DNS container with EmerCoin DNS support

RegExp validators fix
WireGuard protocol fix
2026-06-20 02:00:55 +07:00 · 2022-01-03 18:30:53 +03:00 · 2021-12-25 23:01:53 +03:00 · 2021-12-25 21:14:55 +03:00 · 2021-12-22 13:41:09 +03:00 · 2021-12-21 02:57:23 +03:00
24 changed files with 169 additions and 201 deletions
@@ -11,7 +11,7 @@ win32 {
       -lcrypt32 \

   !contains(QMAKE_TARGET.arch, x86_64) {
-      INCLUDEPATH += $$PWD/windows/x86_64
+      INCLUDEPATH += $$PWD/windows/x86
      HEADERS += $$PWD/windows/x86/botan_all.h
      SOURCES += $$PWD/windows/x86/botan_all.cpp
   }
@@ -940,8 +940,8 @@ void SshConnectionPrivate::connectToHost()
            this, &SshConnectionPrivate::handleSocketConnected);
    connect(m_socket, &QIODevice::readyRead,
            this, &SshConnectionPrivate::handleIncomingData);
-    connect(m_socket, SIGNAL(error(QAbstractSocket::SocketError)), this,
-        SLOT(handleSocketError()));
+    connect(m_socket, &QAbstractSocket::errorOccurred,
+            this, &SshConnectionPrivate::handleSocketError);
    connect(m_socket, &QAbstractSocket::disconnected,
            this, &SshConnectionPrivate::handleSocketDisconnected);
    connect(&m_timeoutTimer, &QTimer::timeout, this, &SshConnectionPrivate::handleTimeout);
@@ -103,7 +103,7 @@ android {
        minSdkVersion = 24
        targetSdkVersion = 30
        versionCode 6 // Change to a higher number
-        versionName "2.0.6" // Change to a higher number
+        versionName "2.0.7" // Change to a higher number
    }

   buildTypes {
@@ -146,12 +146,14 @@ win32 {
    RC_FILE = platform_win/vpnclient.rc

    HEADERS += \
-       ui/framelesswindow.h \
+       protocols/ikev2_vpn_protocol_windows.h \
+       ui/framelesswindow.h

    SOURCES += \
+       protocols/ikev2_vpn_protocol_windows.cpp \
       ui/framelesswindow.cpp

-    VERSION = 1.0.0.0
+    VERSION = 2.0.0.0
    QMAKE_TARGET_COMPANY = "AmneziaVPN"
    QMAKE_TARGET_PRODUCT = "AmneziaVPN"

@@ -202,7 +204,6 @@ win32|macx|linux:!android {
   HEADERS  += \
      ui/systemtray_notificationhandler.h \
      protocols/openvpnprotocol.h \
-      protocols/ikev2_vpn_protocol.h \
      protocols/openvpnovercloakprotocol.h \
      protocols/shadowsocksvpnprotocol.h \
      protocols/wireguardprotocol.h \
@@ -210,7 +211,6 @@ win32|macx|linux:!android {
   SOURCES  += \
      ui/systemtray_notificationhandler.cpp \
      protocols/openvpnprotocol.cpp \
-      protocols/ikev2_vpn_protocol.cpp \
      protocols/openvpnovercloakprotocol.cpp \
      protocols/shadowsocksvpnprotocol.cpp \
      protocols/wireguardprotocol.cpp \
@@ -50,7 +50,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
 }

 WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials,
-    DockerContainer container, ErrorCode *errorCode)
+    DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode)
 {
    WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys();
    connData.host = credentials.hostName;
@@ -61,6 +61,49 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
    }

    ErrorCode e = ErrorCode::NoError;
+
+    // Get list of already created clients (only IP addreses)
+    QString nextIpNumber;
+    {
+        QString script = QString("cat %1 | grep AllowedIPs").arg(amnezia::protocols::wireguard::serverConfigPath);
+        QString stdOut;
+        auto cbReadStdOut = [&](const QString &data, QSharedPointer<QSsh::SshRemoteProcess> proc) {
+            stdOut += data + "\n";
+        };
+
+        ServerController::runContainerScript(credentials, container, script, cbReadStdOut);
+        stdOut.replace("AllowedIPs = ", "");
+        stdOut.replace("/32", "");
+        QStringList ips = stdOut.split("\n", Qt::SkipEmptyParts);
+
+        // Calc next IP address
+        if (ips.isEmpty()) {
+            nextIpNumber = "2";
+        }
+        else {
+            int next = ips.last().split(".").last().toInt() + 1;
+            if (next > 254) {
+                if (errorCode) *errorCode = ErrorCode::AddressPoolError;
+                return connData;
+            }
+            nextIpNumber = QString::number(next);
+        }
+    }
+
+    QString subnetIp = containerConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress);
+    {
+        QStringList l = subnetIp.split(".", Qt::SkipEmptyParts);
+        if (l.isEmpty()) {
+            if (errorCode) *errorCode = ErrorCode::AddressPoolError;
+            return connData;
+        }
+        l.removeLast();
+        l.append(nextIpNumber);
+
+        connData.clientIP = l.join(".");
+    }
+
+    // Get keys
    connData.serverPubKey = ServerController::getTextFileFromContainer(container, credentials, amnezia::protocols::wireguard::serverPublicKeyPath, &e);
    connData.serverPubKey.replace("\n", "");
    if (e) {
@@ -76,18 +119,15 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
        return connData;
    }

-
+    // Add client to config
    QString configPart = QString(
        "[Peer]\n"
        "PublicKey = %1\n"
        "PresharedKey = %2\n"
-        "AllowedIPs = $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR\n\n").
+        "AllowedIPs = %3/32\n\n").
            arg(connData.clientPubKey).
-            arg(connData.pskKey);
-
-    configPart = ServerController::replaceVars(configPart, ServerController::genVarsForScript(credentials, container));
-
-    qDebug().noquote() << "Adding wg conf part to server" << configPart;
+            arg(connData.pskKey).
+            arg(connData.clientIP);

    e = ServerController::uploadTextFileToContainer(container, credentials, configPart,
        protocols::wireguard::serverConfigPath, QSsh::SftpOverwriteMode::SftpAppendToExisting);
@@ -116,12 +156,13 @@ QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &crede
    QString config = ServerController::replaceVars(amnezia::scriptData(ProtocolScriptType::wireguard_template, container),
            ServerController::genVarsForScript(credentials, container, containerConfig));

-    ConnectionData connData = prepareWireguardConfig(credentials, container, errorCode);
+    ConnectionData connData = prepareWireguardConfig(credentials, container, containerConfig, errorCode);
    if (errorCode && *errorCode) {
        return "";
    }

    config.replace("$WIREGUARD_CLIENT_PRIVATE_KEY", connData.clientPrivKey);
+    config.replace("$WIREGUARD_CLIENT_IP", connData.clientIP);
    config.replace("$WIREGUARD_SERVER_PUBLIC_KEY", connData.serverPubKey);
    config.replace("$WIREGUARD_PSK", connData.pskKey);

@@ -130,6 +171,7 @@ QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &crede

    jConfig[config_key::hostName] = connData.host;
    jConfig[config_key::client_priv_key] = connData.clientPrivKey;
+    jConfig[config_key::client_ip] = connData.clientIP;
    jConfig[config_key::client_pub_key] = connData.clientPubKey;
    jConfig[config_key::psk_key] = connData.pskKey;
    jConfig[config_key::server_pub_key] = connData.serverPubKey;
@@ -15,6 +15,7 @@ public:
    struct ConnectionData {
        QString clientPrivKey; // client private key
        QString clientPubKey; // client public key
+        QString clientIP; // internal client IP address
        QString serverPubKey; // tls-auth key
        QString pskKey; // preshared key
        QString host; // host ip
@@ -29,7 +30,7 @@ public:

 private:
    static ConnectionData prepareWireguardConfig(const ServerCredentials &credentials,
-        DockerContainer container, ErrorCode *errorCode = nullptr);
+        DockerContainer container, const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);

    static ConnectionData genClientKeys();

@@ -60,6 +60,7 @@ enum ErrorCode
    OpenVpnAdaptersInUseError,
    OpenVpnUnknownError,
    OpenVpnTapAdapterError,
+    AddressPoolError,

    // 3rd party utils errors
    OpenSslFailed,
@@ -45,6 +45,7 @@ QString errorString(ErrorCode code){
    // VPN errors
    case (OpenVpnAdaptersInUseError): return QObject::tr("Can't connect: another VPN connection is active");
    case (OpenVpnTapAdapterError): return QObject::tr("Can't setup OpenVPN TAP network adapter");
+    case (AddressPoolError): return QObject::tr("VPN pool error: no available addresses");

    case(InternalError):
    default:
@@ -165,8 +165,9 @@ ErrorCode ServerController::uploadTextFileToContainer(DockerContainer container,
    };

    // mkdir
-    QFileInfo fi(path);
-    QString mkdir = "sudo docker exec -i $CONTAINER_NAME mkdir -p  " + fi.absoluteDir().absolutePath();
+    QString mkdir = QString("sudo docker exec -i $CONTAINER_NAME mkdir -p  \"$(dirname %1)\"")
+            .arg(path);
+
    e = runScript(credentials,
        replaceVars(mkdir, genVarsForScript(credentials, container)));
    if (e) return e;
@@ -477,8 +478,10 @@ QJsonObject ServerController::createContainerInitialConfig(DockerContainer conta

 bool ServerController::isReinstallContainerRequred(DockerContainer container, const QJsonObject &oldConfig, const QJsonObject &newConfig)
 {
-    const QJsonObject &oldProtoConfig = oldConfig[ContainerProps::containerToString(container)].toObject();
-    const QJsonObject &newProtoConfig = newConfig[ContainerProps::containerToString(container)].toObject();
+    Proto mainProto = ContainerProps::defaultProtocol(container);
+
+    const QJsonObject &oldProtoConfig = oldConfig.value(ProtocolProps::protoToString(mainProto)).toObject();
+    const QJsonObject &newProtoConfig = newConfig.value(ProtocolProps::protoToString(mainProto)).toObject();

    if (container == DockerContainer::OpenVpn) {
        if (oldProtoConfig.value(config_key::transport_proto).toString(protocols::openvpn::defaultTransportProto) !=
@@ -666,9 +669,9 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
    vars.append({{"$FAKE_WEB_SITE_ADDRESS", cloakConfig.value(config_key::site).toString(protocols::cloak::defaultRedirSite) }});

    // Wireguard vars
-    vars.append({{"$WIREGUARD_SUBNET_IP", openvpnConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) }});
-    vars.append({{"$WIREGUARD_SUBNET_CIDR", openvpnConfig.value(config_key::subnet_cidr).toString(protocols::wireguard::defaultSubnetCidr) }});
-    vars.append({{"$WIREGUARD_SUBNET_MASK", openvpnConfig.value(config_key::subnet_mask).toString(protocols::wireguard::defaultSubnetMask) }});
+    vars.append({{"$WIREGUARD_SUBNET_IP", wireguarConfig.value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress) }});
+    vars.append({{"$WIREGUARD_SUBNET_CIDR", wireguarConfig.value(config_key::subnet_cidr).toString(protocols::wireguard::defaultSubnetCidr) }});
+    vars.append({{"$WIREGUARD_SUBNET_MASK", wireguarConfig.value(config_key::subnet_mask).toString(protocols::wireguard::defaultSubnetMask) }});

    vars.append({{"$WIREGUARD_SERVER_PORT", wireguarConfig.value(config_key::port).toString(protocols::wireguard::defaultPort) }});

@@ -4,7 +4,7 @@
 #define APPLICATION_NAME    "AmneziaVPN"
 #define SERVICE_NAME        "AmneziaVPN-service"
 #define ORGANIZATION_NAME   "AmneziaVPN.ORG"
-#define APP_MAJOR_VERSION   "2.0.6"
-#define APP_VERSION         "2.0.6.0"
+#define APP_MAJOR_VERSION   "2.0.7"
+#define APP_VERSION         "2.0.7.0"

 #endif // DEFINES_H
@@ -1,14 +1,13 @@
 #include <QCoreApplication>
 #include <QFileInfo>
 #include <QProcess>
-//#include <QRegularExpression>
-//#include <QTcpSocket>
+
 #include <QThread>

 #include <chrono>

 #include "debug.h"
-#include "ikev2_vpn_protocol.h"
+#include "ikev2_vpn_protocol_windows.h"
 #include "utils.h"

 static Ikev2Protocol* self = nullptr;
@@ -24,23 +23,19 @@ Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent)
    VpnProtocol(configuration, parent)
 {
    self = this;
-    //m_configFile.setFileTemplate(QDir::tempPath() + QDir::separator() + serviceName() + ".conf");
    readIkev2Configuration(configuration);
 }

 Ikev2Protocol::~Ikev2Protocol()
 {
    qDebug() << "IpsecProtocol::~IpsecProtocol()";
-#ifdef Q_OS_WIN
    disconnect_vpn();
-#endif
    Ikev2Protocol::stop();
 }

 void Ikev2Protocol::stop()
 {
    setConnectionState(VpnProtocol::Disconnecting);
-#ifdef Q_OS_WINDOWS
    {
        if (! disconnect_vpn() ){
            qDebug()<<"We don't disconnect";
@@ -50,7 +45,6 @@ void Ikev2Protocol::stop()
            setConnectionState(VpnProtocol::Disconnected);
        }
    }
-#endif
 }

 void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE rasconnstate, DWORD dwError)
@@ -60,181 +54,117 @@ void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE
    switch (rasconnstate)
    {
    case RASCS_OpenPort:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_OpenPort = %d\n", _connection_state);
-        //printf ("Opening port...\n");
        break;
    case RASCS_PortOpened:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_PortOpened = %d\n", _connection_state);
-        //printf ("Port opened.\n");
        break;
    case RASCS_ConnectDevice:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_ConnectDevice = %d\n", _connection_state);
-        //printf ("Connecting device...\n");
        break;
    case RASCS_DeviceConnected:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_DeviceConnected = %d\n", _connection_state);
-        //printf ("Device connected.\n");
        break;
    case RASCS_AllDevicesConnected:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_AllDevicesConnected = %d\n", _connection_state);
-        //printf ("All devices connected.\n");
        break;
    case RASCS_Authenticate:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_Authenticate = %d\n", _connection_state);
-        // printf ("Authenticating...\n");
        break;
    case RASCS_AuthNotify:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        if (dwError != 0) {
-            qDebug() << "have error" << dwError;
+            //qDebug() << "have error" << dwError;
            setConnectionState(Disconnected);
        } else {
-            qDebug() << "RASCS_AuthNotify but no error" << dwError;
+            //qDebug() << "RASCS_AuthNotify but no error" << dwError;
        }
-        //printf ("RASCS_AuthNotify = %d\n", _connection_state);
-        // printf ("Authentication notify.\n");
        break;
    case RASCS_AuthRetry:
-        qDebug()<<__FUNCTION__ << __LINE__;
+        //qDebug()<<__FUNCTION__ << __LINE__;
        setConnectionState(Preparing);
-        //printf ("RASCS_AuthRetry = %d\n", _connection_state);
-        //printf ("Retrying authentication...\n");
        break;
    case RASCS_AuthCallback:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_AuthCallback = %d\n", _connection_state);
-        //printf ("Authentication callback...\n");
        break;
    case RASCS_AuthChangePassword:
        qDebug()<<__FUNCTION__ << __LINE__;
-        // printf ("RASCS_AuthChangePassword = %d\n", _connection_state);
-        //printf ("Change password...\n");
        break;
    case RASCS_AuthProject:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_AuthProject = %d\n", _connection_state);
-        //printf ("Projection phase started...\n");
        break;
    case RASCS_AuthLinkSpeed:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_AuthLinkSpeed = %d\n", _connection_state);
-        //printf ("Negoting speed...\n");
        break;
    case RASCS_AuthAck:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_AuthAck = %d\n", _connection_state);
-        //printf ("Authentication acknowledge...\n");
        break;
    case RASCS_ReAuthenticate:
-        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_ReAuthenticate = %d\n", _connection_state);
-        //printf ("Retrying Authentication...\n");
+        //qDebug()<<__FUNCTION__ << __LINE__;
        break;
    case RASCS_Authenticated:
-        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_Authenticated = %d\n", _connection_state);
-        //printf ("Authentication complete.\n");
+        //qDebug()<<__FUNCTION__ << __LINE__;
        break;
    case RASCS_PrepareForCallback:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_PrepareForCallback = %d\n", _connection_state);
-        //printf ("Preparing for callback...\n");
        break;
    case RASCS_WaitForModemReset:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_WaitForModemReset = %d\n", _connection_state);
-        // printf ("Waiting for modem reset...\n");
        break;
    case RASCS_WaitForCallback:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_WaitForCallback = %d\n", _connection_state);
-        //printf ("Waiting for callback...\n");
        break;
    case RASCS_Projected:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_Projected = %d\n", _connection_state);
-        //printf ("Projection completed.\n");
        break;
 #if (WINVER >= 0x400)
    case RASCS_StartAuthentication:    // Windows 95 only
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_StartAuthentication = %d\n", _connection_state);
-        //printf ("Starting authentication...\n");
-
        break;
    case RASCS_CallbackComplete:       // Windows 95 only
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_CallbackComplete = %d\n", rasconnstate);
-        //printf ("Callback complete.\n");
        break;
    case RASCS_LogonNetwork:           // Windows 95 only
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_LogonNetwork = %d\n", _connection_state);
-        //printf ("Login to the network.\n");
        break;
 #endif
    case RASCS_SubEntryConnected:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_SubEntryConnected = %d\n", _connection_state);
-        //printf ("Subentry connected.\n");
        break;
    case RASCS_SubEntryDisconnected:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_SubEntryDisconnected = %d\n", _connection_state);
-        //printf ("Subentry disconnected.\n");
        break;
        //PAUSED STATES:
    case RASCS_Interactive:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_Interactive = %d\n", _connection_state);
-        //printf ("In Paused state: Interactive mode.\n");
        break;
    case RASCS_RetryAuthentication:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_RetryAuthentication = %d\n", _connection_state);
-        //printf ("In Paused state: Retry Authentication...\n");
        break;
    case RASCS_CallbackSetByCaller:
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_CallbackSetByCaller = %d\n", _connection_state);
-        //printf ("In Paused state: Callback set by Caller.\n");
        break;
    case RASCS_PasswordExpired:
        setConnectionState(Error);
        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_PasswordExpired = %d\n", _connection_state);
-        //printf ("In Paused state: Password has expired...\n");
        break;

    case RASCS_Connected: // = RASCS_DONE:
        setConnectionState(Connected);
-        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_Connected = %d\n", _connection_state);
-        //printf ("Connection completed.\n");
-        //SetEvent(gEvent_handle);
+        //qDebug()<<__FUNCTION__ << __LINE__;
        break;
    case RASCS_Disconnected:
        setConnectionState(Disconnected);
-        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("RASCS_Disconnected = %d\n", _connection_state);
-        //printf ("Disconnecting...\n");
+        //qDebug()<<__FUNCTION__ << __LINE__;
        break;
    default:
-        qDebug()<<__FUNCTION__ << __LINE__;
-        //printf ("Unknown Status = %d\n", _connection_state);
-        //printf ("What are you going to do about it?\n");
+        //qDebug()<<__FUNCTION__ << __LINE__;
        break;
    }
 }
@@ -246,7 +176,6 @@ void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)

 ErrorCode Ikev2Protocol::start()
 {
-#ifdef Q_OS_WINDOWS
    QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8());
    setConnectionState(Connecting);

@@ -277,34 +206,10 @@ ErrorCode Ikev2Protocol::start()
                              });
        certInstallProcess->setArguments(arguments);

-        //        qDebug() << arguments.join(" ");
-        //        connect(certInstallProcess.data(), &PrivilegedProcess::errorOccurred, [certInstallProcess](QProcess::ProcessError error) {
-        //            qDebug() << "PrivilegedProcess errorOccurred" << error;
-        //        });
-
-        //        connect(certInstallProcess.data(), &PrivilegedProcess::stateChanged, [certInstallProcess](QProcess::ProcessState newState) {
-        //            qDebug() << "PrivilegedProcess stateChanged" << newState;
-        //        });
-
-        //        connect(certInstallProcess.data(), &PrivilegedProcess::readyRead, [certInstallProcess]() {
-        //            auto req = certInstallProcess->readAll();
-        //            req.waitForFinished();
-        //            qDebug() << "PrivilegedProcess readyRead" << req.returnValue();
-        //        });
-
-
        certInstallProcess->start();
    }
    // /*
    {
-        //        auto adapterRemoveProcess = new QProcess;
-
-        //        adapterRemoveProcess->setProgram("powershell");
-        //        QString arguments = QString("-command \"Remove-VpnConnection -Name '%1' -Force\"").arg(tunnelName());
-        //        adapterRemoveProcess->setNativeArguments(arguments);
-
-        //        adapterRemoveProcess->start();
-        //        adapterRemoveProcess->waitForFinished(5000);
        if ( disconnect_vpn()){
            qDebug()<<"VPN was disconnected";
        }
@@ -319,21 +224,6 @@ ErrorCode Ikev2Protocol::start()
                qDebug() <<"Can't create the VPN connect";
            }
        }
-        //        auto adapterInstallProcess = new QProcess;
-
-        //        adapterInstallProcess->setProgram("powershell");
-        //        QString arguments = QString("-command \"Add-VpnConnection "
-        //                                    "-ServerAddress '%1' "
-        //                                    "-Name '%2' "
-        //                                    "-TunnelType IKEv2 "
-        //                                    "-AuthenticationMethod MachineCertificate "
-        //                                    "-EncryptionLevel Required "
-        //                                    "-PassThru\"")
-        //                .arg(m_config[config_key::hostName].toString())
-        //                .arg(tunnelName());
-        //        adapterInstallProcess->setNativeArguments(arguments);
-        //        adapterInstallProcess->start();
-        //        adapterInstallProcess->waitForFinished(5000);
    }

    {
@@ -352,10 +242,6 @@ ErrorCode Ikev2Protocol::start()
                .arg(tunnelName());
        adapterConfigProcess->setNativeArguments(arguments);

-        //        connect(adapterConfigProcess, &QProcess::readyRead, [adapterConfigProcess]() {
-        //            qDebug().noquote() << "adapterConfigProcess readyRead" << adapterConfigProcess->readAll();
-        //        });
-
        adapterConfigProcess->start();
        adapterConfigProcess->waitForFinished(5000);
    }
@@ -367,13 +253,8 @@ ErrorCode Ikev2Protocol::start()
    }
    //setConnectionState(Connecting);
    return ErrorCode::NoError;
-#else
-    return ErrorCode::NoError;
-#endif
-
 }
 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-#ifdef Q_OS_WINDOWS
 bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
                                   const QString & serv_addr){

@@ -442,5 +323,3 @@ void WINAPI RasDialFuncCallback(UINT unMsg,
        self->newConnectionStateEventReceived(unMsg, rasconnstate, dwError);
    }
 }
-
-#endif
@@ -1,5 +1,5 @@
-#ifndef IPSEC_PROTOCOL_H
-#define IPSEC_PROTOCOL_H
+#ifndef IKEV2_VPN_PROTOCOL_WINDOWS_H
+#define IKEV2_VPN_PROTOCOL_WINDOWS_H

 #include <QObject>
 #include <QProcess>
@@ -10,7 +10,6 @@
 #include "vpnprotocol.h"
 #include "core/ipcclient.h"

-#ifdef Q_OS_WIN
 #include <string>
 #include <memory>
 #include <atomic>
@@ -31,8 +30,6 @@
 #pragma comment(lib, "rasapi32.lib")
 #pragma comment(lib, "Crypt32.lib")

-#endif
-
 class Ikev2Protocol : public VpnProtocol
 {
    Q_OBJECT
@@ -54,14 +51,9 @@ public:
 private:
    void readIkev2Configuration(const QJsonObject &configuration);

-#ifdef Q_OS_WIN
-    //certificates variables
-
-#endif
 private:
    QJsonObject m_config;

-#ifdef Q_OS_WIN
    //RAS functions and parametrs
    HRASCONN        hRasConn{nullptr};
    bool create_new_vpn(const QString & vpn_name,
@@ -70,12 +62,8 @@ private:

    bool connect_to_vpn(const QString & vpn_name);
    bool disconnect_vpn();
-#endif
-
 };

-#ifdef Q_OS_WIN
 DWORD CALLBACK rasCallback(UINT msg, RASCONNSTATE rascs, DWORD err);
-#endif

-#endif // IPSEC_PROTOCOL_H
+#endif // IKEV2_VPN_PROTOCOL_WINDOWS_H
@@ -40,6 +40,7 @@ constexpr char server_priv_key[] = "server_priv_key";
 constexpr char server_pub_key[] = "server_pub_key";
 constexpr char psk_key[] = "psk_key";

+constexpr char client_ip[] = "client_ip"; // internal ip address

 constexpr char site[] = "site";
 constexpr char block_outside_dns[] = "block_outside_dns";
@@ -9,7 +9,10 @@
 #include "shadowsocksvpnprotocol.h"
 #include "openvpnovercloakprotocol.h"
 #include "wireguardprotocol.h"
-#include "ikev2_vpn_protocol.h"
+#endif
+
+#ifdef Q_OS_WINDOWS
+#include "ikev2_vpn_protocol_windows.h"
 #endif


@@ -1,3 +1,48 @@
 FROM mvance/unbound:latest

 LABEL maintainer="AmneziaVPN" 
+
+RUN echo " \n\
+domain-insecure: \"coin.\"\n\
+domain-insecure: \"emc.\"\n\
+domain-insecure: \"lib.\"\n\
+domain-insecure: \"bazar.\"\n\
+domain-insecure: \"enum.\"\n\
+\n\
+stub-zone:\n\
+   name: coin.\n\
+   stub-host: seed1.emercoin.com\n\
+   stub-host: seed2.emercoin.com\n\
+   stub-first: yes\n\
+\n\
+stub-zone:\n\
+   name: emc.\n\
+   stub-host: seed1.emercoin.com\n\
+   stub-host: seed2.emercoin.com\n\
+   stub-first: yes\n\
+\n\
+stub-zone:\n\
+   name: lib.\n\
+   stub-host: seed1.emercoin.com\n\
+   stub-host: seed2.emercoin.com\n\
+   stub-first: yes\n\
+\n\
+stub-zone:\n\
+   name: bazar.\n\
+   stub-host: seed1.emercoin.com\n\
+   stub-host: seed2.emercoin.com\n\
+   stub-first: yes\n\
+\n\
+stub-zone:\n\
+   name: enum.\n\
+   stub-host: seed1.emercoin.com\n\
+   stub-host: seed2.emercoin.com\n\
+   stub-first: yes\n\
+\n\
+forward-zone:\n\
+   name: .\n\
+   forward-tls-upstream: yes\n\
+   forward-addr: 1.1.1.1@853  #cloudflare-dns.com\n\
+   forward-addr: 1.0.0.1@853  #cloudflare-dns.com\n\
+" | tee /opt/unbound/etc/unbound/forward-records.conf
+
@@ -1,5 +1,5 @@
 [Interface]
-Address = 10.8.1.2/32
+Address = $WIREGUARD_CLIENT_IP/32
 DNS = $PRIMARY_DNS, $SECONDARY_DNS
 PrivateKey = $WIREGUARD_CLIENT_PRIVATE_KEY

@@ -5,7 +5,7 @@

 NetworkSettingsLogic::NetworkSettingsLogic(UiLogic *logic, QObject *parent):
    PageLogicBase(logic, parent),
-    m_ipAddressValidatorRegex{Utils::ipAddressRegExp().pattern()}
+    m_ipAddressRegex{Utils::ipAddressRegExp()}
 {

 }
@@ -18,16 +18,14 @@ void NetworkSettingsLogic::onUpdatePage()

 void NetworkSettingsLogic::onLineEditDns1EditFinished(const QString &text)
 {
-    QRegExp reg{getIpAddressValidatorRegex()};
-    if (reg.exactMatch(text)) {
+    if (ipAddressRegex().exactMatch(text)) {
        m_settings.setPrimaryDns(text);
    }
 }

 void NetworkSettingsLogic::onLineEditDns2EditFinished(const QString &text)
 {
-    QRegExp reg{getIpAddressValidatorRegex()};
-    if (reg.exactMatch(text)) {
+    if (ipAddressRegex().exactMatch(text)) {
        m_settings.setSecondaryDns(text);
    }
 }
@@ -43,8 +41,3 @@ void NetworkSettingsLogic::onPushButtonResetDns2Clicked()
    m_settings.setSecondaryDns(m_settings.cloudFlareNs2);
    onUpdatePage();
 }
-
-QString NetworkSettingsLogic::getIpAddressValidatorRegex() const
-{
-    return m_ipAddressValidatorRegex;
-}
@@ -11,7 +11,7 @@ class NetworkSettingsLogic : public PageLogicBase

    AUTO_PROPERTY(QString, lineEditDns1Text)
    AUTO_PROPERTY(QString, lineEditDns2Text)
-    READONLY_PROPERTY(QString, ipAddressValidatorRegex)
+    READONLY_PROPERTY(QRegExp, ipAddressRegex)

 public:
    Q_INVOKABLE void onUpdatePage() override;
@@ -25,6 +25,5 @@ public:
    explicit NetworkSettingsLogic(UiLogic *uiLogic, QObject *parent = nullptr);
    ~NetworkSettingsLogic() = default;

-    QString getIpAddressValidatorRegex() const;
 };
 #endif // NETWORK_SETTINGS_LOGIC_H
@@ -50,9 +50,6 @@ void QrDecoderLogic::onDetectedQrCode(const QString &code)
        s >> m_chunks[chunkId];
        set_receivedChunksCount(m_chunks.size());

-        qDebug() << "Received chunks:" << receivedChunksCount() << "/" << chunksCount << "cur" << chunkId << m_chunks[chunkId].size();
-        qDebug() << chunkId << m_chunks[chunkId];
-
        if (m_chunks.size() == totalChunksCount()) {
            QByteArray data;
            for (int i = 0; i < totalChunksCount(); ++i) {
@@ -2,6 +2,7 @@
 #include <QImage>
 #include <QDataStream>
 #include <QZXing>
+#include <QMessageBox>

 #include "ShareConnectionLogic.h"

@@ -15,6 +16,7 @@

 #include "defines.h"
 #include "core/defs.h"
+#include "core/errorstrings.h"
 #include <functional>

 #include "../uilogic.h"
@@ -194,6 +196,12 @@ void ShareConnectionLogic::onPushButtonShareWireGuardGenerateClicked()

    ErrorCode e = ErrorCode::NoError;
    QString cfg = WireguardConfigurator::genWireguardConfig(credentials, container, containerConfig, &e);
+    if (e) {
+        QMessageBox::warning(nullptr, APPLICATION_NAME,
+                             tr("Error occurred while configuring server.") + "\n" +
+                             errorString(e));
+        return;
+    }
    cfg = VpnConfigurator::processConfigWithExportSettings(container, Proto::WireGuard, cfg);
    cfg = QJsonDocument::fromJson(cfg.toUtf8()).object()[config_key::config].toString();

@@ -2,6 +2,7 @@
 #include "core/errorstrings.h"
 #include "configurators/ssh_configurator.h"
 #include "../uilogic.h"
+#include "utils.h"

 #include <QFileDialog>
 #include <QStandardPaths>
@@ -23,7 +24,8 @@ StartPageLogic::StartPageLogic(UiLogic *logic, QObject *parent):
    m_labelWaitInfoVisible{true},
    m_labelWaitInfoText{},
    m_pushButtonBackFromStartVisible{true},
-    m_pushButtonConnectVisible{true}
+    m_pushButtonConnectVisible{true},
+    m_ipAddressPortRegex{Utils::ipAddressPortRegExp()}
 {

 }
@@ -22,6 +22,7 @@ class StartPageLogic : public PageLogicBase
    AUTO_PROPERTY(bool, pushButtonBackFromStartVisible)
    AUTO_PROPERTY(bool, pushButtonConnectVisible)

+    READONLY_PROPERTY(QRegExp, ipAddressPortRegex)
 public:
    Q_INVOKABLE void onUpdatePage() override;

@@ -37,7 +37,7 @@ PageBase {
            NetworkSettingsLogic.onLineEditDns1EditFinished(text)
        }
        validator: RegExpValidator {
-            regExp: NetworkSettingsLogic.ipAddressValidatorRegex
+            regExp: NetworkSettingsLogic.ipAddressRegex
        }
    }
    ImageButtonType {
@@ -74,7 +74,7 @@ PageBase {
            NetworkSettingsLogic.onLineEditDns2EditFinished(text)
        }
        validator: RegExpValidator {
-            regExp: NetworkSettingsLogic.ipAddressValidatorRegex
+            regExp: NetworkSettingsLogic.ipAddressRegex
        }
    }
    ImageButtonType {
@@ -186,7 +186,7 @@ PageBase {
            id: label_server_ip
            x: 40
            anchors.top: new_sever_get_info.bottom
-            text: qsTr("Server IP address")
+            text: qsTr("Server IP address [:port]")
        }
        TextFieldType {
            id: new_server_ip
@@ -196,6 +196,10 @@ PageBase {
            onEditingFinished: {
                StartPageLogic.lineEditIpText = text
            }
+
+            validator: RegExpValidator {
+                regExp: StartPageLogic.ipAddressPortRegex
+            }
        }

        LabelType {
Author	SHA1	Message	Date
pokamest	9ec39658fe	DNS container with EmerCoin DNS support	2022-01-03 18:30:53 +03:00
pokamest	9943e081d9	RegExp validators fix	2021-12-25 23:01:53 +03:00
pokamest	68a51c9c63	WireGuard protocol fix	2021-12-25 21:14:55 +03:00
pokamest	e7dd964825	ServerController fix	2021-12-22 13:41:09 +03:00
pokamest	f20134415e	IKEv2 class file renamed	2021-12-21 02:57:23 +03:00