Merge branch 'dev' of github-amnezia:amnezia-vpn/amnezia-client into HEAD

client/core/utils/api/apiUtils.cpp

@@ -84,15 +84,14 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
     const int httpStatusCodeNotFound = 404;
     const int httpStatusCodeNotImplemented = 501;
     const int httpStatusCodePaymentRequired = 402;
+    const int httpStatusCodeTooManyRequests = 429;
+    const int httpStatusCodeRequestTimeout = 408;
     const int httpStatusCodeUnprocessableEntity = 422;
 
     if (!sslErrors.empty()) {
         qDebug().noquote() << sslErrors;
         return amnezia::ErrorCode::ApiConfigSslError;
     }
-    if (replyError == QNetworkReply::NoError) {
-        return amnezia::ErrorCode::NoError;
-    }
     if (replyError == QNetworkReply::NetworkError::OperationCanceledError
         || replyError == QNetworkReply::NetworkError::TimeoutError) {
         qDebug() << replyError;
@@ -107,6 +106,10 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
     if (jsonDoc.isObject()) {
         QJsonObject jsonObj = jsonDoc.object();
         const int httpStatusFromBody = jsonObj.value(QStringLiteral("http_status")).toInt(-1);
+
+        if (httpStatusFromBody == httpStatusCodeTooManyRequests) {
+            return amnezia::ErrorCode::ApiRateLimitError;
+        }
         if (httpStatusFromBody == httpStatusCodeConflict) {
             if (apiErrorMessageFromJson(jsonObj).contains(trialAlreadyUsedMessage, Qt::CaseInsensitive)) {
                 return amnezia::ErrorCode::ApiTrialAlreadyUsedError;
@@ -116,6 +119,9 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
         if (httpStatusFromBody == httpStatusCodeNotFound) {
             return amnezia::ErrorCode::ApiNotFoundError;
         }
+        if (httpStatusFromBody == httpStatusCodeRequestTimeout) {
+            return amnezia::ErrorCode::ApiConfigTimeoutError;
+        }
         if (httpStatusFromBody == httpStatusCodeNotImplemented) {
             return amnezia::ErrorCode::ApiUpdateRequestError;
         }
@@ -126,9 +132,28 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
             return amnezia::ErrorCode::ApiConfigDownloadError;
         }
         if (httpStatusFromBody == httpStatusCodePaymentRequired) {
+            const QString message = apiErrorMessageFromJson(jsonObj);
+            if (message.contains(QLatin1String("refresh_captcha"), Qt::CaseInsensitive)) {
+                return amnezia::ErrorCode::ApiCaptchaRefreshError;
+            }
+            if (message.contains(QLatin1String("invalid_captcha"), Qt::CaseInsensitive)) {
+                return amnezia::ErrorCode::ApiCaptchaInvalidError;
+            }
+            if (jsonObj.contains(QStringLiteral("captcha_id")) || jsonObj.contains(QStringLiteral("captcha_image"))
+                || message.compare(QLatin1String("rate_limit_exceeded"), Qt::CaseInsensitive) == 0
+                || message.contains(QLatin1String("rate_limit_exceeded"), Qt::CaseInsensitive)) {
+                return amnezia::ErrorCode::ApiCaptchaRequiredError;
+            }
             return amnezia::ErrorCode::ApiSubscriptionNotActiveError;
         }
-        return amnezia::ErrorCode::ApiConfigDownloadError;
+
+        if (httpStatusFromBody >= 300) {
+            return amnezia::ErrorCode::ApiConfigDownloadError;
+        }
+    }
+
+    if (replyError == QNetworkReply::NoError) {
+        return amnezia::ErrorCode::NoError;
     }
 
     qDebug() << "something went wrong";

client/core/utils/errorCodes.h

@@ -35,6 +35,9 @@ namespace amnezia
         ServerCgroupMountpoint = 212,
         DockerPullRateLimit = 213,
         ServerLinuxKernelTooOld = 214,
+        XrayServerConfigInvalid = 215,
+        XrayServerNoVlessClients = 216,
+        XrayRealityKeysReadFailed = 217,
 
         // Ssh connection errors
         SshRequestDeniedError = 300,
@@ -98,6 +101,10 @@ namespace amnezia
         ApiSubscriptionNotActiveError = 1114,
         ApiNoPurchasedSubscriptionsError = 1115,
         ApiTrialAlreadyUsedError = 1116,
+        ApiCaptchaRequiredError = 1117,
+        ApiCaptchaInvalidError = 1118,
+        ApiCaptchaRefreshError = 1119,
+        ApiRateLimitError = 1120,
 
         // QFile errors
         OpenError = 1200,

client/core/utils/errorStrings.cpp

@@ -30,6 +30,15 @@ QString errorString(ErrorCode code) {
     case(ErrorCode::ServerCgroupMountpoint): errorMessage = QObject::tr("Server error: cgroup mountpoint does not exist"); break;
     case(ErrorCode::DockerPullRateLimit): errorMessage = QObject::tr("Docker error: The pull rate limit has been reached"); break;
     case(ErrorCode::ServerLinuxKernelTooOld): errorMessage = QObject::tr("Server error: Linux kernel is too old"); break;
+    case(ErrorCode::XrayServerConfigInvalid):
+        errorMessage = QObject::tr("Server error: invalid or unreadable XRay server configuration");
+        break;
+    case(ErrorCode::XrayServerNoVlessClients):
+        errorMessage = QObject::tr("Server error: XRay server has no VLESS clients");
+        break;
+    case(ErrorCode::XrayRealityKeysReadFailed):
+        errorMessage = QObject::tr("Server error: failed to read XRay Reality keys from the server");
+        break;
 
     // Libssh errors
     case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break;
@@ -84,6 +93,10 @@ QString errorString(ErrorCode code) {
     case (ErrorCode::ApiSubscriptionNotActiveError): errorMessage = QObject::tr("No active subscription found"); break;
     case (ErrorCode::ApiNoPurchasedSubscriptionsError): errorMessage = QObject::tr("No purchased subscriptions found. Please purchase a subscription first"); break;
     case (ErrorCode::ApiTrialAlreadyUsedError): errorMessage = QObject::tr("This email address has already been used to activate a trial"); break;
+    case (ErrorCode::ApiCaptchaRequiredError): errorMessage = QObject::tr("CAPTCHA verification is required"); break;
+    case (ErrorCode::ApiCaptchaInvalidError): errorMessage = QObject::tr("CAPTCHA was incorrect. Please try again"); break;
+    case (ErrorCode::ApiCaptchaRefreshError): errorMessage = QObject::tr("CAPTCHA refreshed. Please try again"); break;
+    case (ErrorCode::ApiRateLimitError): errorMessage = QObject::tr("Too many requests. Please try again later"); break;
 
     // QFile errors
     case(ErrorCode::OpenError): errorMessage = QObject::tr("QFile error: The file could not be opened"); break;

client/core/utils/selfhosted/scriptsRegistry.cpp

@@ -295,6 +295,8 @@ amnezia::ScriptVars amnezia::genMtProxyVars(const ContainerConfig &containerConf
 
         vars.append({{"$MTPROXY_PORT", c.port.isEmpty() ? QString(protocols::mtProxy::defaultPort) : c.port}});
         vars.append({{"$MTPROXY_SECRET", c.secret}});
+        vars.append({{"$MTPROXY_REGENERATE_SECRET",
+                      c.secret.isEmpty() ? QStringLiteral("1") : QStringLiteral("0")}});
         vars.append({{"$MTPROXY_TAG", c.tag}});
         vars.append({{"$MTPROXY_TRANSPORT_MODE",
                       c.transportMode.isEmpty() ? QString(protocols::mtProxy::transportModeStandard)
@@ -350,6 +352,8 @@ amnezia::ScriptVars amnezia::genTelemtVars(const ContainerConfig &containerConfi
         vars.append({ { "$TELEMT_TOML_TLS", faketls ? QLatin1String("true") : QLatin1String("false") } });
         vars.append({ { "$TELEMT_PORT", c.port.isEmpty() ? QString(protocols::telemt::defaultPort) : c.port } });
         vars.append({ { "$TELEMT_SECRET", c.secret } });
+        vars.append({ { "$TELEMT_REGENERATE_SECRET",
+                         c.secret.isEmpty() ? QStringLiteral("1") : QStringLiteral("0") } });
         vars.append({ { "$TELEMT_TAG", c.tag } });
         QString tlsDomain = c.tlsDomain;
         if (tlsDomain.isEmpty()) {