔ وائر گارڈ کو اوپن وی پی این سے موازنہ کرنے پر لیٹنسی میں کمی اور بہتر ڈیٹا ٹرانسفر تھروپٹ حاصل ہوتی ہے۔ وائر گارڈ کا مخصوص پیکٹ سائنیچرز کی وجہ سے بلاک کرنا زیادہ آسان ہوتا ہے۔ کچھ دوسرے وی پی این پروٹوکول کے مخالف، جو اوبفسکیشن ٹیکنیکس کا استعمال کرتے ہیں، وائر گارڈ کے پیکٹس کے مسلسل سائنیچر پیٹرنز کو زیادہ آسانی سے پہچانا جا سکتا ہے اور اس طرح معقد ڈیپ پیکٹ انسپیکشن (DPI) سسٹمز اور دیگر نیٹ ورک مانیٹرنگ ٹولز کے ذریعے بلاک کیا جا سکتا ہے۔ * تمام پلیٹ فارمز پر دستیاب ہے * کم بجلی کی استعمال * کم سیٹنگز کی تعداد * ڈی پی آئی تجزیہ سسٹمز کے ذریعے آسانی سے پہچانا جاتا ہے، بلاک کرنے کے لئے زیادہ متاثر ہے * یو ڈی پی نیٹ ورک پروٹوکول پر کام کرتا ہے. + ایک نسبتاً نیا مقبول وی پی این پروٹوکول جس میں سادہ معماری ہے۔ وائر گارڈ تمام آلات پر مضبوط وی پی این کنکشن اور اعلی کارکردگی فراہم کرتا ہے۔ اس میں ہارڈ کوڈ کردہ انکرپشن سیٹنگز استعمال کی جاتی ہیں۔ وائر گارڈ کو اوپن وی پی این سے موازنہ کرنے پر لیٹنسی میں کمی اور بہتر ڈیٹا ٹرانسفر تھروپٹ حاصل ہوتی ہے۔ وائر گارڈ کا مخصوص پیکٹ سائنیچرز کی وجہ سے بلاک کرنا زیادہ آسان ہوتا ہے۔ کچھ دوسرے وی پی این پروٹوکول کے مخالف، جو اوبفسکیشن ٹیکنیکس کا استعمال کرتے ہیں، وائر گارڈ کے پیکٹس کے مسلسل سائنیچر پیٹرنز کو زیادہ آسانی سے پہچانا جا سکتا ہے اور اس طرح معقد ڈیپ پیکٹ انسپیکشن (DPI) سسٹمز اور دیگر نیٹ ورک مانیٹرنگ ٹولز کے ذریعے بلاک کیا جا سکتا ہے۔ * تمام پلیٹ فارمز پر دستیاب ہے * کم بجلی کی استعمال * کم سیٹنگز کی تعداد * ڈی پی آئی تجزیہ سسٹمز کے ذریعے آسانی سے پہچانا جاتا ہے، بلاک کرنے کے لئے زیادہ متاثر ہے * یو ڈی پی نیٹ ورک پروٹوکول پر کام کرتا ہے. - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - REALITY پروٹوکول، جو ایکس رے کے تخلیق کاروں کی ایک نوعیتی پیشرفت ہے، انٹرنیٹ سینسرشپ کی بلند ترین سطحوں کو مقابلہ کرنے کے لئے مخصوص طریقہ کار بنایا گیا ہے۔ + REALITY پروٹوکول، جو ایکس رے کے تخلیق کاروں کی ایک نوعیتی پیشرفت ہے، انٹرنیٹ سینسرشپ کی بلند ترین سطحوں کو مقابلہ کرنے کے لئے مخصوص طریقہ کار بنایا گیا ہے۔ یہ فرد معین کو TLS ہینڈشیک فیز کے دوران سینسرز کو شناخت کرتا ہے، اصل کلائنٹس کے طور پر پراکسی کے طور پر بغیر رکاوٹ چلنے کے دوران سینسرز کو اصل ویب سائٹوں جیسے google.com پر منتقل کرتا ہے، اس طرح ایک مستند TLS سرٹیفکیٹ اور ڈیٹا کو پیش کرتا ہے۔ یہ بلند پذیرای کی صلاحیت کو مخصوص ترتیبات کی ضرورت کے بغیر ویب ٹریفک کو اصلی سائٹس سے آنے کی طرح بنانے کی بنیاد میں مختلف ہے۔ پرانے پروٹوکولوں جیسے VMess، VLESS، اور XTLS-Vision ٹرانسپورٹ کے برعکس، REALITY کا TLS ہینڈشیک کے دوران نئی "دوست یا دشمن" شناخت TLS پر سکیورٹی کو بڑھاتا ہے اور توانائی کے ساتھ DPI سسٹمز کی پیشہ ورانہ چھان بین تکنیکوں کے ذریعے شناخت سے بچتا ہے۔ یہ REALITY کو سخت سینسرشپ والے ماحولوں میں انٹرنیٹ کی آزادی کو برقرار رکھنے کے لئے ایک مضبوط حل بناتا ہے۔ - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3643,31 +4231,28 @@ For more detailed information, you can انسٹالیشن کے بعد، ایمنیزیا آپ کے سرور پر ایک فائل اسٹوریج بنائے گا۔ آپ اس تک رسائی حاصل کر سکیں گے فائل زلا یا دیگر ایس ایف ٹی پی کلائنٹس کے ذریعے، اور اسکے علاوہ آپ اس ڈسک کو اپنے آلہ پر ماؤنٹ کر کے اس تک سیدھے راستے سے رسائی حاصل کر سکیں گے۔ مزید تفصیلات کے لئے، آپ سپورٹ سیکشن میں "ایس ایف ٹی پی فائل اسٹوریج بنانا" میں جا کر مزید معلومات حاصل کر سکتے ہیں." - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - وائر گارڈ - اعلی کارکردگی، تیز رفتار اور کم بجلی کی کھپت کے ساتھ نیا مقبول VPN پروٹوکول۔ سنسرشپ کی کم سطح والے علاقوں کے لیے تجویز کردہ. + وائر گارڈ - اعلی کارکردگی، تیز رفتار اور کم بجلی کی کھپت کے ساتھ نیا مقبول VPN پروٹوکول۔ سنسرشپ کی کم سطح والے علاقوں کے لیے تجویز کردہ. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG - Amnezia سے خصوصی پروٹوکول، WireGuard پر مبنی۔ یہ وائر گارڈ کی طرح تیز ہے، لیکن رکاوٹوں کے خلاف بہت مزاحم ہے۔ اعلی درجے کی سنسر شپ والے خطوں کے لیے تجویز کردہ۔ + AmneziaWG - Amnezia سے خصوصی پروٹوکول، WireGuard پر مبنی۔ یہ وائر گارڈ کی طرح تیز ہے، لیکن رکاوٹوں کے خلاف بہت مزاحم ہے۔ اعلی درجے کی سنسر شپ والے خطوں کے لیے تجویز کردہ۔ IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. IKEv2/IPsec - جدید مستحکم پروٹوکول، دوسروں کے مقابلے میں تھوڑا تیز، سگنل ضائع ہونے کے بعد کنکشن بحال کرتا ہے۔ - + Deploy a WordPress site on the Tor network in two clicks. ٹور نیٹ ورک پر ایک ورڈپریس سائٹ کو دو کلکس میں تعینات کریں. - + Replace the current DNS server with your own. This will increase your privacy level. موجودہ DNS سرور کو اپنے سے تبدیل کریں۔ اس سے آپ کی رازداری کی سطح میں اضافہ ہوگا. - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -3676,10 +4261,10 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - OpenVPN دستیاب سب سے زیادہ مقبول اور وقتی آزمائشی VPN پروٹوکولز میں سے ایک ہے۔ یہ انکرپشن اور کلیدی تبادلے کے لیے SSL/TLS کی طاقت کا فائدہ اٹھاتے ہوئے اپنا منفرد سیکیورٹی پروٹوکول استعمال کرتا ہے۔ مزید برآں، توثیق کے بہت سے طریقوں کے لیے OpenVPN کی حمایت اسے ورسٹائل اور قابل موافق بناتی ہے، جو آلات اور آپریٹنگ سسٹم کی ایک وسیع رینج کو پورا کرتی ہے۔ اوپن سورس کی نوعیت کی وجہ سے، اوپن وی پی این کو عالمی برادری کی طرف سے وسیع جانچ سے فائدہ ہوتا ہے، جو اس کی سلامتی کو مسلسل تقویت دیتا ہے۔ کارکردگی، سیکورٹی اور مطابقت کے مضبوط توازن کے ساتھ، OpenVPN رازداری کے بارے میں شعور رکھنے والے افراد اور کاروباروں کے لیے یکساں انتخاب ہے۔ * تمام پلیٹ فارمز پر AmneziaVPN میں دستیاب ہے * موبائل آلات پر بجلی کی عام کھپت * صارف کو مختلف آپریٹنگ سسٹمز اور ڈیوائسز کے ساتھ کام کرنے کی ضرورت کے مطابق لچکدار تخصیص * DPI تجزیہ سسٹمز کے ذریعہ پہچانا جاتا ہے اور اس وجہ سے بلاک کرنے کا خطرہ ہوتا ہے * TCP اور UDP دونوں نیٹ ورک پر کام کر سکتا ہے۔ پروٹوکول + OpenVPN دستیاب سب سے زیادہ مقبول اور وقتی آزمائشی VPN پروٹوکولز میں سے ایک ہے۔ یہ انکرپشن اور کلیدی تبادلے کے لیے SSL/TLS کی طاقت کا فائدہ اٹھاتے ہوئے اپنا منفرد سیکیورٹی پروٹوکول استعمال کرتا ہے۔ مزید برآں، توثیق کے بہت سے طریقوں کے لیے OpenVPN کی حمایت اسے ورسٹائل اور قابل موافق بناتی ہے، جو آلات اور آپریٹنگ سسٹم کی ایک وسیع رینج کو پورا کرتی ہے۔ اوپن سورس کی نوعیت کی وجہ سے، اوپن وی پی این کو عالمی برادری کی طرف سے وسیع جانچ سے فائدہ ہوتا ہے، جو اس کی سلامتی کو مسلسل تقویت دیتا ہے۔ کارکردگی، سیکورٹی اور مطابقت کے مضبوط توازن کے ساتھ، OpenVPN رازداری کے بارے میں شعور رکھنے والے افراد اور کاروباروں کے لیے یکساں انتخاب ہے۔ * تمام پلیٹ فارمز پر AmneziaVPN میں دستیاب ہے * موبائل آلات پر بجلی کی عام کھپت * صارف کو مختلف آپریٹنگ سسٹمز اور ڈیوائسز کے ساتھ کام کرنے کی ضرورت کے مطابق لچکدار تخصیص * DPI تجزیہ سسٹمز کے ذریعہ پہچانا جاتا ہے اور اس وجہ سے بلاک کرنے کا خطرہ ہوتا ہے * TCP اور UDP دونوں نیٹ ورک پر کام کر سکتا ہے۔ پروٹوکول - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -3689,7 +4274,6 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for شیڈو ساکس، SOCKS5 پروٹوکول سے متاثر، AEAD سائفر کا استعمال کرتے ہوئے کنکشن کی حفاظت کرتا ہے۔ اگرچہ شیڈو ساکس کو سمجھدار اور شناخت کرنے کے لیے چیلنج کرنے کے لیے ڈیزائن کیا گیا ہے، لیکن یہ معیاری HTTPS کنکشن سے مماثل نہیں ہے۔ تاہم، کچھ ٹریفک تجزیہ نظام اب بھی شیڈو ساکس کنکشن کا پتہ لگا سکتے ہیں۔ Amnezia میں محدود تعاون کی وجہ سے، AmneziaWG پروٹوکول استعمال کرنے کی سفارش کی جاتی ہے۔ * صرف ڈیسک ٹاپ پلیٹ فارمز پر AmneziaVPN میں دستیاب ہے * قابل ترتیب انکرپشن پروٹوکول * کچھ DPI سسٹمز کے ذریعے قابل شناخت * TCP نیٹ ورک پروٹوکول پر کام کرتا ہے. - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -3699,10 +4283,10 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - ایک معاصر اشارہ جاتا ہے مقبول وی پی این پروٹوکول کا امنیزیہ ڈبلیو جی۔ امنیزیہ ڈبلیو جی وائر گارڈ کے بنیادی ڈھانچے پر مبنی ہے، جس نے اس کی آسانی سے معماری اور ایکسیلنٹ کارکردگی کی خصوصیات کو برقرار رکھا۔ جبکہ وائر گارڈ کو اس کی کارآمدی کے لئے جانا جاتا ہے، اس میں اپنے ممتاز پیکٹ سائنیچرز کی وجہ سے آسانی سے پہچان میں مسائل پیش آتے تھے۔ امنیزیہ ڈبلیو جی اس مسئلے کا حل پیش کرتا ہے بہتر اوبفسکیشن میتھڈس کے ذریعے، جس سے اس کی ٹریفک عام انٹرنیٹ ٹریفک کے ساتھ مل جل کر رہتی ہے۔ اس سے مطلب یہ ہے کہ امنیزیہ ڈبلیو جی نے اصل وائر گارڈ کی تیزی کارکردگی کو برقرار رکھا جبکہ اس میں ایک اضافی پردہ شامل کیا، جو اسے ایک تیز اور پرانے طریقہ سے وی پی این کنکشن کی درخواست کرنے والوں کے لئے ایک عمدہ چوئس بناتا ہے۔ * تمام پلیٹ فارمز پر دستیاب ہے * کم بجلی کی استعمال * کم سیٹنگز کی تعداد * ڈی پی آئی تجزیہ سسٹمز سے پہچانا نہیں جاتا، بند کرنے کے لئے مزید مضبوط ہے * یو ڈی پی نیٹ ورک پروٹوکول پر کام کرتا ہے۔ + ایک معاصر اشارہ جاتا ہے مقبول وی پی این پروٹوکول کا امنیزیہ ڈبلیو جی۔ امنیزیہ ڈبلیو جی وائر گارڈ کے بنیادی ڈھانچے پر مبنی ہے، جس نے اس کی آسانی سے معماری اور ایکسیلنٹ کارکردگی کی خصوصیات کو برقرار رکھا۔ جبکہ وائر گارڈ کو اس کی کارآمدی کے لئے جانا جاتا ہے، اس میں اپنے ممتاز پیکٹ سائنیچرز کی وجہ سے آسانی سے پہچان میں مسائل پیش آتے تھے۔ امنیزیہ ڈبلیو جی اس مسئلے کا حل پیش کرتا ہے بہتر اوبفسکیشن میتھڈس کے ذریعے، جس سے اس کی ٹریفک عام انٹرنیٹ ٹریفک کے ساتھ مل جل کر رہتی ہے۔ اس سے مطلب یہ ہے کہ امنیزیہ ڈبلیو جی نے اصل وائر گارڈ کی تیزی کارکردگی کو برقرار رکھا جبکہ اس میں ایک اضافی پردہ شامل کیا، جو اسے ایک تیز اور پرانے طریقہ سے وی پی این کنکشن کی درخواست کرنے والوں کے لئے ایک عمدہ چوئس بناتا ہے۔ * تمام پلیٹ فارمز پر دستیاب ہے * کم بجلی کی استعمال * کم سیٹنگز کی تعداد * ڈی پی آئی تجزیہ سسٹمز سے پہچانا نہیں جاتا، بند کرنے کے لئے مزید مضبوط ہے * یو ڈی پی نیٹ ورک پروٹوکول پر کام کرتا ہے۔ - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -3715,7 +4299,7 @@ While it offers a blend of security, stability, and speed, it's essential t IKEv2، IPSec انکرپشن پرت کے ساتھ جوڑا، ایک جدید اور مستحکم VPN پروٹوکول کے طور پر کھڑا ہے۔ اس کی امتیازی خصوصیات میں سے ایک نیٹ ورکس اور ڈیوائسز کے درمیان تیزی سے سوئچ کرنے کی صلاحیت ہے، جو اسے متحرک نیٹ ورک کے ماحول میں خاص طور پر موافق بناتی ہے۔ اگرچہ یہ سیکیورٹی، استحکام اور رفتار کا امتزاج پیش کرتا ہے، لیکن یہ نوٹ کرنا ضروری ہے کہ IKEv2 کا آسانی سے پتہ لگایا جا سکتا ہے اور یہ بلاک کرنے کے لیے حساس ہے۔ * صرف ونڈوز پر AmneziaVPN میں دستیاب ہے * کم بجلی کی کھپت، موبائل ڈیوائسز پر * کم سے کم کنفیگریشن * DPI تجزیہ سسٹمز کے ذریعے پہچانا جاتا ہے * UDP نیٹ ورک پروٹوکول، پورٹ 500 اور 4500 پر کام .کرتا ہے - + DNS Service DNS سروس @@ -3906,14 +4490,35 @@ While it offers a blend of security, stability, and speed, it's essential t + + RenameServerDrawer + + + Server name + سرور کا نام + + + + Save + + + SelectLanguageDrawer - + Choose language زبان کا انتخاب کریں + + ServersListView + + + Unable change server while there is an active connection + فعال کنکشن موجود ہونے کی وجہ سے سرور تبدیل کرنے میں ناکام ہیں + + Settings @@ -3931,12 +4536,12 @@ While it offers a blend of security, stability, and speed, it's essential t SettingsController - + Backup file is corrupted بیک اپ فائل خراب ہو گئی ہے - + All settings have been reset to default values تمام ترتیبات کو ڈیفالٹ اقدار پر دوبارہ ترتیب دیا گیا ہے @@ -3944,39 +4549,39 @@ While it offers a blend of security, stability, and speed, it's essential t ShareConnectionDrawer - - + + Save AmneziaVPN config AmneziaVPN ترتیب کو محفوظ کریں - + Share بانٹیں - + Copy کاپی - - + + Copied کاپی - + Copy config string تشکیل سٹرنگ کو کاپی کریں - + Show connection settings کنکشن کی ترتیبات دکھائیں - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" ایمنیزیا ایپ میں QR کوڈ پڑھنے کے لیے، "سرور شامل کریں" → "میرے پاس جوڑنے کے لیے ڈیٹا ہے" → "QR کوڈ، کلید یا سیٹنگ فائل" کو منتخب کریں @@ -3989,37 +4594,37 @@ While it offers a blend of security, stability, and speed, it's essential t میزبان کا نام آئی پی ایڈریس یا ڈومین نام نظر نہیں آ رہا ہے - + New site added: %1 نیا سائٹ شامل ہوگئی ہے: %1 - + Site removed: %1 سائٹ ہٹا دی گئی ہے: %1 - + Can't open file: %1 فائل نہیں کھول سکتا: %1 - + Failed to parse JSON data from file: %1 فائل سے JSON ڈیٹا پارس کرنے میں ناکامی: %1 - + The JSON data is not an array in file: %1 فائل میں JSON ڈیٹا ایک ایرے نہیں ہے: %1 - + Import completed واردات مکمل ہوگئی ہے - + Export completed ایکسپورٹ مکمل ہوگیا @@ -4060,7 +4665,7 @@ While it offers a blend of security, stability, and speed, it's essential t TextFieldWithHeaderType - + The field can't be empty یہ فیلڈ خالی نہیں ہو سکتا @@ -4068,7 +4673,7 @@ While it offers a blend of security, stability, and speed, it's essential t VpnConnection - + Mbps ایم بی پی ایس @@ -4119,9 +4724,8 @@ While it offers a blend of security, stability, and speed, it's essential t amnezia::ContainerProps - Low - کم + کم Medium or High @@ -4132,34 +4736,37 @@ While it offers a blend of security, stability, and speed, it's essential t انتہائی - - High - - - - I just want to increase the level of my privacy. - میں صرف اپنی خصوصیت کا سطح بڑھانا چاہتا ہوں. + میں صرف اپنی خصوصیت کا سطح بڑھانا چاہتا ہوں. - I want to bypass censorship. This option recommended in most cases. - میں سانسر شدگی سے چھٹکارا حاصل کرنا چاہتا ہوں۔ یہ اختیار بیشتر صورتوں میں تجویز کیا جاتا ہے. + میں سانسر شدگی سے چھٹکارا حاصل کرنا چاہتا ہوں۔ یہ اختیار بیشتر صورتوں میں تجویز کیا جاتا ہے. Most VPN protocols are blocked. Recommended if other options are not working. زیادہ تر وی پی این پروٹوکولز بلاک ہوتے ہیں۔ اگر دوسرے اختیارات کام نہیں کر رہے ہیں تو یہ تجویز کی جاتی ہے. + + + Automatic + + + + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + main2 - + Private key passphrase نجی کلید پاس فریز - + Save محفوظ کریں diff --git a/client/translations/amneziavpn_zh_CN.ts b/client/translations/amneziavpn_zh_CN.ts index 39b6bee0..2b0cf848 100644 --- a/client/translations/amneziavpn_zh_CN.ts +++ b/client/translations/amneziavpn_zh_CN.ts @@ -1,55 +1,116 @@ + + AdLabel + + + Amnezia Premium - for access to all websites and online resources + + + + + ApiAccountInfoModel + + + + Active + + + + + Inactive + + + + + %1 out of %2 + + + + + Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to 200 Mbps + + + + + Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and more. YouTube is not included in the free plan. + + + + + amnezia_free_support_bot + + + + + amnezia_premium_support_bot + + + + + ApiConfigsController + + + %1 installed successfully. + + + + + API config reloaded + + + + + Successfully changed the country of connection to %1 + + + ApiServicesModel - - Classic VPN for comfortable work, downloading large files and watching videos. Works for any sites. Speed up to %1 MBit/s - - - - - VPN to access blocked sites in regions with high levels of Internet censorship. - - - - + <p><a style="color: #EB5757;">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a> - - Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. It works for all websites, even in countries with the highest level of internet censorship. + + Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. Speeds up to %1 Mbps. - - Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship + + + AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan. - + + Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. Access all websites and online resources. + + + + %1 MBit/s - + %1 days - + VPN will open only popular sites blocked in your region, such as Instagram, Facebook, Twitter and others. Other sites will be opened from your real IP address, <a href="%1/free" style="color: #FBB26A;">more details on the website.</a> - + Free - + %1 $/month @@ -80,7 +141,7 @@ ConnectButton - + Unable to disconnect during configuration preparation @@ -88,79 +149,72 @@ ConnectionController - - - - + + + + Connect 连接 - VPN Protocols is not installed. Please install VPN container at first - 请先安装VPN协议 + 请先安装VPN协议 - + Connecting... 连接中 - + Connected 已连接 - + Reconnecting... 重连中 - + Disconnecting... 断开中 - + Preparing... - + Settings updated successfully, reconnnection... 配置已更新, 重连中... - + Settings updated successfully 配置更新成功 - The selected protocol is not supported on the current platform - 当前平台不支持所选协议 - - - - unable to create configuration - + 当前平台不支持所选协议 ConnectionTypeSelectionDrawer - + Add new connection 添加新连接 - + Configure your server 配置您的服务器 - + Open config file, key or QR code 配置文件,授权码或二维码 @@ -198,7 +252,7 @@ HomeContainersListView - + Unable change protocol while there is an active connection 已建立连接时无法更改服务器配置 @@ -210,46 +264,46 @@ HomeSplitTunnelingDrawer - + Split tunneling 隧道分离 - + Allows you to connect to some sites or applications through a VPN connection and bypass others 允许您通过 VPN 连接连接到某些站点或应用程序,并绕过其他站点或应用程序 - + Split tunneling on the server 服务器上的分割隧道 - + Enabled Can't be disabled for current server 已启用 无法禁用当前服务器 - + Site-based split tunneling 基于网站的隧道分离 - - + + Enabled 开启 - - + + Disabled 禁用 - + App-based split tunneling 基于应用的隧道分离 @@ -257,24 +311,18 @@ Can't be disabled for current server ImportController - - Unable to open file - - - - - - Invalid configuration file - - - - + Scanned %1 of %2. 扫描 %1 of %2. - - In the imported configuration, potentially dangerous lines were found: + + This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious scripts, so only add it if you fully trust the provider of this config. + + + + + <br>In the imported configuration, potentially dangerous lines were found: @@ -289,78 +337,63 @@ Can't be disabled for current server 已安装在服务器上 - + %1 installed successfully. %1 安装成功。 - + %1 is already installed on the server. 服务器上已经安装 %1。 - + Added containers that were already installed on the server 添加已安装在服务器上的容器 - + Already installed containers were found on the server. All installed containers have been added to the application 在服务上发现已经安装协议并添加至应用 - + Settings updated successfully 配置更新成功 - + Server '%1' was rebooted 服务器 '%1' 已重新启动 - + Server '%1' was removed 已移除服务器 '%1' - + All containers from server '%1' have been removed 服务器 '%1' 的所有容器已移除 - + %1 has been removed from the server '%2' %1 已从服务器 '%2' 上移除 - + Api config removed - + %1 cached profile cleared - - - %1 installed successfully. - - - - - API config reloaded - - - - - Successfully changed the country of connection to %1 - - 1% has been removed from the server '%2' %1 已从服务器 '%2' 上移除 @@ -378,12 +411,12 @@ Already installed containers were found on the server. All installed containers 协议已从 - + Please login as the user 请以用户身份登录 - + Server added successfully 增加服务器成功 @@ -396,12 +429,12 @@ Already installed containers were found on the server. All installed containers - + application name - + Add selected @@ -469,12 +502,12 @@ Already installed containers were found on the server. All installed containers PageDevMenu - + Gateway endpoint - + Dev gateway environment @@ -482,85 +515,84 @@ Already installed containers were found on the server. All installed containers PageHome - + Logging enabled - + Split tunneling enabled 用户分隔隧道已启用 - + Split tunneling disabled 分隔隧道已禁用 - + VPN protocol VPN协议 - + Servers 服务器 - Unable change server while there is an active connection - 已建立连接时无法更改服务器配置 + 已建立连接时无法更改服务器配置 PageProtocolAwgClientSettings - + AmneziaWG settings AmneziaWG 配置 - + MTU - + Server settings - + Port 端口 - + Save 保存 - + Save settings? 保存设置? - + Only the settings for this device will be changed - + Continue 继续 - + Cancel 取消 - + Unable change settings while there is an active connection @@ -568,12 +600,12 @@ Already installed containers were found on the server. All installed containers PageProtocolAwgSettings - + AmneziaWG settings AmneziaWG 配置 - + Port 端口 @@ -586,87 +618,92 @@ Already installed containers were found on the server. All installed containers 从服务上移除AmneziaWG? - + All users with whom you shared a connection with will no longer be able to connect to it. 与您共享连接的所有用户将无法再连接到该连接。 - + Save 保存 - + + VPN address subnet + VPN 地址子网 + + + Jc - Junk packet count - + Jmin - Junk packet minimum size - + Jmax - Junk packet maximum size - + S1 - Init packet junk size - + S2 - Response packet junk size - + H1 - Init packet magic header - + H2 - Response packet magic header - + H4 - Transport packet magic header - + H3 - Underload packet magic header - + The values of the H1-H4 fields must be unique - + The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) - + Save settings? 保存设置? - + Continue 继续 - + Cancel 取消 - + Unable change settings while there is an active connection @@ -674,33 +711,33 @@ Already installed containers were found on the server. All installed containers PageProtocolCloakSettings - + Cloak settings Cloak 配置 - + Disguised as traffic from 伪装流量为 - + Port 端口 - - + + Cipher 加密算法 - + Save 保存 - + Unable change settings while there is an active connection @@ -708,170 +745,170 @@ Already installed containers were found on the server. All installed containers PageProtocolOpenVpnSettings - + OpenVPN settings OpenVPN 配置 - + VPN address subnet VPN 地址子网 - + Network protocol 网络协议 - + Port 端口 - + Auto-negotiate encryption 自定义加密方式 - - + + Hash - + SHA512 - + SHA384 - + SHA256 - + SHA3-512 - + SHA3-384 - + SHA3-256 - + whirlpool - + BLAKE2b512 - + BLAKE2s256 - + SHA1 - - + + Cipher - + AES-256-GCM - + AES-192-GCM - + AES-128-GCM - + AES-256-CBC - + AES-192-CBC - + AES-128-CBC - + ChaCha20-Poly1305 - + ARIA-256-CBC - + CAMELLIA-256-CBC - + none - + TLS auth TLS认证 - + Block DNS requests outside of VPN 阻止VPN外的DNS请求 - + Additional client configuration commands 附加客户端配置命令 - - + + Commands: 命令: - + Additional server configuration commands 附加服务器端配置命令 - + Unable change settings while there is an active connection @@ -888,7 +925,7 @@ Already installed containers were found on the server. All installed containers 与您共享连接的所有用户将无法再连接到该连接。 - + Save 保存 @@ -908,12 +945,12 @@ Already installed containers were found on the server. All installed containers PageProtocolRaw - + settings 配置 - + Show connection options 显示连接选项 @@ -922,22 +959,22 @@ Already installed containers were found on the server. All installed containers 连接选项 - + Connection options %1 %1 连接选项 - + Remove 移除 - + Remove %1 from server? 从服务器移除 %1 ? - + All users with whom you shared a connection with will no longer be able to connect to it. 与您共享连接的所有用户将无法再连接到该连接。 @@ -950,12 +987,12 @@ Already installed containers were found on the server. All installed containers 与您共享连接的所有用户将无法再连接到此链接 - + Continue 继续 - + Cancel 取消 @@ -963,28 +1000,28 @@ Already installed containers were found on the server. All installed containers PageProtocolShadowSocksSettings - + Shadowsocks settings Shadowsocks 配置 - + Port 端口 - - + + Cipher 加密算法 - + Save 保存 - + Unable change settings while there is an active connection @@ -992,52 +1029,52 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardClientSettings - + WG settings - + MTU - + Server settings - + Port 端口 - + Save 保存 - + Save settings? 保存设置? - + Only the settings for this device will be changed - + Continue 继续 - + Cancel 取消 - + Unable change settings while there is an active connection @@ -1045,27 +1082,32 @@ Already installed containers were found on the server. All installed containers PageProtocolWireGuardSettings - + WG settings - + + VPN address subnet + VPN 地址子网 + + + Port 端口 - + Save settings? 保存设置? - + All users with whom you shared a connection with will no longer be able to connect to it. 与您共享连接的所有用户将无法再连接到该连接。 - + Unable change settings while there is an active connection @@ -1074,17 +1116,17 @@ Already installed containers were found on the server. All installed containers 与您共享连接的所有用户将无法再连接到该连接。 - + Continue 继续 - + Cancel 取消 - + Save 保存 @@ -1092,22 +1134,22 @@ Already installed containers were found on the server. All installed containers PageProtocolXraySettings - + XRay settings - + Disguised as traffic from 伪装流量为 - + Save 保存 - + Unable change settings while there is an active connection @@ -1115,29 +1157,29 @@ Already installed containers were found on the server. All installed containers PageServiceDnsSettings - + A DNS service is installed on your server, and it is only accessible via VPN. 您的服务器已安装DNS服务,仅能通过VPN访问。 - + The DNS address is the same as the address of your server. You can configure DNS in the settings, under the connections tab. 其地址与您的服务器地址相同。您可以在 设置 连接 中进行配置。 - + Remove 移除 - + Remove %1 from server? 从服务器移除 %1 ? - + Cannot remove AmneziaDNS from running server @@ -1146,12 +1188,12 @@ Already installed containers were found on the server. All installed containers 从服务器 - + Continue 继续 - + Cancel 取消 @@ -1159,67 +1201,67 @@ Already installed containers were found on the server. All installed containers PageServiceSftpSettings - + Settings updated successfully 配置更新成功 - + SFTP settings SFTP 配置 - + Host 主机 - - - - + + + + Copied 拷贝 - + Port 端口 - + User name 用户名 - + Password 密码 - + Mount folder on device 挂载文件夹 - + In order to mount remote SFTP folder as local drive, perform following steps: <br> 为将远程 SFTP 文件夹挂载到本地,请执行以下步骤: <br> - - + + <br>1. Install the latest version of <br>1. 安装最新版的 - - + + <br>2. Install the latest version of <br>2. 安装最新版的 - + Detailed instructions 详细说明 @@ -1243,69 +1285,69 @@ Already installed containers were found on the server. All installed containers PageServiceSocksProxySettings - + Settings updated successfully 配置更新成功 - - + + SOCKS5 settings - + Host 主机 - - - - + + + + Copied - - + + Port 端口 - + User name 用户名 - - + + Password 密码 - + Username - - + + Change connection settings - + The port must be in the range of 1 to 65535 - + Password cannot be empty - + Username cannot be empty @@ -1313,37 +1355,37 @@ Already installed containers were found on the server. All installed containers PageServiceTorWebsiteSettings - + Settings updated successfully 配置更新成功 - + Tor website settings Tor网站配置 - + Website address 网址 - + Copied 已拷贝 - + Use <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor Browser</a> to open this URL. 用 <a href="https://www.torproject.org/download/" style="color: #FBB26A;">Tor 浏览器</a> 打开上面网址. - + After creating your onion site, it takes a few minutes for the Tor network to make it available for use. 创建您的洋葱网站后,需要几分钟时间,才能使其在Tor网络上可用 - + When configuring WordPress set the this onion address as domain. 配置 WordPress 时,将此洋葱地址设置为域。 @@ -1367,42 +1409,42 @@ Already installed containers were found on the server. All installed containers PageSettings - + Settings 设置 - + Servers 服务器 - + Connection 连接 - + Application 应用 - + Backup 备份 - + About AmneziaVPN 关于 - + Dev console - + Close application 关闭应用 @@ -1416,32 +1458,32 @@ And if you don't like the app, all the more support it - the donation will 如果您不喜欢,请捐助支持我们改进它。 - + Support Amnezia 支持Amnezia - + Amnezia is a free and open-source application. You can support the developers if you like it. Amnezia 是一款免费的开源应用程序。 如果您喜欢的话可以支持开发者。 - + Contacts 联系方式 - + Telegram group 电报群 - + To discuss features 用于功能讨论 - + https://t.me/amnezia_vpn_en @@ -1450,135 +1492,502 @@ And if you don't like the app, all the more support it - the donation will 邮件 - + support@amnezia.org - + For reviews and bug reports 用于评论和提交软件的缺陷 - - Copied + + mailto:support@amnezia.org - + GitHub GitHub - + + Discover the source code + + + + https://github.com/amnezia-vpn/amnezia-client https://github.com/amnezia-vpn/amnezia-client - + Website 官网 - + + Visit official website + + + + Software version: %1 软件版本: %1 - + Check for updates 检查更新 - + Privacy Policy 隐私政策 - PageSettingsApiServerInfo + PageSettingsApiAvailableCountries - - For the region + + Location for connection - - Price + + Unable change server location while there is an active connection + + + + + PageSettingsApiDevices + + + Active Devices - - Work period + + Manage currently connected devices - - Speed + + You can find the identifier on the Support tab or, for older versions of the app, by tapping '+' and then the three dots at the top of the page. - - Support tag + + (current device) - - Copied + + Support tag: - - Reload API config + + Last updated: - - Reload API config? + + Cannot unlink device during active connection - - + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + Continue 继续 - - + Cancel 取消 + + + PageSettingsApiInstructions - - Cannot reload API config during active connection + + Windows - - Remove from application + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows - - Remove from application? + + macOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos + + + + + Android + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android + + + + + AndroidTV + + + + + https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/ + + + + + iOS + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios + + + + + Linux + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux + + + + + Routers + + + + + https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers + + + + + How to connect on another device + + + + + Setup guides on the Amnezia website + + + + + PageSettingsApiNativeConfigs + + + Save AmneziaVPN config + 保存配置 + + + + Configuration Files + + + + + For router setup or the AmneziaWG app + + + + + The configuration needs to be reissued + + + + + configuration file + + + + + Generate a new configuration file + + + + + The previously created one will stop working + + + + + Revoke the current configuration file + + + + + Config file saved + + + + + The config has been revoked + + + + + Generate a new %1 configuration file? + + + + + Revoke the current %1 configuration file? + + + + + Your previous configuration file will no longer work, and it will not be possible to connect using it + + + + + Download + + + + + Continue + 继续 + + + + Cancel + 取消 + + + + PageSettingsApiServerInfo + + + Subscription Status + + + + + Valid Until + + + + + Active Connections + + + + + Configurations have been updated for some countries. Download and install the updated configuration files + + + + + Subscription Key + Amnezia Premium subscription key + + + + + Save VPN key as a file + + + + + Copy VPN key + + + + + Configuration Files + + + + + Manage configuration files + + + + + Active Devices + + + + + Manage currently connected devices + + + + + Support + + + + + How to connect on another device + + + + + Reload API config + + + + + Reload API config? + + + + + + + Continue + 继续 + + + + + + Cancel + 取消 + + + + Cannot reload API config during active connection + + + + + Unlink this device + + + + + Are you sure you want to unlink this device? + + + + + This will unlink the device from your subscription. You can reconnect it anytime by pressing Connect. + + + + + Cannot unlink device during active connection + + + + + Remove from application + + + + + Remove from application? + + + + Cannot remove server during active connection + + PageSettingsApiSupport + + + Telegram + + + + + Email + + + + + support@amnezia.org + + + + + Email Billing & Orders + + + + + help@vpnpay.io + + + + + Website + 官网 + + + + amnezia.org + + + + + Support + + + + + Our technical support specialists are available to assist you at any time + + + + + Support tag + + + + + Copied + + + PageSettingsAppSplitTunneling - + Cannot change split tunneling settings during active connection 无法在活动连接期间更改分割隧道设置 - + Only the apps from the list should have access via VPN @@ -1588,42 +1997,42 @@ And if you don't like the app, all the more support it - the donation will - + App split tunneling - + Mode 规则 - + Remove - + Continue 继续 - + Cancel 取消 - + application name - + Open executable file - + Executable files (*.*) @@ -1631,27 +2040,27 @@ And if you don't like the app, all the more support it - the donation will PageSettingsApplication - + Application 应用 - + Allow application screenshots 允许截屏 - + Enable notifications - + Enable notifications to show the VPN state in the status bar - + Auto start 自动运行 @@ -1664,77 +2073,77 @@ And if you don't like the app, all the more support it - the donation will 启动时自动运行运用程序 - + Launch the application every time the device is starts 每次设备启动时启动应用程序 - + Auto connect 自动连接 - + Connect to VPN on app start 应用开启时连接VPN - + Start minimized 最小化 - + Launch application minimized 开启应用软件时窗口最小化 - + Language 语言 - + Logging 日志 - + Enabled 开启 - + Disabled 禁用 - + Reset settings and remove all data from the application 重置并清理应用的所有数据 - + Reset settings and remove all data from the application? 重置并清理应用的所有数据? - + All settings will be reset to default. All installed AmneziaVPN services will still remain on the server. 所有配置恢复为默认值。服务器已安装的AmneziaVPN服务将被保留。 - + Continue 继续 - + Cancel 取消 - + Cannot reset settings during active connection @@ -1742,7 +2151,7 @@ And if you don't like the app, all the more support it - the donation will PageSettingsBackup - + Settings restored from backup file 从备份文件还原配置 @@ -1751,73 +2160,73 @@ And if you don't like the app, all the more support it - the donation will 帮助您在下次安装时立即恢复连接设置 - + Back up your configuration 备份您的配置 - + You can save your settings to a backup file to restore them the next time you install the application. 您可以将配置信息备份到文件中,以便在下次安装应用软件时恢复配置 - + The backup will contain your passwords and private keys for all servers added to AmneziaVPN. Keep this information in a secure place. 备份将包含您添加到 AmneziaVPN 的所有服务器的密码和私钥。请将这些信息保存在安全的地方。 - + Make a backup 进行备份 - + Save backup file 保存备份 - - + + Backup files (*.backup) - + Backup file saved 备份文件已保存 - + Restore from backup 从备份还原 - + Open backup file 打开备份文件 - + Import settings from a backup file? 从备份文件导入设置? - + All current settings will be reset 当前所有设置将重置 - + Continue 继续 - + Cancel 取消 - + Cannot restore backup settings during active connection @@ -1825,33 +2234,33 @@ And if you don't like the app, all the more support it - the donation will PageSettingsConnection - + Connection 连接 - + When AmneziaDNS is not used or installed 当未使用或未安装AmneziaDNS时 - + Allows you to use the VPN only for certain Apps 只允许在某些应用程序中使用 VPN - + KillSwitch - + Disables your internet if your encrypted VPN connection drops out for any reason. - - Cannot change killSwitch settings during active connection + + Cannot change KillSwitch settings during active connection @@ -1859,17 +2268,17 @@ And if you don't like the app, all the more support it - the donation will 使用AmneziaDNS,如其已安装在服务器上 - + Use AmneziaDNS 使用AmneziaDNS - + If AmneziaDNS is installed on the server 如果已在服务器安装AmneziaDNS - + DNS servers DNS服务器 @@ -1878,17 +2287,17 @@ And if you don't like the app, all the more support it - the donation will 如果未使用或未安装AmneziaDNS - + Site-based split tunneling 基于网站的隧道分离 - + Allows you to select which sites you want to access through the VPN 配置想要通过VPN访问网站 - + App-based split tunneling 基于应用的隧道分离 @@ -1912,62 +2321,62 @@ And if you don't like the app, all the more support it - the donation will PageSettingsDns - + Default server does not support custom DNS 默认服务器不支持自定义 DNS - + DNS servers DNS服务器 - + If AmneziaDNS is not used or installed 如果未使用或未安装AmneziaDNS - + Primary DNS 首选 DNS - + Secondary DNS 备用 DNS - + Restore default 恢复默认配置 - + Restore default DNS settings? 是否恢复默认DNS配置? - + Continue 继续 - + Cancel 取消 - + Settings have been reset 已重置 - + Save 保存 - + Settings saved 配置已保存 @@ -1975,12 +2384,12 @@ And if you don't like the app, all the more support it - the donation will PageSettingsLogging - + Logging 日志 - + Enabling this function will save application's logs automatically. By default, logging functionality is disabled. Enable log saving in case of application malfunction. 默认情况下,日志功能是禁用的。如果应用程序出现故障,则启用日志保存功能。 @@ -1993,20 +2402,20 @@ And if you don't like the app, all the more support it - the donation will 打开日志文件夹 - - + + Save 保存 - - + + Logs files (*.log) - - + + Logs file saved 日志文件已保存 @@ -2015,64 +2424,62 @@ And if you don't like the app, all the more support it - the donation will 保存日志到文件 - + Enable logs - + Clear logs? 清理日志? - + Continue 继续 - + Cancel 取消 - + Logs have been cleaned up 日志已清理 - + Client logs - + AmneziaVPN logs - - + Open logs folder - - + Export logs - + Service logs - + AmneziaVPN-service logs - + Clear logs 清理日志 @@ -2102,12 +2509,12 @@ And if you don't like the app, all the more support it - the donation will 清除缓存? - + Do you want to reboot the server? 您想重新启动服务器吗? - + Do you want to clear server from Amnezia software? 您要清除服务器上的Amnezia软件吗? @@ -2117,83 +2524,83 @@ And if you don't like the app, all the more support it - the donation will - - - - + + + + Continue 继续 - - - - + + + + Cancel 取消 - + Check the server for previously installed Amnezia services 检查服务器上,是否存在之前安装的 Amnezia 服务 - + Add them to the application if they were not displayed 如果存在且未显示,则添加到应用软件 - + Reboot server 重新启动服务器 - + The reboot process may take approximately 30 seconds. Are you sure you wish to proceed? 重新启动过程可能需要大约30秒。您确定要继续吗? - + Cannot reboot server during active connection - + Remove server from application 移除本地服务器信息 - + Do you want to remove the server from application? 您想要从应用程序中移除服务器吗? - + Cannot remove server during active connection - + All users whom you shared a connection with will no longer be able to connect to it. 与您共享连接的所有用户将无法再连接到该连接。 - + Cannot clear server from Amnezia software during active connection - + Reset API config 重置 API 配置 - + Do you want to reset API config? 您想重置 API 配置吗? - + Cannot reset API config during active connection @@ -2202,12 +2609,12 @@ And if you don't like the app, all the more support it - the donation will 移除本地服务器信息? - + All installed AmneziaVPN services will still remain on the server. 所有已安装的 AmneziaVPN 服务仍将保留在服务器上。 - + Clear server from Amnezia software 清理Amnezia中服务器信息 @@ -2223,27 +2630,25 @@ And if you don't like the app, all the more support it - the donation will PageSettingsServerInfo - Server name - 服务器名 + 服务器名 - Save - 保存 + 保存 - + Protocols 协议 - + Services 服务 - + Management 管理 @@ -2255,12 +2660,12 @@ And if you don't like the app, all the more support it - the donation will PageSettingsServerProtocol - + settings 配置 - + Clear %1 profile? @@ -2270,47 +2675,47 @@ And if you don't like the app, all the more support it - the donation will - + connection settings - + Click the "connect" button to create a connection configuration - + server settings - + Clear profile - + The connection configuration will be deleted for this device only - + Unable to clear %1 profile while there is an active connection - + Remove 移除 - + All users with whom you shared a connection will no longer be able to connect to it. 与您共享连接的所有用户将无法再连接到该连接。 - + Cannot remove active container @@ -2323,7 +2728,7 @@ And if you don't like the app, all the more support it - the donation will 从服务器 - + Remove %1 from server? 从服务器移除 %1 ? @@ -2332,14 +2737,14 @@ And if you don't like the app, all the more support it - the donation will 与您共享连接的所有用户将无法再连接到此链接 - - + + Continue 继续 - - + + Cancel 取消 @@ -2347,7 +2752,7 @@ And if you don't like the app, all the more support it - the donation will PageSettingsServersList - + Servers 服务器 @@ -2367,7 +2772,7 @@ And if you don't like the app, all the more support it - the donation will 网站级VPN分流 - + Default server does not support split tunneling function 默认服务器不支持分离隧道功能 @@ -2376,32 +2781,32 @@ And if you don't like the app, all the more support it - the donation will 仅使用VPN访问 - + Addresses from the list should not be accessed via VPN 不使用VPN访问 - + Split tunneling 隧道分离 - + Mode 规则 - + Remove 移除 - + Continue 继续 - + Cancel 取消 @@ -2414,65 +2819,65 @@ And if you don't like the app, all the more support it - the donation will 导入/导出网站 - + Cannot change split tunneling settings during active connection 无法在活动连接期间更改分割隧道设置 - + Only the sites listed here will be accessed through the VPN 只有这里列出的网站将通过VPN访问 - + website or IP 网站或IP - + Import / Export Sites 导入/导出网站 - + Import 导入 - + Save site list 保存网址 - + Save sites 保存网址 - - - + + + Sites files (*.json) - + Import a list of sites 导入网址列表 - + Replace site list 替换网址列表 - - + + Open sites file 打开网址文件 - + Add imported sites to existing ones 将导入的网址添加到现有网址中 @@ -2480,32 +2885,32 @@ And if you don't like the app, all the more support it - the donation will PageSetupWizardApiServiceInfo - + For the region - + Price - + Work period - + Speed - + Features - + Connect 连接 @@ -2513,12 +2918,12 @@ And if you don't like the app, all the more support it - the donation will PageSetupWizardApiServicesList - + VPN by Amnezia - + Choose a VPN service that suits your needs. @@ -2549,7 +2954,7 @@ It's okay as long as it's from someone you trust. 包含连接配置或备份的文件 - + Connection 连接 @@ -2559,87 +2964,107 @@ It's okay as long as it's from someone you trust. 设置 - + Enable logs - + + Support tag + + + + + Copied + + + + Insert the key, add a configuration file or scan the QR-code - + Insert key - + Insert 插入 - + Continue 继续 - + Other connection options - + + Site Amnezia + + + + VPN by Amnezia - + Connect to classic paid and free VPN services from Amnezia - + Self-hosted VPN - + Configure Amnezia VPN on your own server - + Restore from backup 从备份还原 - + + + + + + Open backup file 打开备份文件 - + Backup files (*.backup) - + File with connection settings 包含连接配置的文件 - + Open config file 打开配置文件 - + QR code 二维码 - + I have nothing 我没有 @@ -2655,12 +3080,12 @@ It's okay as long as it's from someone you trust. 连接服务器 - + Configure your server 配置服务器 - + Server IP address [:port] 服务器IP [:端口] @@ -2673,12 +3098,12 @@ It's okay as long as it's from someone you trust. 密码 或 私钥 - + Continue 继续 - + All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties 您输入的所有数据将严格保密,不会与 Amnezia 或任何第三方共享或披露 @@ -2689,47 +3114,47 @@ and will not be shared or disclosed to the Amnezia or any third parties 不会向 Amnezia 或任何第三方分享或披露 - + 255.255.255.255:22 - + SSH Username SSH 用户名 - + Password or SSH private key 密码或 SSH 私钥 - + How to run your VPN server - + Where to get connection data, step-by-step instructions for buying a VPS - + Ip address cannot be empty IP不能为空 - + Enter the address in the format 255.255.255.255:88 按照这种格式输入 255.255.255.255:88 - + Login cannot be empty 账号不能为空 - + Password/private key cannot be empty 密码或私钥不能为空 @@ -2737,17 +3162,26 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardEasy - What is the level of internet control in your region? - 您所在地区的互联网管控力度如何? + 您所在地区的互联网管控力度如何? - + + Choose Installation Type + + + + + Manual + + + + Choose a VPN protocol 选择 VPN 协议 - + Skip setup 跳过设置 @@ -2760,7 +3194,7 @@ and will not be shared or disclosed to the Amnezia or any third parties 我想选择VPN协议 - + Continue 继续 @@ -2819,37 +3253,37 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocolSettings - + Installing %1 正在安装 %1 - + More detailed 更多细节 - + Close 关闭 - + Network protocol 网络协议 - + Port 端口 - + Install 安装 - + The port must be in the range of 1 to 65535 @@ -2857,12 +3291,12 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardProtocols - + VPN protocol VPN 协议 - + Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP. 选择你认为优先级最高的一项。稍后,您可以安装其他协议和附加服务,例如 DNS 代理和 SFTP。 @@ -2898,7 +3332,7 @@ and will not be shared or disclosed to the Amnezia or any third parties 我没有 - + Let's get started @@ -2906,27 +3340,27 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardTextKey - + Connection key 连接授权码 - + A line that starts with vpn://... 以 vpn://... 开始的行 - + Key 授权码 - + Insert 插入 - + Continue 继续 @@ -2934,7 +3368,7 @@ and will not be shared or disclosed to the Amnezia or any third parties PageSetupWizardViewConfig - + New connection 新连接 @@ -2943,27 +3377,27 @@ and will not be shared or disclosed to the Amnezia or any third parties 请勿使用公共来源的连接码。它可以被创建来拦截您的数据。 - + Collapse content 折叠内容 - + Show content 显示内容 - + Enable WireGuard obfuscation. It may be useful if WireGuard is blocked on your provider. - + Use connection codes only from sources you trust. Codes from public sources may have been created to intercept your data. 只使用您信任的来源提供的连接代码。公共来源的代码可能是为了拦截您的数据而创建的。 - + Connect 连接 @@ -2971,162 +3405,167 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShare - + Save OpenVPN config 保存OpenVPN配置 - + Save WireGuard config 保存WireGuard配置 - + Save AmneziaWG config 保存 AmneziaWG 配置 - + Save Shadowsocks config 保存 Shadowsocks 配置 - + Save Cloak config 保存斗篷配置 - + Save XRay config - + For the AmneziaVPN app AmneziaVPN 应用 - + OpenVPN native format OpenVPN原生格式 - + WireGuard native format WireGuard原生格式 - + AmneziaWG native format AmneziaWG 本地格式 - + Shadowsocks native format Shadowsocks原生格式 - + Cloak native format Cloak原生格式 - + XRay native format - + Share VPN Access 共享 VPN 访问 - + Share full access to the server and VPN 共享服务器和VPN的完全访问权限 - + Use for your own devices, or share with those you trust to manage the server. 用于您自己的设备,或与您信任的人共享以管理服务器. - - + + Users 用户 - + Share VPN access without the ability to manage the server 共享 VPN 访问,无需管理服务器 - + Search 搜索 - + Creation date: %1 - + Latest handshake: %1 - + Data received: %1 - + Data sent: %1 + + + Allowed IPs: %1 + + Creation date: 创建日期: - + Rename 重新命名 - + Client name 客户名称 - + Save 保存 - + Revoke 撤销 - + Revoke the config for a user - %1? 撤销用户的配置- %1? - + The user will no longer be able to connect to your server. 该用户将无法再连接到您的服务器. - + Continue 继续 - + Cancel 取消 @@ -3139,7 +3578,7 @@ and will not be shared or disclosed to the Amnezia or any third parties 访问VPN - + Connection 连接 @@ -3168,8 +3607,8 @@ and will not be shared or disclosed to the Amnezia or any third parties 服务器 - - + + Server 服务器 @@ -3182,7 +3621,7 @@ and will not be shared or disclosed to the Amnezia or any third parties 访问配置文件的内容为: - + File with connection settings to 连接配置文件的内容为: @@ -3191,35 +3630,35 @@ and will not be shared or disclosed to the Amnezia or any third parties 协议 - - + + Protocol 协议 - + Connection to 连接到 - + Config revoked 配置已撤销 - + User name 用户名 - - + + Connection format 连接格式 - - + + Share 共享 @@ -3227,55 +3666,55 @@ and will not be shared or disclosed to the Amnezia or any third parties PageShareFullAccess - + Full access to the server and VPN 对服务器和VPN的完全访问权限 - + We recommend that you use full access to the server only for your own additional devices. 我们建议您仅为自己的附加设备使用服务器的完全访问权限. - + If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. 如果您与其他人共享完全访问权限,他们可以从服务器中删除和添加协议和服务,这将导致VPN对所有用户的工作出现问题。 - - + + Server 服务器 - + Accessing 访问 - + File with accessing settings to 访问配置文件的内容为 - + Share 共享 - + Access error! 访问错误 - + Connection to 连接到 - + File with connection settings to 连接配置文件的内容为 @@ -3283,17 +3722,17 @@ and will not be shared or disclosed to the Amnezia or any third parties PageStart - + Logging was disabled after 14 days, log files were deleted - + Settings restored from backup file 从备份文件还原配置 - + Logging is enabled. Note that logs will be automaticallydisabled after 14 days, and all log files will be deleted. @@ -3301,7 +3740,7 @@ and will not be shared or disclosed to the Amnezia or any third parties PopupType - + Close 关闭 @@ -3551,7 +3990,7 @@ and will not be shared or disclosed to the Amnezia or any third parties - + SOCKS5 proxy server @@ -3577,75 +4016,111 @@ and will not be shared or disclosed to the Amnezia or any third parties - + + The selected protocol is not supported on the current platform + 当前平台不支持所选协议 + + + Server check failed 服务器检测失败 - + Server port already used. Check for another software 检测服务器该端口是否被其他软件被占用 - + Server error: Docker container missing 服务器错误: Docker容器丢失 - + Server error: Docker failed 服务器错误: Docker失败 - + Installation canceled by user 用户取消安装 - - The user does not have permission to use sudo - 用户没有root权限 + + The user is not a member of the sudo group + 用户不是 sudo 组的成员 - - Server error: Packet manager error + + Server error: Package manager error + 服务器错误:包管理器错误 + + + + The sudo package is not pre-installed on the server + The server user's home directory is not accessible + + + + + Action not allowed in sudoers + + + + + The user's password is required + + + + SSH request was denied SSH请求被拒绝 - + SSH request was interrupted SSH请求中断 - + SSH internal error SSH内部错误 - + Invalid private key or invalid passphrase entered 输入的私钥或密码无效 - + The selected private key format is not supported, use openssh ED25519 key types or PEM key types 不支持所选私钥格式,请使用 openssh ED25519 密钥类型或 PEM 密钥类型 - + Timeout connecting to server 连接服务器超时 - + SCP error: Generic failure + + + Unable to open config file + + + + + VPN Protocols is not installed. + Please install VPN container at first + 请先安装VPN协议 + Sftp error: End-of-file encountered Sftp错误: End-of-file encountered @@ -3699,72 +4174,88 @@ and will not be shared or disclosed to the Amnezia or any third parties Sftp 错误: 远程驱动器中没有媒介 - + VPN connection error VPN 连接错误 - + + Error when retrieving configuration from API 从 API 检索配置时出错 - + This config has already been added to the application 该配置已添加到应用程序中 - + In the response from the server, an empty config was received - + SSL error occurred - + Server response timeout on api request - + Missing AGW public key - + + Failed to decrypt response payload + + + + + Missing list of available services + + + + + The limit of allowed configurations per subscription has been exceeded + + + + QFile error: The file could not be opened - + QFile error: An error occurred when reading from the file - + QFile error: The file could not be accessed - + QFile error: An unspecified error occurred - + QFile error: A fatal error occurred - + QFile error: The operation was aborted - + ErrorCode: %1. 错误代码: %1. @@ -3773,57 +4264,57 @@ and will not be shared or disclosed to the Amnezia or any third parties 配置保存到磁盘失败 - + OpenVPN config missing OpenVPN配置丢失 - + OpenVPN management server error OpenVPN 管理服务器错误 - + OpenVPN executable missing OpenVPN 可执行文件丢失 - + Shadowsocks (ss-local) executable missing Shadowsocks (ss-local) 执行文件丢失 - + Cloak (ck-client) executable missing Cloak (ck-client) 执行文件丢失 - + Amnezia helper service error Amnezia 服务连接失败 - + OpenSSL failed OpenSSL错误 - + Can't connect: another VPN connection is active 无法连接:另一个VPN连接处于活跃状态 - + Can't setup OpenVPN TAP network adapter 无法设置 OpenVPN TAP 网络适配器 - + VPN pool error: no available addresses VPN 池错误:没有可用地址 - + The config does not contain any containers and credentials for connecting to the server 配置不包含任何用于连接服务器的容器和凭据 @@ -3832,7 +4323,7 @@ and will not be shared or disclosed to the Amnezia or any third parties 该配置不包含任何用于连接到服务器的容器和凭据。 - + Internal error @@ -3843,7 +4334,7 @@ and will not be shared or disclosed to the Amnezia or any third parties - + Website in Tor network 在 Tor 网络中架设网站 @@ -3864,29 +4355,106 @@ and will not be shared or disclosed to the Amnezia or any third parties - Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. - Shadowsocks - 掩盖VPN流量,使其类似于正常的网络流量,但在一些高度审查的地区可能会被分析系统识别. - - - - XRay with REALITY - Suitable for countries with the highest level of internet censorship. Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods. + Shadowsocks masks VPN traffic, making it resemble normal web traffic, but it may still be detected by certain analysis systems. - + + OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. It is very resistant to detection, but offers low speed. + + + + + WireGuard - popular VPN protocol with high performance, high speed and low power consumption. + + + + + AmneziaWG is a special protocol from Amnezia based on WireGuard. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + + + + XRay with REALITY masks VPN traffic as web traffic and protects against active probing. It is highly resistant to detection and offers high speed. + + + + + OpenVPN stands as one of the most popular and time-tested VPN protocols available. +It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. + +* Available in the AmneziaVPN across all platforms +* Normal power consumption on mobile devices +* Flexible customisation to suit user needs to work with different operating systems and devices +* Recognised by DPI systems and therefore susceptible to blocking +* Can operate over both TCP and UDP network protocols. + + + + + This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against detection. + +OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. + +Cloak protects OpenVPN from detection. + +Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected + +Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. + +* Available in the AmneziaVPN across all platforms +* High power consumption on mobile devices +* Flexible settings +* Not recognised by detection systems +* Works over TCP network protocol, 443 port. + + + + + + A relatively new popular VPN protocol with a simplified architecture. +WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. +WireGuard is very susceptible to detection and blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Easily recognised by DPI analysis systems, susceptible to blocking +* Works over UDP network protocol. + + + + + A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. +While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. +This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. + +* Available in the AmneziaVPN across all platforms +* Low power consumption +* Minimum number of settings +* Not recognised by traffic analysis systems +* Works over UDP network protocol. + + + + + The REALITY protocol, a pioneering development by the creators of XRay, is designed to provide the highest level of protection against detection through its innovative approach to security and privacy. +It uniquely identifies attackers during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting attackers to genuine websites, thus presenting an authentic TLS certificate and data. +This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. +Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security. This makes REALITY a robust solution for maintaining internet freedom. + + + + Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it may be recognized by analysis systems in some highly censored regions. + Shadowsocks - 掩盖VPN流量,使其类似于正常的网络流量,但在一些高度审查的地区可能会被分析系统识别. + + + IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. It has native support on the latest versions of Android and iOS. - - The REALITY protocol, a pioneering development by the creators of XRay, is specifically designed to counteract the highest levels of internet censorship through its novel approach to evasion. -It uniquely identifies censors during the TLS handshake phase, seamlessly operating as a proxy for legitimate clients while diverting censors to genuine websites like google.com, thus presenting an authentic TLS certificate and data. -This advanced capability differentiates REALITY from similar technologies by its ability to disguise web traffic as coming from random, legitimate sites without the need for specific configurations. -Unlike older protocols such as VMess, VLESS, and the XTLS-Vision transport, REALITY's innovative "friend or foe" recognition at the TLS handshake enhances security and circumvents detection by sophisticated DPI systems employing active probing techniques. This makes REALITY a robust solution for maintaining internet freedom in environments with stringent censorship. - - - - + After installation, Amnezia will create a file storage on your server. You will be able to access it using @@ -3909,34 +4477,11 @@ For more detailed information, you can OpenVPN over Cloak - OpenVPN与VPN结合,伪装成Web流量,并保护免受主动探测的侦测。非常适合在具有最高审查水平的地区绕过封锁 - + Create a file vault on your server to securely store and transfer files. 在您的服务器上创建一个文件保险库,用于安全存储和传输文件。 - - This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for protecting against blocking. - -OpenVPN provides a secure VPN connection by encrypting all internet traffic between the client and the server. - -Cloak protects OpenVPN from detection and blocking. - -Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, and also protects the VPN from detection by Active Probing. This makes it very resistant to being detected - -Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website and your VPN becomes invisible to analysis systems. - -If there is a extreme level of Internet censorship in your region, we advise you to use only OpenVPN over Cloak from the first connection - -* Available in the AmneziaVPN across all platforms -* High power consumption on mobile devices -* Flexible settings -* Not recognised by DPI analysis systems -* Works over TCP network protocol, 443 port. - - - - - A relatively new popular VPN protocol with a simplified architecture. WireGuard provides stable VPN connection and high performance on all devices. It uses hard-coded encryption settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput. WireGuard is very susceptible to blocking due to its distinct packet signatures. Unlike some other VPN protocols that employ obfuscation techniques, the consistent signature patterns of WireGuard packets can be more easily identified and thus blocked by advanced Deep Packet Inspection (DPI) systems and other network monitoring tools. @@ -3946,7 +4491,7 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * Minimum number of settings * Easily recognised by DPI analysis systems, susceptible to blocking * Works over UDP network protocol. - 一个相对较新的流行VPN协议,具有简化的架构。 + 一个相对较新的流行VPN协议,具有简化的架构。 WireGuard提供稳定的VPN连接,并在所有设备上具有高性能。它使用硬编码的加密设置。与OpenVPN相比,WireGuard具有较低的延迟和更好的数据传输吞吐量。 WireGuard非常容易被阻挡,因为其独特的数据包签名。与一些其他VPN协议不同,这些协议使用混淆技术,WireGuard数据包的一致签名模式更容易被高级深度数据包检测(DPI)系统和其他网络监控工具识别和阻挡。 @@ -3961,31 +4506,28 @@ WireGuard非常容易被阻挡,因为其独特的数据包签名。与一些 Shadowsocks - 混淆 VPN 流量,使其与正常的 Web 流量相似,但在一些审查力度高的地区可以被分析系统识别。 - OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against active-probing detection. Ideal for bypassing blocking in regions with the highest levels of censorship. - OpenVPN over Cloak - OpenVPN与VPN结合,伪装成Web流量,并保护免受主动探测的侦测。非常适合在具有最高审查水平的地区绕过封锁. + OpenVPN over Cloak - OpenVPN与VPN结合,伪装成Web流量,并保护免受主动探测的侦测。非常适合在具有最高审查水平的地区绕过封锁. - WireGuard - New popular VPN protocol with high performance, high speed and low power consumption. Recommended for regions with low levels of censorship. - WireGuard - 新型流行的VPN协议,具有高性能、高速度和低功耗。建议用于审查力度较低的地区. + WireGuard - 新型流行的VPN协议,具有高性能、高速度和低功耗。建议用于审查力度较低的地区. - AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, but very resistant to blockages. Recommended for regions with high levels of censorship. - AmneziaWG - Amnezia 的特殊协议,基于 WireGuard。它的速度像 WireGuard 一样快,但非常抗堵塞。推荐用于审查较严的地区。 + AmneziaWG - Amnezia 的特殊协议,基于 WireGuard。它的速度像 WireGuard 一样快,但非常抗堵塞。推荐用于审查较严的地区。 IKEv2/IPsec - Modern stable protocol, a bit faster than others, restores connection after signal loss. IKEv2/IPsec - 现代稳定协议,相比其他协议较快一些,在信号丢失后恢复连接。 - + Deploy a WordPress site on the Tor network in two clicks. 只需点击两次即可架设 WordPress 网站到 Tor 网络. - + Replace the current DNS server with your own. This will increase your privacy level. 将当前的 DNS 服务器替换为您自己的。这将提高您的隐私保护级别。 @@ -3994,7 +4536,6 @@ WireGuard非常容易被阻挡,因为其独特的数据包签名。与一些 在您的服务器上创建文件仓库,以便安全地存储和传输文件 - OpenVPN stands as one of the most popular and time-tested VPN protocols available. It employs its unique security protocol, leveraging the strength of SSL/TLS for encryption and key exchange. Furthermore, OpenVPN's support for a multitude of authentication methods makes it versatile and adaptable, catering to a wide range of devices and operating systems. Due to its open-source nature, OpenVPN benefits from extensive scrutiny by the global community, which continually reinforces its security. With a strong balance of performance, security, and compatibility, OpenVPN remains a top choice for privacy-conscious individuals and businesses alike. @@ -4003,7 +4544,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * Flexible customisation to suit user needs to work with different operating systems and devices * Recognised by DPI analysis systems and therefore susceptible to blocking * Can operate over both TCP and UDP network protocols. - OpenVPN 是最流行且经过时间考验的 VPN 协议之一。 + OpenVPN 是最流行且经过时间考验的 VPN 协议之一。 它采用其独特的安全协议,利用 SSL/TLS 的优势进行加密和密钥交换。此外,OpenVPN 支持多种身份验证方法,使其具有多功能性和适应性,可适应各种设备和操作系统。由于其开源性质,OpenVPN 受益于全球社区的广泛审查,这不断增强了其安全性。凭借性能、安全性和兼容性的强大平衡,OpenVPN 仍然是注重隐私的个人和企业的首选。 * 可在所有平台的 AmneziaVPN 中使用 @@ -4013,7 +4554,7 @@ It employs its unique security protocol, leveraging the strength of SSL/TLS for * 可以通过 TCP 和 UDP 网络协议运行. - + Shadowsocks, inspired by the SOCKS5 protocol, safeguards the connection using the AEAD cipher. Although Shadowsocks is designed to be discreet and challenging to identify, it isn't identical to a standard HTTPS connection.However, certain traffic analysis systems might still detect a Shadowsocks connection. Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol. * Available in the AmneziaVPN only on desktop platforms @@ -4085,7 +4626,6 @@ WireGuard is very susceptible to blocking due to its distinct packet signatures. * 通过 UDP 网络协议工作。 - A modern iteration of the popular VPN protocol, AmneziaWG builds upon the foundation set by WireGuard, retaining its simplified architecture and high-performance capabilities across devices. While WireGuard is known for its efficiency, it had issues with being easily detected due to its distinct packet signatures. AmneziaWG solves this problem by using better obfuscation methods, making its traffic blend in with regular internet traffic. This means that AmneziaWG keeps the fast performance of the original while adding an extra layer of stealth, making it a great choice for those wanting a fast and discreet VPN connection. @@ -4095,7 +4635,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * Minimum number of settings * Not recognised by DPI analysis systems, resistant to blocking * Works over UDP network protocol. - AmneziaWG 是流行 VPN 协议的现代迭代,它建立在 WireGuard 的基础上,保留了其简化的架构和跨设备的高性能功能。 + AmneziaWG 是流行 VPN 协议的现代迭代,它建立在 WireGuard 的基础上,保留了其简化的架构和跨设备的高性能功能。 虽然 WireGuard 以其高效而闻名,但由于其独特的数据包签名,它存在容易被检测到的问题。 AmneziaWG 通过使用更好的混淆方法解决了这个问题,使其流量与常规互联网流量融合在一起。 这意味着 AmneziaWG 保留了原始版本的快速性能,同时添加了额外的隐秘层,使其成为那些想要快速且谨慎的 VPN 连接的人的绝佳选择。 @@ -4106,7 +4646,7 @@ This means that AmneziaWG keeps the fast performance of the original while addin * 通过 UDP 网络协议工作。 - + IKEv2, paired with the IPSec encryption layer, stands as a modern and stable VPN protocol. One of its distinguishing features is its ability to swiftly switch between networks and devices, making it particularly adaptive in dynamic network environments. While it offers a blend of security, stability, and speed, it's essential to note that IKEv2 can be easily detected and is susceptible to blocking. @@ -4147,7 +4687,7 @@ While it offers a blend of security, stability, and speed, it's essential t IPsec 容器 - + DNS Service DNS 服务 @@ -4342,14 +4882,35 @@ While it offers a blend of security, stability, and speed, it's essential t + + RenameServerDrawer + + + Server name + 服务器名 + + + + Save + 保存 + + SelectLanguageDrawer - + Choose language 选择语言 + + ServersListView + + + Unable change server while there is an active connection + 已建立连接时无法更改服务器配置 + + Settings @@ -4367,12 +4928,12 @@ While it offers a blend of security, stability, and speed, it's essential t SettingsController - + Backup file is corrupted 备份文件已损坏 - + All settings have been reset to default values 所配置恢复为默认值 @@ -4384,34 +4945,34 @@ While it offers a blend of security, stability, and speed, it's essential t ShareConnectionDrawer - - + + Save AmneziaVPN config 保存配置 - + Share 共享 - + Copy 拷贝 - - + + Copied 已拷贝 - + Copy config string 复制配置字符串 - + Show connection settings 显示连接配置 @@ -4420,7 +4981,7 @@ While it offers a blend of security, stability, and speed, it's essential t 展示内容 - + To read the QR code in the Amnezia app, select "Add server" → "I have data to connect" → "QR code, key or settings file" 要应用二维码到 Amnezia,请底部工具栏点击“+”→“连接方式”→“二维码、授权码或配置文件” @@ -4433,37 +4994,37 @@ While it offers a blend of security, stability, and speed, it's essential t 请输入有效的域名或IP地址 - + New site added: %1 已经添加新网站: %1 - + Site removed: %1 已移除网站: %1 - + Can't open file: %1 无法打开文件: %1 - + Failed to parse JSON data from file: %1 JSON解析失败,文件: %1 - + The JSON data is not an array in file: %1 文件中的JSON数据不是一个数组,文件: %1 - + Import completed 完成导入 - + Export completed 完成导出 @@ -4504,7 +5065,7 @@ While it offers a blend of security, stability, and speed, it's essential t TextFieldWithHeaderType - + The field can't be empty 输入不能为空 @@ -4512,7 +5073,7 @@ While it offers a blend of security, stability, and speed, it's essential t VpnConnection - + Mbps @@ -4563,28 +5124,24 @@ While it offers a blend of security, stability, and speed, it's essential t amnezia::ContainerProps - Low - + - High - 中或高 + 中或高 Extreme 极度 - I just want to increase the level of my privacy. - 只是想提高隐私保护级别。 + 只是想提高隐私保护级别。 - I want to bypass censorship. This option recommended in most cases. - 想要绕过审查制度。大多数情况下推荐使用此选项。 + 想要绕过审查制度。大多数情况下推荐使用此选项。 Most VPN protocols are blocked. Recommended if other options are not working. @@ -4606,16 +5163,26 @@ While it offers a blend of security, stability, and speed, it's essential t Some foreign sites are blocked, but VPN providers are not blocked 一些国外网站被屏蔽,但VPN提供商未被屏蔽 + + + Automatic + + + + + AmneziaWG protocol will be installed. It provides high connection speed and ensures stable operation even in the most challenging network conditions. + + main2 - + Private key passphrase 私钥密码 - + Save 保存 diff --git a/client/ui/Controls2 b/client/ui/Controls2 deleted file mode 100644 index 13f01bb7..00000000 --- a/client/ui/Controls2 +++ /dev/null @@ -1,34 +0,0 @@ -import QtQuick -import QtQuick.Controls -import QtQuick.Layouts - -TextArea { - id: root - - width: parent.width - - topPadding: 16 - leftPadding: 16 - - color: "#D7D8DB" - selectionColor: "#412102" - selectedTextColor: "#D7D8DB" - placeholderTextColor: "#878B91" - - font.pixelSize: 16 - font.weight: Font.Medium - font.family: "PT Root UI VF" - - wrapMode: Text.Wrap - - MouseArea { - anchors.fill: parent - acceptedButtons: Qt.RightButton - onClicked: contextMenu.open() - } - - ContextMenuType { - id: contextMenu - textObj: textField - } -} diff --git a/client/ui/controllers/allowedDnsController.cpp b/client/ui/controllers/allowedDnsController.cpp new file mode 100644 index 00000000..12e8b599 --- /dev/null +++ b/client/ui/controllers/allowedDnsController.cpp @@ -0,0 +1,101 @@ +#include "allowedDnsController.h" + +#include +#include +#include +#include +#include + +#include "systemController.h" +#include "core/networkUtilities.h" +#include "core/defs.h" + +AllowedDnsController::AllowedDnsController(const std::shared_ptr &settings, + const QSharedPointer &allowedDnsModel, + QObject *parent) + : QObject(parent), m_settings(settings), m_allowedDnsModel(allowedDnsModel) +{ +} + +void AllowedDnsController::addDns(QString ip) +{ + if (ip.isEmpty()) { + return; + } + + if (!NetworkUtilities::ipAddressRegExp().match(ip).hasMatch()) { + emit errorOccurred(tr("The address does not look like a valid IP address")); + return; + } + + if (m_allowedDnsModel->addDns(ip)) { + emit finished(tr("New DNS server added: %1").arg(ip)); + } else { + emit errorOccurred(tr("DNS server already exists: %1").arg(ip)); + } +} + +void AllowedDnsController::removeDns(int index) +{ + auto modelIndex = m_allowedDnsModel->index(index); + auto ip = m_allowedDnsModel->data(modelIndex, AllowedDnsModel::Roles::IpRole).toString(); + m_allowedDnsModel->removeDns(modelIndex); + + emit finished(tr("DNS server removed: %1").arg(ip)); +} + +void AllowedDnsController::importDns(const QString &fileName, bool replaceExisting) +{ + QByteArray jsonData; + if (!SystemController::readFile(fileName, jsonData)) { + emit errorOccurred(tr("Can't open file: %1").arg(fileName)); + return; + } + + QJsonDocument jsonDocument = QJsonDocument::fromJson(jsonData); + if (jsonDocument.isNull()) { + emit errorOccurred(tr("Failed to parse JSON data from file: %1").arg(fileName)); + return; + } + + if (!jsonDocument.isArray()) { + emit errorOccurred(tr("The JSON data is not an array in file: %1").arg(fileName)); + return; + } + + auto jsonArray = jsonDocument.array(); + QStringList dnsServers; + + for (auto jsonValue : jsonArray) { + auto ip = jsonValue.toString(); + + if (!NetworkUtilities::ipAddressRegExp().match(ip).hasMatch()) { + qDebug() << ip << " is not a valid IP address"; + continue; + } + + dnsServers.append(ip); + } + + m_allowedDnsModel->addDnsList(dnsServers, replaceExisting); + + emit finished(tr("Import completed")); +} + +void AllowedDnsController::exportDns(const QString &fileName) +{ + auto dnsServers = m_allowedDnsModel->getCurrentDnsServers(); + + QJsonArray jsonArray; + + for (const auto &ip : dnsServers) { + jsonArray.append(ip); + } + + QJsonDocument jsonDocument(jsonArray); + QByteArray jsonData = jsonDocument.toJson(); + + SystemController::saveFile(fileName, jsonData); + + emit finished(tr("Export completed")); +} diff --git a/client/ui/controllers/allowedDnsController.h b/client/ui/controllers/allowedDnsController.h new file mode 100644 index 00000000..5509a036 --- /dev/null +++ b/client/ui/controllers/allowedDnsController.h @@ -0,0 +1,35 @@ +#ifndef ALLOWEDDNSCONTROLLER_H +#define ALLOWEDDNSCONTROLLER_H + +#include + +#include "settings.h" +#include "ui/models/allowed_dns_model.h" + +class AllowedDnsController : public QObject +{ + Q_OBJECT +public: + explicit AllowedDnsController(const std::shared_ptr &settings, + const QSharedPointer &allowedDnsModel, + QObject *parent = nullptr); + +public slots: + void addDns(QString ip); + void removeDns(int index); + + void importDns(const QString &fileName, bool replaceExisting); + void exportDns(const QString &fileName); + +signals: + void errorOccurred(const QString &errorMessage); + void finished(const QString &message); + + void saveFile(const QString &fileName, const QString &data); + +private: + std::shared_ptr m_settings; + QSharedPointer m_allowedDnsModel; +}; + +#endif // ALLOWEDDNSCONTROLLER_H diff --git a/client/ui/controllers/api/apiConfigsController.cpp b/client/ui/controllers/api/apiConfigsController.cpp new file mode 100644 index 00000000..0f42beb7 --- /dev/null +++ b/client/ui/controllers/api/apiConfigsController.cpp @@ -0,0 +1,635 @@ +#include "apiConfigsController.h" + +#include +#include + +#include "amnezia_application.h" +#include "configurators/wireguard_configurator.h" +#include "core/api/apiDefs.h" +#include "core/api/apiUtils.h" +#include "core/controllers/gatewayController.h" +#include "core/qrCodeUtils.h" +#include "ui/controllers/systemController.h" +#include "version.h" + +namespace +{ + namespace configKey + { + constexpr char cloak[] = "cloak"; + constexpr char awg[] = "awg"; + constexpr char vless[] = "vless"; + + constexpr char apiEndpoint[] = "api_endpoint"; + constexpr char accessToken[] = "api_key"; + constexpr char certificate[] = "certificate"; + constexpr char publicKey[] = "public_key"; + constexpr char protocol[] = "protocol"; + + constexpr char uuid[] = "installation_uuid"; + constexpr char osVersion[] = "os_version"; + constexpr char appVersion[] = "app_version"; + + constexpr char userCountryCode[] = "user_country_code"; + constexpr char serverCountryCode[] = "server_country_code"; + constexpr char serviceType[] = "service_type"; + constexpr char serviceInfo[] = "service_info"; + constexpr char serviceProtocol[] = "service_protocol"; + + constexpr char apiPayload[] = "api_payload"; + constexpr char keyPayload[] = "key_payload"; + + constexpr char apiConfig[] = "api_config"; + constexpr char authData[] = "auth_data"; + + constexpr char config[] = "config"; + } + + struct ProtocolData + { + OpenVpnConfigurator::ConnectionData certRequest; + + QString wireGuardClientPrivKey; + QString wireGuardClientPubKey; + + QString xrayUuid; + }; + + struct GatewayRequestData + { + QString osVersion; + QString appVersion; + + QString installationUuid; + + QString userCountryCode; + QString serverCountryCode; + QString serviceType; + QString serviceProtocol; + + QJsonObject authData; + + QJsonObject toJsonObject() const + { + QJsonObject obj; + if (!osVersion.isEmpty()) { + obj[configKey::osVersion] = osVersion; + } + if (!appVersion.isEmpty()) { + obj[configKey::appVersion] = appVersion; + } + if (!installationUuid.isEmpty()) { + obj[configKey::uuid] = installationUuid; + } + if (!userCountryCode.isEmpty()) { + obj[configKey::userCountryCode] = userCountryCode; + } + if (!serverCountryCode.isEmpty()) { + obj[configKey::serverCountryCode] = serverCountryCode; + } + if (!serviceType.isEmpty()) { + obj[configKey::serviceType] = serviceType; + } + if (!serviceProtocol.isEmpty()) { + obj[configKey::serviceProtocol] = serviceProtocol; + } + if (!authData.isEmpty()) { + obj[configKey::authData] = authData; + } + return obj; + } + }; + + ProtocolData generateProtocolData(const QString &protocol) + { + ProtocolData protocolData; + if (protocol == configKey::cloak) { + protocolData.certRequest = OpenVpnConfigurator::createCertRequest(); + } else if (protocol == configKey::awg) { + auto connData = WireguardConfigurator::genClientKeys(); + protocolData.wireGuardClientPubKey = connData.clientPubKey; + protocolData.wireGuardClientPrivKey = connData.clientPrivKey; + } else if (protocol == configKey::vless) { + protocolData.xrayUuid = QUuid::createUuid().toString(QUuid::WithoutBraces); + } + + return protocolData; + } + + void appendProtocolDataToApiPayload(const QString &protocol, const ProtocolData &protocolData, QJsonObject &apiPayload) + { + if (protocol == configKey::cloak) { + apiPayload[configKey::certificate] = protocolData.certRequest.request; + } else if (protocol == configKey::awg) { + apiPayload[configKey::publicKey] = protocolData.wireGuardClientPubKey; + } else if (protocol == configKey::vless) { + apiPayload[configKey::publicKey] = protocolData.xrayUuid; + } + } + + ErrorCode fillServerConfig(const QString &protocol, const ProtocolData &apiPayloadData, const QByteArray &apiResponseBody, + QJsonObject &serverConfig) + { + QString data = QJsonDocument::fromJson(apiResponseBody).object().value(config_key::config).toString(); + + data.replace("vpn://", ""); + QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); + + if (ba.isEmpty()) { + qDebug() << "empty vpn key"; + return ErrorCode::ApiConfigEmptyError; + } + + QByteArray ba_uncompressed = qUncompress(ba); + if (!ba_uncompressed.isEmpty()) { + ba = ba_uncompressed; + } + + QString configStr = ba; + if (protocol == configKey::cloak) { + configStr.replace("", "\n"); + configStr.replace("$OPENVPN_PRIV_KEY", apiPayloadData.certRequest.privKey); + } else if (protocol == configKey::awg) { + configStr.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", apiPayloadData.wireGuardClientPrivKey); + auto newServerConfig = QJsonDocument::fromJson(configStr.toUtf8()).object(); + auto containers = newServerConfig.value(config_key::containers).toArray(); + if (containers.isEmpty()) { + qDebug() << "missing containers field"; + return ErrorCode::ApiConfigEmptyError; + } + auto container = containers.at(0).toObject(); + QString containerName = ContainerProps::containerTypeToString(DockerContainer::Awg); + auto serverProtocolConfig = container.value(containerName).toObject(); + auto clientProtocolConfig = + QJsonDocument::fromJson(serverProtocolConfig.value(config_key::last_config).toString().toUtf8()).object(); + + //TODO looks like this block can be removed after v1 configs EOL + + serverProtocolConfig[config_key::junkPacketCount] = clientProtocolConfig.value(config_key::junkPacketCount); + serverProtocolConfig[config_key::junkPacketMinSize] = clientProtocolConfig.value(config_key::junkPacketMinSize); + serverProtocolConfig[config_key::junkPacketMaxSize] = clientProtocolConfig.value(config_key::junkPacketMaxSize); + serverProtocolConfig[config_key::initPacketJunkSize] = clientProtocolConfig.value(config_key::initPacketJunkSize); + serverProtocolConfig[config_key::responsePacketJunkSize] = clientProtocolConfig.value(config_key::responsePacketJunkSize); + serverProtocolConfig[config_key::initPacketMagicHeader] = clientProtocolConfig.value(config_key::initPacketMagicHeader); + serverProtocolConfig[config_key::responsePacketMagicHeader] = clientProtocolConfig.value(config_key::responsePacketMagicHeader); + serverProtocolConfig[config_key::underloadPacketMagicHeader] = clientProtocolConfig.value(config_key::underloadPacketMagicHeader); + serverProtocolConfig[config_key::transportPacketMagicHeader] = clientProtocolConfig.value(config_key::transportPacketMagicHeader); + + serverProtocolConfig[config_key::cookieReplyPacketJunkSize] = clientProtocolConfig.value(config_key::cookieReplyPacketJunkSize); + serverProtocolConfig[config_key::transportPacketJunkSize] = clientProtocolConfig.value(config_key::transportPacketJunkSize); + serverProtocolConfig[config_key::specialJunk1] = clientProtocolConfig.value(config_key::specialJunk1); + serverProtocolConfig[config_key::specialJunk2] = clientProtocolConfig.value(config_key::specialJunk2); + serverProtocolConfig[config_key::specialJunk3] = clientProtocolConfig.value(config_key::specialJunk3); + serverProtocolConfig[config_key::specialJunk4] = clientProtocolConfig.value(config_key::specialJunk4); + serverProtocolConfig[config_key::specialJunk5] = clientProtocolConfig.value(config_key::specialJunk5); + serverProtocolConfig[config_key::controlledJunk1] = clientProtocolConfig.value(config_key::controlledJunk1); + serverProtocolConfig[config_key::controlledJunk2] = clientProtocolConfig.value(config_key::controlledJunk2); + serverProtocolConfig[config_key::controlledJunk3] = clientProtocolConfig.value(config_key::controlledJunk3); + serverProtocolConfig[config_key::specialHandshakeTimeout] = clientProtocolConfig.value(config_key::specialHandshakeTimeout); + + // + + container[containerName] = serverProtocolConfig; + containers.replace(0, container); + newServerConfig[config_key::containers] = containers; + configStr = QString(QJsonDocument(newServerConfig).toJson()); + } + + QJsonObject newServerConfig = QJsonDocument::fromJson(configStr.toUtf8()).object(); + serverConfig[config_key::dns1] = newServerConfig.value(config_key::dns1); + serverConfig[config_key::dns2] = newServerConfig.value(config_key::dns2); + serverConfig[config_key::containers] = newServerConfig.value(config_key::containers); + serverConfig[config_key::hostName] = newServerConfig.value(config_key::hostName); + + if (newServerConfig.value(config_key::configVersion).toInt() == apiDefs::ConfigSource::AmneziaGateway) { + serverConfig[config_key::configVersion] = newServerConfig.value(config_key::configVersion); + serverConfig[config_key::description] = newServerConfig.value(config_key::description); + serverConfig[config_key::name] = newServerConfig.value(config_key::name); + } + + auto defaultContainer = newServerConfig.value(config_key::defaultContainer).toString(); + serverConfig[config_key::defaultContainer] = defaultContainer; + + QVariantMap map = serverConfig.value(configKey::apiConfig).toObject().toVariantMap(); + map.insert(newServerConfig.value(configKey::apiConfig).toObject().toVariantMap()); + auto apiConfig = QJsonObject::fromVariantMap(map); + + if (newServerConfig.value(config_key::configVersion).toInt() == apiDefs::ConfigSource::AmneziaGateway) { + apiConfig.insert(apiDefs::key::supportedProtocols, + QJsonDocument::fromJson(apiResponseBody).object().value(apiDefs::key::supportedProtocols).toArray()); + } + + serverConfig[configKey::apiConfig] = apiConfig; + + return ErrorCode::NoError; + } +} + +ApiConfigsController::ApiConfigsController(const QSharedPointer &serversModel, + const QSharedPointer &apiServicesModel, + const std::shared_ptr &settings, QObject *parent) + : QObject(parent), m_serversModel(serversModel), m_apiServicesModel(apiServicesModel), m_settings(settings) +{ +} + +bool ApiConfigsController::exportNativeConfig(const QString &serverCountryCode, const QString &fileName) +{ + if (fileName.isEmpty()) { + emit errorOccurred(ErrorCode::PermissionsError); + return false; + } + + auto serverConfigObject = m_serversModel->getServerConfig(m_serversModel->getProcessedServerIndex()); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + m_settings->getInstallationUuid(true), + apiConfigObject.value(configKey::userCountryCode).toString(), + serverCountryCode, + apiConfigObject.value(configKey::serviceType).toString(), + m_apiServicesModel->getSelectedServiceProtocol(), + serverConfigObject.value(configKey::authData).toObject() }; + + QString protocol = apiConfigObject.value(configKey::serviceProtocol).toString(); + ProtocolData protocolData = generateProtocolData(protocol); + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + appendProtocolDataToApiPayload(gatewayRequestData.serviceProtocol, protocolData, apiPayload); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/native_config"), apiPayload, responseBody); + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + QJsonObject jsonConfig = QJsonDocument::fromJson(responseBody).object(); + QString nativeConfig = jsonConfig.value(configKey::config).toString(); + nativeConfig.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", protocolData.wireGuardClientPrivKey); + + SystemController::saveFile(fileName, nativeConfig); + return true; +} + +bool ApiConfigsController::revokeNativeConfig(const QString &serverCountryCode) +{ + auto serverConfigObject = m_serversModel->getServerConfig(m_serversModel->getProcessedServerIndex()); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + m_settings->getInstallationUuid(true), + apiConfigObject.value(configKey::userCountryCode).toString(), + serverCountryCode, + apiConfigObject.value(configKey::serviceType).toString(), + m_apiServicesModel->getSelectedServiceProtocol(), + serverConfigObject.value(configKey::authData).toObject() }; + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/revoke_native_config"), apiPayload, responseBody); + if (errorCode != ErrorCode::NoError && errorCode != ErrorCode::ApiNotFoundError) { + emit errorOccurred(errorCode); + return false; + } + return true; +} + +void ApiConfigsController::prepareVpnKeyExport() +{ + auto serverConfigObject = m_serversModel->getServerConfig(m_serversModel->getProcessedServerIndex()); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + auto vpnKey = apiConfigObject.value(apiDefs::key::vpnKey).toString(); + m_vpnKey = vpnKey; + + vpnKey.replace("vpn://", ""); + + m_qrCodes = qrCodeUtils::generateQrCodeImageSeries(vpnKey.toUtf8()); + + emit vpnKeyExportReady(); +} + +void ApiConfigsController::copyVpnKeyToClipboard() +{ + auto clipboard = amnApp->getClipboard(); + clipboard->setText(m_vpnKey); +} + +bool ApiConfigsController::fillAvailableServices() +{ + QJsonObject apiPayload; + apiPayload[configKey::osVersion] = QSysInfo::productType(); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/services"), apiPayload, responseBody); + if (errorCode == ErrorCode::NoError) { + if (!responseBody.contains("services")) { + errorCode = ErrorCode::ApiServicesMissingError; + } + } + + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + QJsonObject data = QJsonDocument::fromJson(responseBody).object(); + m_apiServicesModel->updateModel(data); + return true; +} + +bool ApiConfigsController::importServiceFromGateway() +{ + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + m_settings->getInstallationUuid(true), + m_apiServicesModel->getCountryCode(), + "", + m_apiServicesModel->getSelectedServiceType(), + m_apiServicesModel->getSelectedServiceProtocol(), + QJsonObject() }; + + if (m_serversModel->isServerFromApiAlreadyExists(gatewayRequestData.userCountryCode, gatewayRequestData.serviceType, + gatewayRequestData.serviceProtocol)) { + emit errorOccurred(ErrorCode::ApiConfigAlreadyAdded); + return false; + } + + ProtocolData protocolData = generateProtocolData(gatewayRequestData.serviceProtocol); + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + appendProtocolDataToApiPayload(gatewayRequestData.serviceProtocol, protocolData, apiPayload); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/config"), apiPayload, responseBody); + + QJsonObject serverConfig; + if (errorCode == ErrorCode::NoError) { + errorCode = fillServerConfig(gatewayRequestData.serviceProtocol, protocolData, responseBody, serverConfig); + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + QJsonObject apiConfig = serverConfig.value(configKey::apiConfig).toObject(); + apiConfig.insert(configKey::userCountryCode, m_apiServicesModel->getCountryCode()); + apiConfig.insert(configKey::serviceType, m_apiServicesModel->getSelectedServiceType()); + apiConfig.insert(configKey::serviceProtocol, m_apiServicesModel->getSelectedServiceProtocol()); + + serverConfig.insert(configKey::apiConfig, apiConfig); + + m_serversModel->addServer(serverConfig); + emit installServerFromApiFinished(tr("%1 installed successfully.").arg(m_apiServicesModel->getSelectedServiceName())); + return true; + } else { + emit errorOccurred(errorCode); + return false; + } +} + +bool ApiConfigsController::updateServiceFromGateway(const int serverIndex, const QString &newCountryCode, const QString &newCountryName, + bool reloadServiceConfig) +{ + auto serverConfig = m_serversModel->getServerConfig(serverIndex); + auto apiConfig = serverConfig.value(configKey::apiConfig).toObject(); + + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + m_settings->getInstallationUuid(true), + apiConfig.value(configKey::userCountryCode).toString(), + newCountryCode, + apiConfig.value(configKey::serviceType).toString(), + apiConfig.value(configKey::serviceProtocol).toString(), + serverConfig.value(configKey::authData).toObject() }; + + ProtocolData protocolData = generateProtocolData(gatewayRequestData.serviceProtocol); + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + appendProtocolDataToApiPayload(gatewayRequestData.serviceProtocol, protocolData, apiPayload); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/config"), apiPayload, responseBody); + + QJsonObject newServerConfig; + if (errorCode == ErrorCode::NoError) { + errorCode = fillServerConfig(gatewayRequestData.serviceProtocol, protocolData, responseBody, newServerConfig); + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + QJsonObject newApiConfig = newServerConfig.value(configKey::apiConfig).toObject(); + newApiConfig.insert(configKey::userCountryCode, apiConfig.value(configKey::userCountryCode)); + newApiConfig.insert(configKey::serviceType, apiConfig.value(configKey::serviceType)); + newApiConfig.insert(configKey::serviceProtocol, apiConfig.value(configKey::serviceProtocol)); + newApiConfig.insert(apiDefs::key::vpnKey, apiConfig.value(apiDefs::key::vpnKey)); + + newServerConfig.insert(configKey::apiConfig, newApiConfig); + newServerConfig.insert(configKey::authData, gatewayRequestData.authData); + + if (serverConfig.value(config_key::nameOverriddenByUser).toBool()) { + newServerConfig.insert(config_key::name, serverConfig.value(config_key::name)); + newServerConfig.insert(config_key::nameOverriddenByUser, true); + } + m_serversModel->editServer(newServerConfig, serverIndex); + if (reloadServiceConfig) { + emit reloadServerFromApiFinished(tr("API config reloaded")); + } else if (newCountryName.isEmpty()) { + emit updateServerFromApiFinished(); + } else { + emit changeApiCountryFinished(tr("Successfully changed the country of connection to %1").arg(newCountryName)); + } + return true; + } else { + emit errorOccurred(errorCode); + return false; + } +} + +bool ApiConfigsController::updateServiceFromTelegram(const int serverIndex) +{ +#ifdef Q_OS_IOS + IosController::Instance()->requestInetAccess(); + QThread::msleep(10); +#endif + + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + + auto serverConfig = m_serversModel->getServerConfig(serverIndex); + auto installationUuid = m_settings->getInstallationUuid(true); + + QString serviceProtocol = serverConfig.value(configKey::protocol).toString(); + ProtocolData protocolData = generateProtocolData(serviceProtocol); + + QJsonObject apiPayload; + appendProtocolDataToApiPayload(serviceProtocol, protocolData, apiPayload); + apiPayload[configKey::uuid] = installationUuid; + apiPayload[configKey::osVersion] = QSysInfo::productType(); + apiPayload[configKey::appVersion] = QString(APP_VERSION); + apiPayload[configKey::accessToken] = serverConfig.value(configKey::accessToken).toString(); + apiPayload[configKey::apiEndpoint] = serverConfig.value(configKey::apiEndpoint).toString(); + + QByteArray responseBody; + ErrorCode errorCode = gatewayController.post(QString("%1v1/proxy_config"), apiPayload, responseBody); + + if (errorCode == ErrorCode::NoError) { + errorCode = fillServerConfig(serviceProtocol, protocolData, responseBody, serverConfig); + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + m_serversModel->editServer(serverConfig, serverIndex); + emit updateServerFromApiFinished(); + return true; + } else { + emit errorOccurred(errorCode); + return false; + } +} + +bool ApiConfigsController::deactivateDevice() +{ + auto serverIndex = m_serversModel->getProcessedServerIndex(); + auto serverConfigObject = m_serversModel->getServerConfig(serverIndex); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + if (!apiUtils::isPremiumServer(serverConfigObject)) { + return true; + } + + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + m_settings->getInstallationUuid(true), + apiConfigObject.value(configKey::userCountryCode).toString(), + apiConfigObject.value(configKey::serverCountryCode).toString(), + apiConfigObject.value(configKey::serviceType).toString(), + "", + serverConfigObject.value(configKey::authData).toObject() }; + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/revoke_config"), apiPayload, responseBody); + if (errorCode != ErrorCode::NoError && errorCode != ErrorCode::ApiNotFoundError) { + emit errorOccurred(errorCode); + return false; + } + + serverConfigObject.remove(config_key::containers); + m_serversModel->editServer(serverConfigObject, serverIndex); + + return true; +} + +bool ApiConfigsController::deactivateExternalDevice(const QString &uuid, const QString &serverCountryCode) +{ + auto serverIndex = m_serversModel->getProcessedServerIndex(); + auto serverConfigObject = m_serversModel->getServerConfig(serverIndex); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + if (!apiUtils::isPremiumServer(serverConfigObject)) { + return true; + } + + GatewayRequestData gatewayRequestData { QSysInfo::productType(), + QString(APP_VERSION), + uuid, + apiConfigObject.value(configKey::userCountryCode).toString(), + serverCountryCode, + apiConfigObject.value(configKey::serviceType).toString(), + "", + serverConfigObject.value(configKey::authData).toObject() }; + + QJsonObject apiPayload = gatewayRequestData.toJsonObject(); + + QByteArray responseBody; + ErrorCode errorCode = executeRequest(QString("%1v1/revoke_config"), apiPayload, responseBody); + if (errorCode != ErrorCode::NoError && errorCode != ErrorCode::ApiNotFoundError) { + emit errorOccurred(errorCode); + return false; + } + + if (uuid == m_settings->getInstallationUuid(true)) { + serverConfigObject.remove(config_key::containers); + m_serversModel->editServer(serverConfigObject, serverIndex); + } + + return true; +} + +bool ApiConfigsController::isConfigValid() +{ + int serverIndex = m_serversModel->getDefaultServerIndex(); + QJsonObject serverConfigObject = m_serversModel->getServerConfig(serverIndex); + auto configSource = apiUtils::getConfigSource(serverConfigObject); + + if (configSource == apiDefs::ConfigSource::Telegram + && !m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { + m_serversModel->removeApiConfig(serverIndex); + return updateServiceFromTelegram(serverIndex); + } else if (configSource == apiDefs::ConfigSource::AmneziaGateway + && !m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { + return updateServiceFromGateway(serverIndex, "", ""); + } else if (configSource && m_serversModel->isApiKeyExpired(serverIndex)) { + qDebug() << "attempt to update api config by expires_at event"; + if (configSource == apiDefs::ConfigSource::AmneziaGateway) { + return updateServiceFromGateway(serverIndex, "", ""); + } else { + m_serversModel->removeApiConfig(serverIndex); + return updateServiceFromTelegram(serverIndex); + } + } + return true; +} + +void ApiConfigsController::setCurrentProtocol(const QString &protocolName) +{ + auto serverIndex = m_serversModel->getProcessedServerIndex(); + auto serverConfigObject = m_serversModel->getServerConfig(serverIndex); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + apiConfigObject[configKey::serviceProtocol] = protocolName; + + serverConfigObject.insert(configKey::apiConfig, apiConfigObject); + + m_serversModel->editServer(serverConfigObject, serverIndex); +} + +bool ApiConfigsController::isVlessProtocol() +{ + auto serverIndex = m_serversModel->getProcessedServerIndex(); + auto serverConfigObject = m_serversModel->getServerConfig(serverIndex); + auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject(); + + if (apiConfigObject[configKey::serviceProtocol].toString() == "vless") { + return true; + } + return false; +} + +QList ApiConfigsController::getQrCodes() +{ + return m_qrCodes; +} + +int ApiConfigsController::getQrCodesCount() +{ + return m_qrCodes.size(); +} + +QString ApiConfigsController::getVpnKey() +{ + return m_vpnKey; +} + +ErrorCode ApiConfigsController::executeRequest(const QString &endpoint, const QJsonObject &apiPayload, QByteArray &responseBody) +{ + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + return gatewayController.post(endpoint, apiPayload, responseBody); +} diff --git a/client/ui/controllers/api/apiConfigsController.h b/client/ui/controllers/api/apiConfigsController.h new file mode 100644 index 00000000..a04a142c --- /dev/null +++ b/client/ui/controllers/api/apiConfigsController.h @@ -0,0 +1,66 @@ +#ifndef APICONFIGSCONTROLLER_H +#define APICONFIGSCONTROLLER_H + +#include + +#include "configurators/openvpn_configurator.h" +#include "ui/models/api/apiServicesModel.h" +#include "ui/models/servers_model.h" + +class ApiConfigsController : public QObject +{ + Q_OBJECT +public: + ApiConfigsController(const QSharedPointer &serversModel, const QSharedPointer &apiServicesModel, + const std::shared_ptr &settings, QObject *parent = nullptr); + + Q_PROPERTY(QList qrCodes READ getQrCodes NOTIFY vpnKeyExportReady) + Q_PROPERTY(int qrCodesCount READ getQrCodesCount NOTIFY vpnKeyExportReady) + Q_PROPERTY(QString vpnKey READ getVpnKey NOTIFY vpnKeyExportReady) + +public slots: + bool exportNativeConfig(const QString &serverCountryCode, const QString &fileName); + bool revokeNativeConfig(const QString &serverCountryCode); + // bool exportVpnKey(const QString &fileName); + void prepareVpnKeyExport(); + void copyVpnKeyToClipboard(); + + bool fillAvailableServices(); + bool importServiceFromGateway(); + bool updateServiceFromGateway(const int serverIndex, const QString &newCountryCode, const QString &newCountryName, + bool reloadServiceConfig = false); + bool updateServiceFromTelegram(const int serverIndex); + bool deactivateDevice(); + bool deactivateExternalDevice(const QString &uuid, const QString &serverCountryCode); + + bool isConfigValid(); + + void setCurrentProtocol(const QString &protocolName); + bool isVlessProtocol(); + +signals: + void errorOccurred(ErrorCode errorCode); + + void installServerFromApiFinished(const QString &message); + void changeApiCountryFinished(const QString &message); + void reloadServerFromApiFinished(const QString &message); + void updateServerFromApiFinished(); + + void vpnKeyExportReady(); + +private: + QList getQrCodes(); + int getQrCodesCount(); + QString getVpnKey(); + + ErrorCode executeRequest(const QString &endpoint, const QJsonObject &apiPayload, QByteArray &responseBody); + + QList m_qrCodes; + QString m_vpnKey; + + QSharedPointer m_serversModel; + QSharedPointer m_apiServicesModel; + std::shared_ptr m_settings; +}; + +#endif // APICONFIGSCONTROLLER_H diff --git a/client/ui/controllers/api/apiPremV1MigrationController.cpp b/client/ui/controllers/api/apiPremV1MigrationController.cpp new file mode 100644 index 00000000..77352003 --- /dev/null +++ b/client/ui/controllers/api/apiPremV1MigrationController.cpp @@ -0,0 +1,133 @@ +#include "apiPremV1MigrationController.h" + +#include +#include + +#include "core/api/apiDefs.h" +#include "core/api/apiUtils.h" +#include "core/controllers/gatewayController.h" + +ApiPremV1MigrationController::ApiPremV1MigrationController(const QSharedPointer &serversModel, + const std::shared_ptr &settings, QObject *parent) + : QObject(parent), m_serversModel(serversModel), m_settings(settings) +{ +} + +bool ApiPremV1MigrationController::hasConfigsToMigration() +{ + QJsonArray vpnKeys; + + auto serversCount = m_serversModel->getServersCount(); + for (size_t i = 0; i < serversCount; i++) { + auto serverConfigObject = m_serversModel->getServerConfig(i); + + if (apiUtils::getConfigType(serverConfigObject) != apiDefs::ConfigType::AmneziaPremiumV1) { + continue; + } + + QString vpnKey = apiUtils::getPremiumV1VpnKey(serverConfigObject); + vpnKeys.append(vpnKey); + } + + if (!vpnKeys.isEmpty()) { + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + QJsonObject apiPayload; + + apiPayload["configs"] = vpnKeys; + QByteArray responseBody; + ErrorCode errorCode = gatewayController.post(QString("%1v1/prem-v1/is-active-subscription"), apiPayload, responseBody); + + auto migrationsStatus = QJsonDocument::fromJson(responseBody).object(); + for (const auto &migrationStatus : migrationsStatus) { + if (migrationStatus == "not_found") { + return true; + } + } + } + + return false; +} + +void ApiPremV1MigrationController::getSubscriptionList(const QString &email) +{ + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + QJsonObject apiPayload; + + apiPayload[apiDefs::key::email] = email; + QByteArray responseBody; + ErrorCode errorCode = gatewayController.post(QString("%1v1/prem-v1/subscription-list"), apiPayload, responseBody); + + if (errorCode == ErrorCode::NoError) { + m_email = email; + m_subscriptionsModel = QJsonDocument::fromJson(responseBody).array(); + if (m_subscriptionsModel.isEmpty()) { + emit noSubscriptionToMigrate(); + return; + } + + emit subscriptionsModelChanged(); + } else { + emit errorOccurred(ErrorCode::ApiMigrationError); + } +} + +QJsonArray ApiPremV1MigrationController::getSubscriptionModel() +{ + return m_subscriptionsModel; +} + +void ApiPremV1MigrationController::sendMigrationCode(const int subscriptionIndex) +{ + QEventLoop wait; + QTimer::singleShot(1000, &wait, &QEventLoop::quit); + wait.exec(); + + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + QJsonObject apiPayload; + + apiPayload[apiDefs::key::email] = m_email; + QByteArray responseBody; + ErrorCode errorCode = gatewayController.post(QString("%1v1/prem-v1/migration-code"), apiPayload, responseBody); + + if (errorCode == ErrorCode::NoError) { + m_subscriptionIndex = subscriptionIndex; + emit otpSuccessfullySent(); + } else { + emit errorOccurred(ErrorCode::ApiMigrationError); + } +} + +void ApiPremV1MigrationController::migrate(const QString &migrationCode) +{ + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + QJsonObject apiPayload; + + apiPayload[apiDefs::key::email] = m_email; + apiPayload[apiDefs::key::orderId] = m_subscriptionsModel.at(m_subscriptionIndex).toObject().value(apiDefs::key::id).toString(); + apiPayload[apiDefs::key::migrationCode] = migrationCode; + QByteArray responseBody; + ErrorCode errorCode = gatewayController.post(QString("%1v1/prem-v1/migrate"), apiPayload, responseBody); + + if (errorCode == ErrorCode::NoError) { + auto responseObject = QJsonDocument::fromJson(responseBody).object(); + QString premiumV2VpnKey = responseObject.value(apiDefs::key::config).toString(); + + emit importPremiumV2VpnKey(premiumV2VpnKey); + } else { + emit errorOccurred(ErrorCode::ApiMigrationError); + } +} + +bool ApiPremV1MigrationController::isPremV1MigrationReminderActive() +{ + return m_settings->isPremV1MigrationReminderActive(); +} + +void ApiPremV1MigrationController::disablePremV1MigrationReminder() +{ + m_settings->disablePremV1MigrationReminder(); +} diff --git a/client/ui/controllers/api/apiPremV1MigrationController.h b/client/ui/controllers/api/apiPremV1MigrationController.h new file mode 100644 index 00000000..d7c10460 --- /dev/null +++ b/client/ui/controllers/api/apiPremV1MigrationController.h @@ -0,0 +1,50 @@ +#ifndef APIPREMV1MIGRATIONCONTROLLER_H +#define APIPREMV1MIGRATIONCONTROLLER_H + +#include + +#include "ui/models/servers_model.h" + +class ApiPremV1MigrationController : public QObject +{ + Q_OBJECT +public: + ApiPremV1MigrationController(const QSharedPointer &serversModel, const std::shared_ptr &settings, + QObject *parent = nullptr); + + Q_PROPERTY(QJsonArray subscriptionsModel READ getSubscriptionModel NOTIFY subscriptionsModelChanged) + +public slots: + bool hasConfigsToMigration(); + void getSubscriptionList(const QString &email); + QJsonArray getSubscriptionModel(); + void sendMigrationCode(const int subscriptionIndex); + void migrate(const QString &migrationCode); + + bool isPremV1MigrationReminderActive(); + void disablePremV1MigrationReminder(); + +signals: + void subscriptionsModelChanged(); + + void otpSuccessfullySent(); + + void importPremiumV2VpnKey(const QString &vpnKey); + + void errorOccurred(ErrorCode errorCode); + + void showMigrationDrawer(); + void migrationFinished(); + + void noSubscriptionToMigrate(); + +private: + QSharedPointer m_serversModel; + std::shared_ptr m_settings; + + QJsonArray m_subscriptionsModel; + int m_subscriptionIndex; + QString m_email; +}; + +#endif // APIPREMV1MIGRATIONCONTROLLER_H diff --git a/client/ui/controllers/api/apiSettingsController.cpp b/client/ui/controllers/api/apiSettingsController.cpp new file mode 100644 index 00000000..c4a75a5b --- /dev/null +++ b/client/ui/controllers/api/apiSettingsController.cpp @@ -0,0 +1,94 @@ +#include "apiSettingsController.h" + +#include +#include + +#include "core/api/apiUtils.h" +#include "core/controllers/gatewayController.h" +#include "version.h" + +namespace +{ + namespace configKey + { + constexpr char userCountryCode[] = "user_country_code"; + constexpr char serverCountryCode[] = "server_country_code"; + constexpr char serviceType[] = "service_type"; + constexpr char serviceInfo[] = "service_info"; + + constexpr char apiConfig[] = "api_config"; + constexpr char authData[] = "auth_data"; + } + + const int requestTimeoutMsecs = 12 * 1000; // 12 secs +} + +ApiSettingsController::ApiSettingsController(const QSharedPointer &serversModel, + const QSharedPointer &apiAccountInfoModel, + const QSharedPointer &apiCountryModel, + const QSharedPointer &apiDevicesModel, + const std::shared_ptr &settings, QObject *parent) + : QObject(parent), + m_serversModel(serversModel), + m_apiAccountInfoModel(apiAccountInfoModel), + m_apiCountryModel(apiCountryModel), + m_apiDevicesModel(apiDevicesModel), + m_settings(settings) +{ +} + +ApiSettingsController::~ApiSettingsController() +{ +} + +bool ApiSettingsController::getAccountInfo(bool reload) +{ + if (reload) { + QEventLoop wait; + QTimer::singleShot(1000, &wait, &QEventLoop::quit); + wait.exec(); + } + + GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), requestTimeoutMsecs, + m_settings->isStrictKillSwitchEnabled()); + + auto processedIndex = m_serversModel->getProcessedServerIndex(); + auto serverConfig = m_serversModel->getServerConfig(processedIndex); + auto apiConfig = serverConfig.value(configKey::apiConfig).toObject(); + auto authData = serverConfig.value(configKey::authData).toObject(); + + QJsonObject apiPayload; + apiPayload[configKey::userCountryCode] = apiConfig.value(configKey::userCountryCode).toString(); + apiPayload[configKey::serviceType] = apiConfig.value(configKey::serviceType).toString(); + apiPayload[configKey::authData] = authData; + apiPayload[apiDefs::key::cliVersion] = QString(APP_VERSION); + + QByteArray responseBody; + + ErrorCode errorCode = gatewayController.post(QString("%1v1/account_info"), apiPayload, responseBody); + if (errorCode != ErrorCode::NoError) { + emit errorOccurred(errorCode); + return false; + } + + QJsonObject accountInfo = QJsonDocument::fromJson(responseBody).object(); + m_apiAccountInfoModel->updateModel(accountInfo, serverConfig); + + if (reload) { + updateApiCountryModel(); + updateApiDevicesModel(); + } + + return true; +} + +void ApiSettingsController::updateApiCountryModel() +{ + m_apiCountryModel->updateModel(m_apiAccountInfoModel->getAvailableCountries(), ""); + m_apiCountryModel->updateIssuedConfigsInfo(m_apiAccountInfoModel->getIssuedConfigsInfo()); +} + +void ApiSettingsController::updateApiDevicesModel() +{ + m_apiDevicesModel->updateModel(m_apiAccountInfoModel->getIssuedConfigsInfo()); +} diff --git a/client/ui/controllers/api/apiSettingsController.h b/client/ui/controllers/api/apiSettingsController.h new file mode 100644 index 00000000..afe9a570 --- /dev/null +++ b/client/ui/controllers/api/apiSettingsController.h @@ -0,0 +1,37 @@ +#ifndef APISETTINGSCONTROLLER_H +#define APISETTINGSCONTROLLER_H + +#include + +#include "ui/models/api/apiAccountInfoModel.h" +#include "ui/models/api/apiCountryModel.h" +#include "ui/models/api/apiDevicesModel.h" +#include "ui/models/servers_model.h" + +class ApiSettingsController : public QObject +{ + Q_OBJECT +public: + ApiSettingsController(const QSharedPointer &serversModel, const QSharedPointer &apiAccountInfoModel, + const QSharedPointer &apiCountryModel, const QSharedPointer &apiDevicesModel, + const std::shared_ptr &settings, QObject *parent = nullptr); + ~ApiSettingsController(); + +public slots: + bool getAccountInfo(bool reload); + void updateApiCountryModel(); + void updateApiDevicesModel(); + +signals: + void errorOccurred(ErrorCode errorCode); + +private: + QSharedPointer m_serversModel; + QSharedPointer m_apiAccountInfoModel; + QSharedPointer m_apiCountryModel; + QSharedPointer m_apiDevicesModel; + + std::shared_ptr m_settings; +}; + +#endif // APISETTINGSCONTROLLER_H diff --git a/client/ui/controllers/connectionController.cpp b/client/ui/controllers/connectionController.cpp index f9491d4e..9fc60493 100644 --- a/client/ui/controllers/connectionController.cpp +++ b/client/ui/controllers/connectionController.cpp @@ -5,10 +5,8 @@ #else #include #endif -#include #include "core/controllers/vpnConfigurationController.h" -#include "core/enums/apiEnums.h" #include "version.h" ConnectionController::ConnectionController(const QSharedPointer &serversModel, @@ -27,7 +25,7 @@ ConnectionController::ConnectionController(const QSharedPointer &s connect(this, &ConnectionController::connectToVpn, m_vpnConnection.get(), &VpnConnection::connectToVpn, Qt::QueuedConnection); connect(this, &ConnectionController::disconnectFromVpn, m_vpnConnection.get(), &VpnConnection::disconnectFromVpn, Qt::QueuedConnection); - connect(this, &ConnectionController::configFromApiUpdated, this, &ConnectionController::continueConnection); + connect(this, &ConnectionController::connectButtonClicked, this, &ConnectionController::toggleConnection, Qt::QueuedConnection); m_state = Vpn::ConnectionState::Disconnected; } @@ -35,8 +33,7 @@ ConnectionController::ConnectionController(const QSharedPointer &s void ConnectionController::openConnection() { #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) - if (!Utils::processIsRunning(Utils::executable(SERVICE_NAME, false), true)) - { + if (!Utils::processIsRunning(Utils::executable(SERVICE_NAME, false), true)) { emit connectionErrorOccurred(ErrorCode::AmneziaServiceNotRunning); return; } @@ -44,26 +41,24 @@ void ConnectionController::openConnection() int serverIndex = m_serversModel->getDefaultServerIndex(); QJsonObject serverConfig = m_serversModel->getServerConfig(serverIndex); - auto configVersion = serverConfig.value(config_key::configVersion).toInt(); - emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Preparing); + DockerContainer container = qvariant_cast(m_serversModel->data(serverIndex, ServersModel::Roles::DefaultContainerRole)); - if (configVersion == ApiConfigSources::Telegram - && !m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { - emit updateApiConfigFromTelegram(); - } else if (configVersion == ApiConfigSources::AmneziaGateway - && !m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { - emit updateApiConfigFromGateway(); - } else if (configVersion && m_serversModel->isApiKeyExpired(serverIndex)) { - qDebug() << "attempt to update api config by expires_at event"; - if (configVersion == ApiConfigSources::Telegram) { - emit updateApiConfigFromTelegram(); - } else { - emit updateApiConfigFromGateway(); - } - } else { - continueConnection(); + if (!m_containersModel->isSupportedByCurrentPlatform(container)) { + emit connectionErrorOccurred(ErrorCode::NotSupportedOnThisPlatform); + return; } + + QSharedPointer serverController(new ServerController(m_settings)); + VpnConfigurationsController vpnConfigurationController(m_settings, serverController); + + QJsonObject containerConfig = m_containersModel->getContainerConfig(container); + ServerCredentials credentials = m_serversModel->getServerCredentials(serverIndex); + + auto dns = m_serversModel->getDnsPair(serverIndex); + + auto vpnConfiguration = vpnConfigurationController.createVpnConfiguration(dns, serverConfig, containerConfig, container); + emit connectToVpn(serverIndex, credentials, container, vpnConfiguration); } void ConnectionController::closeConnection() @@ -167,7 +162,7 @@ void ConnectionController::toggleConnection() } else if (isConnected()) { closeConnection(); } else { - openConnection(); + emit prepareConfig(); } } @@ -180,98 +175,3 @@ bool ConnectionController::isConnected() const { return m_isConnected; } - -bool ConnectionController::isProtocolConfigExists(const QJsonObject &containerConfig, const DockerContainer container) -{ - for (Proto protocol : ContainerProps::protocolsForContainer(container)) { - QString protocolConfig = - containerConfig.value(ProtocolProps::protoToString(protocol)).toObject().value(config_key::last_config).toString(); - - if (protocolConfig.isEmpty()) { - return false; - } - } - return true; -} - -void ConnectionController::continueConnection() -{ - int serverIndex = m_serversModel->getDefaultServerIndex(); - QJsonObject serverConfig = m_serversModel->getServerConfig(serverIndex); - auto configVersion = serverConfig.value(config_key::configVersion).toInt(); - - if (!m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { - emit noInstalledContainers(); - emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); - return; - } - - DockerContainer container = qvariant_cast(m_serversModel->data(serverIndex, ServersModel::Roles::DefaultContainerRole)); - - if (!m_containersModel->isSupportedByCurrentPlatform(container)) { - emit connectionErrorOccurred(tr("The selected protocol is not supported on the current platform")); - return; - } - - if (container == DockerContainer::None) { - emit connectionErrorOccurred(tr("VPN Protocols is not installed.\n Please install VPN container at first")); - return; - } - - QSharedPointer serverController(new ServerController(m_settings)); - VpnConfigurationsController vpnConfigurationController(m_settings, serverController); - - QJsonObject containerConfig = m_containersModel->getContainerConfig(container); - ServerCredentials credentials = m_serversModel->getServerCredentials(serverIndex); - ErrorCode errorCode = updateProtocolConfig(container, credentials, containerConfig, serverController); - if (errorCode != ErrorCode::NoError) { - emit connectionErrorOccurred(errorCode); - return; - } - - auto dns = m_serversModel->getDnsPair(serverIndex); - - auto vpnConfiguration = vpnConfigurationController.createVpnConfiguration(dns, serverConfig, containerConfig, container, errorCode); - if (errorCode != ErrorCode::NoError) { - emit connectionErrorOccurred(tr("unable to create configuration")); - return; - } - - emit connectToVpn(serverIndex, credentials, container, vpnConfiguration); -} - -ErrorCode ConnectionController::updateProtocolConfig(const DockerContainer container, const ServerCredentials &credentials, - QJsonObject &containerConfig, QSharedPointer serverController) -{ - QFutureWatcher watcher; - - if (serverController.isNull()) { - serverController.reset(new ServerController(m_settings)); - } - - QFuture future = QtConcurrent::run([this, container, &credentials, &containerConfig, &serverController]() { - ErrorCode errorCode = ErrorCode::NoError; - if (!isProtocolConfigExists(containerConfig, container)) { - VpnConfigurationsController vpnConfigurationController(m_settings, serverController); - errorCode = vpnConfigurationController.createProtocolConfigForContainer(credentials, container, containerConfig); - if (errorCode != ErrorCode::NoError) { - return errorCode; - } - m_serversModel->updateContainerConfig(container, containerConfig); - - errorCode = m_clientManagementModel->appendClient(container, credentials, containerConfig, - QString("Admin [%1]").arg(QSysInfo::prettyProductName()), serverController); - if (errorCode != ErrorCode::NoError) { - return errorCode; - } - } - return errorCode; - }); - - QEventLoop wait; - connect(&watcher, &QFutureWatcher::finished, &wait, &QEventLoop::quit); - watcher.setFuture(future); - wait.exec(); - - return watcher.result(); -} diff --git a/client/ui/controllers/connectionController.h b/client/ui/controllers/connectionController.h index 25d4d74a..cabeb601 100644 --- a/client/ui/controllers/connectionController.h +++ b/client/ui/controllers/connectionController.h @@ -40,30 +40,20 @@ public slots: void onTranslationsUpdated(); - ErrorCode updateProtocolConfig(const DockerContainer container, const ServerCredentials &credentials, QJsonObject &containerConfig, - QSharedPointer serverController = nullptr); - signals: void connectToVpn(int serverIndex, const ServerCredentials &credentials, DockerContainer container, const QJsonObject &vpnConfiguration); void disconnectFromVpn(); void connectionStateChanged(); - void connectionErrorOccurred(const QString &errorMessage); void connectionErrorOccurred(ErrorCode errorCode); void reconnectWithUpdatedContainer(const QString &message); - void noInstalledContainers(); - void connectButtonClicked(); void preparingConfig(); - - void updateApiConfigFromGateway(); - void updateApiConfigFromTelegram(); - void configFromApiUpdated(); + void prepareConfig(); private: Vpn::ConnectionState getCurrentConnectionState(); - bool isProtocolConfigExists(const QJsonObject &containerConfig, const DockerContainer container); void continueConnection(); diff --git a/client/ui/controllers/exportController.cpp b/client/ui/controllers/exportController.cpp index 8681406e..c487e3b2 100644 --- a/client/ui/controllers/exportController.cpp +++ b/client/ui/controllers/exportController.cpp @@ -9,8 +9,8 @@ #include #include "core/controllers/vpnConfigurationController.h" +#include "core/qrCodeUtils.h" #include "systemController.h" -#include "qrcodegen.hpp" ExportController::ExportController(const QSharedPointer &serversModel, const QSharedPointer &containersModel, const QSharedPointer &clientManagementModel, @@ -50,7 +50,7 @@ void ExportController::generateFullAccessConfig() compressedConfig = qCompress(compressedConfig, 8); m_config = QString("vpn://%1").arg(QString(compressedConfig.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals))); - m_qrCodes = generateQrCodeImageSeries(compressedConfig); + m_qrCodes = qrCodeUtils::generateQrCodeImageSeries(compressedConfig); emit exportConfigChanged(); } @@ -92,7 +92,7 @@ void ExportController::generateConnectionConfig(const QString &clientName) compressedConfig = qCompress(compressedConfig, 8); m_config = QString("vpn://%1").arg(QString(compressedConfig.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals))); - m_qrCodes = generateQrCodeImageSeries(compressedConfig); + m_qrCodes = qrCodeUtils::generateQrCodeImageSeries(compressedConfig); emit exportConfigChanged(); } @@ -145,11 +145,11 @@ void ExportController::generateOpenVpnConfig(const QString &clientName) } QStringList lines = nativeConfig.value(config_key::config).toString().replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } - m_qrCodes = generateQrCodeImageSeries(m_config.toUtf8()); + m_qrCodes = qrCodeUtils::generateQrCodeImageSeries(m_config.toUtf8()); emit exportConfigChanged(); } @@ -163,12 +163,12 @@ void ExportController::generateWireGuardConfig(const QString &clientName) } QStringList lines = nativeConfig.value(config_key::config).toString().replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } - qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(m_config.toUtf8(), qrcodegen::QrCode::Ecc::LOW); - m_qrCodes << svgToBase64(QString::fromStdString(toSvgString(qr, 1))); + auto qr = qrCodeUtils::generateQrCode(m_config.toUtf8()); + m_qrCodes << qrCodeUtils::svgToBase64(QString::fromStdString(toSvgString(qr, 1))); emit exportConfigChanged(); } @@ -183,12 +183,12 @@ void ExportController::generateAwgConfig(const QString &clientName) } QStringList lines = nativeConfig.value(config_key::config).toString().replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } - qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(m_config.toUtf8(), qrcodegen::QrCode::Ecc::LOW); - m_qrCodes << svgToBase64(QString::fromStdString(toSvgString(qr, 1))); + auto qr = qrCodeUtils::generateQrCode(m_config.toUtf8()); + m_qrCodes << qrCodeUtils::svgToBase64(QString::fromStdString(toSvgString(qr, 1))); emit exportConfigChanged(); } @@ -211,7 +211,7 @@ void ExportController::generateShadowSocksConfig() } QStringList lines = QString(QJsonDocument(nativeConfig).toJson()).replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } @@ -221,8 +221,8 @@ void ExportController::generateShadowSocksConfig() m_nativeConfigString = "ss://" + m_nativeConfigString.toUtf8().toBase64(); - qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(m_nativeConfigString.toUtf8(), qrcodegen::QrCode::Ecc::LOW); - m_qrCodes << svgToBase64(QString::fromStdString(toSvgString(qr, 1))); + auto qr = qrCodeUtils::generateQrCode(m_nativeConfigString.toUtf8()); + m_qrCodes << qrCodeUtils::svgToBase64(QString::fromStdString(toSvgString(qr, 1))); emit exportConfigChanged(); } @@ -240,7 +240,7 @@ void ExportController::generateCloakConfig() nativeConfig.insert("ProxyMethod", "shadowsocks"); QStringList lines = QString(QJsonDocument(nativeConfig).toJson()).replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } @@ -257,7 +257,7 @@ void ExportController::generateXrayConfig(const QString &clientName) } QStringList lines = QString(QJsonDocument(nativeConfig).toJson()).replace("\r", "").split("\n"); - for (const QString &line : lines) { + for (const QString &line : std::as_const(lines)) { m_config.append(line + "\n"); } @@ -312,32 +312,6 @@ void ExportController::renameClient(const int row, const QString &clientName, co } } -QList ExportController::generateQrCodeImageSeries(const QByteArray &data) -{ - double k = 850; - - quint8 chunksCount = std::ceil(data.size() / k); - QList chunks; - for (int i = 0; i < data.size(); i = i + k) { - QByteArray chunk; - QDataStream s(&chunk, QIODevice::WriteOnly); - s << amnezia::qrMagicCode << chunksCount << (quint8)std::round(i / k) << data.mid(i, k); - - QByteArray ba = chunk.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); - - qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(ba, qrcodegen::QrCode::Ecc::LOW); - QString svg = QString::fromStdString(toSvgString(qr, 1)); - chunks.append(svgToBase64(svg)); - } - - return chunks; -} - -QString ExportController::svgToBase64(const QString &image) -{ - return "data:image/svg;base64," + QString::fromLatin1(image.toUtf8().toBase64().data()); -} - int ExportController::getQrCodesCount() { return m_qrCodes.size(); diff --git a/client/ui/controllers/exportController.h b/client/ui/controllers/exportController.h index a2c9fcfa..5fb3e6b3 100644 --- a/client/ui/controllers/exportController.h +++ b/client/ui/controllers/exportController.h @@ -50,9 +50,6 @@ signals: void saveFile(const QString &fileName, const QString &data); private: - QList generateQrCodeImageSeries(const QByteArray &data); - QString svgToBase64(const QString &image); - int getQrCodesCount(); void clearPreviousConfig(); diff --git a/client/ui/controllers/focusController.cpp b/client/ui/controllers/focusController.cpp new file mode 100644 index 00000000..54bdc7d8 --- /dev/null +++ b/client/ui/controllers/focusController.cpp @@ -0,0 +1,209 @@ +#include "focusController.h" +#include "utils/qmlUtils.h" + +#include +#include + +FocusController::FocusController(QQmlApplicationEngine *engine, QObject *parent) + : QObject { parent }, + m_engine { engine }, + m_focusChain {}, + m_focusedItem { nullptr }, + m_rootObjects {}, + m_defaultFocusItem { nullptr }, + m_lvfc { nullptr } +{ + QObject::connect(m_engine, &QQmlApplicationEngine::objectCreated, this, [this](QObject *object, const QUrl &url) { + QQuickItem *newDefaultFocusItem = object->findChild("defaultFocusItem"); + if (newDefaultFocusItem && m_defaultFocusItem != newDefaultFocusItem) { + m_defaultFocusItem = newDefaultFocusItem; + } + }); + + QObject::connect(this, &FocusController::focusedItemChanged, this, + [this]() { m_focusedItem->forceActiveFocus(Qt::TabFocusReason); }); +} + +void FocusController::nextKeyTabItem() +{ + nextItem(Direction::Forward); +} + +void FocusController::previousKeyTabItem() +{ + nextItem(Direction::Backward); +} + +void FocusController::nextKeyUpItem() +{ + nextItem(Direction::Backward); +} + +void FocusController::nextKeyDownItem() +{ + nextItem(Direction::Forward); +} + +void FocusController::nextKeyLeftItem() +{ + nextItem(Direction::Backward); +} + +void FocusController::nextKeyRightItem() +{ + nextItem(Direction::Forward); +} + +void FocusController::setFocusItem(QQuickItem *item) +{ + if (m_focusedItem != item) { + m_focusedItem = item; + } + emit focusedItemChanged(); +} + +void FocusController::setFocusOnDefaultItem() +{ + setFocusItem(m_defaultFocusItem); +} + +void FocusController::pushRootObject(QObject *object) +{ + m_rootObjects.push(object); + dropListView(); + // setFocusOnDefaultItem(); +} + +void FocusController::dropRootObject(QObject *object) +{ + if (m_rootObjects.empty()) { + return; + } + + if (m_rootObjects.top() == object) { + m_rootObjects.pop(); + dropListView(); + setFocusOnDefaultItem(); + } else { + qWarning() << "===>> TRY TO DROP WRONG ROOT OBJECT: " << m_rootObjects.top() << " SHOULD BE: " << object; + } +} + +void FocusController::resetRootObject() +{ + m_rootObjects.clear(); +} + +void FocusController::reload(Direction direction) +{ + m_focusChain.clear(); + + QObject *rootObject = (m_rootObjects.empty() ? m_engine->rootObjects().value(0) : m_rootObjects.top()); + + if (!rootObject) { + qCritical() << "No ROOT OBJECT found!"; + resetRootObject(); + dropListView(); + return; + } + + m_focusChain.append(FocusControl::getSubChain(rootObject)); + + std::sort(m_focusChain.begin(), m_focusChain.end(), + direction == Direction::Forward ? FocusControl::isLess : FocusControl::isMore); + + if (m_focusChain.empty()) { + qWarning() << "Focus chain is empty!"; + resetRootObject(); + dropListView(); + return; + } +} + +void FocusController::nextItem(Direction direction) +{ + reload(direction); + + if (m_lvfc && FocusControl::isListView(m_focusedItem)) { + direction == Direction::Forward ? focusNextListViewItem() : focusPreviousListViewItem(); + + return; + } + + if (m_focusChain.empty()) { + qWarning() << "There are no items to navigate"; + setFocusOnDefaultItem(); + return; + } + + auto focusedItemIndex = m_focusChain.indexOf(m_focusedItem); + + if (focusedItemIndex == -1) { + focusedItemIndex = 0; + } else if (focusedItemIndex == (m_focusChain.size() - 1)) { + focusedItemIndex = 0; + } else { + focusedItemIndex++; + } + + const auto focusedItem = qobject_cast(m_focusChain.at(focusedItemIndex)); + + if (focusedItem == nullptr) { + qWarning() << "Failed to get item to focus on. Setting focus on default"; + setFocusOnDefaultItem(); + return; + } + + if (FocusControl::isListView(focusedItem)) { + m_lvfc = new ListViewFocusController(focusedItem, this); + m_focusedItem = focusedItem; + if (direction == Direction::Forward) { + m_lvfc->nextDelegate(); + focusNextListViewItem(); + } else { + m_lvfc->previousDelegate(); + focusPreviousListViewItem(); + } + return; + } + + setFocusItem(focusedItem); +} + +void FocusController::focusNextListViewItem() +{ + m_lvfc->reloadFocusChain(); + if (m_lvfc->isLastFocusItemInListView() || m_lvfc->isReturnNeeded()) { + dropListView(); + nextItem(Direction::Forward); + return; + } else if (m_lvfc->isLastFocusItemInDelegate()) { + m_lvfc->resetFocusChain(); + m_lvfc->nextDelegate(); + } + + m_lvfc->focusNextItem(); +} + +void FocusController::focusPreviousListViewItem() +{ + m_lvfc->reloadFocusChain(); + if (m_lvfc->isFirstFocusItemInListView() || m_lvfc->isReturnNeeded()) { + dropListView(); + nextItem(Direction::Backward); + return; + } else if (m_lvfc->isFirstFocusItemInDelegate()) { + m_lvfc->resetFocusChain(); + m_lvfc->previousDelegate(); + } + + m_lvfc->focusPreviousItem(); +} + +void FocusController::dropListView() +{ + if (m_lvfc) { + delete m_lvfc; + m_lvfc = nullptr; + } +} diff --git a/client/ui/controllers/focusController.h b/client/ui/controllers/focusController.h new file mode 100644 index 00000000..11074dae --- /dev/null +++ b/client/ui/controllers/focusController.h @@ -0,0 +1,57 @@ +#ifndef FOCUSCONTROLLER_H +#define FOCUSCONTROLLER_H + +#include "ui/controllers/listViewFocusController.h" + +#include + +/*! + * \brief The FocusController class makes focus control more straightforward + * \details Focus is handled only for visible and enabled items which have + * `isFocused` property from top left to bottom right. + * \note There are items handled differently (e.g. ListView) + */ +class FocusController : public QObject +{ + Q_OBJECT +public: + explicit FocusController(QQmlApplicationEngine *engine, QObject *parent = nullptr); + ~FocusController() override = default; + + Q_INVOKABLE void nextKeyTabItem(); + Q_INVOKABLE void previousKeyTabItem(); + Q_INVOKABLE void nextKeyUpItem(); + Q_INVOKABLE void nextKeyDownItem(); + Q_INVOKABLE void nextKeyLeftItem(); + Q_INVOKABLE void nextKeyRightItem(); + Q_INVOKABLE void setFocusItem(QQuickItem *item); + Q_INVOKABLE void setFocusOnDefaultItem(); + Q_INVOKABLE void pushRootObject(QObject *object); + Q_INVOKABLE void dropRootObject(QObject *object); + Q_INVOKABLE void resetRootObject(); + +private: + enum class Direction { + Forward, + Backward, + }; + + void reload(Direction direction); + void nextItem(Direction direction); + void focusNextListViewItem(); + void focusPreviousListViewItem(); + void dropListView(); + + QQmlApplicationEngine *m_engine; // Pointer to engine to get root object + QList m_focusChain; // List of current objects to be focused + QQuickItem *m_focusedItem; // Pointer to the active focus item + QStack m_rootObjects; // Pointer to stack of roots for focus chain + QQuickItem *m_defaultFocusItem; + + ListViewFocusController *m_lvfc; // ListView focus manager + +signals: + void focusedItemChanged(); +}; + +#endif // FOCUSCONTROLLER_H diff --git a/client/ui/controllers/importController.cpp b/client/ui/controllers/importController.cpp index f7e96bff..ea1d5d8e 100644 --- a/client/ui/controllers/importController.cpp +++ b/client/ui/controllers/importController.cpp @@ -7,8 +7,13 @@ #include #include +#include "core/api/apiDefs.h" +#include "core/api/apiUtils.h" #include "core/errorstrings.h" +#include "core/qrCodeUtils.h" #include "core/serialization/serialization.h" +#include "protocols/protocols_defs.h" +#include "systemController.h" #include "utilities.h" #ifdef Q_OS_ANDROID @@ -23,8 +28,6 @@ namespace ConfigTypes checkConfigFormat(const QString &config) { const QString openVpnConfigPatternCli = "client"; - const QString openVpnConfigPatternProto1 = "proto tcp"; - const QString openVpnConfigPatternProto2 = "proto udp"; const QString openVpnConfigPatternDriver1 = "dev tun"; const QString openVpnConfigPatternDriver2 = "dev tap"; @@ -44,18 +47,18 @@ namespace if (config.contains(backupPattern)) { return ConfigTypes::Backup; - } else if (config.contains(amneziaConfigPattern) || config.contains(amneziaFreeConfigPattern) || config.contains(amneziaPremiumConfigPattern) + } else if (config.contains(amneziaConfigPattern) || config.contains(amneziaFreeConfigPattern) + || config.contains(amneziaPremiumConfigPattern) || (config.contains(amneziaConfigPatternHostName) && config.contains(amneziaConfigPatternUserName) && config.contains(amneziaConfigPatternPassword))) { return ConfigTypes::Amnezia; - } else if (config.contains(openVpnConfigPatternCli) - && (config.contains(openVpnConfigPatternProto1) || config.contains(openVpnConfigPatternProto2)) - && (config.contains(openVpnConfigPatternDriver1) || config.contains(openVpnConfigPatternDriver2))) { - return ConfigTypes::OpenVpn; } else if (config.contains(wireguardConfigPatternSectionInterface) && config.contains(wireguardConfigPatternSectionPeer)) { return ConfigTypes::WireGuard; } else if ((config.contains(xrayConfigPatternInbound)) && (config.contains(xrayConfigPatternOutbound))) { return ConfigTypes::Xray; + } else if (config.contains(openVpnConfigPatternCli) + && (config.contains(openVpnConfigPatternDriver1) || config.contains(openVpnConfigPatternDriver2))) { + return ConfigTypes::OpenVpn; } return ConfigTypes::Invalid; } @@ -76,21 +79,24 @@ ImportController::ImportController(const QSharedPointer &serversMo bool ImportController::extractConfigFromFile(const QString &fileName) { - QFile file(fileName); - - if (file.open(QIODevice::ReadOnly)) { - QString data = file.readAll(); - - m_configFileName = QFileInfo(file.fileName()).fileName(); - return extractConfigFromData(data); + QString data; + if (!SystemController::readFile(fileName, data)) { + emit importErrorOccurred(ErrorCode::ImportOpenConfigError, false); + return false; } - - emit importErrorOccurred(ErrorCode::ImportOpenConfigError, false); - return false; + m_configFileName = QFileInfo(QFile(fileName).fileName()).fileName(); +#ifdef Q_OS_ANDROID + if (m_configFileName.isEmpty()) { + m_configFileName = AndroidController::instance()->getFileName(fileName); + } +#endif + return extractConfigFromData(data); } bool ImportController::extractConfigFromData(QString data) { + m_maliciousWarningText.clear(); + QString config = data; QString prefix; QString errormsg; @@ -147,11 +153,11 @@ bool ImportController::extractConfigFromData(QString data) m_configType = checkConfigFormat(config); if (m_configType == ConfigTypes::Invalid) { - data.replace("vpn://", ""); - QByteArray ba = QByteArray::fromBase64(data.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); - QByteArray ba_uncompressed = qUncompress(ba); - if (!ba_uncompressed.isEmpty()) { - ba = ba_uncompressed; + config.replace("vpn://", ""); + QByteArray ba = QByteArray::fromBase64(config.toUtf8(), QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); + QByteArray baUncompressed = qUncompress(ba); + if (!baUncompressed.isEmpty()) { + ba = baUncompressed; } config = ba; @@ -178,6 +184,13 @@ bool ImportController::extractConfigFromData(QString data) } case ConfigTypes::Amnezia: { m_config = QJsonDocument::fromJson(config.toUtf8()).object(); + + if (apiUtils::isServerFromApi(m_config)) { + auto apiConfig = m_config.value(apiDefs::key::apiConfig).toObject(); + apiConfig[apiDefs::key::vpnKey] = data; + m_config[apiDefs::key::apiConfig] = apiConfig; + } + processAmneziaConfig(m_config); if (!m_config.empty()) { checkForMaliciousStrings(m_config); @@ -215,6 +228,21 @@ bool ImportController::extractConfigFromQr(const QByteArray &data) return true; } + m_configType = checkConfigFormat(data); + if (m_configType == ConfigTypes::Invalid) { + QByteArray ba = QByteArray::fromBase64(data, QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals); + QByteArray baUncompressed = qUncompress(ba); + + if (!baUncompressed.isEmpty()) { + ba = baUncompressed; + } + + if (!ba.isEmpty()) { + m_config = QJsonDocument::fromJson(ba).object(); + return true; + } + } + return false; } @@ -259,6 +287,19 @@ void ImportController::processNativeWireGuardConfig() clientProtocolConfig[config_key::underloadPacketMagicHeader] = "3"; clientProtocolConfig[config_key::transportPacketMagicHeader] = "4"; + // clientProtocolConfig[config_key::cookieReplyPacketJunkSize] = "0"; + // clientProtocolConfig[config_key::transportPacketJunkSize] = "0"; + + // clientProtocolConfig[config_key::specialJunk1] = ""; + // clientProtocolConfig[config_key::specialJunk2] = ""; + // clientProtocolConfig[config_key::specialJunk3] = ""; + // clientProtocolConfig[config_key::specialJunk4] = ""; + // clientProtocolConfig[config_key::specialJunk5] = ""; + // clientProtocolConfig[config_key::controlledJunk1] = ""; + // clientProtocolConfig[config_key::controlledJunk2] = ""; + // clientProtocolConfig[config_key::controlledJunk3] = ""; + // clientProtocolConfig[config_key::specialHandshakeTimeout] = "0"; + clientProtocolConfig[config_key::isObfuscationEnabled] = true; serverProtocolConfig[config_key::last_config] = QString(QJsonDocument(clientProtocolConfig).toJson()); @@ -317,7 +358,7 @@ QJsonObject ImportController::extractOpenVpnConfig(const QString &data) arr.push_back(containers); QString hostName; - const static QRegularExpression hostNameRegExp("remote (.*) [0-9]*"); + const static QRegularExpression hostNameRegExp("remote\\s+([^\\s]+)"); QRegularExpressionMatch hostNameMatch = hostNameRegExp.match(data); if (hostNameMatch.hasMatch()) { hostName = hostNameMatch.captured(1); @@ -411,21 +452,33 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data) lastConfig[config_key::allowed_ips] = allowedIpsJsonArray; QString protocolName = "wireguard"; - if (!configMap.value(config_key::junkPacketCount).isEmpty() && !configMap.value(config_key::junkPacketMinSize).isEmpty() - && !configMap.value(config_key::junkPacketMaxSize).isEmpty() && !configMap.value(config_key::initPacketJunkSize).isEmpty() - && !configMap.value(config_key::responsePacketJunkSize).isEmpty() && !configMap.value(config_key::initPacketMagicHeader).isEmpty() - && !configMap.value(config_key::responsePacketMagicHeader).isEmpty() - && !configMap.value(config_key::underloadPacketMagicHeader).isEmpty() - && !configMap.value(config_key::transportPacketMagicHeader).isEmpty()) { - lastConfig[config_key::junkPacketCount] = configMap.value(config_key::junkPacketCount); - lastConfig[config_key::junkPacketMinSize] = configMap.value(config_key::junkPacketMinSize); - lastConfig[config_key::junkPacketMaxSize] = configMap.value(config_key::junkPacketMaxSize); - lastConfig[config_key::initPacketJunkSize] = configMap.value(config_key::initPacketJunkSize); - lastConfig[config_key::responsePacketJunkSize] = configMap.value(config_key::responsePacketJunkSize); - lastConfig[config_key::initPacketMagicHeader] = configMap.value(config_key::initPacketMagicHeader); - lastConfig[config_key::responsePacketMagicHeader] = configMap.value(config_key::responsePacketMagicHeader); - lastConfig[config_key::underloadPacketMagicHeader] = configMap.value(config_key::underloadPacketMagicHeader); - lastConfig[config_key::transportPacketMagicHeader] = configMap.value(config_key::transportPacketMagicHeader); + + const QStringList requiredJunkFields = { config_key::junkPacketCount, config_key::junkPacketMinSize, + config_key::junkPacketMaxSize, config_key::initPacketJunkSize, + config_key::responsePacketJunkSize, config_key::initPacketMagicHeader, + config_key::responsePacketMagicHeader, config_key::underloadPacketMagicHeader, + config_key::transportPacketMagicHeader }; + + const QStringList optionalJunkFields = { // config_key::cookieReplyPacketJunkSize, + // config_key::transportPacketJunkSize, + config_key::specialJunk1, config_key::specialJunk2, config_key::specialJunk3, + config_key::specialJunk4, config_key::specialJunk5, config_key::controlledJunk1, + config_key::controlledJunk2, config_key::controlledJunk3, config_key::specialHandshakeTimeout + }; + + bool hasAllRequiredFields = std::all_of(requiredJunkFields.begin(), requiredJunkFields.end(), + [&configMap](const QString &field) { return !configMap.value(field).isEmpty(); }); + if (hasAllRequiredFields) { + for (const QString &field : requiredJunkFields) { + lastConfig[field] = configMap.value(field); + } + + for (const QString &field : optionalJunkFields) { + if (!configMap.value(field).isEmpty()) { + lastConfig[field] = configMap.value(field); + } + } + protocolName = "awg"; m_configType = ConfigTypes::Awg; } @@ -567,7 +620,7 @@ bool ImportController::parseQrCodeChunk(const QString &code) qint16 magic; s >> magic; - if (magic == amnezia::qrMagicCode) { + if (magic == qrCodeUtils::qrMagicCode) { quint8 chunksCount; s >> chunksCount; if (m_totalQrCodeChunksCount != chunksCount) { @@ -633,29 +686,33 @@ void ImportController::checkForMaliciousStrings(const QJsonObject &serverConfig) if ((containerName == ContainerProps::containerToString(DockerContainer::OpenVpn)) || (containerName == ContainerProps::containerToString(DockerContainer::Cloak)) || (containerName == ContainerProps::containerToString(DockerContainer::ShadowSocks))) { + QString protocolConfig = containerConfig[ProtocolProps::protoToString(Proto::OpenVpn)].toObject()[config_key::last_config].toString(); QString protocolConfigJson = QJsonDocument::fromJson(protocolConfig.toUtf8()).object()[config_key::config].toString(); - const QRegularExpression regExp { "(\\w+-\\w+|\\w+)" }; - const size_t dangerousTagsMaxCount = 3; - // https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/script-options.rst QStringList dangerousTags { "up", "tls-verify", "ipchange", "client-connect", "route-up", "route-pre-down", "client-disconnect", "down", "learn-address", "auth-user-pass-verify" }; QStringList maliciousStrings; - QStringList lines = protocolConfigJson.replace("\r", "").split("\n"); - for (const QString &l : lines) { - QRegularExpressionMatch match = regExp.match(l); - if (dangerousTags.contains(match.captured(0))) { - maliciousStrings << l; + QStringList lines = protocolConfigJson.split('\n', Qt::SkipEmptyParts); + + for (const QString &rawLine : lines) { + QString line = rawLine.trimmed(); + + QString command = line.section(' ', 0, 0, QString::SectionSkipEmpty); + if (dangerousTags.contains(command, Qt::CaseInsensitive)) { + maliciousStrings << rawLine; } } - if (maliciousStrings.size() >= dangerousTagsMaxCount) { - m_maliciousWarningText = tr("In the imported configuration, potentially dangerous lines were found:"); + m_maliciousWarningText = tr("This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious " + "scripts, so only add it if you fully trust the provider of this config. "); + + if (!maliciousStrings.isEmpty()) { + m_maliciousWarningText.push_back(tr("
In the imported configuration, potentially dangerous lines were found:")); for (const auto &string : maliciousStrings) { m_maliciousWarningText.push_back(QString("
%1").arg(string)); } @@ -678,7 +735,8 @@ void ImportController::processAmneziaConfig(QJsonObject &config) } QJsonObject jsonConfig = QJsonDocument::fromJson(protocolConfig.toUtf8()).object(); - jsonConfig[config_key::mtu] = dockerContainer == DockerContainer::Awg ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu; + jsonConfig[config_key::mtu] = + dockerContainer == DockerContainer::Awg ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu; containerConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson()); diff --git a/client/ui/controllers/installController.cpp b/client/ui/controllers/installController.cpp index ae0804cb..d7f9dfbc 100755 --- a/client/ui/controllers/installController.cpp +++ b/client/ui/controllers/installController.cpp @@ -6,8 +6,9 @@ #include #include #include +#include -#include "core/controllers/apiController.h" +#include "core/api/apiUtils.h" #include "core/controllers/serverController.h" #include "core/controllers/vpnConfigurationController.h" #include "core/networkUtilities.h" @@ -39,14 +40,12 @@ namespace InstallController::InstallController(const QSharedPointer &serversModel, const QSharedPointer &containersModel, const QSharedPointer &protocolsModel, const QSharedPointer &clientManagementModel, - const QSharedPointer &apiServicesModel, const std::shared_ptr &settings, - QObject *parent) + const std::shared_ptr &settings, QObject *parent) : QObject(parent), m_serversModel(serversModel), m_containersModel(containersModel), m_protocolModel(protocolsModel), m_clientManagementModel(clientManagementModel), - m_apiServicesModel(apiServicesModel), m_settings(settings) { } @@ -80,12 +79,36 @@ void InstallController::install(DockerContainer container, int port, TransportPr int s1 = QRandomGenerator::global()->bounded(15, 150); int s2 = QRandomGenerator::global()->bounded(15, 150); - while (s1 + AwgConstant::messageInitiationSize == s2 + AwgConstant::messageResponseSize) { + // int s3 = QRandomGenerator::global()->bounded(15, 150); + // int s4 = QRandomGenerator::global()->bounded(15, 150); + + // Ensure all values are unique and don't create equal packet sizes + QSet usedValues; + usedValues.insert(s1); + + while (usedValues.contains(s2) || s1 + AwgConstant::messageInitiationSize == s2 + AwgConstant::messageResponseSize) { s2 = QRandomGenerator::global()->bounded(15, 150); } + usedValues.insert(s2); + + // while (usedValues.contains(s3) + // || s1 + AwgConstant::messageInitiationSize == s3 + AwgConstant::messageCookieReplySize + // || s2 + AwgConstant::messageResponseSize == s3 + AwgConstant::messageCookieReplySize) { + // s3 = QRandomGenerator::global()->bounded(15, 150); + // } + // usedValues.insert(s3); + + // while (usedValues.contains(s4) + // || s1 + AwgConstant::messageInitiationSize == s4 + AwgConstant::messageTransportSize + // || s2 + AwgConstant::messageResponseSize == s4 + AwgConstant::messageTransportSize + // || s3 + AwgConstant::messageCookieReplySize == s4 + AwgConstant::messageTransportSize) { + // s4 = QRandomGenerator::global()->bounded(15, 150); + // } QString initPacketJunkSize = QString::number(s1); QString responsePacketJunkSize = QString::number(s2); + // QString cookieReplyPacketJunkSize = QString::number(s3); + // QString transportPacketJunkSize = QString::number(s4); QSet headersValue; while (headersValue.size() != 4) { @@ -109,6 +132,21 @@ void InstallController::install(DockerContainer container, int port, TransportPr containerConfig[config_key::responsePacketMagicHeader] = responsePacketMagicHeader; containerConfig[config_key::underloadPacketMagicHeader] = underloadPacketMagicHeader; containerConfig[config_key::transportPacketMagicHeader] = transportPacketMagicHeader; + + // TODO: + // containerConfig[config_key::cookieReplyPacketJunkSize] = cookieReplyPacketJunkSize; + // containerConfig[config_key::transportPacketJunkSize] = transportPacketJunkSize; + + // containerConfig[config_key::specialJunk1] = specialJunk1; + // containerConfig[config_key::specialJunk2] = specialJunk2; + // containerConfig[config_key::specialJunk3] = specialJunk3; + // containerConfig[config_key::specialJunk4] = specialJunk4; + // containerConfig[config_key::specialJunk5] = specialJunk5; + // containerConfig[config_key::controlledJunk1] = controlledJunk1; + // containerConfig[config_key::controlledJunk2] = controlledJunk2; + // containerConfig[config_key::controlledJunk3] = controlledJunk3; + // containerConfig[config_key::specialHandshakeTimeout] = specialHandshakeTimeout; + } else if (container == DockerContainer::Sftp) { containerConfig.insert(config_key::userName, protocols::sftp::defaultUserName); containerConfig.insert(config_key::password, Utils::getRandomString(16)); @@ -364,7 +402,8 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia QJsonObject config; Proto mainProto = ContainerProps::defaultProtocol(container); - for (auto protocol : ContainerProps::protocolsForContainer(container)) { + const auto &protocols = ContainerProps::protocolsForContainer(container); + for (const auto &protocol : protocols) { QJsonObject containerConfig; if (protocol == mainProto) { containerConfig.insert(config_key::port, port); @@ -388,6 +427,7 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia } } + containerConfig[config_key::subnet_address] = serverConfigMap.value("Address").remove("/24"); containerConfig[config_key::junkPacketCount] = serverConfigMap.value(config_key::junkPacketCount); containerConfig[config_key::junkPacketMinSize] = serverConfigMap.value(config_key::junkPacketMinSize); containerConfig[config_key::junkPacketMaxSize] = serverConfigMap.value(config_key::junkPacketMaxSize); @@ -399,6 +439,38 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia serverConfigMap.value(config_key::underloadPacketMagicHeader); containerConfig[config_key::transportPacketMagicHeader] = serverConfigMap.value(config_key::transportPacketMagicHeader); + + // containerConfig[config_key::cookieReplyPacketJunkSize] = serverConfigMap.value(config_key::cookieReplyPacketJunkSize); + // containerConfig[config_key::transportPacketJunkSize] = serverConfigMap.value(config_key::transportPacketJunkSize); + + // containerConfig[config_key::specialJunk1] = serverConfigMap.value(config_key::specialJunk1); + // containerConfig[config_key::specialJunk2] = serverConfigMap.value(config_key::specialJunk2); + // containerConfig[config_key::specialJunk3] = serverConfigMap.value(config_key::specialJunk3); + // containerConfig[config_key::specialJunk4] = serverConfigMap.value(config_key::specialJunk4); + // containerConfig[config_key::specialJunk5] = serverConfigMap.value(config_key::specialJunk5); + // containerConfig[config_key::controlledJunk1] = serverConfigMap.value(config_key::controlledJunk1); + // containerConfig[config_key::controlledJunk2] = serverConfigMap.value(config_key::controlledJunk2); + // containerConfig[config_key::controlledJunk3] = serverConfigMap.value(config_key::controlledJunk3); + // containerConfig[config_key::specialHandshakeTimeout] = serverConfigMap.value(config_key::specialHandshakeTimeout); + + } else if (protocol == Proto::WireGuard) { + QString serverConfig = serverController->getTextFileFromContainer(container, credentials, + protocols::wireguard::serverConfigPath, errorCode); + + QMap serverConfigMap; + auto serverConfigLines = serverConfig.split("\n"); + for (auto &line : serverConfigLines) { + auto trimmedLine = line.trimmed(); + if (trimmedLine.startsWith("[") && trimmedLine.endsWith("]")) { + continue; + } else { + QStringList parts = trimmedLine.split(" = "); + if (parts.count() == 2) { + serverConfigMap.insert(parts[0].trimmed(), parts[1].trimmed()); + } + } + } + containerConfig[config_key::subnet_address] = serverConfigMap.value("Address").remove("/24"); } else if (protocol == Proto::Sftp) { stdOut.clear(); script = QString("sudo docker inspect --format '{{.Config.Cmd}}' %1").arg(name); @@ -433,6 +505,51 @@ ErrorCode InstallController::getAlreadyInstalledContainers(const ServerCredentia containerConfig.insert(config_key::userName, userName); containerConfig.insert(config_key::password, password); } + } else if (protocol == Proto::Xray) { + QString currentConfig = serverController->getTextFileFromContainer( + container, credentials, amnezia::protocols::xray::serverConfigPath, errorCode); + + QJsonDocument doc = QJsonDocument::fromJson(currentConfig.toUtf8()); + qDebug() << doc; + if (doc.isNull() || !doc.isObject()) { + logger.error() << "Failed to parse server config JSON"; + errorCode = ErrorCode::InternalError; + return errorCode; + } + QJsonObject serverConfig = doc.object(); + + if (!serverConfig.contains("inbounds")) { + logger.error() << "Server config missing 'inbounds' field"; + errorCode = ErrorCode::InternalError; + return errorCode; + } + + QJsonArray inbounds = serverConfig["inbounds"].toArray(); + if (inbounds.isEmpty()) { + logger.error() << "Server config has empty 'inbounds' array"; + errorCode = ErrorCode::InternalError; + return errorCode; + } + + QJsonObject inbound = inbounds[0].toObject(); + if (!inbound.contains("streamSettings")) { + logger.error() << "Inbound missing 'streamSettings' field"; + errorCode = ErrorCode::InternalError; + return errorCode; + } + + QJsonObject streamSettings = inbound["streamSettings"].toObject(); + QJsonObject realitySettings = streamSettings["realitySettings"].toObject(); + if (!realitySettings.contains("serverNames")) { + logger.error() << "Settings missing 'clients' field"; + errorCode = ErrorCode::InternalError; + return errorCode; + } + + QString siteName = realitySettings["serverNames"][0].toString(); + qDebug() << siteName; + + containerConfig.insert(config_key::site, siteName); } config.insert(config_key::container, ContainerProps::containerToString(container)); @@ -773,109 +890,79 @@ void InstallController::addEmptyServer() emit installServerFinished(tr("Server added successfully")); } -bool InstallController::fillAvailableServices() +bool InstallController::isConfigValid() { - ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv()); + int serverIndex = m_serversModel->getDefaultServerIndex(); + QJsonObject serverConfigObject = m_serversModel->getServerConfig(serverIndex); - QByteArray responseBody; - ErrorCode errorCode = apiController.getServicesList(responseBody); - if (errorCode != ErrorCode::NoError) { - emit installationErrorOccurred(errorCode); + if (apiUtils::isServerFromApi(serverConfigObject)) { + return true; + } + + if (!m_serversModel->data(serverIndex, ServersModel::Roles::HasInstalledContainers).toBool()) { + emit noInstalledContainers(); return false; } - QJsonObject data = QJsonDocument::fromJson(responseBody).object(); - m_apiServicesModel->updateModel(data); - return true; -} + DockerContainer container = qvariant_cast(m_serversModel->data(serverIndex, ServersModel::Roles::DefaultContainerRole)); -bool InstallController::installServiceFromApi() -{ - if (m_serversModel->isServerFromApiAlreadyExists(m_apiServicesModel->getCountryCode(), m_apiServicesModel->getSelectedServiceType(), - m_apiServicesModel->getSelectedServiceProtocol())) { - emit installationErrorOccurred(ErrorCode::ApiConfigAlreadyAdded); + if (container == DockerContainer::None) { + emit installationErrorOccurred(ErrorCode::NoInstalledContainersError); return false; } - ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv()); - QJsonObject serverConfig; + QSharedPointer serverController(new ServerController(m_settings)); + VpnConfigurationsController vpnConfigurationController(m_settings, serverController); - ErrorCode errorCode = apiController.getConfigForService(m_settings->getInstallationUuid(true), m_apiServicesModel->getCountryCode(), - m_apiServicesModel->getSelectedServiceType(), - m_apiServicesModel->getSelectedServiceProtocol(), "", QJsonObject(), serverConfig); - if (errorCode != ErrorCode::NoError) { - emit installationErrorOccurred(errorCode); - return false; - } + QJsonObject containerConfig = m_containersModel->getContainerConfig(container); + ServerCredentials credentials = m_serversModel->getServerCredentials(serverIndex); - auto serviceInfo = m_apiServicesModel->getSelectedServiceInfo(); - QJsonObject apiConfig = serverConfig.value(configKey::apiConfig).toObject(); - apiConfig.insert(configKey::serviceInfo, serviceInfo); - apiConfig.insert(configKey::userCountryCode, m_apiServicesModel->getCountryCode()); - apiConfig.insert(configKey::serviceType, m_apiServicesModel->getSelectedServiceType()); - apiConfig.insert(configKey::serviceProtocol, m_apiServicesModel->getSelectedServiceProtocol()); + QFutureWatcher watcher; - serverConfig.insert(configKey::apiConfig, apiConfig); + QFuture future = QtConcurrent::run([this, container, &credentials, &containerConfig, &serverController]() { + ErrorCode errorCode = ErrorCode::NoError; - m_serversModel->addServer(serverConfig); - emit installServerFromApiFinished(tr("%1 installed successfully.").arg(m_apiServicesModel->getSelectedServiceName())); - return true; -} + auto isProtocolConfigExists = [](const QJsonObject &containerConfig, const DockerContainer container) { + for (Proto protocol : ContainerProps::protocolsForContainer(container)) { + QString protocolConfig = + containerConfig.value(ProtocolProps::protoToString(protocol)).toObject().value(config_key::last_config).toString(); -bool InstallController::updateServiceFromApi(const int serverIndex, const QString &newCountryCode, const QString &newCountryName, - bool reloadServiceConfig) -{ - ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv()); + if (protocolConfig.isEmpty()) { + return false; + } + } + return true; + }; - auto serverConfig = m_serversModel->getServerConfig(serverIndex); - auto apiConfig = serverConfig.value(configKey::apiConfig).toObject(); - auto authData = serverConfig.value(configKey::authData).toObject(); + if (!isProtocolConfigExists(containerConfig, container)) { + VpnConfigurationsController vpnConfigurationController(m_settings, serverController); + errorCode = vpnConfigurationController.createProtocolConfigForContainer(credentials, container, containerConfig); + if (errorCode != ErrorCode::NoError) { + return errorCode; + } + m_serversModel->updateContainerConfig(container, containerConfig); - QJsonObject newServerConfig; - ErrorCode errorCode = apiController.getConfigForService( - m_settings->getInstallationUuid(true), apiConfig.value(configKey::userCountryCode).toString(), - apiConfig.value(configKey::serviceType).toString(), apiConfig.value(configKey::serviceProtocol).toString(), newCountryCode, - authData, newServerConfig); - if (errorCode != ErrorCode::NoError) { - emit installationErrorOccurred(errorCode); - return false; - } - - QJsonObject newApiConfig = newServerConfig.value(configKey::apiConfig).toObject(); - newApiConfig.insert(configKey::userCountryCode, apiConfig.value(configKey::userCountryCode)); - newApiConfig.insert(configKey::serviceType, apiConfig.value(configKey::serviceType)); - newApiConfig.insert(configKey::serviceProtocol, apiConfig.value(configKey::serviceProtocol)); - - newServerConfig.insert(configKey::apiConfig, newApiConfig); - newServerConfig.insert(configKey::authData, authData); - m_serversModel->editServer(newServerConfig, serverIndex); - - if (reloadServiceConfig) { - emit reloadServerFromApiFinished(tr("API config reloaded")); - } else if (newCountryName.isEmpty()) { - emit updateServerFromApiFinished(); - } else { - emit changeApiCountryFinished(tr("Successfully changed the country of connection to %1").arg(newCountryName)); - } - return true; -} - -void InstallController::updateServiceFromTelegram(const int serverIndex) -{ - ApiController *apiController = new ApiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv()); - - auto serverConfig = m_serversModel->getServerConfig(serverIndex); - - apiController->updateServerConfigFromApi(m_settings->getInstallationUuid(true), serverIndex, serverConfig); - connect(apiController, &ApiController::finished, this, [this, apiController](const QJsonObject &config, const int serverIndex) { - m_serversModel->editServer(config, serverIndex); - emit updateServerFromApiFinished(); - apiController->deleteLater(); + errorCode = m_clientManagementModel->appendClient(container, credentials, containerConfig, + QString("Admin [%1]").arg(QSysInfo::prettyProductName()), serverController); + if (errorCode != ErrorCode::NoError) { + return errorCode; + } + } + return errorCode; }); - connect(apiController, &ApiController::errorOccurred, this, [this, apiController](ErrorCode errorCode) { + + QEventLoop wait; + connect(&watcher, &QFutureWatcher::finished, &wait, &QEventLoop::quit); + watcher.setFuture(future); + wait.exec(); + + ErrorCode errorCode = watcher.result(); + + if (errorCode != ErrorCode::NoError) { emit installationErrorOccurred(errorCode); - apiController->deleteLater(); - }); + return false; + } + return true; } bool InstallController::isUpdateDockerContainerRequired(const DockerContainer container, const QJsonObject &oldConfig, diff --git a/client/ui/controllers/installController.h b/client/ui/controllers/installController.h index d7ab3553..8e42b5b2 100644 --- a/client/ui/controllers/installController.h +++ b/client/ui/controllers/installController.h @@ -10,7 +10,6 @@ #include "ui/models/containers_model.h" #include "ui/models/protocols_model.h" #include "ui/models/servers_model.h" -#include "ui/models/apiServicesModel.h" class InstallController : public QObject { @@ -19,7 +18,6 @@ public: explicit InstallController(const QSharedPointer &serversModel, const QSharedPointer &containersModel, const QSharedPointer &protocolsModel, const QSharedPointer &clientManagementModel, - const QSharedPointer &apiServicesModel, const std::shared_ptr &settings, QObject *parent = nullptr); ~InstallController(); @@ -52,21 +50,13 @@ public slots: void addEmptyServer(); - bool fillAvailableServices(); - bool installServiceFromApi(); - bool updateServiceFromApi(const int serverIndex, const QString &newCountryCode, const QString &newCountryName, bool reloadServiceConfig = false); - - void updateServiceFromTelegram(const int serverIndex); + bool isConfigValid(); signals: void installContainerFinished(const QString &finishMessage, bool isServiceInstall); void installServerFinished(const QString &finishMessage); - void installServerFromApiFinished(const QString &message); void updateContainerFinished(const QString &message); - void updateServerFromApiFinished(); - void changeApiCountryFinished(const QString &message); - void reloadServerFromApiFinished(const QString &message); void scanServerFinished(bool isInstalledContainerFound); @@ -91,6 +81,8 @@ signals: void cachedProfileCleared(const QString &message); void apiConfigRemoved(const QString &message); + void noInstalledContainers(); + private: void installServer(const DockerContainer container, const QMap &installedContainers, const ServerCredentials &serverCredentials, const QSharedPointer &serverController, @@ -108,7 +100,6 @@ private: QSharedPointer m_containersModel; QSharedPointer m_protocolModel; QSharedPointer m_clientManagementModel; - QSharedPointer m_apiServicesModel; std::shared_ptr m_settings; diff --git a/client/ui/controllers/listViewFocusController.cpp b/client/ui/controllers/listViewFocusController.cpp new file mode 100644 index 00000000..9fa232ca --- /dev/null +++ b/client/ui/controllers/listViewFocusController.cpp @@ -0,0 +1,309 @@ +#include "listViewFocusController.h" +#include "utils/qmlUtils.h" + +#include + +ListViewFocusController::ListViewFocusController(QQuickItem *listView, QObject *parent) + : QObject { parent }, + m_listView { listView }, + m_focusChain {}, + m_currentSection { Section::Default }, + m_header { nullptr }, + m_footer { nullptr }, + m_focusedItem { nullptr }, + m_focusedItemIndex { -1 }, + m_delegateIndex { 0 }, + m_isReturnNeeded { false }, + m_currentSectionString { "Default", "Header", "Delegate", "Footer" } +{ + QVariant headerItemProperty = m_listView->property("headerItem"); + m_header = headerItemProperty.canConvert() ? headerItemProperty.value() : nullptr; + + QVariant footerItemProperty = m_listView->property("footerItem"); + m_footer = footerItemProperty.canConvert() ? footerItemProperty.value() : nullptr; +} + +ListViewFocusController::~ListViewFocusController() +{ +} + +void ListViewFocusController::viewAtCurrentIndex() const +{ + switch (m_currentSection) { + case Section::Default: [[fallthrough]]; + case Section::Header: { + QMetaObject::invokeMethod(m_listView, "positionViewAtBeginning"); + break; + } + case Section::Delegate: { + QMetaObject::invokeMethod(m_listView, "positionViewAtIndex", Q_ARG(int, m_delegateIndex), // Index + Q_ARG(int, 2)); // PositionMode (0 = Visible) + break; + } + case Section::Footer: { + QMetaObject::invokeMethod(m_listView, "positionViewAtEnd"); + break; + } + } +} + +int ListViewFocusController::size() const +{ + return m_listView->property("count").toInt(); +} + +int ListViewFocusController::currentIndex() const +{ + return m_delegateIndex; +} + +void ListViewFocusController::setDelegateIndex(int index) +{ + m_delegateIndex = index; + m_listView->setProperty("currentIndex", index); +} + +void ListViewFocusController::nextDelegate() +{ + switch (m_currentSection) { + case Section::Default: { + if (hasHeader()) { + m_currentSection = Section::Header; + viewAtCurrentIndex(); + break; + } + [[fallthrough]]; + } + case Section::Header: { + if (size() > 0) { + m_currentSection = Section::Delegate; + viewAtCurrentIndex(); + break; + } + [[fallthrough]]; + } + case Section::Delegate: + if (m_delegateIndex < (size() - 1)) { + setDelegateIndex(m_delegateIndex + 1); + viewAtCurrentIndex(); + break; + } else if (hasFooter()) { + m_currentSection = Section::Footer; + viewAtCurrentIndex(); + break; + } + [[fallthrough]]; + case Section::Footer: { + m_isReturnNeeded = true; + m_currentSection = Section::Default; + viewAtCurrentIndex(); + break; + } + default: { + qCritical() << "Current section is invalid!"; + break; + } + } +} + +void ListViewFocusController::previousDelegate() +{ + switch (m_currentSection) { + case Section::Default: { + if (hasFooter()) { + m_currentSection = Section::Footer; + break; + } + [[fallthrough]]; + } + case Section::Footer: { + if (size() > 0) { + m_currentSection = Section::Delegate; + setDelegateIndex(size() - 1); + break; + } + [[fallthrough]]; + } + case Section::Delegate: { + if (m_delegateIndex > 0) { + setDelegateIndex(m_delegateIndex - 1); + break; + } else if (hasHeader()) { + m_currentSection = Section::Header; + break; + } + [[fallthrough]]; + } + case Section::Header: { + m_isReturnNeeded = true; + m_currentSection = Section::Default; + break; + } + default: { + qCritical() << "Current section is invalid!"; + break; + } + } +} + +void ListViewFocusController::decrementIndex() +{ + m_delegateIndex--; +} + +QQuickItem *ListViewFocusController::itemAtIndex(const int index) const +{ + QQuickItem *item { nullptr }; + + QMetaObject::invokeMethod(m_listView, "itemAtIndex", Q_RETURN_ARG(QQuickItem *, item), Q_ARG(int, index)); + + return item; +} + +QQuickItem *ListViewFocusController::currentDelegate() const +{ + QQuickItem *result { nullptr }; + + switch (m_currentSection) { + case Section::Default: { + qWarning() << "No elements..."; + break; + } + case Section::Header: { + result = m_header; + break; + } + case Section::Delegate: { + result = itemAtIndex(m_delegateIndex); + break; + } + case Section::Footer: { + result = m_footer; + break; + } + } + return result; +} + +QQuickItem *ListViewFocusController::focusedItem() const +{ + return m_focusedItem; +} + +void ListViewFocusController::focusNextItem() +{ + if (m_isReturnNeeded) { + return; + } + + reloadFocusChain(); + + if (m_focusChain.empty()) { + qWarning() << "No elements found in the delegate. Going to next delegate..."; + nextDelegate(); + focusNextItem(); + return; + } + m_focusedItemIndex++; + m_focusedItem = qobject_cast(m_focusChain.at(m_focusedItemIndex)); + m_focusedItem->forceActiveFocus(Qt::TabFocusReason); +} + +void ListViewFocusController::focusPreviousItem() +{ + if (m_isReturnNeeded) { + return; + } + + if (m_focusChain.empty()) { + qInfo() << "Empty focusChain with current delegate: " << currentDelegate() << "Scanning for elements..."; + reloadFocusChain(); + } + if (m_focusChain.empty()) { + qWarning() << "No elements found in the delegate. Going to next delegate..."; + previousDelegate(); + focusPreviousItem(); + return; + } + if (m_focusedItemIndex == -1) { + m_focusedItemIndex = m_focusChain.size(); + } + m_focusedItemIndex--; + m_focusedItem = qobject_cast(m_focusChain.at(m_focusedItemIndex)); + m_focusedItem->forceActiveFocus(Qt::TabFocusReason); +} + +void ListViewFocusController::resetFocusChain() +{ + m_focusChain.clear(); + m_focusedItem = nullptr; + m_focusedItemIndex = -1; +} + +void ListViewFocusController::reloadFocusChain() +{ + m_focusChain = FocusControl::getItemsChain(currentDelegate()); +} + +bool ListViewFocusController::isFirstFocusItemInDelegate() const +{ + return m_focusedItem && (m_focusedItem == m_focusChain.first()); +} + +bool ListViewFocusController::isLastFocusItemInDelegate() const +{ + return m_focusedItem && (m_focusedItem == m_focusChain.last()); +} + +bool ListViewFocusController::hasHeader() const +{ + return m_header && !FocusControl::getItemsChain(m_header).isEmpty(); +} + +bool ListViewFocusController::hasFooter() const +{ + return m_footer && !FocusControl::getItemsChain(m_footer).isEmpty(); +} + +bool ListViewFocusController::isFirstFocusItemInListView() const +{ + switch (m_currentSection) { + case Section::Footer: { + return isFirstFocusItemInDelegate() && !hasHeader() && (size() == 0); + } + case Section::Delegate: { + return isFirstFocusItemInDelegate() && (m_delegateIndex == 0) && !hasHeader(); + } + case Section::Header: { + isFirstFocusItemInDelegate(); + } + case Section::Default: { + return true; + } + default: qWarning() << "Wrong section"; return true; + } +} + +bool ListViewFocusController::isLastFocusItemInListView() const +{ + switch (m_currentSection) { + case Section::Default: { + return !hasHeader() && (size() == 0) && !hasFooter(); + } + case Section::Header: { + return isLastFocusItemInDelegate() && (size() == 0) && !hasFooter(); + } + case Section::Delegate: { + return isLastFocusItemInDelegate() && (m_delegateIndex == size() - 1) && !hasFooter(); + } + case Section::Footer: { + return isLastFocusItemInDelegate(); + } + default: qWarning() << "Wrong section"; return true; + } +} + +bool ListViewFocusController::isReturnNeeded() const +{ + return m_isReturnNeeded; +} diff --git a/client/ui/controllers/listViewFocusController.h b/client/ui/controllers/listViewFocusController.h new file mode 100644 index 00000000..f6405716 --- /dev/null +++ b/client/ui/controllers/listViewFocusController.h @@ -0,0 +1,70 @@ +#ifndef LISTVIEWFOCUSCONTROLLER_H +#define LISTVIEWFOCUSCONTROLLER_H + +#include +#include +#include +#include +#include + +/*! + * \brief The ListViewFocusController class manages the focus of elements in ListView + * \details This class object moving focus to ListView's controls since ListView stores + * it's data implicitly and it could be got one by one. + * + * This class was made to store as less as possible data getting it from QML + * when it's needed. + */ +class ListViewFocusController : public QObject +{ + Q_OBJECT +public: + explicit ListViewFocusController(QQuickItem *listView, QObject *parent = nullptr); + ~ListViewFocusController(); + + void nextDelegate(); + void previousDelegate(); + void decrementIndex(); + void focusNextItem(); + void focusPreviousItem(); + void resetFocusChain(); + void reloadFocusChain(); + bool isFirstFocusItemInListView() const; + bool isFirstFocusItemInDelegate() const; + bool isLastFocusItemInListView() const; + bool isLastFocusItemInDelegate() const; + bool isReturnNeeded() const; + +private: + enum class Section { + Default, + Header, + Delegate, + Footer, + }; + + int size() const; + int currentIndex() const; + void setDelegateIndex(int index); + void viewAtCurrentIndex() const; + QQuickItem *itemAtIndex(const int index) const; + QQuickItem *currentDelegate() const; + QQuickItem *focusedItem() const; + + bool hasHeader() const; + bool hasFooter() const; + + QQuickItem *m_listView; + QList m_focusChain; + Section m_currentSection; + QQuickItem *m_header; + QQuickItem *m_footer; + QQuickItem *m_focusedItem; // Pointer to focused item on Delegate + qsizetype m_focusedItemIndex; + qsizetype m_delegateIndex; + bool m_isReturnNeeded; + + QList m_currentSectionString; +}; + +#endif // LISTVIEWFOCUSCONTROLLER_H diff --git a/client/ui/controllers/pageController.cpp b/client/ui/controllers/pageController.cpp index bbcc55a1..d515df49 100644 --- a/client/ui/controllers/pageController.cpp +++ b/client/ui/controllers/pageController.cpp @@ -81,7 +81,7 @@ void PageController::keyPressEvent(Qt::Key key) case Qt::Key_Escape: { if (m_drawerDepth) { emit closeTopDrawer(); - setDrawerDepth(getDrawerDepth() - 1); + decrementDrawerDepth(); } else { emit escapePressed(); } @@ -142,11 +142,25 @@ void PageController::setDrawerDepth(const int depth) } } -int PageController::getDrawerDepth() +int PageController::getDrawerDepth() const { return m_drawerDepth; } +int PageController::incrementDrawerDepth() +{ + return ++m_drawerDepth; +} + +int PageController::decrementDrawerDepth() +{ + if (m_drawerDepth == 0) { + return m_drawerDepth; + } else { + return --m_drawerDepth; + } +} + void PageController::onShowErrorMessage(ErrorCode errorCode) { const auto fullErrorMessage = errorString(errorCode); diff --git a/client/ui/controllers/pageController.h b/client/ui/controllers/pageController.h index f89d39a1..fc981091 100644 --- a/client/ui/controllers/pageController.h +++ b/client/ui/controllers/pageController.h @@ -31,7 +31,15 @@ namespace PageLoader PageSettingsLogging, PageSettingsSplitTunneling, PageSettingsAppSplitTunneling, - + PageSettingsKillSwitch, + PageSettingsApiServerInfo, + PageSettingsApiAvailableCountries, + PageSettingsApiSupport, + PageSettingsApiInstructions, + PageSettingsApiNativeConfigs, + PageSettingsApiDevices, + PageSettingsKillSwitchExceptions, + PageServiceSftpSettings, PageServiceTorWebsiteSettings, PageServiceDnsSettings, @@ -53,7 +61,7 @@ namespace PageLoader PageProtocolOpenVpnSettings, PageProtocolShadowSocksSettings, PageProtocolCloakSettings, - PageProtocolXraySettings, + PageProtocolXraySettings, PageProtocolWireGuardSettings, PageProtocolAwgSettings, PageProtocolIKev2Settings, @@ -100,9 +108,11 @@ public slots: void closeApplication(); void setDrawerDepth(const int depth); - int getDrawerDepth(); + int getDrawerDepth() const; + int incrementDrawerDepth(); + int decrementDrawerDepth(); - private slots: +private slots: void onShowErrorMessage(amnezia::ErrorCode errorCode); signals: @@ -135,9 +145,6 @@ signals: void escapePressed(); void closeTopDrawer(); - void forceTabBarActiveFocus(); - void forceStackActiveFocus(); - private: QSharedPointer m_serversModel; diff --git a/client/ui/controllers/settingsController.cpp b/client/ui/controllers/settingsController.cpp index c3945512..f8e97a1f 100644 --- a/client/ui/controllers/settingsController.cpp +++ b/client/ui/controllers/settingsController.cpp @@ -126,17 +126,19 @@ void SettingsController::clearLogs() void SettingsController::backupAppConfig(const QString &fileName) { - SystemController::saveFile(fileName, m_settings->backupAppConfig()); + QByteArray data = m_settings->backupAppConfig(); + QJsonDocument doc = QJsonDocument::fromJson(data); + QJsonObject config = doc.object(); + + config["Conf/autoStart"] = Autostart::isAutostart(); + + SystemController::saveFile(fileName, QJsonDocument(config).toJson()); } void SettingsController::restoreAppConfig(const QString &fileName) { - QFile file(fileName); - - file.open(QIODevice::ReadOnly); - - QByteArray data = file.readAll(); - + QByteArray data; + SystemController::readFile(fileName, data); restoreAppConfigFromData(data); } @@ -144,9 +146,30 @@ void SettingsController::restoreAppConfigFromData(const QByteArray &data) { bool ok = m_settings->restoreAppConfig(data); if (ok) { + QJsonObject newConfigData = QJsonDocument::fromJson(data).object(); + +#if defined(Q_OS_WINDOWS) || defined(Q_OS_LINUX) || defined(Q_OS_MACX) + bool autoStart = false; + if (newConfigData.contains("Conf/autoStart")) { + autoStart = newConfigData["Conf/autoStart"].toBool(); + } + toggleAutoStart(autoStart); +#endif m_serversModel->resetModel(); m_languageModel->changeLanguage( static_cast(m_languageModel->getCurrentLanguageIndex())); + +#if defined(Q_OS_WINDOWS) || defined(Q_OS_ANDROID) + int appSplitTunnelingRouteMode = newConfigData.value("Conf/appsRouteMode").toInt(); + bool appSplittunnelingEnabled = newConfigData.value("Conf/appsSplitTunnelingEnabled").toBool(); + m_appSplitTunnelingModel->setRouteMode(appSplitTunnelingRouteMode); + m_appSplitTunnelingModel->toggleSplitTunneling(appSplittunnelingEnabled); +#endif + int siteSplitTunnelingRouteMode = newConfigData.value("Conf/routeMode").toInt(); + bool siteSplittunnelingEnabled = newConfigData.value("Conf/sitesSplitTunnelingEnabled").toBool(); + m_sitesModel->setRouteMode(siteSplitTunnelingRouteMode); + m_sitesModel->toggleSplitTunneling(siteSplittunnelingEnabled); + emit restoreBackupFinished(); } else { emit changeSettingsErrorOccurred(tr("Backup file is corrupted")); @@ -171,6 +194,8 @@ void SettingsController::clearSettings() m_appSplitTunnelingModel->setRouteMode(Settings::AppsRouteMode::VpnAllExceptApps); m_appSplitTunnelingModel->toggleSplitTunneling(false); + toggleAutoStart(false); + emit changeSettingsFinished(tr("All settings have been reset to default values")); #ifdef Q_OS_IOS @@ -249,6 +274,23 @@ bool SettingsController::isKillSwitchEnabled() void SettingsController::toggleKillSwitch(bool enable) { m_settings->setKillSwitchEnabled(enable); + emit killSwitchEnabledChanged(); + if (enable == false) { + emit strictKillSwitchEnabledChanged(false); + } else { + emit strictKillSwitchEnabledChanged(isStrictKillSwitchEnabled()); + } +} + +bool SettingsController::isStrictKillSwitchEnabled() +{ + return m_settings->isStrictKillSwitchEnabled(); +} + +void SettingsController::toggleStrictKillSwitch(bool enable) +{ + m_settings->setStrictKillSwitchEnabled(enable); + emit strictKillSwitchEnabledChanged(enable); } bool SettingsController::isNotificationPermissionGranted() @@ -324,4 +366,15 @@ bool SettingsController::isOnTv() #else return false; #endif -} \ No newline at end of file +} + +bool SettingsController::isHomeAdLabelVisible() +{ + return m_settings->isHomeAdLabelVisible(); +} + +void SettingsController::disableHomeAdLabel() +{ + m_settings->disableHomeAdLabel(); + emit isHomeAdLabelVisibleChanged(false); +} diff --git a/client/ui/controllers/settingsController.h b/client/ui/controllers/settingsController.h index efc18a7d..1485e1a0 100644 --- a/client/ui/controllers/settingsController.h +++ b/client/ui/controllers/settingsController.h @@ -24,11 +24,15 @@ public: Q_PROPERTY(QString secondaryDns READ getSecondaryDns WRITE setSecondaryDns NOTIFY secondaryDnsChanged) Q_PROPERTY(bool isLoggingEnabled READ isLoggingEnabled WRITE toggleLogging NOTIFY loggingStateChanged) Q_PROPERTY(bool isNotificationPermissionGranted READ isNotificationPermissionGranted NOTIFY onNotificationStateChanged) + Q_PROPERTY(bool isKillSwitchEnabled READ isKillSwitchEnabled WRITE toggleKillSwitch NOTIFY killSwitchEnabledChanged) + Q_PROPERTY(bool strictKillSwitchEnabled READ isStrictKillSwitchEnabled WRITE toggleStrictKillSwitch NOTIFY strictKillSwitchEnabledChanged) Q_PROPERTY(bool isDevModeEnabled READ isDevModeEnabled NOTIFY devModeEnabled) Q_PROPERTY(QString gatewayEndpoint READ getGatewayEndpoint WRITE setGatewayEndpoint NOTIFY gatewayEndpointChanged) Q_PROPERTY(bool isDevGatewayEnv READ isDevGatewayEnv WRITE toggleDevGatewayEnv NOTIFY devGatewayEnvChanged) + Q_PROPERTY(bool isHomeAdLabelVisible READ isHomeAdLabelVisible NOTIFY isHomeAdLabelVisibleChanged) + public slots: void toggleAmneziaDns(bool enable); bool isAmneziaDnsEnabled(); @@ -73,6 +77,9 @@ public slots: bool isKillSwitchEnabled(); void toggleKillSwitch(bool enable); + bool isStrictKillSwitchEnabled(); + void toggleStrictKillSwitch(bool enable); + bool isNotificationPermissionGranted(); void requestNotificationPermission(); @@ -89,10 +96,15 @@ public slots: bool isOnTv(); + bool isHomeAdLabelVisible(); + void disableHomeAdLabel(); + signals: void primaryDnsChanged(); void secondaryDnsChanged(); void loggingStateChanged(); + void killSwitchEnabledChanged(); + void strictKillSwitchEnabledChanged(bool enabled); void restoreBackupFinished(); void changeSettingsFinished(const QString &finishedMessage); @@ -112,6 +124,8 @@ signals: void gatewayEndpointChanged(const QString &endpoint); void devGatewayEnvChanged(bool enabled); + void isHomeAdLabelVisibleChanged(bool visible); + private: QSharedPointer m_serversModel; QSharedPointer m_containersModel; diff --git a/client/ui/controllers/sitesController.cpp b/client/ui/controllers/sitesController.cpp index d54dbdd2..d40be458 100644 --- a/client/ui/controllers/sitesController.cpp +++ b/client/ui/controllers/sitesController.cpp @@ -44,7 +44,6 @@ void SitesController::addSite(QString hostname) QMetaObject::invokeMethod(m_vpnConnection.get(), "addRoutes", Qt::QueuedConnection, Q_ARG(QStringList, QStringList() << hostname)); } - QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection); }; const auto &resolveCallback = [this, processSite](const QHostInfo &hostInfo) { @@ -75,21 +74,18 @@ void SitesController::removeSite(int index) QMetaObject::invokeMethod(m_vpnConnection.get(), "deleteRoutes", Qt::QueuedConnection, Q_ARG(QStringList, QStringList() << hostname)); - QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection); emit finished(tr("Site removed: %1").arg(hostname)); } void SitesController::importSites(const QString &fileName, bool replaceExisting) { - QFile file(fileName); - - if (!file.open(QIODevice::ReadOnly)) { + QByteArray jsonData; + if (!SystemController::readFile(fileName, jsonData)) { emit errorOccurred(tr("Can't open file: %1").arg(fileName)); return; } - QByteArray jsonData = file.readAll(); QJsonDocument jsonDocument = QJsonDocument::fromJson(jsonData); if (jsonDocument.isNull()) { emit errorOccurred(tr("Failed to parse JSON data from file: %1").arg(fileName)); @@ -126,7 +122,6 @@ void SitesController::importSites(const QString &fileName, bool replaceExisting) m_sitesModel->addSites(sites, replaceExisting); QMetaObject::invokeMethod(m_vpnConnection.get(), "addRoutes", Qt::QueuedConnection, Q_ARG(QStringList, ips)); - QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection); emit finished(tr("Import completed")); } diff --git a/client/ui/controllers/systemController.cpp b/client/ui/controllers/systemController.cpp index 4598bff1..52ca1294 100644 --- a/client/ui/controllers/systemController.cpp +++ b/client/ui/controllers/systemController.cpp @@ -24,7 +24,7 @@ SystemController::SystemController(const std::shared_ptr &settings, QO { } -void SystemController::saveFile(QString fileName, const QString &data) +void SystemController::saveFile(const QString &fileName, const QString &data) { #if defined Q_OS_ANDROID AndroidController::instance()->saveFile(fileName, data); @@ -62,6 +62,31 @@ void SystemController::saveFile(QString fileName, const QString &data) #endif } +bool SystemController::readFile(const QString &fileName, QByteArray &data) +{ +#ifdef Q_OS_ANDROID + int fd = AndroidController::instance()->getFd(fileName); + if (fd == -1) return false; + QFile file; + if(!file.open(fd, QIODevice::ReadOnly)) return false; + data = file.readAll(); + AndroidController::instance()->closeFd(); +#else + QFile file(fileName); + if (!file.open(QIODevice::ReadOnly)) return false; + data = file.readAll(); +#endif + return true; +} + +bool SystemController::readFile(const QString &fileName, QString &data) +{ + QByteArray byteArray; + if(!readFile(fileName, byteArray)) return false; + data = byteArray; + return true; +} + QString SystemController::getFileName(const QString &acceptLabel, const QString &nameFilter, const QString &selectedFile, const bool isSaveMode, const QString &defaultSuffix) { @@ -134,3 +159,10 @@ bool SystemController::isAuthenticated() return true; #endif } + +void SystemController::sendTouch(float x, float y) +{ +#ifdef Q_OS_ANDROID + AndroidController::instance()->sendTouch(x, y); +#endif +} diff --git a/client/ui/controllers/systemController.h b/client/ui/controllers/systemController.h index d2ee6f63..8cb3a0d1 100644 --- a/client/ui/controllers/systemController.h +++ b/client/ui/controllers/systemController.h @@ -11,7 +11,9 @@ class SystemController : public QObject public: explicit SystemController(const std::shared_ptr &setting, QObject *parent = nullptr); - static void saveFile(QString fileName, const QString &data); + static void saveFile(const QString &fileName, const QString &data); + static bool readFile(const QString &fileName, QByteArray &data); + static bool readFile(const QString &fileName, QString &data); public slots: QString getFileName(const QString &acceptLabel, const QString &nameFilter, const QString &selectedFile = "", @@ -20,6 +22,8 @@ public slots: void setQmlRoot(QObject *qmlRoot); bool isAuthenticated(); + void sendTouch(float x, float y); + signals: void fileDialogClosed(const bool isAccepted); diff --git a/client/ui/models/allowed_dns_model.cpp b/client/ui/models/allowed_dns_model.cpp new file mode 100644 index 00000000..e3c59945 --- /dev/null +++ b/client/ui/models/allowed_dns_model.cpp @@ -0,0 +1,86 @@ +#include "allowed_dns_model.h" + +AllowedDnsModel::AllowedDnsModel(std::shared_ptr settings, QObject *parent) + : QAbstractListModel(parent), m_settings(settings) +{ + fillDnsServers(); +} + +int AllowedDnsModel::rowCount(const QModelIndex &parent) const +{ + Q_UNUSED(parent) + return m_dnsServers.size(); +} + +QVariant AllowedDnsModel::data(const QModelIndex &index, int role) const +{ + if (!index.isValid() || index.row() < 0 || index.row() >= static_cast(rowCount())) + return QVariant(); + + switch (role) { + case IpRole: + return m_dnsServers.at(index.row()); + default: + return QVariant(); + } +} + +bool AllowedDnsModel::addDns(const QString &ip) +{ + if (m_dnsServers.contains(ip)) { + return false; + } + + beginInsertRows(QModelIndex(), rowCount(), rowCount()); + m_dnsServers.append(ip); + m_settings->setAllowedDnsServers(m_dnsServers); + endInsertRows(); + return true; +} + +void AllowedDnsModel::addDnsList(const QStringList &dnsServers, bool replaceExisting) +{ + beginResetModel(); + + if (replaceExisting) { + m_dnsServers.clear(); + } + + for (const QString &ip : dnsServers) { + if (!m_dnsServers.contains(ip)) { + m_dnsServers.append(ip); + } + } + + m_settings->setAllowedDnsServers(m_dnsServers); + endResetModel(); +} + +void AllowedDnsModel::removeDns(QModelIndex index) +{ + if (!index.isValid() || index.row() >= m_dnsServers.size()) { + return; + } + + beginRemoveRows(QModelIndex(), index.row(), index.row()); + m_dnsServers.removeAt(index.row()); + m_settings->setAllowedDnsServers(m_dnsServers); + endRemoveRows(); +} + +QStringList AllowedDnsModel::getCurrentDnsServers() +{ + return m_dnsServers; +} + +QHash AllowedDnsModel::roleNames() const +{ + QHash roles; + roles[IpRole] = "ip"; + return roles; +} + +void AllowedDnsModel::fillDnsServers() +{ + m_dnsServers = m_settings->allowedDnsServers(); +} diff --git a/client/ui/models/allowed_dns_model.h b/client/ui/models/allowed_dns_model.h new file mode 100644 index 00000000..fdefcc0e --- /dev/null +++ b/client/ui/models/allowed_dns_model.h @@ -0,0 +1,37 @@ +#ifndef ALLOWEDDNSMODEL_H +#define ALLOWEDDNSMODEL_H + +#include +#include "settings.h" + +class AllowedDnsModel : public QAbstractListModel +{ + Q_OBJECT + +public: + enum Roles { + IpRole = Qt::UserRole + 1 + }; + + explicit AllowedDnsModel(std::shared_ptr settings, QObject *parent = nullptr); + + int rowCount(const QModelIndex &parent = QModelIndex()) const override; + QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const override; + +public slots: + bool addDns(const QString &ip); + void addDnsList(const QStringList &dnsServers, bool replaceExisting); + void removeDns(QModelIndex index); + QStringList getCurrentDnsServers(); + +protected: + QHash roleNames() const override; + +private: + void fillDnsServers(); + + std::shared_ptr m_settings; + QStringList m_dnsServers; +}; + +#endif // ALLOWEDDNSMODEL_H diff --git a/client/ui/models/api/apiAccountInfoModel.cpp b/client/ui/models/api/apiAccountInfoModel.cpp new file mode 100644 index 00000000..bd3027a4 --- /dev/null +++ b/client/ui/models/api/apiAccountInfoModel.cpp @@ -0,0 +1,175 @@ +#include "apiAccountInfoModel.h" + +#include + +#include "core/api/apiUtils.h" +#include "logger.h" + +namespace +{ + Logger logger("AccountInfoModel"); +} + +ApiAccountInfoModel::ApiAccountInfoModel(QObject *parent) : QAbstractListModel(parent) +{ +} + +int ApiAccountInfoModel::rowCount(const QModelIndex &parent) const +{ + Q_UNUSED(parent) + return 1; +} + +QVariant ApiAccountInfoModel::data(const QModelIndex &index, int role) const +{ + if (!index.isValid() || index.row() < 0 || index.row() >= static_cast(rowCount())) + return QVariant(); + + switch (role) { + case SubscriptionStatusRole: { + if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) { + return tr("Active"); + } + + return apiUtils::isSubscriptionExpired(m_accountInfoData.subscriptionEndDate) ? tr("Inactive") : tr("Active"); + } + case EndDateRole: { + if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) { + return ""; + } + + return QDateTime::fromString(m_accountInfoData.subscriptionEndDate, Qt::ISODate).toLocalTime().toString("d MMM yyyy"); + } + case ConnectedDevicesRole: { + if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) { + return ""; + } + return tr("%1 out of %2").arg(m_accountInfoData.activeDeviceCount).arg(m_accountInfoData.maxDeviceCount); + } + case ServiceDescriptionRole: { + if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2) { + return tr("Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online " + "resources. " + "Speeds up to 200 Mbps"); + } else if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) { + return tr("Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and " + "more. YouTube is not included in the free plan."); + } else { + return ""; + } + } + case IsComponentVisibleRole: { + return m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2 + || m_accountInfoData.configType == apiDefs::ConfigType::ExternalPremium; + } + case HasExpiredWorkerRole: { + for (int i = 0; i < m_issuedConfigsInfo.size(); i++) { + QJsonObject issuedConfigObject = m_issuedConfigsInfo.at(i).toObject(); + + auto lastDownloaded = QDateTime::fromString(issuedConfigObject.value(apiDefs::key::lastDownloaded).toString()); + auto workerLastUpdated = QDateTime::fromString(issuedConfigObject.value(apiDefs::key::workerLastUpdated).toString()); + + if (lastDownloaded < workerLastUpdated) { + return true; + } + } + return false; + } + case IsProtocolSelectionSupportedRole: { + if (m_accountInfoData.supportedProtocols.size() > 1) { + return true; + } + return false; + } + } + + return QVariant(); +} + +void ApiAccountInfoModel::updateModel(const QJsonObject &accountInfoObject, const QJsonObject &serverConfig) +{ + beginResetModel(); + + AccountInfoData accountInfoData; + + m_availableCountries = accountInfoObject.value(apiDefs::key::availableCountries).toArray(); + m_issuedConfigsInfo = accountInfoObject.value(apiDefs::key::issuedConfigs).toArray(); + + accountInfoData.activeDeviceCount = accountInfoObject.value(apiDefs::key::activeDeviceCount).toInt(); + accountInfoData.maxDeviceCount = accountInfoObject.value(apiDefs::key::maxDeviceCount).toInt(); + accountInfoData.subscriptionEndDate = accountInfoObject.value(apiDefs::key::subscriptionEndDate).toString(); + + accountInfoData.configType = apiUtils::getConfigType(serverConfig); + + for (const auto &protocol : accountInfoObject.value(apiDefs::key::supportedProtocols).toArray()) { + accountInfoData.supportedProtocols.push_back(protocol.toString()); + } + + m_accountInfoData = accountInfoData; + + m_supportInfo = accountInfoObject.value(apiDefs::key::supportInfo).toObject(); + + endResetModel(); +} + +QVariant ApiAccountInfoModel::data(const QString &roleString) +{ + QModelIndex modelIndex = index(0); + auto roles = roleNames(); + for (auto it = roles.begin(); it != roles.end(); it++) { + if (QString(it.value()) == roleString) { + return data(modelIndex, it.key()); + } + } + + return {}; +} + +QJsonArray ApiAccountInfoModel::getAvailableCountries() +{ + return m_availableCountries; +} + +QJsonArray ApiAccountInfoModel::getIssuedConfigsInfo() +{ + return m_issuedConfigsInfo; +} + +QString ApiAccountInfoModel::getTelegramBotLink() +{ + return m_supportInfo.value(apiDefs::key::telegram).toString(); +} + +QString ApiAccountInfoModel::getEmailLink() +{ + return m_supportInfo.value(apiDefs::key::email).toString(); +} + +QString ApiAccountInfoModel::getBillingEmailLink() +{ + return m_supportInfo.value(apiDefs::key::billingEmail).toString(); +} + +QString ApiAccountInfoModel::getSiteLink() +{ + return m_supportInfo.value(apiDefs::key::websiteName).toString(); +} + +QString ApiAccountInfoModel::getFullSiteLink() +{ + return m_supportInfo.value(apiDefs::key::website).toString(); +} + +QHash ApiAccountInfoModel::roleNames() const +{ + QHash roles; + roles[SubscriptionStatusRole] = "subscriptionStatus"; + roles[EndDateRole] = "endDate"; + roles[ConnectedDevicesRole] = "connectedDevices"; + roles[ServiceDescriptionRole] = "serviceDescription"; + roles[IsComponentVisibleRole] = "isComponentVisible"; + roles[HasExpiredWorkerRole] = "hasExpiredWorker"; + roles[IsProtocolSelectionSupportedRole] = "isProtocolSelectionSupported"; + + return roles; +} diff --git a/client/ui/models/api/apiAccountInfoModel.h b/client/ui/models/api/apiAccountInfoModel.h new file mode 100644 index 00000000..f0203967 --- /dev/null +++ b/client/ui/models/api/apiAccountInfoModel.h @@ -0,0 +1,65 @@ +#ifndef APIACCOUNTINFOMODEL_H +#define APIACCOUNTINFOMODEL_H + +#include +#include +#include + +#include "core/api/apiDefs.h" + +class ApiAccountInfoModel : public QAbstractListModel +{ + Q_OBJECT + +public: + enum Roles { + SubscriptionStatusRole = Qt::UserRole + 1, + ConnectedDevicesRole, + ServiceDescriptionRole, + EndDateRole, + IsComponentVisibleRole, + HasExpiredWorkerRole, + IsProtocolSelectionSupportedRole + }; + + explicit ApiAccountInfoModel(QObject *parent = nullptr); + + int rowCount(const QModelIndex &parent = QModelIndex()) const override; + + QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const override; + +public slots: + void updateModel(const QJsonObject &accountInfoObject, const QJsonObject &serverConfig); + QVariant data(const QString &roleString); + + QJsonArray getAvailableCountries(); + QJsonArray getIssuedConfigsInfo(); + + QString getTelegramBotLink(); + QString getEmailLink(); + QString getBillingEmailLink(); + QString getSiteLink(); + QString getFullSiteLink(); + +protected: + QHash roleNames() const override; + +private: + struct AccountInfoData + { + QString subscriptionEndDate; + int activeDeviceCount; + int maxDeviceCount; + + apiDefs::ConfigType configType; + + QStringList supportedProtocols; + }; + + AccountInfoData m_accountInfoData; + QJsonArray m_availableCountries; + QJsonArray m_issuedConfigsInfo; + QJsonObject m_supportInfo; +}; + +#endif // APIACCOUNTINFOMODEL_H diff --git a/client/ui/models/api/apiCountryModel.cpp b/client/ui/models/api/apiCountryModel.cpp new file mode 100644 index 00000000..12f4658e --- /dev/null +++ b/client/ui/models/api/apiCountryModel.cpp @@ -0,0 +1,122 @@ +#include "apiCountryModel.h" + +#include + +#include "core/api/apiDefs.h" +#include "logger.h" + +namespace +{ + Logger logger("ApiCountryModel"); + + constexpr QLatin1String countryConfig("country_config"); +} + +ApiCountryModel::ApiCountryModel(QObject *parent) : QAbstractListModel(parent) +{ +} + +int ApiCountryModel::rowCount(const QModelIndex &parent) const +{ + Q_UNUSED(parent) + return m_countries.size(); +} + +QVariant ApiCountryModel::data(const QModelIndex &index, int role) const +{ + if (!index.isValid() || index.row() < 0 || index.row() >= static_cast(rowCount())) + return QVariant(); + + CountryInfo countryInfo = m_countries.at(index.row()); + IssuedConfigInfo issuedConfigInfo = m_issuedConfigs.value(countryInfo.countryCode); + bool isIssued = issuedConfigInfo.sourceType == countryConfig; + + switch (role) { + case CountryCodeRole: { + return countryInfo.countryCode; + } + case CountryNameRole: { + return countryInfo.countryName; + } + case CountryImageCodeRole: { + return countryInfo.countryCode.toUpper(); + } + case IsIssuedRole: { + return isIssued; + } + case IsWorkerExpiredRole: { + return issuedConfigInfo.lastDownloaded < issuedConfigInfo.workerLastUpdated; + } + } + + return QVariant(); +} + +void ApiCountryModel::updateModel(const QJsonArray &countries, const QString ¤tCountryCode) +{ + beginResetModel(); + + m_countries.clear(); + for (int i = 0; i < countries.size(); i++) { + CountryInfo countryInfo; + QJsonObject countryObject = countries.at(i).toObject(); + + countryInfo.countryName = countryObject.value(apiDefs::key::serverCountryName).toString(); + countryInfo.countryCode = countryObject.value(apiDefs::key::serverCountryCode).toString(); + + if (countryInfo.countryCode == currentCountryCode) { + m_currentIndex = i; + emit currentIndexChanged(m_currentIndex); + } + m_countries.push_back(countryInfo); + } + + endResetModel(); +} + +void ApiCountryModel::updateIssuedConfigsInfo(const QJsonArray &issuedConfigs) +{ + beginResetModel(); + + m_issuedConfigs.clear(); + for (int i = 0; i < issuedConfigs.size(); i++) { + IssuedConfigInfo issuedConfigInfo; + QJsonObject issuedConfigObject = issuedConfigs.at(i).toObject(); + + if (issuedConfigObject.value(apiDefs::key::sourceType).toString() != countryConfig) { + continue; + } + + issuedConfigInfo.installationUuid = issuedConfigObject.value(apiDefs::key::installationUuid).toString(); + issuedConfigInfo.workerLastUpdated = issuedConfigObject.value(apiDefs::key::workerLastUpdated).toString(); + issuedConfigInfo.lastDownloaded = issuedConfigObject.value(apiDefs::key::lastDownloaded).toString(); + issuedConfigInfo.sourceType = issuedConfigObject.value(apiDefs::key::sourceType).toString(); + issuedConfigInfo.osVersion = issuedConfigObject.value(apiDefs::key::osVersion).toString(); + + m_issuedConfigs.insert(issuedConfigObject.value(apiDefs::key::serverCountryCode).toString(), issuedConfigInfo); + } + + endResetModel(); +} + +int ApiCountryModel::getCurrentIndex() +{ + return m_currentIndex; +} + +void ApiCountryModel::setCurrentIndex(const int i) +{ + m_currentIndex = i; + emit currentIndexChanged(m_currentIndex); +} + +QHash ApiCountryModel::roleNames() const +{ + QHash roles; + roles[CountryNameRole] = "countryName"; + roles[CountryCodeRole] = "countryCode"; + roles[CountryImageCodeRole] = "countryImageCode"; + roles[IsIssuedRole] = "isIssued"; + roles[IsWorkerExpiredRole] = "isWorkerExpired"; + return roles; +} diff --git a/client/ui/models/apiCountryModel.h b/client/ui/models/api/apiCountryModel.h similarity index 57% rename from client/ui/models/apiCountryModel.h rename to client/ui/models/api/apiCountryModel.h index b9e243d0..08ac3685 100644 --- a/client/ui/models/apiCountryModel.h +++ b/client/ui/models/api/apiCountryModel.h @@ -2,6 +2,7 @@ #define APICOUNTRYMODEL_H #include +#include #include class ApiCountryModel : public QAbstractListModel @@ -12,7 +13,9 @@ public: enum Roles { CountryNameRole = Qt::UserRole + 1, CountryCodeRole, - CountryImageCodeRole + CountryImageCodeRole, + IsIssuedRole, + IsWorkerExpiredRole }; explicit ApiCountryModel(QObject *parent = nullptr); @@ -24,7 +27,8 @@ public: Q_PROPERTY(int currentIndex READ getCurrentIndex WRITE setCurrentIndex NOTIFY currentIndexChanged) public slots: - void updateModel(const QJsonArray &data, const QString ¤tCountryCode); + void updateModel(const QJsonArray &countries, const QString ¤tCountryCode); + void updateIssuedConfigsInfo(const QJsonArray &issuedConfigs); int getCurrentIndex(); void setCurrentIndex(const int i); @@ -36,7 +40,23 @@ protected: QHash roleNames() const override; private: - QJsonArray m_countries; + struct IssuedConfigInfo + { + QString installationUuid; + QString workerLastUpdated; + QString lastDownloaded; + QString sourceType; + QString osVersion; + }; + + struct CountryInfo + { + QString countryName; + QString countryCode; + }; + + QVector m_countries; + QHash m_issuedConfigs; int m_currentIndex; }; diff --git a/client/ui/models/api/apiDevicesModel.cpp b/client/ui/models/api/apiDevicesModel.cpp new file mode 100644 index 00000000..6c0d60d0 --- /dev/null +++ b/client/ui/models/api/apiDevicesModel.cpp @@ -0,0 +1,90 @@ +#include "apiDevicesModel.h" + +#include + +#include "core/api/apiDefs.h" +#include "logger.h" + +namespace +{ + Logger logger("ApiDevicesModel"); + + constexpr QLatin1String gatewayAccount("gateway_account"); +} + +ApiDevicesModel::ApiDevicesModel(std::shared_ptr settings, QObject *parent) : m_settings(settings), QAbstractListModel(parent) +{ +} + +int ApiDevicesModel::rowCount(const QModelIndex &parent) const +{ + Q_UNUSED(parent) + return m_issuedConfigs.size(); +} + +QVariant ApiDevicesModel::data(const QModelIndex &index, int role) const +{ + if (!index.isValid() || index.row() < 0 || index.row() >= static_cast(rowCount())) + return QVariant(); + + IssuedConfigInfo issuedConfigInfo = m_issuedConfigs.at(index.row()); + + switch (role) { + case OsVersionRole: { + return issuedConfigInfo.osVersion; + } + case SupportTagRole: { + return issuedConfigInfo.installationUuid; + } + case CountryCodeRole: { + return issuedConfigInfo.countryCode; + } + case LastUpdateRole: { + return QDateTime::fromString(issuedConfigInfo.lastDownloaded, Qt::ISODate).toLocalTime().toString("d MMM yyyy"); + } + case IsCurrentDeviceRole: { + return issuedConfigInfo.installationUuid == m_settings->getInstallationUuid(false); + } + } + + return QVariant(); +} + +void ApiDevicesModel::updateModel(const QJsonArray &issuedConfigs) +{ + beginResetModel(); + + m_issuedConfigs.clear(); + for (int i = 0; i < issuedConfigs.size(); i++) { + IssuedConfigInfo issuedConfigInfo; + QJsonObject issuedConfigObject = issuedConfigs.at(i).toObject(); + + if (issuedConfigObject.value(apiDefs::key::sourceType).toString() != gatewayAccount) { + continue; + } + + issuedConfigInfo.installationUuid = issuedConfigObject.value(apiDefs::key::installationUuid).toString(); + issuedConfigInfo.workerLastUpdated = issuedConfigObject.value(apiDefs::key::workerLastUpdated).toString(); + issuedConfigInfo.lastDownloaded = issuedConfigObject.value(apiDefs::key::lastDownloaded).toString(); + issuedConfigInfo.sourceType = issuedConfigObject.value(apiDefs::key::sourceType).toString(); + issuedConfigInfo.osVersion = issuedConfigObject.value(apiDefs::key::osVersion).toString(); + + issuedConfigInfo.countryName = issuedConfigObject.value(apiDefs::key::serverCountryName).toString(); + issuedConfigInfo.countryCode = issuedConfigObject.value(apiDefs::key::serverCountryCode).toString(); + + m_issuedConfigs.push_back(issuedConfigInfo); + } + + endResetModel(); +} + +QHash ApiDevicesModel::roleNames() const +{ + QHash roles; + roles[OsVersionRole] = "osVersion"; + roles[SupportTagRole] = "supportTag"; + roles[CountryCodeRole] = "countryCode"; + roles[LastUpdateRole] = "lastUpdate"; + roles[IsCurrentDeviceRole] = "isCurrentDevice"; + return roles; +} diff --git a/client/ui/models/api/apiDevicesModel.h b/client/ui/models/api/apiDevicesModel.h new file mode 100644 index 00000000..e6a59dba --- /dev/null +++ b/client/ui/models/api/apiDevicesModel.h @@ -0,0 +1,52 @@ +#ifndef APIDEVICESMODEL_H +#define APIDEVICESMODEL_H + +#include +#include +#include + +#include "settings.h" + +class ApiDevicesModel : public QAbstractListModel +{ + Q_OBJECT + +public: + enum Roles { + OsVersionRole = Qt::UserRole + 1, + SupportTagRole, + CountryCodeRole, + LastUpdateRole, + IsCurrentDeviceRole + }; + + explicit ApiDevicesModel(std::shared_ptr settings, QObject *parent = nullptr); + + int rowCount(const QModelIndex &parent = QModelIndex()) const override; + + QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const override; + +public slots: + void updateModel(const QJsonArray &issuedConfigs); + +protected: + QHash roleNames() const override; + +private: + struct IssuedConfigInfo + { + QString installationUuid; + QString workerLastUpdated; + QString lastDownloaded; + QString sourceType; + QString osVersion; + + QString countryName; + QString countryCode; + }; + + QVector m_issuedConfigs; + + std::shared_ptr m_settings; +}; +#endif // APIDEVICESMODEL_H diff --git a/client/ui/models/apiServicesModel.cpp b/client/ui/models/api/apiServicesModel.cpp similarity index 83% rename from client/ui/models/apiServicesModel.cpp rename to client/ui/models/api/apiServicesModel.cpp index 81a10f87..b893096a 100644 --- a/client/ui/models/apiServicesModel.cpp +++ b/client/ui/models/api/apiServicesModel.cpp @@ -65,28 +65,29 @@ QVariant ApiServicesModel::data(const QModelIndex &index, int role) const case CardDescriptionRole: { auto speed = apiServiceData.serviceInfo.speed; if (serviceType == serviceType::amneziaPremium) { - return tr("Classic VPN for comfortable work, downloading large files and watching videos. " - "Works for any sites. Speed up to %1 MBit/s") + return tr("Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. " + "Access all websites and online resources. Speeds up to %1 Mbps.") .arg(speed); - } else if (serviceType == serviceType::amneziaFree){ - QString description = tr("VPN to access blocked sites in regions with high levels of Internet censorship. "); - if (isServiceAvailable) { - description += tr("

Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again."); + } else if (serviceType == serviceType::amneziaFree) { + QString description = tr("Amnezia Free provides unlimited, free access to a basic set of websites and apps, including Facebook, Instagram, Twitter (X), Discord, Telegram, and more. YouTube is not included in the free plan."); + if (!isServiceAvailable) { + description += tr("

Not available in your region. If you have VPN enabled, disable it, " + "return to the previous screen, and try again."); } return description; } } case ServiceDescriptionRole: { if (serviceType == serviceType::amneziaPremium) { - return tr("Amnezia Premium - A classic VPN for comfortable work, downloading large files, and watching videos in high resolution. " - "It works for all websites, even in countries with the highest level of internet censorship."); + return tr("Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. " + "Access all websites and online resources."); } else { - return tr("Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship"); + return tr("Amnezia Free provides unlimited, free access to a basic set of websites and apps, including Facebook, Instagram, Twitter (X), Discord, Telegram, and more. YouTube is not included in the free plan."); } } case IsServiceAvailableRole: { if (serviceType == serviceType::amneziaFree) { - if (isServiceAvailable) { + if (!isServiceAvailable) { return false; } } @@ -143,7 +144,8 @@ void ApiServicesModel::updateModel(const QJsonObject &data) m_selectedServiceIndex = 0; } else { for (const auto &service : services) { - m_services.push_back(getApiServicesData(service.toObject())); + auto serviceObject = service.toObject(); + m_services.push_back(getApiServicesData(serviceObject)); } } @@ -228,7 +230,7 @@ QHash ApiServicesModel::roleNames() const ApiServicesModel::ApiServicesData ApiServicesModel::getApiServicesData(const QJsonObject &data) { - auto serviceInfo = data.value(configKey::serviceInfo).toObject(); + auto serviceInfo = data.value(configKey::serviceInfo).toObject(); auto serviceType = data.value(configKey::serviceType).toString(); auto serviceProtocol = data.value(configKey::serviceProtocol).toString(); auto availableCountries = data.value(configKey::availableCountries).toArray(); @@ -245,9 +247,9 @@ ApiServicesModel::ApiServicesData ApiServicesModel::getApiServicesData(const QJs serviceData.type = serviceType; serviceData.protocol = serviceProtocol; - serviceData.storeEndpoint = serviceInfo.value(configKey::storeEndpoint).toString(); + serviceData.storeEndpoint = data.value(configKey::storeEndpoint).toString(); - if (serviceInfo.value(configKey::isAvailable).isBool()) { + if (data.value(configKey::isAvailable).isBool()) { serviceData.isServiceAvailable = data.value(configKey::isAvailable).toBool(); } else { serviceData.isServiceAvailable = true; diff --git a/client/ui/models/apiServicesModel.h b/client/ui/models/api/apiServicesModel.h similarity index 100% rename from client/ui/models/apiServicesModel.h rename to client/ui/models/api/apiServicesModel.h diff --git a/client/ui/models/apiCountryModel.cpp b/client/ui/models/apiCountryModel.cpp deleted file mode 100644 index 922a9d56..00000000 --- a/client/ui/models/apiCountryModel.cpp +++ /dev/null @@ -1,84 +0,0 @@ -#include "apiCountryModel.h" - -#include - -#include "logger.h" - -namespace -{ - Logger logger("ApiCountryModel"); - - namespace configKey - { - constexpr char serverCountryCode[] = "server_country_code"; - constexpr char serverCountryName[] = "server_country_name"; - } -} - -ApiCountryModel::ApiCountryModel(QObject *parent) : QAbstractListModel(parent) -{ -} - -int ApiCountryModel::rowCount(const QModelIndex &parent) const -{ - Q_UNUSED(parent) - return m_countries.size(); -} - -QVariant ApiCountryModel::data(const QModelIndex &index, int role) const -{ - if (!index.isValid() || index.row() < 0 || index.row() >= static_cast(rowCount())) - return QVariant(); - - QJsonObject countryInfo = m_countries.at(index.row()).toObject(); - - switch (role) { - case CountryCodeRole: { - return countryInfo.value(configKey::serverCountryCode).toString(); - } - case CountryNameRole: { - return countryInfo.value(configKey::serverCountryName).toString(); - } - case CountryImageCodeRole: { - return countryInfo.value(configKey::serverCountryCode).toString().toUpper(); - } - } - - return QVariant(); -} - -void ApiCountryModel::updateModel(const QJsonArray &data, const QString ¤tCountryCode) -{ - beginResetModel(); - - m_countries = data; - for (int i = 0; i < m_countries.size(); i++) { - if (m_countries.at(i).toObject().value(configKey::serverCountryCode).toString() == currentCountryCode) { - m_currentIndex = i; - emit currentIndexChanged(m_currentIndex); - break; - } - } - - endResetModel(); -} - -int ApiCountryModel::getCurrentIndex() -{ - return m_currentIndex; -} - -void ApiCountryModel::setCurrentIndex(const int i) -{ - m_currentIndex = i; - emit currentIndexChanged(m_currentIndex); -} - -QHash ApiCountryModel::roleNames() const -{ - QHash roles; - roles[CountryNameRole] = "countryName"; - roles[CountryCodeRole] = "countryCode"; - roles[CountryImageCodeRole] = "countryImageCode"; - return roles; -} diff --git a/client/ui/models/languageModel.cpp b/client/ui/models/languageModel.cpp index fe6f7a6c..09755e06 100644 --- a/client/ui/models/languageModel.cpp +++ b/client/ui/models/languageModel.cpp @@ -1,13 +1,11 @@ #include "languageModel.h" -LanguageModel::LanguageModel(std::shared_ptr settings, QObject *parent) - : m_settings(settings), QAbstractListModel(parent) +LanguageModel::LanguageModel(std::shared_ptr settings, QObject *parent) : m_settings(settings), QAbstractListModel(parent) { QMetaEnum metaEnum = QMetaEnum::fromType(); for (int i = 0; i < metaEnum.keyCount(); i++) { - m_availableLanguages.push_back( - LanguageModelData {getLocalLanguageName(static_cast(i)), - static_cast(i) }); + m_availableLanguages.push_back(LanguageModelData { getLocalLanguageName(static_cast(i)), + static_cast(i) }); } } @@ -50,8 +48,7 @@ QString LanguageModel::getLocalLanguageName(const LanguageSettings::AvailableLan case LanguageSettings::AvailableLanguageEnum::Burmese: strLanguage = "မြန်မာဘာသာ"; break; case LanguageSettings::AvailableLanguageEnum::Urdu: strLanguage = "اُرْدُوْ"; break; case LanguageSettings::AvailableLanguageEnum::Hindi: strLanguage = "हिन्दी"; break; - default: - break; + default: break; } return strLanguage; @@ -104,11 +101,12 @@ QString LanguageModel::getCurrentLanguageName() return m_availableLanguages[getCurrentLanguageIndex()].name; } -QString LanguageModel::getCurrentSiteUrl() +QString LanguageModel::getCurrentSiteUrl(const QString &path) { auto language = static_cast(getCurrentLanguageIndex()); switch (language) { - case LanguageSettings::AvailableLanguageEnum::Russian: return "https://storage.googleapis.com/kldscp/amnezia.org"; - default: return "https://amnezia.org"; + case LanguageSettings::AvailableLanguageEnum::Russian: + return "https://storage.googleapis.com/amnezia/amnezia.org" + (path.isEmpty() ? "" : (QString("?m-path=/%1").arg(path))); + default: return QString("https://amnezia.org") + (path.isEmpty() ? "" : (QString("/%1").arg(path))); } } diff --git a/client/ui/models/languageModel.h b/client/ui/models/languageModel.h index 2c80880a..d1a2e7d5 100644 --- a/client/ui/models/languageModel.h +++ b/client/ui/models/languageModel.h @@ -59,7 +59,7 @@ public slots: int getCurrentLanguageIndex(); int getLineHeightAppend(); QString getCurrentLanguageName(); - QString getCurrentSiteUrl(); + QString getCurrentSiteUrl(const QString &path = ""); signals: void updateTranslations(const QLocale &locale); diff --git a/client/ui/models/protocols/awgConfigModel.cpp b/client/ui/models/protocols/awgConfigModel.cpp index 3a245ebe..e14a3152 100644 --- a/client/ui/models/protocols/awgConfigModel.cpp +++ b/client/ui/models/protocols/awgConfigModel.cpp @@ -21,13 +21,24 @@ bool AwgConfigModel::setData(const QModelIndex &index, const QVariant &value, in } switch (role) { + case Roles::SubnetAddressRole: m_serverProtocolConfig.insert(config_key::subnet_address, value.toString()); break; case Roles::PortRole: m_serverProtocolConfig.insert(config_key::port, value.toString()); break; case Roles::ClientMtuRole: m_clientProtocolConfig.insert(config_key::mtu, value.toString()); break; case Roles::ClientJunkPacketCountRole: m_clientProtocolConfig.insert(config_key::junkPacketCount, value.toString()); break; case Roles::ClientJunkPacketMinSizeRole: m_clientProtocolConfig.insert(config_key::junkPacketMinSize, value.toString()); break; case Roles::ClientJunkPacketMaxSizeRole: m_clientProtocolConfig.insert(config_key::junkPacketMaxSize, value.toString()); break; - + case Roles::ClientSpecialJunk1Role: m_clientProtocolConfig.insert(config_key::specialJunk1, value.toString()); break; + case Roles::ClientSpecialJunk2Role: m_clientProtocolConfig.insert(config_key::specialJunk2, value.toString()); break; + case Roles::ClientSpecialJunk3Role: m_clientProtocolConfig.insert(config_key::specialJunk3, value.toString()); break; + case Roles::ClientSpecialJunk4Role: m_clientProtocolConfig.insert(config_key::specialJunk4, value.toString()); break; + case Roles::ClientSpecialJunk5Role: m_clientProtocolConfig.insert(config_key::specialJunk5, value.toString()); break; + case Roles::ClientControlledJunk1Role: m_clientProtocolConfig.insert(config_key::controlledJunk1, value.toString()); break; + case Roles::ClientControlledJunk2Role: m_clientProtocolConfig.insert(config_key::controlledJunk2, value.toString()); break; + case Roles::ClientControlledJunk3Role: m_clientProtocolConfig.insert(config_key::controlledJunk3, value.toString()); break; + case Roles::ClientSpecialHandshakeTimeoutRole: + m_clientProtocolConfig.insert(config_key::specialHandshakeTimeout, value.toString()); + break; case Roles::ServerJunkPacketCountRole: m_serverProtocolConfig.insert(config_key::junkPacketCount, value.toString()); break; case Roles::ServerJunkPacketMinSizeRole: m_serverProtocolConfig.insert(config_key::junkPacketMinSize, value.toString()); break; case Roles::ServerJunkPacketMaxSizeRole: m_serverProtocolConfig.insert(config_key::junkPacketMaxSize, value.toString()); break; @@ -35,6 +46,12 @@ bool AwgConfigModel::setData(const QModelIndex &index, const QVariant &value, in case Roles::ServerResponsePacketJunkSizeRole: m_serverProtocolConfig.insert(config_key::responsePacketJunkSize, value.toString()); break; + // case Roles::ServerCookieReplyPacketJunkSizeRole: + // m_serverProtocolConfig.insert(config_key::cookieReplyPacketJunkSize, value.toString()); + // break; + // case Roles::ServerTransportPacketJunkSizeRole: + // m_serverProtocolConfig.insert(config_key::transportPacketJunkSize, value.toString()); + // break; case Roles::ServerInitPacketMagicHeaderRole: m_serverProtocolConfig.insert(config_key::initPacketMagicHeader, value.toString()); break; case Roles::ServerResponsePacketMagicHeaderRole: m_serverProtocolConfig.insert(config_key::responsePacketMagicHeader, value.toString()); @@ -58,18 +75,30 @@ QVariant AwgConfigModel::data(const QModelIndex &index, int role) const } switch (role) { + case Roles::SubnetAddressRole: return m_serverProtocolConfig.value(config_key::subnet_address).toString(); case Roles::PortRole: return m_serverProtocolConfig.value(config_key::port).toString(); case Roles::ClientMtuRole: return m_clientProtocolConfig.value(config_key::mtu); case Roles::ClientJunkPacketCountRole: return m_clientProtocolConfig.value(config_key::junkPacketCount); case Roles::ClientJunkPacketMinSizeRole: return m_clientProtocolConfig.value(config_key::junkPacketMinSize); case Roles::ClientJunkPacketMaxSizeRole: return m_clientProtocolConfig.value(config_key::junkPacketMaxSize); + case Roles::ClientSpecialJunk1Role: return m_clientProtocolConfig.value(config_key::specialJunk1); + case Roles::ClientSpecialJunk2Role: return m_clientProtocolConfig.value(config_key::specialJunk2); + case Roles::ClientSpecialJunk3Role: return m_clientProtocolConfig.value(config_key::specialJunk3); + case Roles::ClientSpecialJunk4Role: return m_clientProtocolConfig.value(config_key::specialJunk4); + case Roles::ClientSpecialJunk5Role: return m_clientProtocolConfig.value(config_key::specialJunk5); + case Roles::ClientControlledJunk1Role: return m_clientProtocolConfig.value(config_key::controlledJunk1); + case Roles::ClientControlledJunk2Role: return m_clientProtocolConfig.value(config_key::controlledJunk2); + case Roles::ClientControlledJunk3Role: return m_clientProtocolConfig.value(config_key::controlledJunk3); + case Roles::ClientSpecialHandshakeTimeoutRole: return m_clientProtocolConfig.value(config_key::specialHandshakeTimeout); case Roles::ServerJunkPacketCountRole: return m_serverProtocolConfig.value(config_key::junkPacketCount); case Roles::ServerJunkPacketMinSizeRole: return m_serverProtocolConfig.value(config_key::junkPacketMinSize); case Roles::ServerJunkPacketMaxSizeRole: return m_serverProtocolConfig.value(config_key::junkPacketMaxSize); case Roles::ServerInitPacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::initPacketJunkSize); case Roles::ServerResponsePacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::responsePacketJunkSize); + // case Roles::ServerCookieReplyPacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::cookieReplyPacketJunkSize); + // case Roles::ServerTransportPacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::transportPacketJunkSize); case Roles::ServerInitPacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::initPacketMagicHeader); case Roles::ServerResponsePacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::responsePacketMagicHeader); case Roles::ServerUnderloadPacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::underloadPacketMagicHeader); @@ -92,6 +121,8 @@ void AwgConfigModel::updateModel(const QJsonObject &config) m_serverProtocolConfig.insert(config_key::transport_proto, serverProtocolConfig.value(config_key::transport_proto).toString(defaultTransportProto)); m_serverProtocolConfig[config_key::last_config] = serverProtocolConfig.value(config_key::last_config); + m_serverProtocolConfig[config_key::subnet_address] = + serverProtocolConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress); m_serverProtocolConfig[config_key::port] = serverProtocolConfig.value(config_key::port).toString(protocols::awg::defaultPort); m_serverProtocolConfig[config_key::junkPacketCount] = serverProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount); @@ -103,6 +134,10 @@ void AwgConfigModel::updateModel(const QJsonObject &config) serverProtocolConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize); m_serverProtocolConfig[config_key::responsePacketJunkSize] = serverProtocolConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize); + // m_serverProtocolConfig[config_key::cookieReplyPacketJunkSize] = + // serverProtocolConfig.value(config_key::cookieReplyPacketJunkSize).toString(protocols::awg::defaultCookieReplyPacketJunkSize); + // m_serverProtocolConfig[config_key::transportPacketJunkSize] = + // serverProtocolConfig.value(config_key::transportPacketJunkSize).toString(protocols::awg::defaultTransportPacketJunkSize); m_serverProtocolConfig[config_key::initPacketMagicHeader] = serverProtocolConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader); m_serverProtocolConfig[config_key::responsePacketMagicHeader] = @@ -121,6 +156,24 @@ void AwgConfigModel::updateModel(const QJsonObject &config) clientProtocolConfig.value(config_key::junkPacketMinSize).toString(m_serverProtocolConfig[config_key::junkPacketMinSize].toString()); m_clientProtocolConfig[config_key::junkPacketMaxSize] = clientProtocolConfig.value(config_key::junkPacketMaxSize).toString(m_serverProtocolConfig[config_key::junkPacketMaxSize].toString()); + m_clientProtocolConfig[config_key::specialJunk1] = + clientProtocolConfig.value(config_key::specialJunk1).toString(protocols::awg::defaultSpecialJunk1); + m_clientProtocolConfig[config_key::specialJunk2] = + clientProtocolConfig.value(config_key::specialJunk2).toString(protocols::awg::defaultSpecialJunk2); + m_clientProtocolConfig[config_key::specialJunk3] = + clientProtocolConfig.value(config_key::specialJunk3).toString(protocols::awg::defaultSpecialJunk3); + m_clientProtocolConfig[config_key::specialJunk4] = + clientProtocolConfig.value(config_key::specialJunk4).toString(protocols::awg::defaultSpecialJunk4); + m_clientProtocolConfig[config_key::specialJunk5] = + clientProtocolConfig.value(config_key::specialJunk5).toString(protocols::awg::defaultSpecialJunk5); + m_clientProtocolConfig[config_key::controlledJunk1] = + clientProtocolConfig.value(config_key::controlledJunk1).toString(protocols::awg::defaultControlledJunk1); + m_clientProtocolConfig[config_key::controlledJunk2] = + clientProtocolConfig.value(config_key::controlledJunk2).toString(protocols::awg::defaultControlledJunk2); + m_clientProtocolConfig[config_key::controlledJunk3] = + clientProtocolConfig.value(config_key::controlledJunk3).toString(protocols::awg::defaultControlledJunk3); + m_clientProtocolConfig[config_key::specialHandshakeTimeout] = + clientProtocolConfig.value(config_key::specialHandshakeTimeout).toString(protocols::awg::defaultSpecialHandshakeTimeout); endResetModel(); } @@ -138,6 +191,15 @@ QJsonObject AwgConfigModel::getConfig() jsonConfig[config_key::junkPacketCount] = m_clientProtocolConfig[config_key::junkPacketCount]; jsonConfig[config_key::junkPacketMinSize] = m_clientProtocolConfig[config_key::junkPacketMinSize]; jsonConfig[config_key::junkPacketMaxSize] = m_clientProtocolConfig[config_key::junkPacketMaxSize]; + jsonConfig[config_key::specialJunk1] = m_clientProtocolConfig[config_key::specialJunk1]; + jsonConfig[config_key::specialJunk2] = m_clientProtocolConfig[config_key::specialJunk2]; + jsonConfig[config_key::specialJunk3] = m_clientProtocolConfig[config_key::specialJunk3]; + jsonConfig[config_key::specialJunk4] = m_clientProtocolConfig[config_key::specialJunk4]; + jsonConfig[config_key::specialJunk5] = m_clientProtocolConfig[config_key::specialJunk5]; + jsonConfig[config_key::controlledJunk1] = m_clientProtocolConfig[config_key::controlledJunk1]; + jsonConfig[config_key::controlledJunk2] = m_clientProtocolConfig[config_key::controlledJunk2]; + jsonConfig[config_key::controlledJunk3] = m_clientProtocolConfig[config_key::controlledJunk3]; + jsonConfig[config_key::specialHandshakeTimeout] = m_clientProtocolConfig[config_key::specialHandshakeTimeout]; m_serverProtocolConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson()); } @@ -156,6 +218,17 @@ bool AwgConfigModel::isPacketSizeEqual(const int s1, const int s2) return (AwgConstant::messageInitiationSize + s1 == AwgConstant::messageResponseSize + s2); } +// bool AwgConfigModel::isPacketSizeEqual(const int s1, const int s2, const int s3, const int s4) +// { +// int initSize = AwgConstant::messageInitiationSize + s1; +// int responseSize = AwgConstant::messageResponseSize + s2; +// int cookieSize = AwgConstant::messageCookieReplySize + s3; +// int transportSize = AwgConstant::messageTransportSize + s4; + +// return (initSize == responseSize || initSize == cookieSize || initSize == transportSize || responseSize == cookieSize +// || responseSize == transportSize || cookieSize == transportSize); +// } + bool AwgConfigModel::isServerSettingsEqual() { const AwgConfig oldConfig(m_fullConfig.value(config_key::awg).toObject()); @@ -168,18 +241,31 @@ QHash AwgConfigModel::roleNames() const { QHash roles; + roles[SubnetAddressRole] = "subnetAddress"; roles[PortRole] = "port"; roles[ClientMtuRole] = "clientMtu"; roles[ClientJunkPacketCountRole] = "clientJunkPacketCount"; roles[ClientJunkPacketMinSizeRole] = "clientJunkPacketMinSize"; roles[ClientJunkPacketMaxSizeRole] = "clientJunkPacketMaxSize"; + roles[ClientSpecialJunk1Role] = "clientSpecialJunk1"; + roles[ClientSpecialJunk2Role] = "clientSpecialJunk2"; + roles[ClientSpecialJunk3Role] = "clientSpecialJunk3"; + roles[ClientSpecialJunk4Role] = "clientSpecialJunk4"; + roles[ClientSpecialJunk5Role] = "clientSpecialJunk5"; + roles[ClientControlledJunk1Role] = "clientControlledJunk1"; + roles[ClientControlledJunk2Role] = "clientControlledJunk2"; + roles[ClientControlledJunk3Role] = "clientControlledJunk3"; + roles[ClientSpecialHandshakeTimeoutRole] = "clientSpecialHandshakeTimeout"; roles[ServerJunkPacketCountRole] = "serverJunkPacketCount"; roles[ServerJunkPacketMinSizeRole] = "serverJunkPacketMinSize"; roles[ServerJunkPacketMaxSizeRole] = "serverJunkPacketMaxSize"; roles[ServerInitPacketJunkSizeRole] = "serverInitPacketJunkSize"; roles[ServerResponsePacketJunkSizeRole] = "serverResponsePacketJunkSize"; + roles[ServerCookieReplyPacketJunkSizeRole] = "serverCookieReplyPacketJunkSize"; + roles[ServerTransportPacketJunkSizeRole] = "serverTransportPacketJunkSize"; + roles[ServerInitPacketMagicHeaderRole] = "serverInitPacketMagicHeader"; roles[ServerResponsePacketMagicHeaderRole] = "serverResponsePacketMagicHeader"; roles[ServerUnderloadPacketMagicHeaderRole] = "serverUnderloadPacketMagicHeader"; @@ -196,7 +282,18 @@ AwgConfig::AwgConfig(const QJsonObject &serverProtocolConfig) clientJunkPacketCount = clientProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount); clientJunkPacketMinSize = clientProtocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize); clientJunkPacketMaxSize = clientProtocolConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize); + clientSpecialJunk1 = clientProtocolConfig.value(config_key::specialJunk1).toString(protocols::awg::defaultSpecialJunk1); + clientSpecialJunk2 = clientProtocolConfig.value(config_key::specialJunk2).toString(protocols::awg::defaultSpecialJunk2); + clientSpecialJunk3 = clientProtocolConfig.value(config_key::specialJunk3).toString(protocols::awg::defaultSpecialJunk3); + clientSpecialJunk4 = clientProtocolConfig.value(config_key::specialJunk4).toString(protocols::awg::defaultSpecialJunk4); + clientSpecialJunk5 = clientProtocolConfig.value(config_key::specialJunk5).toString(protocols::awg::defaultSpecialJunk5); + clientControlledJunk1 = clientProtocolConfig.value(config_key::controlledJunk1).toString(protocols::awg::defaultControlledJunk1); + clientControlledJunk2 = clientProtocolConfig.value(config_key::controlledJunk2).toString(protocols::awg::defaultControlledJunk2); + clientControlledJunk3 = clientProtocolConfig.value(config_key::controlledJunk3).toString(protocols::awg::defaultControlledJunk3); + clientSpecialHandshakeTimeout = + clientProtocolConfig.value(config_key::specialHandshakeTimeout).toString(protocols::awg::defaultSpecialHandshakeTimeout); + subnetAddress = serverProtocolConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress); port = serverProtocolConfig.value(config_key::port).toString(protocols::awg::defaultPort); serverJunkPacketCount = serverProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount); serverJunkPacketMinSize = serverProtocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize); @@ -204,6 +301,10 @@ AwgConfig::AwgConfig(const QJsonObject &serverProtocolConfig) serverInitPacketJunkSize = serverProtocolConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize); serverResponsePacketJunkSize = serverProtocolConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize); + // serverCookieReplyPacketJunkSize = + // serverProtocolConfig.value(config_key::cookieReplyPacketJunkSize).toString(protocols::awg::defaultCookieReplyPacketJunkSize); + // serverTransportPacketJunkSize = + // serverProtocolConfig.value(config_key::transportPacketJunkSize).toString(protocols::awg::defaultTransportPacketJunkSize); serverInitPacketMagicHeader = serverProtocolConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader); serverResponsePacketMagicHeader = @@ -216,9 +317,11 @@ AwgConfig::AwgConfig(const QJsonObject &serverProtocolConfig) bool AwgConfig::hasEqualServerSettings(const AwgConfig &other) const { - if (port != other.port || serverJunkPacketCount != other.serverJunkPacketCount + if (subnetAddress != other.subnetAddress || port != other.port || serverJunkPacketCount != other.serverJunkPacketCount || serverJunkPacketMinSize != other.serverJunkPacketMinSize || serverJunkPacketMaxSize != other.serverJunkPacketMaxSize || serverInitPacketJunkSize != other.serverInitPacketJunkSize || serverResponsePacketJunkSize != other.serverResponsePacketJunkSize + // || serverCookieReplyPacketJunkSize != other.serverCookieReplyPacketJunkSize + // || serverTransportPacketJunkSize != other.serverTransportPacketJunkSize || serverInitPacketMagicHeader != other.serverInitPacketMagicHeader || serverResponsePacketMagicHeader != other.serverResponsePacketMagicHeader || serverUnderloadPacketMagicHeader != other.serverUnderloadPacketMagicHeader @@ -231,7 +334,12 @@ bool AwgConfig::hasEqualServerSettings(const AwgConfig &other) const bool AwgConfig::hasEqualClientSettings(const AwgConfig &other) const { if (clientMtu != other.clientMtu || clientJunkPacketCount != other.clientJunkPacketCount - || clientJunkPacketMinSize != other.clientJunkPacketMinSize || clientJunkPacketMaxSize != other.clientJunkPacketMaxSize) { + || clientJunkPacketMinSize != other.clientJunkPacketMinSize || clientJunkPacketMaxSize != other.clientJunkPacketMaxSize + || clientSpecialJunk1 != other.clientSpecialJunk1 || clientSpecialJunk2 != other.clientSpecialJunk2 + || clientSpecialJunk3 != other.clientSpecialJunk3 || clientSpecialJunk4 != other.clientSpecialJunk4 + || clientSpecialJunk5 != other.clientSpecialJunk5 || clientControlledJunk1 != other.clientControlledJunk1 + || clientControlledJunk2 != other.clientControlledJunk2 || clientControlledJunk3 != other.clientControlledJunk3 + || clientSpecialHandshakeTimeout != other.clientSpecialHandshakeTimeout) { return false; } return true; diff --git a/client/ui/models/protocols/awgConfigModel.h b/client/ui/models/protocols/awgConfigModel.h index 06475bf5..0c2374fc 100644 --- a/client/ui/models/protocols/awgConfigModel.h +++ b/client/ui/models/protocols/awgConfigModel.h @@ -6,27 +6,42 @@ #include "containers/containers_defs.h" -namespace AwgConstant { +namespace AwgConstant +{ const int messageInitiationSize = 148; const int messageResponseSize = 92; + const int messageCookieReplySize = 64; + const int messageTransportSize = 32; } struct AwgConfig { AwgConfig(const QJsonObject &jsonConfig); + QString subnetAddress; QString port; QString clientMtu; QString clientJunkPacketCount; QString clientJunkPacketMinSize; QString clientJunkPacketMaxSize; + QString clientSpecialJunk1; + QString clientSpecialJunk2; + QString clientSpecialJunk3; + QString clientSpecialJunk4; + QString clientSpecialJunk5; + QString clientControlledJunk1; + QString clientControlledJunk2; + QString clientControlledJunk3; + QString clientSpecialHandshakeTimeout; QString serverJunkPacketCount; QString serverJunkPacketMinSize; QString serverJunkPacketMaxSize; QString serverInitPacketJunkSize; QString serverResponsePacketJunkSize; + QString serverCookieReplyPacketJunkSize; + QString serverTransportPacketJunkSize; QString serverInitPacketMagicHeader; QString serverResponsePacketMagicHeader; QString serverUnderloadPacketMagicHeader; @@ -34,7 +49,6 @@ struct AwgConfig bool hasEqualServerSettings(const AwgConfig &other) const; bool hasEqualClientSettings(const AwgConfig &other) const; - }; class AwgConfigModel : public QAbstractListModel @@ -43,22 +57,35 @@ class AwgConfigModel : public QAbstractListModel public: enum Roles { - PortRole = Qt::UserRole + 1, + SubnetAddressRole = Qt::UserRole + 1, + PortRole, ClientMtuRole, ClientJunkPacketCountRole, ClientJunkPacketMinSizeRole, ClientJunkPacketMaxSizeRole, + ClientSpecialJunk1Role, + ClientSpecialJunk2Role, + ClientSpecialJunk3Role, + ClientSpecialJunk4Role, + ClientSpecialJunk5Role, + ClientControlledJunk1Role, + ClientControlledJunk2Role, + ClientControlledJunk3Role, + ClientSpecialHandshakeTimeoutRole, ServerJunkPacketCountRole, ServerJunkPacketMinSizeRole, ServerJunkPacketMaxSizeRole, ServerInitPacketJunkSizeRole, ServerResponsePacketJunkSizeRole, + ServerCookieReplyPacketJunkSizeRole, + ServerTransportPacketJunkSizeRole, + ServerInitPacketMagicHeaderRole, ServerResponsePacketMagicHeaderRole, ServerUnderloadPacketMagicHeaderRole, - ServerTransportPacketMagicHeaderRole + ServerTransportPacketMagicHeaderRole, }; explicit AwgConfigModel(QObject *parent = nullptr); @@ -73,7 +100,7 @@ public slots: QJsonObject getConfig(); bool isHeadersEqual(const QString &h1, const QString &h2, const QString &h3, const QString &h4); - bool isPacketSizeEqual(const int s1, const int s2); + bool isPacketSizeEqual(const int s1, const int s2/*, const int s3, const int s4*/); bool isServerSettingsEqual(); diff --git a/client/ui/models/protocols/wireguardConfigModel.cpp b/client/ui/models/protocols/wireguardConfigModel.cpp index 555915de..1c8e1341 100644 --- a/client/ui/models/protocols/wireguardConfigModel.cpp +++ b/client/ui/models/protocols/wireguardConfigModel.cpp @@ -21,6 +21,7 @@ bool WireGuardConfigModel::setData(const QModelIndex &index, const QVariant &val } switch (role) { + case Roles::SubnetAddressRole: m_serverProtocolConfig.insert(config_key::subnet_address, value.toString()); break; case Roles::PortRole: m_serverProtocolConfig.insert(config_key::port, value.toString()); break; case Roles::ClientMtuRole: m_clientProtocolConfig.insert(config_key::mtu, value.toString()); break; } @@ -36,6 +37,7 @@ QVariant WireGuardConfigModel::data(const QModelIndex &index, int role) const } switch (role) { + case Roles::SubnetAddressRole: return m_serverProtocolConfig.value(config_key::subnet_address).toString(); case Roles::PortRole: return m_serverProtocolConfig.value(config_key::port).toString(); case Roles::ClientMtuRole: return m_clientProtocolConfig.value(config_key::mtu); } @@ -56,6 +58,7 @@ void WireGuardConfigModel::updateModel(const QJsonObject &config) m_serverProtocolConfig.insert(config_key::transport_proto, serverProtocolConfig.value(config_key::transport_proto).toString(defaultTransportProto)); m_serverProtocolConfig[config_key::last_config] = serverProtocolConfig.value(config_key::last_config); + m_serverProtocolConfig[config_key::subnet_address] = serverProtocolConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress); m_serverProtocolConfig[config_key::port] = serverProtocolConfig.value(config_key::port).toString(protocols::wireguard::defaultPort); auto lastConfig = m_serverProtocolConfig.value(config_key::last_config).toString(); @@ -96,6 +99,7 @@ QHash WireGuardConfigModel::roleNames() const { QHash roles; + roles[SubnetAddressRole] = "subnetAddress"; roles[PortRole] = "port"; roles[ClientMtuRole] = "clientMtu"; @@ -108,12 +112,13 @@ WgConfig::WgConfig(const QJsonObject &serverProtocolConfig) QJsonObject clientProtocolConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object(); clientMtu = clientProtocolConfig[config_key::mtu].toString(protocols::wireguard::defaultMtu); + subnetAddress = serverProtocolConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress); port = serverProtocolConfig.value(config_key::port).toString(protocols::wireguard::defaultPort); } bool WgConfig::hasEqualServerSettings(const WgConfig &other) const { - if (port != other.port) { + if (subnetAddress != other.subnetAddress || port != other.port) { return false; } return true; diff --git a/client/ui/models/protocols/wireguardConfigModel.h b/client/ui/models/protocols/wireguardConfigModel.h index a02bea5a..b1ce2d61 100644 --- a/client/ui/models/protocols/wireguardConfigModel.h +++ b/client/ui/models/protocols/wireguardConfigModel.h @@ -10,6 +10,7 @@ struct WgConfig { WgConfig(const QJsonObject &jsonConfig); + QString subnetAddress; QString port; QString clientMtu; @@ -24,7 +25,8 @@ class WireGuardConfigModel : public QAbstractListModel public: enum Roles { - PortRole = Qt::UserRole + 1, + SubnetAddressRole = Qt::UserRole + 1, + PortRole, ClientMtuRole }; diff --git a/client/ui/models/protocols/xrayConfigModel.cpp b/client/ui/models/protocols/xrayConfigModel.cpp index 84bbb2f7..3917b544 100644 --- a/client/ui/models/protocols/xrayConfigModel.cpp +++ b/client/ui/models/protocols/xrayConfigModel.cpp @@ -20,6 +20,7 @@ bool XrayConfigModel::setData(const QModelIndex &index, const QVariant &value, i switch (role) { case Roles::SiteRole: m_protocolConfig.insert(config_key::site, value.toString()); break; + case Roles::PortRole: m_protocolConfig.insert(config_key::port, value.toString()); break; } emit dataChanged(index, index, QList { role }); @@ -34,6 +35,7 @@ QVariant XrayConfigModel::data(const QModelIndex &index, int role) const switch (role) { case Roles::SiteRole: return m_protocolConfig.value(config_key::site).toString(protocols::xray::defaultSite); + case Roles::PortRole: return m_protocolConfig.value(config_key::port).toString(protocols::xray::defaultPort); } return QVariant(); @@ -67,6 +69,7 @@ QHash XrayConfigModel::roleNames() const QHash roles; roles[SiteRole] = "site"; + roles[PortRole] = "port"; return roles; } diff --git a/client/ui/models/protocols/xrayConfigModel.h b/client/ui/models/protocols/xrayConfigModel.h index cb57f858..41aac589 100644 --- a/client/ui/models/protocols/xrayConfigModel.h +++ b/client/ui/models/protocols/xrayConfigModel.h @@ -12,7 +12,8 @@ class XrayConfigModel : public QAbstractListModel public: enum Roles { - SiteRole + SiteRole, + PortRole }; explicit XrayConfigModel(QObject *parent = nullptr); diff --git a/client/ui/models/servers_model.cpp b/client/ui/models/servers_model.cpp index b72b10c3..22813312 100644 --- a/client/ui/models/servers_model.cpp +++ b/client/ui/models/servers_model.cpp @@ -1,13 +1,15 @@ #include "servers_model.h" +#include "core/api/apiDefs.h" #include "core/controllers/serverController.h" -#include "core/enums/apiEnums.h" #include "core/networkUtilities.h" #ifdef Q_OS_IOS #include #endif +#include "core/api/apiUtils.h" + namespace { namespace configKey @@ -66,6 +68,7 @@ bool ServersModel::setData(const QModelIndex &index, const QVariant &value, int } else { server.insert(config_key::description, value.toString()); } + server.insert(config_key::nameOverriddenByUser, true); m_settings->editServer(index.row(), server); m_servers.replace(index.row(), server); if (index.row() == m_defaultServerIndex) { @@ -132,10 +135,10 @@ QVariant ServersModel::data(const QModelIndex &index, int role) const return serverHasInstalledContainers(index.row()); } case IsServerFromTelegramApiRole: { - return server.value(config_key::configVersion).toInt() == ApiConfigSources::Telegram; + return server.value(config_key::configVersion).toInt() == apiDefs::ConfigSource::Telegram; } case IsServerFromGatewayApiRole: { - return server.value(config_key::configVersion).toInt() == ApiConfigSources::AmneziaGateway; + return server.value(config_key::configVersion).toInt() == apiDefs::ConfigSource::AmneziaGateway; } case ApiConfigRole: { return apiConfig; @@ -261,7 +264,7 @@ void ServersModel::setProcessedServerIndex(const int index) updateContainersModel(); if (data(index, IsServerFromGatewayApiRole).toBool()) { if (data(index, IsCountrySelectionAvailableRole).toBool()) { - emit updateApiLanguageModel(); + emit updateApiCountryModel(); } emit updateApiServicesModel(); } @@ -348,6 +351,25 @@ void ServersModel::removeServer() endResetModel(); } +void ServersModel::removeServer(const int serverIndex) +{ + beginResetModel(); + m_settings->removeServer(serverIndex); + m_servers = m_settings->serversArray(); + + if (m_settings->defaultServerIndex() == serverIndex) { + setDefaultServerIndex(0); + } else if (m_settings->defaultServerIndex() > serverIndex) { + setDefaultServerIndex(m_settings->defaultServerIndex() - 1); + } + + if (m_settings->serversCount() == 0) { + setDefaultServerIndex(-1); + } + setProcessedServerIndex(m_defaultServerIndex); + endResetModel(); +} + QHash ServersModel::roleNames() const { QHash roles; @@ -407,7 +429,7 @@ void ServersModel::updateDefaultServerContainersModel() emit defaultServerContainersUpdated(containers); } -QJsonObject ServersModel::getServerConfig(const int serverIndex) +QJsonObject ServersModel::getServerConfig(const int serverIndex) const { return m_servers.at(serverIndex).toObject(); } @@ -794,3 +816,8 @@ const QString ServersModel::getDefaultServerImagePathCollapsed() } return QString("qrc:/countriesFlags/images/flagKit/%1.svg").arg(countryCode.toUpper()); } + +bool ServersModel::processedServerIsPremium() const +{ + return apiUtils::isPremiumServer(getServerConfig(m_processedServerIndex)); +} diff --git a/client/ui/models/servers_model.h b/client/ui/models/servers_model.h index 78bc22cc..c36b6534 100644 --- a/client/ui/models/servers_model.h +++ b/client/ui/models/servers_model.h @@ -63,6 +63,9 @@ public: Q_PROPERTY(bool isDefaultServerFromApi READ isDefaultServerFromApi NOTIFY defaultServerIndexChanged) Q_PROPERTY(int processedIndex READ getProcessedServerIndex WRITE setProcessedServerIndex NOTIFY processedServerIndexChanged) + Q_PROPERTY(bool processedServerIsPremium READ processedServerIsPremium NOTIFY processedServerChanged) + + bool processedServerIsPremium() const; public slots: void setDefaultServerIndex(const int index); @@ -90,8 +93,9 @@ public slots: void addServer(const QJsonObject &server); void editServer(const QJsonObject &server, const int serverIndex); void removeServer(); + void removeServer(const int serverIndex); - QJsonObject getServerConfig(const int serverIndex); + QJsonObject getServerConfig(const int serverIndex) const; void reloadDefaultServerContainerConfig(); void updateContainerConfig(const int containerIndex, const QJsonObject config); @@ -140,7 +144,7 @@ signals: void defaultServerContainersUpdated(const QJsonArray &containers); void defaultServerDefaultContainerChanged(const int containerIndex); - void updateApiLanguageModel(); + void updateApiCountryModel(); void updateApiServicesModel(); private: diff --git a/client/ui/qml/Components/AdLabel.qml b/client/ui/qml/Components/AdLabel.qml new file mode 100644 index 00000000..3ef0fc69 --- /dev/null +++ b/client/ui/qml/Components/AdLabel.qml @@ -0,0 +1,73 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts +import QtQuick.Shapes +import Qt5Compat.GraphicalEffects + +import Style 1.0 + +import "../Config" +import "../Controls2" +import "../Controls2/TextTypes" + +Rectangle { + id: root + + property real contentHeight: ad.implicitHeight + ad.anchors.topMargin + ad.anchors.bottomMargin + + border.width: 1 + border.color: AmneziaStyle.color.goldenApricot + color: AmneziaStyle.color.transparent + radius: 13 + + visible: false + // visible: GC.isDesktop() && ServersModel.isDefaultServerFromApi + // && ServersModel.isDefaultServerDefaultContainerHasSplitTunneling && SettingsController.isHomeAdLabelVisible + + MouseArea { + anchors.fill: parent + cursorShape: Qt.PointingHandCursor + + onClicked: function() { + Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl("premium")) + } + } + + RowLayout { + id: ad + anchors.fill: parent + anchors.margins: 16 + + Image { + source: "qrc:/images/controls/amnezia.svg" + sourceSize: Qt.size(36, 36) + + layer { + effect: ColorOverlay { + color: AmneziaStyle.color.paleGray + } + } + } + + CaptionTextType { + Layout.fillWidth: true + Layout.rightMargin: 10 + Layout.leftMargin: 10 + + text: qsTr("Amnezia Premium - for access to all websites and online resources") + color: AmneziaStyle.color.pearlGray + + lineHeight: 18 + font.pixelSize: 15 + } + + ImageButtonType { + image: "qrc:/images/controls/close.svg" + imageColor: AmneziaStyle.color.paleGray + + onClicked: function() { + SettingsController.disableHomeAdLabel() + } + } + } +} diff --git a/client/ui/qml/Components/AddSitePanel.qml b/client/ui/qml/Components/AddSitePanel.qml new file mode 100644 index 00000000..18fdfa57 --- /dev/null +++ b/client/ui/qml/Components/AddSitePanel.qml @@ -0,0 +1,73 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import Style 1.0 +import "../Controls2" +import "../Controls2/TextTypes" + +Item { + id: root + + property bool enabled: true + property string placeholderText: "" + property alias textField: searchField.textField + + signal addClicked(string text) + signal moreClicked() + + implicitWidth: 360 + implicitHeight: 96 + + Rectangle { + id: background + anchors.fill: parent + color: "#0E0F12" + opacity: 0.85 + z: -1 + } + + RowLayout { + id: addSiteButton + + enabled: root.enabled + spacing: 2 + + anchors { + fill: parent + topMargin: 16 + leftMargin: 16 + rightMargin: 16 + bottomMargin: 24 + } + + TextFieldWithHeaderType { + id: searchField + + Layout.fillWidth: true + rightButtonClickedOnEnter: true + + textField.placeholderText: root.placeholderText + buttonImageSource: "qrc:/images/controls/plus.svg" + + clickedFunc: function() { + root.addClicked(textField.text) + textField.text = "" + } + } + + ImageButtonType { + id: addSiteButtonImage + implicitWidth: 56 + implicitHeight: 56 + + image: "qrc:/images/controls/more-vertical.svg" + imageColor: AmneziaStyle.color.paleGray + + onClicked: root.moreClicked() + + Keys.onReturnPressed: addSiteButtonImage.clicked() + Keys.onEnterPressed: addSiteButtonImage.clicked() + } + } +} diff --git a/client/ui/qml/Components/ApiPremV1MigrationDrawer.qml b/client/ui/qml/Components/ApiPremV1MigrationDrawer.qml new file mode 100644 index 00000000..21aa78a0 --- /dev/null +++ b/client/ui/qml/Components/ApiPremV1MigrationDrawer.qml @@ -0,0 +1,194 @@ +pragma ComponentBehavior: Bound + +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import QtCore + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +DrawerType2 { + id: root + + expandedHeight: parent.height * 0.9 + + Connections { + target: ApiPremV1MigrationController + + function onErrorOccurred(error, goToPageHome) { + PageController.showErrorMessage(error) + root.closeTriggered() + } + } + + expandedStateContent: Item { + implicitHeight: root.expandedHeight + + ListViewType { + id: listView + + anchors.fill: parent + + model: 1 // fake model to force the ListView to be created without a model + snapMode: ListView.NoSnap + + header: ColumnLayout { + width: listView.width + + Header2Type { + id: header + Layout.fillWidth: true + Layout.topMargin: 20 + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + headerText: qsTr("Switch to the new Amnezia Premium subscription") + } + } + + delegate: ColumnLayout { + width: listView.width + + anchors.left: parent.left + anchors.right: parent.right + anchors.leftMargin: 16 + anchors.rightMargin: 16 + + ParagraphTextType { + Layout.fillWidth: true + Layout.topMargin: 24 + Layout.bottomMargin: 24 + + horizontalAlignment: Text.AlignLeft + textFormat: Text.RichText + text: { + var str = qsTr("We'll preserve all remaining days of your current subscription and give you an extra month as a thank you. ") + str += qsTr("This new subscription type will be actively developed with more locations and features added regularly. Currently available:") + str += "

    " + str += qsTr("
  • 13 locations (with more coming soon)
    • ") + str += qsTr("
  • Easier switching between countries in the app
    • ") + str += qsTr("
  • Personal dashboard to manage your subscription
    • ") + str += "
" + str += qsTr("Old keys will be deactivated after switching.") + } + } + + TextFieldWithHeaderType { + id: emailLabel + Layout.fillWidth: true + + borderColor: AmneziaStyle.color.mutedGray + headerTextColor: AmneziaStyle.color.paleGray + + headerText: qsTr("Email") + textField.placeholderText: qsTr("mail@example.com") + + + textField.onFocusChanged: { + textField.text = textField.text.replace(/^\s+|\s+$/g, '') + } + + Connections { + target: ApiPremV1MigrationController + + function onNoSubscriptionToMigrate() { + emailLabel.errorText = qsTr("No old format subscriptions for a given email") + } + } + } + + CaptionTextType { + Layout.fillWidth: true + Layout.topMargin: 16 + + color: AmneziaStyle.color.mutedGray + + text: qsTr("Enter the email you used for your current subscription") + } + + ApiPremV1SubListDrawer { + id: apiPremV1SubListDrawer + parent: root + + anchors.fill: parent + } + + OtpCodeDrawer { + id: otpCodeDrawer + parent: root + + anchors.fill: parent + } + + BasicButtonType { + id: yesButton + Layout.fillWidth: true + Layout.topMargin: 32 + + text: qsTr("Continue") + + clickedFunc: function() { + PageController.showBusyIndicator(true) + ApiPremV1MigrationController.getSubscriptionList(emailLabel.textField.text) + PageController.showBusyIndicator(false) + } + } + + BasicButtonType { + id: noButton + Layout.fillWidth: true + + defaultColor: AmneziaStyle.color.transparent + hoveredColor: AmneziaStyle.color.translucentWhite + pressedColor: AmneziaStyle.color.sheerWhite + disabledColor: AmneziaStyle.color.mutedGray + textColor: AmneziaStyle.color.paleGray + borderWidth: 1 + + text: qsTr("Remind me later") + + clickedFunc: function() { + root.closeTriggered() + } + } + + BasicButtonType { + Layout.alignment: Qt.AlignHCenter + Layout.topMargin: 32 + Layout.bottomMargin: 32 + implicitHeight: 32 + + defaultColor: "transparent" + hoveredColor: AmneziaStyle.color.translucentWhite + pressedColor: AmneziaStyle.color.sheerWhite + textColor: AmneziaStyle.color.vibrantRed + + text: qsTr("Don't remind me again") + + clickedFunc: function() { + var headerText = qsTr("No more reminders? You can always switch to the new format in the server settings") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + ApiPremV1MigrationController.disablePremV1MigrationReminder() + root.closeTriggered() + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + } + } + } + } +} diff --git a/client/ui/qml/Components/ApiPremV1SubListDrawer.qml b/client/ui/qml/Components/ApiPremV1SubListDrawer.qml new file mode 100644 index 00000000..221b7a89 --- /dev/null +++ b/client/ui/qml/Components/ApiPremV1SubListDrawer.qml @@ -0,0 +1,89 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import Style 1.0 + +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" + +DrawerType2 { + id: root + + Connections { + target: ApiPremV1MigrationController + + function onSubscriptionsModelChanged() { + if (ApiPremV1MigrationController.subscriptionsModel.length > 1) { + root.openTriggered() + } else { + sendMigrationCode(0) + } + } + } + + function sendMigrationCode(index) { + PageController.showBusyIndicator(true) + ApiPremV1MigrationController.sendMigrationCode(index) + root.closeTriggered() + PageController.showBusyIndicator(false) + } + + expandedHeight: parent.height * 0.9 + + expandedStateContent: Item { + implicitHeight: root.expandedHeight + + ListViewType { + id: listView + + anchors.fill: parent + + model: ApiPremV1MigrationController.subscriptionsModel + + header: ColumnLayout { + width: listView.width + + Header2Type { + id: header + Layout.fillWidth: true + Layout.topMargin: 20 + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + headerText: qsTr("Choose Subscription") + } + } + + delegate: Item { + implicitWidth: listView.width + implicitHeight: delegateContent.implicitHeight + + ColumnLayout { + id: delegateContent + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + LabelWithButtonType { + id: server + Layout.fillWidth: true + + text: qsTr("Order ID: ") + modelData.id + + descriptionText: qsTr("Purchase Date: ") + Qt.formatDateTime(new Date(modelData.created_at), "dd.MM.yyyy hh:mm") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + sendMigrationCode(index) + } + } + + DividerType {} + } + } + } + } +} diff --git a/client/ui/qml/Components/AwgTextField.qml b/client/ui/qml/Components/AwgTextField.qml new file mode 100644 index 00000000..87b023d9 --- /dev/null +++ b/client/ui/qml/Components/AwgTextField.qml @@ -0,0 +1,15 @@ +pragma ComponentBehavior: Bound + +import QtQuick +import QtQuick.Layouts + +import "../Controls2" + +TextFieldWithHeaderType { + Layout.fillWidth: true + Layout.topMargin: 16 + + textField.validator: IntValidator { bottom: 0 } + + checkEmptyText: true +} diff --git a/client/ui/qml/Components/ConnectButton.qml b/client/ui/qml/Components/ConnectButton.qml index fa18703b..b90891a0 100644 --- a/client/ui/qml/Components/ConnectButton.qml +++ b/client/ui/qml/Components/ConnectButton.qml @@ -16,6 +16,32 @@ Button { property string connectedButtonColor: AmneziaStyle.color.goldenApricot property bool buttonActiveFocus: activeFocus && (Qt.platform.os !== "android" || SettingsController.isOnTv()) + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + implicitWidth: 190 implicitHeight: 190 diff --git a/client/ui/qml/Components/ConnectionTypeSelectionDrawer.qml b/client/ui/qml/Components/ConnectionTypeSelectionDrawer.qml index 23fe0d2a..c9124d81 100644 --- a/client/ui/qml/Components/ConnectionTypeSelectionDrawer.qml +++ b/client/ui/qml/Components/ConnectionTypeSelectionDrawer.qml @@ -14,7 +14,7 @@ DrawerType2 { width: parent.width height: parent.height - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { id: content anchors.top: parent.top @@ -26,14 +26,6 @@ DrawerType2 { root.expandedHeight = content.implicitHeight + 32 } - Connections { - target: root - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - Header2Type { Layout.fillWidth: true Layout.topMargin: 24 @@ -44,11 +36,6 @@ DrawerType2 { headerText: qsTr("Add new connection") } - Item { - id: focusItem - KeyNavigation.tab: ip.rightButton - } - LabelWithButtonType { id: ip Layout.fillWidth: true @@ -59,10 +46,8 @@ DrawerType2 { clickedFunction: function() { PageController.goToPage(PageEnum.PageSetupWizardCredentials) - root.close() + root.closeTriggered() } - - KeyNavigation.tab: qrCode.rightButton } DividerType {} @@ -76,10 +61,8 @@ DrawerType2 { clickedFunction: function() { PageController.goToPage(PageEnum.PageSetupWizardConfigSource) - root.close() + root.closeTriggered() } - - KeyNavigation.tab: focusItem } DividerType {} diff --git a/client/ui/qml/Components/HomeContainersListView.qml b/client/ui/qml/Components/HomeContainersListView.qml index b0e074d0..1cbdd82d 100644 --- a/client/ui/qml/Components/HomeContainersListView.qml +++ b/client/ui/qml/Components/HomeContainersListView.qml @@ -17,55 +17,16 @@ ListView { property var rootWidth property var selectedText - property bool a: true - width: rootWidth - height: menuContent.contentItem.height + anchors.top: parent.top + anchors.bottom: parent.bottom clip: true - interactive: false + snapMode: ListView.SnapToItem - property FlickableType parentFlickable - property var lastItemTabClicked + ScrollBar.vertical: ScrollBarType {} - property int currentFocusIndex: 0 - - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - this.currentFocusIndex = 0 - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } - } - - Keys.onTabPressed: { - if (currentFocusIndex < this.count - 1) { - currentFocusIndex += 1 - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } else { - currentFocusIndex = 0 - if (lastItemTabClicked && typeof lastItemTabClicked === "function") { - lastItemTabClicked() - } - } - } - - onVisibleChanged: { - if (visible) { - currentFocusIndex = 0 - focusItem.forceActiveFocus() - } - } - - Item { - id: focusItem - } - - onCurrentFocusIndexChanged: { - if (parentFlickable) { - parentFlickable.ensureVisible(this.itemAtIndex(currentFocusIndex)) - } - } + property bool isFocusable: true ButtonGroup { id: containersRadioButtonGroup @@ -75,12 +36,6 @@ ListView { implicitWidth: rootWidth implicitHeight: content.implicitHeight - onActiveFocusChanged: { - if (activeFocus) { - containerRadioButton.forceActiveFocus() - } - } - ColumnLayout { id: content @@ -111,13 +66,13 @@ ListView { } if (checked) { - containersDropDown.close() + containersDropDown.closeTriggered() ServersModel.setDefaultContainer(ServersModel.defaultIndex, proxyDefaultServerContainersModel.mapToSource(index)) } else { ContainersModel.setProcessedContainerIndex(proxyDefaultServerContainersModel.mapToSource(index)) InstallController.setShouldCreateServer(false) PageController.goToPage(PageEnum.PageSetupWizardProtocolSettings) - containersDropDown.close() + containersDropDown.closeTriggered() } } diff --git a/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml b/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml index 405d4eda..097274a4 100644 --- a/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml +++ b/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml @@ -16,7 +16,7 @@ DrawerType2 { anchors.fill: parent expandedHeight: parent.height * 0.9 - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { id: content anchors.top: parent.top @@ -24,14 +24,6 @@ DrawerType2 { anchors.right: parent.right spacing: 0 - Connections { - target: root - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - Header2Type { Layout.fillWidth: true Layout.topMargin: 24 @@ -43,11 +35,6 @@ DrawerType2 { descriptionText: qsTr("Allows you to connect to some sites or applications through a VPN connection and bypass others") } - Item { - id: focusItem - KeyNavigation.tab: splitTunnelingSwitch.visible ? splitTunnelingSwitch : siteBasedSplitTunnelingSwitch.rightButton - } - LabelWithButtonType { id: splitTunnelingSwitch Layout.fillWidth: true @@ -59,11 +46,9 @@ DrawerType2 { descriptionText: qsTr("Enabled \nCan't be disabled for current server") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: siteBasedSplitTunnelingSwitch.visible ? siteBasedSplitTunnelingSwitch.rightButton : focusItem - clickedFunction: function() { -// PageController.goToPage(PageEnum.PageSettingsSplitTunneling) -// root.close() + PageController.goToPage(PageEnum.PageSettingsSplitTunneling) + root.closeTriggered() } } @@ -80,13 +65,9 @@ DrawerType2 { descriptionText: enabled && SitesModel.isTunnelingEnabled ? qsTr("Enabled") : qsTr("Disabled") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: appSplitTunnelingSwitch.visible ? - appSplitTunnelingSwitch.rightButton : - focusItem - clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsSplitTunneling) - root.close() + root.closeTriggered() } } @@ -103,11 +84,9 @@ DrawerType2 { descriptionText: AppSplitTunnelingModel.isTunnelingEnabled ? qsTr("Enabled") : qsTr("Disabled") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: focusItem - clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsAppSplitTunneling) - root.close() + root.closeTriggered() } } diff --git a/client/ui/qml/Components/InstalledAppsDrawer.qml b/client/ui/qml/Components/InstalledAppsDrawer.qml index e5d10055..ce8ef837 100644 --- a/client/ui/qml/Components/InstalledAppsDrawer.qml +++ b/client/ui/qml/Components/InstalledAppsDrawer.qml @@ -26,7 +26,7 @@ DrawerType2 { id: installedAppsModel } - expandedContent: Item { + expandedStateContent: Item { id: container implicitHeight: expandedHeight @@ -43,7 +43,7 @@ DrawerType2 { BackButtonType { backButtonImage: "qrc:/images/controls/arrow-left.svg" backButtonFunction: function() { - root.close() + root.closeTriggered() } } @@ -69,6 +69,8 @@ DrawerType2 { clip: true interactive: true + property bool isFocusable: true + model: SortFilterProxyModel { id: proxyInstalledAppsModel sourceModel: installedAppsModel @@ -79,10 +81,7 @@ DrawerType2 { } } - ScrollBar.vertical: ScrollBar { - id: scrollBar - policy: ScrollBar.AlwaysOn - } + ScrollBar.vertical: ScrollBarType {} ButtonGroup { id: buttonGroup @@ -136,7 +135,7 @@ DrawerType2 { backgroundColor: AmneziaStyle.color.slateGray - textFieldPlaceholderText: qsTr("application name") + textField.placeholderText: qsTr("application name") } BasicButtonType { @@ -155,7 +154,7 @@ DrawerType2 { PageController.showBusyIndicator(true) AppSplitTunnelingController.addApps(installedAppsModel.getSelectedAppsInfo()) PageController.showBusyIndicator(false) - root.close() + root.closeTriggered() } } } diff --git a/client/ui/qml/Components/OtpCodeDrawer.qml b/client/ui/qml/Components/OtpCodeDrawer.qml new file mode 100644 index 00000000..e26982b9 --- /dev/null +++ b/client/ui/qml/Components/OtpCodeDrawer.qml @@ -0,0 +1,77 @@ +pragma ComponentBehavior: Bound + +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import Style 1.0 + +import "../Controls2" +import "../Controls2/TextTypes" + +import "../Config" + +DrawerType2 { + id: root + + Connections { + target: ApiPremV1MigrationController + + function onOtpSuccessfullySent() { + root.openTriggered() + } + } + + expandedHeight: parent.height * 0.6 + + expandedStateContent: Item { + implicitHeight: root.expandedHeight + + ColumnLayout { + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + anchors.leftMargin: 16 + anchors.rightMargin: 16 + spacing: 0 + + Header2Type { + id: header + Layout.fillWidth: true + Layout.topMargin: 20 + + headerText: qsTr("OTP code was sent to your email") + } + + TextFieldWithHeaderType { + id: otpFiled + + borderColor: AmneziaStyle.color.mutedGray + headerTextColor: AmneziaStyle.color.paleGray + + Layout.fillWidth: true + Layout.topMargin: 16 + headerText: qsTr("OTP Code") + textField.maximumLength: 30 + checkEmptyText: true + } + + BasicButtonType { + id: saveButton + + Layout.fillWidth: true + Layout.topMargin: 16 + + text: qsTr("Continue") + + clickedFunc: function() { + PageController.showBusyIndicator(true) + ApiPremV1MigrationController.migrate(otpFiled.textField.text) + PageController.showBusyIndicator(false) + root.closeTriggered() + } + } + } + } +} diff --git a/client/ui/qml/Components/QuestionDrawer.qml b/client/ui/qml/Components/QuestionDrawer.qml index a0e86dbc..ddf5cda4 100644 --- a/client/ui/qml/Components/QuestionDrawer.qml +++ b/client/ui/qml/Components/QuestionDrawer.qml @@ -1,3 +1,5 @@ +pragma ComponentBehavior: Bound + import QtQuick import QtQuick.Controls import QtQuick.Layouts @@ -20,7 +22,7 @@ DrawerType2 { property var yesButtonFunction property var noButtonFunction - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { id: content anchors.top: parent.top @@ -33,21 +35,13 @@ DrawerType2 { root.expandedHeight = content.implicitHeight + 32 } - Connections { - target: root - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - Header2TextType { Layout.fillWidth: true Layout.topMargin: 16 Layout.rightMargin: 16 Layout.leftMargin: 16 - text: headerText + text: root.headerText } ParagraphTextType { @@ -56,12 +50,7 @@ DrawerType2 { Layout.rightMargin: 16 Layout.leftMargin: 16 - text: descriptionText - } - - Item { - id: focusItem - KeyNavigation.tab: yesButton + text: root.descriptionText } BasicButtonType { @@ -71,15 +60,13 @@ DrawerType2 { Layout.rightMargin: 16 Layout.leftMargin: 16 - text: yesButtonText + text: root.yesButtonText clickedFunc: function() { - if (yesButtonFunction && typeof yesButtonFunction === "function") { - yesButtonFunction() + if (root.yesButtonFunction && typeof root.yesButtonFunction === "function") { + root.yesButtonFunction() } } - - KeyNavigation.tab: noButton } BasicButtonType { @@ -95,15 +82,15 @@ DrawerType2 { textColor: AmneziaStyle.color.paleGray borderWidth: 1 - text: noButtonText + visible: root.noButtonText !== "" + + text: root.noButtonText clickedFunc: function() { - if (noButtonFunction && typeof noButtonFunction === "function") { - noButtonFunction() + if (root.noButtonFunction && typeof root.noButtonFunction === "function") { + root.noButtonFunction() } } - - KeyNavigation.tab: focusItem } } } diff --git a/client/ui/qml/Components/RenameServerDrawer.qml b/client/ui/qml/Components/RenameServerDrawer.qml new file mode 100644 index 00000000..d65b9bba --- /dev/null +++ b/client/ui/qml/Components/RenameServerDrawer.qml @@ -0,0 +1,55 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import Style 1.0 + +import "../Controls2" +import "../Controls2/TextTypes" + +import "../Config" + +DrawerType2 { + property string serverNameText + + id: root + objectName: "serverNameEditDrawer" + + expandedStateContent: ColumnLayout { + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + anchors.topMargin: 32 + anchors.leftMargin: 16 + anchors.rightMargin: 16 + + TextFieldWithHeaderType { + id: serverName + + Layout.fillWidth: true + headerText: qsTr("Server name") + textField.text: root.serverNameText + textField.maximumLength: 30 + checkEmptyText: true + } + + BasicButtonType { + id: saveButton + + Layout.fillWidth: true + + text: qsTr("Save") + + clickedFunc: function() { + if (serverName.textField.text === "") { + return + } + + if (serverName.textField.text !== root.serverNameText) { + ServersModel.setProcessedServerData("name", serverName.textField.text); + } + root.closeTriggered() + } + } + } +} diff --git a/client/ui/qml/Components/SelectLanguageDrawer.qml b/client/ui/qml/Components/SelectLanguageDrawer.qml index 4d9d7f0e..2c026848 100644 --- a/client/ui/qml/Components/SelectLanguageDrawer.qml +++ b/client/ui/qml/Components/SelectLanguageDrawer.qml @@ -11,7 +11,7 @@ import "../Config" DrawerType2 { id: root - expandedContent: Item { + expandedStateContent: Item { id: container implicitHeight: root.height * 0.9 @@ -20,19 +20,6 @@ DrawerType2 { root.expandedHeight = container.implicitHeight } - Connections { - target: root - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -43,167 +30,148 @@ DrawerType2 { BackButtonType { id: backButton + + Layout.fillWidth: true + backButtonImage: "qrc:/images/controls/arrow-left.svg" - backButtonFunction: function() { root.close() } - KeyNavigation.tab: listView + backButtonFunction: function() { root.closeTriggered() } + } + + Header2Type { + id: header + + Layout.fillWidth: true + Layout.topMargin: 16 + Layout.rightMargin: 16 + Layout.leftMargin: 16 + + headerText: qsTr("Choose language") } } - FlickableType { + ListView { + id: listView + anchors.top: backButtonLayout.bottom anchors.left: parent.left anchors.right: parent.right anchors.bottom: parent.bottom - contentHeight: content.implicitHeight - ColumnLayout { - id: content + property bool isFocusable: true + property int selectedIndex: LanguageModel.currentLanguageIndex - anchors.fill: parent + clip: true + reuseItems: true - Header2Type { - id: header - Layout.fillWidth: true - Layout.topMargin: 16 - Layout.rightMargin: 16 - Layout.leftMargin: 16 + ScrollBar.vertical: ScrollBarType {} - headerText: qsTr("Choose language") - } + model: LanguageModel - ListView { - id: listView + ButtonGroup { + id: buttonGroup + } - Layout.fillWidth: true - height: listView.contentItem.height + delegate: Item { + implicitWidth: root.width + implicitHeight: delegateContent.implicitHeight - clip: true - interactive: false + ColumnLayout { + id: delegateContent - model: LanguageModel - currentIndex: LanguageModel.currentLanguageIndex + anchors.fill: parent - ButtonGroup { - id: buttonGroup - } + RadioButton { + id: radioButton - property int currentFocusIndex: 0 + implicitWidth: parent.width + implicitHeight: radioButtonContent.implicitHeight - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - this.currentFocusIndex = 0 - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } - } + hoverEnabled: true - Keys.onTabPressed: { - if (currentFocusIndex < this.count - 1) { - currentFocusIndex += 1 - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } else { - listViewFocusItem.forceActiveFocus() - focusItem.forceActiveFocus() - } - } + property bool isFocusable: true - Item { - id: listViewFocusItem Keys.onTabPressed: { - root.forceActiveFocus() + FocusController.nextKeyTabItem() } - } - onVisibleChanged: { - if (visible) { - listViewFocusItem.forceActiveFocus() - focusItem.forceActiveFocus() + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() } - } - delegate: Item { - implicitWidth: root.width - implicitHeight: delegateContent.implicitHeight + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } - onActiveFocusChanged: { - if (activeFocus) { - radioButton.forceActiveFocus() + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + indicator: Rectangle { + width: parent.width - 1 + height: parent.height + color: radioButton.hovered ? AmneziaStyle.color.slateGray : AmneziaStyle.color.onyxBlack + border.color: radioButton.focus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.transparent + border.width: radioButton.focus ? 1 : 0 + + Behavior on color { + PropertyAnimation { duration: 200 } + } + Behavior on border.color { + PropertyAnimation { duration: 200 } } } - ColumnLayout { - id: delegateContent - + RowLayout { + id: radioButtonContent anchors.fill: parent - RadioButton { - id: radioButton + anchors.rightMargin: 16 + anchors.leftMargin: 16 - implicitWidth: parent.width - implicitHeight: radioButtonContent.implicitHeight + spacing: 0 - hoverEnabled: true + z: 1 - indicator: Rectangle { - width: parent.width - 1 - height: parent.height - color: radioButton.hovered ? AmneziaStyle.color.slateGray : AmneziaStyle.color.onyxBlack - border.color: radioButton.focus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.transparent - border.width: radioButton.focus ? 1 : 0 + ParagraphTextType { + Layout.fillWidth: true + Layout.topMargin: 20 + Layout.bottomMargin: 20 - Behavior on color { - PropertyAnimation { duration: 200 } - } - Behavior on border.color { - PropertyAnimation { duration: 200 } - } - } + text: languageName + } - RowLayout { - id: radioButtonContent - anchors.fill: parent + Image { + source: "qrc:/images/controls/check.svg" + visible: radioButton.checked - anchors.rightMargin: 16 - anchors.leftMargin: 16 + width: 24 + height: 24 - spacing: 0 - - z: 1 - - ParagraphTextType { - Layout.fillWidth: true - Layout.topMargin: 20 - Layout.bottomMargin: 20 - - text: languageName - } - - Image { - source: "qrc:/images/controls/check.svg" - visible: radioButton.checked - - width: 24 - height: 24 - - Layout.rightMargin: 8 - } - } - - ButtonGroup.group: buttonGroup - checked: listView.currentIndex === index - - onClicked: { - listView.currentIndex = index - LanguageModel.changeLanguage(languageIndex) - root.close() - } + Layout.rightMargin: 8 } } - Keys.onEnterPressed: radioButton.clicked() - Keys.onReturnPressed: radioButton.clicked() + ButtonGroup.group: buttonGroup + checked: listView.selectedIndex === index + + onClicked: { + listView.selectedIndex = index + LanguageModel.changeLanguage(languageIndex) + root.closeTriggered() + } } } + + Keys.onEnterPressed: radioButton.clicked() + Keys.onReturnPressed: radioButton.clicked() } } } diff --git a/client/ui/qml/Components/ServersListView.qml b/client/ui/qml/Components/ServersListView.qml new file mode 100644 index 00000000..d0567a8c --- /dev/null +++ b/client/ui/qml/Components/ServersListView.qml @@ -0,0 +1,143 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import ProtocolEnum 1.0 +import ContainerProps 1.0 +import ContainersModelFilters 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" + +ListView { + id: root + + property int selectedIndex: ServersModel.defaultIndex + + anchors.top: serversMenuHeader.bottom + anchors.right: parent.right + anchors.left: parent.left + anchors.bottom: parent.bottom + anchors.topMargin: 16 + + model: ServersModel + + ScrollBar.vertical: ScrollBarType {} + + property bool isFocusable: true + + Connections { + target: ServersModel + function onDefaultServerIndexChanged(serverIndex) { + root.selectedIndex = serverIndex + } + } + + clip: true + reuseItems: true + + delegate: Item { + id: menuContentDelegate + objectName: "menuContentDelegate" + + property variant delegateData: model + property VerticalRadioButton serverRadioButtonProperty: serverRadioButton + + implicitWidth: root.width + implicitHeight: serverRadioButtonContent.implicitHeight + + ColumnLayout { + id: serverRadioButtonContent + objectName: "serverRadioButtonContent" + + anchors.fill: parent + anchors.rightMargin: 16 + anchors.leftMargin: 16 + + spacing: 0 + + RowLayout { + objectName: "serverRadioButtonRowLayout" + + Layout.fillWidth: true + + VerticalRadioButton { + id: serverRadioButton + objectName: "serverRadioButton" + + Layout.fillWidth: true + + text: name + descriptionText: serverDescription + + checked: index === root.selectedIndex + checkable: !ConnectionController.isConnected + + ButtonGroup.group: serversRadioButtonGroup + + onClicked: { + if (ConnectionController.isConnected) { + PageController.showNotificationMessage(qsTr("Unable change server while there is an active connection")) + return + } + + root.selectedIndex = index + + ServersModel.defaultIndex = index + } + + Keys.onEnterPressed: serverRadioButton.clicked() + Keys.onReturnPressed: serverRadioButton.clicked() + } + + ImageButtonType { + id: serverInfoButton + objectName: "serverInfoButton" + + image: "qrc:/images/controls/settings.svg" + imageColor: AmneziaStyle.color.paleGray + + implicitWidth: 56 + implicitHeight: 56 + + z: 1 + + onClicked: function() { + ServersModel.processedIndex = index + + if (ServersModel.getProcessedServerData("isServerFromGatewayApi")) { + if (ServersModel.getProcessedServerData("isCountrySelectionAvailable")) { + PageController.goToPage(PageEnum.PageSettingsApiAvailableCountries) + } else { + PageController.showBusyIndicator(true) + let result = ApiSettingsController.getAccountInfo(false) + PageController.showBusyIndicator(false) + if (!result) { + return + } + + PageController.goToPage(PageEnum.PageSettingsApiServerInfo) + } + } else { + PageController.goToPage(PageEnum.PageSettingsServerInfo) + } + + drawer.closeTriggered() + } + } + } + + DividerType { + Layout.fillWidth: true + Layout.leftMargin: 0 + Layout.rightMargin: 0 + } + } + } +} diff --git a/client/ui/qml/Components/SettingsContainersListView.qml b/client/ui/qml/Components/SettingsContainersListView.qml index 769e1abd..9e672130 100644 --- a/client/ui/qml/Components/SettingsContainersListView.qml +++ b/client/ui/qml/Components/SettingsContainersListView.qml @@ -20,47 +20,14 @@ ListView { height: root.contentItem.height clip: true - interactive: false + reuseItems: true - activeFocusOnTab: true - Keys.onTabPressed: { - if (currentIndex < this.count - 1) { - this.incrementCurrentIndex() - } else { - currentIndex = 0 - lastItemTabClickedSignal() - } - } - - onCurrentIndexChanged: { - if (visible) { - if (fl.contentHeight > fl.height) { - var item = this.currentItem - if (item.y < fl.height) { - fl.contentY = item.y - } else if (item.y + item.height > fl.contentY + fl.height) { - fl.contentY = item.y + item.height - fl.height - } - } - } - } - - onVisibleChanged: { - if (visible) { - this.currentIndex = 0 - } - } + property bool isFocusable: false delegate: Item { implicitWidth: root.width implicitHeight: delegateContent.implicitHeight - onActiveFocusChanged: { - if (activeFocus) { - containerRadioButton.rightButton.forceActiveFocus() - } - } - ColumnLayout { id: delegateContent diff --git a/client/ui/qml/Components/ShareConnectionDrawer.qml b/client/ui/qml/Components/ShareConnectionDrawer.qml index d2bf28ab..dd59180b 100644 --- a/client/ui/qml/Components/ShareConnectionDrawer.qml +++ b/client/ui/qml/Components/ShareConnectionDrawer.qml @@ -22,7 +22,9 @@ DrawerType2 { property string headerText property string configContentHeaderText - property string contentVisible + property string shareButtonText: qsTr("Share") + property string copyButtonText: qsTr("Copy") + property bool isSelfHostedConfig: true property string configExtension: ".vpn" property string configCaption: qsTr("Save AmneziaVPN config") @@ -36,17 +38,9 @@ DrawerType2 { configFileName = "amnezia_config" } - expandedContent: Item { + expandedStateContent: Item { implicitHeight: root.expandedHeight - Connections { - target: root - enabled: !GC.isMobile() - function onOpened() { - header.forceActiveFocus() - } - } - Header2Type { id: header anchors.top: parent.top @@ -57,37 +51,38 @@ DrawerType2 { anchors.rightMargin: 16 headerText: root.headerText - - KeyNavigation.tab: shareButton } - FlickableType { + ListView { + id: listView + anchors.top: header.bottom anchors.bottom: parent.bottom - contentHeight: content.height + 32 + anchors.left: parent.left + anchors.right: parent.right - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + ScrollBar.vertical: ScrollBarType {} - anchors.leftMargin: 16 - anchors.rightMargin: 16 + model: 1 - visible: root.contentVisible + clip: true + reuseItems: true + + header: ColumnLayout { + width: listView.width BasicButtonType { id: shareButton Layout.fillWidth: true Layout.topMargin: 16 + Layout.leftMargin: 16 + Layout.rightMargin: 16 - text: qsTr("Share") + text: root.shareButtonText leftImageSource: "qrc:/images/controls/share-2.svg" - KeyNavigation.tab: copyConfigTextButton - clickedFunc: function() { var fileName = "" if (GC.isMobile()) { @@ -111,6 +106,8 @@ DrawerType2 { id: copyConfigTextButton Layout.fillWidth: true Layout.topMargin: 8 + Layout.leftMargin: 16 + Layout.rightMargin: 16 defaultColor: AmneziaStyle.color.transparent hoveredColor: AmneziaStyle.color.translucentWhite @@ -119,19 +116,19 @@ DrawerType2 { textColor: AmneziaStyle.color.paleGray borderWidth: 1 - text: qsTr("Copy") + text: root.copyButtonText leftImageSource: "qrc:/images/controls/copy.svg" Keys.onReturnPressed: { copyConfigTextButton.clicked() } Keys.onEnterPressed: { copyConfigTextButton.clicked() } - - KeyNavigation.tab: copyNativeConfigStringButton.visible ? copyNativeConfigStringButton : showSettingsButton } BasicButtonType { id: copyNativeConfigStringButton Layout.fillWidth: true Layout.topMargin: 8 + Layout.leftMargin: 16 + Layout.rightMargin: 16 visible: false @@ -153,6 +150,10 @@ DrawerType2 { Layout.fillWidth: true Layout.topMargin: 24 + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + visible: root.isSelfHostedConfig defaultColor: AmneziaStyle.color.transparent hoveredColor: AmneziaStyle.color.translucentWhite @@ -164,10 +165,8 @@ DrawerType2 { text: qsTr("Show connection settings") clickedFunc: function() { - configContentDrawer.open() + configContentDrawer.openTriggered() } - - KeyNavigation.tab: header } DrawerType2 { @@ -178,30 +177,11 @@ DrawerType2 { anchors.fill: parent expandedHeight: parent.height * 0.9 - onClosed: { - if (!GC.isMobile()) { - header.forceActiveFocus() - } - } - - expandedContent: Item { + expandedStateContent: Item { id: configContentContainer implicitHeight: configContentDrawer.expandedHeight - Connections { - target: configContentDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - Connections { target: copyNativeConfigStringButton function onClicked() { @@ -231,9 +211,7 @@ DrawerType2 { anchors.right: parent.right anchors.topMargin: 16 - backButtonFunction: function() { configContentDrawer.close() } - - KeyNavigation.tab: focusItem + backButtonFunction: function() { configContentDrawer.closeTriggered() } } FlickableType { @@ -302,6 +280,12 @@ DrawerType2 { } } } + } + + delegate: ColumnLayout { + width: listView.width + + property bool isQrCodeVisible: root.isSelfHostedConfig ? ExportController.qrCodesCount > 0 : ApiConfigsController.qrCodesCount > 0 Rectangle { id: qrCodeContainer @@ -309,8 +293,10 @@ DrawerType2 { Layout.fillWidth: true Layout.preferredHeight: width Layout.topMargin: 20 + Layout.leftMargin: 16 + Layout.rightMargin: 16 - visible: ExportController.qrCodesCount > 0 + visible: isQrCodeVisible color: "white" @@ -318,20 +304,49 @@ DrawerType2 { anchors.fill: parent smooth: false - source: ExportController.qrCodesCount ? ExportController.qrCodes[0] : "" + source: root.isSelfHostedConfig ? (isQrCodeVisible ? ExportController.qrCodes[0] : "") : + (isQrCodeVisible ? ApiConfigsController.qrCodes[0] : "") + + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } Timer { property int index: 0 interval: 1000 - running: ExportController.qrCodesCount > 0 + running: isQrCodeVisible repeat: true onTriggered: { - if (ExportController.qrCodesCount > 0) { + if (isQrCodeVisible) { index++ - if (index >= ExportController.qrCodesCount) { + let qrCodesCount = root.isSelfHostedConfig ? ExportController.qrCodesCount : ApiConfigsController.qrCodesCount + if (index >= qrCodesCount) { index = 0 } - parent.source = ExportController.qrCodes[index] + + parent.source = root.isSelfHostedConfig ? ExportController.qrCodes[index] : ApiConfigsController.qrCodes[index] } } } @@ -346,8 +361,10 @@ DrawerType2 { Layout.fillWidth: true Layout.topMargin: 24 Layout.bottomMargin: 32 + Layout.leftMargin: 16 + Layout.rightMargin: 16 - visible: ExportController.qrCodesCount > 0 + visible: isQrCodeVisible horizontalAlignment: Text.AlignHCenter text: qsTr("To read the QR code in the Amnezia app, select \"Add server\" → \"I have data to connect\" → \"QR code, key or settings file\"") diff --git a/client/ui/qml/Components/TransportProtoSelector.qml b/client/ui/qml/Components/TransportProtoSelector.qml index e40dd4bb..323892fa 100644 --- a/client/ui/qml/Components/TransportProtoSelector.qml +++ b/client/ui/qml/Components/TransportProtoSelector.qml @@ -39,8 +39,6 @@ Rectangle { implicitWidth: (rootWidth - 32) / 2 text: "UDP" - KeyNavigation.tab: tcpButton - onClicked: { root.currentIndex = 0 } diff --git a/client/ui/qml/Controls2/BackButtonType.qml b/client/ui/qml/Controls2/BackButtonType.qml index 86fc86a2..40136ad5 100644 --- a/client/ui/qml/Controls2/BackButtonType.qml +++ b/client/ui/qml/Controls2/BackButtonType.qml @@ -4,7 +4,7 @@ import Qt5Compat.GraphicalEffects import Style 1.0 -Item { +FocusScope { id: root property string backButtonImage: "qrc:/images/controls/arrow-left.svg" @@ -15,12 +15,6 @@ Item { visible: backButtonImage !== "" - onActiveFocusChanged: { - if (activeFocus) { - backButton.forceActiveFocus() - } - } - RowLayout { id: content diff --git a/client/ui/qml/Controls2/BaseHeaderType.qml b/client/ui/qml/Controls2/BaseHeaderType.qml new file mode 100644 index 00000000..eb7fe36f --- /dev/null +++ b/client/ui/qml/Controls2/BaseHeaderType.qml @@ -0,0 +1,45 @@ +import QtQuick +import QtQuick.Layouts + +import Style 1.0 + +import "TextTypes" + +Item { + id: root + + property string headerText + property int headerTextMaximumLineCount: 2 + property int headerTextElide: Qt.ElideRight + property string descriptionText + property alias headerRow: headerRow + + implicitWidth: content.implicitWidth + implicitHeight: content.implicitHeight + + ColumnLayout { + id: content + anchors.fill: parent + + RowLayout { + id: headerRow + + Header1TextType { + id: header + Layout.fillWidth: true + text: root.headerText + maximumLineCount: root.headerTextMaximumLineCount + elide: root.headerTextElide + } + } + + ParagraphTextType { + id: description + Layout.topMargin: 16 + Layout.fillWidth: true + text: root.descriptionText + color: AmneziaStyle.color.mutedGray + visible: root.descriptionText !== "" + } + } +} diff --git a/client/ui/qml/Controls2/BasicButtonType.qml b/client/ui/qml/Controls2/BasicButtonType.qml index ef66e0e2..b60e96cf 100644 --- a/client/ui/qml/Controls2/BasicButtonType.qml +++ b/client/ui/qml/Controls2/BasicButtonType.qml @@ -35,10 +35,35 @@ Button { property alias buttonTextLabel: buttonText + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + implicitHeight: 56 hoverEnabled: true - focusPolicy: Qt.TabFocus onFocusChanged: { if (root.activeFocus) { @@ -150,7 +175,7 @@ Button { ButtonTextType { id: buttonText - color: textColor + color: root.textColor text: root.text visible: root.text === "" ? false : true diff --git a/client/ui/qml/Controls2/CardType.qml b/client/ui/qml/Controls2/CardType.qml index f584a8fc..8e689541 100644 --- a/client/ui/qml/Controls2/CardType.qml +++ b/client/ui/qml/Controls2/CardType.qml @@ -22,6 +22,7 @@ RadioButton { property string pressedBorderColor: AmneziaStyle.color.softGoldenApricot property string selectedBorderColor: AmneziaStyle.color.goldenApricot property string defaultBodredColor: AmneziaStyle.color.transparent + property string focusBorderColor: AmneziaStyle.color.paleGray property int borderWidth: 0 implicitWidth: content.implicitWidth @@ -29,6 +30,32 @@ RadioButton { hoverEnabled: true + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + indicator: Rectangle { anchors.fill: parent radius: 16 @@ -52,6 +79,8 @@ RadioButton { return pressedBorderColor } else if (root.checked) { return selectedBorderColor + } else if (root.activeFocus) { + return focusBorderColor } } return defaultBodredColor @@ -59,7 +88,7 @@ RadioButton { border.width: { if (root.enabled) { - if(root.checked) { + if(root.checked || root.activeFocus) { return 1 } return root.pressed ? 1 : 0 diff --git a/client/ui/qml/Controls2/CardWithIconsType.qml b/client/ui/qml/Controls2/CardWithIconsType.qml index 18a29b87..4277d735 100644 --- a/client/ui/qml/Controls2/CardWithIconsType.qml +++ b/client/ui/qml/Controls2/CardWithIconsType.qml @@ -25,10 +25,15 @@ Button { property real textOpacity: 1.0 + property alias focusItem: rightImage + + property FlickableType parentFlickable + hoverEnabled: true background: Rectangle { id: backgroundRect + anchors.fill: parent radius: 16 @@ -39,13 +44,31 @@ Button { } } + function ensureVisible(item) { + if (item.activeFocus) { + if (root.parentFlickable) { + root.parentFlickable.ensureVisible(root) + } + } + } + + onFocusChanged: { + ensureVisible(root) + } + + focusItem.onFocusChanged: { + root.ensureVisible(focusItem) + } + contentItem: Item { anchors.left: parent.left anchors.right: parent.right implicitHeight: content.implicitHeight + RowLayout { id: content + anchors.fill: parent Image { @@ -61,6 +84,7 @@ Button { } ColumnLayout { + ListItemTitleType { text: root.headerText visible: text !== "" @@ -123,6 +147,7 @@ Button { Rectangle { id: rightImageBackground + anchors.fill: parent radius: 12 color: "transparent" @@ -131,10 +156,9 @@ Button { PropertyAnimation { duration: 200 } } } + onClicked: { - if (clickedFunction && typeof clickedFunction === "function") { - clickedFunction() - } + root.clicked() } } } diff --git a/client/ui/qml/Controls2/DrawerType2.qml b/client/ui/qml/Controls2/DrawerType2.qml index c4b584c1..e67e36a1 100644 --- a/client/ui/qml/Controls2/DrawerType2.qml +++ b/client/ui/qml/Controls2/DrawerType2.qml @@ -9,17 +9,14 @@ import "TextTypes" Item { id: root - readonly property string drawerExpanded: "expanded" - readonly property string drawerCollapsed: "collapsed" + readonly property string drawerExpandedStateName: "expanded" + readonly property string drawerCollapsedStateName: "collapsed" - readonly property bool isOpened: drawerContent.state === root.drawerExpanded || (drawerContent.state === root.drawerCollapsed && dragArea.drag.active === true) - readonly property bool isClosed: drawerContent.state === root.drawerCollapsed && dragArea.drag.active === false + readonly property bool isOpened: isExpandedStateActive() || (isCollapsedStateActive() && (dragArea.drag.active === true)) + readonly property bool isClosed: isCollapsedStateActive() && (dragArea.drag.active === false) - readonly property bool isExpanded: drawerContent.state === root.drawerExpanded - readonly property bool isCollapsed: drawerContent.state === root.drawerCollapsed - - property Component collapsedContent - property Component expandedContent + property Component collapsedStateContent + property Component expandedStateContent property string defaultColor: AmneziaStyle.color.onyxBlack property string borderColor: AmneziaStyle.color.slateGray @@ -29,29 +26,41 @@ Item { property int depthIndex: 0 - signal entered - signal exited + signal cursorEntered + signal cursorExited signal pressed(bool pressed, bool entered) signal aboutToHide signal aboutToShow - signal close - signal open + signal closeTriggered + signal openTriggered signal closed signal opened + function isExpandedStateActive() { + return isStateActive(drawerExpandedStateName) + } + + function isCollapsedStateActive() { + return isStateActive(drawerCollapsedStateName) + } + + function isStateActive(stateName) { + return drawerContent.state === stateName + } + Connections { target: PageController function onCloseTopDrawer() { if (depthIndex === PageController.getDrawerDepth()) { - if (isCollapsed) { + if (isCollapsedStateActive()) { return } aboutToHide() - drawerContent.state = root.drawerCollapsed + drawerContent.state = root.drawerCollapsedStateName depthIndex = 0 closed() } @@ -61,30 +70,52 @@ Item { Connections { target: root - function onClose() { - if (isCollapsed) { + function onCloseTriggered() { + if (isCollapsedStateActive()) { return } aboutToHide() - drawerContent.state = root.drawerCollapsed - depthIndex = 0 - PageController.setDrawerDepth(PageController.getDrawerDepth() - 1) closed() } - function onOpen() { - if (isExpanded) { + function onClosed() { + drawerContent.state = root.drawerCollapsedStateName + + if (root.isCollapsedStateActive()) { + var initialPageNavigationBarColor = PageController.getInitialPageNavigationBarColor() + if (initialPageNavigationBarColor !== 0xFF1C1D21) { + PageController.updateNavigationBarColor(initialPageNavigationBarColor) + } + } + + depthIndex = 0 + PageController.decrementDrawerDepth() + FocusController.dropRootObject(root) + } + + function onOpenTriggered() { + if (root.isExpandedStateActive()) { return } - aboutToShow() + root.aboutToShow() - drawerContent.state = root.drawerExpanded - depthIndex = PageController.getDrawerDepth() + 1 - PageController.setDrawerDepth(depthIndex) - opened() + root.opened() + } + + function onOpened() { + drawerContent.state = root.drawerExpandedStateName + + if (isExpandedStateActive()) { + if (PageController.getInitialPageNavigationBarColor() !== 0xFF1C1D21) { + PageController.updateNavigationBarColor(0xFF1C1D21) + } + } + + depthIndex = PageController.incrementDrawerDepth() + FocusController.pushRootObject(root) } } @@ -92,7 +123,7 @@ Item { id: background anchors.fill: parent - color: root.isCollapsed ? AmneziaStyle.color.transparent : AmneziaStyle.color.translucentMidnightBlack + color: root.isCollapsedStateActive() ? AmneziaStyle.color.transparent : AmneziaStyle.color.translucentMidnightBlack Behavior on color { PropertyAnimation { duration: 200 } @@ -102,18 +133,17 @@ Item { MouseArea { id: emptyArea anchors.fill: parent - enabled: root.isExpanded - visible: enabled + onClicked: { - root.close() + root.closeTriggered() } } MouseArea { id: dragArea + objectName: "dragArea" anchors.fill: drawerContentBackground - cursorShape: root.isCollapsed ? Qt.PointingHandCursor : Qt.ArrowCursor hoverEnabled: true enabled: drawerContent.implicitHeight > 0 @@ -125,35 +155,36 @@ Item { /** If drag area is released at any point other than min or max y, transition to the other state */ onReleased: { - if (root.isCollapsed && drawerContent.y < dragArea.drag.maximumY) { - root.open() + if (isCollapsedStateActive() && drawerContent.y < dragArea.drag.maximumY) { + root.openTriggered() return } - if (root.isExpanded && drawerContent.y > dragArea.drag.minimumY) { - root.close() + if (isExpandedStateActive() && drawerContent.y > dragArea.drag.minimumY) { + root.closeTriggered() return } } onEntered: { - root.entered() + root.cursorEntered() } onExited: { - root.exited() + root.cursorExited() } onPressedChanged: { root.pressed(pressed, entered) } onClicked: { - if (root.isCollapsed) { - root.open() + if (isCollapsedStateActive()) { + root.openTriggered() } } } Rectangle { id: drawerContentBackground + objectName: "drawerContentBackground" anchors { left: drawerContent.left; right: drawerContent.right; top: drawerContent.top } height: root.height @@ -174,53 +205,80 @@ Item { Item { id: drawerContent + objectName: "drawerContent" Drag.active: dragArea.drag.active anchors.right: root.right anchors.left: root.left - y: root.height - drawerContent.height - state: root.drawerCollapsed - implicitHeight: root.isCollapsed ? collapsedHeight : expandedHeight - - onStateChanged: { - if (root.isCollapsed) { - var initialPageNavigationBarColor = PageController.getInitialPageNavigationBarColor() - if (initialPageNavigationBarColor !== 0xFF1C1D21) { - PageController.updateNavigationBarColor(initialPageNavigationBarColor) - } - return - } - if (root.isExpanded) { - if (PageController.getInitialPageNavigationBarColor() !== 0xFF1C1D21) { - PageController.updateNavigationBarColor(0xFF1C1D21) - } - return - } - } + state: root.drawerCollapsedStateName states: [ State { - name: root.drawerCollapsed + name: root.drawerCollapsedStateName PropertyChanges { target: drawerContent + implicitHeight: collapsedHeight y: root.height - root.collapsedHeight } + PropertyChanges { + target: background + color: AmneziaStyle.color.transparent + } + PropertyChanges { + target: dragArea + cursorShape: Qt.PointingHandCursor + } + PropertyChanges { + target: emptyArea + enabled: false + visible: false + } + PropertyChanges { + target: collapsedLoader + // visible: true + } + PropertyChanges { + target: expandedLoader + visible: false + + } }, State { - name: root.drawerExpanded + name: root.drawerExpandedStateName PropertyChanges { target: drawerContent + implicitHeight: expandedHeight y: dragArea.drag.minimumY - + } + PropertyChanges { + target: background + color: Qt.rgba(14/255, 14/255, 17/255, 0.8) + } + PropertyChanges { + target: dragArea + cursorShape: Qt.ArrowCursor + } + PropertyChanges { + target: emptyArea + enabled: true + visible: true + } + PropertyChanges { + target: collapsedLoader + // visible: false + } + PropertyChanges { + target: expandedLoader + visible: true } } ] transitions: [ Transition { - from: root.drawerCollapsed - to: root.drawerExpanded + from: root.drawerCollapsedStateName + to: root.drawerExpandedStateName PropertyAnimation { target: drawerContent properties: "y" @@ -228,8 +286,8 @@ Item { } }, Transition { - from: root.drawerExpanded - to: root.drawerCollapsed + from: root.drawerExpandedStateName + to: root.drawerCollapsedStateName PropertyAnimation { target: drawerContent properties: "y" @@ -241,7 +299,7 @@ Item { Loader { id: collapsedLoader - sourceComponent: root.collapsedContent + sourceComponent: root.collapsedStateContent anchors.right: parent.right anchors.left: parent.left @@ -250,8 +308,7 @@ Item { Loader { id: expandedLoader - visible: root.isExpanded - sourceComponent: root.expandedContent + sourceComponent: root.expandedStateContent anchors.right: parent.right anchors.left: parent.left diff --git a/client/ui/qml/Controls2/DropDownType.qml b/client/ui/qml/Controls2/DropDownType.qml index 906cfffe..633b11cf 100644 --- a/client/ui/qml/Controls2/DropDownType.qml +++ b/client/ui/qml/Controls2/DropDownType.qml @@ -45,33 +45,56 @@ Item { property Item drawerParent property Component listView - signal open - signal close + signal openTriggered + signal closeTriggered - function popupClosedFunc() { - if (!GC.isMobile()) { - this.forceActiveFocus() - } + readonly property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() } - property var parentFlickable - onFocusChanged: { - if (root.activeFocus) { - if (root.parentFlickable) { - root.parentFlickable.ensureVisible(root) - } - } + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() } implicitWidth: rootButtonContent.implicitWidth implicitHeight: rootButtonContent.implicitHeight - onOpen: { - menu.open() + onOpenTriggered: { + menu.openTriggered() } - onClose: { - menu.close() + onCloseTriggered: { + menu.closeTriggered() + } + + Keys.onEnterPressed: { + if (menu.isClosed) { + menu.openTriggered() + } + } + + Keys.onReturnPressed: { + if (menu.isClosed) { + menu.openTriggered() + } } Rectangle { @@ -173,7 +196,7 @@ Item { if (rootButtonClickedFunction && typeof rootButtonClickedFunction === "function") { rootButtonClickedFunction() } else { - menu.open() + menu.openTriggered() } } } @@ -186,93 +209,39 @@ Item { anchors.fill: parent expandedHeight: drawerParent.height * drawerHeight - onClosed: { - root.popupClosedFunc() - } - - expandedContent: Item { + expandedStateContent: Item { id: container implicitHeight: menu.expandedHeight - Connections { - target: menu - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: header - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + anchors.fill: parent anchors.topMargin: 16 BackButtonType { id: backButton backButtonImage: root.headerBackButtonImage - backButtonFunction: function() { menu.close() } - KeyNavigation.tab: listViewLoader.item + backButtonFunction: function() { menu.closeTriggered() } + } + + Header2Type { + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 16 + Layout.fillWidth: true + + headerText: root.headerText + } + + Loader { + id: listViewLoader + sourceComponent: root.listView + + Layout.fillHeight: true + Layout.fillWidth: true } } - - FlickableType { - id: flickable - anchors.top: header.bottom - anchors.topMargin: 16 - contentHeight: col.implicitHeight - - Column { - id: col - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - - spacing: 16 - - Header2Type { - anchors.left: parent.left - anchors.right: parent.right - anchors.leftMargin: 16 - anchors.rightMargin: 16 - - headerText: root.headerText - - width: parent.width - } - - Loader { - id: listViewLoader - sourceComponent: root.listView - - onLoaded: { - listViewLoader.item.parentFlickable = flickable - listViewLoader.item.lastItemTabClicked = function() { - focusItem.forceActiveFocus() - } - } - } - } - } - } - } - - Keys.onEnterPressed: { - if (menu.isClosed) { - menu.open() - } - } - - Keys.onReturnPressed: { - if (menu.isClosed) { - menu.open() } } } diff --git a/client/ui/qml/Controls2/FlickableType.qml b/client/ui/qml/Controls2/FlickableType.qml index bcd14487..b3e5cabf 100644 --- a/client/ui/qml/Controls2/FlickableType.qml +++ b/client/ui/qml/Controls2/FlickableType.qml @@ -7,10 +7,11 @@ Flickable { function ensureVisible(item) { if (item.y < fl.contentY) { - fl.contentY = item.y + fl.contentY = item.y - 40 // 40 is a top margin } else if (item.y + item.height > fl.contentY + fl.height) { fl.contentY = item.y + item.height - fl.height + 40 // 40 is a bottom margin } + fl.returnToBounds() } clip: true @@ -24,7 +25,7 @@ Flickable { Keys.onUpPressed: scrollBar.decrease() Keys.onDownPressed: scrollBar.increase() - ScrollBar.vertical: ScrollBar { + ScrollBar.vertical: ScrollBarType { id: scrollBar policy: fl.height >= fl.contentHeight ? ScrollBar.AlwaysOff : ScrollBar.AlwaysOn } diff --git a/client/ui/qml/Controls2/HeaderType.qml b/client/ui/qml/Controls2/HeaderType.qml deleted file mode 100644 index f1cafbff..00000000 --- a/client/ui/qml/Controls2/HeaderType.qml +++ /dev/null @@ -1,88 +0,0 @@ -import QtQuick -import QtQuick.Layouts - -import Style 1.0 - -import "TextTypes" - -Item { - id: root - - property string actionButtonImage - property var actionButtonFunction - - property alias actionButton: headerActionButton - - property string headerText - property int headerTextMaximumLineCount: 2 - property int headerTextElide: Qt.ElideRight - - property string descriptionText - - focus: true - - implicitWidth: content.implicitWidth - implicitHeight: content.implicitHeight - - ColumnLayout { - id: content - anchors.fill: parent - - RowLayout { - Header1TextType { - id: header - - Layout.fillWidth: true - - text: root.headerText - maximumLineCount: root.headerTextMaximumLineCount - elide: root.headerTextElide - } - - ImageButtonType { - id: headerActionButton - - implicitWidth: 40 - implicitHeight: 40 - - Layout.alignment: Qt.AlignRight - - image: root.actionButtonImage - imageColor: AmneziaStyle.color.paleGray - - visible: image ? true : false - - onClicked: { - if (actionButtonFunction && typeof actionButtonFunction === "function") { - actionButtonFunction() - } - } - } - } - - ParagraphTextType { - id: description - - Layout.topMargin: 16 - Layout.fillWidth: true - - text: root.descriptionText - - color: AmneziaStyle.color.mutedGray - - visible: root.descriptionText !== "" - } - } - - Keys.onEnterPressed: { - if (actionButtonFunction && typeof actionButtonFunction === "function") { - actionButtonFunction() - } - } - - Keys.onReturnPressed: { - if (actionButtonFunction && typeof actionButtonFunction === "function") { - actionButtonFunction() - } - } -} diff --git a/client/ui/qml/Controls2/HeaderTypeWithButton.qml b/client/ui/qml/Controls2/HeaderTypeWithButton.qml new file mode 100644 index 00000000..7feff3ce --- /dev/null +++ b/client/ui/qml/Controls2/HeaderTypeWithButton.qml @@ -0,0 +1,44 @@ +import QtQuick +import QtQuick.Layouts + +import Style 1.0 + +BaseHeaderType { + id: root + + property string actionButtonImage + property var actionButtonFunction + property alias actionButton: headerActionButton + + Component.onCompleted: { + headerRow.children.push(headerActionButton) + } + + ImageButtonType { + id: headerActionButton + implicitWidth: 40 + implicitHeight: 40 + Layout.alignment: Qt.AlignRight + image: root.actionButtonImage + imageColor: AmneziaStyle.color.paleGray + visible: image ? true : false + + onClicked: { + if (actionButtonFunction && typeof actionButtonFunction === "function") { + actionButtonFunction() + } + } + } + + Keys.onEnterPressed: { + if (actionButtonFunction && typeof actionButtonFunction === "function") { + actionButtonFunction() + } + } + + Keys.onReturnPressed: { + if (actionButtonFunction && typeof actionButtonFunction === "function") { + actionButtonFunction() + } + } +} diff --git a/client/ui/qml/Controls2/HeaderTypeWithSwitcher.qml b/client/ui/qml/Controls2/HeaderTypeWithSwitcher.qml new file mode 100644 index 00000000..2fa4e735 --- /dev/null +++ b/client/ui/qml/Controls2/HeaderTypeWithSwitcher.qml @@ -0,0 +1,28 @@ +import QtQuick +import QtQuick.Layouts + +import Style 1.0 + +BaseHeaderType { + id: root + + property var switcherFunction + property bool showSwitcher: false + property alias switcher: headerSwitcher + + Component.onCompleted: { + headerRow.children.push(headerSwitcher) + } + + SwitcherType { + id: headerSwitcher + Layout.alignment: Qt.AlignRight + visible: root.showSwitcher + + onToggled: { + if (switcherFunction && typeof switcherFunction === "function") { + switcherFunction(checked) + } + } + } +} diff --git a/client/ui/qml/Controls2/HorizontalRadioButton.qml b/client/ui/qml/Controls2/HorizontalRadioButton.qml index 1ac1cd30..89cc1658 100644 --- a/client/ui/qml/Controls2/HorizontalRadioButton.qml +++ b/client/ui/qml/Controls2/HorizontalRadioButton.qml @@ -27,6 +27,32 @@ RadioButton { implicitWidth: content.implicitWidth implicitHeight: content.implicitHeight + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + indicator: Rectangle { anchors.fill: parent radius: 16 diff --git a/client/ui/qml/Controls2/ImageButtonType.qml b/client/ui/qml/Controls2/ImageButtonType.qml index fffb6d84..d5f646a7 100644 --- a/client/ui/qml/Controls2/ImageButtonType.qml +++ b/client/ui/qml/Controls2/ImageButtonType.qml @@ -24,22 +24,39 @@ Button { property int borderFocusedWidth: 1 hoverEnabled: true - focus: true - focusPolicy: Qt.TabFocus icon.source: image icon.color: root.enabled ? imageColor : disableImageColor - property Flickable parentFlickable + property bool isFocusable: true - onFocusChanged: { - if (root.activeFocus) { - if (root.parentFlickable) { - root.parentFlickable.ensureVisible(this) - } - } + Keys.onTabPressed: { + FocusController.nextKeyTabItem() } + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + Keys.onEnterPressed: root.clicked() + Keys.onReturnPressed: root.clicked() + Behavior on icon.color { PropertyAnimation { duration: 200 } } diff --git a/client/ui/qml/Controls2/LabelWithButtonType.qml b/client/ui/qml/Controls2/LabelWithButtonType.qml index 41faf108..087415f7 100644 --- a/client/ui/qml/Controls2/LabelWithButtonType.qml +++ b/client/ui/qml/Controls2/LabelWithButtonType.qml @@ -41,6 +41,32 @@ Item { property bool descriptionOnTop: false property bool hideDescription: true + property bool isFocusable: !(eyeImage.visible || rightImage.visible) // TODO: this component already has focusable items + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + implicitWidth: content.implicitWidth + content.anchors.topMargin + content.anchors.bottomMargin implicitHeight: content.implicitHeight + content.anchors.leftMargin + content.anchors.rightMargin diff --git a/client/ui/qml/Controls2/ListViewType.qml b/client/ui/qml/Controls2/ListViewType.qml new file mode 100644 index 00000000..0de43d77 --- /dev/null +++ b/client/ui/qml/Controls2/ListViewType.qml @@ -0,0 +1,38 @@ +import QtQuick +import QtQuick.Controls + +ListView { + id: root + + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + ScrollBar.vertical: ScrollBarType {} + + clip: true + reuseItems: true + snapMode: ListView.SnapToItem +} diff --git a/client/ui/qml/Controls2/ListViewWithLabelsType.qml b/client/ui/qml/Controls2/ListViewWithLabelsType.qml index 5b614c43..536bc25a 100644 --- a/client/ui/qml/Controls2/ListViewWithLabelsType.qml +++ b/client/ui/qml/Controls2/ListViewWithLabelsType.qml @@ -17,7 +17,7 @@ ListView { property bool dividerVisible: false - currentIndex: 0 + property int selectedIndex: 0 width: rootWidth height: menuContent.contentItem.height @@ -45,7 +45,7 @@ ListView { rightImageSource: imageSource clickedFunction: function() { - menuContent.currentIndex = index + menuContent.selectedIndex = index menuContent.selectedText = name if (menuContent.clickedFunction && typeof menuContent.clickedFunction === "function") { menuContent.clickedFunction() @@ -62,7 +62,7 @@ ListView { } Component.onCompleted: { - if (menuContent.currentIndex === index) { + if (menuContent.selectedIndex === index) { menuContent.selectedText = name } } diff --git a/client/ui/qml/Controls2/ListViewWithRadioButtonType.qml b/client/ui/qml/Controls2/ListViewWithRadioButtonType.qml index f7b777a7..bd7ca32e 100644 --- a/client/ui/qml/Controls2/ListViewWithRadioButtonType.qml +++ b/client/ui/qml/Controls2/ListViewWithRadioButtonType.qml @@ -20,155 +20,134 @@ ListView { property var clickedFunction - currentIndex: 0 + property int selectedIndex: 0 width: rootWidth height: root.contentItem.height clip: true - interactive: false + reuseItems: true - property FlickableType parentFlickable - property var lastItemTabClicked + property bool isFocusable: true - property int currentFocusIndex: 0 - - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - this.currentFocusIndex = 0 - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } - } - - Keys.onTabPressed: { - if (currentFocusIndex < this.count - 1) { - currentFocusIndex += 1 - } else { - currentFocusIndex = 0 - } - this.itemAtIndex(currentFocusIndex).forceActiveFocus() - } - - Item { - id: focusItem - Keys.onTabPressed: { - root.forceActiveFocus() - } - } - - onVisibleChanged: { - if (visible) { - focusItem.forceActiveFocus() - } - } - - onCurrentFocusIndexChanged: { - if (parentFlickable) { - parentFlickable.ensureVisible(this.itemAtIndex(currentFocusIndex)) - } - } + ScrollBar.vertical: ScrollBarType {} ButtonGroup { id: buttonGroup } function triggerCurrentItem() { - var item = root.itemAtIndex(currentIndex) - var radioButton = item.children[0].children[0] - radioButton.clicked() + var item = root.itemAtIndex(selectedIndex) + item.selectable.clicked() } - delegate: Item { + delegate: ColumnLayout { + id: content + + property alias selectable: radioButton + implicitWidth: rootWidth - implicitHeight: content.implicitHeight - onActiveFocusChanged: { - if (activeFocus) { - radioButton.forceActiveFocus() + RadioButton { + id: radioButton + + implicitWidth: parent.width + implicitHeight: radioButtonContent.implicitHeight + + hoverEnabled: true + + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() } - } - ColumnLayout { - id: content + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } - anchors.fill: parent + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } - RadioButton { - id: radioButton + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } - implicitWidth: parent.width - implicitHeight: radioButtonContent.implicitHeight + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } - hoverEnabled: true + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } - indicator: Rectangle { - width: parent.width - 1 - height: parent.height - color: radioButton.hovered ? AmneziaStyle.color.slateGray : AmneziaStyle.color.onyxBlack - border.color: radioButton.focus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.transparent - border.width: radioButton.focus ? 1 : 0 + indicator: Rectangle { + width: parent.width - 1 + height: parent.height + color: radioButton.hovered ? AmneziaStyle.color.slateGray : AmneziaStyle.color.onyxBlack + border.color: radioButton.focus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.transparent + border.width: radioButton.focus ? 1 : 0 - Behavior on color { - PropertyAnimation { duration: 200 } - } - Behavior on border.color { - PropertyAnimation { duration: 200 } - } - - MouseArea { - anchors.fill: parent - cursorShape: Qt.PointingHandCursor - enabled: false - } + Behavior on color { + PropertyAnimation { duration: 200 } + } + Behavior on border.color { + PropertyAnimation { duration: 200 } } - RowLayout { - id: radioButtonContent + MouseArea { anchors.fill: parent + cursorShape: Qt.PointingHandCursor + enabled: false + } + } - anchors.rightMargin: 16 - anchors.leftMargin: 16 + RowLayout { + id: radioButtonContent + anchors.fill: parent - z: 1 + anchors.rightMargin: 16 + anchors.leftMargin: 16 - ParagraphTextType { - Layout.fillWidth: true - Layout.topMargin: 20 - Layout.bottomMargin: 20 + z: 1 - text: name - maximumLineCount: root.textMaximumLineCount - elide: root.textElide + ParagraphTextType { + Layout.fillWidth: true + Layout.topMargin: 20 + Layout.bottomMargin: 20 - } + text: name + maximumLineCount: root.textMaximumLineCount + elide: root.textElide - Image { - source: imageSource - visible: radioButton.checked - - width: 24 - height: 24 - - Layout.rightMargin: 8 - } } - ButtonGroup.group: buttonGroup - checked: root.currentIndex === index + Image { + source: imageSource + visible: radioButton.checked - onClicked: { - root.currentIndex = index - root.selectedText = name - if (clickedFunction && typeof clickedFunction === "function") { - clickedFunction() - } + width: 24 + height: 24 + + Layout.rightMargin: 8 + } + } + + ButtonGroup.group: buttonGroup + checked: root.selectedIndex === index + + onClicked: { + root.selectedIndex = index + root.selectedText = name + if (clickedFunction && typeof clickedFunction === "function") { + clickedFunction() } } } Component.onCompleted: { - if (root.currentIndex === index) { + if (root.selectedIndex === index) { root.selectedText = name } } diff --git a/client/ui/qml/Controls2/PageType.qml b/client/ui/qml/Controls2/PageType.qml index 0a2a2998..d7f3317f 100644 --- a/client/ui/qml/Controls2/PageType.qml +++ b/client/ui/qml/Controls2/PageType.qml @@ -9,53 +9,21 @@ Item { property StackView stackView: StackView.view - property var defaultActiveFocusItem: null - onVisibleChanged: { - if (visible && !GC.isMobile()) { + if (visible) { timer.start() } } - function lastItemTabClicked(focusItem) { - if (GC.isMobile()) { - return - } - - if (focusItem) { - focusItem.forceActiveFocus() - PageController.forceTabBarActiveFocus() - } else { - if (defaultActiveFocusItem) { - defaultActiveFocusItem.forceActiveFocus() - } - PageController.forceTabBarActiveFocus() - } - } - -// MouseArea { -// id: globalMouseArea -// z: 99 -// anchors.fill: parent - -// enabled: true - -// onPressed: function(mouse) { -// forceActiveFocus() -// mouse.accepted = false -// } -// } - // Set a timer to set focus after a short delay Timer { id: timer - interval: 100 // Milliseconds + interval: 200 // Milliseconds onTriggered: { - if (defaultActiveFocusItem) { - defaultActiveFocusItem.forceActiveFocus() - } + FocusController.resetRootObject() + FocusController.setFocusOnDefaultItem() } repeat: false // Stop the timer after one trigger - running: !GC.isMobile() // Start the timer + running: true // Start the timer } } diff --git a/client/ui/qml/Controls2/PopupType.qml b/client/ui/qml/Controls2/PopupType.qml index 7a6a770e..dfb6f273 100644 --- a/client/ui/qml/Controls2/PopupType.qml +++ b/client/ui/qml/Controls2/PopupType.qml @@ -5,6 +5,7 @@ import QtQuick.Layouts import Style 1.0 import "TextTypes" +import "../Config" Popup { id: root @@ -28,11 +29,11 @@ Popup { } onOpened: { - focusItem.forceActiveFocus() + timer.start() } onClosed: { - PageController.forceStackActiveFocus() + FocusController.dropRootObject(root) } background: Rectangle { @@ -42,6 +43,17 @@ Popup { radius: 4 } + Timer { + id: timer + interval: 200 // Milliseconds + onTriggered: { + FocusController.pushRootObject(root) + FocusController.setFocusItem(closeButton) + } + repeat: false // Stop the timer after one trigger + running: true // Start the timer + } + contentItem: Item { implicitWidth: content.implicitWidth implicitHeight: content.implicitHeight @@ -72,11 +84,6 @@ Popup { } } - Item { - id: focusItem - KeyNavigation.tab: closeButton - } - BasicButtonType { id: closeButton visible: closeButtonVisible @@ -92,7 +99,6 @@ Popup { borderWidth: 0 text: qsTr("Close") - KeyNavigation.tab: focusItem clickedFunc: function() { root.close() diff --git a/client/ui/qml/Controls2/ScrollBarType.qml b/client/ui/qml/Controls2/ScrollBarType.qml new file mode 100644 index 00000000..26e8edb6 --- /dev/null +++ b/client/ui/qml/Controls2/ScrollBarType.qml @@ -0,0 +1,11 @@ +import QtQuick +import QtQuick.Controls + +import "./" +import "../Controls2" + +ScrollBar { + id: root + + policy: parent.height >= parent.contentHeight ? ScrollBar.AlwaysOff : ScrollBar.AlwaysOn +} diff --git a/client/ui/qml/Controls2/SwitcherType.qml b/client/ui/qml/Controls2/SwitcherType.qml index 43c35778..0651390f 100644 --- a/client/ui/qml/Controls2/SwitcherType.qml +++ b/client/ui/qml/Controls2/SwitcherType.qml @@ -35,10 +35,37 @@ Switch { property string hoveredIndicatorBackgroundColor: AmneziaStyle.color.translucentWhite property string defaultIndicatorBackgroundColor: AmneziaStyle.color.transparent + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + hoverEnabled: enabled ? true : false focusPolicy: Qt.TabFocus property FlickableType parentFlickable: null + onFocusChanged: { if (root.activeFocus) { if (root.parentFlickable) { @@ -131,13 +158,15 @@ Switch { enabled: false } - Keys.onEnterPressed: { - root.checked = !root.checked - root.checkedChanged() - } + Keys.onEnterPressed: event => handleSwitch(event) + Keys.onReturnPressed: event => handleSwitch(event) + Keys.onSpacePressed: event => handleSwitch(event) - Keys.onReturnPressed: { - root.checked = !root.checked - root.checkedChanged() + function handleSwitch(event) { + if (!event.isAutoRepeat) { + root.checked = !root.checked + root.checkedChanged() + } + event.accepted = true } } diff --git a/client/ui/qml/Controls2/TabButtonType.qml b/client/ui/qml/Controls2/TabButtonType.qml index d57ff3a0..0e48d975 100644 --- a/client/ui/qml/Controls2/TabButtonType.qml +++ b/client/ui/qml/Controls2/TabButtonType.qml @@ -17,10 +17,35 @@ TabButton { property bool isSelected: false + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + implicitHeight: 48 hoverEnabled: true - focusPolicy: Qt.TabFocus background: Rectangle { id: background diff --git a/client/ui/qml/Controls2/TabImageButtonType.qml b/client/ui/qml/Controls2/TabImageButtonType.qml index abe544aa..b49ad8eb 100644 --- a/client/ui/qml/Controls2/TabImageButtonType.qml +++ b/client/ui/qml/Controls2/TabImageButtonType.qml @@ -14,13 +14,38 @@ TabButton { property bool isSelected: false + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + property string borderFocusedColor: AmneziaStyle.color.paleGray property int borderFocusedWidth: 1 property var clickedFunc hoverEnabled: true - focusPolicy: Qt.TabFocus icon.source: image icon.color: isSelected ? selectedColor : defaultColor @@ -41,7 +66,7 @@ TabButton { cursorShape: Qt.PointingHandCursor enabled: false } - + Keys.onEnterPressed: { if (root.clickedFunc && typeof root.clickedFunc === "function") { root.clickedFunc() diff --git a/client/ui/qml/Controls2/TextAreaWithFooterType.qml b/client/ui/qml/Controls2/TextAreaWithFooterType.qml index 102929e2..cf7b9146 100644 --- a/client/ui/qml/Controls2/TextAreaWithFooterType.qml +++ b/client/ui/qml/Controls2/TextAreaWithFooterType.qml @@ -78,9 +78,6 @@ Rectangle { placeholderText: root.placeholderText text: root.text - - KeyNavigation.tab: firstButton - onCursorVisibleChanged: { if (textArea.cursorVisible) { fl.interactive = true diff --git a/client/ui/qml/Controls2/TextFieldWithHeaderType.qml b/client/ui/qml/Controls2/TextFieldWithHeaderType.qml index 365faa94..c4ed91b3 100644 --- a/client/ui/qml/Controls2/TextFieldWithHeaderType.qml +++ b/client/ui/qml/Controls2/TextFieldWithHeaderType.qml @@ -22,11 +22,9 @@ Item { property var clickedFunc property alias textField: textField - property alias textFieldText: textField.text property string textFieldTextColor: AmneziaStyle.color.paleGray property string textFieldTextDisabledColor: AmneziaStyle.color.mutedGray - property string textFieldPlaceholderText property bool textFieldEditable: true property string borderColor: AmneziaStyle.color.slateGray @@ -40,6 +38,7 @@ Item { implicitHeight: content.implicitHeight property FlickableType parentFlickable + Connections { target: textField function onFocusChanged() { @@ -84,14 +83,22 @@ Item { TextField { id: textField - activeFocusOnTab: false + + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } enabled: root.textFieldEditable color: root.enabled ? root.textFieldTextColor : root.textFieldTextDisabledColor inputMethodHints: Qt.ImhNoAutoUppercase | Qt.ImhSensitiveData | Qt.ImhNoPredictiveText - placeholderText: root.textFieldPlaceholderText placeholderTextColor: AmneziaStyle.color.charcoalGray selectionColor: AmneziaStyle.color.richBrown @@ -119,8 +126,8 @@ Item { } onActiveFocusChanged: { - if (checkEmptyText && textFieldText === "") { - errorText = qsTr("The field can't be empty") + if (root.checkEmptyText && text === "") { + root.errorText = qsTr("The field can't be empty") } } @@ -209,9 +216,9 @@ Item { clickedFunc() } - if (KeyNavigation.tab) { - KeyNavigation.tab.forceActiveFocus(); - } + // if (KeyNavigation.tab) { + // KeyNavigation.tab.forceActiveFocus(); + // } } Keys.onReturnPressed: { @@ -219,8 +226,8 @@ Item { clickedFunc() } - if (KeyNavigation.tab) { - KeyNavigation.tab.forceActiveFocus(); - } + // if (KeyNavigation.tab) { + // KeyNavigation.tab.forceActiveFocus(); + // } } } diff --git a/client/ui/qml/Controls2/VerticalRadioButton.qml b/client/ui/qml/Controls2/VerticalRadioButton.qml index 1a781f20..7ad6afc8 100644 --- a/client/ui/qml/Controls2/VerticalRadioButton.qml +++ b/client/ui/qml/Controls2/VerticalRadioButton.qml @@ -20,7 +20,11 @@ RadioButton { property string selectedColor: AmneziaStyle.color.transparent property string textColor: AmneziaStyle.color.paleGray + property string textDisabledColor: AmneziaStyle.color.mutedGray property string selectedTextColor: AmneziaStyle.color.goldenApricot + property string selectedTextDisabledColor: AmneziaStyle.color.burntOrange + property string descriptionColor: AmneziaStyle.color.mutedGray + property string descriptionDisabledColor: AmneziaStyle.color.charcoalGray property string borderFocusedColor: AmneziaStyle.color.paleGray property int borderFocusedWidth: 1 @@ -28,8 +32,39 @@ RadioButton { property string imageSource property bool showImage + property bool isFocusable: true + + + property string radioButtonInnerCirclePressedSource: "qrc:/images/controls/radio-button-inner-circle-pressed.png" + property string radioButtonInnerCircleSource: "qrc:/images/controls/radio-button-inner-circle.png" + property string radioButtonPressedSource: "qrc:/images/controls/radio-button-pressed.svg" + property string radioButtonDefaultSource: "qrc:/images/controls/radio-button.svg" + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + hoverEnabled: true - focusPolicy: Qt.TabFocus indicator: Rectangle { id: background @@ -69,14 +104,15 @@ RadioButton { if (showImage) { return imageSource } else if (root.pressed) { - return "qrc:/images/controls/radio-button-inner-circle-pressed.png" + return root.radioButtonInnerCirclePressedSource } else if (root.checked) { - return "qrc:/images/controls/radio-button-inner-circle.png" + return root.radioButtonInnerCircleSource } return "" } + opacity: root.enabled ? 1.0 : 0.3 anchors.centerIn: parent width: 24 @@ -88,12 +124,13 @@ RadioButton { if (showImage) { return "" } else if (root.pressed || root.checked) { - return "qrc:/images/controls/radio-button-pressed.svg" + return root.radioButtonPressedSource } else { - return "qrc:/images/controls/radio-button.svg" + return root.radioButtonDefaultSource } } + opacity: root.enabled ? 1.0 : 0.3 anchors.centerIn: parent width: 24 @@ -123,10 +160,11 @@ RadioButton { elide: root.textElide color: { - if (root.checked) { - return selectedTextColor + if (root.enabled) { + return root.checked ? selectedTextColor : textColor + } else { + return root.checked ? selectedTextDisabledColor : textDisabledColor } - return textColor } Layout.fillWidth: true @@ -139,7 +177,7 @@ RadioButton { CaptionTextType { id: description - color: AmneziaStyle.color.mutedGray + color: root.enabled ? root.descriptionColor : root.descriptionDisabledColor text: root.descriptionText visible: root.descriptionText !== "" @@ -152,6 +190,7 @@ RadioButton { MouseArea { anchors.fill: root cursorShape: Qt.PointingHandCursor + preventStealing: false enabled: false } } diff --git a/client/ui/qml/Modules/Style/AmneziaStyle.qml b/client/ui/qml/Modules/Style/AmneziaStyle.qml index 1abfbe3a..4e2e80f0 100644 --- a/client/ui/qml/Modules/Style/AmneziaStyle.qml +++ b/client/ui/qml/Modules/Style/AmneziaStyle.qml @@ -26,5 +26,7 @@ QtObject { readonly property color softGoldenApricot: Qt.rgba(251/255, 178/255, 106/255, 0.3) readonly property color mistyGray: Qt.rgba(215/255, 216/255, 219/255, 0.8) readonly property color cloudyGray: Qt.rgba(215/255, 216/255, 219/255, 0.65) + readonly property color pearlGray: '#EAEAEC' + readonly property color translucentRichBrown: Qt.rgba(99/255, 51/255, 3/255, 0.26) } } diff --git a/client/ui/qml/Pages2/PageDeinstalling.qml b/client/ui/qml/Pages2/PageDeinstalling.qml index f5fdb29a..69b1f319 100644 --- a/client/ui/qml/Pages2/PageDeinstalling.qml +++ b/client/ui/qml/Pages2/PageDeinstalling.qml @@ -56,7 +56,7 @@ PageType { anchors.rightMargin: 16 anchors.leftMargin: 16 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 20 diff --git a/client/ui/qml/Pages2/PageDevMenu.qml b/client/ui/qml/Pages2/PageDevMenu.qml index 5da40eff..5fccb43a 100644 --- a/client/ui/qml/Pages2/PageDevMenu.qml +++ b/client/ui/qml/Pages2/PageDevMenu.qml @@ -16,42 +16,30 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - - ColumnLayout { - id: backButtonLayout + BackButtonType { + id: backButton anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right - anchors.topMargin: 20 - - BackButtonType { - id: backButton - // KeyNavigation.tab: removeButton - } } - FlickableType { - id: fl - anchors.top: backButtonLayout.bottom + ListView { + id: listView + anchors.top: backButton.bottom anchors.bottom: parent.bottom - contentHeight: content.implicitHeight + anchors.right: parent.right + anchors.left: parent.left - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + ScrollBar.vertical: ScrollBarType {} - HeaderType { + header: ColumnLayout { + width: listView.width + + BaseHeaderType { id: header Layout.fillWidth: true @@ -60,7 +48,14 @@ PageType { headerText: "Dev menu" } + } + + model: 1 + clip: true + spacing: 16 + delegate: ColumnLayout { + width: listView.width TextFieldWithHeaderType { id: passwordTextField @@ -69,34 +64,35 @@ PageType { Layout.topMargin: 16 Layout.rightMargin: 16 Layout.leftMargin: 16 - parentFlickable: fl headerText: qsTr("Gateway endpoint") - textFieldText: SettingsController.gatewayEndpoint + textField.text: SettingsController.gatewayEndpoint - buttonImageSource: textFieldText !== "" ? "qrc:/images/controls/refresh-cw.svg" : "" + buttonImageSource: textField.text !== "" ? "qrc:/images/controls/refresh-cw.svg" : "" clickedFunc: function() { SettingsController.resetGatewayEndpoint() } textField.onEditingFinished: { - textFieldText = textField.text.replace(/^\s+|\s+$/g, '') - if (textFieldText !== SettingsController.gatewayEndpoint) { - SettingsController.gatewayEndpoint = textFieldText + textField.text = textField.text.replace(/^\s+|\s+$/g, '') + if (textField.text !== SettingsController.gatewayEndpoint) { + SettingsController.gatewayEndpoint = textField.text } } - - // KeyNavigation.tab: saveButton } + } + + footer: ColumnLayout { + width: listView.width SwitcherType { id: switcher Layout.fillWidth: true + Layout.topMargin: 24 Layout.rightMargin: 16 Layout.leftMargin: 16 - Layout.topMargin: 16 text: qsTr("Dev gateway environment") checked: SettingsController.isDevGatewayEnv diff --git a/client/ui/qml/Pages2/PageHome.qml b/client/ui/qml/Pages2/PageHome.qml index e5112575..7934e5fb 100644 --- a/client/ui/qml/Pages2/PageHome.qml +++ b/client/ui/qml/Pages2/PageHome.qml @@ -1,6 +1,7 @@ import QtQuick import QtQuick.Controls import QtQuick.Layouts +import Qt5Compat.GraphicalEffects import SortFilterProxyModel 0.2 @@ -19,37 +20,71 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - Connections { + objectName: "pageControllerConnections" + target: PageController function onRestorePageHomeState(isContainerInstalled) { - drawer.open() + drawer.openTriggered() if (isContainerInstalled) { containersDropDown.rootButtonClickedFunction() } } } + Connections { + + target: ApiPremV1MigrationController + + function onMigrationFinished() { + apiPremV1MigrationDrawer.closeTriggered() + + var headerText = qsTr("You've successfully switched to the new Amnezia Premium subscription!") + var descriptionText = qsTr("Old keys will no longer work. Please use your new subscription key to connect. \nThank you for staying with us!") + var yesButtonText = qsTr("Continue") + var noButtonText = "" + + var yesButtonFunction = function() { + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + + function onShowMigrationDrawer() { + apiPremV1MigrationDrawer.openTriggered() + } + } + Item { + objectName: "homeColumnItem" + anchors.fill: parent anchors.bottomMargin: drawer.collapsedHeight ColumnLayout { - anchors.fill: parent - anchors.topMargin: 34 - anchors.bottomMargin: 34 + objectName: "homeColumnLayout" - Item { - id: focusItem - KeyNavigation.tab: loggingButton.visible ? - loggingButton : - connectButton + anchors.fill: parent + anchors.topMargin: 12 + anchors.bottomMargin: 16 + + AdLabel { + id: adLabel + + Layout.fillWidth: true + Layout.preferredHeight: adLabel.contentHeight + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 22 } BasicButtonType { id: loggingButton + objectName: "loggingButton" + property bool isLoggingEnabled: SettingsController.isLoggingEnabled Layout.alignment: Qt.AlignHCenter @@ -69,8 +104,6 @@ PageType { Keys.onEnterPressed: loggingButton.clicked() Keys.onReturnPressed: loggingButton.clicked() - KeyNavigation.tab: connectButton - onClicked: { PageController.goToPage(PageEnum.PageSettingsLogging) } @@ -78,16 +111,17 @@ PageType { ConnectButton { id: connectButton + objectName: "connectButton" + Layout.fillHeight: true Layout.alignment: Qt.AlignCenter - KeyNavigation.tab: splitTunnelingButton } BasicButtonType { id: splitTunnelingButton + objectName: "splitTunnelingButton" Layout.alignment: Qt.AlignHCenter | Qt.AlignBottom - Layout.bottomMargin: 34 leftPadding: 16 rightPadding: 16 @@ -116,53 +150,37 @@ PageType { Keys.onEnterPressed: splitTunnelingButton.clicked() Keys.onReturnPressed: splitTunnelingButton.clicked() - KeyNavigation.tab: drawer - onClicked: { - homeSplitTunnelingDrawer.open() + homeSplitTunnelingDrawer.openTriggered() } HomeSplitTunnelingDrawer { id: homeSplitTunnelingDrawer - parent: root + objectName: "homeSplitTunnelingDrawer" - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } + parent: root } } } } - DrawerType2 { id: drawer + objectName: "drawerProtocol" + anchors.fill: parent - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } + collapsedStateContent: Item { + objectName: "ProtocolDrawerCollapsedContent" - collapsedContent: Item { implicitHeight: Qt.platform.os !== "ios" ? root.height * 0.9 : screen.height * 0.77 Component.onCompleted: { drawer.expandedHeight = implicitHeight } - Connections { - target: drawer - enabled: !GC.isMobile() - function onActiveFocusChanged() { - if (drawer.activeFocus && !drawer.isOpened) { - collapsedButtonChevron.forceActiveFocus() - } - } - } + ColumnLayout { id: collapsed + objectName: "collapsedColumnLayout" anchors.left: parent.left anchors.right: parent.right @@ -181,6 +199,8 @@ PageType { } RowLayout { + objectName: "rowLayout" + Layout.topMargin: 14 Layout.leftMargin: 24 Layout.rightMargin: 24 @@ -189,9 +209,11 @@ PageType { spacing: 0 Connections { + objectName: "drawerConnections" + target: drawer - function onEntered() { - if (drawer.isCollapsed) { + function onCursorEntered() { + if (drawer.isCollapsedStateActive) { collapsedButtonChevron.backgroundColor = collapsedButtonChevron.hoveredColor collapsedButtonHeader.opacity = 0.8 } else { @@ -199,8 +221,8 @@ PageType { } } - function onExited() { - if (drawer.isCollapsed) { + function onCursorExited() { + if (drawer.isCollapsedStateActive) { collapsedButtonChevron.backgroundColor = collapsedButtonChevron.defaultColor collapsedButtonHeader.opacity = 1 } else { @@ -209,7 +231,7 @@ PageType { } function onPressed(pressed, entered) { - if (drawer.isCollapsed) { + if (drawer.isCollapsedStateActive) { collapsedButtonChevron.backgroundColor = pressed ? collapsedButtonChevron.pressedColor : entered ? collapsedButtonChevron.hoveredColor : collapsedButtonChevron.defaultColor collapsedButtonHeader.opacity = 0.7 } else { @@ -220,6 +242,8 @@ PageType { Header1TextType { id: collapsedButtonHeader + objectName: "collapsedButtonHeader" + Layout.maximumWidth: drawer.width - 48 - 18 - 12 maximumLineCount: 2 @@ -228,8 +252,6 @@ PageType { text: ServersModel.defaultServerName horizontalAlignment: Qt.AlignHCenter - KeyNavigation.tab: tabBar - Behavior on opacity { PropertyAnimation { duration: 200 } } @@ -237,10 +259,11 @@ PageType { ImageButtonType { id: collapsedButtonChevron + objectName: "collapsedButtonChevron" Layout.leftMargin: 8 - visible: drawer.isCollapsed + visible: drawer.isCollapsedStateActive() hoverEnabled: false image: "qrc:/images/controls/chevron-down.svg" @@ -255,25 +278,24 @@ PageType { Keys.onEnterPressed: collapsedButtonChevron.clicked() Keys.onReturnPressed: collapsedButtonChevron.clicked() - Keys.onTabPressed: lastItemTabClicked() - onClicked: { - if (drawer.isCollapsed) { - drawer.open() + if (drawer.isCollapsedStateActive()) { + drawer.openTriggered() } } } } RowLayout { + objectName: "rowLayoutLabel" Layout.alignment: Qt.AlignHCenter | Qt.AlignVCenter Layout.topMargin: 8 - Layout.bottomMargin: drawer.isCollapsed ? 44 : ServersModel.isDefaultServerFromApi ? 61 : 16 + Layout.bottomMargin: drawer.isCollapsedStateActive ? 44 : ServersModel.isDefaultServerFromApi ? 61 : 16 spacing: 0 BasicButtonType { - enabled: (ServersModel.defaultServerImagePathCollapsed !== "") && drawer.isCollapsed + enabled: (ServersModel.defaultServerImagePathCollapsed !== "") && drawer.isCollapsedStateActive hoverEnabled: enabled implicitHeight: 36 @@ -291,32 +313,40 @@ PageType { buttonTextLabel.font.pixelSize: 13 buttonTextLabel.font.weight: 400 - text: drawer.isCollapsed ? ServersModel.defaultServerDescriptionCollapsed : ServersModel.defaultServerDescriptionExpanded + text: drawer.isCollapsedStateActive ? ServersModel.defaultServerDescriptionCollapsed : ServersModel.defaultServerDescriptionExpanded leftImageSource: ServersModel.defaultServerImagePathCollapsed + leftImageColor: "" changeLeftImageSize: false rightImageSource: hoverEnabled ? "qrc:/images/controls/chevron-down.svg" : "" onClicked: { ServersModel.processedIndex = ServersModel.defaultIndex - PageController.goToPage(PageEnum.PageSettingsServerInfo) - } - } - } - } - Connections { - target: drawer - enabled: !GC.isMobile() - function onIsCollapsedChanged() { - if (!drawer.isCollapsed) { - focusItem1.forceActiveFocus() + if (ServersModel.getProcessedServerData("isServerFromGatewayApi")) { + if (ServersModel.getProcessedServerData("isCountrySelectionAvailable")) { + PageController.goToPage(PageEnum.PageSettingsApiAvailableCountries) + } else { + PageController.showBusyIndicator(true) + let result = ApiSettingsController.getAccountInfo(false) + PageController.showBusyIndicator(false) + if (!result) { + return + } + + PageController.goToPage(PageEnum.PageSettingsApiServerInfo) + } + } else { + PageController.goToPage(PageEnum.PageSettingsServerInfo) + } + } } } } ColumnLayout { id: serversMenuHeader + objectName: "serversMenuHeader" anchors.top: collapsed.bottom anchors.right: parent.right @@ -328,13 +358,9 @@ PageType { visible: !ServersModel.isDefaultServerFromApi - Item { - id: focusItem1 - KeyNavigation.tab: containersDropDown - } - DropDownType { id: containersDropDown + objectName: "containersDropDown" rootButtonImageColor: AmneziaStyle.color.midnightBlack rootButtonBackgroundColor: AmneziaStyle.color.paleGray @@ -345,28 +371,28 @@ PageType { rootButtonTextTopMargin: 8 rootButtonTextBottomMargin: 8 + enabled: drawer.isOpened + text: ServersModel.defaultServerDefaultContainerName textColor: AmneziaStyle.color.midnightBlack headerText: qsTr("VPN protocol") headerBackButtonImage: "qrc:/images/controls/arrow-left.svg" rootButtonClickedFunction: function() { - containersDropDown.open() + containersDropDown.openTriggered() } drawerParent: root - KeyNavigation.tab: serversMenuContent listView: HomeContainersListView { id: containersListView + objectName: "containersListView" + rootWidth: root.width - onVisibleChanged: { - if (containersDropDown.visible && !GC.isMobile()) { - focusItem1.forceActiveFocus() - } - } Connections { + objectName: "rowLayoutConnections" + target: ServersModel function onDefaultServerIndexChanged() { @@ -408,170 +434,29 @@ PageType { ButtonGroup { id: serversRadioButtonGroup + objectName: "serversRadioButtonGroup" } - ListView { + ServersListView { id: serversMenuContent + objectName: "serversMenuContent" - anchors.top: serversMenuHeader.bottom - anchors.right: parent.right - anchors.left: parent.left - anchors.bottom: parent.bottom - anchors.topMargin: 16 - - model: ServersModel - currentIndex: ServersModel.defaultIndex - - ScrollBar.vertical: ScrollBar { - id: scrollBar - policy: serversMenuContent.height >= serversMenuContent.contentHeight ? ScrollBar.AlwaysOff : ScrollBar.AlwaysOn - } - - - activeFocusOnTab: true - focus: true - - property int focusItemIndex: 0 - onActiveFocusChanged: { - if (activeFocus) { - serversMenuContent.focusItemIndex = 0 - serversMenuContent.itemAtIndex(focusItemIndex).forceActiveFocus() - } - } - - onFocusItemIndexChanged: { - const focusedElement = serversMenuContent.itemAtIndex(focusItemIndex) - if (focusedElement) { - if (focusedElement.y + focusedElement.height > serversMenuContent.height) { - serversMenuContent.contentY = focusedElement.y + focusedElement.height - serversMenuContent.height - } else { - serversMenuContent.contentY = 0 - } - } - } - - Keys.onUpPressed: scrollBar.decrease() - Keys.onDownPressed: scrollBar.increase() + isFocusable: false Connections { target: drawer - enabled: !GC.isMobile() - function onIsCollapsedChanged() { - if (drawer.isCollapsed) { - const item = serversMenuContent.itemAtIndex(serversMenuContent.focusItemIndex) - if (item) { item.serverRadioButtonProperty.focus = false } - } - } - } - Connections { - target: ServersModel - function onDefaultServerIndexChanged(serverIndex) { - serversMenuContent.currentIndex = serverIndex - } - } - - clip: true - - delegate: Item { - id: menuContentDelegate - - property variant delegateData: model - property VerticalRadioButton serverRadioButtonProperty: serverRadioButton - - implicitWidth: serversMenuContent.width - implicitHeight: serverRadioButtonContent.implicitHeight - - onActiveFocusChanged: { - if (activeFocus) { - serverRadioButton.forceActiveFocus() - } - } - - ColumnLayout { - id: serverRadioButtonContent - - anchors.fill: parent - anchors.rightMargin: 16 - anchors.leftMargin: 16 - - spacing: 0 - - RowLayout { - Layout.fillWidth: true - VerticalRadioButton { - id: serverRadioButton - - Layout.fillWidth: true - - text: name - descriptionText: serverDescription - - checked: index === serversMenuContent.currentIndex - checkable: !ConnectionController.isConnected - - ButtonGroup.group: serversRadioButtonGroup - - onClicked: { - if (ConnectionController.isConnected) { - PageController.showNotificationMessage(qsTr("Unable change server while there is an active connection")) - return - } - - serversMenuContent.currentIndex = index - - ServersModel.defaultIndex = index - } - - MouseArea { - anchors.fill: serverRadioButton - cursorShape: Qt.PointingHandCursor - enabled: false - } - - Keys.onTabPressed: serverInfoButton.forceActiveFocus() - Keys.onEnterPressed: serverRadioButton.clicked() - Keys.onReturnPressed: serverRadioButton.clicked() - } - - ImageButtonType { - id: serverInfoButton - image: "qrc:/images/controls/settings.svg" - imageColor: AmneziaStyle.color.paleGray - - implicitWidth: 56 - implicitHeight: 56 - - z: 1 - - Keys.onTabPressed: { - if (serversMenuContent.focusItemIndex < serversMenuContent.count - 1) { - serversMenuContent.focusItemIndex++ - serversMenuContent.itemAtIndex(serversMenuContent.focusItemIndex).forceActiveFocus() - } else { - focusItem1.forceActiveFocus() - serversMenuContent.contentY = 0 - } - } - Keys.onEnterPressed: serverInfoButton.clicked() - Keys.onReturnPressed: serverInfoButton.clicked() - - onClicked: function() { - ServersModel.processedIndex = index - PageController.goToPage(PageEnum.PageSettingsServerInfo) - drawer.close() - } - } - } - - DividerType { - Layout.fillWidth: true - Layout.leftMargin: 0 - Layout.rightMargin: 0 - } + // this item shouldn't be focused when drawer is closed + function onIsOpenedChanged() { + serversMenuContent.isFocusable = drawer.isOpened } } } } } + + ApiPremV1MigrationDrawer { + id: apiPremV1MigrationDrawer + anchors.fill: parent + } } diff --git a/client/ui/qml/Pages2/PageProtocolAwgClientSettings.qml b/client/ui/qml/Pages2/PageProtocolAwgClientSettings.qml index 2b912f18..d97d09e8 100644 --- a/client/ui/qml/Pages2/PageProtocolAwgClientSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolAwgClientSettings.qml @@ -16,18 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.mtuTextField.textField - - Item { - id: focusItem - onFocusChanged: { - if (activeFocus) { - fl.ensureVisible(focusItem) - } - } - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -39,230 +27,338 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview.currentItem.mtuTextField.textField } } - FlickableType { - id: fl + ListView { + id: listview + anchors.top: backButtonLayout.bottom - anchors.bottom: parent.bottom - contentHeight: content.implicitHeight + saveButton.implicitHeight + saveButton.anchors.bottomMargin + saveButton.anchors.topMargin + anchors.bottom: saveButton.top - Column { - id: content + width: parent.width - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + clip: true - ListView { - id: listview + property bool isFocusable: true - width: parent.width - height: listview.contentItem.height + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } - clip: true - interactive: false + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } - model: AwgConfigModel + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } - delegate: Item { - id: delegateItem - implicitWidth: listview.width - implicitHeight: col.implicitHeight + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } - property alias mtuTextField: mtuTextField - property bool isSaveButtonEnabled: mtuTextField.errorText === "" && - junkPacketMaxSizeTextField.errorText === "" && - junkPacketMinSizeTextField.errorText === "" && - junkPacketCountTextField.errorText === "" + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } - ColumnLayout { - id: col + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + model: AwgConfigModel - anchors.leftMargin: 16 - anchors.rightMargin: 16 + delegate: Item { + id: delegateItem + implicitWidth: listview.width + implicitHeight: col.implicitHeight - spacing: 0 + property alias mtuTextField: mtuTextField + property bool isSaveButtonEnabled: mtuTextField.errorText === "" && + junkPacketMaxSizeTextField.errorText === "" && + junkPacketMinSizeTextField.errorText === "" && + junkPacketCountTextField.errorText === "" - HeaderType { - Layout.fillWidth: true + ColumnLayout { + id: col - headerText: qsTr("AmneziaWG settings") + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + anchors.leftMargin: 16 + anchors.rightMargin: 16 + + spacing: 0 + + BaseHeaderType { + Layout.fillWidth: true + + headerText: qsTr("AmneziaWG settings") + } + + TextFieldWithHeaderType { + id: mtuTextField + Layout.fillWidth: true + Layout.topMargin: 40 + + headerText: qsTr("MTU") + textField.text: clientMtu + textField.validator: IntValidator { bottom: 576; top: 65535 } + + textField.onEditingFinished: { + if (textField.text !== clientMtu) { + clientMtu = textField.text } + } + checkEmptyText: true + KeyNavigation.tab: junkPacketCountTextField.textField + } - TextFieldWithHeaderType { - id: mtuTextField - Layout.fillWidth: true - Layout.topMargin: 40 + AwgTextField { + id: junkPacketCountTextField + headerText: "Jc - Junk packet count" + textField.text: clientJunkPacketCount - headerText: qsTr("MTU") - textFieldText: clientMtu - textField.validator: IntValidator { bottom: 576; top: 65535 } - - textField.onEditingFinished: { - if (textFieldText !== clientMtu) { - clientMtu = textFieldText - } - } - checkEmptyText: true - KeyNavigation.tab: junkPacketCountTextField.textField + textField.onEditingFinished: { + if (textField.text !== clientJunkPacketCount) { + clientJunkPacketCount = textField.text } + } - TextFieldWithHeaderType { - id: junkPacketCountTextField - Layout.fillWidth: true - Layout.topMargin: 16 + KeyNavigation.tab: junkPacketMinSizeTextField.textField + } - headerText: "Jc - Junk packet count" - textFieldText: clientJunkPacketCount - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl + AwgTextField { + id: junkPacketMinSizeTextField + headerText: "Jmin - Junk packet minimum size" + textField.text: clientJunkPacketMinSize - textField.onEditingFinished: { - if (textFieldText !== clientJunkPacketCount) { - clientJunkPacketCount = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: junkPacketMinSizeTextField.textField + textField.onEditingFinished: { + if (textField.text !== clientJunkPacketMinSize) { + clientJunkPacketMinSize = textField.text } + } - TextFieldWithHeaderType { - id: junkPacketMinSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 + KeyNavigation.tab: junkPacketMaxSizeTextField.textField + } - headerText: "Jmin - Junk packet minimum size" - textFieldText: clientJunkPacketMinSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl + AwgTextField { + id: junkPacketMaxSizeTextField + headerText: "Jmax - Junk packet maximum size" + textField.text: clientJunkPacketMaxSize - textField.onEditingFinished: { - if (textFieldText !== clientJunkPacketMinSize) { - clientJunkPacketMinSize = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: junkPacketMaxSizeTextField.textField - } - - TextFieldWithHeaderType { - id: junkPacketMaxSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: "Jmax - Junk packet maximum size" - textFieldText: clientJunkPacketMaxSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== clientJunkPacketMaxSize) { - clientJunkPacketMaxSize = textFieldText - } - } - - checkEmptyText: true - - Keys.onTabPressed: saveButton.forceActiveFocus() - } - - Header2TextType { - Layout.fillWidth: true - Layout.topMargin: 16 - - text: qsTr("Server settings") - } - - TextFieldWithHeaderType { - id: portTextField - Layout.fillWidth: true - Layout.topMargin: 8 - - enabled: false - - headerText: qsTr("Port") - textFieldText: port - } - - TextFieldWithHeaderType { - id: initPacketJunkSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - enabled: false - - headerText: "S1 - Init packet junk size" - textFieldText: serverInitPacketJunkSize - } - - TextFieldWithHeaderType { - id: responsePacketJunkSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - enabled: false - - headerText: "S2 - Response packet junk size" - textFieldText: serverResponsePacketJunkSize - } - - TextFieldWithHeaderType { - id: initPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - enabled: false - - headerText: "H1 - Init packet magic header" - textFieldText: serverInitPacketMagicHeader - } - - TextFieldWithHeaderType { - id: responsePacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - enabled: false - - headerText: "H2 - Response packet magic header" - textFieldText: serverResponsePacketMagicHeader - } - - TextFieldWithHeaderType { - id: underloadPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - parentFlickable: fl - - enabled: false - - headerText: "H3 - Underload packet magic header" - textFieldText: serverUnderloadPacketMagicHeader - } - - TextFieldWithHeaderType { - id: transportPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - enabled: false - - headerText: "H4 - Transport packet magic header" - textFieldText: serverTransportPacketMagicHeader + textField.onEditingFinished: { + if (textField.text !== clientJunkPacketMaxSize) { + clientJunkPacketMaxSize = textField.text } } } + + AwgTextField { + id: specialJunk1TextField + headerText: qsTr("I1 - First special junk packet") + textField.text: clientSpecialJunk1 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialJunk1) { + clientSpecialJunk1 = textField.text + } + } + } + + AwgTextField { + id: specialJunk2TextField + headerText: qsTr("I2 - Second special junk packet") + textField.text: clientSpecialJunk2 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialJunk2) { + clientSpecialJunk2 = textField.text + } + } + } + + AwgTextField { + id: specialJunk3TextField + headerText: qsTr("I3 - Third special junk packet") + textField.text: clientSpecialJunk3 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialJunk3) { + clientSpecialJunk3 = textField.text + } + } + } + + AwgTextField { + id: specialJunk4TextField + headerText: qsTr("I4 - Fourth special junk packet") + textField.text: clientSpecialJunk4 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialJunk4) { + clientSpecialJunk4 = textField.text + } + } + } + + AwgTextField { + id: specialJunk5TextField + headerText: qsTr("I5 - Fifth special junk packet") + textField.text: clientSpecialJunk5 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialJunk5 ) { + clientSpecialJunk5 = textField.text + } + } + } + + AwgTextField { + id: controlledJunk1TextField + headerText: qsTr("J1 - First controlled junk packet") + textField.text: clientControlledJunk1 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientControlledJunk1) { + clientControlledJunk1 = textField.text + } + } + } + + AwgTextField { + id: controlledJunk2TextField + headerText: qsTr("J2 - Second controlled junk packet") + textField.text: clientControlledJunk2 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientControlledJunk2) { + clientControlledJunk2 = textField.text + } + } + } + + AwgTextField { + id: controlledJunk3TextField + headerText: qsTr("J3 - Third controlled junk packet") + textField.text: clientControlledJunk3 + textField.validator: null + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientControlledJunk3) { + clientControlledJunk3 = textField.text + } + } + } + + AwgTextField { + id: iTimeTextField + headerText: qsTr("Itime - Special handshake timeout") + textField.text: clientSpecialHandshakeTimeout + checkEmptyText: false + + textField.onEditingFinished: { + if (textField.text !== clientSpecialHandshakeTimeout) { + clientSpecialHandshakeTimeout = textField.text + } + } + } + + Header2TextType { + Layout.fillWidth: true + Layout.topMargin: 16 + + text: qsTr("Server settings") + } + + AwgTextField { + id: portTextField + enabled: false + + headerText: qsTr("Port") + textField.text: port + } + + AwgTextField { + id: initPacketJunkSizeTextField + enabled: false + + headerText: "S1 - Init packet junk size" + textField.text: serverInitPacketJunkSize + } + + AwgTextField { + id: responsePacketJunkSizeTextField + enabled: false + + headerText: "S2 - Response packet junk size" + textField.text: serverResponsePacketJunkSize + } + + // AwgTextField { + // id: cookieReplyPacketJunkSizeTextField + // enabled: false + + // headerText: "S3 - Cookie Reply packet junk size" + // textField.text: serverCookieReplyPacketJunkSize + // } + + // AwgTextField { + // id: transportPacketJunkSizeTextField + // enabled: false + + // headerText: "S4 - Transport packet junk size" + // textField.text: serverTransportPacketJunkSize + // } + + AwgTextField { + id: initPacketMagicHeaderTextField + enabled: false + + headerText: "H1 - Init packet magic header" + textField.text: serverInitPacketMagicHeader + } + + AwgTextField { + id: responsePacketMagicHeaderTextField + enabled: false + + headerText: "H2 - Response packet magic header" + textField.text: serverResponsePacketMagicHeader + } + + AwgTextField { + id: underloadPacketMagicHeaderTextField + enabled: false + + headerText: "H3 - Underload packet magic header" + textField.text: serverUnderloadPacketMagicHeader + } + + AwgTextField { + id: transportPacketMagicHeaderTextField + enabled: false + + headerText: "H4 - Transport packet magic header" + textField.text: serverTransportPacketMagicHeader + } + } } } @@ -283,7 +379,11 @@ PageType { text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) + onActiveFocusChanged: { + if(activeFocus) { + listview.positionViewAtEnd() + } + } clickedFunc: function() { forceActiveFocus() diff --git a/client/ui/qml/Pages2/PageProtocolAwgSettings.qml b/client/ui/qml/Pages2/PageProtocolAwgSettings.qml index 27ea66f9..699ae724 100644 --- a/client/ui/qml/Pages2/PageProtocolAwgSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolAwgSettings.qml @@ -2,6 +2,8 @@ import QtQuick import QtQuick.Controls import QtQuick.Layouts +import QtCore + import SortFilterProxyModel 0.2 import PageEnum 1.0 @@ -17,18 +19,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.portTextField.textField - - Item { - id: focusItem - onFocusChanged: { - if (activeFocus) { - fl.ensureVisible(focusItem) - } - } - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -40,341 +30,322 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview.currentItem.portTextField.textField } } - FlickableType { - id: fl + ListView { + id: listview + + property bool isFocusable: true + anchors.top: backButtonLayout.bottom anchors.bottom: parent.bottom - contentHeight: content.implicitHeight - Column { - id: content + width: parent.width - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } - ListView { - id: listview + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } - width: parent.width - height: listview.contentItem.height + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } - clip: true - interactive: false + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } - model: AwgConfigModel + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } - delegate: Item { - id: delegateItem - implicitWidth: listview.width - implicitHeight: col.implicitHeight + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } - property alias portTextField: portTextField - property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() + clip: true - ColumnLayout { - id: col + model: AwgConfigModel - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + delegate: Item { + id: delegateItem + implicitWidth: listview.width + implicitHeight: col.implicitHeight - anchors.leftMargin: 16 - anchors.rightMargin: 16 + property alias vpnAddressSubnetTextField: vpnAddressSubnetTextField + property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() - spacing: 0 + ColumnLayout { + id: col - HeaderType { - Layout.fillWidth: true + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right - headerText: qsTr("AmneziaWG settings") + anchors.leftMargin: 16 + anchors.rightMargin: 16 + + spacing: 0 + + BaseHeaderType { + Layout.fillWidth: true + + headerText: qsTr("AmneziaWG settings") + } + + TextFieldWithHeaderType { + id: vpnAddressSubnetTextField + + Layout.fillWidth: true + Layout.topMargin: 40 + + enabled: delegateItem.isEnabled + + headerText: qsTr("VPN address subnet") + textField.text: subnetAddress + + textField.onEditingFinished: { + if (textField.text !== subnetAddress) { + subnetAddress = textField.text } + } - TextFieldWithHeaderType { - id: portTextField - Layout.fillWidth: true - Layout.topMargin: 40 + checkEmptyText: true + } - enabled: delegateItem.isEnabled + TextFieldWithHeaderType { + id: portTextField + Layout.fillWidth: true + Layout.topMargin: 16 - headerText: qsTr("Port") - textFieldText: port - textField.maximumLength: 5 - textField.validator: IntValidator { bottom: 1; top: 65535 } - parentFlickable: fl + enabled: delegateItem.isEnabled - textField.onEditingFinished: { - if (textFieldText !== port) { - port = textFieldText - } + headerText: qsTr("Port") + textField.text: port + textField.maximumLength: 5 + textField.validator: IntValidator { bottom: 1; top: 65535 } + + textField.onEditingFinished: { + if (textField.text !== port) { + port = textField.text + } + } + + checkEmptyText: true + } + + AwgTextField { + id: junkPacketCountTextField + headerText: qsTr("Jc - Junk packet count") + textField.text: serverJunkPacketCount + + textField.onEditingFinished: { + if (textField.text !== serverJunkPacketCount) { + serverJunkPacketCount = textField.text + } + } + } + + AwgTextField { + id: junkPacketMinSizeTextField + headerText: qsTr("Jmin - Junk packet minimum size") + textField.text: serverJunkPacketMinSize + + textField.onEditingFinished: { + if (textField.text !== serverJunkPacketMinSize) { + serverJunkPacketMinSize = textField.text + } + } + } + + AwgTextField { + id: junkPacketMaxSizeTextField + headerText: qsTr("Jmax - Junk packet maximum size") + textField.text: serverJunkPacketMaxSize + + textField.onEditingFinished: { + if (textField.text !== serverJunkPacketMaxSize) { + serverJunkPacketMaxSize = textField.text + } + } + } + + AwgTextField { + id: initPacketJunkSizeTextField + headerText: qsTr("S1 - Init packet junk size") + textField.text: serverInitPacketJunkSize + + textField.onEditingFinished: { + if (textField.text !== serverInitPacketJunkSize) { + serverInitPacketJunkSize = textField.text + } + } + } + + AwgTextField { + id: responsePacketJunkSizeTextField + headerText: qsTr("S2 - Response packet junk size") + textField.text: serverResponsePacketJunkSize + + textField.onEditingFinished: { + if (textField.text !== serverResponsePacketJunkSize) { + serverResponsePacketJunkSize = textField.text + } + } + } + + // AwgTextField { + // id: cookieReplyPacketJunkSizeTextField + // headerText: qsTr("S3 - Cookie reply packet junk size") + // textField.text: serverCookieReplyPacketJunkSize + + // textField.onEditingFinished: { + // if (textField.text !== serverCookieReplyPacketJunkSize) { + // serverCookieReplyPacketJunkSize = textField.text + // } + // } + // } + + // AwgTextField { + // id: transportPacketJunkSizeTextField + // headerText: qsTr("S4 - Transport packet junk size") + // textField.text: serverTransportPacketJunkSize + + // textField.onEditingFinished: { + // if (textField.text !== serverTransportPacketJunkSize) { + // serverTransportPacketJunkSize = textField.text + // } + // } + // } + + AwgTextField { + id: initPacketMagicHeaderTextField + headerText: qsTr("H1 - Init packet magic header") + textField.text: serverInitPacketMagicHeader + + textField.onEditingFinished: { + if (textField.text !== serverInitPacketMagicHeader) { + serverInitPacketMagicHeader = textField.text + } + } + } + + AwgTextField { + id: responsePacketMagicHeaderTextField + headerText: qsTr("H2 - Response packet magic header") + textField.text: serverResponsePacketMagicHeader + + textField.onEditingFinished: { + if (textField.text !== serverResponsePacketMagicHeader) { + serverResponsePacketMagicHeader = textField.text + } + } + } + + AwgTextField { + id: underloadPacketMagicHeaderTextField + headerText: qsTr("H3 - Underload packet magic header") + textField.text: serverUnderloadPacketMagicHeader + + textField.onEditingFinished: { + if (textField.text !== serverUnderloadPacketMagicHeader) { + serverUnderloadPacketMagicHeader = textField.text + } + } + } + + AwgTextField { + id: transportPacketMagicHeaderTextField + headerText: qsTr("H4 - Transport packet magic header") + textField.text: serverTransportPacketMagicHeader + + textField.onEditingFinished: { + if (textField.text !== serverTransportPacketMagicHeader) { + serverTransportPacketMagicHeader = textField.text + } + } + } + + + BasicButtonType { + id: saveRestartButton + + Layout.fillWidth: true + Layout.topMargin: 24 + Layout.bottomMargin: 24 + + enabled: underloadPacketMagicHeaderTextField.errorText === "" && + transportPacketMagicHeaderTextField.errorText === "" && + responsePacketMagicHeaderTextField.errorText === "" && + initPacketMagicHeaderTextField.errorText === "" && + responsePacketJunkSizeTextField.errorText === "" && + // cookieReplyHeaderJunkTextField.errorText === "" && + // transportHeaderJunkTextField.errorText === "" && + initPacketJunkSizeTextField.errorText === "" && + junkPacketMaxSizeTextField.errorText === "" && + junkPacketMinSizeTextField.errorText === "" && + junkPacketCountTextField.errorText === "" && + portTextField.errorText === "" && + vpnAddressSubnetTextField.errorText === "" + + text: qsTr("Save") + + onActiveFocusChanged: { + if(activeFocus) { + listview.positionViewAtEnd() + } + } + + clickedFunc: function() { + forceActiveFocus() + + if (delegateItem.isEnabled) { + if (AwgConfigModel.isHeadersEqual(underloadPacketMagicHeaderTextField.textField.text, + transportPacketMagicHeaderTextField.textField.text, + responsePacketMagicHeaderTextField.textField.text, + initPacketMagicHeaderTextField.textField.text)) { + PageController.showErrorMessage(qsTr("The values of the H1-H4 fields must be unique")) + return } - checkEmptyText: true - - KeyNavigation.tab: junkPacketCountTextField.textField + if (AwgConfigModel.isPacketSizeEqual(parseInt(initPacketJunkSizeTextField.textField.text), + parseInt(responsePacketJunkSizeTextField.textField.text))) { + PageController.showErrorMessage(qsTr("The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92)")) + return + } + // if (AwgConfigModel.isPacketSizeEqual(parseInt(initPacketJunkSizeTextField.textField.text), + // parseInt(responsePacketJunkSizeTextField.textField.text), + // parseInt(cookieReplyPacketJunkSizeTextField.textField.text), + // parseInt(transportPacketJunkSizeTextField.textField.text))) { + // PageController.showErrorMessage(qsTr("The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92) + S3 + cookie reply size (64) + S4 + transport packet size (32)")) + // return + // } } - TextFieldWithHeaderType { - id: junkPacketCountTextField - Layout.fillWidth: true - Layout.topMargin: 16 + var headerText = qsTr("Save settings?") + var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") - headerText: qsTr("Jc - Junk packet count") - textFieldText: serverJunkPacketCount - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText === "") { - textFieldText = "0" - } - - if (textFieldText !== serverJunkPacketCount) { - serverJunkPacketCount = textFieldText - } + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) + return } - checkEmptyText: true - - KeyNavigation.tab: junkPacketMinSizeTextField.textField + PageController.goToPage(PageEnum.PageSetupWizardInstalling); + InstallController.updateContainer(AwgConfigModel.getConfig()) } - - TextFieldWithHeaderType { - id: junkPacketMinSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("Jmin - Junk packet minimum size") - textFieldText: serverJunkPacketMinSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverJunkPacketMinSize) { - serverJunkPacketMinSize = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: junkPacketMaxSizeTextField.textField - } - - TextFieldWithHeaderType { - id: junkPacketMaxSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("Jmax - Junk packet maximum size") - textFieldText: serverJunkPacketMaxSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverJunkPacketMaxSize) { - serverJunkPacketMaxSize = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: initPacketJunkSizeTextField.textField - } - - TextFieldWithHeaderType { - id: initPacketJunkSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("S1 - Init packet junk size") - textFieldText: serverInitPacketJunkSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverInitPacketJunkSize) { - serverInitPacketJunkSize = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: responsePacketJunkSizeTextField.textField - } - - TextFieldWithHeaderType { - id: responsePacketJunkSizeTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("S2 - Response packet junk size") - textFieldText: serverResponsePacketJunkSize - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverResponsePacketJunkSize) { - serverResponsePacketJunkSize = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: initPacketMagicHeaderTextField.textField - } - - TextFieldWithHeaderType { - id: initPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("H1 - Init packet magic header") - textFieldText: serverInitPacketMagicHeader - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverInitPacketMagicHeader) { - serverInitPacketMagicHeader = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: responsePacketMagicHeaderTextField.textField - } - - TextFieldWithHeaderType { - id: responsePacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("H2 - Response packet magic header") - textFieldText: serverResponsePacketMagicHeader - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverResponsePacketMagicHeader) { - serverResponsePacketMagicHeader = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: transportPacketMagicHeaderTextField.textField - } - - TextFieldWithHeaderType { - id: transportPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - - headerText: qsTr("H4 - Transport packet magic header") - textFieldText: serverTransportPacketMagicHeader - textField.validator: IntValidator { bottom: 0 } - parentFlickable: fl - - textField.onEditingFinished: { - if (textFieldText !== serverTransportPacketMagicHeader) { - serverTransportPacketMagicHeader = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: underloadPacketMagicHeaderTextField.textField - } - - TextFieldWithHeaderType { - id: underloadPacketMagicHeaderTextField - Layout.fillWidth: true - Layout.topMargin: 16 - parentFlickable: fl - - headerText: qsTr("H3 - Underload packet magic header") - textFieldText: serverUnderloadPacketMagicHeader - textField.validator: IntValidator { bottom: 0 } - - textField.onEditingFinished: { - if (textFieldText !== serverUnderloadPacketMagicHeader) { - serverUnderloadPacketMagicHeader = textFieldText - } - } - - checkEmptyText: true - - KeyNavigation.tab: saveRestartButton - } - - BasicButtonType { - id: saveRestartButton - parentFlickable: fl - - Layout.fillWidth: true - Layout.topMargin: 24 - Layout.bottomMargin: 24 - - enabled: underloadPacketMagicHeaderTextField.errorText === "" && - transportPacketMagicHeaderTextField.errorText === "" && - responsePacketMagicHeaderTextField.errorText === "" && - initPacketMagicHeaderTextField.errorText === "" && - responsePacketJunkSizeTextField.errorText === "" && - initPacketJunkSizeTextField.errorText === "" && - junkPacketMaxSizeTextField.errorText === "" && - junkPacketMinSizeTextField.errorText === "" && - junkPacketCountTextField.errorText === "" && - portTextField.errorText === "" - - text: qsTr("Save") - - Keys.onTabPressed: lastItemTabClicked(focusItem) - - clickedFunc: function() { - forceActiveFocus() - - if (delegateItem.isEnabled) { - if (AwgConfigModel.isHeadersEqual(underloadPacketMagicHeaderTextField.textField.text, - transportPacketMagicHeaderTextField.textField.text, - responsePacketMagicHeaderTextField.textField.text, - initPacketMagicHeaderTextField.textField.text)) { - PageController.showErrorMessage(qsTr("The values of the H1-H4 fields must be unique")) - return - } - - if (AwgConfigModel.isPacketSizeEqual(parseInt(initPacketJunkSizeTextField.textField.text), - parseInt(responsePacketJunkSizeTextField.textField.text))) { - PageController.showErrorMessage(qsTr("The value of the field S1 + message initiation size (148) must not equal S2 + message response size (92)")) - return - } - } - - var headerText = qsTr("Save settings?") - var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") - var yesButtonText = qsTr("Continue") - var noButtonText = qsTr("Cancel") - - var yesButtonFunction = function() { - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) - return - } - - PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.updateContainer(AwgConfigModel.getConfig()) - } - var noButtonFunction = function() { - if (!GC.isMobile()) { - saveRestartButton.forceActiveFocus() - } - } - showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + var noButtonFunction = function() { + if (!GC.isMobile()) { + saveRestartButton.forceActiveFocus() } } + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } } } diff --git a/client/ui/qml/Pages2/PageProtocolCloakSettings.qml b/client/ui/qml/Pages2/PageProtocolCloakSettings.qml index 5089a764..8e5129b0 100644 --- a/client/ui/qml/Pages2/PageProtocolCloakSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolCloakSettings.qml @@ -16,13 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.trafficFromField.textField - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -34,7 +27,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview.currentItem.trafficFromField.textField } } @@ -56,19 +48,24 @@ PageType { ListView { id: listview + property int selectedIndex: 0 + width: parent.width height: listview.contentItem.height clip: true - interactive: false + reuseItems: true model: CloakConfigModel delegate: Item { - implicitWidth: listview.width - implicitHeight: col.implicitHeight + id: delegateItem property alias trafficFromField: trafficFromField + property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() + + implicitWidth: listview.width + implicitHeight: col.implicitHeight ColumnLayout { id: col @@ -82,9 +79,8 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true - headerText: qsTr("Cloak settings") } @@ -94,24 +90,26 @@ PageType { Layout.fillWidth: true Layout.topMargin: 32 + enabled: delegateItem.isEnabled + headerText: qsTr("Disguised as traffic from") - textFieldText: site + textField.text: site textField.onEditingFinished: { - if (textFieldText !== site) { - var tmpText = textFieldText + if (textField.text !== site) { + var tmpText = textField.text tmpText = tmpText.toLocaleLowerCase() var indexHttps = tmpText.indexOf("https://") if (indexHttps === 0) { - tmpText = textFieldText.substring(8) + tmpText = textField.text.substring(8) } else { - site = textFieldText + site = textField.text } } } - KeyNavigation.tab: portTextField.textField + checkEmptyText: true } TextFieldWithHeaderType { @@ -120,18 +118,20 @@ PageType { Layout.fillWidth: true Layout.topMargin: 16 + enabled: delegateItem.isEnabled + headerText: qsTr("Port") - textFieldText: port + textField.text: port textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } textField.onEditingFinished: { - if (textFieldText !== port) { - port = textFieldText + if (textField.text !== port) { + port = textField.text } } - KeyNavigation.tab: cipherDropDown + checkEmptyText: true } DropDownType { @@ -139,11 +139,12 @@ PageType { Layout.fillWidth: true Layout.topMargin: 16 + enabled: delegateItem.isEnabled + descriptionText: qsTr("Cipher") headerText: qsTr("Cipher") drawerParent: root - KeyNavigation.tab: saveRestartButton listView: ListViewWithRadioButtonType { id: cipherListView @@ -161,7 +162,7 @@ PageType { clickedFunction: function() { cipherDropDown.text = selectedText cipher = cipherDropDown.text - cipherDropDown.close() + cipherDropDown.closeTriggered() } Component.onCompleted: { @@ -169,7 +170,7 @@ PageType { for (var i = 0; i < cipherListView.model.count; i++) { if (cipherListView.model.get(i).name === cipherDropDown.text) { - currentIndex = i + selectedIndex = i } } } @@ -177,26 +178,46 @@ PageType { } BasicButtonType { - id: saveRestartButton + id: saveButton Layout.fillWidth: true Layout.topMargin: 24 Layout.bottomMargin: 24 + enabled: trafficFromField.errorText === "" && + portTextField.errorText === "" + text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { forceActiveFocus() - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) - return + var headerText = qsTr("Save settings?") + var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) + return + } + + PageController.goToPage(PageEnum.PageSetupWizardInstalling) + InstallController.updateContainer(CloakConfigModel.getConfig()) } - PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.updateContainer(CloakConfigModel.getConfig()) + var noButtonFunction = function() { + if (!GC.isMobile()) { + saveButton.forceActiveFocus() + } + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } + + Keys.onEnterPressed: saveButton.clicked() + Keys.onReturnPressed: saveButton.clicked() } } } diff --git a/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml b/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml index 30540a93..62cbd1f6 100644 --- a/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml @@ -17,18 +17,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.vpnAddressSubnetTextField.textField - - Item { - id: focusItem - KeyNavigation.tab: backButton - onActiveFocusChanged: { - if (activeFocus) { - fl.ensureVisible(focusItem) - } - } - } - ColumnLayout { id: backButtonLayout @@ -40,7 +28,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview.currentItem.vpnAddressSubnetTextField.textField } } @@ -71,10 +58,13 @@ PageType { model: OpenVpnConfigModel delegate: Item { - implicitWidth: listview.width - implicitHeight: col.implicitHeight + id: delegateItem property alias vpnAddressSubnetTextField: vpnAddressSubnetTextField + property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() + + implicitWidth: listview.width + implicitHeight: col.implicitHeight ColumnLayout { id: col @@ -88,9 +78,8 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true - headerText: qsTr("OpenVPN settings") } @@ -100,17 +89,20 @@ PageType { Layout.fillWidth: true Layout.topMargin: 32 + enabled: delegateItem.isEnabled + headerText: qsTr("VPN address subnet") - textFieldText: subnetAddress + textField.text: subnetAddress parentFlickable: fl - KeyNavigation.tab: transportProtoSelector textField.onEditingFinished: { - if (textFieldText !== subnetAddress) { - subnetAddress = textFieldText + if (textField.text !== subnetAddress) { + subnetAddress = textField.text } } + + checkEmptyText: true } ParagraphTextType { @@ -132,8 +124,6 @@ PageType { return transportProto === "tcp" ? 1 : 0 } - KeyNavigation.tab: portTextField.enabled ? portTextField.textField : autoNegotiateEncryprionSwitcher - onCurrentIndexChanged: { if (transportProto === "tcp" && currentIndex === 0) { transportProto = "udp" @@ -150,20 +140,20 @@ PageType { Layout.topMargin: 40 parentFlickable: fl - enabled: isPortEditable + enabled: delegateItem.isEnabled headerText: qsTr("Port") - textFieldText: port + textField.text: port textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } textField.onEditingFinished: { - if (textFieldText !== port) { - port = textFieldText + if (textField.text !== port) { + port = textField.text } } - KeyNavigation.tab: autoNegotiateEncryprionSwitcher + checkEmptyText: true } SwitcherType { @@ -181,10 +171,6 @@ PageType { autoNegotiateEncryprion = checked } } - - KeyNavigation.tab: hashDropDown.enabled ? - hashDropDown : - tlsAuthCheckBox } DropDownType { @@ -198,10 +184,6 @@ PageType { headerText: qsTr("Hash") drawerParent: root - parentFlickable: fl - KeyNavigation.tab: cipherDropDown.enabled ? - cipherDropDown : - tlsAuthCheckBox listView: ListViewWithRadioButtonType { id: hashListView @@ -224,7 +206,7 @@ PageType { clickedFunction: function() { hashDropDown.text = selectedText hash = hashDropDown.text - hashDropDown.close() + hashDropDown.closeTriggered() } Component.onCompleted: { @@ -250,9 +232,6 @@ PageType { headerText: qsTr("Cipher") drawerParent: root - parentFlickable: fl - - KeyNavigation.tab: tlsAuthCheckBox listView: ListViewWithRadioButtonType { id: cipherListView @@ -275,7 +254,7 @@ PageType { clickedFunction: function() { cipherDropDown.text = selectedText cipher = cipherDropDown.text - cipherDropDown.close() + cipherDropDown.closeTriggered() } Component.onCompleted: { @@ -320,8 +299,6 @@ PageType { text: qsTr("TLS auth") checked: tlsAuth - KeyNavigation.tab: blockDnsCheckBox - onCheckedChanged: { if (checked !== tlsAuth) { console.log("tlsAuth changed to: " + checked) @@ -339,8 +316,6 @@ PageType { text: qsTr("Block DNS requests outside of VPN") checked: blockDns - KeyNavigation.tab: additionalClientCommandsSwitcher - onCheckedChanged: { if (checked !== blockDns) { blockDns = checked @@ -355,9 +330,6 @@ PageType { Layout.fillWidth: true Layout.topMargin: 32 parentFlickable: fl - KeyNavigation.tab: additionalClientCommandsTextArea.visible ? - additionalClientCommandsTextArea.textArea : - additionalServerCommandsSwitcher checked: additionalClientCommands !== "" @@ -376,7 +348,7 @@ PageType { Layout.topMargin: 16 visible: additionalClientCommandsSwitcher.checked - KeyNavigation.tab: additionalServerCommandsSwitcher + parentFlickable: fl textAreaText: additionalClientCommands @@ -394,9 +366,6 @@ PageType { Layout.fillWidth: true Layout.topMargin: 16 parentFlickable: fl - KeyNavigation.tab: additionalServerCommandsTextArea.visible ? - additionalServerCommandsTextArea.textArea : - saveRestartButton checked: additionalServerCommands !== "" @@ -419,7 +388,6 @@ PageType { textAreaText: additionalServerCommands placeholderText: qsTr("Commands:") parentFlickable: fl - KeyNavigation.tab: saveRestartButton textArea.onEditingFinished: { if (additionalServerCommands !== textAreaText) { additionalServerCommands = textAreaText @@ -428,27 +396,45 @@ PageType { } BasicButtonType { - id: saveRestartButton + id: saveButton Layout.fillWidth: true Layout.topMargin: 24 Layout.bottomMargin: 24 + enabled: vpnAddressSubnetTextField.errorText === "" && + portTextField.errorText === "" + text: qsTr("Save") parentFlickable: fl - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { + onClicked: function() { forceActiveFocus() - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) - return - } + var headerText = qsTr("Save settings?") + var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") - PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.updateContainer(OpenVpnConfigModel.getConfig()) + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) + return + } + + PageController.goToPage(PageEnum.PageSetupWizardInstalling); + InstallController.updateContainer(OpenVpnConfigModel.getConfig()) + } + var noButtonFunction = function() { + if (!GC.isMobile()) { + saveButton.forceActiveFocus() + } + } + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } + + Keys.onEnterPressed: saveButton.clicked() + Keys.onReturnPressed: saveButton.clicked() } } } diff --git a/client/ui/qml/Pages2/PageProtocolRaw.qml b/client/ui/qml/Pages2/PageProtocolRaw.qml index 24853afd..bba3eafe 100644 --- a/client/ui/qml/Pages2/PageProtocolRaw.qml +++ b/client/ui/qml/Pages2/PageProtocolRaw.qml @@ -19,13 +19,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: header @@ -37,10 +30,9 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listView } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -75,13 +67,6 @@ PageType { activeFocusOnTab: true focus: true - onActiveFocusChanged: { - if (focus) { - listView.currentIndex = 0 - listView.currentItem.focusItem.forceActiveFocus() - } - } - delegate: Item { implicitWidth: parent.width implicitHeight: delegateContent.implicitHeight @@ -101,11 +86,9 @@ PageType { text: qsTr("Show connection options") clickedFunction: function() { - configContentDrawer.open() + configContentDrawer.openTriggered() } - KeyNavigation.tab: removeButton - MouseArea { anchors.fill: button cursorShape: Qt.PointingHandCursor @@ -120,31 +103,12 @@ PageType { expandedHeight: root.height * 0.9 - onClosed: { - if (!GC.isMobile()) { - defaultActiveFocusItem.forceActiveFocus() - } - } - parent: root anchors.fill: parent - expandedContent: Item { + expandedStateContent: Item { implicitHeight: configContentDrawer.expandedHeight - Connections { - target: configContentDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem1.forceActiveFocus() - } - } - - Item { - id: focusItem1 - KeyNavigation.tab: backButton1 - } - BackButtonType { id: backButton1 @@ -154,10 +118,8 @@ PageType { anchors.topMargin: 16 backButtonFunction: function() { - configContentDrawer.close() + configContentDrawer.closeTriggered() } - - KeyNavigation.tab: focusItem1 } FlickableType { @@ -226,7 +188,6 @@ PageType { text: qsTr("Remove ") + ContainersModel.getProcessedContainerName() textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunction: function() { var headerText = qsTr("Remove %1 from server?").arg(ContainersModel.getProcessedContainerName()) var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") diff --git a/client/ui/qml/Pages2/PageProtocolShadowSocksSettings.qml b/client/ui/qml/Pages2/PageProtocolShadowSocksSettings.qml index 4d3b2c4e..92df3ec7 100644 --- a/client/ui/qml/Pages2/PageProtocolShadowSocksSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolShadowSocksSettings.qml @@ -16,15 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.focusItemId.enabled ? - listview.currentItem.focusItemId.textField : - focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -36,9 +27,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview.currentItem.focusItemId.enabled ? - listview.currentItem.focusItemId.textField : - focusItem } } @@ -69,15 +57,13 @@ PageType { model: ShadowSocksConfigModel delegate: Item { + id: delegateItem + + property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() + implicitWidth: listview.width implicitHeight: col.implicitHeight - property var focusItemId: portTextField.enabled ? - portTextField : - cipherDropDown.enabled ? - cipherDropDown : - saveRestartButton - ColumnLayout { id: col @@ -90,9 +76,8 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true - headerText: qsTr("Shadowsocks settings") } @@ -102,20 +87,20 @@ PageType { Layout.fillWidth: true Layout.topMargin: 40 - enabled: isPortEditable + enabled: delegateItem.isEnabled headerText: qsTr("Port") - textFieldText: port + textField.text: port textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } textField.onEditingFinished: { - if (textFieldText !== port) { - port = textFieldText + if (textField.text !== port) { + port = textField.text } } - KeyNavigation.tab: cipherDropDown + checkEmptyText: true } DropDownType { @@ -123,15 +108,15 @@ PageType { Layout.fillWidth: true Layout.topMargin: 20 - enabled: isCipherEditable + enabled: delegateItem.isEnabled descriptionText: qsTr("Cipher") headerText: qsTr("Cipher") drawerParent: root - KeyNavigation.tab: saveRestartButton listView: ListViewWithRadioButtonType { + id: cipherListView rootWidth: root.width @@ -147,7 +132,7 @@ PageType { clickedFunction: function() { cipherDropDown.text = selectedText cipher = cipherDropDown.text - cipherDropDown.close() + cipherDropDown.closeTriggered() } Component.onCompleted: { @@ -163,28 +148,43 @@ PageType { } BasicButtonType { - id: saveRestartButton + id: saveButton Layout.fillWidth: true Layout.topMargin: 24 Layout.bottomMargin: 24 - enabled: isPortEditable | isCipherEditable + enabled: portTextField.errorText === "" text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { forceActiveFocus() - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) - return - } + var headerText = qsTr("Save settings?") + var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") - PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.updateContainer(ShadowSocksConfigModel.getConfig()) + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) + return + } + + PageController.goToPage(PageEnum.PageSetupWizardInstalling); + InstallController.updateContainer(ShadowSocksConfigModel.getConfig()) + } + var noButtonFunction = function() { + if (!GC.isMobile()) { + saveButton.forceActiveFocus() + } + } + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } + + Keys.onEnterPressed: saveButton.clicked() + Keys.onReturnPressed: saveButton.clicked() } } } diff --git a/client/ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml b/client/ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml index 007de5ca..96ec1dc6 100644 --- a/client/ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml @@ -16,8 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview.currentItem.mtuTextField.textField - Item { id: focusItem onFocusChanged: { @@ -87,7 +85,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("WG settings") @@ -99,12 +97,12 @@ PageType { Layout.topMargin: 40 headerText: qsTr("MTU") - textFieldText: clientMtu + textField.text: clientMtu textField.validator: IntValidator { bottom: 576; top: 65535 } textField.onEditingFinished: { - if (textFieldText !== clientMtu) { - clientMtu = textFieldText + if (textField.text !== clientMtu) { + clientMtu = textField.text } } checkEmptyText: true @@ -126,7 +124,7 @@ PageType { enabled: false headerText: qsTr("Port") - textFieldText: port + textField.text: port } } } @@ -150,8 +148,6 @@ PageType { text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { forceActiveFocus() var headerText = qsTr("Save settings?") diff --git a/client/ui/qml/Pages2/PageProtocolWireGuardSettings.qml b/client/ui/qml/Pages2/PageProtocolWireGuardSettings.qml index b5d08132..21b35bc1 100644 --- a/client/ui/qml/Pages2/PageProtocolWireGuardSettings.qml +++ b/client/ui/qml/Pages2/PageProtocolWireGuardSettings.qml @@ -16,13 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -34,7 +27,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview } } @@ -64,17 +56,10 @@ PageType { model: WireGuardConfigModel - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - listview.itemAtIndex(0)?.focusItemId.forceActiveFocus() - } - } - delegate: Item { id: delegateItem - property alias focusItemId: portTextField.textField + property alias focusItemId: vpnAddressSubnetTextField property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() implicitWidth: listview.width @@ -92,28 +77,45 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("WG settings") } TextFieldWithHeaderType { - id: portTextField + id: vpnAddressSubnetTextField Layout.fillWidth: true Layout.topMargin: 40 enabled: delegateItem.isEnabled + headerText: qsTr("VPN address subnet") + textField.text: subnetAddress + + textField.onEditingFinished: { + if (textField.text !== subnetAddress) { + subnetAddress = textField.text + } + } + + checkEmptyText: true + } + + TextFieldWithHeaderType { + id: portTextField + Layout.fillWidth: true + Layout.topMargin: 16 + + enabled: delegateItem.isEnabled + headerText: qsTr("Port") - textFieldText: port + textField.text: port textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } - KeyNavigation.tab: saveButton - textField.onEditingFinished: { - if (textFieldText !== port) { - port = textFieldText + if (textField.text !== port) { + port = textField.text } } @@ -126,12 +128,11 @@ PageType { Layout.topMargin: 24 Layout.bottomMargin: 24 - enabled: portTextField.errorText === "" + enabled: portTextField.errorText === "" && + vpnAddressSubnetTextField.errorText === "" text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) - onClicked: function() { forceActiveFocus() @@ -151,7 +152,7 @@ PageType { } var noButtonFunction = function() { if (!GC.isMobile()) { - saveRestartButton.forceActiveFocus() + saveButton.forceActiveFocus() } } showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) diff --git a/client/ui/qml/Pages2/PageProtocolXraySettings.qml b/client/ui/qml/Pages2/PageProtocolXraySettings.qml index 20ee1da6..0bcd14de 100644 --- a/client/ui/qml/Pages2/PageProtocolXraySettings.qml +++ b/client/ui/qml/Pages2/PageProtocolXraySettings.qml @@ -17,13 +17,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -35,7 +28,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview } } @@ -65,15 +57,11 @@ PageType { model: XrayConfigModel - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - listview.itemAtIndex(0)?.focusItemId.forceActiveFocus() - } - } - delegate: Item { + id: delegateItem + property alias focusItemId: textFieldWithHeaderType.textField + property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess() implicitWidth: listview.width implicitHeight: col.implicitHeight @@ -90,7 +78,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("XRay settings") } @@ -100,51 +88,87 @@ PageType { Layout.fillWidth: true Layout.topMargin: 32 - headerText: qsTr("Disguised as traffic from") - textFieldText: site + enabled: delegateItem.isEnabled - KeyNavigation.tab: basicButton + headerText: qsTr("Disguised as traffic from") + textField.text: site textField.onEditingFinished: { - if (textFieldText !== site) { - var tmpText = textFieldText + if (textField.text !== site) { + var tmpText = textField.text tmpText = tmpText.toLocaleLowerCase() - var indexHttps = tmpText.indexOf("https://") - if (indexHttps === 0) { - tmpText = textFieldText.substring(8) + if (tmpText.startsWith("https://")) { + tmpText = textField.text.substring(8) + site = tmpText } else { - site = textFieldText + site = textField.text } } } + + checkEmptyText: true + } + + TextFieldWithHeaderType { + id: portTextField + Layout.fillWidth: true + Layout.topMargin: 16 + + enabled: delegateItem.isEnabled + + headerText: qsTr("Port") + textField.text: port + textField.maximumLength: 5 + textField.validator: IntValidator { bottom: 1; top: 65535 } + + textField.onEditingFinished: { + if (textField.text !== port) { + port = textField.text + } + } + + checkEmptyText: true } BasicButtonType { - id: basicButton + id: saveButton Layout.fillWidth: true Layout.topMargin: 24 Layout.bottomMargin: 24 + enabled: portTextField.errorText === "" + text: qsTr("Save") - Keys.onTabPressed: lastItemTabClicked(focusItem) - - onClicked: { + onClicked: function() { forceActiveFocus() - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) - return - } + var headerText = qsTr("Save settings?") + var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") - PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.updateContainer(XrayConfigModel.getConfig()) - focusItem.forceActiveFocus() + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection")) + return + } + + PageController.goToPage(PageEnum.PageSetupWizardInstalling); + InstallController.updateContainer(XrayConfigModel.getConfig()) + //focusItem.forceActiveFocus() + } + var noButtonFunction = function() { + if (!GC.isMobile()) { + saveButton.forceActiveFocus() + } + } + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } - Keys.onEnterPressed: basicButton.clicked() - Keys.onReturnPressed: basicButton.clicked() + Keys.onEnterPressed: saveButton.clicked() + Keys.onReturnPressed: saveButton.clicked() } } } diff --git a/client/ui/qml/Pages2/PageServiceDnsSettings.qml b/client/ui/qml/Pages2/PageServiceDnsSettings.qml index bb3cbf96..d534f991 100644 --- a/client/ui/qml/Pages2/PageServiceDnsSettings.qml +++ b/client/ui/qml/Pages2/PageServiceDnsSettings.qml @@ -16,13 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -34,7 +27,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: removeButton } } @@ -51,7 +43,7 @@ PageType { anchors.left: parent.left anchors.right: parent.right - HeaderType { + BaseHeaderType { id: header Layout.fillWidth: true @@ -72,8 +64,6 @@ PageType { text: qsTr("Remove ") + ContainersModel.getProcessedContainerName() textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: root.lastItemTabClicked() - clickedFunction: function() { var headerText = qsTr("Remove %1 from server?").arg(ContainersModel.getProcessedContainerName()) var yesButtonText = qsTr("Continue") diff --git a/client/ui/qml/Pages2/PageServiceSftpSettings.qml b/client/ui/qml/Pages2/PageServiceSftpSettings.qml index 9bdbf2db..b58cb2e0 100644 --- a/client/ui/qml/Pages2/PageServiceSftpSettings.qml +++ b/client/ui/qml/Pages2/PageServiceSftpSettings.qml @@ -16,8 +16,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - Connections { target: InstallController @@ -26,11 +24,6 @@ PageType { } } - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -42,7 +35,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview } } @@ -93,7 +85,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -107,7 +99,6 @@ PageType { Layout.topMargin: 32 parentFlickable: fl - KeyNavigation.tab: portLabel.rightButton text: qsTr("Host") descriptionText: ServersModel.getProcessedServerData("hostName") @@ -136,7 +127,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - KeyNavigation.tab: usernameLabel.rightButton rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -160,7 +150,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - KeyNavigation.tab: passwordLabel.eyeButton rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -184,14 +173,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - eyeButton.KeyNavigation.tab: passwordLabel.rightButton - rightButton.Keys.onTabPressed: { - if (mountButton.visible) { - mountButton.forceActiveFocus() - } else { - detailedInstructionsButton.forceActiveFocus() - } - } rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -225,7 +206,6 @@ PageType { borderWidth: 1 parentFlickable: fl - KeyNavigation.tab: detailedInstructionsButton text: qsTr("Mount folder on device") @@ -290,7 +270,6 @@ PageType { text: qsTr("Detailed instructions") parentFlickable: fl - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { // Qt.openUrlExternally("https://github.com/amnezia-vpn/desktop-client/releases/latest") diff --git a/client/ui/qml/Pages2/PageServiceSocksProxySettings.qml b/client/ui/qml/Pages2/PageServiceSocksProxySettings.qml index 9d21963d..b1daa0fb 100644 --- a/client/ui/qml/Pages2/PageServiceSocksProxySettings.qml +++ b/client/ui/qml/Pages2/PageServiceSocksProxySettings.qml @@ -17,8 +17,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: listview - Connections { target: InstallController @@ -27,11 +25,6 @@ PageType { } } - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -43,7 +36,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: listview } } @@ -85,7 +77,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -99,7 +91,6 @@ PageType { Layout.topMargin: 32 parentFlickable: fl - KeyNavigation.tab: portLabel.rightButton text: qsTr("Host") descriptionText: ServersModel.getProcessedServerData("hostName") @@ -128,7 +119,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - KeyNavigation.tab: usernameLabel.rightButton rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -152,7 +142,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - KeyNavigation.tab: passwordLabel.eyeButton rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -176,8 +165,6 @@ PageType { descriptionOnTop: true parentFlickable: fl - eyeButton.KeyNavigation.tab: passwordLabel.rightButton - rightButton.KeyNavigation.tab: changeSettingsButton rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray @@ -200,13 +187,7 @@ PageType { anchors.fill: parent expandedHeight: root.height * 0.9 - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } - - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { property string tempPort: port property string tempUsername: username property string tempPassword: password @@ -222,9 +203,6 @@ PageType { Connections { target: changeSettingsDrawer function onOpened() { - if (!GC.isMobile()) { - drawerFocusItem.forceActiveFocus() - } tempPort = port tempUsername = username tempPassword = password @@ -233,18 +211,13 @@ PageType { port = tempPort username = tempUsername password = tempPassword - portTextField.textFieldText = port - usernameTextField.textFieldText = username - passwordTextField.textFieldText = password + portTextField.textField.text = port + usernameTextField.textField.text = username + passwordTextField.textField.text = password } } - Item { - id: drawerFocusItem - KeyNavigation.tab: portTextField.textField - } - - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("SOCKS5 settings") @@ -258,18 +231,16 @@ PageType { parentFlickable: fl headerText: qsTr("Port") - textFieldText: port + textField.text: port textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } textField.onEditingFinished: { - textFieldText = textField.text.replace(/^\s+|\s+$/g, '') - if (textFieldText !== port) { - port = textFieldText + textField.text = textField.text.replace(/^\s+|\s+$/g, '') + if (textField.text !== port) { + port = textField.text } } - - KeyNavigation.tab: usernameTextField.textField } TextFieldWithHeaderType { @@ -280,18 +251,16 @@ PageType { parentFlickable: fl headerText: qsTr("Username") - textFieldPlaceholderText: "username" - textFieldText: username + textField.placeholderText: "username" + textField.text: username textField.maximumLength: 32 textField.onEditingFinished: { - textFieldText = textField.text.replace(/^\s+|\s+$/g, '') - if (textFieldText !== username) { - username = textFieldText + textField.text = textField.text.replace(/^\s+|\s+$/g, '') + if (textField.text !== username) { + username = textField.text } } - - KeyNavigation.tab: passwordTextField.textField } TextFieldWithHeaderType { @@ -304,12 +273,12 @@ PageType { parentFlickable: fl headerText: qsTr("Password") - textFieldPlaceholderText: "password" - textFieldText: password + textField.placeholderText: "password" + textField.text: password textField.maximumLength: 32 textField.echoMode: hidePassword ? TextInput.Password : TextInput.Normal - buttonImageSource: textFieldText !== "" ? (hidePassword ? "qrc:/images/controls/eye.svg" : "qrc:/images/controls/eye-off.svg") + buttonImageSource: textField.text !== "" ? (hidePassword ? "qrc:/images/controls/eye.svg" : "qrc:/images/controls/eye-off.svg") : "" clickedFunc: function() { @@ -317,13 +286,11 @@ PageType { } textField.onFocusChanged: { - textFieldText = textField.text.replace(/^\s+|\s+$/g, '') - if (textFieldText !== password) { - password = textFieldText + textField.text = textField.text.replace(/^\s+|\s+$/g, '') + if (textField.text !== password) { + password = textField.text } } - - KeyNavigation.tab: saveButton } BasicButtonType { @@ -334,7 +301,6 @@ PageType { Layout.bottomMargin: 24 text: qsTr("Change connection settings") - Keys.onTabPressed: lastItemTabClicked(drawerFocusItem) clickedFunc: function() { forceActiveFocus() @@ -343,20 +309,20 @@ PageType { portTextField.errorText = qsTr("The port must be in the range of 1 to 65535") return } - if (usernameTextField.textFieldText && passwordTextField.textFieldText === "") { + if (usernameTextField.textField.text && passwordTextField.textField.text === "") { passwordTextField.errorText = qsTr("Password cannot be empty") return - } else if (usernameTextField.textFieldText === "" && passwordTextField.textFieldText) { + } else if (usernameTextField.textField.text === "" && passwordTextField.textField.text) { usernameTextField.errorText = qsTr("Username cannot be empty") return } PageController.goToPage(PageEnum.PageSetupWizardInstalling) InstallController.updateContainer(Socks5ProxyConfigModel.getConfig()) - tempPort = portTextField.textFieldText - tempUsername = usernameTextField.textFieldText - tempPassword = passwordTextField.textFieldText - changeSettingsDrawer.close() + tempPort = portTextField.textField.text + tempUsername = usernameTextField.textField.text + tempPassword = passwordTextField.textField.text + changeSettingsDrawer.closeTriggered() } } } @@ -372,11 +338,10 @@ PageType { Layout.rightMargin: 16 text: qsTr("Change connection settings") - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { forceActiveFocus() - changeSettingsDrawer.open() + changeSettingsDrawer.openTriggered() } } } diff --git a/client/ui/qml/Pages2/PageServiceTorWebsiteSettings.qml b/client/ui/qml/Pages2/PageServiceTorWebsiteSettings.qml index 946a77bb..200beeb8 100644 --- a/client/ui/qml/Pages2/PageServiceTorWebsiteSettings.qml +++ b/client/ui/qml/Pages2/PageServiceTorWebsiteSettings.qml @@ -17,8 +17,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - Connections { target: InstallController @@ -27,11 +25,6 @@ PageType { } } - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: backButtonLayout @@ -43,7 +36,6 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: websiteName.rightButton } } @@ -62,7 +54,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -88,8 +80,6 @@ PageType { rightImageSource: "qrc:/images/controls/copy.svg" rightImageColor: AmneziaStyle.color.paleGray - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunction: function() { GC.copyToClipBoard(descriptionText) PageController.showNotificationMessage(qsTr("Copied")) diff --git a/client/ui/qml/Pages2/PageSettings.qml b/client/ui/qml/Pages2/PageSettings.qml index bb5ca766..bb83ec92 100644 --- a/client/ui/qml/Pages2/PageSettings.qml +++ b/client/ui/qml/Pages2/PageSettings.qml @@ -14,8 +14,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: header - FlickableType { id: fl anchors.top: parent.top @@ -31,7 +29,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { id: header Layout.fillWidth: true Layout.topMargin: 24 @@ -39,8 +37,6 @@ PageType { Layout.leftMargin: 16 headerText: qsTr("Settings") - - KeyNavigation.tab: account.rightButton } LabelWithButtonType { @@ -55,8 +51,6 @@ PageType { clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsServersList) } - - KeyNavigation.tab: connection.rightButton } DividerType {} @@ -72,8 +66,6 @@ PageType { clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsConnection) } - - KeyNavigation.tab: application.rightButton } DividerType {} @@ -89,8 +81,6 @@ PageType { clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsApplication) } - - KeyNavigation.tab: backup.rightButton } DividerType {} @@ -106,8 +96,6 @@ PageType { clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsBackup) } - - KeyNavigation.tab: about.rightButton } DividerType {} @@ -123,8 +111,6 @@ PageType { clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsAbout) } - KeyNavigation.tab: close - } DividerType {} @@ -138,8 +124,6 @@ PageType { rightImageSource: "qrc:/images/controls/chevron-right.svg" leftImageSource: "qrc:/images/controls/bug.svg" - // Keys.onTabPressed: lastItemTabClicked(header) - clickedFunction: function() { PageController.goToPage(PageEnum.PageDevMenu) } @@ -157,9 +141,7 @@ PageType { text: qsTr("Close application") leftImageSource: "qrc:/images/controls/x-circle.svg" - isLeftImageHoverEnabled: false - - Keys.onTabPressed: lastItemTabClicked(header) + isLeftImageHoverEnabled: false clickedFunction: function() { PageController.closeApplication() diff --git a/client/ui/qml/Pages2/PageSettingsAbout.qml b/client/ui/qml/Pages2/PageSettingsAbout.qml index cde9ee20..6342ce66 100644 --- a/client/ui/qml/Pages2/PageSettingsAbout.qml +++ b/client/ui/qml/Pages2/PageSettingsAbout.qml @@ -14,19 +14,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - - onFocusChanged: { - if (focusItem.activeFocus) { - fl.contentY = 0 - } - } - } - BackButtonType { id: backButton @@ -35,21 +22,106 @@ PageType { anchors.right: parent.right anchors.topMargin: 20 - KeyNavigation.tab: telegramButton + onActiveFocusChanged: { + if(backButton.enabled && backButton.activeFocus) { + listView.positionViewAtBeginning() + } + } } - FlickableType { - id: fl + QtObject { + id: telegramGroup + + readonly property string title: qsTr("Telegram group") + readonly property string description: qsTr("To discuss features") + readonly property string imageSource: "qrc:/images/controls/telegram.svg" + readonly property var handler: function() { + Qt.openUrlExternally(qsTr("https://t.me/amnezia_vpn_en")) + } + } + + QtObject { + id: mail + + readonly property string title: qsTr("support@amnezia.org") + readonly property string description: qsTr("For reviews and bug reports") + readonly property string imageSource: "qrc:/images/controls/mail.svg" + readonly property var handler: function() { + Qt.openUrlExternally(qsTr("mailto:support@amnezia.org")) + } + } + + QtObject { + id: github + + readonly property string title: qsTr("GitHub") + readonly property string description: qsTr("Discover the source code") + readonly property string imageSource: "qrc:/images/controls/github.svg" + readonly property var handler: function() { + Qt.openUrlExternally(qsTr("https://github.com/amnezia-vpn/amnezia-client")) + } + } + + QtObject { + id: website + + readonly property string title: qsTr("Website") + readonly property string description: qsTr("Visit official website") + readonly property string imageSource: "qrc:/images/controls/amnezia.svg" + readonly property var handler: function() { + Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl()) + } + } + + property list contacts: [ + telegramGroup, + mail, + github, + website + ] + + ListView { + id: listView + anchors.top: backButton.bottom anchors.bottom: parent.bottom - contentHeight: content.height + anchors.right: parent.right + anchors.left: parent.left - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + ScrollBar.vertical: ScrollBarType {} + + model: contacts + + clip: true + + header: ColumnLayout { + width: listView.width Image { id: image @@ -96,81 +168,29 @@ PageType { text: qsTr("Contacts") } + } + + delegate: ColumnLayout { + width: listView.width LabelWithButtonType { id: telegramButton Layout.fillWidth: true - Layout.topMargin: 16 + Layout.topMargin: 6 - text: qsTr("Telegram group") - descriptionText: qsTr("To discuss features") - leftImageSource: "qrc:/images/controls/telegram.svg" + text: title + descriptionText: description + leftImageSource: imageSource - KeyNavigation.tab: mailButton - parentFlickable: fl - - clickedFunction: function() { - Qt.openUrlExternally(qsTr("https://t.me/amnezia_vpn_en")) - } + clickedFunction: handler } DividerType {} - LabelWithButtonType { - id: mailButton - Layout.fillWidth: true + } - text: qsTr("support@amnezia.org") - descriptionText: qsTr("For reviews and bug reports") - leftImageSource: "qrc:/images/controls/mail.svg" - - KeyNavigation.tab: githubButton - parentFlickable: fl - - clickedFunction: function() { - GC.copyToClipBoard(text) - PageController.showNotificationMessage(qsTr("Copied")) - } - - } - - DividerType {} - - LabelWithButtonType { - id: githubButton - Layout.fillWidth: true - - text: qsTr("GitHub") - leftImageSource: "qrc:/images/controls/github.svg" - - KeyNavigation.tab: websiteButton - parentFlickable: fl - - clickedFunction: function() { - Qt.openUrlExternally(qsTr("https://github.com/amnezia-vpn/amnezia-client")) - } - - } - - DividerType {} - - LabelWithButtonType { - id: websiteButton - Layout.fillWidth: true - - text: qsTr("Website") - leftImageSource: "qrc:/images/controls/amnezia.svg" - - KeyNavigation.tab: checkUpdatesButton - parentFlickable: fl - - clickedFunction: function() { - Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl()) - } - - } - - DividerType {} + footer: ColumnLayout { + width: listView.width CaptionTextType { Layout.fillWidth: true @@ -196,6 +216,7 @@ PageType { BasicButtonType { id: checkUpdatesButton + Layout.alignment: Qt.AlignHCenter Layout.topMargin: 8 Layout.bottomMargin: 16 @@ -209,35 +230,30 @@ PageType { text: qsTr("Check for updates") - KeyNavigation.tab: privacyPolicyButton - parentFlickable: fl - clickedFunc: function() { Qt.openUrlExternally("https://github.com/amnezia-vpn/desktop-client/releases/latest") } } BasicButtonType { - id: privacyPolicyButton - Layout.alignment: Qt.AlignHCenter - Layout.bottomMargin: 16 - Layout.topMargin: -15 - implicitHeight: 25 + id: privacyPolicyButton - defaultColor: AmneziaStyle.color.transparent - hoveredColor: AmneziaStyle.color.translucentWhite - pressedColor: AmneziaStyle.color.sheerWhite - disabledColor: AmneziaStyle.color.mutedGray - textColor: AmneziaStyle.color.goldenApricot + Layout.alignment: Qt.AlignHCenter + Layout.bottomMargin: 16 + Layout.topMargin: -15 + implicitHeight: 25 - text: qsTr("Privacy Policy") + defaultColor: AmneziaStyle.color.transparent + hoveredColor: AmneziaStyle.color.translucentWhite + pressedColor: AmneziaStyle.color.sheerWhite + disabledColor: AmneziaStyle.color.mutedGray + textColor: AmneziaStyle.color.goldenApricot - Keys.onTabPressed: lastItemTabClicked() - parentFlickable: fl + text: qsTr("Privacy Policy") - clickedFunc: function() { - Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl() + "/policy") - } + clickedFunc: function() { + Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl("policy")) + } } } } diff --git a/client/ui/qml/Pages2/PageSettingsApiAvailableCountries.qml b/client/ui/qml/Pages2/PageSettingsApiAvailableCountries.qml new file mode 100644 index 00000000..ce57e97e --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsApiAvailableCountries.qml @@ -0,0 +1,165 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts +import QtQuick.Dialogs + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + property var processedServer + + Connections { + target: ServersModel + + function onProcessedServerChanged() { + root.processedServer = proxyServersModel.get(0) + } + } + + SortFilterProxyModel { + id: proxyServersModel + objectName: "proxyServersModel" + + sourceModel: ServersModel + filters: [ + ValueFilter { + roleName: "isCurrentlyProcessed" + value: true + } + ] + + Component.onCompleted: { + root.processedServer = proxyServersModel.get(0) + } + } + + ListViewType { + id: menuContent + + anchors.fill: parent + + model: ApiCountryModel + + currentIndex: 0 + + ButtonGroup { + id: containersRadioButtonGroup + } + + header: ColumnLayout { + width: menuContent.width + + spacing: 4 + + BackButtonType { + id: backButton + objectName: "backButton" + + Layout.topMargin: 20 + } + + HeaderTypeWithButton { + id: headerContent + objectName: "headerContent" + + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 10 + + actionButtonImage: "qrc:/images/controls/settings.svg" + + headerText: root.processedServer.name + descriptionText: qsTr("Location for connection") + + actionButtonFunction: function() { + PageController.showBusyIndicator(true) + let result = ApiSettingsController.getAccountInfo(false) + PageController.showBusyIndicator(false) + if (!result) { + return + } + + PageController.goToPage(PageEnum.PageSettingsApiServerInfo) + } + } + } + + delegate: ColumnLayout { + id: content + + width: menuContent.width + height: content.implicitHeight + + RowLayout { + VerticalRadioButton { + id: containerRadioButton + + Layout.fillWidth: true + Layout.leftMargin: 16 + + text: countryName + + ButtonGroup.group: containersRadioButtonGroup + + imageSource: "qrc:/images/controls/download.svg" + + checked: index === ApiCountryModel.currentIndex + checkable: !ConnectionController.isConnected + + onClicked: { + if (ConnectionController.isConnected) { + PageController.showNotificationMessage(qsTr("Unable change server location while there is an active connection")) + return + } + + if (index !== ApiCountryModel.currentIndex) { + PageController.showBusyIndicator(true) + var prevIndex = ApiCountryModel.currentIndex + ApiCountryModel.currentIndex = index + if (!ApiConfigsController.updateServiceFromGateway(ServersModel.defaultIndex, countryCode, countryName)) { + ApiCountryModel.currentIndex = prevIndex + } + PageController.showBusyIndicator(false) + } + } + + Keys.onEnterPressed: { + if (checkable) { + checked = true + } + containerRadioButton.clicked() + } + Keys.onReturnPressed: { + if (checkable) { + checked = true + } + containerRadioButton.clicked() + } + } + + Image { + Layout.rightMargin: 32 + Layout.alignment: Qt.AlignRight + + source: "qrc:/countriesFlags/images/flagKit/" + countryImageCode + ".svg" + } + } + + DividerType { + Layout.fillWidth: true + } + } + } +} diff --git a/client/ui/qml/Pages2/PageSettingsApiDevices.qml b/client/ui/qml/Pages2/PageSettingsApiDevices.qml new file mode 100644 index 00000000..231b58a0 --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsApiDevices.qml @@ -0,0 +1,105 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts +import QtQuick.Dialogs + +import QtCore + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + ListViewType { + id: listView + + anchors.fill: parent + anchors.topMargin: 20 + anchors.bottomMargin: 24 + + model: ApiDevicesModel + + header: ColumnLayout { + width: listView.width + + BackButtonType { + id: backButton + } + + BaseHeaderType { + id: header + + Layout.fillWidth: true + Layout.rightMargin: 16 + Layout.leftMargin: 16 + + headerText: qsTr("Active Devices") + descriptionText: qsTr("Manage currently connected devices") + } + + WarningType { + Layout.topMargin: 16 + Layout.rightMargin: 16 + Layout.leftMargin: 16 + Layout.fillWidth: true + + textString: qsTr("You can find the identifier on the Support tab or, for older versions of the app, " + + "by tapping '+' and then the three dots at the top of the page.") + + iconPath: "qrc:/images/controls/alert-circle.svg" + } + } + + delegate: ColumnLayout { + width: listView.width + + LabelWithButtonType { + Layout.fillWidth: true + Layout.topMargin: 6 + + text: osVersion + (isCurrentDevice ? qsTr(" (current device)") : "") + descriptionText: qsTr("Support tag: ") + "\n" + supportTag + "\n" + qsTr("Last updated: ") + lastUpdate + rightImageSource: "qrc:/images/controls/trash.svg" + + clickedFunction: function() { + if (isCurrentDevice && ServersModel.isDefaultServerCurrentlyProcessed() && ConnectionController.isConnected) { + PageController.showNotificationMessage(qsTr("Cannot unlink device during active connection")) + return + } + + var headerText = qsTr("Are you sure you want to unlink this device?") + var descriptionText = qsTr("This will unlink the device from your subscription. You can reconnect it anytime by pressing \"Reload API config\" in subscription settings on device.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + Qt.callLater(deactivateExternalDevice, supportTag, countryCode) + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + } + + DividerType {} + } + } + + function deactivateExternalDevice(supportTag, countryCode) { + PageController.showBusyIndicator(true) + if (ApiConfigsController.deactivateExternalDevice(supportTag, countryCode)) { + ApiSettingsController.getAccountInfo(true) + } + PageController.showBusyIndicator(false) + } +} diff --git a/client/ui/qml/Pages2/PageSettingsApiInstructions.qml b/client/ui/qml/Pages2/PageSettingsApiInstructions.qml new file mode 100644 index 00000000..9b325b82 --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsApiInstructions.qml @@ -0,0 +1,124 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + QtObject { + id: windows + + readonly property string title: qsTr("Windows") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#windows") + } + + QtObject { + id: macos + + readonly property string title: qsTr("macOS") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#macos") + } + + QtObject { + id: android + + readonly property string title: qsTr("Android") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#android") + } + + QtObject { + id: androidTv + + readonly property string title: qsTr("AndroidTV") + readonly property string link: qsTr("https://docs.amnezia.org/ru/documentation/instructions/android_tv_connect/") + } + + QtObject { + id: ios + + readonly property string title: qsTr("iOS") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#ios") + } + + QtObject { + id: linux + + readonly property string title: qsTr("Linux") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#linux") + } + + QtObject { + id: routers + + readonly property string title: qsTr("Routers") + readonly property string link: qsTr("https://docs.amnezia.org/documentation/instructions/connect-amnezia-premium#routers") + } + + property list instructionsModel: [ + windows, + macos, + android, + androidTv, + ios, + linux, + routers + ] + + ListViewType { + id: listView + + anchors.fill: parent + anchors.topMargin: 20 + anchors.bottomMargin: 24 + + model: instructionsModel + + header: ColumnLayout { + width: listView.width + + BackButtonType { + id: backButton + } + + BaseHeaderType { + id: header + + Layout.fillWidth: true + Layout.rightMargin: 16 + Layout.leftMargin: 16 + + headerText: qsTr("How to connect on another device") + descriptionText: qsTr("Setup guides on the Amnezia website") + } + } + + delegate: ColumnLayout { + width: listView.width + + LabelWithButtonType { + Layout.fillWidth: true + Layout.topMargin: 6 + + text: title + rightImageSource: "qrc:/images/controls/external-link.svg" + + clickedFunction: function() { + Qt.openUrlExternally(link) + } + } + + DividerType {} + } + } +} diff --git a/client/ui/qml/Pages2/PageSettingsApiLanguageList.qml b/client/ui/qml/Pages2/PageSettingsApiLanguageList.qml deleted file mode 100644 index 600db85d..00000000 --- a/client/ui/qml/Pages2/PageSettingsApiLanguageList.qml +++ /dev/null @@ -1,109 +0,0 @@ -import QtQuick -import QtQuick.Controls -import QtQuick.Layouts -import QtQuick.Dialogs - -import PageEnum 1.0 -import Style 1.0 - -import "./" -import "../Controls2" -import "../Controls2/TextTypes" -import "../Config" -import "../Components" - -PageType { - id: root - - ListView { - id: menuContent - - property var selectedText - - width: parent.width - height: menuContent.contentItem.height - - clip: true - interactive: false - model: ApiCountryModel - - ButtonGroup { - id: containersRadioButtonGroup - } - - delegate: Item { - implicitWidth: parent.width - implicitHeight: content.implicitHeight - - ColumnLayout { - id: content - - anchors.fill: parent - - RowLayout { - VerticalRadioButton { - id: containerRadioButton - - Layout.fillWidth: true - Layout.leftMargin: 16 - - text: countryName - - ButtonGroup.group: containersRadioButtonGroup - - imageSource: "qrc:/images/controls/download.svg" - - checked: index === ApiCountryModel.currentIndex - checkable: !ConnectionController.isConnected - - onClicked: { - if (ConnectionController.isConnected) { - PageController.showNotificationMessage(qsTr("Unable change server location while there is an active connection")) - return - } - - if (index !== ApiCountryModel.currentIndex) { - PageController.showBusyIndicator(true) - var prevIndex = ApiCountryModel.currentIndex - ApiCountryModel.currentIndex = index - if (!InstallController.updateServiceFromApi(ServersModel.defaultIndex, countryCode, countryName)) { - ApiCountryModel.currentIndex = prevIndex - } - } - } - - MouseArea { - anchors.fill: containerRadioButton - cursorShape: Qt.PointingHandCursor - enabled: false - } - - Keys.onEnterPressed: { - if (checkable) { - checked = true - } - containerRadioButton.clicked() - } - Keys.onReturnPressed: { - if (checkable) { - checked = true - } - containerRadioButton.clicked() - } - } - - Image { - Layout.rightMargin: 32 - Layout.alignment: Qt.AlignRight - - source: "qrc:/countriesFlags/images/flagKit/" + countryImageCode + ".svg" - } - } - - DividerType { - Layout.fillWidth: true - } - } - } - } -} diff --git a/client/ui/qml/Pages2/PageSettingsApiNativeConfigs.qml b/client/ui/qml/Pages2/PageSettingsApiNativeConfigs.qml new file mode 100644 index 00000000..d2042a76 --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsApiNativeConfigs.qml @@ -0,0 +1,220 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts +import QtQuick.Dialogs + +import QtCore + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + property string configExtension: ".conf" + property string configCaption: qsTr("Save AmneziaVPN config") + + ListViewType { + id: listView + + anchors.fill: parent + anchors.topMargin: 20 + anchors.bottomMargin: 24 + + model: ApiCountryModel + + header: ColumnLayout { + width: listView.width + + BackButtonType { + id: backButton + } + + BaseHeaderType { + id: header + + Layout.fillWidth: true + Layout.rightMargin: 16 + Layout.leftMargin: 16 + + headerText: qsTr("Configuration Files") + descriptionText: qsTr("For router setup or the AmneziaWG app") + } + } + + delegate: ColumnLayout { + width: listView.width + + LabelWithButtonType { + Layout.fillWidth: true + Layout.topMargin: 6 + + text: countryName + descriptionText: isWorkerExpired ? qsTr("The configuration needs to be reissued") : "" + descriptionColor: AmneziaStyle.color.vibrantRed + + leftImageSource: "qrc:/countriesFlags/images/flagKit/" + countryImageCode + ".svg" + rightImageSource: isIssued ? "qrc:/images/controls/more-vertical.svg" : "qrc:/images/controls/download.svg" + + clickedFunction: function() { + if (isIssued) { + moreOptionsDrawer.countryName = countryName + moreOptionsDrawer.countryCode = countryCode + moreOptionsDrawer.openTriggered() + } else { + issueConfig(countryCode) + } + } + } + + DividerType {} + } + } + + DrawerType2 { + id: moreOptionsDrawer + + property string countryName + property string countryCode + + anchors.fill: parent + expandedHeight: parent.height * 0.4375 + + expandedStateContent: Item { + implicitHeight: moreOptionsDrawer.expandedHeight + + BackButtonType { + id: moreOptionsDrawerBackButton + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + anchors.topMargin: 16 + + backButtonFunction: function() { + moreOptionsDrawer.closeTriggered() + } + } + + FlickableType { + anchors.top: moreOptionsDrawerBackButton.bottom + anchors.left: parent.left + anchors.right: parent.right + anchors.bottom: parent.bottom + + contentHeight: moreOptionsDrawerContent.height + + ColumnLayout { + id: moreOptionsDrawerContent + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + Header2Type { + Layout.fillWidth: true + Layout.margins: 16 + + headerText: moreOptionsDrawer.countryName + qsTr(" configuration file") + } + + LabelWithButtonType { + Layout.fillWidth: true + + text: qsTr("Generate a new configuration file") + descriptionText: qsTr("The previously created one will stop working") + + clickedFunction: function() { + showQuestion(true, moreOptionsDrawer.countryCode, moreOptionsDrawer.countryName) + } + } + + DividerType {} + + LabelWithButtonType { + Layout.fillWidth: true + text: qsTr("Revoke the current configuration file") + + clickedFunction: function() { + showQuestion(false, moreOptionsDrawer.countryCode, moreOptionsDrawer.countryName) + } + } + + DividerType {} + } + } + } + } + + function issueConfig(countryCode) { + var fileName = "" + if (GC.isMobile()) { + fileName = countryCode + configExtension + } else { + fileName = SystemController.getFileName(configCaption, + qsTr("Config files (*" + configExtension + ")"), + StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/" + countryCode, + true, + configExtension) + } + if (fileName !== "") { + PageController.showBusyIndicator(true) + let result = ApiConfigsController.exportNativeConfig(countryCode, fileName) + if (result) { + ApiSettingsController.getAccountInfo(true) + } + + PageController.showBusyIndicator(false) + if (result) { + PageController.showNotificationMessage(qsTr("Config file saved")) + } + } + } + + function revokeConfig(countryCode) { + PageController.showBusyIndicator(true) + let result = ApiConfigsController.revokeNativeConfig(countryCode) + if (result) { + ApiSettingsController.getAccountInfo(true) + } + PageController.showBusyIndicator(false) + + if (result) { + PageController.showNotificationMessage(qsTr("The config has been revoked")) + } + } + + function showQuestion(isConfigIssue, countryCode, countryName) { + var headerText + if (isConfigIssue) { + headerText = qsTr("Generate a new %1 configuration file?").arg(countryName) + } else { + headerText = qsTr("Revoke the current %1 configuration file?").arg(countryName) + } + + var descriptionText = qsTr("Your previous configuration file will no longer work, and it will not be possible to connect using it") + var yesButtonText = isConfigIssue ? qsTr("Download") : qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + if (isConfigIssue) { + issueConfig(countryCode) + } else { + revokeConfig(countryCode) + } + moreOptionsDrawer.closeTriggered() + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } +} diff --git a/client/ui/qml/Pages2/PageSettingsApiServerInfo.qml b/client/ui/qml/Pages2/PageSettingsApiServerInfo.qml index 167e56e5..75832fa6 100644 --- a/client/ui/qml/Pages2/PageSettingsApiServerInfo.qml +++ b/client/ui/qml/Pages2/PageSettingsApiServerInfo.qml @@ -3,6 +3,8 @@ import QtQuick.Controls import QtQuick.Layouts import QtQuick.Dialogs +import SortFilterProxyModel 0.2 + import PageEnum 1.0 import Style 1.0 @@ -15,117 +17,294 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem + property list labelsModel: [ + statusObject, + endDateObject, + deviceCountObject + ] - FlickableType { - id: fl - anchors.top: parent.top - anchors.bottom: parent.bottom - contentHeight: content.height + QtObject { + id: statusObject - ColumnLayout { - id: content + readonly property string title: qsTr("Subscription Status") + readonly property string contentKey: "subscriptionStatus" + readonly property string objectImageSource: "qrc:/images/controls/info.svg" + } - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + QtObject { + id: endDateObject + readonly property string title: qsTr("Valid Until") + readonly property string contentKey: "endDate" + readonly property string objectImageSource: "qrc:/images/controls/history.svg" + } + + QtObject { + id: deviceCountObject + + readonly property string title: qsTr("Active Connections") + readonly property string contentKey: "connectedDevices" + readonly property string objectImageSource: "qrc:/images/controls/monitor.svg" + } + + property var processedServer + + Connections { + target: ServersModel + + function onProcessedServerChanged() { + root.processedServer = proxyServersModel.get(0) + } + } + + SortFilterProxyModel { + id: proxyServersModel + objectName: "proxyServersModel" + + sourceModel: ServersModel + filters: [ + ValueFilter { + roleName: "isCurrentlyProcessed" + value: true + } + ] + + Component.onCompleted: { + root.processedServer = proxyServersModel.get(0) + } + } + + ListViewType { + id: listView + + anchors.fill: parent + + model: labelsModel + + header: ColumnLayout { + width: listView.width + + spacing: 4 + + BackButtonType { + id: backButton + objectName: "backButton" + + Layout.topMargin: 20 + } + + HeaderTypeWithButton { + id: headerContent + objectName: "headerContent" + + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 10 + + actionButtonImage: "qrc:/images/controls/edit-3.svg" + + headerText: root.processedServer.name + descriptionText: ApiAccountInfoModel.data("serviceDescription") + + actionButtonFunction: function() { + serverNameEditDrawer.openTriggered() + } + } + + RenameServerDrawer { + id: serverNameEditDrawer + + parent: root + + anchors.fill: parent + expandedHeight: root.height * 0.35 + + serverNameText: root.processedServer.name + } + } + + delegate: ColumnLayout { + width: listView.width spacing: 0 - Item { - id: focusItem -// KeyNavigation.tab: backButton + Connections { + target: ApiAccountInfoModel + + function onModelReset() { + delegateItem.rightText = ApiAccountInfoModel.data(contentKey) + } } LabelWithImageType { - Layout.fillWidth: true - Layout.margins: 16 - - imageSource: "qrc:/images/controls/map-pin.svg" - leftText: qsTr("For the region") - rightText: ApiServicesModel.getSelectedServiceData("region") - } - - LabelWithImageType { - Layout.fillWidth: true - Layout.margins: 16 - - imageSource: "qrc:/images/controls/tag.svg" - leftText: qsTr("Price") - rightText: ApiServicesModel.getSelectedServiceData("price") - } - - LabelWithImageType { - property bool showSubscriptionEndDate: ServersModel.getProcessedServerData("isCountrySelectionAvailable") + id: delegateItem Layout.fillWidth: true Layout.margins: 16 - imageSource: "qrc:/images/controls/history.svg" - leftText: showSubscriptionEndDate ? qsTr("Valid until") : qsTr("Work period") - rightText: showSubscriptionEndDate ? ApiServicesModel.getSelectedServiceData("endDate") - : ApiServicesModel.getSelectedServiceData("workPeriod") + imageSource: objectImageSource + leftText: title + rightText: ApiAccountInfoModel.data(contentKey) visible: rightText !== "" } + } + + footer: ColumnLayout { + id: footer + + width: listView.width + spacing: 0 + + readonly property bool isVisibleForAmneziaFree: ApiAccountInfoModel.data("isComponentVisible") + + SwitcherType { + id: switcher + + readonly property bool isVlessProtocol: ApiConfigsController.isVlessProtocol() - LabelWithImageType { - Layout.fillWidth: true - Layout.margins: 16 - - imageSource: "qrc:/images/controls/gauge.svg" - leftText: qsTr("Speed") - rightText: ApiServicesModel.getSelectedServiceData("speed") - } - - ParagraphTextType { Layout.fillWidth: true + Layout.topMargin: 24 Layout.rightMargin: 16 Layout.leftMargin: 16 - onLinkActivated: function(link) { - Qt.openUrlExternally(link) - } - textFormat: Text.RichText - text: { - var text = ApiServicesModel.getSelectedServiceData("features") - if (text === undefined) { - return "" - } - return text.replace("%1", LanguageModel.getCurrentSiteUrl()) - } + visible: ApiAccountInfoModel.data("isProtocolSelectionSupported") - MouseArea { - anchors.fill: parent - acceptedButtons: Qt.NoButton - cursorShape: parent.hoveredLink ? Qt.PointingHandCursor : Qt.ArrowCursor + text: qsTr("Use VLESS protocol") + checked: switcher.isVlessProtocol + onToggled: function() { + if (ServersModel.isDefaultServerCurrentlyProcessed() && ConnectionController.isConnected) { + PageController.showNotificationMessage(qsTr("Cannot change protocol during active connection")) + } else { + PageController.showBusyIndicator(true) + ApiConfigsController.setCurrentProtocol(switcher.isVlessProtocol ? "awg" : "vless") + ApiConfigsController.updateServiceFromGateway(ServersModel.processedIndex, "", "", true) + PageController.showBusyIndicator(false) + } } } - LabelWithButtonType { - id: supportUuid + WarningType { + id: warning + + Layout.topMargin: 32 + Layout.rightMargin: 16 + Layout.leftMargin: 16 Layout.fillWidth: true - text: qsTr("Support tag") - descriptionText: SettingsController.getInstallationUuid() + backGroundColor: AmneziaStyle.color.translucentRichBrown - descriptionOnTop: true + textString: qsTr("Configurations have been updated for some countries. Download and install the updated configuration files") -// parentFlickable: fl -// KeyNavigation.tab: passwordLabel.eyeButton + iconPath: "qrc:/images/controls/alert-circle.svg" - rightImageSource: "qrc:/images/controls/copy.svg" - rightImageColor: AmneziaStyle.color.paleGray + visible: ApiAccountInfoModel.data("hasExpiredWorker") + } + + LabelWithButtonType { + id: vpnKey + + Layout.fillWidth: true + Layout.topMargin: warning.visible ? 16 : 32 + + visible: false //footer.isVisibleForAmneziaFree + + text: qsTr("Subscription Key") + rightImageSource: "qrc:/images/controls/chevron-right.svg" clickedFunction: function() { - GC.copyToClipBoard(descriptionText) - PageController.showNotificationMessage(qsTr("Copied")) - if (!GC.isMobile()) { - this.rightButton.forceActiveFocus() - } + shareConnectionDrawer.headerText = qsTr("Amnezia Premium subscription key") + + shareConnectionDrawer.openTriggered() + shareConnectionDrawer.isSelfHostedConfig = false; + shareConnectionDrawer.shareButtonText = qsTr("Save VPN key as a file") + shareConnectionDrawer.copyButtonText = qsTr("Copy VPN key") + + + PageController.showBusyIndicator(true) + + ApiConfigsController.prepareVpnKeyExport() + + PageController.showBusyIndicator(false) } } + DividerType { + visible: false //footer.isVisibleForAmneziaFree + } + + LabelWithButtonType { + Layout.fillWidth: true + Layout.topMargin: warning.visible ? 16 : 32 + + visible: footer.isVisibleForAmneziaFree + + text: qsTr("Configuration Files") + + descriptionText: qsTr("Manage configuration files") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + ApiSettingsController.updateApiCountryModel() + PageController.goToPage(PageEnum.PageSettingsApiNativeConfigs) + } + } + + DividerType { + visible: footer.isVisibleForAmneziaFree + } + + LabelWithButtonType { + Layout.fillWidth: true + + visible: footer.isVisibleForAmneziaFree + + text: qsTr("Active Devices") + + descriptionText: qsTr("Manage currently connected devices") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + ApiSettingsController.updateApiDevicesModel() + PageController.goToPage(PageEnum.PageSettingsApiDevices) + } + } + + DividerType { + visible: footer.isVisibleForAmneziaFree + } + + LabelWithButtonType { + Layout.fillWidth: true + Layout.topMargin: footer.isVisibleForAmneziaFree ? 0 : 32 + + text: qsTr("Support") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + PageController.goToPage(PageEnum.PageSettingsApiSupport) + } + } + + DividerType {} + + LabelWithButtonType { + Layout.fillWidth: true + + visible: footer.isVisibleForAmneziaFree + + text: qsTr("How to connect on another device") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + PageController.goToPage(PageEnum.PageSettingsApiInstructions) + } + } + + DividerType { + visible: footer.isVisibleForAmneziaFree + } + BasicButtonType { id: resetButton Layout.alignment: Qt.AlignHCenter @@ -141,8 +320,6 @@ PageType { text: qsTr("Reload API config") -// Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { var headerText = qsTr("Reload API config?") var yesButtonText = qsTr("Continue") @@ -153,20 +330,57 @@ PageType { PageController.showNotificationMessage(qsTr("Cannot reload API config during active connection")) } else { PageController.showBusyIndicator(true) - InstallController.updateServiceFromApi(ServersModel.processedIndex, "", "", true) + ApiConfigsController.updateServiceFromGateway(ServersModel.processedIndex, "", "", true) PageController.showBusyIndicator(false) } } var noButtonFunction = function() { - if (!GC.isMobile()) { - removeButton.forceActiveFocus() - } } showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } } + BasicButtonType { + id: revokeButton + Layout.alignment: Qt.AlignHCenter + Layout.bottomMargin: 16 + Layout.leftMargin: 8 + implicitHeight: 32 + + visible: footer.isVisibleForAmneziaFree + + defaultColor: "transparent" + hoveredColor: AmneziaStyle.color.translucentWhite + pressedColor: AmneziaStyle.color.sheerWhite + textColor: AmneziaStyle.color.vibrantRed + + text: qsTr("Unlink this device") + + clickedFunc: function() { + var headerText = qsTr("Are you sure you want to unlink this device?") + var descriptionText = qsTr("This will unlink the device from your subscription. You can reconnect it anytime by pressing \"Reload API config\" in subscription settings on device.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + if (ServersModel.isDefaultServerCurrentlyProcessed() && ConnectionController.isConnected) { + PageController.showNotificationMessage(qsTr("Cannot unlink device during active connection")) + } else { + PageController.showBusyIndicator(true) + if (ApiConfigsController.deactivateDevice()) { + ApiSettingsController.getAccountInfo(true) + } + PageController.showBusyIndicator(false) + } + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + } + BasicButtonType { id: removeButton Layout.alignment: Qt.AlignHCenter @@ -181,8 +395,6 @@ PageType { text: qsTr("Remove from application") -// Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { var headerText = qsTr("Remove from application?") var yesButtonText = qsTr("Continue") @@ -193,14 +405,13 @@ PageType { PageController.showNotificationMessage(qsTr("Cannot remove server during active connection")) } else { PageController.showBusyIndicator(true) - InstallController.removeProcessedServer() + if (ApiConfigsController.deactivateDevice()) { + InstallController.removeProcessedServer() + } PageController.showBusyIndicator(false) } } var noButtonFunction = function() { - if (!GC.isMobile()) { - removeButton.forceActiveFocus() - } } showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) @@ -208,4 +419,10 @@ PageType { } } } + + ShareConnectionDrawer { + id: shareConnectionDrawer + + anchors.fill: parent + } } diff --git a/client/ui/qml/Pages2/PageSettingsApiSupport.qml b/client/ui/qml/Pages2/PageSettingsApiSupport.qml new file mode 100644 index 00000000..e10eb325 --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsApiSupport.qml @@ -0,0 +1,128 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + QtObject { + id: telegram + + readonly property string title: qsTr("Telegram") + readonly property string description: "@" + ApiAccountInfoModel.getTelegramBotLink() + readonly property string link: "https://t.me/" + ApiAccountInfoModel.getTelegramBotLink() + } + + QtObject { + id: techSupport + + readonly property string title: qsTr("Email") + readonly property string description: ApiAccountInfoModel.getEmailLink() + readonly property string link: "mailto:" + ApiAccountInfoModel.getEmailLink() + } + + QtObject { + id: paymentSupport + + readonly property string title: qsTr("Email Billing & Orders") + readonly property string description: ApiAccountInfoModel.getBillingEmailLink() + readonly property string link: "mailto:" + ApiAccountInfoModel.getBillingEmailLink() + } + + QtObject { + id: site + + readonly property string title: qsTr("Website") + readonly property string description: ApiAccountInfoModel.getSiteLink() + readonly property string link: ApiAccountInfoModel.getFullSiteLink() + } + + property list supportModel: [ + telegram, + techSupport, + paymentSupport, + site + ] + + ListViewType { + id: listView + + anchors.fill: parent + anchors.topMargin: 20 + anchors.bottomMargin: 24 + + model: supportModel + + header: ColumnLayout { + width: listView.width + + BackButtonType { + id: backButton + } + + BaseHeaderType { + id: header + + Layout.fillWidth: true + Layout.rightMargin: 16 + Layout.leftMargin: 16 + + headerText: qsTr("Support") + descriptionText: qsTr("Our technical support specialists are available to assist you at any time") + } + } + + delegate: ColumnLayout { + width: listView.width + + LabelWithButtonType { + Layout.fillWidth: true + visible: link !== "" + text: title + descriptionText: description + rightImageSource: "qrc:/images/controls/external-link.svg" + clickedFunction: function() { + Qt.openUrlExternally(link) + } + } + DividerType {} + } + + + footer: ColumnLayout { + width: listView.width + + LabelWithButtonType { + id: supportUuid + Layout.fillWidth: true + + text: qsTr("Support tag") + descriptionText: SettingsController.getInstallationUuid() + + descriptionOnTop: true + + rightImageSource: "qrc:/images/controls/copy.svg" + rightImageColor: AmneziaStyle.color.paleGray + + clickedFunction: function() { + GC.copyToClipBoard(descriptionText) + PageController.showNotificationMessage(qsTr("Copied")) + if (!GC.isMobile()) { + this.rightButton.forceActiveFocus() + } + } + } + } + } +} diff --git a/client/ui/qml/Pages2/PageSettingsAppSplitTunneling.qml b/client/ui/qml/Pages2/PageSettingsAppSplitTunneling.qml index 2e8bda2f..e31c92db 100644 --- a/client/ui/qml/Pages2/PageSettingsAppSplitTunneling.qml +++ b/client/ui/qml/Pages2/PageSettingsAppSplitTunneling.qml @@ -21,8 +21,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - property bool pageEnabled Component.onCompleted: { @@ -48,13 +46,15 @@ PageType { QtObject { id: onlyForwardApps - property string name: qsTr("Only the apps from the list should have access via VPN") - property int type: routeMode.onlyForwardApps + + readonly property string name: qsTr("Only the apps from the list should have access via VPN") + readonly property int type: routeMode.onlyForwardApps } QtObject { id: allExceptApps - property string name: qsTr("Apps from the list should not have access via VPN") - property int type: routeMode.allExceptApps + + readonly property string name: qsTr("Apps from the list should not have access via VPN") + readonly property int type: routeMode.allExceptApps } function getRouteModesModelIndex() { @@ -66,11 +66,6 @@ PageType { } } - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: header @@ -82,36 +77,24 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: switcher } - RowLayout { - HeaderType { - Layout.fillWidth: true - Layout.leftMargin: 16 + HeaderTypeWithSwitcher { + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 - headerText: qsTr("App split tunneling") + headerText: qsTr("App split tunneling") + enabled: root.pageEnabled + showSwitcher: true + switcher { + checked: AppSplitTunnelingModel.isTunnelingEnabled enabled: root.pageEnabled } - - SwitcherType { - id: switcher - - Layout.fillWidth: true - Layout.rightMargin: 16 - - enabled: root.pageEnabled - - KeyNavigation.tab: selector.enabled ? - selector : - searchField.textField - - checked: AppSplitTunnelingModel.isTunnelingEnabled - onToggled: { - AppSplitTunnelingModel.toggleSplitTunneling(checked) - selector.text = root.routeModesModel[getRouteModesModelIndex()].name - } + switcherFunction: function(checked) { + AppSplitTunnelingModel.toggleSplitTunneling(checked) + selector.text = root.routeModesModel[getRouteModesModelIndex()].name } } @@ -130,25 +113,23 @@ PageType { enabled: Qt.platform.os === "android" && root.pageEnabled - KeyNavigation.tab: searchField.textField - listView: ListViewWithRadioButtonType { rootWidth: root.width model: root.routeModesModel - currentIndex: getRouteModesModelIndex() + selectedIndex: getRouteModesModelIndex() clickedFunction: function() { selector.text = selectedText - selector.close() - if (AppSplitTunnelingModel.routeMode !== root.routeModesModel[currentIndex].type) { - AppSplitTunnelingModel.routeMode = root.routeModesModel[currentIndex].type + selector.closeTriggered() + if (AppSplitTunnelingModel.routeMode !== root.routeModesModel[selectedIndex].type) { + AppSplitTunnelingModel.routeMode = root.routeModesModel[selectedIndex].type } } Component.onCompleted: { - if (root.routeModesModel[currentIndex].type === AppSplitTunnelingModel.routeMode) { + if (root.routeModesModel[selectedIndex].type === AppSplitTunnelingModel.routeMode) { selector.text = selectedText } else { selector.text = root.routeModesModel[0].name @@ -158,7 +139,7 @@ PageType { Connections { target: AppSplitTunnelingModel function onRouteModeChanged() { - currentIndex = getRouteModesModelIndex() + selectedIndex = getRouteModesModelIndex() } } } @@ -264,10 +245,9 @@ PageType { Layout.fillWidth: true - textFieldPlaceholderText: qsTr("application name") + textField.placeholderText: qsTr("application name") buttonImageSource: "qrc:/images/controls/plus.svg" - Keys.onTabPressed: lastItemTabClicked(focusItem) rightButtonClickedOnEnter: true clickedFunc: function() { @@ -281,7 +261,7 @@ PageType { AppSplitTunnelingController.addApp(fileName) } } else if (Qt.platform.os === "android"){ - installedAppDrawer.open() + installedAppDrawer.openTriggered() } PageController.showBusyIndicator(false) diff --git a/client/ui/qml/Pages2/PageSettingsApplication.qml b/client/ui/qml/Pages2/PageSettingsApplication.qml index 0f85ac30..cbc04075 100644 --- a/client/ui/qml/Pages2/PageSettingsApplication.qml +++ b/client/ui/qml/Pages2/PageSettingsApplication.qml @@ -14,19 +14,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - - onFocusChanged: { - if (focusItem.activeFocus) { - fl.contentY = 0 - } - } - } - BackButtonType { id: backButton @@ -34,8 +21,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: GC.isMobile() ? switcher : switcherAutoStart } FlickableType { @@ -53,7 +38,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -77,8 +62,8 @@ PageType { } } - KeyNavigation.tab: Qt.platform.os === "android" && !SettingsController.isNotificationPermissionGranted ? - labelWithButtonNotification.rightButton : labelWithButtonLanguage.rightButton + // KeyNavigation.tab: Qt.platform.os === "android" && !SettingsController.isNotificationPermissionGranted ? + // labelWithButtonNotification.rightButton : labelWithButtonLanguage.rightButton parentFlickable: fl } @@ -95,7 +80,6 @@ PageType { descriptionText: qsTr("Enable notifications to show the VPN state in the status bar") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: labelWithButtonLanguage.rightButton parentFlickable: fl clickedFunction: function() { @@ -117,7 +101,6 @@ PageType { text: qsTr("Auto start") descriptionText: qsTr("Launch the application every time the device is starts") - KeyNavigation.tab: switcherAutoConnect parentFlickable: fl checked: SettingsController.isAutoStartEnabled() @@ -142,7 +125,6 @@ PageType { text: qsTr("Auto connect") descriptionText: qsTr("Connect to VPN on app start") - KeyNavigation.tab: switcherStartMinimized parentFlickable: fl checked: SettingsController.isAutoConnectEnabled() @@ -167,7 +149,6 @@ PageType { text: qsTr("Start minimized") descriptionText: qsTr("Launch application minimized") - KeyNavigation.tab: labelWithButtonLanguage.rightButton parentFlickable: fl checked: SettingsController.isStartMinimizedEnabled() @@ -190,11 +171,10 @@ PageType { descriptionText: LanguageModel.currentLanguageName rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: labelWithButtonLogging.rightButton parentFlickable: fl clickedFunction: function() { - selectLanguageDrawer.open() + selectLanguageDrawer.openTriggered() } } @@ -208,7 +188,6 @@ PageType { descriptionText: SettingsController.isLoggingEnabled ? qsTr("Enabled") : qsTr("Disabled") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: labelWithButtonReset.rightButton parentFlickable: fl clickedFunction: function() { @@ -226,7 +205,6 @@ PageType { rightImageSource: "qrc:/images/controls/chevron-right.svg" textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: lastItemTabClicked() parentFlickable: fl clickedFunction: function() { @@ -243,15 +221,8 @@ PageType { SettingsController.clearSettings() PageController.goToPageHome() } - - if (!GC.isMobile()) { - root.defaultActiveFocusItem.forceActiveFocus() - } } var noButtonFunction = function() { - if (!GC.isMobile()) { - root.defaultActiveFocusItem.forceActiveFocus() - } } showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) @@ -267,11 +238,5 @@ PageType { width: root.width height: root.height - - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } } } diff --git a/client/ui/qml/Pages2/PageSettingsBackup.qml b/client/ui/qml/Pages2/PageSettingsBackup.qml index abede9b3..83e0f567 100644 --- a/client/ui/qml/Pages2/PageSettingsBackup.qml +++ b/client/ui/qml/Pages2/PageSettingsBackup.qml @@ -17,8 +17,6 @@ import "../Controls2/TextTypes" PageType { id: root - defaultActiveFocusItem: focusItem - Connections { target: SettingsController @@ -36,11 +34,6 @@ PageType { } } - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -48,8 +41,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: makeBackupButton } FlickableType { @@ -69,7 +60,7 @@ PageType { spacing: 16 - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("Back up your configuration") @@ -93,6 +84,8 @@ PageType { text: qsTr("Make a backup") + parentFlickable: fl + clickedFunc: function() { var fileName = "" if (GC.isMobile()) { @@ -111,8 +104,6 @@ PageType { PageController.showNotificationMessage(qsTr("Backup file saved")) } } - - KeyNavigation.tab: restoreBackupButton } BasicButtonType { @@ -129,6 +120,8 @@ PageType { text: qsTr("Restore from backup") + parentFlickable: fl + clickedFunc: function() { var filePath = SystemController.getFileName(qsTr("Open backup file"), qsTr("Backup files (*.backup)")) @@ -136,8 +129,6 @@ PageType { restoreBackup(filePath) } } - - Keys.onTabPressed: lastItemTabClicked() } } } diff --git a/client/ui/qml/Pages2/PageSettingsConnection.qml b/client/ui/qml/Pages2/PageSettingsConnection.qml index 31b1c764..84b98230 100644 --- a/client/ui/qml/Pages2/PageSettingsConnection.qml +++ b/client/ui/qml/Pages2/PageSettingsConnection.qml @@ -12,15 +12,8 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: focusItem - property bool isAppSplitTinnelingEnabled: Qt.platform.os === "windows" || Qt.platform.os === "android" - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -28,8 +21,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: amneziaDnsSwitch } FlickableType { @@ -45,7 +36,7 @@ PageType { anchors.left: parent.left anchors.right: parent.right - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -67,8 +58,6 @@ PageType { SettingsController.toggleAmneziaDns(checked) } } - - KeyNavigation.tab: dnsServersButton.rightButton } DividerType {} @@ -81,11 +70,11 @@ PageType { descriptionText: qsTr("When AmneziaDNS is not used or installed") rightImageSource: "qrc:/images/controls/chevron-right.svg" + parentFlickable: fl + clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsDns) } - - KeyNavigation.tab: splitTunnelingButton.rightButton } DividerType {} @@ -98,24 +87,14 @@ PageType { descriptionText: qsTr("Allows you to select which sites you want to access through the VPN") rightImageSource: "qrc:/images/controls/chevron-right.svg" + parentFlickable: fl + clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsSplitTunneling) } - - Keys.onTabPressed: { - if (splitTunnelingButton2.visible) { - return splitTunnelingButton2.rightButton.forceActiveFocus() - } else if (killSwitchSwitcher.visible) { - return killSwitchSwitcher.forceActiveFocus() - } else { - lastItemTabClicked() - } - } } - DividerType { - visible: root.isAppSplitTinnelingEnabled - } + DividerType {} LabelWithButtonType { id: splitTunnelingButton2 @@ -127,47 +106,32 @@ PageType { descriptionText: qsTr("Allows you to use the VPN only for certain Apps") rightImageSource: "qrc:/images/controls/chevron-right.svg" + parentFlickable: fl + clickedFunction: function() { PageController.goToPage(PageEnum.PageSettingsAppSplitTunneling) } - - Keys.onTabPressed: { - if (killSwitchSwitcher.visible) { - return killSwitchSwitcher.forceActiveFocus() - } else { - lastItemTabClicked() - } - } } DividerType { visible: root.isAppSplitTinnelingEnabled } - SwitcherType { - id: killSwitchSwitcher + LabelWithButtonType { + id: killSwitchButton visible: !GC.isMobile() Layout.fillWidth: true - Layout.margins: 16 text: qsTr("KillSwitch") - descriptionText: qsTr("Disables your internet if your encrypted VPN connection drops out for any reason.") + descriptionText: qsTr("Blocks network connections without VPN") + rightImageSource: "qrc:/images/controls/chevron-right.svg" - checked: SettingsController.isKillSwitchEnabled() - checkable: !ConnectionController.isConnected - onCheckedChanged: { - if (checked !== SettingsController.isKillSwitchEnabled()) { - SettingsController.toggleKillSwitch(checked) - } - } - onClicked: { - if (!checkable) { - PageController.showNotificationMessage(qsTr("Cannot change killSwitch settings during active connection")) - } - } + parentFlickable: fl - Keys.onTabPressed: lastItemTabClicked() + clickedFunction: function() { + PageController.goToPage(PageEnum.PageSettingsKillSwitch) + } } DividerType { diff --git a/client/ui/qml/Pages2/PageSettingsDns.qml b/client/ui/qml/Pages2/PageSettingsDns.qml index 1d7517d9..d5e2c52b 100644 --- a/client/ui/qml/Pages2/PageSettingsDns.qml +++ b/client/ui/qml/Pages2/PageSettingsDns.qml @@ -14,13 +14,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: primaryDns.textField - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -28,8 +21,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: root.defaultActiveFocusItem } FlickableType { @@ -59,7 +50,7 @@ PageType { spacing: 16 - HeaderType { + BaseHeaderType { Layout.fillWidth: true headerText: qsTr("DNS servers") @@ -76,12 +67,10 @@ PageType { Layout.fillWidth: true headerText: qsTr("Primary DNS") - textFieldText: SettingsController.primaryDns + textField.text: SettingsController.primaryDns textField.validator: RegularExpressionValidator { regularExpression: InstallController.ipAddressRegExp() } - - KeyNavigation.tab: secondaryDns.textField } TextFieldWithHeaderType { @@ -90,12 +79,10 @@ PageType { Layout.fillWidth: true headerText: qsTr("Secondary DNS") - textFieldText: SettingsController.secondaryDns + textField.text: SettingsController.secondaryDns textField.validator: RegularExpressionValidator { regularExpression: InstallController.ipAddressRegExp() } - - KeyNavigation.tab: restoreDefaultButton } BasicButtonType { @@ -118,25 +105,16 @@ PageType { var yesButtonFunction = function() { SettingsController.primaryDns = "1.1.1.1" - primaryDns.textFieldText = SettingsController.primaryDns + primaryDns.textField.text = SettingsController.primaryDns SettingsController.secondaryDns = "1.0.0.1" - secondaryDns.textFieldText = SettingsController.secondaryDns + secondaryDns.textField.text = SettingsController.secondaryDns PageController.showNotificationMessage(qsTr("Settings have been reset")) - - if (!GC.isMobile()) { - defaultActiveFocusItem.forceActiveFocus() - } } var noButtonFunction = function() { - if (!GC.isMobile()) { - defaultActiveFocusItem.forceActiveFocus() - } } showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } - - KeyNavigation.tab: saveButton } BasicButtonType { @@ -147,16 +125,14 @@ PageType { text: qsTr("Save") clickedFunc: function() { - if (primaryDns.textFieldText !== SettingsController.primaryDns) { - SettingsController.primaryDns = primaryDns.textFieldText + if (primaryDns.textField.text !== SettingsController.primaryDns) { + SettingsController.primaryDns = primaryDns.textField.text } - if (secondaryDns.textFieldText !== SettingsController.secondaryDns) { - SettingsController.secondaryDns = secondaryDns.textFieldText + if (secondaryDns.textField.text !== SettingsController.secondaryDns) { + SettingsController.secondaryDns = secondaryDns.textField.text } PageController.showNotificationMessage(qsTr("Settings saved")) } - - Keys.onTabPressed: lastItemTabClicked(focusItem) } } } diff --git a/client/ui/qml/Pages2/PageSettingsKillSwitch.qml b/client/ui/qml/Pages2/PageSettingsKillSwitch.qml new file mode 100644 index 00000000..d6d73b20 --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsKillSwitch.qml @@ -0,0 +1,127 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts + +import PageEnum 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Config" + +PageType { + id: root + + BackButtonType { + id: backButton + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + anchors.topMargin: 20 + } + + FlickableType { + id: fl + anchors.top: backButton.bottom + anchors.bottom: parent.bottom + contentHeight: content.height + + ColumnLayout { + id: content + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + HeaderTypeWithSwitcher { + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + headerText: qsTr("KillSwitch") + descriptionText: qsTr("Enable to ensure network traffic goes through a secure VPN tunnel, preventing accidental exposure of your IP and DNS queries if the connection drops") + + showSwitcher: true + switcher { + checked: SettingsController.isKillSwitchEnabled + enabled: !ConnectionController.isConnected + } + switcherFunction: function(checked) { + if (!ConnectionController.isConnected) { + SettingsController.isKillSwitchEnabled = checked + } else { + PageController.showNotificationMessage(qsTr("KillSwitch settings cannot be changed during an active connection")) + switcher.checked = SettingsController.isKillSwitchEnabled + } + } + } + + VerticalRadioButton { + id: softKillSwitch + Layout.fillWidth: true + Layout.topMargin: 32 + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + enabled: SettingsController.isKillSwitchEnabled && !ConnectionController.isConnected + checked: !SettingsController.strictKillSwitchEnabled + + text: qsTr("Soft KillSwitch") + descriptionText: qsTr("Internet access is blocked if the VPN disconnects unexpectedly") + + onClicked: function() { + SettingsController.strictKillSwitchEnabled = false + } + } + + DividerType {} + + VerticalRadioButton { + id: strictKillSwitch + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + + visible: false + enabled: false + // enabled: SettingsController.isKillSwitchEnabled && !ConnectionController.isConnected + checked: SettingsController.strictKillSwitchEnabled + + text: qsTr("Strict KillSwitch") + descriptionText: qsTr("Internet connection is blocked even when VPN is turned off manually or hasn't started") + + onClicked: function() { + var headerText = qsTr("Just a little heads-up") + var descriptionText = qsTr("If the VPN disconnects or drops while Strict KillSwitch is enabled, internet access will be blocked. To restore access, reconnect VPN or disable/change the KillSwitch.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + SettingsController.strictKillSwitchEnabled = true + } + var noButtonFunction = function() { + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + } + + DividerType { + visible: false + } + + LabelWithButtonType { + Layout.topMargin: 32 + Layout.fillWidth: true + + enabled: true + text: qsTr("DNS Exceptions") + descriptionText: qsTr("DNS servers listed here will remain accessible when KillSwitch is active.") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + PageController.goToPage(PageEnum.PageSettingsKillSwitchExceptions) + } + } + } + } +} diff --git a/client/ui/qml/Pages2/PageSettingsKillSwitchExceptions.qml b/client/ui/qml/Pages2/PageSettingsKillSwitchExceptions.qml new file mode 100644 index 00000000..31d1721b --- /dev/null +++ b/client/ui/qml/Pages2/PageSettingsKillSwitchExceptions.qml @@ -0,0 +1,302 @@ +import QtQuick +import QtQuick.Controls +import QtQuick.Layouts +import QtQuick.Dialogs + +import QtCore + +import SortFilterProxyModel 0.2 + +import PageEnum 1.0 +import ProtocolEnum 1.0 +import ContainerProps 1.0 +import Style 1.0 + +import "./" +import "../Controls2" +import "../Controls2/TextTypes" +import "../Config" +import "../Components" + +PageType { + id: root + + property bool pageEnabled: true + + ColumnLayout { + id: header + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + anchors.topMargin: 20 + + BackButtonType { + id: backButton + } + + BaseHeaderType { + enabled: root.pageEnabled + + Layout.fillWidth: true + Layout.leftMargin: 16 + + headerText: qsTr("DNS Exceptions") + descriptionText: qsTr("DNS servers listed here will remain accessible when KillSwitch is active") + } + } + + ListView { + id: listView + + anchors.top: header.bottom + anchors.topMargin: 16 + anchors.bottom: parent.bottom + + width: parent.width + + enabled: root.pageEnabled + + property bool isFocusable: true + + cacheBuffer: 200 + displayMarginBeginning: 40 + displayMarginEnd: 40 + + ScrollBar.vertical: ScrollBarType { } + + footer: Item { + width: listView.width + height: addSitePanel.height + } + + footerPositioning: ListView.InlineFooter + + model: SortFilterProxyModel { + id: dnsFilterModel + sourceModel: AllowedDnsModel + filters: [ + RegExpFilter { + roleName: "ip" + pattern: ".*" + addSitePanel.textField.text + ".*" + caseSensitivity: Qt.CaseInsensitive + } + ] + } + + clip: true + + reuseItems: true + + delegate: ColumnLayout { + id: delegateContent + + width: listView.width + + LabelWithButtonType { + id: site + Layout.fillWidth: true + + text: ip + rightImageSource: "qrc:/images/controls/trash.svg" + rightImageColor: AmneziaStyle.color.paleGray + + clickedFunction: function() { + var headerText = qsTr("Delete ") + ip + "?" + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + AllowedDnsController.removeDns(dnsFilterModel.mapToSource(index)) + if (!GC.isMobile()) { + site.rightButton.forceActiveFocus() + } + } + var noButtonFunction = function() { + if (!GC.isMobile()) { + site.rightButton.forceActiveFocus() + } + } + + showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + } + + DividerType {} + } + } + + AddSitePanel { + id: addSitePanel + + anchors.bottom: parent.bottom + anchors.left: parent.left + anchors.right: parent.right + + enabled: root.pageEnabled + placeholderText: qsTr("IPv4 address") + + onAddClicked: function(text) { + PageController.showBusyIndicator(true) + AllowedDnsController.addDns(text) + PageController.showBusyIndicator(false) + } + + onMoreClicked: { + moreActionsDrawer.openTriggered() + } + } + + DrawerType2 { + id: moreActionsDrawer + + anchors.fill: parent + expandedHeight: parent.height * 0.4375 + + expandedStateContent: ColumnLayout { + id: moreActionsDrawerContent + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + Header2Type { + Layout.fillWidth: true + Layout.margins: 16 + + headerText: qsTr("Import / Export addresses") + } + + LabelWithButtonType { + id: importSitesButton + Layout.fillWidth: true + + text: qsTr("Import") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + importSitesDrawer.openTriggered() + } + } + + DividerType {} + + LabelWithButtonType { + id: exportSitesButton + Layout.fillWidth: true + text: qsTr("Save address list") + + clickedFunction: function() { + var fileName = "" + if (GC.isMobile()) { + fileName = "amnezia_killswitch_exceptions.json" + } else { + fileName = SystemController.getFileName(qsTr("Save addresses"), + qsTr("Address files (*.json)"), + StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/amnezia_killswitch_exceptions", + true, + ".json") + } + if (fileName !== "") { + PageController.showBusyIndicator(true) + AllowedDnsController.exportDns(fileName) + moreActionsDrawer.closeTriggered() + PageController.showBusyIndicator(false) + } + } + } + + DividerType {} + } + } + + DrawerType2 { + id: importSitesDrawer + + anchors.fill: parent + expandedHeight: parent.height * 0.4375 + + expandedStateContent: Item { + implicitHeight: importSitesDrawer.expandedHeight + + BackButtonType { + id: importSitesDrawerBackButton + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + anchors.topMargin: 16 + + backButtonFunction: function() { + importSitesDrawer.closeTriggered() + } + } + + FlickableType { + anchors.top: importSitesDrawerBackButton.bottom + anchors.left: parent.left + anchors.right: parent.right + anchors.bottom: parent.bottom + + contentHeight: importSitesDrawerContent.height + + ColumnLayout { + id: importSitesDrawerContent + + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right + + Header2Type { + Layout.fillWidth: true + Layout.margins: 16 + + headerText: qsTr("Import address list") + } + + LabelWithButtonType { + id: importSitesButton2 + Layout.fillWidth: true + + text: qsTr("Replace address list") + + clickedFunction: function() { + var fileName = SystemController.getFileName(qsTr("Open address file"), + qsTr("Address files (*.json)")) + if (fileName !== "") { + importSitesDrawerContent.importSites(fileName, true) + } + } + } + + DividerType {} + + LabelWithButtonType { + id: importSitesButton3 + Layout.fillWidth: true + text: qsTr("Add imported addresses to existing ones") + + clickedFunction: function() { + var fileName = SystemController.getFileName(qsTr("Open address file"), + qsTr("Address files (*.json)")) + if (fileName !== "") { + importSitesDrawerContent.importSites(fileName, false) + } + } + } + + function importSites(fileName, replaceExistingSites) { + PageController.showBusyIndicator(true) + AllowedDnsController.importDns(fileName, replaceExistingSites) + PageController.showBusyIndicator(false) + importSitesDrawer.closeTriggered() + moreActionsDrawer.closeTriggered() + } + + DividerType {} + } + } + } + } +} diff --git a/client/ui/qml/Pages2/PageSettingsLogging.qml b/client/ui/qml/Pages2/PageSettingsLogging.qml index 9abfc453..5b20936c 100644 --- a/client/ui/qml/Pages2/PageSettingsLogging.qml +++ b/client/ui/qml/Pages2/PageSettingsLogging.qml @@ -16,13 +16,6 @@ import "../Controls2/TextTypes" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -30,25 +23,24 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: switcher } - FlickableType { - id: fl + ListView { + id: listView + anchors.top: backButton.bottom anchors.bottom: parent.bottom - contentHeight: content.height + anchors.right: parent.right + anchors.left: parent.left - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - spacing: 0 + ScrollBar.vertical: ScrollBarType {} - HeaderType { + header: ColumnLayout { + width: listView.width + + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -60,6 +52,7 @@ PageType { SwitcherType { id: switcher + Layout.fillWidth: true Layout.topMargin: 16 Layout.leftMargin: 16 @@ -68,7 +61,7 @@ PageType { text: qsTr("Enable logs") checked: SettingsController.isLoggingEnabled - //KeyNavigation.tab: openFolderButton + onCheckedChanged: { if (checked !== SettingsController.isLoggingEnabled) { SettingsController.isLoggingEnabled = checked @@ -79,7 +72,6 @@ PageType { DividerType {} LabelWithButtonType { - // id: labelWithButton2 Layout.fillWidth: true Layout.topMargin: -8 @@ -87,8 +79,6 @@ PageType { leftImageSource: "qrc:/images/controls/trash.svg" isSmallLeftImage: true - // KeyNavigation.tab: labelWithButton3 - clickedFunction: function() { var headerText = qsTr("Clear logs?") var yesButtonText = qsTr("Continue") @@ -99,19 +89,28 @@ PageType { SettingsController.clearLogs() PageController.showBusyIndicator(false) PageController.showNotificationMessage(qsTr("Logs have been cleaned up")) - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } } + var noButtonFunction = function() { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } + } showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } } + } + + model: logTypes + clip: true + reuseItems: true + snapMode: ListView.SnapOneItem + + delegate: ColumnLayout { + id: delegateContent + + width: listView.width + + enabled: isVisible ListItemTitleType { Layout.fillWidth: true @@ -119,7 +118,7 @@ PageType { Layout.leftMargin: 16 Layout.rightMargin: 16 - text: qsTr("Client logs") + text: title } ParagraphTextType { @@ -129,30 +128,27 @@ PageType { Layout.rightMargin: 16 color: AmneziaStyle.color.mutedGray - text: qsTr("AmneziaVPN logs") + + text: description } LabelWithButtonType { - // id: labelWithButton2 Layout.fillWidth: true Layout.topMargin: -8 Layout.bottomMargin: -8 + visible: !GC.isMobile() + text: qsTr("Open logs folder") leftImageSource: "qrc:/images/controls/folder-open.svg" isSmallLeftImage: true - // KeyNavigation.tab: labelWithButton3 - - clickedFunction: function() { - SettingsController.openLogsFolder() - } + clickedFunction: openLogsHandler } DividerType {} LabelWithButtonType { - // id: labelWithButton2 Layout.fillWidth: true Layout.topMargin: -8 Layout.bottomMargin: -8 @@ -161,114 +157,72 @@ PageType { leftImageSource: "qrc:/images/controls/save.svg" isSmallLeftImage: true - // KeyNavigation.tab: labelWithButton3 - - clickedFunction: function() { - var fileName = "" - if (GC.isMobile()) { - fileName = "AmneziaVPN.log" - } else { - fileName = SystemController.getFileName(qsTr("Save"), - qsTr("Logs files (*.log)"), - StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/AmneziaVPN", - true, - ".log") - } - if (fileName !== "") { - PageController.showBusyIndicator(true) - SettingsController.exportLogsFile(fileName) - PageController.showBusyIndicator(false) - PageController.showNotificationMessage(qsTr("Logs file saved")) - } - } + clickedFunction: exportLogsHandler } DividerType {} + } + } - ListItemTitleType { - visible: !GC.isMobile() + property list logTypes: [ + clientLogs, + serviceLogs + ] - Layout.fillWidth: true - Layout.topMargin: 32 - Layout.leftMargin: 16 - Layout.rightMargin: 16 + QtObject { + id: clientLogs - text: qsTr("Service logs") + readonly property string title: qsTr("Client logs") + readonly property string description: qsTr("AmneziaVPN logs") + readonly property bool isVisible: true + readonly property var openLogsHandler: function() { + SettingsController.openLogsFolder() + } + readonly property var exportLogsHandler: function() { + var fileName = "" + if (GC.isMobile()) { + fileName = "AmneziaVPN.log" + } else { + fileName = SystemController.getFileName(qsTr("Save"), + qsTr("Logs files (*.log)"), + StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/AmneziaVPN", + true, + ".log") } - - ParagraphTextType { - visible: !GC.isMobile() - - Layout.fillWidth: true - Layout.topMargin: 8 - Layout.leftMargin: 16 - Layout.rightMargin: 16 - - color: AmneziaStyle.color.mutedGray - text: qsTr("AmneziaVPN-service logs") + if (fileName !== "") { + PageController.showBusyIndicator(true) + SettingsController.exportLogsFile(fileName) + PageController.showBusyIndicator(false) + PageController.showNotificationMessage(qsTr("Logs file saved")) } + } + } - LabelWithButtonType { - // id: labelWithButton2 + QtObject { + id: serviceLogs - visible: !GC.isMobile() - - Layout.fillWidth: true - Layout.topMargin: -8 - Layout.bottomMargin: -8 - - text: qsTr("Open logs folder") - leftImageSource: "qrc:/images/controls/folder-open.svg" - isSmallLeftImage: true - - // KeyNavigation.tab: labelWithButton3 - - clickedFunction: function() { - SettingsController.openServiceLogsFolder() - } + readonly property string title: qsTr("Service logs") + readonly property string description: qsTr("AmneziaVPN-service logs") + readonly property bool isVisible: !GC.isMobile() + readonly property var openLogsHandler: function() { + SettingsController.openServiceLogsFolder() + } + readonly property var exportLogsHandler: function() { + var fileName = "" + if (GC.isMobile()) { + fileName = "AmneziaVPN-service.log" + } else { + fileName = SystemController.getFileName(qsTr("Save"), + qsTr("Logs files (*.log)"), + StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/AmneziaVPN-service", + true, + ".log") } - - DividerType { - visible: !GC.isMobile() - } - - LabelWithButtonType { - // id: labelWithButton2 - - visible: !GC.isMobile() - - Layout.fillWidth: true - Layout.topMargin: -8 - Layout.bottomMargin: -8 - - text: qsTr("Export logs") - leftImageSource: "qrc:/images/controls/save.svg" - isSmallLeftImage: true - - // KeyNavigation.tab: labelWithButton3 - - clickedFunction: function() { - var fileName = "" - if (GC.isMobile()) { - fileName = "AmneziaVPN-service.log" - } else { - fileName = SystemController.getFileName(qsTr("Save"), - qsTr("Logs files (*.log)"), - StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/AmneziaVPN-service", - true, - ".log") - } - if (fileName !== "") { - PageController.showBusyIndicator(true) - SettingsController.exportServiceLogsFile(fileName) - PageController.showBusyIndicator(false) - PageController.showNotificationMessage(qsTr("Logs file saved")) - } - } - } - - DividerType { - visible: !GC.isMobile() + if (fileName !== "") { + PageController.showBusyIndicator(true) + SettingsController.exportServiceLogsFile(fileName) + PageController.showBusyIndicator(false) + PageController.showNotificationMessage(qsTr("Logs file saved")) } } } diff --git a/client/ui/qml/Pages2/PageSettingsServerData.qml b/client/ui/qml/Pages2/PageSettingsServerData.qml index e170a351..82552958 100644 --- a/client/ui/qml/Pages2/PageSettingsServerData.qml +++ b/client/ui/qml/Pages2/PageSettingsServerData.qml @@ -36,16 +36,6 @@ PageType { PageController.showErrorMessage(message) } - function onRemoveProcessedServerFinished(finishedMessage) { - if (!ServersModel.getServersCount()) { - PageController.goToPageHome() - } else { - PageController.goToStartPage() - PageController.goToPage(PageEnum.PageSettingsServersList) - } - PageController.showNotificationMessage(finishedMessage) - } - function onRebootProcessedServerFinished(finishedMessage) { PageController.showNotificationMessage(finishedMessage) } @@ -100,8 +90,6 @@ PageType { text: qsTr("Check the server for previously installed Amnezia services") descriptionText: qsTr("Add them to the application if they were not displayed") - KeyNavigation.tab: labelWithButton2 - clickedFunction: function() { PageController.showBusyIndicator(true) InstallController.scanServerForInstalledContainers() @@ -121,8 +109,6 @@ PageType { text: qsTr("Reboot server") textColor: AmneziaStyle.color.vibrantRed - KeyNavigation.tab: labelWithButton3 - clickedFunction: function() { var headerText = qsTr("Do you want to reboot the server?") var descriptionText = qsTr("The reboot process may take approximately 30 seconds. Are you sure you wish to proceed?") @@ -162,16 +148,6 @@ PageType { text: qsTr("Remove server from application") textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: { - if (content.isServerWithWriteAccess) { - labelWithButton4.forceActiveFocus() - } else { - labelWithButton5.visible ? - labelWithButton5.forceActiveFocus() : - lastItemTabClickedSignal() - } - } - clickedFunction: function() { var headerText = qsTr("Do you want to remove the server from application?") var descriptionText = qsTr("All installed AmneziaVPN services will still remain on the server.") @@ -210,10 +186,6 @@ PageType { text: qsTr("Clear server from Amnezia software") textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: labelWithButton5.visible ? - labelWithButton5.forceActiveFocus() : - root.lastItemTabClickedSignal() - clickedFunction: function() { var headerText = qsTr("Do you want to clear server from Amnezia software?") var descriptionText = qsTr("All users whom you shared a connection with will no longer be able to connect to it.") @@ -253,8 +225,6 @@ PageType { text: qsTr("Reset API config") textColor: AmneziaStyle.color.vibrantRed - Keys.onTabPressed: root.lastItemTabClickedSignal() - clickedFunction: function() { var headerText = qsTr("Do you want to reset API config?") var descriptionText = "" @@ -287,6 +257,24 @@ PageType { DividerType { visible: ServersModel.getProcessedServerData("isServerFromTelegramApi") } + + LabelWithButtonType { + id: labelWithButton6 + visible: ServersModel.getProcessedServerData("isServerFromTelegramApi") && ServersModel.processedServerIsPremium + Layout.fillWidth: true + + text: qsTr("Switch to the new Amnezia Premium subscription") + textColor: AmneziaStyle.color.vibrantRed + + clickedFunction: function() { + PageController.goToPageHome() + ApiPremV1MigrationController.showMigrationDrawer() + } + } + + DividerType { + visible: ServersModel.getProcessedServerData("isServerFromTelegramApi") && ServersModel.processedServerIsPremium + } } } } diff --git a/client/ui/qml/Pages2/PageSettingsServerInfo.qml b/client/ui/qml/Pages2/PageSettingsServerInfo.qml index ffcfb441..6ac81764 100644 --- a/client/ui/qml/Pages2/PageSettingsServerInfo.qml +++ b/client/ui/qml/Pages2/PageSettingsServerInfo.qml @@ -19,21 +19,17 @@ import "../Components" PageType { id: root - property int pageSettingsServerProtocols: 0 - property int pageSettingsServerServices: 1 - property int pageSettingsServerData: 2 - property int pageSettingsApiServerInfo: 3 - property int pageSettingsApiLanguageList: 4 + readonly property int pageSettingsServerProtocols: 0 + readonly property int pageSettingsServerServices: 1 + readonly property int pageSettingsServerData: 2 property var processedServer - defaultActiveFocusItem: focusItem - Connections { target: PageController function onGoToPageSettingsServerServices() { - tabBar.currentIndex = root.pageSettingsServerServices + tabBar.setCurrentIndex(root.pageSettingsServerServices) } } @@ -62,50 +58,33 @@ PageType { } } - Item { - id: focusItem - //KeyNavigation.tab: header - } - ColumnLayout { + objectName: "mainLayout" + anchors.fill: parent + anchors.topMargin: 20 spacing: 4 BackButtonType { id: backButton - - Layout.topMargin: 20 - KeyNavigation.tab: headerContent.actionButton - - backButtonFunction: function() { - if (nestedStackView.currentIndex === root.pageSettingsApiServerInfo && - root.processedServer.isCountrySelectionAvailable) { - nestedStackView.currentIndex = root.pageSettingsApiLanguageList - } else { - PageController.closePage() - } - } + objectName: "backButton" } - HeaderType { + HeaderTypeWithButton { id: headerContent + objectName: "headerContent" + Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 + Layout.bottomMargin: 10 - actionButtonImage: nestedStackView.currentIndex === root.pageSettingsApiLanguageList ? "qrc:/images/controls/settings.svg" - : "qrc:/images/controls/edit-3.svg" + actionButtonImage: "qrc:/images/controls/edit-3.svg" headerText: root.processedServer.name descriptionText: { - if (root.processedServer.isServerFromGatewayApi) { - if (nestedStackView.currentIndex === root.pageSettingsApiLanguageList) { - return qsTr("Subscription is valid until ") + ApiServicesModel.getSelectedServiceData("endDate") - } else { - return ApiServicesModel.getSelectedServiceData("serviceDescription") - } - } else if (root.processedServer.isServerFromTelegramApi) { + if (root.processedServer.isServerFromTelegramApi) { return root.processedServer.serverDescription } else if (root.processedServer.hasWriteAccess) { return root.processedServer.credentialsLogin + " · " + root.processedServer.hostName @@ -114,18 +93,12 @@ PageType { } } - KeyNavigation.tab: tabBar - actionButtonFunction: function() { - if (nestedStackView.currentIndex === root.pageSettingsApiLanguageList) { - nestedStackView.currentIndex = root.pageSettingsApiServerInfo - } else { - serverNameEditDrawer.open() - } + serverNameEditDrawer.openTriggered() } } - DrawerType2 { + RenameServerDrawer { id: serverNameEditDrawer parent: root @@ -133,65 +106,7 @@ PageType { anchors.fill: parent expandedHeight: root.height * 0.35 - onClosed: { - if (!GC.isMobile()) { - headerContent.actionButton.forceActiveFocus() - } - } - - expandedContent: ColumnLayout { - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - anchors.topMargin: 32 - anchors.leftMargin: 16 - anchors.rightMargin: 16 - - Connections { - target: serverNameEditDrawer - enabled: !GC.isMobile() - function onOpened() { - serverName.textField.forceActiveFocus() - } - } - - Item { - id: focusItem1 - KeyNavigation.tab: serverName.textField - } - - TextFieldWithHeaderType { - id: serverName - - Layout.fillWidth: true - headerText: qsTr("Server name") - textFieldText: root.processedServer.name - textField.maximumLength: 30 - checkEmptyText: true - - KeyNavigation.tab: saveButton - } - - BasicButtonType { - id: saveButton - - Layout.fillWidth: true - - text: qsTr("Save") - KeyNavigation.tab: focusItem1 - - clickedFunc: function() { - if (serverName.textFieldText === "") { - return - } - - if (serverName.textFieldText !== root.processedServer.name) { - ServersModel.setProcessedServerData("name", serverName.textFieldText); - } - serverNameEditDrawer.close() - } - } - } + serverNameText: root.processedServer.name } TabBar { @@ -207,37 +122,27 @@ PageType { color: AmneziaStyle.color.transparent } - visible: !ServersModel.getProcessedServerData("isServerFromGatewayApi") - - activeFocusOnTab: true - onFocusChanged: { - if (activeFocus) { - protocolsTab.forceActiveFocus() - } - } TabButtonType { id: protocolsTab visible: protocolsPage.installedProtocolsCount width: protocolsPage.installedProtocolsCount ? undefined : 0 - isSelected: tabBar.currentIndex === root.pageSettingsServerProtocols + isSelected: TabBar.tabBar.currentIndex === root.pageSettingsServerProtocols text: qsTr("Protocols") - KeyNavigation.tab: servicesTab - Keys.onReturnPressed: tabBar.currentIndex = root.pageSettingsServerProtocols - Keys.onEnterPressed: tabBar.currentIndex = root.pageSettingsServerProtocols + Keys.onReturnPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerProtocols) + Keys.onEnterPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerProtocols) } TabButtonType { id: servicesTab visible: servicesPage.installedServicesCount width: servicesPage.installedServicesCount ? undefined : 0 - isSelected: tabBar.currentIndex === root.pageSettingsServerServices + isSelected: TabBar.tabBar.currentIndex === root.pageSettingsServerServices text: qsTr("Services") - KeyNavigation.tab: dataTab - Keys.onReturnPressed: tabBar.currentIndex = root.pageSettingsServerServices - Keys.onEnterPressed: tabBar.currentIndex = root.pageSettingsServerServices + Keys.onReturnPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerServices) + Keys.onEnterPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerServices) } TabButtonType { @@ -245,63 +150,32 @@ PageType { isSelected: tabBar.currentIndex === root.pageSettingsServerData text: qsTr("Management") - Keys.onReturnPressed: tabBar.currentIndex = root.pageSettingsServerData - Keys.onEnterPressed: tabBar.currentIndex = root.pageSettingsServerData - Keys.onTabPressed: function() { - if (nestedStackView.currentIndex === root.pageSettingsServerProtocols) { - return protocolsPage - } else if (nestedStackView.currentIndex === root.pageSettingsServerProtocols) { - return servicesPage - } else { - return dataPage - } - } + Keys.onReturnPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerData) + Keys.onEnterPressed: TabBar.tabBar.setCurrentIndex(root.pageSettingsServerData) } } StackLayout { id: nestedStackView + Layout.fillWidth: true - currentIndex: ServersModel.getProcessedServerData("isServerFromGatewayApi") ? - (ServersModel.getProcessedServerData("isCountrySelectionAvailable") ? - root.pageSettingsApiLanguageList : root.pageSettingsApiServerInfo) : tabBar.currentIndex + currentIndex: tabBar.currentIndex PageSettingsServerProtocols { id: protocolsPage stackView: root.stackView - - onLastItemTabClickedSignal: lastItemTabClicked(focusItem) } PageSettingsServerServices { id: servicesPage stackView: root.stackView - - onLastItemTabClickedSignal: lastItemTabClicked(focusItem) } PageSettingsServerData { id: dataPage stackView: root.stackView - - onLastItemTabClickedSignal: lastItemTabClicked(focusItem) - } - - PageSettingsApiServerInfo { - id: apiInfoPage - stackView: root.stackView - -// onLastItemTabClickedSignal: lastItemTabClicked(focusItem) - } - - PageSettingsApiLanguageList { - id: apiLanguageListPage - stackView: root.stackView - -// onLastItemTabClickedSignal: lastItemTabClicked(focusItem) } } - } } diff --git a/client/ui/qml/Pages2/PageSettingsServerProtocol.qml b/client/ui/qml/Pages2/PageSettingsServerProtocol.qml index dcdf01af..fce9b2a3 100644 --- a/client/ui/qml/Pages2/PageSettingsServerProtocol.qml +++ b/client/ui/qml/Pages2/PageSettingsServerProtocol.qml @@ -21,13 +21,6 @@ PageType { property bool isClearCacheVisible: ServersModel.isProcessedServerHasWriteAccess() && !ContainersModel.isServiceContainer(ContainersModel.getProcessedContainerIndex()) - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: header @@ -39,10 +32,9 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: protocols } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -57,30 +49,36 @@ PageType { height: protocols.contentItem.height clip: true interactive: true - model: ProtocolsModel - property int currentFocusIndex: 0 - - activeFocusOnTab: true - onActiveFocusChanged: { - if (activeFocus) { - this.currentFocusIndex = 0 - protocols.itemAtIndex(currentFocusIndex).focusItem.forceActiveFocus() - } - } + property bool isFocusable: true Keys.onTabPressed: { - if (currentFocusIndex < this.count - 1) { - currentFocusIndex += 1 - protocols.itemAtIndex(currentFocusIndex).focusItem.forceActiveFocus() - } else { - clearCacheButton.forceActiveFocus() - } + FocusController.nextKeyTabItem() } - delegate: Item { - property var focusItem: clientSettings.rightButton + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + model: ProtocolsModel + + delegate: Item { implicitWidth: protocols.width implicitHeight: delegateContent.implicitHeight @@ -160,109 +158,112 @@ PageType { } } } - } - LabelWithButtonType { - id: clearCacheButton + footer: ColumnLayout { + width: header.width - Layout.fillWidth: true + LabelWithButtonType { + id: clearCacheButton - visible: root.isClearCacheVisible - KeyNavigation.tab: removeButton + Layout.fillWidth: true - text: qsTr("Clear profile") + visible: root.isClearCacheVisible - clickedFunction: function() { - var headerText = qsTr("Clear %1 profile?").arg(ContainersModel.getProcessedContainerName()) - var descriptionText = qsTr("The connection configuration will be deleted for this device only") - var yesButtonText = qsTr("Continue") - var noButtonText = qsTr("Cancel") + text: qsTr("Clear profile") - var yesButtonFunction = function() { - if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - var message = qsTr("Unable to clear %1 profile while there is an active connection").arg(ContainersModel.getProcessedContainerName()) - PageController.showNotificationMessage(message) - return + clickedFunction: function() { + var headerText = qsTr("Clear %1 profile?").arg(ContainersModel.getProcessedContainerName()) + var descriptionText = qsTr("The connection configuration will be deleted for this device only") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + var message = qsTr("Unable to clear %1 profile while there is an active connection").arg(ContainersModel.getProcessedContainerName()) + PageController.showNotificationMessage(message) + return + } + + PageController.showBusyIndicator(true) + InstallController.clearCachedProfile() + PageController.showBusyIndicator(false) + } + var noButtonFunction = function() { + // if (!GC.isMobile()) { + // focusItem.forceActiveFocus() + // } + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } - PageController.showBusyIndicator(true) - InstallController.clearCachedProfile() - PageController.showBusyIndicator(false) - } - var noButtonFunction = function() { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() + MouseArea { + anchors.fill: clearCacheButton + cursorShape: Qt.PointingHandCursor + enabled: false } } - showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) - } + DividerType { + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 - MouseArea { - anchors.fill: clearCacheButton - cursorShape: Qt.PointingHandCursor - enabled: false - } - } - - DividerType { - Layout.fillWidth: true - Layout.leftMargin: 16 - Layout.rightMargin: 16 - - visible: root.isClearCacheVisible - } - - LabelWithButtonType { - id: removeButton - - Layout.fillWidth: true - - visible: ServersModel.isProcessedServerHasWriteAccess() - Keys.onTabPressed: lastItemTabClicked(focusItem) - - text: qsTr("Remove ") - textColor: AmneziaStyle.color.vibrantRed - - clickedFunction: function() { - var headerText = qsTr("Remove %1 from server?").arg(ContainersModel.getProcessedContainerName()) - var descriptionText = qsTr("All users with whom you shared a connection will no longer be able to connect to it.") - var yesButtonText = qsTr("Continue") - var noButtonText = qsTr("Cancel") - - var yesButtonFunction = function() { - if (ServersModel.isDefaultServerCurrentlyProcessed() && ConnectionController.isConnected - && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { - PageController.showNotificationMessage(qsTr("Cannot remove active container")) - } else - { - PageController.goToPage(PageEnum.PageDeinstalling) - InstallController.removeProcessedContainer() - } + visible: root.isClearCacheVisible } - var noButtonFunction = function() { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() + + LabelWithButtonType { + id: removeButton + + Layout.fillWidth: true + + visible: ServersModel.isProcessedServerHasWriteAccess() + + text: qsTr("Remove ") + textColor: AmneziaStyle.color.vibrantRed + + clickedFunction: function() { + var headerText = qsTr("Remove %1 from server?").arg(ContainersModel.getProcessedContainerName()) + var descriptionText = qsTr("All users with whom you shared a connection will no longer be able to connect to it.") + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + if (ServersModel.isDefaultServerCurrentlyProcessed() && ConnectionController.isConnected + && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) { + PageController.showNotificationMessage(qsTr("Cannot remove active container")) + } else + { + PageController.goToPage(PageEnum.PageDeinstalling) + InstallController.removeProcessedContainer() + } + } + var noButtonFunction = function() { + if (!GC.isMobile()) { + focusItem.forceActiveFocus() + } + } + + showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) + } + + MouseArea { + anchors.fill: removeButton + cursorShape: Qt.PointingHandCursor + enabled: false } } - showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) - } + DividerType { + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 - MouseArea { - anchors.fill: removeButton - cursorShape: Qt.PointingHandCursor - enabled: false + visible: ServersModel.isProcessedServerHasWriteAccess() + } } } - DividerType { - Layout.fillWidth: true - Layout.leftMargin: 16 - Layout.rightMargin: 16 - - visible: ServersModel.isProcessedServerHasWriteAccess() - } } } diff --git a/client/ui/qml/Pages2/PageSettingsServerProtocols.qml b/client/ui/qml/Pages2/PageSettingsServerProtocols.qml index 0bc1fc7d..ba72957e 100644 --- a/client/ui/qml/Pages2/PageSettingsServerProtocols.qml +++ b/client/ui/qml/Pages2/PageSettingsServerProtocols.qml @@ -21,53 +21,45 @@ PageType { property var installedProtocolsCount - onFocusChanged: settingsContainersListView.forceActiveFocus() - signal lastItemTabClickedSignal() + function resetView() { + settingsContainersListView.positionViewAtBeginning() + } - FlickableType { - id: fl - anchors.top: parent.top - anchors.bottom: parent.bottom - contentHeight: content.implicitHeight + SettingsContainersListView { + id: settingsContainersListView - Column { - id: content + anchors.fill: parent - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + Connections { + target: ServersModel - SettingsContainersListView { - id: settingsContainersListView - - Connections { - target: ServersModel - - function onProcessedServerIndexChanged() { - settingsContainersListView.updateContainersModelFilters() - } - } - - function updateContainersModelFilters() { - if (ServersModel.isProcessedServerHasWriteAccess()) { - proxyContainersModel.filters = ContainersModelFilters.getWriteAccessProtocolsListFilters() - } else { - proxyContainersModel.filters = ContainersModelFilters.getReadAccessProtocolsListFilters() - } - root.installedProtocolsCount = proxyContainersModel.count - } - - model: SortFilterProxyModel { - id: proxyContainersModel - sourceModel: ContainersModel - sorters: [ - RoleSorter { roleName: "isInstalled"; sortOrder: Qt.DescendingOrder }, - RoleSorter { roleName: "installPageOrder"; sortOrder: Qt.AscendingOrder } - ] - } - - Component.onCompleted: updateContainersModelFilters() + function onProcessedServerIndexChanged() { + settingsContainersListView.updateContainersModelFilters() } } + + function updateContainersModelFilters() { + if (ServersModel.isProcessedServerHasWriteAccess()) { + proxyContainersModel.filters = ContainersModelFilters.getWriteAccessProtocolsListFilters() + } else { + proxyContainersModel.filters = ContainersModelFilters.getReadAccessProtocolsListFilters() + } + root.installedProtocolsCount = proxyContainersModel.count + } + + model: SortFilterProxyModel { + id: proxyContainersModel + sourceModel: ContainersModel + sorters: [ + RoleSorter { roleName: "isInstalled"; sortOrder: Qt.DescendingOrder }, + RoleSorter { roleName: "installPageOrder"; sortOrder: Qt.AscendingOrder } + ] + } + + Component.onCompleted: { + settingsContainersListView.isFocusable = true + settingsContainersListView.interactive = true + updateContainersModelFilters() + } } } diff --git a/client/ui/qml/Pages2/PageSettingsServerServices.qml b/client/ui/qml/Pages2/PageSettingsServerServices.qml index 440fd8db..a46d4051 100644 --- a/client/ui/qml/Pages2/PageSettingsServerServices.qml +++ b/client/ui/qml/Pages2/PageSettingsServerServices.qml @@ -21,52 +21,40 @@ PageType { property var installedServicesCount - onFocusChanged: settingsContainersListView.forceActiveFocus() - signal lastItemTabClickedSignal() + SettingsContainersListView { + id: settingsContainersListView - FlickableType { - id: fl - anchors.top: parent.top - anchors.bottom: parent.bottom - contentHeight: content.implicitHeight + anchors.fill: parent - Column { - id: content + Connections { + target: ServersModel - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - - SettingsContainersListView { - id: settingsContainersListView - - Connections { - target: ServersModel - - function onProcessedServerIndexChanged() { - settingsContainersListView.updateContainersModelFilters() - } - } - - function updateContainersModelFilters() { - if (ServersModel.isProcessedServerHasWriteAccess()) { - proxyContainersModel.filters = ContainersModelFilters.getWriteAccessServicesListFilters() - } else { - proxyContainersModel.filters = ContainersModelFilters.getReadAccessServicesListFilters() - } - root.installedServicesCount = proxyContainersModel.count - } - - model: SortFilterProxyModel { - id: proxyContainersModel - sourceModel: ContainersModel - sorters: [ - RoleSorter { roleName: "isInstalled"; sortOrder: Qt.DescendingOrder } - ] - } - - Component.onCompleted: updateContainersModelFilters() + function onProcessedServerIndexChanged() { + settingsContainersListView.updateContainersModelFilters() } } + + function updateContainersModelFilters() { + if (ServersModel.isProcessedServerHasWriteAccess()) { + proxyContainersModel.filters = ContainersModelFilters.getWriteAccessServicesListFilters() + } else { + proxyContainersModel.filters = ContainersModelFilters.getReadAccessServicesListFilters() + } + root.installedServicesCount = proxyContainersModel.count + } + + model: SortFilterProxyModel { + id: proxyContainersModel + sourceModel: ContainersModel + sorters: [ + RoleSorter { roleName: "isInstalled"; sortOrder: Qt.DescendingOrder } + ] + } + + Component.onCompleted: { + settingsContainersListView.isFocusable = true + settingsContainersListView.interactive = true + updateContainersModelFilters() + } } } diff --git a/client/ui/qml/Pages2/PageSettingsServersList.qml b/client/ui/qml/Pages2/PageSettingsServersList.qml index 102dd46f..57e39ae8 100644 --- a/client/ui/qml/Pages2/PageSettingsServersList.qml +++ b/client/ui/qml/Pages2/PageSettingsServersList.qml @@ -18,13 +18,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - ColumnLayout { id: header @@ -36,10 +29,9 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: servers } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.leftMargin: 16 Layout.rightMargin: 16 @@ -48,95 +40,76 @@ PageType { } } - FlickableType { - id: fl + ListView { + id: servers + objectName: "servers" + + width: parent.width anchors.top: header.bottom anchors.topMargin: 16 - contentHeight: col.implicitHeight + anchors.left: parent.left + anchors.right: parent.right - Column { - id: col - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + height: 500 - ListView { - id: servers - width: parent.width - height: servers.contentItem.height + property bool isFocusable: true - model: ServersModel + model: ServersModel - clip: true - interactive: false + clip: true + reuseItems: true - activeFocusOnTab: true - focus: true - Keys.onTabPressed: { - if (currentIndex < servers.count - 1) { - servers.incrementCurrentIndex() - } else { - servers.currentIndex = 0 - focusItem.forceActiveFocus() - root.lastItemTabClicked() - } + delegate: Item { + implicitWidth: servers.width + implicitHeight: delegateContent.implicitHeight - fl.ensureVisible(this.currentItem) - } + ColumnLayout { + id: delegateContent - onVisibleChanged: { - if (visible) { - currentIndex = 0 - } - } + anchors.top: parent.top + anchors.left: parent.left + anchors.right: parent.right - delegate: Item { - implicitWidth: servers.width - implicitHeight: delegateContent.implicitHeight + LabelWithButtonType { + id: server + Layout.fillWidth: true - onFocusChanged: { - if (focus) { - server.rightButton.forceActiveFocus() - } - } + text: name - ColumnLayout { - id: delegateContent - - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - - LabelWithButtonType { - id: server - Layout.fillWidth: true - - text: name - parentFlickable: fl - descriptionText: { - var servicesNameString = "" - var servicesName = ServersModel.getAllInstalledServicesName(index) - for (var i = 0; i < servicesName.length; i++) { - servicesNameString += servicesName[i] + " · " - } - - if (ServersModel.isServerFromApi(index)) { - return servicesNameString + serverDescription - } else { - return servicesNameString + hostName - } - } - rightImageSource: "qrc:/images/controls/chevron-right.svg" - - clickedFunction: function() { - ServersModel.processedIndex = index - PageController.goToPage(PageEnum.PageSettingsServerInfo) - } + descriptionText: { + var servicesNameString = "" + var servicesName = ServersModel.getAllInstalledServicesName(index) + for (var i = 0; i < servicesName.length; i++) { + servicesNameString += servicesName[i] + " · " } - DividerType {} + if (ServersModel.isServerFromApi(index)) { + return servicesNameString + serverDescription + } else { + return servicesNameString + hostName + } + } + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + ServersModel.processedIndex = index + + if (ServersModel.getProcessedServerData("isServerFromGatewayApi")) { + PageController.showBusyIndicator(true) + let result = ApiSettingsController.getAccountInfo(false) + PageController.showBusyIndicator(false) + if (!result) { + return + } + + PageController.goToPage(PageEnum.PageSettingsApiServerInfo) + } else { + PageController.goToPage(PageEnum.PageSettingsServerInfo) + } } } + + DividerType {} } } } diff --git a/client/ui/qml/Pages2/PageSettingsSplitTunneling.qml b/client/ui/qml/Pages2/PageSettingsSplitTunneling.qml index f5fe285a..292f903a 100644 --- a/client/ui/qml/Pages2/PageSettingsSplitTunneling.qml +++ b/client/ui/qml/Pages2/PageSettingsSplitTunneling.qml @@ -23,13 +23,6 @@ PageType { property var isServerFromTelegramApi: ServersModel.getDefaultServerData("isServerFromTelegramApi") - defaultActiveFocusItem: searchField.textField - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - property bool pageEnabled Component.onCompleted: { @@ -99,38 +92,24 @@ PageType { BackButtonType { id: backButton - KeyNavigation.tab: switcher } - RowLayout { - HeaderType { - enabled: root.pageEnabled + HeaderTypeWithSwitcher { + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 - Layout.fillWidth: true - Layout.leftMargin: 16 - - headerText: qsTr("Split tunneling") - } - - SwitcherType { - id: switcher - - enabled: root.pageEnabled - - Layout.fillWidth: true - Layout.rightMargin: 16 - - function onToggledFunc() { - SitesModel.toggleSplitTunneling(this.checked) - selector.text = root.routeModesModel[getRouteModesModelIndex()].name - } + headerText: qsTr("Split tunneling") + enabled: root.pageEnabled + showSwitcher: true + switcher { checked: SitesModel.isTunnelingEnabled - onToggled: { onToggledFunc() } - Keys.onEnterPressed: { onToggledFunc() } - Keys.onReturnPressed: { onToggledFunc() } - - KeyNavigation.tab: selector + enabled: root.pageEnabled + } + switcherFunction: function(checked) { + SitesModel.toggleSplitTunneling(checked) + selector.text = root.routeModesModel[getRouteModesModelIndex()].name } } @@ -154,18 +133,18 @@ PageType { model: root.routeModesModel - currentIndex: getRouteModesModelIndex() + selectedIndex: getRouteModesModelIndex() clickedFunction: function() { selector.text = selectedText - selector.close() - if (SitesModel.routeMode !== root.routeModesModel[currentIndex].type) { - SitesModel.routeMode = root.routeModesModel[currentIndex].type + selector.closeTriggered() + if (SitesModel.routeMode !== root.routeModesModel[selectedIndex].type) { + SitesModel.routeMode = root.routeModesModel[selectedIndex].type } } Component.onCompleted: { - if (root.routeModesModel[currentIndex].type === SitesModel.routeMode) { + if (root.routeModesModel[selectedIndex].type === SitesModel.routeMode) { selector.text = selectedText } else { selector.text = root.routeModesModel[0].name @@ -175,128 +154,89 @@ PageType { Connections { target: SitesModel function onRouteModeChanged() { - currentIndex = getRouteModesModelIndex() + selectedIndex = getRouteModesModelIndex() } } } - - KeyNavigation.tab: { - return sites.count > 0 ? - sites : - searchField.textField - } } } - FlickableType { - id: fl + ListView { + id: listView + anchors.top: header.bottom anchors.topMargin: 16 - contentHeight: col.implicitHeight + addSiteButton.implicitHeight + addSiteButton.anchors.bottomMargin + addSiteButton.anchors.topMargin + anchors.bottom: addSiteButton.top + + width: parent.width enabled: root.pageEnabled - Column { - id: col - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + property bool isFocusable: true - ListView { - id: sites - width: parent.width - height: sites.contentItem.height - - model: SortFilterProxyModel { - id: proxySitesModel - sourceModel: SitesModel - filters: [ - AnyOf { - RegExpFilter { - roleName: "url" - pattern: ".*" + searchField.textField.text + ".*" - caseSensitivity: Qt.CaseInsensitive - } - RegExpFilter { - roleName: "ip" - pattern: ".*" + searchField.textField.text + ".*" - caseSensitivity: Qt.CaseInsensitive - } - } - ] - } - - clip: true - interactive: false - - activeFocusOnTab: true - focus: true - Keys.onTabPressed: { - if (currentIndex < this.count - 1) { - this.incrementCurrentIndex() - } else { - currentIndex = 0 - searchField.textField.forceActiveFocus() + model: SortFilterProxyModel { + id: proxySitesModel + sourceModel: SitesModel + filters: [ + AnyOf { + RegExpFilter { + roleName: "url" + pattern: ".*" + searchField.textField.text + ".*" + caseSensitivity: Qt.CaseInsensitive + } + RegExpFilter { + roleName: "ip" + pattern: ".*" + searchField.textField.text + ".*" + caseSensitivity: Qt.CaseInsensitive } - - fl.ensureVisible(currentItem) } + ] + } - delegate: Item { - implicitWidth: sites.width - implicitHeight: delegateContent.implicitHeight + clip: true - onActiveFocusChanged: { - if (activeFocus) { + reuseItems: true + + delegate: ColumnLayout { + id: delegateContent + + width: listView.width + + LabelWithButtonType { + id: site + Layout.fillWidth: true + + text: url + descriptionText: ip + rightImageSource: "qrc:/images/controls/trash.svg" + rightImageColor: AmneziaStyle.color.paleGray + + clickedFunction: function() { + var headerText = qsTr("Remove ") + url + "?" + var yesButtonText = qsTr("Continue") + var noButtonText = qsTr("Cancel") + + var yesButtonFunction = function() { + SitesController.removeSite(proxySitesModel.mapToSource(index)) + if (!GC.isMobile()) { + site.rightButton.forceActiveFocus() + } + } + var noButtonFunction = function() { + if (!GC.isMobile()) { site.rightButton.forceActiveFocus() } } - ColumnLayout { - id: delegateContent - - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - - LabelWithButtonType { - id: site - Layout.fillWidth: true - - text: url - descriptionText: ip - rightImageSource: "qrc:/images/controls/trash.svg" - rightImageColor: AmneziaStyle.color.paleGray - - clickedFunction: function() { - var headerText = qsTr("Remove ") + url + "?" - var yesButtonText = qsTr("Continue") - var noButtonText = qsTr("Cancel") - - var yesButtonFunction = function() { - SitesController.removeSite(proxySitesModel.mapToSource(index)) - if (!GC.isMobile()) { - site.rightButton.forceActiveFocus() - } - } - var noButtonFunction = function() { - if (!GC.isMobile()) { - site.rightButton.forceActiveFocus() - } - } - - showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) - } - } - - DividerType {} - } + showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction) } } + DividerType {} } } + Rectangle { anchors.fill: addSiteButton anchors.bottomMargin: -24 @@ -323,14 +263,13 @@ PageType { Layout.fillWidth: true rightButtonClickedOnEnter: true - textFieldPlaceholderText: qsTr("website or IP") + textField.placeholderText: qsTr("website or IP") buttonImageSource: "qrc:/images/controls/plus.svg" - KeyNavigation.tab: GC.isMobile() ? focusItem : addSiteButtonImage clickedFunc: function() { PageController.showBusyIndicator(true) - SitesController.addSite(textFieldText) - textFieldText = "" + SitesController.addSite(textField.text) + textField.text = "" PageController.showBusyIndicator(false) } } @@ -344,13 +283,11 @@ PageType { imageColor: AmneziaStyle.color.paleGray onClicked: function () { - moreActionsDrawer.open() + moreActionsDrawer.openTriggered() } Keys.onReturnPressed: addSiteButtonImage.clicked() Keys.onEnterPressed: addSiteButtonImage.clicked() - - Keys.onTabPressed: lastItemTabClicked(focusItem) } } @@ -360,38 +297,13 @@ PageType { anchors.fill: parent expandedHeight: parent.height * 0.4375 - onClosed: { - if (root.defaultActiveFocusItem && !GC.isMobile()) { - root.defaultActiveFocusItem.forceActiveFocus() - } - } - - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { id: moreActionsDrawerContent anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right - Connections { - target: moreActionsDrawer - - function onOpened() { - focusItem1.forceActiveFocus() - } - - function onActiveFocusChanged() { - if (!GC.isMobile()) { - focusItem1.forceActiveFocus() - } - } - } - - Item { - id: focusItem1 - KeyNavigation.tab: importSitesButton.rightButton - } - Header2Type { Layout.fillWidth: true Layout.margins: 16 @@ -407,10 +319,8 @@ PageType { rightImageSource: "qrc:/images/controls/chevron-right.svg" clickedFunction: function() { - importSitesDrawer.open() + importSitesDrawer.openTriggered() } - - KeyNavigation.tab: exportSitesButton } DividerType {} @@ -420,8 +330,6 @@ PageType { Layout.fillWidth: true text: qsTr("Save site list") - KeyNavigation.tab: focusItem1 - clickedFunction: function() { var fileName = "" if (GC.isMobile()) { @@ -436,7 +344,7 @@ PageType { if (fileName !== "") { PageController.showBusyIndicator(true) SitesController.exportSites(fileName) - moreActionsDrawer.close() + moreActionsDrawer.closeTriggered() PageController.showBusyIndicator(false) } } @@ -452,28 +360,9 @@ PageType { anchors.fill: parent expandedHeight: parent.height * 0.4375 - onClosed: { - if (!GC.isMobile()) { - moreActionsDrawer.forceActiveFocus() - } - } - - expandedContent: Item { + expandedStateContent: Item { implicitHeight: importSitesDrawer.expandedHeight - Connections { - target: importSitesDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem2.forceActiveFocus() - } - } - - Item { - id: focusItem2 - KeyNavigation.tab: importSitesDrawerBackButton - } - BackButtonType { id: importSitesDrawerBackButton @@ -482,10 +371,8 @@ PageType { anchors.right: parent.right anchors.topMargin: 16 - KeyNavigation.tab: importSitesButton2 - backButtonFunction: function() { - importSitesDrawer.close() + importSitesDrawer.closeTriggered() } } @@ -516,7 +403,6 @@ PageType { Layout.fillWidth: true text: qsTr("Replace site list") - KeyNavigation.tab: importSitesButton3 clickedFunction: function() { var fileName = SystemController.getFileName(qsTr("Open sites file"), @@ -533,7 +419,6 @@ PageType { id: importSitesButton3 Layout.fillWidth: true text: qsTr("Add imported sites to existing ones") - KeyNavigation.tab: focusItem2 clickedFunction: function() { var fileName = SystemController.getFileName(qsTr("Open sites file"), @@ -548,8 +433,8 @@ PageType { PageController.showBusyIndicator(true) SitesController.importSites(fileName, replaceExistingSites) PageController.showBusyIndicator(false) - importSitesDrawer.close() - moreActionsDrawer.close() + importSitesDrawer.closeTriggered() + moreActionsDrawer.closeTriggered() } DividerType {} diff --git a/client/ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml b/client/ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml index 75fd3d47..30128de6 100644 --- a/client/ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml +++ b/client/ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml @@ -15,8 +15,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - FlickableType { id: fl anchors.top: parent.top @@ -32,18 +30,12 @@ PageType { spacing: 0 - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton Layout.topMargin: 20 -// KeyNavigation.tab: fileButton.rightButton } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 8 Layout.rightMargin: 16 @@ -78,7 +70,7 @@ PageType { imageSource: "qrc:/images/controls/history.svg" leftText: qsTr("Work period") - rightText: ApiServicesModel.getSelectedServiceData("workPeriod") + rightText: ApiServicesModel.getSelectedServiceData("timeLimit") visible: rightText !== "" } @@ -146,7 +138,7 @@ PageType { PageController.closePage() } else { PageController.showBusyIndicator(true) - InstallController.installServiceFromApi() + ApiConfigsController.importServiceFromGateway() PageController.showBusyIndicator(false) } } diff --git a/client/ui/qml/Pages2/PageSetupWizardApiServicesList.qml b/client/ui/qml/Pages2/PageSetupWizardApiServicesList.qml index f726cd49..549eb381 100644 --- a/client/ui/qml/Pages2/PageSetupWizardApiServicesList.qml +++ b/client/ui/qml/Pages2/PageSetupWizardApiServicesList.qml @@ -14,8 +14,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: focusItem - ColumnLayout { id: header @@ -25,18 +23,12 @@ PageType { spacing: 0 - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton Layout.topMargin: 20 -// KeyNavigation.tab: fileButton.rightButton } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 8 Layout.rightMargin: 16 @@ -50,6 +42,7 @@ PageType { ListView { id: servicesListView + anchors.top: header.bottom anchors.right: parent.right anchors.left: parent.left @@ -57,16 +50,21 @@ PageType { anchors.topMargin: 16 spacing: 0 - currentIndex: 1 + property bool isFocusable: true + clip: true + reuseItems: true + model: ApiServicesModel - ScrollBar.vertical: ScrollBar {} + ScrollBar.vertical: ScrollBarType {} delegate: Item { implicitWidth: servicesListView.width implicitHeight: delegateContent.implicitHeight + enabled: isServiceAvailable + ColumnLayout { id: delegateContent @@ -86,14 +84,15 @@ PageType { rightImageSource: "qrc:/images/controls/chevron-right.svg" - enabled: isServiceAvailable - onClicked: { if (isServiceAvailable) { ApiServicesModel.setServiceIndex(index) PageController.goToPage(PageEnum.PageSetupWizardApiServiceInfo) } } + + Keys.onEnterPressed: clicked() + Keys.onReturnPressed: clicked() } } } diff --git a/client/ui/qml/Pages2/PageSetupWizardConfigSource.qml b/client/ui/qml/Pages2/PageSetupWizardConfigSource.qml index f973c89c..7159ab59 100644 --- a/client/ui/qml/Pages2/PageSetupWizardConfigSource.qml +++ b/client/ui/qml/Pages2/PageSetupWizardConfigSource.qml @@ -3,6 +3,8 @@ import QtQuick.Controls import QtQuick.Layouts import QtQuick.Dialogs +import QtCore + import PageEnum 1.0 import Style 1.0 @@ -25,31 +27,29 @@ PageType { } } - defaultActiveFocusItem: focusItem + ListView { + id: listView - FlickableType { - id: fl - anchors.top: parent.top - anchors.bottom: parent.bottom - contentHeight: content.height + anchors.fill: parent - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right + ScrollBar.vertical: ScrollBarType {} - spacing: 0 + model: variants - Item { - id: focusItem - KeyNavigation.tab: textKey.textField - } + clip: true + + reuseItems: true + + header: ColumnLayout { + width: listView.width + + HeaderTypeWithButton { + id: moreButton - HeaderType { property bool isVisible: SettingsController.getInstallationUuid() !== "" || PageController.isStartPageVisible() - + Layout.fillWidth: true Layout.topMargin: 24 Layout.rightMargin: 16 @@ -59,7 +59,7 @@ PageType { actionButtonImage: isVisible ? "qrc:/images/controls/more-vertical.svg" : "" actionButtonFunction: function() { - moreActionsDrawer.open() + moreActionsDrawer.openTriggered() } DrawerType2 { @@ -70,13 +70,13 @@ PageType { anchors.fill: parent expandedHeight: root.height * 0.5 - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 32 Layout.leftMargin: 16 @@ -103,6 +103,34 @@ PageType { } } + LabelWithButtonType { + Layout.fillWidth: true + + text: qsTr("Export client logs") + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + visible: PageController.isStartPageVisible() + + clickedFunction: function() { + var fileName = "" + if (GC.isMobile()) { + fileName = "AmneziaVPN.log" + } else { + fileName = SystemController.getFileName(qsTr("Save"), + qsTr("Logs files (*.log)"), + StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/AmneziaVPN", + true, + ".log") + } + if (fileName !== "") { + PageController.showBusyIndicator(true) + SettingsController.exportLogsFile(fileName) + PageController.showBusyIndicator(false) + PageController.showNotificationMessage(qsTr("Logs file saved")) + } + } + } + LabelWithButtonType { id: supportUuid Layout.fillWidth: true @@ -130,6 +158,8 @@ PageType { } ParagraphTextType { + objectName: "insertKeyLabel" + Layout.fillWidth: true Layout.topMargin: 32 Layout.rightMargin: 16 @@ -153,8 +183,6 @@ PageType { textField.text = "" textField.paste() } - - KeyNavigation.tab: continueButton } BasicButtonType { @@ -165,13 +193,12 @@ PageType { Layout.rightMargin: 16 Layout.leftMargin: 16 - visible: textKey.textFieldText !== "" + visible: textKey.textField.text !== "" text: qsTr("Continue") - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { - if (ImportController.extractConfigFromData(textKey.textFieldText)) { + if (ImportController.extractConfigFromData(textKey.textField.text)) { PageController.goToPage(PageEnum.PageSetupWizardViewConfig) } } @@ -187,143 +214,157 @@ PageType { color: AmneziaStyle.color.charcoalGray text: qsTr("Other connection options") } + } + + delegate: ColumnLayout { + width: listView.width CardWithIconsType { - id: apiInstalling - Layout.fillWidth: true Layout.rightMargin: 16 Layout.leftMargin: 16 Layout.bottomMargin: 16 - headerText: qsTr("VPN by Amnezia") - bodyText: qsTr("Connect to classic paid and free VPN services from Amnezia") + visible: isVisible + + headerText: title + bodyText: description rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/amnezia.svg" + leftImageSource: imageSource - onClicked: function() { - PageController.showBusyIndicator(true) - var result = InstallController.fillAvailableServices() - PageController.showBusyIndicator(false) - if (result) { - PageController.goToPage(PageEnum.PageSetupWizardApiServicesList) - } - } + onClicked: { handler() } } + } - CardWithIconsType { - id: manualInstalling + footer: ColumnLayout { + width: listView.width - Layout.fillWidth: true - Layout.rightMargin: 16 - Layout.leftMargin: 16 + BasicButtonType { + id: siteLink2 + Layout.topMargin: 24 Layout.bottomMargin: 16 + Layout.alignment: Qt.AlignHCenter + implicitHeight: 32 - headerText: qsTr("Self-hosted VPN") - bodyText: qsTr("Configure Amnezia VPN on your own server") + visible: Qt.platform.os !== "ios" - rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/server.svg" + defaultColor: AmneziaStyle.color.transparent + hoveredColor: AmneziaStyle.color.translucentWhite + pressedColor: AmneziaStyle.color.sheerWhite + disabledColor: AmneziaStyle.color.mutedGray + textColor: AmneziaStyle.color.goldenApricot - onClicked: { - PageController.goToPage(PageEnum.PageSetupWizardCredentials) - } - } + text: qsTr("Site Amnezia") - CardWithIconsType { - id: backupRestore + rightImageSource: "qrc:/images/controls/external-link.svg" - Layout.fillWidth: true - Layout.rightMargin: 16 - Layout.leftMargin: 16 - Layout.bottomMargin: 16 - - visible: PageController.isStartPageVisible() - - headerText: qsTr("Restore from backup") - - rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/archive-restore.svg" - - onClicked: { - var filePath = SystemController.getFileName(qsTr("Open backup file"), - qsTr("Backup files (*.backup)")) - if (filePath !== "") { - PageController.showBusyIndicator(true) - SettingsController.restoreAppConfig(filePath) - PageController.showBusyIndicator(false) - } - } - } - - CardWithIconsType { - id: openFile - - Layout.fillWidth: true - Layout.rightMargin: 16 - Layout.leftMargin: 16 - Layout.bottomMargin: 16 - - headerText: qsTr("File with connection settings") - - rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/folder-search-2.svg" - - onClicked: { - var nameFilter = !ServersModel.getServersCount() ? "Config or backup files (*.vpn *.ovpn *.conf *.json *.backup)" : - "Config files (*.vpn *.ovpn *.conf *.json)" - var fileName = SystemController.getFileName(qsTr("Open config file"), nameFilter) - if (fileName !== "") { - if (ImportController.extractConfigFromFile(fileName)) { - PageController.goToPage(PageEnum.PageSetupWizardViewConfig) - } - } - } - } - - CardWithIconsType { - id: scanQr - - Layout.fillWidth: true - Layout.rightMargin: 16 - Layout.leftMargin: 16 - Layout.bottomMargin: 16 - - visible: SettingsController.isCameraPresent() - - headerText: qsTr("QR code") - - rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/scan-line.svg" - - onClicked: { - ImportController.startDecodingQr() - if (Qt.platform.os === "ios") { - PageController.goToPage(PageEnum.PageSetupWizardQrReader) - } - } - } - - CardWithIconsType { - id: siteLink - - Layout.fillWidth: true - Layout.rightMargin: 16 - Layout.leftMargin: 16 - Layout.bottomMargin: 16 - - visible: PageController.isStartPageVisible() - - headerText: qsTr("I have nothing") - - rightImageSource: "qrc:/images/controls/chevron-right.svg" - leftImageSource: "qrc:/images/controls/help-circle.svg" - - onClicked: { + clickedFunc: function() { Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl()) } } } } + + property list variants: [ + amneziaVpn, + selfHostVpn, + backupRestore, + fileOpen, + qrScan, + siteLink + ] + + QtObject { + id: amneziaVpn + + property string title: qsTr("VPN by Amnezia") + property string description: qsTr("Connect to classic paid and free VPN services from Amnezia") + property string imageSource: "qrc:/images/controls/amnezia.svg" + property bool isVisible: true + property var handler: function() { + PageController.showBusyIndicator(true) + var result = ApiConfigsController.fillAvailableServices() + PageController.showBusyIndicator(false) + if (result) { + PageController.goToPage(PageEnum.PageSetupWizardApiServicesList) + } + } + } + + QtObject { + id: selfHostVpn + + property string title: qsTr("Self-hosted VPN") + property string description: qsTr("Configure Amnezia VPN on your own server") + property string imageSource: "qrc:/images/controls/server.svg" + property bool isVisible: true + property var handler: function() { + PageController.goToPage(PageEnum.PageSetupWizardCredentials) + } + } + + QtObject { + id: backupRestore + + property string title: qsTr("Restore from backup") + property string description: qsTr("") + property string imageSource: "qrc:/images/controls/archive-restore.svg" + property bool isVisible: PageController.isStartPageVisible() + property var handler: function() { + var filePath = SystemController.getFileName(qsTr("Open backup file"), + qsTr("Backup files (*.backup)")) + if (filePath !== "") { + PageController.showBusyIndicator(true) + SettingsController.restoreAppConfig(filePath) + PageController.showBusyIndicator(false) + } + } + } + + QtObject { + id: fileOpen + + property string title: qsTr("File with connection settings") + property string description: qsTr("") + property string imageSource: "qrc:/images/controls/folder-search-2.svg" + property bool isVisible: true + property var handler: function() { + var nameFilter = !ServersModel.getServersCount() ? "Config or backup files (*.vpn *.ovpn *.conf *.json *.backup)" : + "Config files (*.vpn *.ovpn *.conf *.json)" + var fileName = SystemController.getFileName(qsTr("Open config file"), nameFilter) + if (fileName !== "") { + if (ImportController.extractConfigFromFile(fileName)) { + PageController.goToPage(PageEnum.PageSetupWizardViewConfig) + } + } + } + } + + QtObject { + id: qrScan + + property string title: qsTr("QR code") + property string description: qsTr("") + property string imageSource: "qrc:/images/controls/scan-line.svg" + property bool isVisible: SettingsController.isCameraPresent() + property var handler: function() { + ImportController.startDecodingQr() + if (Qt.platform.os === "ios") { + PageController.goToPage(PageEnum.PageSetupWizardQrReader) + } + } + } + + QtObject { + id: siteLink + + property string title: qsTr("I have nothing") + property string description: qsTr("") + property string imageSource: "qrc:/images/controls/help-circle.svg" + property bool isVisible: PageController.isStartPageVisible() && Qt.platform.os !== "ios" + property var handler: function() { + Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl()) + } + } } diff --git a/client/ui/qml/Pages2/PageSetupWizardCredentials.qml b/client/ui/qml/Pages2/PageSetupWizardCredentials.qml index aced12b1..63d4d5f6 100644 --- a/client/ui/qml/Pages2/PageSetupWizardCredentials.qml +++ b/client/ui/qml/Pages2/PageSetupWizardCredentials.qml @@ -13,13 +13,6 @@ import "../Controls2/TextTypes" PageType { id: root - defaultActiveFocusItem: hostname.textField - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -28,100 +21,123 @@ PageType { anchors.right: parent.right anchors.topMargin: 20 - KeyNavigation.tab: hostname.textField + onFocusChanged: { + if (this.activeFocus) { + listView.positionViewAtBeginning() + } + } } - FlickableType { - id: fl + ListView { + id: listView anchors.top: backButton.bottom anchors.bottom: parent.bottom - contentHeight: content.height + anchors.right: parent.right + anchors.left: parent.left - ColumnLayout { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - anchors.rightMargin: 16 - anchors.leftMargin: 16 + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } - spacing: 16 + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } - HeaderType { + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + + ScrollBar.vertical: ScrollBarType {} + + header: ColumnLayout { + width: listView.width + + BaseHeaderType { Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 16 headerText: qsTr("Configure your server") } + } + + model: inputFields + spacing: 16 + clip: true + reuseItems: true + + delegate: ColumnLayout { + width: listView.width TextFieldWithHeaderType { - id: hostname + id: delegate Layout.fillWidth: true - headerText: qsTr("Server IP address [:port]") - textFieldPlaceholderText: qsTr("255.255.255.255:22") + Layout.leftMargin: 16 + Layout.rightMargin: 16 - textField.onFocusChanged: { - textField.text = textField.text.replace(/^\s+|\s+$/g, '') - } + headerText: title + textField.echoMode: hideContent ? TextInput.Password : TextInput.Normal + textField.placeholderText: placeholderContent + textField.text: textField.text - KeyNavigation.tab: username.textField - } + rightButtonClickedOnEnter: true - TextFieldWithHeaderType { - id: username - - Layout.fillWidth: true - headerText: qsTr("SSH Username") - textFieldPlaceholderText: "root" - - textField.onFocusChanged: { - textField.text = textField.text.replace(/^\s+|\s+$/g, '') - } - - KeyNavigation.tab: secretData.textField - } - - TextFieldWithHeaderType { - id: secretData - - property bool hidePassword: true - - Layout.fillWidth: true - headerText: qsTr("Password or SSH private key") - textField.echoMode: hidePassword ? TextInput.Password : TextInput.Normal - buttonImageSource: textFieldText !== "" ? (hidePassword ? "qrc:/images/controls/eye.svg" : "qrc:/images/controls/eye-off.svg") - : "" - - clickedFunc: function() { - hidePassword = !hidePassword + clickedFunc: function () { + clickedHandler() } textField.onFocusChanged: { textField.text = textField.text.replace(/^\s+|\s+$/g, '') } - KeyNavigation.tab: continueButton + textField.onTextChanged: { + if (hideContent) { + buttonImageSource = textField.text !== "" ? (hideContent ? "qrc:/images/controls/eye.svg" : "qrc:/images/controls/eye-off.svg") : "" + } + } } + } + + footer: ColumnLayout { + width: listView.width BasicButtonType { id: continueButton Layout.fillWidth: true - Layout.topMargin: 24 + Layout.topMargin: 32 + Layout.leftMargin: 16 + Layout.rightMargin: 16 text: qsTr("Continue") - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { - forceActiveFocus() - if (!isCredentialsFilled()) { + if (!root.isCredentialsFilled()) { return } InstallController.setShouldCreateServer(true) - InstallController.setProcessedServerCredentials(hostname.textField.text, username.textField.text, secretData.textField.text) + var _hostname = listView.itemAtIndex(vars.hostnameIndex).children[0].textField.text + var _username = listView.itemAtIndex(vars.usernameIndex).children[0].textField.text + var _secretData = listView.itemAtIndex(vars.secretDataIndex).children[0].textField.text + + InstallController.setProcessedServerCredentials(_hostname, _username, _secretData) PageController.showBusyIndicator(true) var isConnectionOpened = InstallController.checkSshConnection() @@ -136,7 +152,10 @@ PageType { LabelTextType { Layout.fillWidth: true - Layout.topMargin: 12 + Layout.topMargin: 24 + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 16 text: qsTr("All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties") } @@ -145,6 +164,8 @@ PageType { id: siteLink Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 Layout.bottomMargin: 16 headerText: qsTr("How to run your VPN server") @@ -154,7 +175,7 @@ PageType { leftImageSource: "qrc:/images/controls/help-circle.svg" onClicked: { - Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl() + "/starter-guide") + Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl("starter-guide")) } } } @@ -163,21 +184,69 @@ PageType { function isCredentialsFilled() { var hasEmptyField = false - if (hostname.textFieldText === "") { - hostname.errorText = qsTr("Ip address cannot be empty") + var hostnameItem = listView.itemAtIndex(vars.hostnameIndex).children[0] + if (hostnameItem.textField.text === "") { + hostnameItem.errorText = qsTr("Ip address cannot be empty") hasEmptyField = true - } else if (!hostname.textField.acceptableInput) { - hostname.errorText = qsTr("Enter the address in the format 255.255.255.255:88") + } else if (!hostnameItem.textField.acceptableInput) { + hostnameItem.errorText = qsTr("Enter the address in the format 255.255.255.255:88") } - if (username.textFieldText === "") { - username.errorText = qsTr("Login cannot be empty") + var usernameItem = listView.itemAtIndex(vars.usernameIndex).children[0] + if (usernameItem.textField.text === "") { + usernameItem.errorText = qsTr("Login cannot be empty") hasEmptyField = true } - if (secretData.textFieldText === "") { - secretData.errorText = qsTr("Password/private key cannot be empty") + + var secretDataItem = listView.itemAtIndex(vars.secretDataIndex).children[0] + if (secretDataItem.textField.text === "") { + secretDataItem.errorText = qsTr("Password/private key cannot be empty") hasEmptyField = true } + return !hasEmptyField } + + property list inputFields: [ + hostnameObject, + usernameObject, + secretDataObject + ] + + QtObject { + id: hostnameObject + + property string title: qsTr("Server IP address [:port]") + readonly property string placeholderContent: qsTr("255.255.255.255:22") + property bool hideContent: false + readonly property var clickedHandler: undefined + } + + QtObject { + id: usernameObject + + property string title: qsTr("SSH Username") + readonly property string placeholderContent: "root" + property bool hideContent: false + readonly property var clickedHandler: undefined + } + + QtObject { + id: secretDataObject + + property string title: qsTr("Password or SSH private key") + readonly property string placeholderContent: "" + property bool hideContent: true + readonly property var clickedHandler: function() { + hideContent = !hideContent + } + } + + QtObject { + id: vars + + readonly property int hostnameIndex: 0 + readonly property int usernameIndex: 1 + readonly property int secretDataIndex: 2 + } } diff --git a/client/ui/qml/Pages2/PageSetupWizardEasy.qml b/client/ui/qml/Pages2/PageSetupWizardEasy.qml index 02a7c928..096406e9 100644 --- a/client/ui/qml/Pages2/PageSetupWizardEasy.qml +++ b/client/ui/qml/Pages2/PageSetupWizardEasy.qml @@ -17,7 +17,6 @@ PageType { id: root property bool isEasySetup: true - defaultActiveFocusItem: focusItem SortFilterProxyModel { id: proxyContainersModel @@ -34,14 +33,6 @@ PageType { } } - Item { - id: focusItem - implicitWidth: 1 - implicitHeight: 54 - - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -49,8 +40,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: continueButton } FlickableType { @@ -70,13 +59,13 @@ PageType { spacing: 16 - HeaderType { + BaseHeaderType { id: header implicitWidth: parent.width headerTextMaximumLineCount: 10 - headerText: qsTr("What is the level of internet control in your region?") + headerText: qsTr("Choose Installation Type") } ButtonGroup { @@ -89,7 +78,7 @@ PageType { height: containers.contentItem.height spacing: 16 - currentIndex: 1 + currentIndex: 0 clip: true interactive: false model: proxyContainersModel @@ -98,6 +87,8 @@ PageType { property int containerDefaultPort property int containerDefaultTransportProto + property bool isFocusable: true + delegate: Item { implicitWidth: containers.width implicitHeight: delegateContent.implicitHeight @@ -148,7 +139,8 @@ PageType { CardType { implicitWidth: parent.width - headerText: qsTr("Choose a VPN protocol") + headerText: qsTr("Manual") + bodyText: qsTr("Choose a VPN protocol") ButtonGroup.group: buttonGroup @@ -163,7 +155,7 @@ PageType { implicitWidth: parent.width text: qsTr("Continue") - KeyNavigation.tab: setupLaterButton + parentFlickable: fl clickedFunc: function() { diff --git a/client/ui/qml/Pages2/PageSetupWizardInstalling.qml b/client/ui/qml/Pages2/PageSetupWizardInstalling.qml index 1128761d..822931b8 100644 --- a/client/ui/qml/Pages2/PageSetupWizardInstalling.qml +++ b/client/ui/qml/Pages2/PageSetupWizardInstalling.qml @@ -118,7 +118,7 @@ PageType { anchors.rightMargin: 16 anchors.leftMargin: 16 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 20 diff --git a/client/ui/qml/Pages2/PageSetupWizardProtocolSettings.qml b/client/ui/qml/Pages2/PageSetupWizardProtocolSettings.qml index 6b4c0a1c..ac7fc4b2 100644 --- a/client/ui/qml/Pages2/PageSetupWizardProtocolSettings.qml +++ b/client/ui/qml/Pages2/PageSetupWizardProtocolSettings.qml @@ -49,6 +49,32 @@ PageType { interactive: false model: proxyContainersModel + property bool isFocusable: true + + Keys.onTabPressed: { + FocusController.nextKeyTabItem() + } + + Keys.onBacktabPressed: { + FocusController.previousKeyTabItem() + } + + Keys.onUpPressed: { + FocusController.nextKeyUpItem() + } + + Keys.onDownPressed: { + FocusController.nextKeyDownItem() + } + + Keys.onLeftPressed: { + FocusController.nextKeyLeftItem() + } + + Keys.onRightPressed: { + FocusController.nextKeyRightItem() + } + delegate: Item { implicitWidth: processedContainerListView.width implicitHeight: (delegateContent.implicitHeight > root.height) ? delegateContent.implicitHeight : root.height @@ -62,22 +88,15 @@ PageType { anchors.rightMargin: 16 anchors.leftMargin: 16 - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton Layout.topMargin: 20 Layout.rightMargin: -16 Layout.leftMargin: -16 - - KeyNavigation.tab: showDetailsButton } - HeaderType { + BaseHeaderType { id: header Layout.fillWidth: true @@ -104,42 +123,19 @@ PageType { KeyNavigation.tab: transportProtoSelector clickedFunc: function() { - showDetailsDrawer.open() + showDetailsDrawer.openTriggered() } } DrawerType2 { id: showDetailsDrawer parent: root - onClosed: { - if (!GC.isMobile()) { - defaultActiveFocusItem.forceActiveFocus() - } - } anchors.fill: parent expandedHeight: parent.height * 0.9 - expandedContent: Item { - Connections { - target: showDetailsDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem2.forceActiveFocus() - } - } - + expandedStateContent: Item { implicitHeight: showDetailsDrawer.expandedHeight - Item { - id: focusItem2 - KeyNavigation.tab: showDetailsBackButton - onFocusChanged: { - if (focusItem2.activeFocus) { - fl.contentY = 0 - } - } - } - BackButtonType { id: showDetailsBackButton @@ -148,10 +144,8 @@ PageType { anchors.right: parent.right anchors.topMargin: 16 - KeyNavigation.tab: showDetailsCloseButton - backButtonFunction: function() { - showDetailsDrawer.close() + showDetailsDrawer.closeTriggered() } } @@ -205,10 +199,9 @@ PageType { parentFlickable: fl text: qsTr("Close") - Keys.onTabPressed: lastItemTabClicked(focusItem2) clickedFunc: function() { - showDetailsDrawer.close() + showDetailsDrawer.closeTriggered() } } } @@ -229,8 +222,6 @@ PageType { Layout.fillWidth: true rootWidth: root.width - - KeyNavigation.tab: (port.visible && port.enabled) ? port.textField : installButton } TextFieldWithHeaderType { @@ -242,8 +233,6 @@ PageType { headerText: qsTr("Port") textField.maximumLength: 5 textField.validator: IntValidator { bottom: 1; top: 65535 } - - KeyNavigation.tab: installButton } Rectangle { @@ -259,8 +248,6 @@ PageType { text: qsTr("Install") - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { if (!port.textField.acceptableInput && ContainerProps.containerTypeToString(dockerContainer) !== "torwebsite" && @@ -270,7 +257,7 @@ PageType { } PageController.goToPage(PageEnum.PageSetupWizardInstalling); - InstallController.install(dockerContainer, port.textFieldText, transportProtoSelector.currentIndex) + InstallController.install(dockerContainer, port.textField.text, transportProtoSelector.currentIndex) } } @@ -280,7 +267,7 @@ PageType { if (ProtocolProps.defaultPort(defaultContainerProto) < 0) { port.visible = false } else { - port.textFieldText = ProtocolProps.getPortForInstall(defaultContainerProto) + port.textField.text = ProtocolProps.getPortForInstall(defaultContainerProto) } transportProtoSelector.currentIndex = ProtocolProps.defaultTransportProto(defaultContainerProto) @@ -288,11 +275,6 @@ PageType { var protocolSelectorVisible = ProtocolProps.defaultTransportProtoChangeable(defaultContainerProto) transportProtoSelector.visible = protocolSelectorVisible transportProtoHeader.visible = protocolSelectorVisible - - if (port.visible && port.enabled) - defaultActiveFocusItem = port.textField - else - defaultActiveFocusItem = focusItem } } } diff --git a/client/ui/qml/Pages2/PageSetupWizardProtocols.qml b/client/ui/qml/Pages2/PageSetupWizardProtocols.qml index 48265f66..7afab630 100644 --- a/client/ui/qml/Pages2/PageSetupWizardProtocols.qml +++ b/client/ui/qml/Pages2/PageSetupWizardProtocols.qml @@ -15,13 +15,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - SortFilterProxyModel { id: proxyContainersModel sourceModel: ContainersModel @@ -41,126 +34,66 @@ PageType { } } - ColumnLayout { - id: backButtonLayout + BackButtonType { + id: backButton anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - BackButtonType { - id: backButton - KeyNavigation.tab: containers - } } - FlickableType { - id: fl - anchors.top: backButtonLayout.bottom + ListView { + id: listView + anchors.top: backButton.bottom anchors.bottom: parent.bottom - contentHeight: content.implicitHeight + content.anchors.topMargin + content.anchors.bottomMargin + anchors.right: parent.right + anchors.left: parent.left - Column { - id: content + property bool isFocusable: true - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - anchors.bottomMargin: 20 + ScrollBar.vertical: ScrollBarType {} - Item { - width: parent.width - height: header.implicitHeight + header: ColumnLayout { + width: listView.width - HeaderType { - id: header + BaseHeaderType { + id: header - anchors.fill: parent + Layout.fillWidth: true + Layout.leftMargin: 16 + Layout.rightMargin: 16 + Layout.bottomMargin: 16 - anchors.leftMargin: 16 - anchors.rightMargin: 16 + headerText: qsTr("VPN protocol") + descriptionText: qsTr("Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP.") + } + } - width: parent.width + model: proxyContainersModel + clip: true + spacing: 0 + reuseItems: true + snapMode: ListView.SnapToItem - headerText: qsTr("VPN protocol") - descriptionText: qsTr("Choose the one with the highest priority for you. Later, you can install other protocols and additional services, such as DNS proxy and SFTP.") + delegate: ColumnLayout { + width: listView.width + + LabelWithButtonType { + Layout.fillWidth: true + + text: name + descriptionText: description + rightImageSource: "qrc:/images/controls/chevron-right.svg" + + clickedFunction: function() { + ContainersModel.setProcessedContainerIndex(proxyContainersModel.mapToSource(index)) + PageController.goToPage(PageEnum.PageSetupWizardProtocolSettings) } } - ListView { - id: containers - width: parent.width - height: containers.contentItem.height - // currentIndex: -1 - clip: true - interactive: false - model: proxyContainersModel - - function ensureCurrentItemVisible() { - if (currentIndex >= 0) { - if (currentItem.y < fl.contentY) { - fl.contentY = currentItem.y - } else if (currentItem.y + currentItem.height + header.height > fl.contentY + fl.height) { - fl.contentY = currentItem.y + currentItem.height + header.height - fl.height + 40 // 40 is a bottom margin - } - } - } - - activeFocusOnTab: true - Keys.onTabPressed: { - if (currentIndex < this.count - 1) { - this.incrementCurrentIndex() - } else { - this.currentIndex = 0 - focusItem.forceActiveFocus() - } - - ensureCurrentItemVisible() - } - - onVisibleChanged: { - if (visible) { - currentIndex = 0 - } - } - - delegate: Item { - implicitWidth: containers.width - implicitHeight: delegateContent.implicitHeight - - onActiveFocusChanged: { - if (activeFocus) { - container.rightButton.forceActiveFocus() - } - } - - ColumnLayout { - id: delegateContent - - anchors.top: parent.top - anchors.left: parent.left - anchors.right: parent.right - - LabelWithButtonType { - id: container - Layout.fillWidth: true - - text: name - descriptionText: description - rightImageSource: "qrc:/images/controls/chevron-right.svg" - - clickedFunction: function() { - ContainersModel.setProcessedContainerIndex(proxyContainersModel.mapToSource(index)) - PageController.goToPage(PageEnum.PageSetupWizardProtocolSettings) - } - } - - DividerType {} - } - } - } + DividerType {} } } } diff --git a/client/ui/qml/Pages2/PageSetupWizardStart.qml b/client/ui/qml/Pages2/PageSetupWizardStart.qml index b12c7830..2d6790ba 100644 --- a/client/ui/qml/Pages2/PageSetupWizardStart.qml +++ b/client/ui/qml/Pages2/PageSetupWizardStart.qml @@ -14,8 +14,6 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: focusItem - ColumnLayout { id: content @@ -32,11 +30,6 @@ PageType { Layout.preferredHeight: 287 } - Item { - id: focusItem - KeyNavigation.tab: startButton - } - BasicButtonType { id: startButton Layout.fillWidth: true @@ -50,8 +43,6 @@ PageType { clickedFunc: function() { PageController.goToPage(PageEnum.PageSetupWizardConfigSource) } - - Keys.onTabPressed: lastItemTabClicked(focusItem) } } } diff --git a/client/ui/qml/Pages2/PageSetupWizardTextKey.qml b/client/ui/qml/Pages2/PageSetupWizardTextKey.qml index c4227df1..930efb57 100644 --- a/client/ui/qml/Pages2/PageSetupWizardTextKey.qml +++ b/client/ui/qml/Pages2/PageSetupWizardTextKey.qml @@ -13,14 +13,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: textKey.textField - - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - FlickableType { id: fl anchors.top: parent.top @@ -39,10 +31,9 @@ PageType { BackButtonType { id: backButton Layout.topMargin: 20 - KeyNavigation.tab: textKey.textField } - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.rightMargin: 16 Layout.leftMargin: 16 @@ -60,15 +51,13 @@ PageType { Layout.leftMargin: 16 headerText: qsTr("Key") - textFieldPlaceholderText: "vpn://" + textField.placeholderText: "vpn://" buttonText: qsTr("Insert") clickedFunc: function() { textField.text = "" textField.paste() } - - KeyNavigation.tab: continueButton } } } @@ -84,10 +73,9 @@ PageType { anchors.bottomMargin: 32 text: qsTr("Continue") - Keys.onTabPressed: lastItemTabClicked(focusItem) clickedFunc: function() { - if (ImportController.extractConfigFromData(textKey.textFieldText)) { + if (ImportController.extractConfigFromData(textKey.textField.text)) { PageController.goToPage(PageEnum.PageSetupWizardViewConfig) } } diff --git a/client/ui/qml/Pages2/PageSetupWizardViewConfig.qml b/client/ui/qml/Pages2/PageSetupWizardViewConfig.qml index 92048f36..cfa9c90f 100644 --- a/client/ui/qml/Pages2/PageSetupWizardViewConfig.qml +++ b/client/ui/qml/Pages2/PageSetupWizardViewConfig.qml @@ -16,13 +16,6 @@ PageType { property bool showContent: false - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -30,8 +23,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: showContentButton } Connections { @@ -70,7 +61,7 @@ PageType { anchors.rightMargin: 16 anchors.leftMargin: 16 - HeaderType { + BaseHeaderType { headerText: qsTr("New connection") } @@ -107,7 +98,8 @@ PageType { textColor: AmneziaStyle.color.goldenApricot text: showContent ? qsTr("Collapse content") : qsTr("Show content") - KeyNavigation.tab: connectButton + + parentFlickable: fl clickedFunc: function() { showContent = !showContent @@ -186,8 +178,6 @@ PageType { anchors.rightMargin: 16 anchors.leftMargin: 16 - Keys.onTabPressed: lastItemTabClicked(focusItem) - BasicButtonType { id: connectButton Layout.fillWidth: true diff --git a/client/ui/qml/Pages2/PageShare.qml b/client/ui/qml/Pages2/PageShare.qml index d6ce7848..0f0976bc 100644 --- a/client/ui/qml/Pages2/PageShare.qml +++ b/client/ui/qml/Pages2/PageShare.qml @@ -18,8 +18,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: clientNameTextField.textField - enum ConfigType { AmneziaConnection, OpenVpn, @@ -47,31 +45,30 @@ PageType { shareConnectionDrawer.headerText = qsTr("Connection to ") + serverSelector.text shareConnectionDrawer.configContentHeaderText = qsTr("File with connection settings to ") + serverSelector.text - shareConnectionDrawer.open() - shareConnectionDrawer.contentVisible = false + shareConnectionDrawer.openTriggered() PageController.showBusyIndicator(true) switch (type) { case PageShare.ConfigType.AmneziaConnection: { - ExportController.generateConnectionConfig(clientNameTextField.textFieldText); + ExportController.generateConnectionConfig(clientNameTextField.textField.text); break; } case PageShare.ConfigType.OpenVpn: { - ExportController.generateOpenVpnConfig(clientNameTextField.textFieldText) + ExportController.generateOpenVpnConfig(clientNameTextField.textField.text) shareConnectionDrawer.configCaption = qsTr("Save OpenVPN config") shareConnectionDrawer.configExtension = ".ovpn" shareConnectionDrawer.configFileName = "amnezia_for_openvpn" break } case PageShare.ConfigType.WireGuard: { - ExportController.generateWireGuardConfig(clientNameTextField.textFieldText) + ExportController.generateWireGuardConfig(clientNameTextField.textField.text) shareConnectionDrawer.configCaption = qsTr("Save WireGuard config") shareConnectionDrawer.configExtension = ".conf" shareConnectionDrawer.configFileName = "amnezia_for_wireguard" break } case PageShare.ConfigType.Awg: { - ExportController.generateAwgConfig(clientNameTextField.textFieldText) + ExportController.generateAwgConfig(clientNameTextField.textField.text) shareConnectionDrawer.configCaption = qsTr("Save AmneziaWG config") shareConnectionDrawer.configExtension = ".conf" shareConnectionDrawer.configFileName = "amnezia_for_awg" @@ -92,7 +89,7 @@ PageType { break } case PageShare.ConfigType.Xray: { - ExportController.generateXrayConfig(clientNameTextField.textFieldText) + ExportController.generateXrayConfig(clientNameTextField.textField.text) shareConnectionDrawer.configCaption = qsTr("Save XRay config") shareConnectionDrawer.configExtension = ".json" shareConnectionDrawer.configFileName = "amnezia_for_xray" @@ -104,7 +101,7 @@ PageType { } function onExportErrorOccurred(error) { - shareConnectionDrawer.close() + shareConnectionDrawer.closeTriggered() PageController.showErrorMessage(error) } @@ -119,38 +116,38 @@ PageType { QtObject { id: amneziaConnectionFormat - property string name: qsTr("For the AmneziaVPN app") - property var type: PageShare.ConfigType.AmneziaConnection + readonly property string name: qsTr("For the AmneziaVPN app") + readonly property int type: PageShare.ConfigType.AmneziaConnection } QtObject { id: openVpnConnectionFormat - property string name: qsTr("OpenVPN native format") - property var type: PageShare.ConfigType.OpenVpn + readonly property string name: qsTr("OpenVPN native format") + readonly property int type: PageShare.ConfigType.OpenVpn } QtObject { id: wireGuardConnectionFormat - property string name: qsTr("WireGuard native format") - property var type: PageShare.ConfigType.WireGuard + readonly property string name: qsTr("WireGuard native format") + readonly property int type: PageShare.ConfigType.WireGuard } QtObject { id: awgConnectionFormat - property string name: qsTr("AmneziaWG native format") - property var type: PageShare.ConfigType.Awg + readonly property string name: qsTr("AmneziaWG native format") + readonly property int type: PageShare.ConfigType.Awg } QtObject { id: shadowSocksConnectionFormat - property string name: qsTr("Shadowsocks native format") - property var type: PageShare.ConfigType.ShadowSocks + readonly property string name: qsTr("Shadowsocks native format") + readonly property int type: PageShare.ConfigType.ShadowSocks } QtObject { id: cloakConnectionFormat - property string name: qsTr("Cloak native format") - property var type: PageShare.ConfigType.Cloak + readonly property string name: qsTr("Cloak native format") + readonly property int type: PageShare.ConfigType.Cloak } QtObject { id: xrayConnectionFormat - property string name: qsTr("XRay native format") - property var type: PageShare.ConfigType.Xray + readonly property string name: qsTr("XRay native format") + readonly property int type: PageShare.ConfigType.Xray } FlickableType { @@ -172,17 +169,7 @@ PageType { spacing: 0 - Item { - id: focusItem - KeyNavigation.tab: header.actionButton - onFocusChanged: { - if (focusItem.activeFocus) { - a.contentY = 0 - } - } - } - - HeaderType { + HeaderTypeWithButton { id: header Layout.fillWidth: true Layout.topMargin: 24 @@ -191,11 +178,9 @@ PageType { actionButtonImage: "qrc:/images/controls/more-vertical.svg" actionButtonFunction: function() { - shareFullAccessDrawer.open() + shareFullAccessDrawer.openTriggered() } - KeyNavigation.tab: connectionRadioButton - DrawerType2 { id: shareFullAccessDrawer @@ -203,13 +188,8 @@ PageType { anchors.fill: parent expandedHeight: root.height - onClosed: { - if (!GC.isMobile()) { - clientNameTextField.textField.forceActiveFocus() - } - } - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { id: shareFullAccessDrawerContent anchors.top: parent.top anchors.left: parent.left @@ -222,14 +202,6 @@ PageType { shareFullAccessDrawer.expandedHeight = shareFullAccessDrawerContent.implicitHeight + 32 } - Connections { - target: shareFullAccessDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem.forceActiveFocus() - } - } - Header2Type { Layout.fillWidth: true Layout.bottomMargin: 16 @@ -240,24 +212,17 @@ PageType { descriptionText: qsTr("Use for your own devices, or share with those you trust to manage the server.") } - Item { - id: focusItem - KeyNavigation.tab: shareFullAccessButton.rightButton - } - LabelWithButtonType { id: shareFullAccessButton Layout.fillWidth: true text: qsTr("Share") rightImageSource: "qrc:/images/controls/chevron-right.svg" - KeyNavigation.tab: focusItem clickedFunction: function() { PageController.goToPage(PageEnum.PageShareFullAccess) - shareFullAccessDrawer.close() + shareFullAccessDrawer.closeTriggered() } - } } } @@ -288,13 +253,8 @@ PageType { implicitWidth: (root.width - 32) / 2 text: qsTr("Connection") - KeyNavigation.tab: usersRadioButton - onClicked: { accessTypeSelector.currentIndex = 0 - if (!GC.isMobile()) { - clientNameTextField.textField.forceActiveFocus() - } } } @@ -305,15 +265,12 @@ PageType { implicitWidth: (root.width - 32) / 2 text: qsTr("Users") - KeyNavigation.tab: accessTypeSelector.currentIndex === 0 ? clientNameTextField.textField : serverSelector - onClicked: { accessTypeSelector.currentIndex = 1 PageController.showBusyIndicator(true) ExportController.updateClientManagementModel(ContainersModel.getProcessedContainerIndex(), ServersModel.getProcessedServerCredentials()) PageController.showBusyIndicator(false) - focusItem.forceActiveFocus() } } } @@ -338,13 +295,10 @@ PageType { visible: accessTypeSelector.currentIndex === 0 headerText: qsTr("User name") - textFieldText: "New client" + textField.text: "New client" textField.maximumLength: 20 checkEmptyText: true - - KeyNavigation.tab: serverSelector - } DropDownType { @@ -385,31 +339,30 @@ PageType { clickedFunction: function() { handler() - if (serverSelector.currentIndex !== serverSelectorListView.currentIndex) { - serverSelector.currentIndex = serverSelectorListView.currentIndex + if (serverSelector.currentIndex !== serverSelectorListView.selectedIndex) { + serverSelector.currentIndex = serverSelectorListView.selectedIndex serverSelector.severSelectorIndexChanged() } - serverSelector.close() + serverSelector.closeTriggered() } Component.onCompleted: { if (ServersModel.isDefaultServerHasWriteAccess() && ServersModel.getDefaultServerData("hasInstalledContainers")) { - serverSelectorListView.currentIndex = proxyServersModel.mapFromSource(ServersModel.defaultIndex) + serverSelectorListView.selectedIndex = proxyServersModel.mapFromSource(ServersModel.defaultIndex) } else { - serverSelectorListView.currentIndex = 0 + serverSelectorListView.selectedIndex = 0 } + serverSelectorListView.positionViewAtIndex(selectedIndex, ListView.Beginning) serverSelectorListView.triggerCurrentItem() } function handler() { serverSelector.text = selectedText - ServersModel.processedIndex = proxyServersModel.mapToSource(currentIndex) + ServersModel.processedIndex = proxyServersModel.mapToSource(selectedIndex) } } - - KeyNavigation.tab: protocolSelector } DropDownType { @@ -445,12 +398,10 @@ PageType { ] } - currentIndex: 0 - clickedFunction: function() { handler() - protocolSelector.close() + protocolSelector.closeTriggered() } Connections { @@ -458,7 +409,8 @@ PageType { function onSeverSelectorIndexChanged() { var defaultContainer = proxyContainersModel.mapFromSource(ServersModel.getProcessedServerData("defaultContainer")) - protocolSelectorListView.currentIndex = defaultContainer + protocolSelectorListView.selectedIndex = defaultContainer + protocolSelectorListView.positionViewAtIndex(selectedIndex, ListView.Beginning) protocolSelectorListView.triggerCurrentItem() } } @@ -473,10 +425,15 @@ PageType { protocolSelector.text = selectedText - ContainersModel.setProcessedContainerIndex(proxyContainersModel.mapToSource(currentIndex)) + ContainersModel.setProcessedContainerIndex(proxyContainersModel.mapToSource(selectedIndex)) fillConnectionTypeModel() + if (exportTypeSelector.currentIndex >= root.connectionTypesModel.length) { + exportTypeSelector.currentIndex = 0 + exportTypeSelector.text = root.connectionTypesModel[0].name + } + if (accessTypeSelector.currentIndex === 1) { PageController.showBusyIndicator(true) ExportController.updateClientManagementModel(ContainersModel.getProcessedContainerIndex(), @@ -488,7 +445,7 @@ PageType { function fillConnectionTypeModel() { root.connectionTypesModel = [amneziaConnectionFormat] - var index = proxyContainersModel.mapToSource(currentIndex) + var index = proxyContainersModel.mapToSource(selectedIndex) if (index === ContainerProps.containerFromString("amnezia-openvpn")) { root.connectionTypesModel.push(openVpnConnectionFormat) @@ -508,12 +465,6 @@ PageType { } } } - - KeyNavigation.tab: accessTypeSelector.currentIndex === 0 ? - exportTypeSelector : - isSearchBarVisible ? - searchTextField.textField : - usersHeader.actionButton } DropDownType { @@ -534,9 +485,11 @@ PageType { headerText: qsTr("Connection format") listView: ListViewWithRadioButtonType { + id: exportTypeSelectorListView + onCurrentIndexChanged: { - exportTypeSelector.currentIndex = currentIndex - exportTypeSelector.text = selectedText + exportTypeSelector.currentIndex = exportTypeSelectorListView.selectedIndex + exportTypeSelector.text = exportTypeSelectorListView.selectedText } rootWidth: root.width @@ -547,19 +500,16 @@ PageType { currentIndex: 0 clickedFunction: function() { - exportTypeSelector.text = selectedText - exportTypeSelector.currentIndex = currentIndex - exportTypeSelector.close() + exportTypeSelector.text = exportTypeSelectorListView.selectedText + exportTypeSelector.currentIndex = exportTypeSelectorListView.selectedIndex + exportTypeSelector.closeTriggered() } Component.onCompleted: { - exportTypeSelector.text = selectedText - exportTypeSelector.currentIndex = currentIndex + exportTypeSelector.text = exportTypeSelectorListView.selectedText + exportTypeSelector.currentIndex = exportTypeSelectorListView.selectedIndex } } - - KeyNavigation.tab: shareButton - } BasicButtonType { @@ -575,16 +525,14 @@ PageType { text: qsTr("Share") leftImageSource: "qrc:/images/controls/share-2.svg" - Keys.onTabPressed: lastItemTabClicked(focusItem) parentFlickable: a clickedFunc: function(){ - if (clientNameTextField.textFieldText !== "") { + if (clientNameTextField.textField.text !== "") { ExportController.generateConfig(root.connectionTypesModel[exportTypeSelector.currentIndex].type) } } - } Header2Type { @@ -600,11 +548,6 @@ PageType { actionButtonFunction: function() { root.isSearchBarVisible = true } - - Keys.onTabPressed: clientsListView.model.count > 0 ? - clientsListView.forceActiveFocus() : - lastItemTabClicked(focusItem) - } RowLayout { @@ -616,37 +559,15 @@ PageType { id: searchTextField Layout.fillWidth: true - textFieldPlaceholderText: qsTr("Search") - - Connections { - target: root - function onIsSearchBarVisibleChanged() { - if (root.isSearchBarVisible) { - searchTextField.textField.forceActiveFocus() - } else { - searchTextField.textFieldText = "" - if (!GC.isMobile()) { - usersHeader.actionButton.forceActiveFocus() - } - } - } - } + textField.placeholderText: qsTr("Search") Keys.onEscapePressed: { root.isSearchBarVisible = false } function navigateTo() { - if (GC.isMobile()) { - focusItem.forceActiveFocus() - return; - } - - if (searchTextField.textFieldText === "") { + if (searchTextField.textField.text === "") { root.isSearchBarVisible = false - usersHeader.actionButton.forceActiveFocus() - } else { - closeSearchButton.forceActiveFocus() } } @@ -660,16 +581,6 @@ PageType { image: "qrc:/images/controls/close.svg" imageColor: AmneziaStyle.color.paleGray - Keys.onTabPressed: { - if (!GC.isMobile()) { - if (clientsListView.model.count > 0) { - clientsListView.forceActiveFocus() - } else { - lastItemTabClicked(focusItem) - } - } - } - function clickedFunc() { root.isSearchBarVisible = false } @@ -687,56 +598,26 @@ PageType { visible: accessTypeSelector.currentIndex === 1 + property bool isFocusable: true + model: SortFilterProxyModel { id: proxyClientManagementModel sourceModel: ClientManagementModel filters: RegExpFilter { roleName: "clientName" - pattern: ".*" + searchTextField.textFieldText + ".*" + pattern: ".*" + searchTextField.textField.text + ".*" caseSensitivity: Qt.CaseInsensitive } } clip: true interactive: false - - activeFocusOnTab: true - focus: true - Keys.onTabPressed: { - if (!GC.isMobile()) { - if (currentIndex < this.count - 1) { - this.incrementCurrentIndex() - currentItem.focusItem.forceActiveFocus() - } else { - this.currentIndex = 0 - lastItemTabClicked(focusItem) - } - } - } - - onActiveFocusChanged: { - if (focus && !GC.isMobile()) { - currentIndex = 0 - currentItem.focusItem.forceActiveFocus() - } - } - - onCurrentIndexChanged: { - if (currentItem) { - if (currentItem.y < a.contentY) { - a.contentY = currentItem.y - } else if (currentItem.y + currentItem.height + clientsListView.y > a.contentY + a.height) { - a.contentY = currentItem.y + clientsListView.y + currentItem.height - a.height - } - } - } + reuseItems: true delegate: Item { implicitWidth: clientsListView.width implicitHeight: delegateContent.implicitHeight - property alias focusItem: clientFocusItem.rightButton - ColumnLayout { id: delegateContent @@ -755,7 +636,7 @@ PageType { rightImageSource: "qrc:/images/controls/chevron-right.svg" clickedFunction: function() { - clientInfoDrawer.open() + clientInfoDrawer.openTriggered() } } @@ -766,17 +647,11 @@ PageType { parent: root - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } - width: root.width height: root.height - expandedContent: ColumnLayout { - id: expandedContent + expandedStateContent: ColumnLayout { + id: expandedStateContent anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right @@ -785,15 +660,7 @@ PageType { anchors.rightMargin: 16 onImplicitHeightChanged: { - clientInfoDrawer.expandedHeight = expandedContent.implicitHeight + 32 - } - - Connections { - target: clientInfoDrawer - enabled: !GC.isMobile() - function onOpened() { - focusItem1.forceActiveFocus() - } + clientInfoDrawer.expandedHeight = expandedStateContent.implicitHeight + 32 } Header2TextType { @@ -809,7 +676,11 @@ PageType { ParagraphTextType { color: AmneziaStyle.color.mutedGray visible: creationDate - Layout.fillWidth: true + Layout.maximumWidth: parent.width + + maximumLineCount: 2 + wrapMode: Text.Wrap + elide: Qt.ElideRight text: qsTr("Creation date: %1").arg(creationDate) } @@ -817,7 +688,11 @@ PageType { ParagraphTextType { color: AmneziaStyle.color.mutedGray visible: latestHandshake - Layout.fillWidth: true + Layout.maximumWidth: parent.width + + maximumLineCount: 2 + wrapMode: Text.Wrap + elide: Qt.ElideRight text: qsTr("Latest handshake: %1").arg(latestHandshake) } @@ -825,7 +700,11 @@ PageType { ParagraphTextType { color: AmneziaStyle.color.mutedGray visible: dataReceived - Layout.fillWidth: true + Layout.maximumWidth: parent.width + + maximumLineCount: 2 + wrapMode: Text.Wrap + elide: Qt.ElideRight text: qsTr("Data received: %1").arg(dataReceived) } @@ -833,7 +712,11 @@ PageType { ParagraphTextType { color: AmneziaStyle.color.mutedGray visible: dataSent - Layout.fillWidth: true + Layout.maximumWidth: parent.width + + maximumLineCount: 2 + wrapMode: Text.Wrap + elide: Qt.ElideRight text: qsTr("Data sent: %1").arg(dataSent) } @@ -841,16 +724,13 @@ PageType { ParagraphTextType { color: AmneziaStyle.color.mutedGray visible: allowedIps - Layout.fillWidth: true + Layout.maximumWidth: parent.width + + wrapMode: Text.Wrap text: qsTr("Allowed IPs: %1").arg(allowedIps) } - Item { - id: focusItem1 - KeyNavigation.tab: renameButton - } - BasicButtonType { id: renameButton Layout.fillWidth: true @@ -865,10 +745,8 @@ PageType { text: qsTr("Rename") - KeyNavigation.tab: revokeButton - clickedFunc: function() { - clientNameEditDrawer.open() + clientNameEditDrawer.openTriggered() } DrawerType2 { @@ -879,13 +757,7 @@ PageType { anchors.fill: parent expandedHeight: root.height * 0.35 - onClosed: { - if (!GC.isMobile()) { - focusItem1.forceActiveFocus() - } - } - - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right @@ -893,28 +765,13 @@ PageType { anchors.leftMargin: 16 anchors.rightMargin: 16 - Connections { - target: clientNameEditDrawer - enabled: !GC.isMobile() - function onOpened() { - clientNameEditor.textField.forceActiveFocus() - } - } - - Item { - id: focusItem2 - KeyNavigation.tab: clientNameEditor.textField - } - TextFieldWithHeaderType { id: clientNameEditor Layout.fillWidth: true headerText: qsTr("Client name") - textFieldText: clientName + textField.text: clientName textField.maximumLength: 20 checkEmptyText: true - - KeyNavigation.tab: saveButton } BasicButtonType { @@ -923,21 +780,20 @@ PageType { Layout.fillWidth: true text: qsTr("Save") - KeyNavigation.tab: focusItem2 clickedFunc: function() { - if (clientNameEditor.textFieldText === "") { + if (clientNameEditor.textField.text === "") { return } - if (clientNameEditor.textFieldText !== clientName) { + if (clientNameEditor.textField.text !== clientName) { PageController.showBusyIndicator(true) ExportController.renameClient(index, - clientNameEditor.textFieldText, + clientNameEditor.textField.text, ContainersModel.getProcessedContainerIndex(), ServersModel.getProcessedServerCredentials()) PageController.showBusyIndicator(false) - clientNameEditDrawer.close() + clientNameEditDrawer.closeTriggered() } } } @@ -958,7 +814,6 @@ PageType { borderWidth: 1 text: qsTr("Revoke") - KeyNavigation.tab: focusItem1 clickedFunc: function() { var headerText = qsTr("Revoke the config for a user - %1?").arg(clientName) @@ -967,12 +822,12 @@ PageType { var noButtonText = qsTr("Cancel") var yesButtonFunction = function() { - clientInfoDrawer.close() + clientInfoDrawer.closeTriggered() root.revokeConfig(index) } var noButtonFunction = function() { if (!GC.isMobile()) { - focusItem1.forceActiveFocus() + // focusItem1.forceActiveFocus() } } @@ -991,18 +846,5 @@ PageType { id: shareConnectionDrawer anchors.fill: parent - onClosed: { - if (!GC.isMobile()) { - clientNameTextField.textField.forceActiveFocus() - } - } - } - - MouseArea { - anchors.fill: parent - onPressed: function(mouse) { - forceActiveFocus() - mouse.accepted = false - } } } diff --git a/client/ui/qml/Pages2/PageShareFullAccess.qml b/client/ui/qml/Pages2/PageShareFullAccess.qml index 404ba563..82effb57 100644 --- a/client/ui/qml/Pages2/PageShareFullAccess.qml +++ b/client/ui/qml/Pages2/PageShareFullAccess.qml @@ -18,13 +18,6 @@ import "../Config" PageType { id: root - defaultActiveFocusItem: focusItem - - Item { - id: focusItem - KeyNavigation.tab: backButton - } - BackButtonType { id: backButton @@ -32,8 +25,6 @@ PageType { anchors.left: parent.left anchors.right: parent.right anchors.topMargin: 20 - - KeyNavigation.tab: serverSelector } FlickableType { @@ -53,7 +44,7 @@ PageType { spacing: 0 - HeaderType { + BaseHeaderType { Layout.fillWidth: true Layout.topMargin: 24 @@ -85,8 +76,6 @@ PageType { descriptionText: qsTr("Server") headerText: qsTr("Server") - KeyNavigation.tab: shareButton - listView: ListViewWithRadioButtonType { id: serverSelectorListView @@ -113,7 +102,7 @@ PageType { shareConnectionDrawer.headerText = qsTr("Accessing ") + serverSelector.text shareConnectionDrawer.configContentHeaderText = qsTr("File with accessing settings to ") + serverSelector.text - serverSelector.close() + serverSelector.closeTriggered() } Component.onCompleted: { @@ -137,8 +126,6 @@ PageType { text: qsTr("Share") leftImageSource: "qrc:/images/controls/share-2.svg" - Keys.onTabPressed: lastItemTabClicked(focusItem) - clickedFunc: function() { PageController.showBusyIndicator(true) @@ -153,8 +140,7 @@ PageType { shareConnectionDrawer.headerText = qsTr("Connection to ") + serverSelector.text shareConnectionDrawer.configContentHeaderText = qsTr("File with connection settings to ") + serverSelector.text - shareConnectionDrawer.open() - shareConnectionDrawer.contentVisible = true + shareConnectionDrawer.openTriggered() PageController.showBusyIndicator(false) } @@ -166,10 +152,5 @@ PageType { id: shareConnectionDrawer anchors.fill: parent - onClosed: { - if (!GC.isMobile()) { - focusItem.forceActiveFocus() - } - } } } diff --git a/client/ui/qml/Pages2/PageStart.qml b/client/ui/qml/Pages2/PageStart.qml index 640c61ef..0a21497d 100644 --- a/client/ui/qml/Pages2/PageStart.qml +++ b/client/ui/qml/Pages2/PageStart.qml @@ -15,12 +15,12 @@ import "../Components" PageType { id: root - defaultActiveFocusItem: homeTabButton - property bool isControlsDisabled: false property bool isTabBarDisabled: false Connections { + objectName: "pageControllerConnection" + target: PageController function onGoToPageHome() { @@ -90,19 +90,11 @@ PageType { PageController.closePage() } } - - function onForceTabBarActiveFocus() { - homeTabButton.focus = true - tabBar.forceActiveFocus() - } - - function onForceStackActiveFocus() { - homeTabButton.focus = true - tabBarStackView.forceActiveFocus() - } } Connections { + objectName: "installControllerConnections" + target: InstallController function onInstallationErrorOccurred(error) { @@ -140,36 +132,14 @@ PageType { PageController.showNotificationMessage(message) } - function onInstallServerFromApiFinished(message) { - PageController.showBusyIndicator(false) - if (!ConnectionController.isConnected) { - ServersModel.setDefaultServerIndex(ServersModel.getServersCount() - 1); - ServersModel.processedIndex = ServersModel.defaultIndex + function onRemoveProcessedServerFinished(finishedMessage) { + if (!ServersModel.getServersCount()) { + PageController.goToPageHome() + } else { + PageController.goToStartPage() + PageController.goToPage(PageEnum.PageSettingsServersList) } - - PageController.goToPageHome() - PageController.showNotificationMessage(message) - } - - function onChangeApiCountryFinished(message) { - PageController.showBusyIndicator(false) - - PageController.goToPageHome() - PageController.showNotificationMessage(message) - } - - function onReloadServerFromApiFinished(message) { - PageController.goToPageHome() - PageController.showNotificationMessage(message) - } - } - - Connections { - target: ConnectionController - - function onReconnectWithUpdatedContainer(message) { - PageController.showNotificationMessage(message) - PageController.closePage() + PageController.showNotificationMessage(finishedMessage) } function onNoInstalledContainers() { @@ -182,6 +152,19 @@ PageType { } Connections { + objectName: "connectionControllerConnections" + + target: ConnectionController + + function onReconnectWithUpdatedContainer(message) { + PageController.showNotificationMessage(message) + PageController.closePage() + } + } + + Connections { + objectName: "importControllerConnections" + target: ImportController function onImportErrorOccurred(error, goToPageHome) { @@ -196,6 +179,8 @@ PageType { } Connections { + objectName: "settingsControllerConnections" + target: SettingsController function onLoggingDisableByWatcher() { @@ -216,8 +201,41 @@ PageType { } } + Connections { + target: ApiSettingsController + + function onErrorOccurred(error) { + PageController.showErrorMessage(error) + } + } + + Connections { + target: ApiConfigsController + + function onInstallServerFromApiFinished(message) { + if (!ConnectionController.isConnected) { + ServersModel.setDefaultServerIndex(ServersModel.getServersCount() - 1); + ServersModel.processedIndex = ServersModel.defaultIndex + } + + PageController.goToPageHome() + PageController.showNotificationMessage(message) + } + + function onChangeApiCountryFinished(message) { + PageController.goToPageHome() + PageController.showNotificationMessage(message) + } + + function onReloadServerFromApiFinished(message) { + PageController.goToPageHome() + PageController.showNotificationMessage(message) + } + } + StackViewType { id: tabBarStackView + objectName: "tabBarStackView" anchors.top: parent.top anchors.right: parent.right @@ -247,13 +265,28 @@ PageType { } Keys.onPressed: function(event) { - PageController.keyPressEvent(event.key) - event.accepted = true + console.debug(">>>> ", event.key, " Event is caught by StartPage") + switch (event.key) { + case Qt.Key_Tab: + case Qt.Key_Down: + case Qt.Key_Right: + FocusController.nextKeyTabItem() + break + case Qt.Key_Backtab: + case Qt.Key_Up: + case Qt.Key_Left: + FocusController.previousKeyTabItem() + break + default: + PageController.keyPressEvent(event.key) + event.accepted = true + } } } TabBar { id: tabBar + objectName: "tabBar" anchors.right: parent.right anchors.left: parent.left @@ -269,6 +302,8 @@ PageType { enabled: !root.isControlsDisabled && !root.isTabBarDisabled background: Shape { + objectName: "backgroundShape" + width: parent.width height: parent.height @@ -289,6 +324,8 @@ PageType { TabImageButtonType { id: homeTabButton + objectName: "homeTabButton" + isSelected: tabBar.currentIndex === 0 image: "qrc:/images/controls/home.svg" clickedFunc: function () { @@ -296,27 +333,26 @@ PageType { ServersModel.processedIndex = ServersModel.defaultIndex tabBar.currentIndex = 0 } - - KeyNavigation.tab: shareTabButton - Keys.onEnterPressed: this.clicked() - Keys.onReturnPressed: this.clicked() } TabImageButtonType { id: shareTabButton + objectName: "shareTabButton" Connections { target: ServersModel function onModelReset() { - var hasServerWithWriteAccess = ServersModel.hasServerWithWriteAccess() - shareTabButton.visible = hasServerWithWriteAccess - shareTabButton.width = hasServerWithWriteAccess ? undefined : 0 + if (!SettingsController.isOnTv()) { + var hasServerWithWriteAccess = ServersModel.hasServerWithWriteAccess() + shareTabButton.visible = hasServerWithWriteAccess + shareTabButton.width = hasServerWithWriteAccess ? undefined : 0 + } } } - visible: ServersModel.hasServerWithWriteAccess() - width: ServersModel.hasServerWithWriteAccess() ? undefined : 0 + visible: !SettingsController.isOnTv() && ServersModel.hasServerWithWriteAccess() + width: !SettingsController.isOnTv() && ServersModel.hasServerWithWriteAccess() ? undefined : 0 isSelected: tabBar.currentIndex === 1 image: "qrc:/images/controls/share-2.svg" @@ -324,32 +360,30 @@ PageType { tabBarStackView.goToTabBarPage(PageEnum.PageShare) tabBar.currentIndex = 1 } - - KeyNavigation.tab: settingsTabButton } TabImageButtonType { id: settingsTabButton + objectName: "settingsTabButton" + isSelected: tabBar.currentIndex === 2 - image: "qrc:/images/controls/settings-2.svg" + image: "qrc:/images/controls/settings.svg" clickedFunc: function () { tabBarStackView.goToTabBarPage(PageEnum.PageSettings) tabBar.currentIndex = 2 } - - KeyNavigation.tab: plusTabButton } TabImageButtonType { id: plusTabButton + objectName: "plusTabButton" + isSelected: tabBar.currentIndex === 3 image: "qrc:/images/controls/plus.svg" clickedFunc: function () { tabBarStackView.goToTabBarPage(PageEnum.PageSetupWizardConfigSource) tabBar.currentIndex = 3 } - - Keys.onTabPressed: PageController.forceStackActiveFocus() } } } diff --git a/client/ui/qml/main2.qml b/client/ui/qml/main2.qml index fb99559f..7cd5790b 100644 --- a/client/ui/qml/main2.qml +++ b/client/ui/qml/main2.qml @@ -15,6 +15,7 @@ import "Pages2" Window { id: root objectName: "mainWindow" + visible: true width: GC.screenWidth height: GC.screenHeight @@ -26,13 +27,39 @@ Window { color: AmneziaStyle.color.midnightBlack onClosing: function() { - console.debug("QML onClosing signal") PageController.closeWindow() } title: "AmneziaVPN" + Item { // This item is needed for focus handling + id: defaultFocusItem + objectName: "defaultFocusItem" + + focus: true + + Keys.onPressed: function(event) { + switch (event.key) { + case Qt.Key_Tab: + case Qt.Key_Down: + case Qt.Key_Right: + FocusController.nextKeyTabItem() + break + case Qt.Key_Backtab: + case Qt.Key_Up: + case Qt.Key_Left: + FocusController.previousKeyTabItem() + break + default: + PageController.keyPressEvent(event.key) + event.accepted = true + } + } + } + Connections { + objectName: "pageControllerConnections" + target: PageController function onRaiseMainWindow() { @@ -58,7 +85,7 @@ Window { } function onShowPassphraseRequestDrawer() { - privateKeyPassphraseDrawer.open() + privateKeyPassphraseDrawer.openTriggered() } function onGoToPageSettingsBackup() { @@ -72,6 +99,8 @@ Window { } Connections { + objectName: "settingsControllerConnections" + target: SettingsController function onChangeSettingsFinished(finishedMessage) { @@ -80,11 +109,15 @@ Window { } PageStart { + objectName: "pageStart" + width: root.width height: root.height } Item { + objectName: "popupNotificationItem" + anchors.right: parent.right anchors.left: parent.left anchors.bottom: parent.bottom @@ -108,6 +141,8 @@ Window { } Item { + objectName: "popupErrorMessageItem" + anchors.right: parent.right anchors.left: parent.left anchors.bottom: parent.bottom @@ -120,6 +155,8 @@ Window { } Item { + objectName: "privateKeyPassphraseDrawerItem" + anchors.fill: parent DrawerType2 { @@ -128,7 +165,7 @@ Window { anchors.fill: parent expandedHeight: root.height * 0.35 - expandedContent: ColumnLayout { + expandedStateContent: ColumnLayout { anchors.top: parent.top anchors.left: parent.left anchors.right: parent.right @@ -139,12 +176,12 @@ Window { Connections { target: privateKeyPassphraseDrawer function onOpened() { - passphrase.textFieldText = "" + passphrase.textField.text = "" passphrase.textField.forceActiveFocus() } function onAboutToHide() { - if (passphrase.textFieldText !== "") { + if (passphrase.textField.text !== "") { PageController.showBusyIndicator(true) } } @@ -167,8 +204,6 @@ Window { clickedFunc: function() { hidePassword = !hidePassword } - - KeyNavigation.tab: saveButton } BasicButtonType { @@ -186,8 +221,8 @@ Window { text: qsTr("Save") clickedFunc: function() { - privateKeyPassphraseDrawer.close() - PageController.passphraseRequestDrawerClosed(passphrase.textFieldText) + privateKeyPassphraseDrawer.closeTriggered() + PageController.passphraseRequestDrawerClosed(passphrase.textField.text) } } } @@ -195,6 +230,8 @@ Window { } Item { + objectName: "questionDrawerItem" + anchors.fill: parent QuestionDrawer { @@ -205,6 +242,8 @@ Window { } Item { + objectName: "busyIndicatorItem" + anchors.fill: parent BusyIndicatorType { @@ -221,26 +260,26 @@ Window { questionDrawer.noButtonText = noButtonText questionDrawer.yesButtonFunction = function() { - questionDrawer.close() + questionDrawer.closeTriggered() if (yesButtonFunction && typeof yesButtonFunction === "function") { yesButtonFunction() } } questionDrawer.noButtonFunction = function() { - questionDrawer.close() + questionDrawer.closeTriggered() if (noButtonFunction && typeof noButtonFunction === "function") { noButtonFunction() } } - questionDrawer.open() + questionDrawer.openTriggered() } FileDialog { id: mainFileDialog + objectName: "mainFileDialog" property bool isSaveMode: false - objectName: "mainFileDialog" fileMode: isSaveMode ? FileDialog.SaveFile : FileDialog.OpenFile onAccepted: SystemController.fileDialogClosed(true) diff --git a/client/utilities.cpp b/client/utilities.cpp index 1cc69aeb..61944e51 100755 --- a/client/utilities.cpp +++ b/client/utilities.cpp @@ -194,8 +194,13 @@ bool Utils::processIsRunning(const QString &fileName, const bool fullFlag) return false; #else QProcess process; + QStringList arguments; + if (fullFlag) { + arguments << "-f"; + } + arguments << fileName; process.setProcessChannelMode(QProcess::MergedChannels); - process.start("pgrep", QStringList({ fullFlag ? "-f" : "", fileName })); + process.start("pgrep", arguments); process.waitForFinished(); if (process.exitStatus() == QProcess::NormalExit) { if (fullFlag) { @@ -248,7 +253,7 @@ bool Utils::killProcessByName(const QString &name) #elif defined Q_OS_IOS || defined(Q_OS_ANDROID) return false; #else - QProcess::execute(QString("pkill %1").arg(name)); + return QProcess::execute("pkill", { name }) == 0; #endif } diff --git a/client/utils/qmlUtils.cpp b/client/utils/qmlUtils.cpp new file mode 100644 index 00000000..b9557b14 --- /dev/null +++ b/client/utils/qmlUtils.cpp @@ -0,0 +1,128 @@ +#include "qmlUtils.h" + +#include +#include +#include + +namespace FocusControl +{ + QPointF getItemCenterPointOnScene(QQuickItem *item) + { + const auto x0 = item->x() + (item->width() / 2); + const auto y0 = item->y() + (item->height() / 2); + return item->parentItem()->mapToScene(QPointF { x0, y0 }); + } + + bool isEnabled(QObject *obj) + { + const auto item = qobject_cast(obj); + return item && item->isEnabled(); + } + + bool isVisible(QObject *item) + { + const auto res = item->property("visible").toBool(); + return res; + } + + bool isFocusable(QObject *item) + { + const auto res = item->property("isFocusable").toBool(); + return res; + } + + bool isListView(QObject *item) + { + return item->inherits("QQuickListView"); + } + + bool isOnTheScene(QObject *object) + { + QQuickItem *item = qobject_cast(object); + if (!item) { + qWarning() << "Couldn't recognize object as item"; + return false; + } + + if (!item->isVisible()) { + return false; + } + + QRectF itemRect = item->mapRectToScene(item->childrenRect()); + + QQuickWindow *window = item->window(); + if (!window) { + qWarning() << "Couldn't get the window on the Scene check"; + return false; + } + + const auto contentItem = window->contentItem(); + if (!contentItem) { + qWarning() << "Couldn't get the content item on the Scene check"; + return false; + } + QRectF windowRect = contentItem->childrenRect(); + const auto res = (windowRect.contains(itemRect) || isListView(item)); + return res; + } + + bool isMore(QObject *item1, QObject *item2) + { + return !isLess(item1, item2); + } + + bool isLess(QObject *item1, QObject *item2) + { + const auto p1 = getItemCenterPointOnScene(qobject_cast(item1)); + const auto p2 = getItemCenterPointOnScene(qobject_cast(item2)); + return (p1.y() == p2.y()) ? (p1.x() < p2.x()) : (p1.y() < p2.y()); + } + + QList getSubChain(QObject *object) + { + QList res; + if (!object) { + return res; + } + + const auto children = object->children(); + + for (const auto child : children) { + if (child && isFocusable(child) && isOnTheScene(child) && isEnabled(child)) { + res.append(child); + } else { + res.append(getSubChain(child)); + } + } + return res; + } + + QList getItemsChain(QObject *object) + { + QList res; + if (!object) { + return res; + } + + const auto children = object->children(); + + for (const auto child : children) { + if (child && isFocusable(child) && isEnabled(child) && isVisible(child)) { + res.append(child); + } else { + res.append(getItemsChain(child)); + } + } + return res; + } + + void printItems(const QList &items, QObject *current_item) + { + for (const auto &item : items) { + QQuickItem *i = qobject_cast(item); + QPointF coords { getItemCenterPointOnScene(i) }; + QString prefix = current_item == i ? "==>" : " "; + qDebug() << prefix << " Item: " << i << " with coords: " << coords; + } + } +} // namespace FocusControl \ No newline at end of file diff --git a/client/utils/qmlUtils.h b/client/utils/qmlUtils.h new file mode 100644 index 00000000..535377c4 --- /dev/null +++ b/client/utils/qmlUtils.h @@ -0,0 +1,30 @@ +#ifndef FOCUSCONTROL_H +#define FOCUSCONTROL_H + +#include +#include + +namespace FocusControl +{ + bool isEnabled(QObject *item); + bool isVisible(QObject *item); + bool isFocusable(QObject *item); + bool isListView(QObject *item); + bool isOnTheScene(QObject *object); + bool isMore(QObject *item1, QObject *item2); + bool isLess(QObject *item1, QObject *item2); + + /*! + * \brief Make focus chain of elements which are on the scene + */ + QList getSubChain(QObject *object); + + /*! + * \brief Make focus chain of elements which could be not on the scene + */ + QList getItemsChain(QObject *object); + + void printItems(const QList &items, QObject *current_item); +} // namespace FocusControl + +#endif // FOCUSCONTROL_H diff --git a/client/vpnconnection.cpp b/client/vpnconnection.cpp index ac881bd7..3de0f035 100644 --- a/client/vpnconnection.cpp +++ b/client/vpnconnection.cpp @@ -52,6 +52,28 @@ void VpnConnection::onBytesChanged(quint64 receivedBytes, quint64 sentBytes) emit bytesChanged(receivedBytes, sentBytes); } +void VpnConnection::onKillSwitchModeChanged(bool enabled) +{ +#ifdef AMNEZIA_DESKTOP + if (!m_IpcClient) { + m_IpcClient = new IpcClient(this); + } + + if (!m_IpcClient->isSocketConnected()) { + if (!IpcClient::init(m_IpcClient)) { + qWarning() << "Error occurred when init IPC client"; + emit serviceIsNotReady(); + return; + } + } + + if (IpcClient::Interface()) { + qDebug() << "Set KillSwitch Strict mode enabled " << enabled; + IpcClient::Interface()->refreshKillSwitch(enabled); + } +#endif +} + void VpnConnection::onConnectionStateChanged(Vpn::ConnectionState state) { @@ -215,10 +237,9 @@ ErrorCode VpnConnection::lastError() const void VpnConnection::connectToVpn(int serverIndex, const ServerCredentials &credentials, DockerContainer container, const QJsonObject &vpnConfiguration) { - qDebug() << QString("ConnectToVpn, Server index is %1, container is %2, route mode is") + qDebug() << QString("Trying to connect to VPN, server index is %1, container is %2") .arg(serverIndex) - .arg(ContainerProps::containerToString(container)) - << m_settings->routeMode(); + .arg(ContainerProps::containerToString(container)); #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS) if (!m_IpcClient) { m_IpcClient = new IpcClient(this); @@ -287,6 +308,7 @@ void VpnConnection::createProtocolConnections() void VpnConnection::appendKillSwitchConfig() { m_vpnConfiguration.insert(config_key::killSwitchOption, QVariant(m_settings->isKillSwitchEnabled()).toString()); + m_vpnConfiguration.insert(config_key::allowedDnsServers, QVariant(m_settings->allowedDnsServers()).toJsonValue()); } void VpnConnection::appendSplitTunnelingConfig() @@ -341,26 +363,28 @@ void VpnConnection::appendSplitTunnelingConfig() } } - Settings::RouteMode routeMode = Settings::RouteMode::VpnAllSites; + Settings::RouteMode sitesRouteMode = Settings::RouteMode::VpnAllSites; QJsonArray sitesJsonArray; if (m_settings->isSitesSplitTunnelingEnabled()) { - routeMode = m_settings->routeMode(); + sitesRouteMode = m_settings->routeMode(); if (allowSiteBasedSplitTunneling) { - auto sites = m_settings->getVpnIps(routeMode); + auto sites = m_settings->getVpnIps(sitesRouteMode); for (const auto &site : sites) { sitesJsonArray.append(site); } - // Allow traffic to Amnezia DNS - if (routeMode == Settings::VpnOnlyForwardSites) { + if (sitesJsonArray.isEmpty()) { + sitesRouteMode = Settings::RouteMode::VpnAllSites; + } else if (sitesRouteMode == Settings::VpnOnlyForwardSites) { + // Allow traffic to Amnezia DNS sitesJsonArray.append(m_vpnConfiguration.value(config_key::dns1).toString()); sitesJsonArray.append(m_vpnConfiguration.value(config_key::dns2).toString()); } } } - m_vpnConfiguration.insert(config_key::splitTunnelType, routeMode); + m_vpnConfiguration.insert(config_key::splitTunnelType, sitesRouteMode); m_vpnConfiguration.insert(config_key::splitTunnelSites, sitesJsonArray); Settings::AppsRouteMode appsRouteMode = Settings::AppsRouteMode::VpnAllApps; @@ -372,10 +396,21 @@ void VpnConnection::appendSplitTunnelingConfig() for (const auto &app : apps) { appsJsonArray.append(app.appPath.isEmpty() ? app.packageName : app.appPath); } + + if (appsJsonArray.isEmpty()) { + appsRouteMode = Settings::AppsRouteMode::VpnAllApps; + } } m_vpnConfiguration.insert(config_key::appSplitTunnelType, appsRouteMode); m_vpnConfiguration.insert(config_key::splitTunnelApps, appsJsonArray); + + qDebug() << QString("Site split tunneling is %1, route mode is %2") + .arg(m_settings->isSitesSplitTunnelingEnabled() ? "enabled" : "disabled") + .arg(sitesRouteMode); + qDebug() << QString("App split tunneling is %1, route mode is %2") + .arg(m_settings->isAppsSplitTunnelingEnabled() ? "enabled" : "disabled") + .arg(appsRouteMode); } #ifdef Q_OS_ANDROID diff --git a/client/vpnconnection.h b/client/vpnconnection.h index 0160edce..cb5aaaf9 100644 --- a/client/vpnconnection.h +++ b/client/vpnconnection.h @@ -48,14 +48,14 @@ public: public slots: void connectToVpn(int serverIndex, - const ServerCredentials &credentials, DockerContainer container, const QJsonObject &vpnConfiguration); + const ServerCredentials &credentials, DockerContainer container, const QJsonObject &vpnConfiguration); void disconnectFromVpn(); - void addRoutes(const QStringList &ips); void deleteRoutes(const QStringList &ips); void flushDns(); + void onKillSwitchModeChanged(bool enabled); signals: void bytesChanged(quint64 receivedBytes, quint64 sentBytes); diff --git a/deploy/DeveloperIDG2CA.cer b/deploy/DeveloperIDG2CA.cer new file mode 100644 index 00000000..8cbcf6f4 Binary files /dev/null and b/deploy/DeveloperIDG2CA.cer differ diff --git a/deploy/build_linux.sh b/deploy/build_linux.sh index 57217a1e..aaf59eb5 100755 --- a/deploy/build_linux.sh +++ b/deploy/build_linux.sh @@ -41,6 +41,10 @@ if [ -z "${QT_VERSION+x}" ]; then QT_BIN_DIR=/opt/Qt/$QT_VERSION/gcc_64/bin elif [ -f $HOME/Qt/$QT_VERSION/gcc_64/bin/qmake ]; then QT_BIN_DIR=$HOME/Qt/$QT_VERSION/gcc_64/bin + elif [ -f /usr/lib/qt6/bin/qmake ]; then + QT_BIN_DIR=/usr/lib/qt6/bin + elif [ -f /usr/lib/x86_64-linux-gnu/qt6/bin/qmake ]; then + QT_BIN_DIR=/usr/lib/x86_64-linux-gnu/qt6/bin fi fi @@ -56,7 +60,7 @@ echo "Building App..." cd $BUILD_DIR $QT_BIN_DIR/qt-cmake -S $PROJECT_DIR -cmake --build . --config release +cmake --build . -j --config release # Build and run tests here diff --git a/deploy/build_macos.sh b/deploy/build_macos.sh old mode 100755 new mode 100644 index 5f6e9786..03f286fc --- a/deploy/build_macos.sh +++ b/deploy/build_macos.sh @@ -1,4 +1,15 @@ #!/bin/bash +# ----------------------------------------------------------------------------- +# Usage: +# Export the required signing credentials before running this script, e.g.: +# export MAC_APP_CERT_PW='pw-for-DeveloperID-Application' +# export MAC_INSTALL_CERT_PW='pw-for-DeveloperID-Installer' +# export MAC_SIGNER_ID='Developer ID Application: Some Company Name (XXXXXXXXXX)' +# export MAC_INSTALLER_SIGNER_ID='Developer ID Installer: Some Company Name (XXXXXXXXXX)' +# export APPLE_DEV_EMAIL='your@email.com' +# export APPLE_DEV_PASSWORD='' +# bash deploy/build_macos.sh [-n] +# ----------------------------------------------------------------------------- echo "Build script started ..." set -o errexit -o nounset @@ -14,10 +25,10 @@ done PROJECT_DIR=$(pwd) DEPLOY_DIR=$PROJECT_DIR/deploy -mkdir -p $DEPLOY_DIR/build -BUILD_DIR=$DEPLOY_DIR/build +mkdir -p "$DEPLOY_DIR/build" +BUILD_DIR="$DEPLOY_DIR/build" -echo "Project dir: ${PROJECT_DIR}" +echo "Project dir: ${PROJECT_DIR}" echo "Build dir: ${BUILD_DIR}" APP_NAME=AmneziaVPN @@ -28,39 +39,45 @@ PLIST_NAME=$APP_NAME.plist OUT_APP_DIR=$BUILD_DIR/client BUNDLE_DIR=$OUT_APP_DIR/$APP_FILENAME +# Prebuilt deployment assets are available via the symlink under deploy/data PREBUILT_DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/deploy-prebuilt/macos DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/macos -INSTALLER_DATA_DIR=$BUILD_DIR/installer/packages/$APP_DOMAIN/data -INSTALLER_BUNDLE_DIR=$BUILD_DIR/installer/$APP_FILENAME -DMG_FILENAME=$PROJECT_DIR/${APP_NAME}.dmg # Search Qt if [ -z "${QT_VERSION+x}" ]; then -QT_VERSION=6.4.3; -QIF_VERSION=4.6 +QT_VERSION=6.8.3; QT_BIN_DIR=$HOME/Qt/$QT_VERSION/macos/bin -QIF_BIN_DIR=$QT_BIN_DIR/../../../Tools/QtInstallerFramework/$QIF_VERSION/bin fi echo "Using Qt in $QT_BIN_DIR" -echo "Using QIF in $QIF_BIN_DIR" # Checking env -$QT_BIN_DIR/qt-cmake --version +"$QT_BIN_DIR/qt-cmake" --version cmake --version clang -v # Build App echo "Building App..." -cd $BUILD_DIR +cd "$BUILD_DIR" -$QT_BIN_DIR/qt-cmake -S $PROJECT_DIR -B $BUILD_DIR +"$QT_BIN_DIR/qt-cmake" -S "$PROJECT_DIR" -B "$BUILD_DIR" cmake --build . --config release --target all # Build and run tests here +# Create a temporary keychain and import certificates +KEYCHAIN_PATH="$PROJECT_DIR/mac_sign.keychain" +trap 'echo "Cleaning up mac_sign.keychain..."; security delete-keychain "$KEYCHAIN_PATH" 2>/dev/null || true; rm -f "$KEYCHAIN_PATH" 2>/dev/null || true' EXIT +KEYCHAIN=$(security default-keychain -d user | tr -d '"[:space:]"') +security list-keychains -d user -s "$KEYCHAIN_PATH" "$KEYCHAIN" "$(security list-keychains -d user | tr '\n' ' ')" +security create-keychain -p "" "$KEYCHAIN_PATH" +security import "$DEPLOY_DIR/DeveloperIdApplicationCertificate.p12" -k "$KEYCHAIN_PATH" -P "$MAC_APP_CERT_PW" -T /usr/bin/codesign +security import "$DEPLOY_DIR/DeveloperIdInstallerCertificate.p12" -k "$KEYCHAIN_PATH" -P "$MAC_INSTALL_CERT_PW" -T /usr/bin/codesign +security import "$DEPLOY_DIR/DeveloperIDG2CA.cer" -k "$KEYCHAIN_PATH" -T /usr/bin/codesign +security list-keychains -d user -s "$KEYCHAIN_PATH" + echo "____________________________________" echo "............Deploy.................." echo "____________________________________" @@ -69,102 +86,159 @@ echo "____________________________________" echo "Packaging ..." -cp -Rv $PREBUILT_DEPLOY_DATA_DIR/* $BUNDLE_DIR/Contents/macOS -$QT_BIN_DIR/macdeployqt $OUT_APP_DIR/$APP_FILENAME -always-overwrite -qmldir=$PROJECT_DIR -cp -av $BUILD_DIR/service/server/$APP_NAME-service $BUNDLE_DIR/Contents/macOS -cp -Rv $PROJECT_DIR/deploy/data/macos/* $BUNDLE_DIR/Contents/macOS -rm -f $BUNDLE_DIR/Contents/macOS/post_install.sh $BUNDLE_DIR/Contents/macOS/post_uninstall.sh +cp -Rv "$PREBUILT_DEPLOY_DATA_DIR"/* "$BUNDLE_DIR/Contents/macOS" +"$QT_BIN_DIR/macdeployqt" "$OUT_APP_DIR/$APP_FILENAME" -always-overwrite -qmldir="$PROJECT_DIR" +cp -av "$BUILD_DIR/service/server/$APP_NAME-service" "$BUNDLE_DIR/Contents/macOS" +rsync -av --exclude="$PLIST_NAME" --exclude=post_install.sh --exclude=post_uninstall.sh "$DEPLOY_DATA_DIR/" "$BUNDLE_DIR/Contents/macOS/" -if [ "${MAC_CERT_PW+x}" ]; then +if [ "${MAC_APP_CERT_PW+x}" ]; then - CERTIFICATE_P12=$DEPLOY_DIR/PrivacyTechAppleCertDeveloperId.p12 - WWDRCA=$DEPLOY_DIR/WWDRCA.cer - KEYCHAIN=amnezia.build.macos.keychain - TEMP_PASS=tmp_pass + # Path to the p12 that contains the Developer ID *Application* certificate + CERTIFICATE_P12=$DEPLOY_DIR/DeveloperIdApplicationCertificate.p12 - security create-keychain -p $TEMP_PASS $KEYCHAIN || true - security default-keychain -s $KEYCHAIN - security unlock-keychain -p $TEMP_PASS $KEYCHAIN + # Ensure launchd plist is bundled, but place it inside Resources so that + # the bundle keeps a valid structure (nothing but `Contents` at the root). + mkdir -p "$BUNDLE_DIR/Contents/Resources" + cp "$DEPLOY_DATA_DIR/$PLIST_NAME" "$BUNDLE_DIR/Contents/Resources/$PLIST_NAME" - security default-keychain - security list-keychains - - security import $WWDRCA -k $KEYCHAIN -T /usr/bin/codesign || true - security import $CERTIFICATE_P12 -k $KEYCHAIN -P $MAC_CERT_PW -T /usr/bin/codesign || true - - security set-key-partition-list -S apple-tool:,apple: -k $TEMP_PASS $KEYCHAIN - security find-identity -p codesigning + # Show available signing identities (useful for debugging) + security find-identity -p codesigning || true echo "Signing App bundle..." - /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" $BUNDLE_DIR - /usr/bin/codesign --verify -vvvv $BUNDLE_DIR || true - spctl -a -vvvv $BUNDLE_DIR || true + /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --keychain "$KEYCHAIN_PATH" --sign "$MAC_SIGNER_ID" "$BUNDLE_DIR" + /usr/bin/codesign --verify -vvvv "$BUNDLE_DIR" || true + spctl -a -vvvv "$BUNDLE_DIR" || true - if [ "${NOTARIZE_APP+x}" ]; then - echo "Notarizing App bundle..." - /usr/bin/ditto -c -k --keepParent $BUNDLE_DIR $PROJECT_DIR/Bundle_to_notarize.zip - xcrun notarytool submit $PROJECT_DIR/Bundle_to_notarize.zip --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD - rm $PROJECT_DIR/Bundle_to_notarize.zip - sleep 300 - xcrun stapler staple $BUNDLE_DIR - xcrun stapler validate $BUNDLE_DIR - spctl -a -vvvv $BUNDLE_DIR || true - fi fi echo "Packaging installer..." -mkdir -p $INSTALLER_DATA_DIR -cp -av $PROJECT_DIR/deploy/installer $BUILD_DIR -cp -av $DEPLOY_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_install.sh -cp -av $DEPLOY_DATA_DIR/post_uninstall.sh $INSTALLER_DATA_DIR/post_uninstall.sh -cp -av $DEPLOY_DATA_DIR/$PLIST_NAME $INSTALLER_DATA_DIR/$PLIST_NAME +PKG_DIR=$BUILD_DIR/pkg +# Remove any stale packaging data from previous runs +rm -rf "$PKG_DIR" +PKG_ROOT=$PKG_DIR/root +SCRIPTS_DIR=$PKG_DIR/scripts +RESOURCES_DIR=$PKG_DIR/resources +INSTALL_PKG=$PKG_DIR/${APP_NAME}_install.pkg +UNINSTALL_PKG=$PKG_DIR/${APP_NAME}_uninstall.pkg +FINAL_PKG=$PKG_DIR/${APP_NAME}.pkg +UNINSTALL_SCRIPTS_DIR=$PKG_DIR/uninstall_scripts -chmod a+x $INSTALLER_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_uninstall.sh +mkdir -p "$PKG_ROOT/Applications" "$SCRIPTS_DIR" "$RESOURCES_DIR" "$UNINSTALL_SCRIPTS_DIR" -cd $BUNDLE_DIR -tar czf $INSTALLER_DATA_DIR/$APP_NAME.tar.gz ./ +cp -R "$BUNDLE_DIR" "$PKG_ROOT/Applications" +# launchd plist is already inside the bundle; no need to add it again after signing +/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --keychain "$KEYCHAIN_PATH" --sign "$MAC_SIGNER_ID" "$PKG_ROOT/Applications/$APP_FILENAME" +/usr/bin/codesign --verify --deep --strict --verbose=4 "$PKG_ROOT/Applications/$APP_FILENAME" || true +cp "$DEPLOY_DATA_DIR/post_install.sh" "$SCRIPTS_DIR/post_install.sh" +cp "$DEPLOY_DATA_DIR/post_uninstall.sh" "$UNINSTALL_SCRIPTS_DIR/postinstall" +mkdir -p "$RESOURCES_DIR/scripts" +cp "$DEPLOY_DATA_DIR/check_install.sh" "$RESOURCES_DIR/scripts/check_install.sh" +cp "$DEPLOY_DATA_DIR/check_uninstall.sh" "$RESOURCES_DIR/scripts/check_uninstall.sh" -echo "Building installer..." -$QIF_BIN_DIR/binarycreator --offline-only -v -c $BUILD_DIR/installer/config/macos.xml -p $BUILD_DIR/installer/packages -f $INSTALLER_BUNDLE_DIR +cat > "$SCRIPTS_DIR/postinstall" <<'EOS' +#!/bin/bash +SCRIPT_DIR="$(dirname "$0")" +bash "$SCRIPT_DIR/post_install.sh" +exit 0 +EOS -if [ "${MAC_CERT_PW+x}" ]; then - echo "Signing installer bundle..." - security unlock-keychain -p $TEMP_PASS $KEYCHAIN - /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" $INSTALLER_BUNDLE_DIR - /usr/bin/codesign --verify -vvvv $INSTALLER_BUNDLE_DIR || true +chmod +x "$SCRIPTS_DIR"/* +chmod +x "$UNINSTALL_SCRIPTS_DIR"/* +chmod +x "$RESOURCES_DIR/scripts"/* +cp "$PROJECT_DIR/LICENSE" "$RESOURCES_DIR/LICENSE" - if [ "${NOTARIZE_APP+x}" ]; then - echo "Notarizing installer bundle..." - /usr/bin/ditto -c -k --keepParent $INSTALLER_BUNDLE_DIR $PROJECT_DIR/Installer_bundle_to_notarize.zip - xcrun notarytool submit $PROJECT_DIR/Installer_bundle_to_notarize.zip --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD - rm $PROJECT_DIR/Installer_bundle_to_notarize.zip - sleep 300 - xcrun stapler staple $INSTALLER_BUNDLE_DIR - xcrun stapler validate $INSTALLER_BUNDLE_DIR - spctl -a -vvvv $INSTALLER_BUNDLE_DIR || true - fi +APP_VERSION=$(grep -m1 -E 'project\(' "$PROJECT_DIR/CMakeLists.txt" | sed -E 's/.*VERSION ([0-9.]+).*/\1/') +echo "Building component package $INSTALL_PKG ..." + +# Disable bundle relocation so the app always ends up in /Applications even if +# another copy is lying around somewhere. We do this by letting pkgbuild +# analyse the contents, flipping the BundleIsRelocatable flag to false for every +# bundle it discovers and then feeding that plist back to pkgbuild. + +COMPONENT_PLIST="$PKG_DIR/component.plist" +# Create the component description plist first +pkgbuild --analyze --root "$PKG_ROOT" "$COMPONENT_PLIST" + +# Turn all `BundleIsRelocatable` keys to false (PlistBuddy is available on all +# macOS systems). We first convert to xml1 to ensure predictable formatting. + +# Turn relocation off for every bundle entry in the plist. PlistBuddy cannot +# address keys that contain slashes without quoting, so we iterate through the +# top-level keys it prints. +plutil -convert xml1 "$COMPONENT_PLIST" +for bundle_key in $(/usr/libexec/PlistBuddy -c "Print" "$COMPONENT_PLIST" | awk '/^[ \t]*[A-Za-z0-9].*\.app/ {print $1}'); do + /usr/libexec/PlistBuddy -c "Set :'${bundle_key}':BundleIsRelocatable false" "$COMPONENT_PLIST" || true +done + +# Now build the real payload package with the edited plist so that the final +# PackageInfo contains relocatable="false". +pkgbuild --root "$PKG_ROOT" \ + --identifier "$APP_DOMAIN" \ + --version "$APP_VERSION" \ + --install-location "/" \ + --scripts "$SCRIPTS_DIR" \ + --component-plist "$COMPONENT_PLIST" \ + --sign "$MAC_INSTALLER_SIGNER_ID" \ + "$INSTALL_PKG" + +# Build uninstaller component package +UNINSTALL_COMPONENT_PKG=$PKG_DIR/${APP_NAME}_uninstall_component.pkg +echo "Building uninstaller component package $UNINSTALL_COMPONENT_PKG ..." +pkgbuild --nopayload \ + --identifier "$APP_DOMAIN.uninstall" \ + --version "$APP_VERSION" \ + --scripts "$UNINSTALL_SCRIPTS_DIR" \ + --sign "$MAC_INSTALLER_SIGNER_ID" \ + "$UNINSTALL_COMPONENT_PKG" + +# Wrap uninstaller component in a distribution package for clearer UI +echo "Building uninstaller distribution package $UNINSTALL_PKG ..." +UNINSTALL_RESOURCES=$PKG_DIR/uninstall_resources +rm -rf "$UNINSTALL_RESOURCES" +mkdir -p "$UNINSTALL_RESOURCES" +cp "$DEPLOY_DATA_DIR/uninstall_welcome.html" "$UNINSTALL_RESOURCES" +cp "$DEPLOY_DATA_DIR/uninstall_conclusion.html" "$UNINSTALL_RESOURCES" +productbuild \ + --distribution "$DEPLOY_DATA_DIR/distribution_uninstall.xml" \ + --package-path "$PKG_DIR" \ + --resources "$UNINSTALL_RESOURCES" \ + --sign "$MAC_INSTALLER_SIGNER_ID" \ + "$UNINSTALL_PKG" + +cp "$PROJECT_DIR/deploy/data/macos/distribution.xml" "$PKG_DIR/distribution.xml" + +echo "Creating final installer $FINAL_PKG ..." +productbuild --distribution "$PKG_DIR/distribution.xml" \ + --package-path "$PKG_DIR" \ + --resources "$RESOURCES_DIR" \ + --sign "$MAC_INSTALLER_SIGNER_ID" \ + "$FINAL_PKG" + +if [ "${MAC_INSTALL_CERT_PW+x}" ] && [ "${NOTARIZE_APP+x}" ]; then + echo "Notarizing installer package..." + xcrun notarytool submit "$FINAL_PKG" \ + --apple-id "$APPLE_DEV_EMAIL" \ + --team-id "$MAC_TEAM_ID" \ + --password "$APPLE_DEV_PASSWORD" \ + --wait + + echo "Stapling ticket..." + xcrun stapler staple "$FINAL_PKG" + xcrun stapler validate "$FINAL_PKG" fi -echo "Building DMG installer..." -# Allow Terminal to make changes in Privacy & Security > App Management -hdiutil create -size 256mb -volname AmneziaVPN -srcfolder $BUILD_DIR/installer/$APP_NAME.app -ov -format UDZO $DMG_FILENAME - -if [ "${MAC_CERT_PW+x}" ]; then - echo "Signing DMG installer..." - security unlock-keychain -p $TEMP_PASS $KEYCHAIN - /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" $DMG_FILENAME - /usr/bin/codesign --verify -vvvv $DMG_FILENAME || true - - if [ "${NOTARIZE_APP+x}" ]; then - echo "Notarizing DMG installer..." - xcrun notarytool submit $DMG_FILENAME --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD - sleep 300 - xcrun stapler staple $DMG_FILENAME - xcrun stapler validate $DMG_FILENAME - fi +if [ "${MAC_INSTALL_CERT_PW+x}" ]; then + /usr/bin/codesign --verify -vvvv "$FINAL_PKG" || true + spctl -a -vvvv "$FINAL_PKG" || true fi -echo "Finished, artifact is $DMG_FILENAME" +# Sign app bundle +/usr/bin/codesign --deep --force --verbose --timestamp -o runtime --keychain "$KEYCHAIN_PATH" --sign "$MAC_SIGNER_ID" "$BUNDLE_DIR" +spctl -a -vvvv "$BUNDLE_DIR" || true -# restore keychain -security default-keychain -s login.keychain +# Restore login keychain as the only user keychain and delete the temporary keychain +KEYCHAIN="$HOME/Library/Keychains/login.keychain-db" +security list-keychains -d user -s "$KEYCHAIN" +security delete-keychain "$KEYCHAIN_PATH" + +echo "Finished, artifact is $FINAL_PKG" diff --git a/deploy/data/macos/check_install.sh b/deploy/data/macos/check_install.sh new file mode 100755 index 00000000..adf63550 --- /dev/null +++ b/deploy/data/macos/check_install.sh @@ -0,0 +1,5 @@ +#!/bin/bash +if [ -d "/Applications/AmneziaVPN.app" ] || pgrep -x "AmneziaVPN-service" >/dev/null; then + exit 1 +fi +exit 0 diff --git a/deploy/data/macos/check_uninstall.sh b/deploy/data/macos/check_uninstall.sh new file mode 100755 index 00000000..e7a6f7e0 --- /dev/null +++ b/deploy/data/macos/check_uninstall.sh @@ -0,0 +1,5 @@ +#!/bin/bash +if [ -d "/Applications/AmneziaVPN.app" ] || pgrep -x "AmneziaVPN-service" >/dev/null; then + exit 0 +fi +exit 1 diff --git a/deploy/data/macos/distribution.xml b/deploy/data/macos/distribution.xml new file mode 100644 index 00000000..c0a1dc68 --- /dev/null +++ b/deploy/data/macos/distribution.xml @@ -0,0 +1,17 @@ + + + AmneziaVPN Installer + + + + + + + + + + + + AmneziaVPN_install.pkg + AmneziaVPN_uninstall_component.pkg + diff --git a/deploy/data/macos/distribution_uninstall.xml b/deploy/data/macos/distribution_uninstall.xml new file mode 100644 index 00000000..cf8932b9 --- /dev/null +++ b/deploy/data/macos/distribution_uninstall.xml @@ -0,0 +1,13 @@ + + Uninstall AmneziaVPN + + + + + + + + + + AmneziaVPN_uninstall_component.pkg + diff --git a/deploy/data/macos/post_install.sh b/deploy/data/macos/post_install.sh index acd3f93f..053c8e13 100755 --- a/deploy/data/macos/post_install.sh +++ b/deploy/data/macos/post_install.sh @@ -7,29 +7,42 @@ LOG_FOLDER=/var/log/$APP_NAME LOG_FILE="$LOG_FOLDER/post-install.log" APP_PATH=/Applications/$APP_NAME.app -if launchctl list "$APP_NAME-service" &> /dev/null; then - launchctl unload $LAUNCH_DAEMONS_PLIST_NAME - rm -f $LAUNCH_DAEMONS_PLIST_NAME +# Handle new installations unpacked into localized folder +if [ -d "/Applications/${APP_NAME}.localized" ]; then + echo "`date` Detected ${APP_NAME}.localized, migrating to standard path" >> $LOG_FILE + sudo rm -rf "$APP_PATH" + sudo mv "/Applications/${APP_NAME}.localized/${APP_NAME}.app" "$APP_PATH" + sudo rm -rf "/Applications/${APP_NAME}.localized" fi -tar xzf $APP_PATH/$APP_NAME.tar.gz -C $APP_PATH -rm -f $APP_PATH/$APP_NAME.tar.gz -sudo chmod -R a-w $APP_PATH/ -sudo chown -R root $APP_PATH/ -sudo chgrp -R wheel $APP_PATH/ +if launchctl list "$APP_NAME-service" &> /dev/null; then + launchctl unload "$LAUNCH_DAEMONS_PLIST_NAME" + rm -f "$LAUNCH_DAEMONS_PLIST_NAME" +fi + +sudo chmod -R a-w "$APP_PATH/" +sudo chown -R root "$APP_PATH/" +sudo chgrp -R wheel "$APP_PATH/" rm -rf $LOG_FOLDER mkdir -p $LOG_FOLDER echo "`date` Script started" > $LOG_FILE -killall -9 $APP_NAME-service 2>> $LOG_FILE +echo "Requesting ${APP_NAME} to quit gracefully" >> "$LOG_FILE" +osascript -e 'tell application "AmneziaVPN" to quit' -mv -f $APP_PATH/$PLIST_NAME $LAUNCH_DAEMONS_PLIST_NAME 2>> $LOG_FILE -chown root:wheel $LAUNCH_DAEMONS_PLIST_NAME -launchctl load $LAUNCH_DAEMONS_PLIST_NAME +PLIST_SOURCE="$APP_PATH/Contents/Resources/$PLIST_NAME" +if [ -f "$PLIST_SOURCE" ]; then + mv -f "$PLIST_SOURCE" "$LAUNCH_DAEMONS_PLIST_NAME" 2>> $LOG_FILE +else + echo "`date` ERROR: service plist not found at $PLIST_SOURCE" >> $LOG_FILE +fi + +chown root:wheel "$LAUNCH_DAEMONS_PLIST_NAME" +launchctl load "$LAUNCH_DAEMONS_PLIST_NAME" +echo "`date` Launching ${APP_NAME} application" >> $LOG_FILE +open -a "$APP_PATH" 2>> $LOG_FILE || true echo "`date` Service status: $?" >> $LOG_FILE echo "`date` Script finished" >> $LOG_FILE - -#rm -- "$0" diff --git a/deploy/data/macos/post_uninstall.sh b/deploy/data/macos/post_uninstall.sh index 6e8e9fa8..d6c5cdbd 100755 --- a/deploy/data/macos/post_uninstall.sh +++ b/deploy/data/macos/post_uninstall.sh @@ -2,13 +2,83 @@ APP_NAME=AmneziaVPN PLIST_NAME=$APP_NAME.plist -LAUNCH_DAEMONS_PLIST_NAME=/Library/LaunchDaemons/$PLIST_NAME +LAUNCH_DAEMONS_PLIST_NAME="/Library/LaunchDaemons/$PLIST_NAME" +APP_PATH="/Applications/$APP_NAME.app" +USER_APP_SUPPORT="$HOME/Library/Application Support/$APP_NAME" +SYSTEM_APP_SUPPORT="/Library/Application Support/$APP_NAME" +LOG_FOLDER="/var/log/$APP_NAME" +CACHES_FOLDER="$HOME/Library/Caches/$APP_NAME" -if launchctl list "$APP_NAME-service" &> /dev/null; then - launchctl unload $LAUNCH_DAEMONS_PLIST_NAME - rm -f $LAUNCH_DAEMONS_PLIST_NAME +# Attempt to quit the GUI application if it's currently running +if pgrep -x "$APP_NAME" > /dev/null; then + echo "Quitting $APP_NAME..." + osascript -e 'tell application "'"$APP_NAME"'" to quit' || true + # Wait up to 10 seconds for the app to terminate gracefully + for i in {1..10}; do + if ! pgrep -x "$APP_NAME" > /dev/null; then + break + fi + sleep 1 + done fi -rm -rf "$HOME/Library/Application Support/$APP_NAME" -rm -rf /var/log/$APP_NAME -rm -rf /Applications/$APP_NAME.app/Contents +# Stop the running service if it exists +if pgrep -x "${APP_NAME}-service" > /dev/null; then + sudo killall -9 "${APP_NAME}-service" +fi + +# Unload the service if loaded and remove its plist file regardless +if launchctl list "${APP_NAME}-service" &> /dev/null; then + sudo launchctl unload "$LAUNCH_DAEMONS_PLIST_NAME" +fi +sudo rm -f "$LAUNCH_DAEMONS_PLIST_NAME" + +# Remove the entire application bundle +sudo rm -rf "$APP_PATH" + +# Remove Application Support folders (user and system, if they exist) +rm -rf "$USER_APP_SUPPORT" +sudo rm -rf "$SYSTEM_APP_SUPPORT" + +# Remove the log folder +sudo rm -rf "$LOG_FOLDER" + +# Remove any caches left behind +rm -rf "$CACHES_FOLDER" + +# Remove PF data directory created by firewall helper, if present +sudo rm -rf "/Library/Application Support/${APP_NAME}/pf" + +# ---------------- PF firewall cleanup ---------------------- +# Rules are loaded under the anchor "amn" (see macosfirewall.cpp) +# Flush only that anchor to avoid destroying user/system rules. + +PF_ANCHOR="amn" + +### Flush all PF rules, NATs, and tables under our anchor and sub-anchors ### +anchors=$(sudo pfctl -s Anchors 2>/dev/null | awk '/^'"${PF_ANCHOR}"'/ {sub(/\*$/, "", $1); print $1}') +for anc in $anchors; do + echo "Flushing PF anchor $anc" + sudo pfctl -a "$anc" -F all 2>/dev/null || true + # flush tables under this anchor + tables=$(sudo pfctl -s Tables 2>/dev/null | awk '/^'"$anc"'/ {print}') + for tbl in $tables; do + echo "Killing PF table $tbl" + sudo pfctl -t "$tbl" -T kill 2>/dev/null || true + done +done + +### Reload default PF config to restore system rules ### +if [ -f /etc/pf.conf ]; then + echo "Restoring system PF config" + sudo pfctl -f /etc/pf.conf 2>/dev/null || true +fi + +### Disable PF if no rules remain ### +if sudo pfctl -s info 2>/dev/null | grep -q '^Status: Enabled' && \ + ! sudo pfctl -sr 2>/dev/null | grep -q .; then + echo "Disabling PF" + sudo pfctl -d 2>/dev/null || true +fi + +# ----------------------------------------------------------- diff --git a/deploy/data/macos/uninstall_conclusion.html b/deploy/data/macos/uninstall_conclusion.html new file mode 100644 index 00000000..f5b8bb63 --- /dev/null +++ b/deploy/data/macos/uninstall_conclusion.html @@ -0,0 +1,7 @@ + +Uninstall Complete + +

AmneziaVPN has been uninstalled

+

Thank you for using AmneziaVPN. The application and its components have been removed.

+ + \ No newline at end of file diff --git a/deploy/data/macos/uninstall_welcome.html b/deploy/data/macos/uninstall_welcome.html new file mode 100644 index 00000000..9f3d97cb --- /dev/null +++ b/deploy/data/macos/uninstall_welcome.html @@ -0,0 +1,7 @@ + +Uninstall AmneziaVPN + +

Uninstall AmneziaVPN

+

This process will remove AmneziaVPN from your system. Click Continue to proceed.

+ + \ No newline at end of file diff --git a/deploy/deploy_s3.sh b/deploy/deploy_s3.sh new file mode 100755 index 00000000..a139a5a5 --- /dev/null +++ b/deploy/deploy_s3.sh @@ -0,0 +1,38 @@ +#!/bin/sh +set -e + +VERSION=$1 + +if [[ $VERSION = '' ]]; then + echo '::error::VERSION does not set. Exiting with error...' + exit 1 +fi + +mkdir -p dist + +cd dist + +echo $VERSION >> VERSION +curl -s https://api.github.com/repos/amnezia-vpn/amnezia-client/releases/tags/$VERSION | jq -r .body | tr -d '\r' > CHANGELOG + +if [[ $(cat CHANGELOG) = null ]]; then + echo '::error::Release does not exists. Exiting with error...' + exit 1 +fi + +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android8+_arm64-v8a.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android8+_armeabi-v7a.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android8+_x86.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android8+_x86_64.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android_7_arm64-v8a.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android_7_armeabi-v7a.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android_7_x86.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_android_7_x86_64.apk +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_linux_x64.tar.zip +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_macos.dmg +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_macos_old.dmg +wget -q https://github.com/amnezia-vpn/amnezia-client/releases/download/${VERSION}/AmneziaVPN_${VERSION}_windows_x64.exe + +cd ../ + +rclone sync ./dist/ r2:/updates/ diff --git a/deploy/installer/config.cmake b/deploy/installer/config.cmake index 13f09986..3c33a33c 100644 --- a/deploy/installer/config.cmake +++ b/deploy/installer/config.cmake @@ -4,11 +4,6 @@ if(WIN32) ${CMAKE_CURRENT_LIST_DIR}/config/windows.xml.in ${CMAKE_BINARY_DIR}/installer/config/windows.xml ) -elseif(APPLE AND NOT IOS) - configure_file( - ${CMAKE_CURRENT_LIST_DIR}/config/macos.xml.in - ${CMAKE_BINARY_DIR}/installer/config/macos.xml - ) elseif(LINUX) set(ApplicationsDir "@ApplicationsDir@") configure_file( diff --git a/deploy/installer/config/AmneziaVPN.desktop.in b/deploy/installer/config/AmneziaVPN.desktop.in index 2a53074e..03ab570c 100755 --- a/deploy/installer/config/AmneziaVPN.desktop.in +++ b/deploy/installer/config/AmneziaVPN.desktop.in @@ -2,7 +2,7 @@ [Desktop Entry] Type=Application Name=AmneziaVPN -Version=@CMAKE_PROJECT_VERSION@ +Version=1.0 Comment=Client of your self-hosted VPN Exec=AmneziaVPN Icon=/usr/share/pixmaps/AmneziaVPN.png diff --git a/deploy/installer/config/macos.xml.in b/deploy/installer/config/macos.xml.in deleted file mode 100644 index 3888d08d..00000000 --- a/deploy/installer/config/macos.xml.in +++ /dev/null @@ -1,27 +0,0 @@ - - - AmneziaVPN - @CMAKE_PROJECT_VERSION@ - AmneziaVPN - AmneziaVPN - AmneziaVPN - /Applications/AmneziaVPN.app - 600 - 380 - Mac - true - true - false - controlscript.js - false - true - false - true - - - https://amneziavpn.org/updates/macos - true - AmneziaVPN - repository for macOS - - - diff --git a/ipc/ipc_interface.rep b/ipc/ipc_interface.rep index c0f031fe..4ecae9bc 100644 --- a/ipc/ipc_interface.rep +++ b/ipc/ipc_interface.rep @@ -29,6 +29,10 @@ class IpcInterface SLOT( void StopRoutingIpv6() ); SLOT( bool disableKillSwitch() ); + SLOT( bool disableAllTraffic() ); + SLOT( bool refreshKillSwitch( bool enabled ) ); + SLOT( bool addKillSwitchAllowedRange( const QStringList ranges ) ); + SLOT( bool resetKillSwitchAllowedRange( const QStringList ranges ) ); SLOT( bool enablePeerTraffic( const QJsonObject &configStr) ); SLOT( bool enableKillSwitch( const QJsonObject &excludeAddr, int vpnAdapterIndex) ); SLOT( bool updateResolvers(const QString& ifname, const QList& resolvers) ); diff --git a/ipc/ipcserver.cpp b/ipc/ipcserver.cpp index bb8a4182..0c7f5295 100644 --- a/ipc/ipcserver.cpp +++ b/ipc/ipcserver.cpp @@ -8,21 +8,12 @@ #include "logger.h" #include "router.h" -#include "../core/networkUtilities.h" -#include "../client/protocols/protocols_defs.h" +#include "killswitch.h" + #ifdef Q_OS_WIN - #include "../client/platforms/windows/daemon/windowsdaemon.h" - #include "../client/platforms/windows/daemon/windowsfirewall.h" #include "tapcontroller_win.h" #endif -#ifdef Q_OS_LINUX - #include "../client/platforms/linux/daemon/linuxfirewall.h" -#endif - -#ifdef Q_OS_MACOS - #include "../client/platforms/macos/daemon/macosfirewall.h" -#endif IpcServer::IpcServer(QObject *parent) : IpcInterfaceSource(parent) @@ -35,10 +26,6 @@ int IpcServer::createPrivilegedProcess() qDebug() << "IpcServer::createPrivilegedProcess"; #endif -#ifdef Q_OS_WIN - WindowsFirewall::instance()->init(); -#endif - m_localpid++; ProcessDescriptor pd(this); @@ -192,166 +179,37 @@ void IpcServer::setLogsEnabled(bool enabled) } } +bool IpcServer::resetKillSwitchAllowedRange(QStringList ranges) +{ + return KillSwitch::instance()->resetAllowedRange(ranges); +} + +bool IpcServer::addKillSwitchAllowedRange(QStringList ranges) +{ + return KillSwitch::instance()->addAllowedRange(ranges); +} + +bool IpcServer::disableAllTraffic() +{ + return KillSwitch::instance()->disableAllTraffic(); +} + bool IpcServer::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterIndex) { -#ifdef Q_OS_WIN - return WindowsFirewall::instance()->enableKillSwitch(vpnAdapterIndex); -#endif - -#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) - int splitTunnelType = configStr.value("splitTunnelType").toInt(); - QJsonArray splitTunnelSites = configStr.value("splitTunnelSites").toArray(); - bool blockAll = 0; - bool allowNets = 0; - bool blockNets = 0; - QStringList allownets; - QStringList blocknets; - - if (splitTunnelType == 0) { - blockAll = true; - allowNets = true; - allownets.append(configStr.value("vpnServer").toString()); - } else if (splitTunnelType == 1) { - blockNets = true; - for (auto v : splitTunnelSites) { - blocknets.append(v.toString()); - } - } else if (splitTunnelType == 2) { - blockAll = true; - allowNets = true; - allownets.append(configStr.value("vpnServer").toString()); - for (auto v : splitTunnelSites) { - allownets.append(v.toString()); - } - } -#endif - -#ifdef Q_OS_LINUX - // double-check + ensure our firewall is installed and enabled - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), blockAll); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), allowNets); - LinuxFirewall::updateAllowNets(allownets); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), blockAll); - LinuxFirewall::updateBlockNets(blocknets); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true); - QStringList dnsServers; - dnsServers.append(configStr.value(amnezia::config_key::dns1).toString()); - dnsServers.append(configStr.value(amnezia::config_key::dns2).toString()); - dnsServers.append("127.0.0.1"); - dnsServers.append("127.0.0.53"); - LinuxFirewall::updateDNSServers(dnsServers); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true); - LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true); -#endif - -#ifdef Q_OS_MACOS - - // double-check + ensure our firewall is installed and enabled. This is necessary as - // other software may disable pfctl before re-enabling with their own rules (e.g other VPNs) - if (!MacOSFirewall::isInstalled()) - MacOSFirewall::install(); - - MacOSFirewall::ensureRootAnchorPriority(); - MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), blockAll); - MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), allowNets); - MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), allowNets, QStringLiteral("allownets"), allownets); - - MacOSFirewall::setAnchorEnabled(QStringLiteral("120.blockNets"), blockNets); - MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), blockNets, QStringLiteral("blocknets"), blocknets); - MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true); - MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true); - - QStringList dnsServers; - dnsServers.append(configStr.value(amnezia::config_key::dns1).toString()); - dnsServers.append(configStr.value(amnezia::config_key::dns2).toString()); - MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true); - MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), dnsServers); -#endif - - return true; + return KillSwitch::instance()->enableKillSwitch(configStr, vpnAdapterIndex); } bool IpcServer::disableKillSwitch() { -#ifdef Q_OS_WIN - return WindowsFirewall::instance()->disableKillSwitch(); -#endif - -#ifdef Q_OS_LINUX - LinuxFirewall::uninstall(); -#endif - -#ifdef Q_OS_MACOS - MacOSFirewall::uninstall(); -#endif - - return true; + return KillSwitch::instance()->disableKillSwitch(); } bool IpcServer::enablePeerTraffic(const QJsonObject &configStr) { -#ifdef Q_OS_WIN - InterfaceConfig config; - config.m_dnsServer = configStr.value(amnezia::config_key::dns1).toString(); - config.m_serverPublicKey = "openvpn"; - config.m_serverIpv4Gateway = configStr.value("vpnGateway").toString(); - config.m_serverIpv4AddrIn = configStr.value("vpnServer").toString(); - int vpnAdapterIndex = configStr.value("vpnAdapterIndex").toInt(); - int inetAdapterIndex = configStr.value("inetAdapterIndex").toInt(); - - int splitTunnelType = configStr.value("splitTunnelType").toInt(); - QJsonArray splitTunnelSites = configStr.value("splitTunnelSites").toArray(); - - QStringList AllowedIPAddesses; - - // Use APP split tunnel - if (splitTunnelType == 0 || splitTunnelType == 2) { - config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress("0.0.0.0"), 0)); - config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress("::"), 0)); - } - - if (splitTunnelType == 1) { - for (auto v : splitTunnelSites) { - QString ipRange = v.toString(); - if (ipRange.split('/').size() > 1) { - config.m_allowedIPAddressRanges.append( - IPAddress(QHostAddress(ipRange.split('/')[0]), atoi(ipRange.split('/')[1].toLocal8Bit()))); - } else { - config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress(ipRange), 32)); - } - } - } - - config.m_excludedAddresses.append(configStr.value("vpnServer").toString()); - if (splitTunnelType == 2) { - for (auto v : splitTunnelSites) { - QString ipRange = v.toString(); - config.m_excludedAddresses.append(ipRange); - } - } - - for (const QJsonValue &i : configStr.value(amnezia::config_key::splitTunnelApps).toArray()) { - if (!i.isString()) { - break; - } - config.m_vpnDisabledApps.append(i.toString()); - } - - // killSwitch toggle - if (QVariant(configStr.value(amnezia::config_key::killSwitchOption).toString()).toBool()) { - WindowsFirewall::instance()->enablePeerTraffic(config); - } - - WindowsDaemon::instance()->prepareActivation(config, inetAdapterIndex); - WindowsDaemon::instance()->activateSplitTunnel(config, vpnAdapterIndex); -#endif - return true; + return KillSwitch::instance()->enablePeerTraffic(configStr); +} + +bool IpcServer::refreshKillSwitch(bool enabled) +{ + return KillSwitch::instance()->refresh(enabled); } diff --git a/ipc/ipcserver.h b/ipc/ipcserver.h index 9810046b..00d36354 100644 --- a/ipc/ipcserver.h +++ b/ipc/ipcserver.h @@ -34,9 +34,13 @@ public: virtual bool deleteTun(const QString &dev) override; virtual void StartRoutingIpv6() override; virtual void StopRoutingIpv6() override; + virtual bool disableAllTraffic() override; + virtual bool addKillSwitchAllowedRange(QStringList ranges) override; + virtual bool resetKillSwitchAllowedRange(QStringList ranges) override; virtual bool enablePeerTraffic(const QJsonObject &configStr) override; virtual bool enableKillSwitch(const QJsonObject &excludeAddr, int vpnAdapterIndex) override; virtual bool disableKillSwitch() override; + virtual bool refreshKillSwitch( bool enabled ) override; virtual bool updateResolvers(const QString& ifname, const QList& resolvers) override; private: diff --git a/ipc/ipctun2socksprocess.cpp b/ipc/ipctun2socksprocess.cpp index ffcb1bcd..2125f6ab 100644 --- a/ipc/ipctun2socksprocess.cpp +++ b/ipc/ipctun2socksprocess.cpp @@ -11,7 +11,6 @@ IpcProcessTun2Socks::IpcProcessTun2Socks(QObject *parent) : IpcProcessTun2SocksSource(parent), m_t2sProcess(QSharedPointer(new QProcess())) { - connect(m_t2sProcess.data(), &QProcess::stateChanged, this, &IpcProcessTun2Socks::stateChanged); qDebug() << "IpcProcessTun2Socks::IpcProcessTun2Socks()"; } @@ -23,8 +22,10 @@ IpcProcessTun2Socks::~IpcProcessTun2Socks() void IpcProcessTun2Socks::start() { + connect(m_t2sProcess.data(), &QProcess::stateChanged, this, &IpcProcessTun2Socks::stateChanged); qDebug() << "IpcProcessTun2Socks::start()"; m_t2sProcess->setProgram(amnezia::permittedProcessPath(static_cast(amnezia::PermittedProcess::Tun2Socks))); + QString XrayConStr = "socks5://127.0.0.1:10808"; #ifdef Q_OS_WIN @@ -41,7 +42,11 @@ void IpcProcessTun2Socks::start() m_t2sProcess->setArguments(arguments); - Utils::killProcessByName(m_t2sProcess->program()); + if (Utils::processIsRunning(Utils::executable("tun2socks", false))) { + qDebug().noquote() << "kill previos tun2socks"; + Utils::killProcessByName(Utils::executable("tun2socks", false)); + } + m_t2sProcess->start(); connect(m_t2sProcess.data(), &QProcess::readyReadStandardOutput, this, [this]() { @@ -54,12 +59,10 @@ void IpcProcessTun2Socks::start() connect(m_t2sProcess.data(), QOverload::of(&QProcess::finished), this, [this](int exitCode, QProcess::ExitStatus exitStatus) { qDebug().noquote() << "tun2socks finished, exitCode, exiStatus" << exitCode << exitStatus; emit setConnectionState(Vpn::ConnectionState::Disconnected); - if (exitStatus != QProcess::NormalExit){ - stop(); - } - if (exitCode !=0 ){ - stop(); + if ((exitStatus != QProcess::NormalExit) || (exitCode != 0)) { + emit setConnectionState(Vpn::ConnectionState::Error); } + }); m_t2sProcess->start(); @@ -69,6 +72,8 @@ void IpcProcessTun2Socks::start() void IpcProcessTun2Socks::stop() { qDebug() << "IpcProcessTun2Socks::stop()"; - m_t2sProcess->close(); + m_t2sProcess->disconnect(); + m_t2sProcess->kill(); + m_t2sProcess->waitForFinished(3000); } #endif diff --git a/service/server/CMakeLists.txt b/service/server/CMakeLists.txt index 0f101087..aa7661fa 100644 --- a/service/server/CMakeLists.txt +++ b/service/server/CMakeLists.txt @@ -12,8 +12,47 @@ qt_standard_project_setup() configure_file(${CMAKE_SOURCE_DIR}/version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h) +set(QSIMPLECRYPTO_DIR ${CMAKE_CURRENT_LIST_DIR}/../../client/3rd/QSimpleCrypto/src) + + +set(OPENSSL_ROOT_DIR "${CMAKE_CURRENT_LIST_DIR}/../../client/3rd-prebuilt/3rd-prebuilt/openssl/") +set(OPENSSL_LIBRARIES_DIR "${OPENSSL_ROOT_DIR}/lib") + +set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/windows/include") +if("${CMAKE_SIZEOF_VOID_P}" STREQUAL "8") + set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/windows/win64/libssl.lib") + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/windows/win64/libcrypto.lib") +else() + set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/windows/win32/libssl.lib") + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/windows/win32/libcrypto.lib") +endif() + + +if(WIN32) + set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/windows/include") + if("${CMAKE_SIZEOF_VOID_P}" STREQUAL "8") + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/windows/win64/libcrypto.lib") + else() + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/windows/win32/libcrypto.lib") + endif() +elseif(APPLE AND NOT IOS) + set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/macos/include") + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libcrypto.a") +elseif(LINUX) + set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/linux/include") + set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/linux/x86_64/libcrypto.a") +endif() + +set(OPENSSL_USE_STATIC_LIBS TRUE) + +include_directories( + ${OPENSSL_INCLUDE_DIR} + ${QSIMPLECRYPTO_DIR} +) + set(HEADERS ${CMAKE_CURRENT_LIST_DIR}/../../client/utilities.h + ${CMAKE_CURRENT_LIST_DIR}/../../client/secure_qsettings.h ${CMAKE_CURRENT_LIST_DIR}/../../client/core/networkUtilities.h ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc.h ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.h @@ -22,12 +61,20 @@ set(HEADERS ${CMAKE_CURRENT_LIST_DIR}/localserver.h ${CMAKE_CURRENT_LIST_DIR}/../../common/logger/logger.h ${CMAKE_CURRENT_LIST_DIR}/router.h + ${CMAKE_CURRENT_LIST_DIR}/killswitch.h ${CMAKE_CURRENT_LIST_DIR}/systemservice.h ${CMAKE_CURRENT_BINARY_DIR}/version.h + ${QSIMPLECRYPTO_DIR}/include/QAead.h + ${QSIMPLECRYPTO_DIR}/include/QBlockCipher.h + ${QSIMPLECRYPTO_DIR}/include/QRsa.h + ${QSIMPLECRYPTO_DIR}/include/QSimpleCrypto_global.h + ${QSIMPLECRYPTO_DIR}/include/QX509.h + ${QSIMPLECRYPTO_DIR}/include/QX509Store.h ) set(SOURCES ${CMAKE_CURRENT_LIST_DIR}/../../client/utilities.cpp + ${CMAKE_CURRENT_LIST_DIR}/../../client/secure_qsettings.cpp ${CMAKE_CURRENT_LIST_DIR}/../../client/core/networkUtilities.cpp ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.cpp ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserverprocess.cpp @@ -36,7 +83,13 @@ set(SOURCES ${CMAKE_CURRENT_LIST_DIR}/../../common/logger/logger.cpp ${CMAKE_CURRENT_LIST_DIR}/main.cpp ${CMAKE_CURRENT_LIST_DIR}/router.cpp + ${CMAKE_CURRENT_LIST_DIR}/killswitch.cpp ${CMAKE_CURRENT_LIST_DIR}/systemservice.cpp + ${QSIMPLECRYPTO_DIR}/sources/QAead.cpp + ${QSIMPLECRYPTO_DIR}/sources/QBlockCipher.cpp + ${QSIMPLECRYPTO_DIR}/sources/QRsa.cpp + ${QSIMPLECRYPTO_DIR}/sources/QX509.cpp + ${QSIMPLECRYPTO_DIR}/sources/QX509Store.cpp ) # Mozilla headres @@ -127,11 +180,13 @@ if(WIN32) ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/windowsutils.h ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/windowspingsender.h ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/windowsnetworkwatcher.h + ${CMAKE_CURRENT_LIST_DIR}/../../client/daemon/daemonerrors.h ) set(SOURCES ${SOURCES} ${CMAKE_CURRENT_LIST_DIR}/tapcontroller_win.cpp ${CMAKE_CURRENT_LIST_DIR}/router_win.cpp + ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/daemon/windowsdaemon.cpp ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/daemon/windowsdaemontunnel.cpp ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/windows/daemon/windowsfirewall.cpp @@ -158,6 +213,8 @@ if(WIN32) gdi32 Advapi32 Kernel32 + ${OPENSSL_LIB_CRYPTO_PATH} + qt6keychain ) add_compile_definitions(_WINSOCKAPI_) @@ -202,6 +259,9 @@ if(APPLE) ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/macos/daemon/wireguardutilsmacos.cpp ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/macos/daemon/macosfirewall.cpp ) + + set(LIBS ${OPENSSL_LIB_CRYPTO_PATH} qt6keychain) + endif() if(LINUX) @@ -232,6 +292,9 @@ if(LINUX) ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/linux/daemon/linuxroutemonitor.cpp ${CMAKE_CURRENT_SOURCE_DIR}/../../client/platforms/linux/daemon/linuxfirewall.cpp ) + + set(LIBS ${OPENSSL_LIB_CRYPTO_PATH} qt6keychain -static-libstdc++ -static-libgcc -ldl) + endif() include(${CMAKE_CURRENT_LIST_DIR}/../src/qtservice.cmake) @@ -244,6 +307,7 @@ include_directories( ${CMAKE_CURRENT_BINARY_DIR} ) + add_executable(${PROJECT} ${SOURCES} ${HEADERS}) target_link_libraries(${PROJECT} PRIVATE Qt6::Core Qt6::Widgets Qt6::Network Qt6::RemoteObjects Qt6::Core5Compat Qt6::DBus ${LIBS}) target_compile_definitions(${PROJECT} PRIVATE "MZ_$") diff --git a/service/server/killswitch.cpp b/service/server/killswitch.cpp new file mode 100644 index 00000000..d0cba03a --- /dev/null +++ b/service/server/killswitch.cpp @@ -0,0 +1,378 @@ +#include "killswitch.h" + + +#include +#include + +#include "../client/protocols/protocols_defs.h" +#include "qjsonarray.h" +#include "version.h" + +#ifdef Q_OS_WIN + #include "../client/platforms/windows/daemon/windowsfirewall.h" + #include "../client/platforms/windows/daemon/windowsdaemon.h" +#endif + +#ifdef Q_OS_LINUX + #include "../client/platforms/linux/daemon/linuxfirewall.h" +#endif + +#ifdef Q_OS_MACOS + #include "../client/platforms/macos/daemon/macosfirewall.h" +#endif + +KillSwitch* s_instance = nullptr; + +KillSwitch* KillSwitch::instance() +{ + if (s_instance == nullptr) { + s_instance = new KillSwitch(qApp); + } + return s_instance; +} + +bool KillSwitch::init() +{ +#ifdef Q_OS_LINUX + if (!LinuxFirewall::isInstalled()) { + LinuxFirewall::install(); + } + m_appSettigns = QSharedPointer(new SecureQSettings(ORGANIZATION_NAME, APPLICATION_NAME, nullptr)); +#endif +#ifdef Q_OS_MACOS + if (!MacOSFirewall::isInstalled()) { + MacOSFirewall::install(); + } + m_appSettigns = QSharedPointer(new SecureQSettings(ORGANIZATION_NAME, APPLICATION_NAME, nullptr)); +#endif + if (isStrictKillSwitchEnabled()) { + return disableAllTraffic(); + } + + return true; +} + +bool KillSwitch::refresh(bool enabled) +{ +#ifdef Q_OS_WIN + QSettings RegHLM("HKEY_LOCAL_MACHINE\\Software\\" + QString(ORGANIZATION_NAME) + + "\\" + QString(APPLICATION_NAME), QSettings::NativeFormat); + RegHLM.setValue("strictKillSwitchEnabled", enabled); +#endif + +#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) + m_appSettigns->setValue("Conf/strictKillSwitchEnabled", enabled); +#endif + + if (isStrictKillSwitchEnabled()) { + return disableAllTraffic(); + } else { + return disableKillSwitch(); + } + +} + +bool KillSwitch::isStrictKillSwitchEnabled() +{ +#ifdef Q_OS_WIN + QSettings RegHLM("HKEY_LOCAL_MACHINE\\Software\\" + QString(ORGANIZATION_NAME) + + "\\" + QString(APPLICATION_NAME), QSettings::NativeFormat); + return RegHLM.value("strictKillSwitchEnabled", false).toBool(); +#endif + m_appSettigns->sync(); + return m_appSettigns->value("Conf/strictKillSwitchEnabled", false).toBool(); +} + +bool KillSwitch::disableKillSwitch() { +#ifdef Q_OS_LINUX + if (isStrictKillSwitchEnabled()) { + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), false); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), false); + } else { + LinuxFirewall::uninstall(); + } +#endif + +#ifdef Q_OS_MACOS + if (isStrictKillSwitchEnabled()) { + MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), false); + MacOSFirewall::setAnchorEnabled(QStringLiteral("120.blockNets"), false); + MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), false); + MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), false); + MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), false); + MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), false); + } else { + MacOSFirewall::uninstall(); + } +#endif + +#ifdef Q_OS_WIN + if (isStrictKillSwitchEnabled()) { + return disableAllTraffic(); + } + return WindowsFirewall::create(this)->allowAllTraffic(); +#endif + + m_allowedRanges.clear(); + return true; +} + +bool KillSwitch::disableAllTraffic() { +#ifdef Q_OS_WIN + WindowsFirewall::create(this)->enableInterface(-1); +#endif +#ifdef Q_OS_LINUX + if (!LinuxFirewall::isInstalled()) { + LinuxFirewall::install(); + } + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); +#endif +#ifdef Q_OS_MACOS + // double-check + ensure our firewall is installed and enabled. This is necessary as + // other software may disable pfctl before re-enabling with their own rules (e.g other VPNs) + if (!MacOSFirewall::isInstalled()) + MacOSFirewall::install(); + MacOSFirewall::ensureRootAnchorPriority(); + MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); +#endif + m_allowedRanges.clear(); + return true; +} + +bool KillSwitch::resetAllowedRange(const QStringList &ranges) { + + m_allowedRanges = ranges; + +#ifdef Q_OS_LINUX + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), true); + LinuxFirewall::updateAllowNets(m_allowedRanges); +#endif + +#ifdef Q_OS_MACOS + MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), true); + MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), true, QStringLiteral("allownets"), m_allowedRanges); +#endif + +#ifdef Q_OS_WIN + if (isStrictKillSwitchEnabled()) { + WindowsFirewall::create(this)->enableInterface(-1); + } + WindowsFirewall::create(this)->allowTrafficRange(m_allowedRanges); +#endif + + return true; +} + +bool KillSwitch::addAllowedRange(const QStringList &ranges) { + for (const QString &range : ranges) { + if (!range.isEmpty() && !m_allowedRanges.contains(range)) { + m_allowedRanges.append(range); + } + } + + return resetAllowedRange(m_allowedRanges); +} + +bool KillSwitch::enablePeerTraffic(const QJsonObject &configStr) { +#ifdef Q_OS_WIN + InterfaceConfig config; + + config.m_primaryDnsServer = configStr.value(amnezia::config_key::dns1).toString(); + + // We don't use secondary DNS if primary DNS is AmneziaDNS + if (!config.m_primaryDnsServer.contains(amnezia::protocols::dns::amneziaDnsIp)) { + config.m_secondaryDnsServer = configStr.value(amnezia::config_key::dns2).toString(); + } + + config.m_serverPublicKey = "openvpn"; + config.m_serverIpv4Gateway = configStr.value("vpnGateway").toString(); + config.m_serverIpv4AddrIn = configStr.value("vpnServer").toString(); + int vpnAdapterIndex = configStr.value("vpnAdapterIndex").toInt(); + int inetAdapterIndex = configStr.value("inetAdapterIndex").toInt(); + + int splitTunnelType = configStr.value("splitTunnelType").toInt(); + QJsonArray splitTunnelSites = configStr.value("splitTunnelSites").toArray(); + + // Use APP split tunnel + if (splitTunnelType == 0 || splitTunnelType == 2) { + config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress("0.0.0.0"), 0)); + config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress("::"), 0)); + } + + if (splitTunnelType == 1) { + for (auto v : splitTunnelSites) { + QString ipRange = v.toString(); + if (ipRange.split('/').size() > 1) { + config.m_allowedIPAddressRanges.append( + IPAddress(QHostAddress(ipRange.split('/')[0]), atoi(ipRange.split('/')[1].toLocal8Bit()))); + } else { + config.m_allowedIPAddressRanges.append(IPAddress(QHostAddress(ipRange), 32)); + } + } + } + + config.m_excludedAddresses.append(configStr.value("vpnServer").toString()); + if (splitTunnelType == 2) { + for (auto v : splitTunnelSites) { + QString ipRange = v.toString(); + config.m_excludedAddresses.append(ipRange); + } + } + + for (const QJsonValue &i : configStr.value(amnezia::config_key::splitTunnelApps).toArray()) { + if (!i.isString()) { + break; + } + config.m_vpnDisabledApps.append(i.toString()); + } + + for (auto dns : configStr.value(amnezia::config_key::allowedDnsServers).toArray()) { + if (!dns.isString()) { + break; + } + config.m_allowedDnsServers.append(dns.toString()); + } + + // killSwitch toggle + if (QVariant(configStr.value(amnezia::config_key::killSwitchOption).toString()).toBool()) { + WindowsFirewall::create(this)->enablePeerTraffic(config); + } + + WindowsDaemon::instance()->prepareActivation(config, inetAdapterIndex); + WindowsDaemon::instance()->activateSplitTunnel(config, vpnAdapterIndex); +#endif + return true; +} + +bool KillSwitch::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterIndex) { +#ifdef Q_OS_WIN + if (configStr.value("splitTunnelType").toInt() != 0) { + WindowsFirewall::create(this)->allowAllTraffic(); + } + return WindowsFirewall::create(this)->enableInterface(vpnAdapterIndex); +#endif + +#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) + int splitTunnelType = configStr.value("splitTunnelType").toInt(); + QJsonArray splitTunnelSites = configStr.value("splitTunnelSites").toArray(); + bool blockAll = 0; + bool allowNets = 0; + bool blockNets = 0; + QStringList allownets; + QStringList blocknets; + + if (splitTunnelType == 0) { + blockAll = true; + allowNets = true; + allownets.append(configStr.value("vpnServer").toString()); + } else if (splitTunnelType == 1) { + blockNets = true; + for (auto v : splitTunnelSites) { + blocknets.append(v.toString()); + } + } else if (splitTunnelType == 2) { + blockAll = true; + allowNets = true; + allownets.append(configStr.value("vpnServer").toString()); + for (auto v : splitTunnelSites) { + allownets.append(v.toString()); + } + } +#endif + +#ifdef Q_OS_LINUX + if (!LinuxFirewall::isInstalled()) { + LinuxFirewall::install(); + } + + // double-check + ensure our firewall is installed and enabled + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("000.allowLoopback"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("100.blockAll"), blockAll); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), allowNets); + LinuxFirewall::updateAllowNets(allownets); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("120.blockNets"), blockAll); + LinuxFirewall::updateBlockNets(blocknets); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("200.allowVPN"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv6, QStringLiteral("250.blockIPv6"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("290.allowDHCP"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("300.allowLAN"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("310.blockDNS"), true); + QStringList dnsServers; + + dnsServers.append(configStr.value(amnezia::config_key::dns1).toString()); + + // We don't use secondary DNS if primary DNS is AmneziaDNS + if (!configStr.value(amnezia::config_key::dns1).toString().contains(amnezia::protocols::dns::amneziaDnsIp)) { + dnsServers.append(configStr.value(amnezia::config_key::dns2).toString()); + } + + dnsServers.append("127.0.0.1"); + dnsServers.append("127.0.0.53"); + + for (auto dns : configStr.value(amnezia::config_key::allowedDnsServers).toArray()) { + if (!dns.isString()) { + break; + } + dnsServers.append(dns.toString()); + } + + LinuxFirewall::updateDNSServers(dnsServers); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("320.allowDNS"), true); + LinuxFirewall::setAnchorEnabled(LinuxFirewall::Both, QStringLiteral("400.allowPIA"), true); +#endif + +#ifdef Q_OS_MACOS + // double-check + ensure our firewall is installed and enabled. This is necessary as + // other software may disable pfctl before re-enabling with their own rules (e.g other VPNs) + if (!MacOSFirewall::isInstalled()) + MacOSFirewall::install(); + + MacOSFirewall::ensureRootAnchorPriority(); + MacOSFirewall::setAnchorEnabled(QStringLiteral("000.allowLoopback"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("100.blockAll"), blockAll); + MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), allowNets); + MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), allowNets, QStringLiteral("allownets"), allownets); + + MacOSFirewall::setAnchorEnabled(QStringLiteral("120.blockNets"), blockNets); + MacOSFirewall::setAnchorTable(QStringLiteral("120.blockNets"), blockNets, QStringLiteral("blocknets"), blocknets); + MacOSFirewall::setAnchorEnabled(QStringLiteral("200.allowVPN"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("250.blockIPv6"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("290.allowDHCP"), true); + MacOSFirewall::setAnchorEnabled(QStringLiteral("300.allowLAN"), true); + + QStringList dnsServers; + dnsServers.append(configStr.value(amnezia::config_key::dns1).toString()); + + // We don't use secondary DNS if primary DNS is AmneziaDNS + if (!configStr.value(amnezia::config_key::dns1).toString().contains(amnezia::protocols::dns::amneziaDnsIp)) { + dnsServers.append(configStr.value(amnezia::config_key::dns2).toString()); + } + + for (auto dns : configStr.value(amnezia::config_key::allowedDnsServers).toArray()) { + if (!dns.isString()) { + break; + } + dnsServers.append(dns.toString()); + } + + MacOSFirewall::setAnchorEnabled(QStringLiteral("310.blockDNS"), true); + MacOSFirewall::setAnchorTable(QStringLiteral("310.blockDNS"), true, QStringLiteral("dnsaddr"), dnsServers); +#endif + return true; +} diff --git a/service/server/killswitch.h b/service/server/killswitch.h new file mode 100644 index 00000000..519e2ed2 --- /dev/null +++ b/service/server/killswitch.h @@ -0,0 +1,31 @@ +#ifndef KILLSWITCH_H +#define KILLSWITCH_H + +#include +#include + +#include "secure_qsettings.h" + +class KillSwitch : public QObject +{ + Q_OBJECT +public: + static KillSwitch *instance(); + bool init(); + bool refresh(bool enabled); + bool disableKillSwitch(); + bool disableAllTraffic(); + bool enablePeerTraffic(const QJsonObject &configStr); + bool enableKillSwitch(const QJsonObject &configStr, int vpnAdapterIndex); + bool resetAllowedRange(const QStringList &ranges); + bool addAllowedRange(const QStringList &ranges); + bool isStrictKillSwitchEnabled(); + +private: + KillSwitch(QObject* parent) {}; + QStringList m_allowedRanges; + QSharedPointer m_appSettigns; + +}; + +#endif // KILLSWITCH_H diff --git a/service/server/localserver.cpp b/service/server/localserver.cpp index 8a5079cb..4f005a59 100644 --- a/service/server/localserver.cpp +++ b/service/server/localserver.cpp @@ -5,13 +5,12 @@ #include "ipc.h" #include "localserver.h" -#include "utilities.h" -#include "router.h" +#include "killswitch.h" #include "logger.h" #ifdef Q_OS_WIN -#include "tapcontroller_win.h" + #include "tapcontroller_win.h" #endif namespace { @@ -47,6 +46,8 @@ LocalServer::LocalServer(QObject *parent) : QObject(parent), return; } + KillSwitch::instance()->init(); + #ifdef Q_OS_LINUX // Signal handling for a proper shutdown. QObject::connect(qApp, &QCoreApplication::aboutToQuit, diff --git a/service/server/router_linux.cpp b/service/server/router_linux.cpp index fb7a108c..852c878f 100644 --- a/service/server/router_linux.cpp +++ b/service/server/router_linux.cpp @@ -152,21 +152,29 @@ bool RouterLinux::routeDeleteList(const QString &gw, const QStringList &ips) return cnt; } +bool RouterLinux::isServiceActive(const QString &serviceName) { + QProcess process; + process.start("systemctl", { "is-active", "--quiet", serviceName }); + process.waitForFinished(); + + return process.exitCode() == 0; +} + void RouterLinux::flushDns() { QProcess p; p.setProcessChannelMode(QProcess::MergedChannels); //check what the dns manager use - if (QFileInfo::exists("/usr/bin/nscd") - || QFileInfo::exists("/usr/sbin/nscd") - || QFileInfo::exists("/usr/lib/systemd/system/nscd.service")) - { - p.start("systemctl restart nscd"); - } - else - { - p.start("systemctl restart systemd-resolved"); + if (isServiceActive("nscd.service")) { + qDebug() << "Restarting nscd.service"; + p.start("systemctl", { "restart", "nscd" }); + } else if (isServiceActive("systemd-resolved.service")) { + qDebug() << "Restarting systemd-resolved.service"; + p.start("systemctl", { "restart", "systemd-resolved" }); + } else { + qDebug() << "No suitable DNS manager found."; + return; } p.waitForFinished(); diff --git a/service/server/router_linux.h b/service/server/router_linux.h index 04a26fd2..2094f596 100644 --- a/service/server/router_linux.h +++ b/service/server/router_linux.h @@ -43,6 +43,7 @@ private: RouterLinux(RouterLinux const &) = delete; RouterLinux& operator= (RouterLinux const&) = delete; + bool isServiceActive(const QString &serviceName); QList m_addedRoutes; DnsUtilsLinux *m_dnsUtil; };