mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-06-21 02:01:03 +07:00
Compare commits
38 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Mykola Baibuz
|
1d846d144f | ||
|
Mykola Baibuz
|
98a7ea0fcf | ||
|
Mykola Baibuz
|
ca8eb7c724 | ||
|
Mykola Baibuz
|
ae3ed9c741 | ||
|
Mykola Baibuz
|
f47e4cb729 | ||
|
Mykola Baibuz
|
b5cbcc5f2a | ||
|
Mykola Baibuz
|
f18d980bdb | ||
|
Mykola Baibuz
|
81cfab3566 | ||
|
Mykola Baibuz
|
7f123dabac | ||
|
Mykola Baibuz
|
de0b400934 | ||
|
Mykola Baibuz
|
dcde24649f | ||
|
vladimir.kuznetsov
|
b717560047 | ||
|
vladimir.kuznetsov
|
1192f3d8a7 | ||
|
vladimir.kuznetsov
|
afd2542a11 | ||
|
vladimir.kuznetsov
|
5961d4cefc | ||
|
Pokamest Nikak
|
1438a21902 | ||
|
Mykola Baibuz
|
f72684e4d4 | ||
|
Mykola Baibuz
|
898f497f8e | ||
|
Mykola Baibuz
|
8c94f70edf | ||
|
Mykola Baibuz
|
a144d495ee | ||
|
Mykola Baibuz
|
f0e66e4ecf | ||
|
Mykola Baibuz
|
6f0e9a136b | ||
|
Mykola Baibuz
|
4147632a62 | ||
|
Mykola Baibuz
|
948ab4cf71 | ||
|
Mykola Baibuz
|
f54308e4f4 | ||
|
Mykola Baibuz
|
052261c2b4 | ||
|
Mykola Baibuz
|
3cec0dc2a7 | ||
|
Mykola Baibuz
|
ad61ef0b22 | ||
|
Mykola Baibuz
|
63c569c3d2 | ||
|
Mykola Baibuz
|
30df4c6800 | ||
|
Mykola Baibuz
|
a96f9dc18a | ||
|
Mykola Baibuz
|
fb63cdf7e9 | ||
|
Mykola Baibuz
|
2d3b9c2752 | ||
|
Mykola Baibuz
|
09c58cb39e | ||
|
Mykola Baibuz
|
654d219e7e | ||
|
Mykola Baibuz
|
89d4c18e87 | ||
|
Mykola Baibuz
|
b0b185027e | ||
|
Mykola Baibuz
|
90912f9231 |
@@ -174,6 +174,15 @@ endif()
|
||||
if(LINUX AND NOT ANDROID)
|
||||
set(LIBS ${LIBS} -static-libstdc++ -static-libgcc -ldl)
|
||||
link_directories(${CMAKE_CURRENT_LIST_DIR}/platforms/linux)
|
||||
|
||||
set(HEADERS ${HEADERS}
|
||||
${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_linux.h
|
||||
)
|
||||
|
||||
set(SOURCES ${SOURCES}
|
||||
${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_linux.cpp
|
||||
)
|
||||
|
||||
endif()
|
||||
|
||||
if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
|
||||
|
||||
@@ -20,6 +20,7 @@ set(LIBS ${LIBS}
|
||||
|
||||
set_target_properties(${PROJECT} PROPERTIES
|
||||
MACOSX_BUNDLE TRUE
|
||||
XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/macos/app/AmneziaVPN.entitlements"
|
||||
MACOSX_BUNDLE_SHORT_VERSION_STRING "${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH}"
|
||||
MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
|
||||
)
|
||||
@@ -29,10 +30,12 @@ set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
|
||||
|
||||
set(HEADERS ${HEADERS}
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/protocols/ikev2_vpn_protocol_mac.h
|
||||
)
|
||||
|
||||
set(SOURCES ${SOURCES}
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/protocols/ikev2_vpn_protocol_mac.mm
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -64,6 +64,26 @@ QString Ikev2Configurator::createConfig(const ServerCredentials &credentials, Do
|
||||
return "";
|
||||
}
|
||||
|
||||
#if defined(Q_OS_LINUX)
|
||||
QString config = m_serverController->replaceVars(amnezia::scriptData(ProtocolScriptType::ipsec_template, container),
|
||||
m_serverController->genVarsForScript(credentials, container, containerConfig));
|
||||
|
||||
config.replace("$CLIENT_NAME", connData.clientId);
|
||||
config.replace("$UUID1", QUuid::createUuid().toString());
|
||||
config.replace("$SERVER_ADDR", connData.host);
|
||||
|
||||
QJsonObject jConfig;
|
||||
jConfig[config_key::config] = config;
|
||||
|
||||
jConfig[config_key::hostName] = connData.host;
|
||||
jConfig[config_key::userName] = connData.clientId;
|
||||
jConfig[config_key::cert] = QString(connData.clientCert.toBase64());
|
||||
jConfig[config_key::cacert] = QString(connData.caCert);
|
||||
jConfig[config_key::password] = connData.password;
|
||||
|
||||
return QJsonDocument(jConfig).toJson();
|
||||
#endif
|
||||
|
||||
return genIkev2Config(connData);
|
||||
}
|
||||
|
||||
@@ -73,6 +93,7 @@ QString Ikev2Configurator::genIkev2Config(const ConnectionData &connData)
|
||||
config[config_key::hostName] = connData.host;
|
||||
config[config_key::userName] = connData.clientId;
|
||||
config[config_key::cert] = QString(connData.clientCert.toBase64());
|
||||
config[config_key::cacert] = QString(connData.caCert);
|
||||
config[config_key::password] = connData.password;
|
||||
|
||||
return QJsonDocument(config).toJson();
|
||||
@@ -115,3 +136,22 @@ QString Ikev2Configurator::genStrongSwanConfig(const ConnectionData &connData)
|
||||
|
||||
return config;
|
||||
}
|
||||
|
||||
QString Ikev2Configurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
|
||||
QJsonObject json;
|
||||
json[config_key::config] = protocolConfigString;
|
||||
return QJsonDocument(json).toJson();
|
||||
}
|
||||
|
||||
QString Ikev2Configurator::processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
|
||||
QString &protocolConfigString)
|
||||
{
|
||||
processConfigWithDnsSettings(dns, protocolConfigString);
|
||||
QJsonObject json;
|
||||
json[config_key::config] = protocolConfigString;
|
||||
return QJsonDocument(json).toJson();
|
||||
}
|
||||
|
||||
@@ -27,6 +27,10 @@ public:
|
||||
QString genIkev2Config(const ConnectionData &connData);
|
||||
QString genMobileConfig(const ConnectionData &connData);
|
||||
QString genStrongSwanConfig(const ConnectionData &connData);
|
||||
QString genIPSecConfig(const ConnectionData &connData);
|
||||
|
||||
QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
|
||||
|
||||
ConnectionData prepareIkev2Config(const ServerCredentials &credentials,
|
||||
DockerContainer container, ErrorCode &errorCode);
|
||||
|
||||
@@ -257,7 +257,7 @@ Proto ContainerProps::defaultProtocol(DockerContainer c)
|
||||
|
||||
bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
|
||||
{
|
||||
#ifdef Q_OS_WINDOWS
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_LINUX)
|
||||
return true;
|
||||
|
||||
#elif defined(Q_OS_IOS)
|
||||
@@ -291,7 +291,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
|
||||
#elif defined(Q_OS_MAC)
|
||||
switch (c) {
|
||||
case DockerContainer::WireGuard: return true;
|
||||
case DockerContainer::Ipsec: return false;
|
||||
case DockerContainer::Ipsec: return true;
|
||||
default: return true;
|
||||
}
|
||||
|
||||
@@ -306,13 +306,6 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
|
||||
case DockerContainer::SSXray: return true;
|
||||
default: return false;
|
||||
}
|
||||
|
||||
#elif defined(Q_OS_LINUX)
|
||||
switch (c) {
|
||||
case DockerContainer::Ipsec: return false;
|
||||
default: return true;
|
||||
}
|
||||
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
|
||||
@@ -154,9 +154,6 @@ void CoreController::initControllers()
|
||||
|
||||
m_apiPremV1MigrationController.reset(new ApiPremV1MigrationController(m_serversModel, m_settings, this));
|
||||
m_engine->rootContext()->setContextProperty("ApiPremV1MigrationController", m_apiPremV1MigrationController.get());
|
||||
|
||||
m_transferController.reset(new TransferController(m_settings, m_serversModel, m_exportController.get()));
|
||||
m_engine->rootContext()->setContextProperty("TransferController", m_transferController.get());
|
||||
}
|
||||
|
||||
void CoreController::initAndroidController()
|
||||
|
||||
@@ -23,7 +23,6 @@
|
||||
#include "ui/controllers/settingsController.h"
|
||||
#include "ui/controllers/sitesController.h"
|
||||
#include "ui/controllers/systemController.h"
|
||||
#include "ui/controllers/transferController.h"
|
||||
|
||||
#include "ui/models/allowed_dns_model.h"
|
||||
#include "ui/models/containers_model.h"
|
||||
@@ -146,7 +145,6 @@ private:
|
||||
#endif
|
||||
QScopedPointer<SftpConfigModel> m_sftpConfigModel;
|
||||
QScopedPointer<Socks5ProxyConfigModel> m_socks5ConfigModel;
|
||||
QScopedPointer<TransferController> m_transferController;
|
||||
};
|
||||
|
||||
#endif // CORECONTROLLER_H
|
||||
|
||||
@@ -8,7 +8,6 @@
|
||||
#include <QJsonObject>
|
||||
#include <QNetworkReply>
|
||||
#include <QUrl>
|
||||
#include <QRegularExpression>
|
||||
|
||||
#include "QBlockCipher.h"
|
||||
#include "QRsa.h"
|
||||
|
||||
@@ -30,6 +30,13 @@
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <net/route.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <ifaddrs.h>
|
||||
#include <libproc.h>
|
||||
#include <netdb.h>
|
||||
#include <netinet/in.h>
|
||||
#include <semaphore.h>
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#include <QHostAddress>
|
||||
@@ -475,3 +482,112 @@ QString NetworkUtilities::getGatewayAndIface()
|
||||
return gateway;
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined(Q_OS_MAC)
|
||||
QString NetworkUtilities::ipAddressByInterfaceName(const QString &interfaceName)
|
||||
{
|
||||
struct ifaddrs *ifaddr, *ifa;
|
||||
char host[NI_MAXHOST];
|
||||
|
||||
if (getifaddrs(&ifaddr) == -1)
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next)
|
||||
{
|
||||
if (ifa->ifa_addr == NULL)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
int family = ifa->ifa_addr->sa_family;
|
||||
QString iname = QString::fromStdString(ifa->ifa_name);
|
||||
|
||||
if (family == AF_INET && iname == interfaceName)
|
||||
{
|
||||
int s = getnameinfo(ifa->ifa_addr,
|
||||
(family == AF_INET) ? sizeof(struct sockaddr_in) :
|
||||
sizeof(struct sockaddr_in6),
|
||||
host, NI_MAXHOST,
|
||||
NULL, 0, NI_NUMERICHOST);
|
||||
if (s != 0)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
return QString::fromStdString(host);
|
||||
}
|
||||
}
|
||||
|
||||
freeifaddrs(ifaddr);
|
||||
return "";
|
||||
}
|
||||
|
||||
QString NetworkUtilities::lastConnectedNetworkInterfaceName()
|
||||
{
|
||||
QString ifname("");
|
||||
|
||||
struct ifaddrs * interfaces = NULL;
|
||||
struct ifaddrs * temp_addr = NULL;
|
||||
|
||||
if( getifaddrs(&interfaces) == 0 )
|
||||
{
|
||||
//Loop through linked list of interfaces
|
||||
temp_addr = interfaces;
|
||||
while( temp_addr != NULL )
|
||||
{
|
||||
if( temp_addr->ifa_addr->sa_family == AF_INET )
|
||||
{
|
||||
QString tname = temp_addr->ifa_name;
|
||||
if( tname.startsWith("utun") )
|
||||
ifname = tname;
|
||||
else if( tname.startsWith("ipsec") )
|
||||
ifname = tname;
|
||||
else if( tname.startsWith("ppp") )
|
||||
ifname = tname;
|
||||
}
|
||||
|
||||
temp_addr = temp_addr->ifa_next;
|
||||
}
|
||||
|
||||
freeifaddrs(interfaces);
|
||||
}
|
||||
return ifname;
|
||||
}
|
||||
|
||||
QString execCmd(const QString &cmd)
|
||||
{
|
||||
char buffer[1024];
|
||||
QString result = "";
|
||||
FILE* pipe = popen(cmd.toStdString().c_str(), "r");
|
||||
if (!pipe) return "";
|
||||
while (!feof(pipe))
|
||||
{
|
||||
if (fgets(buffer, 1024, pipe) != NULL)
|
||||
{
|
||||
result += buffer;
|
||||
}
|
||||
}
|
||||
pclose(pipe);
|
||||
return result;
|
||||
}
|
||||
|
||||
QStringList NetworkUtilities::getListOfDnsNetworkServiceEntries()
|
||||
{
|
||||
QStringList result;
|
||||
QString command = "echo 'list' | scutil | grep /Network/Service | grep DNS";
|
||||
QString cmdOutput = execCmd(command).trimmed();
|
||||
// qDebug() << "Raw result: " << cmdOutput;
|
||||
|
||||
QStringList lines = cmdOutput.split('\n');
|
||||
for (QString line : lines)
|
||||
{
|
||||
if (line.contains("="))
|
||||
{
|
||||
QString entry = line.mid(line.indexOf("=")+1).trimmed();
|
||||
result.append(entry);
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -20,16 +20,22 @@ public:
|
||||
static QString getGatewayAndIface();
|
||||
// Returns the Interface Index that could Route to dst
|
||||
static int AdapterIndexTo(const QHostAddress& dst);
|
||||
|
||||
|
||||
static QRegularExpression ipAddressRegExp();
|
||||
static QRegularExpression ipAddressPortRegExp();
|
||||
static QRegExp ipAddressWithSubnetRegExp();
|
||||
static QRegExp ipNetwork24RegExp();
|
||||
static QRegExp ipPortRegExp();
|
||||
static QRegExp domainRegExp();
|
||||
|
||||
|
||||
static QString netMaskFromIpWithSubnet(const QString ip);
|
||||
static QString ipAddressFromIpWithSubnet(const QString ip);
|
||||
|
||||
#if defined(Q_OS_MAC)
|
||||
static QString ipAddressByInterfaceName(const QString &interfaceName);
|
||||
static QString lastConnectedNetworkInterfaceName();
|
||||
static QStringList getListOfDnsNetworkServiceEntries();
|
||||
#endif
|
||||
static QStringList summarizeRoutes(const QStringList &ips, const QString cidr);
|
||||
};
|
||||
|
||||
|
||||
@@ -50,6 +50,7 @@ QString amnezia::scriptName(ProtocolScriptType type)
|
||||
case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf");
|
||||
case ProtocolScriptType::awg_template: return QLatin1String("template.conf");
|
||||
case ProtocolScriptType::xray_template: return QLatin1String("template.json");
|
||||
case ProtocolScriptType::ipsec_template: return QLatin1String("template.conf");
|
||||
default: return QString();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,7 +28,8 @@ enum ProtocolScriptType {
|
||||
openvpn_template,
|
||||
wireguard_template,
|
||||
awg_template,
|
||||
xray_template
|
||||
xray_template,
|
||||
ipsec_template
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none">
|
||||
<!-- Monitor -->
|
||||
<rect x="2.5" y="3.5" width="14" height="10" rx="2" ry="2" stroke="#D7D8DB" stroke-width="1.8"/>
|
||||
<line x1="9.5" y1="13.5" x2="9.5" y2="16.5" stroke="#D7D8DB" stroke-width="1.8" stroke-linecap="round"/>
|
||||
<rect x="6" y="16.5" width="7" height="1.8" rx="0.9" ry="0.9" fill="#D7D8DB"/>
|
||||
|
||||
<!-- Phone -->
|
||||
<rect x="17.5" y="6" width="4.5" height="9.5" rx="1.2" ry="1.2" stroke="#D7D8DB" stroke-width="1.8"/>
|
||||
<circle cx="19.75" cy="14.2" r="0.6" fill="#D7D8DB"/>
|
||||
</svg>
|
||||
|
Before Width: | Height: | Size: 628 B |
@@ -0,0 +1,14 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
<key>com.apple.developer.networking.networkextension</key>
|
||||
<array>
|
||||
<string>packet-tunnel-provider</string>
|
||||
</array>
|
||||
<key>com.apple.developer.networking.vpn.api</key>
|
||||
<array>
|
||||
<string>allow-vpn</string>
|
||||
</array>
|
||||
</dict>
|
||||
</plist>
|
||||
@@ -0,0 +1,158 @@
|
||||
#include <QCoreApplication>
|
||||
#include <QFileInfo>
|
||||
#include <QProcess>
|
||||
|
||||
#include <QThread>
|
||||
|
||||
#include <chrono>
|
||||
|
||||
#include "core/networkUtilities.h"
|
||||
|
||||
#include "settings.h"
|
||||
#include "logger.h"
|
||||
#include "ikev2_vpn_protocol_linux.h"
|
||||
#include "utilities.h"
|
||||
#include "core/ipcclient.h"
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/pem.h>
|
||||
|
||||
|
||||
static Ikev2Protocol* self = nullptr;
|
||||
|
||||
|
||||
Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) :
|
||||
VpnProtocol(configuration, parent)
|
||||
{
|
||||
self = this;
|
||||
readIkev2Configuration(configuration);
|
||||
m_routeGateway = NetworkUtilities::getGatewayAndIface();
|
||||
m_vpnGateway = "192.168.43.10";
|
||||
m_vpnLocalAddress = "192.168.43.10";
|
||||
m_remoteAddress = NetworkUtilities::getIPAddress(configuration.value(amnezia::config_key::hostName).toString());
|
||||
m_routeMode = static_cast<Settings::RouteMode>(configuration.value(amnezia::config_key::splitTunnelType).toInt());
|
||||
}
|
||||
|
||||
Ikev2Protocol::~Ikev2Protocol()
|
||||
{
|
||||
qDebug() << "IpsecProtocol::~IpsecProtocol()";
|
||||
Ikev2Protocol::stop();
|
||||
}
|
||||
|
||||
void Ikev2Protocol::stop()
|
||||
{
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
Ikev2Protocol::disconnect_vpn();
|
||||
qDebug() << "IpsecProtocol::stop()";
|
||||
}
|
||||
|
||||
void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
|
||||
{
|
||||
QJsonObject ikev2_data = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
m_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
|
||||
}
|
||||
|
||||
ErrorCode Ikev2Protocol::start()
|
||||
{
|
||||
STACK_OF(X509) *certstack = sk_X509_new_null();
|
||||
BIO *p12 = BIO_new(BIO_s_mem());
|
||||
|
||||
EVP_PKEY *pkey;
|
||||
X509 *cert;
|
||||
|
||||
BIO_write(p12, QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()),
|
||||
QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()).size());
|
||||
|
||||
PKCS12 *pkcs12 = d2i_PKCS12_bio(p12, NULL);
|
||||
PKCS12_parse(pkcs12, m_config[config_key::password].toString().toStdString().c_str(), &pkey, &cert, &certstack);
|
||||
BIO *bio = BIO_new(BIO_s_mem());
|
||||
PEM_write_bio_X509(bio, cert);
|
||||
|
||||
BUF_MEM *mem = NULL;
|
||||
BIO_get_mem_ptr(bio, &mem);
|
||||
|
||||
std::string pem(mem->data, mem->length);
|
||||
QString alias(pem.c_str());
|
||||
|
||||
IpcClient::Interface()->writeIPsecUserCert(alias, m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecConfig(m_config[config_key::config].toString());
|
||||
IpcClient::Interface()->writeIPsecCaCert(m_config[config_key::cacert].toString(), m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecPrivate(m_config[config_key::cert].toString(), m_config[config_key::userName].toString());
|
||||
IpcClient::Interface()->writeIPsecPrivatePass(m_config[config_key::password].toString(), m_config[config_key::hostName].toString(),
|
||||
m_config[config_key::userName].toString());
|
||||
|
||||
connect_to_vpn("ikev2-vpn");
|
||||
|
||||
if (!IpcClient::Interface()) {
|
||||
return ErrorCode::AmneziaServiceConnectionFailed;
|
||||
}
|
||||
|
||||
QString connectionStatus;
|
||||
|
||||
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
|
||||
futureResult.waitForFinished();
|
||||
|
||||
if (futureResult.returnValue().isEmpty()) {
|
||||
auto futureResult = IpcClient::Interface()->getTunnelStatus("ikev2-vpn");
|
||||
futureResult.waitForFinished();
|
||||
}
|
||||
|
||||
connectionStatus = futureResult.returnValue();
|
||||
|
||||
if (connectionStatus.contains("ESTABLISHED")) {
|
||||
QStringList lines = connectionStatus.split('\n');
|
||||
for (auto iter = lines.begin(); iter!=lines.end(); iter++)
|
||||
{
|
||||
if (iter->contains("0.0.0.0/0")) {
|
||||
m_vpnGateway = iter->split("===", Qt::SkipEmptyParts).first();
|
||||
m_vpnGateway = m_vpnGateway.split(" ").at(2);
|
||||
m_vpnGateway = m_vpnGateway.split("/").first();
|
||||
m_vpnLocalAddress = m_vpnGateway;
|
||||
qDebug() << "m_vpnGateway " << m_vpnGateway;
|
||||
|
||||
// killSwitch toggle
|
||||
if (QVariant(m_config.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
m_config.insert("vpnServer", m_remoteAddress);
|
||||
IpcClient::Interface()->enableKillSwitch(m_config, 0);
|
||||
}
|
||||
|
||||
if (m_routeMode == Settings::RouteMode::VpnAllSites) {
|
||||
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
|
||||
IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
|
||||
IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
|
||||
}
|
||||
|
||||
IpcClient::Interface()->StopRoutingIpv6();
|
||||
}
|
||||
}
|
||||
setConnectionState(Vpn::ConnectionState::Connected);
|
||||
} else {
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
}
|
||||
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
|
||||
const QString & serv_addr) {
|
||||
qDebug() << "Ikev2Protocol::create_new_vpn()";
|
||||
return true;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::delete_vpn_connection(const QString &vpn_name) {
|
||||
|
||||
return false;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::connect_to_vpn(const QString &vpn_name) {
|
||||
IpcClient::Interface()->startIPsec(vpn_name);
|
||||
QThread::msleep(3000);
|
||||
return true;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::disconnect_vpn() {
|
||||
IpcClient::Interface()->stopIPsec("ikev2-vpn");
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
IpcClient::Interface()->StartRoutingIpv6();
|
||||
return true;
|
||||
}
|
||||
@@ -0,0 +1,51 @@
|
||||
#ifndef IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
#define IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
|
||||
#include <QObject>
|
||||
#include <QProcess>
|
||||
#include <QString>
|
||||
#include <QTemporaryFile>
|
||||
#include <QTimer>
|
||||
|
||||
#include "vpnprotocol.h"
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <atomic>
|
||||
#include <thread>
|
||||
#include <condition_variable>
|
||||
#include <mutex>
|
||||
|
||||
class Ikev2Protocol : public VpnProtocol
|
||||
{
|
||||
Q_OBJECT
|
||||
|
||||
public:
|
||||
explicit Ikev2Protocol(const QJsonObject& configuration, QObject* parent = nullptr);
|
||||
virtual ~Ikev2Protocol() override;
|
||||
|
||||
ErrorCode start() override;
|
||||
void stop() override;
|
||||
|
||||
static QString tunnelName() { return "AmneziaVPN IKEv2"; }
|
||||
|
||||
|
||||
private:
|
||||
void readIkev2Configuration(const QJsonObject &configuration);
|
||||
|
||||
private:
|
||||
QJsonObject m_config;
|
||||
QString m_remoteAddress;
|
||||
int m_routeMode;
|
||||
|
||||
|
||||
bool create_new_vpn(const QString & vpn_name,
|
||||
const QString & serv_addr);
|
||||
bool delete_vpn_connection(const QString &vpn_name);
|
||||
|
||||
bool connect_to_vpn(const QString & vpn_name);
|
||||
bool disconnect_vpn();
|
||||
};
|
||||
|
||||
|
||||
#endif // IKEV2_VPN_PROTOCOL_LINUX_H
|
||||
@@ -0,0 +1,45 @@
|
||||
#pragma once
|
||||
|
||||
#include <QObject>
|
||||
#include <QTimer>
|
||||
|
||||
|
||||
#include "openvpnprotocol.h"
|
||||
|
||||
|
||||
class Ikev2Protocol : public VpnProtocol
|
||||
{
|
||||
Q_OBJECT
|
||||
public:
|
||||
explicit Ikev2Protocol(const QJsonObject& configuration, QObject* parent = nullptr);
|
||||
virtual ~Ikev2Protocol() override;
|
||||
|
||||
void readIkev2Configuration(const QJsonObject &configuration);
|
||||
bool create_new_vpn(const QString &vpn_name, const QString &serv_addr);
|
||||
bool delete_vpn_connection(const QString &vpn_name);
|
||||
bool connect_to_vpn(const QString & vpn_name);
|
||||
bool disconnect_vpn();
|
||||
void closeWindscribeActiveConnection();
|
||||
ErrorCode start() override;
|
||||
void stop() override;
|
||||
|
||||
static QString tunnelName() { return "AmneziaVPN IKEv2"; }
|
||||
|
||||
private slots:
|
||||
void handleNotificationImpl(int status);
|
||||
|
||||
private:
|
||||
mutable QRecursiveMutex mutex_;
|
||||
void *notificationId_;
|
||||
QJsonObject m_config;
|
||||
QJsonObject m_ikev2_config;
|
||||
|
||||
QString ipsecAdapterName_;
|
||||
|
||||
bool isConnectingStateReachedAfterStartingConnection_;
|
||||
|
||||
void handleNotification(void *notification);
|
||||
bool isFailedAuthError(QMap<time_t, QString> &logs);
|
||||
bool isSocketError(QMap<time_t, QString> &logs);
|
||||
bool setCustomDns(const QString &overrideDnsIpAddress);
|
||||
};
|
||||
@@ -0,0 +1,397 @@
|
||||
#include "ikev2_vpn_protocol_mac.h"
|
||||
|
||||
#include <core/networkUtilities.h>
|
||||
#include <SystemConfiguration/SCSchemaDefinitions.h>
|
||||
#include <SystemConfiguration/SCNetwork.h>
|
||||
#include <SystemConfiguration/SCNetworkConnection.h>
|
||||
#include <SystemConfiguration/SCNetworkConfiguration.h>
|
||||
#import <NetworkExtension/NetworkExtension.h>
|
||||
#import <Foundation/Foundation.h>
|
||||
#include <QWaitCondition>
|
||||
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
#include <sys/sysctl.h>
|
||||
#include <netinet/in.h>
|
||||
#include <net/if.h>
|
||||
#include <net/route.h>
|
||||
|
||||
static NSString * const IKEv2ServiceName = @"AmneziaVPN IKEv2";
|
||||
|
||||
static Ikev2Protocol* self = nullptr;
|
||||
|
||||
Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) :
|
||||
VpnProtocol(configuration, parent)
|
||||
{
|
||||
qDebug() << "IpsecProtocol::IpsecProtocol()";
|
||||
m_routeGateway = NetworkUtilities::getGatewayAndIface();
|
||||
self = this;
|
||||
readIkev2Configuration(configuration);
|
||||
}
|
||||
|
||||
Ikev2Protocol::~Ikev2Protocol()
|
||||
{
|
||||
qDebug() << "IpsecProtocol::~IpsecProtocol()";
|
||||
disconnect_vpn();
|
||||
QThread::msleep(1000);
|
||||
Ikev2Protocol::stop();
|
||||
}
|
||||
|
||||
void Ikev2Protocol::stop()
|
||||
{
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
qDebug() << "IpsecProtocol::stop()";
|
||||
}
|
||||
|
||||
void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
|
||||
{
|
||||
qDebug() << "IpsecProtocol::readIkev2Configuration";
|
||||
m_config = configuration;
|
||||
auto ikev2_data = m_config.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
m_ikev2_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
|
||||
|
||||
}
|
||||
|
||||
CFDataRef CreatePersistentRefForIdentity(SecIdentityRef identity)
|
||||
{
|
||||
CFTypeRef persistent_ref = NULL;
|
||||
const void *keys[] = { kSecReturnPersistentRef, kSecValueRef };
|
||||
const void *values[] = { kCFBooleanTrue, identity };
|
||||
CFDictionaryRef dict = CFDictionaryCreate(NULL, keys, values,
|
||||
sizeof(keys) / sizeof(*keys), NULL, NULL);
|
||||
|
||||
if (SecItemCopyMatching(dict, &persistent_ref) != 0) {
|
||||
SecItemAdd(dict, &persistent_ref);
|
||||
}
|
||||
|
||||
if (dict)
|
||||
CFRelease(dict);
|
||||
|
||||
return (CFDataRef)persistent_ref;
|
||||
}
|
||||
|
||||
NSData *searchKeychainCopyMatching(const char *certName)
|
||||
{
|
||||
NSMutableDictionary *dict = [[NSMutableDictionary alloc] init];
|
||||
[dict setObject:(__bridge id)kSecClassCertificate forKey:(__bridge id)kSecClass];
|
||||
[dict setObject:[NSString stringWithUTF8String:certName] forKey:(__bridge id)kSecAttrLabel];
|
||||
[dict setObject:(__bridge id)kSecMatchLimitOne forKey:(__bridge id)kSecMatchLimit];
|
||||
[dict setObject:@YES forKey:(__bridge id)kSecReturnPersistentRef];
|
||||
|
||||
CFTypeRef result = NULL;
|
||||
SecItemCopyMatching((__bridge CFDictionaryRef)dict, &result);
|
||||
|
||||
return (NSData *)result;
|
||||
}
|
||||
|
||||
ErrorCode Ikev2Protocol::start()
|
||||
{
|
||||
|
||||
qDebug() << "IpsecProtocol::start";
|
||||
|
||||
static QMutex mutexLocal;
|
||||
mutexLocal.lock();
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
NEVPNManager *manager = [NEVPNManager sharedManager];
|
||||
|
||||
[manager loadFromPreferencesWithCompletionHandler:^(NSError *err)
|
||||
{
|
||||
mutexLocal.lock();
|
||||
|
||||
if (err)
|
||||
{
|
||||
qDebug() << "First load vpn preferences failed:" << QString::fromNSString(err.localizedDescription);
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
mutexLocal.unlock();
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
NSData *output = NULL;
|
||||
|
||||
BIO *ibio, *obio = NULL;
|
||||
BUF_MEM *bptr;
|
||||
|
||||
STACK_OF(X509) *certstack = sk_X509_new_null();
|
||||
BIO *p12 = BIO_new(BIO_s_mem());
|
||||
|
||||
EVP_PKEY *pkey;
|
||||
X509 *cert;
|
||||
|
||||
BIO_write(p12, QByteArray::fromBase64(m_ikev2_config[config_key::cert].toString().toUtf8()),
|
||||
QByteArray::fromBase64(m_ikev2_config[config_key::cert].toString().toUtf8()).size());
|
||||
|
||||
PKCS12 *pkcs12 = d2i_PKCS12_bio(p12, NULL);
|
||||
PKCS12_parse(pkcs12, m_ikev2_config[config_key::password].toString().toStdString().c_str(), &pkey, &cert, &certstack);
|
||||
|
||||
// We output everything in PEM
|
||||
obio = BIO_new(BIO_s_mem());
|
||||
|
||||
// TODO: support protecting the private key with a PEM passphrase
|
||||
if (pkey)
|
||||
{
|
||||
PEM_write_bio_PrivateKey(obio, pkey, NULL, NULL, 0, NULL, NULL);
|
||||
}
|
||||
|
||||
if (cert)
|
||||
{
|
||||
PEM_write_bio_X509(obio, cert);
|
||||
}
|
||||
|
||||
if (certstack && sk_X509_num(certstack))
|
||||
{
|
||||
for (int i = 0; i < sk_X509_num(certstack); i++)
|
||||
PEM_write_bio_X509_AUX(obio, sk_X509_value(certstack, i));
|
||||
}
|
||||
|
||||
BIO_get_mem_ptr(obio, &bptr);
|
||||
|
||||
output = [NSData dataWithBytes: bptr->data length: bptr->length];
|
||||
|
||||
NSData *PKCS12Data = [[NSData alloc] initWithBase64EncodedString:m_ikev2_config[config_key::cert].toString().toNSString() options:0];
|
||||
|
||||
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
|
||||
OSStatus ret = SecPKCS12Import(
|
||||
(__bridge CFDataRef)output,
|
||||
(__bridge CFDictionaryRef)@{(id)kSecImportExportPassphrase:@""},
|
||||
&items);
|
||||
|
||||
if (ret != errSecSuccess) {
|
||||
qDebug() << "import err ret " << ret;
|
||||
}
|
||||
|
||||
NSDictionary *firstItem = [(__bridge_transfer NSArray *)items firstObject];
|
||||
SecIdentityRef identity = (__bridge SecIdentityRef)(firstItem[(__bridge id)kSecImportItemIdentity]);
|
||||
|
||||
NEVPNProtocolIKEv2 *protocol = [[NEVPNProtocolIKEv2 alloc] init];
|
||||
protocol.serverAddress = m_ikev2_config.value(amnezia::config_key::hostName).toString().toNSString();
|
||||
protocol.certificateType = NEVPNIKEv2CertificateTypeRSA;
|
||||
|
||||
protocol.remoteIdentifier = m_ikev2_config.value(amnezia::config_key::hostName).toString().toNSString();
|
||||
protocol.authenticationMethod = NEVPNIKEAuthenticationMethodCertificate;
|
||||
protocol.identityReference = searchKeychainCopyMatching(m_ikev2_config.value(amnezia::config_key::userName).toString().toLocal8Bit().data());
|
||||
|
||||
protocol.useExtendedAuthentication = NO;
|
||||
protocol.enablePFS = YES;
|
||||
|
||||
protocol.IKESecurityAssociationParameters.encryptionAlgorithm = NEVPNIKEv2EncryptionAlgorithmAES256;
|
||||
protocol.IKESecurityAssociationParameters.diffieHellmanGroup = NEVPNIKEv2DiffieHellmanGroup19;
|
||||
protocol.IKESecurityAssociationParameters.integrityAlgorithm = NEVPNIKEv2IntegrityAlgorithmSHA256;
|
||||
protocol.IKESecurityAssociationParameters.lifetimeMinutes = 1440;
|
||||
|
||||
protocol.childSecurityAssociationParameters.encryptionAlgorithm = NEVPNIKEv2EncryptionAlgorithmAES256;
|
||||
protocol.childSecurityAssociationParameters.diffieHellmanGroup = NEVPNIKEv2DiffieHellmanGroup19;
|
||||
protocol.childSecurityAssociationParameters.integrityAlgorithm = NEVPNIKEv2IntegrityAlgorithmSHA256;
|
||||
protocol.childSecurityAssociationParameters.lifetimeMinutes = 1440;
|
||||
|
||||
[manager setEnabled:YES];
|
||||
[manager setProtocolConfiguration:(protocol)];
|
||||
[manager setOnDemandEnabled:NO];
|
||||
[manager setLocalizedDescription:@"Amnezia VPN"];
|
||||
|
||||
#ifdef QT_DEBUG
|
||||
NSString *strProtocol = [NSString stringWithFormat:@"{Protocol: %@", protocol];
|
||||
qDebug() << QString::fromNSString(strProtocol);
|
||||
#endif
|
||||
|
||||
// do config stuff
|
||||
[manager saveToPreferencesWithCompletionHandler:^(NSError *err)
|
||||
{
|
||||
if (err)
|
||||
{
|
||||
qDebug() << "First save vpn preferences failed:" << QString::fromNSString(err.localizedDescription);
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
mutexLocal.unlock();
|
||||
}
|
||||
else
|
||||
{
|
||||
// load and save preferences again, otherwise Mac bug (https://forums.developer.apple.com/thread/25928)
|
||||
[manager loadFromPreferencesWithCompletionHandler:^(NSError *err)
|
||||
{
|
||||
if (err)
|
||||
{
|
||||
qDebug() << "Second load vpn preferences failed:" << QString::fromNSString(err.localizedDescription);
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
mutexLocal.unlock();
|
||||
}
|
||||
else
|
||||
{
|
||||
[manager saveToPreferencesWithCompletionHandler:^(NSError *err)
|
||||
{
|
||||
if (err)
|
||||
{
|
||||
qDebug() << "Second Save vpn preferences failed:" << QString::fromNSString(err.localizedDescription);
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
mutexLocal.unlock();
|
||||
}
|
||||
else
|
||||
{
|
||||
notificationId_ = [[NSNotificationCenter defaultCenter] addObserverForName: (NSString *)NEVPNStatusDidChangeNotification object: manager.connection queue: nil usingBlock: ^ (NSNotification *notification)
|
||||
{
|
||||
this->handleNotification(notification);
|
||||
}];
|
||||
|
||||
qDebug() << "NEVPNConnection current status:" << (int)manager.connection.status;
|
||||
|
||||
NSError *startError;
|
||||
[manager.connection startVPNTunnelAndReturnError:&startError];
|
||||
if (startError)
|
||||
{
|
||||
qDebug() << "Error starting ikev2 connection:" << QString::fromNSString(startError.localizedDescription);
|
||||
[[NSNotificationCenter defaultCenter] removeObserver: (id)notificationId_ name: (NSString *)NEVPNStatusDidChangeNotification object: manager.connection];
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
}
|
||||
mutexLocal.unlock();
|
||||
}
|
||||
}];
|
||||
}
|
||||
}];
|
||||
}
|
||||
}];
|
||||
}
|
||||
}];
|
||||
|
||||
mutexLocal.unlock();
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Connected);
|
||||
return ErrorCode::NoError;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
|
||||
const QString & serv_addr) {
|
||||
qDebug() << "Ikev2Protocol::create_new_vpn()";
|
||||
return true;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::delete_vpn_connection(const QString &vpn_name) {
|
||||
|
||||
return false;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::connect_to_vpn(const QString & vpn_name) {
|
||||
return false;
|
||||
}
|
||||
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
bool Ikev2Protocol::disconnect_vpn() {
|
||||
|
||||
NEVPNManager *manager = [NEVPNManager sharedManager];
|
||||
|
||||
// #713: If user had started connecting to IKev2 on Mac and quickly started after this connecting to Wireguard
|
||||
|
||||
// then manager.connection.status doesn't have time to change to NEVPNStatusConnecting
|
||||
// and remains NEVPNStatusDisconnected as it was before connection tries.
|
||||
// Then we should check below isConnectingStateReachedAfterStartingConnection_ flag to be sure that connecting started.
|
||||
// Without this check we will start connecting to the Wireguard when IKEv2 connecting process hasn't finished yet.
|
||||
if (manager.connection.status == NEVPNStatusDisconnected && isConnectingStateReachedAfterStartingConnection_)
|
||||
{
|
||||
[[NSNotificationCenter defaultCenter] removeObserver: (id)notificationId_ name: (NSString *)NEVPNStatusDidChangeNotification object: manager.connection];
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
}
|
||||
else
|
||||
{
|
||||
[manager.connection stopVPNTunnel];
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
void Ikev2Protocol::closeWindscribeActiveConnection()
|
||||
{
|
||||
|
||||
NEVPNManager *manager = [NEVPNManager sharedManager];
|
||||
if (manager)
|
||||
{
|
||||
[manager loadFromPreferencesWithCompletionHandler:^(NSError *err)
|
||||
{
|
||||
if (!err)
|
||||
{
|
||||
NEVPNConnection * connection = [manager connection];
|
||||
if (connection.status == NEVPNStatusConnected || connection.status == NEVPNStatusConnecting)
|
||||
{
|
||||
if ([manager.localizedDescription isEqualToString:@"Amnezia VPN"] == YES)
|
||||
{
|
||||
qDebug() << "Previous IKEv2 connection is active. Stop it.";
|
||||
[connection stopVPNTunnel];
|
||||
}
|
||||
}
|
||||
}
|
||||
}];
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
void Ikev2Protocol::handleNotificationImpl(int status)
|
||||
{
|
||||
QMutexLocker locker(&mutex_);
|
||||
|
||||
NEVPNManager *manager = [NEVPNManager sharedManager];
|
||||
|
||||
if (status == NEVPNStatusInvalid)
|
||||
{
|
||||
qDebug() << "Connection status changed: NEVPNStatusInvalid";
|
||||
[[NSNotificationCenter defaultCenter] removeObserver: (id)notificationId_ name: (NSString *)NEVPNStatusDidChangeNotification object: manager.connection];
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
}
|
||||
else if (status == NEVPNStatusDisconnected)
|
||||
{
|
||||
qDebug() << "Connection status changed: NEVPNStatusDisconnected";
|
||||
IpcClient::Interface()->disableKillSwitch();
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Disconnected);
|
||||
[[NSNotificationCenter defaultCenter] removeObserver: (id)notificationId_ name: (NSString *)NEVPNStatusDidChangeNotification object: manager.connection];
|
||||
|
||||
}
|
||||
else if (status == NEVPNStatusConnecting)
|
||||
{
|
||||
isConnectingStateReachedAfterStartingConnection_ = true;
|
||||
setConnectionState(Vpn::ConnectionState::Connecting);
|
||||
qDebug() << "Connection status changed: NEVPNStatusConnecting";
|
||||
}
|
||||
else if (status == NEVPNStatusConnected)
|
||||
{
|
||||
qDebug() << "Connection status changed: NEVPNStatusConnected";
|
||||
|
||||
QString ipsecAdapterName_ = NetworkUtilities::lastConnectedNetworkInterfaceName();
|
||||
m_vpnLocalAddress = NetworkUtilities::ipAddressByInterfaceName(ipsecAdapterName_);
|
||||
m_vpnGateway = m_vpnLocalAddress;
|
||||
|
||||
QList<QHostAddress> dnsAddr;
|
||||
dnsAddr.push_back(QHostAddress(m_config.value(config_key::dns1).toString()));
|
||||
dnsAddr.push_back(QHostAddress(m_config.value(config_key::dns2).toString()));
|
||||
|
||||
IpcClient::Interface()->updateResolvers(ipsecAdapterName_, dnsAddr);
|
||||
|
||||
if (QVariant(m_config.value(config_key::killSwitchOption).toString()).toBool()) {
|
||||
qDebug() << "enable killswitch";
|
||||
IpcClient::Interface()->enableKillSwitch(m_config, 0);
|
||||
}
|
||||
|
||||
setConnectionState(Vpn::ConnectionState::Connected);
|
||||
}
|
||||
else if (status == NEVPNStatusReasserting)
|
||||
{
|
||||
qDebug() << "Connection status changed: NEVPNStatusReasserting";
|
||||
setConnectionState(Vpn::ConnectionState::Connecting);
|
||||
}
|
||||
else if (status == NEVPNStatusDisconnecting)
|
||||
{
|
||||
qDebug() << "Connection status changed: NEVPNStatusDisconnecting";
|
||||
setConnectionState(Vpn::ConnectionState::Disconnecting);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
void Ikev2Protocol::handleNotification(void *notification)
|
||||
{
|
||||
QMutexLocker locker(&mutex_);
|
||||
NSNotification *nsNotification = (NSNotification *)notification;
|
||||
NEVPNConnection *connection = nsNotification.object;
|
||||
QMetaObject::invokeMethod(this, "handleNotificationImpl", Q_ARG(int, (int)connection.status));
|
||||
}
|
||||
|
||||
@@ -172,7 +172,8 @@ void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE
|
||||
|
||||
void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
|
||||
{
|
||||
m_config = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
QJsonObject ikev2_data = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
|
||||
m_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
|
||||
}
|
||||
|
||||
ErrorCode Ikev2Protocol::start()
|
||||
|
||||
@@ -24,6 +24,7 @@ namespace amnezia
|
||||
constexpr char description[] = "description";
|
||||
constexpr char name[] = "name";
|
||||
constexpr char cert[] = "cert";
|
||||
constexpr char cacert[] = "cacert";
|
||||
constexpr char config[] = "config";
|
||||
|
||||
constexpr char containers[] = "containers";
|
||||
|
||||
@@ -16,6 +16,14 @@
|
||||
#include "ikev2_vpn_protocol_windows.h"
|
||||
#endif
|
||||
|
||||
#ifdef Q_OS_LINUX
|
||||
#include "ikev2_vpn_protocol_linux.h"
|
||||
#endif
|
||||
|
||||
#ifdef Q_OS_MACX
|
||||
#include "ikev2_vpn_protocol_mac.h"
|
||||
#endif
|
||||
|
||||
VpnProtocol::VpnProtocol(const QJsonObject &configuration, QObject *parent)
|
||||
: QObject(parent),
|
||||
m_connectionState(Vpn::ConnectionState::Unknown),
|
||||
@@ -106,10 +114,7 @@ QString VpnProtocol::vpnGateway() const
|
||||
VpnProtocol *VpnProtocol::factory(DockerContainer container, const QJsonObject &configuration)
|
||||
{
|
||||
switch (container) {
|
||||
#if defined(Q_OS_WINDOWS)
|
||||
case DockerContainer::Ipsec: return new Ikev2Protocol(configuration);
|
||||
#endif
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_MACX) and !defined MACOS_NE || (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID))
|
||||
#if defined(Q_OS_WINDOWS) || defined(Q_OS_MACX) && !defined(MACOS_NE) || (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID))
|
||||
case DockerContainer::OpenVpn: return new OpenVpnProtocol(configuration);
|
||||
case DockerContainer::Cloak: return new OpenVpnOverCloakProtocol(configuration);
|
||||
case DockerContainer::ShadowSocks: return new ShadowSocksVpnProtocol(configuration);
|
||||
@@ -117,6 +122,7 @@ VpnProtocol *VpnProtocol::factory(DockerContainer container, const QJsonObject &
|
||||
case DockerContainer::Awg: return new WireguardProtocol(configuration);
|
||||
case DockerContainer::Xray: return new XrayProtocol(configuration);
|
||||
case DockerContainer::SSXray: return new XrayProtocol(configuration);
|
||||
case DockerContainer::Ipsec: return new Ikev2Protocol(configuration);
|
||||
#endif
|
||||
default: return nullptr;
|
||||
}
|
||||
|
||||
@@ -77,6 +77,7 @@
|
||||
<file>server_scripts/ipsec/mobileconfig.plist</file>
|
||||
<file>server_scripts/ipsec/run_container.sh</file>
|
||||
<file>server_scripts/ipsec/start.sh</file>
|
||||
<file>server_scripts/ipsec/template.conf</file>
|
||||
<file>server_scripts/ipsec/strongswan.profile</file>
|
||||
<file>server_scripts/openvpn_cloak/configure_container.sh</file>
|
||||
<file>server_scripts/openvpn_cloak/Dockerfile</file>
|
||||
@@ -229,7 +230,6 @@
|
||||
<file>ui/qml/Pages2/PageShare.qml</file>
|
||||
<file>ui/qml/Pages2/PageShareFullAccess.qml</file>
|
||||
<file>ui/qml/Pages2/PageShareConnection.qml</file>
|
||||
<file>ui/qml/Pages2/PageTransferConfigViaQR.qml</file>
|
||||
<file>ui/qml/Pages2/PageStart.qml</file>
|
||||
<file>ui/qml/Components/RenameServerDrawer.qml</file>
|
||||
<file>ui/qml/Controls2/ListViewType.qml</file>
|
||||
@@ -237,11 +237,7 @@
|
||||
<file>ui/qml/Pages2/PageSettingsApiInstructions.qml</file>
|
||||
<file>ui/qml/Pages2/PageSettingsApiNativeConfigs.qml</file>
|
||||
<file>ui/qml/Pages2/PageSettingsApiDevices.qml</file>
|
||||
<file>ui/qml/Pages2/PageSettingsApiDevicesLimit.qml</file>
|
||||
<file>ui/qml/Pages2/PageSettingsApiAddDeviceScan.qml</file>
|
||||
<file>ui/qml/Pages2/PageSettingsApiAddDeviceConfirm.qml</file>
|
||||
<file>images/controls/monitor.svg</file>
|
||||
<file>images/controls/monitor-with-phone.svg</file>
|
||||
<file>ui/qml/Components/ApiPremV1MigrationDrawer.qml</file>
|
||||
<file>ui/qml/Components/ApiPremV1SubListDrawer.qml</file>
|
||||
<file>ui/qml/Components/OtpCodeDrawer.qml</file>
|
||||
|
||||
@@ -242,6 +242,7 @@ conn ikev2-cp
|
||||
dpdtimeout=120
|
||||
dpdaction=clear
|
||||
auto=add
|
||||
authby=rsa-sha1
|
||||
ikev2=insist
|
||||
rekey=no
|
||||
pfs=yes
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
config setup
|
||||
charondebug="ike 1, knl 1, cfg 0"
|
||||
uniqueids=no
|
||||
|
||||
conn ikev2-vpn
|
||||
auto=add
|
||||
type=tunnel
|
||||
keyexchange=ikev2
|
||||
fragmentation=yes
|
||||
forceencaps=yes
|
||||
dpdaction=clear
|
||||
dpddelay=300s
|
||||
rekey=no
|
||||
leftid=$CLIENT_NAME
|
||||
leftcert=$CLIENT_NAME.crt
|
||||
leftdns=$PRIMARY_DNS,$SECONDARY_DNS
|
||||
leftsendcert=always
|
||||
leftsourceip=%config
|
||||
right=$SERVER_IP_ADDRESS
|
||||
rightsubnet=0.0.0.0/0
|
||||
rightsendcert=never
|
||||
eap_identity=%identity
|
||||
encapsulation=yes
|
||||
pfs=yes
|
||||
ike=aes256-sha256-modp2048,aes256-sha1-modp1024,3des-sha1-modp1024
|
||||
esp=aes256-sha256,aes256-sha1,3des-sha1
|
||||
|
||||
|
||||
@@ -584,26 +584,7 @@ bool ImportController::decodeQrCode(const QString &code)
|
||||
mInstance->m_totalQrCodeChunksCount = 0;
|
||||
mInstance->m_receivedQrCodeChunksCount = 0;
|
||||
}
|
||||
|
||||
// First, try transferController QR (plain JSON payload).
|
||||
QJsonParseError err;
|
||||
const QJsonDocument doc = QJsonDocument::fromJson(code.toUtf8(), &err);
|
||||
if (err.error == QJsonParseError::NoError && doc.isObject()) {
|
||||
const QJsonObject obj = doc.object();
|
||||
if (obj.contains(QStringLiteral("gw"))
|
||||
&& (obj.contains(QStringLiteral("uuid")) || obj.contains(QStringLiteral("u")))) {
|
||||
// это наш QR для передачи устройства
|
||||
mInstance->m_isQrCodeProcessed = false;
|
||||
emit mInstance->transferQrDecoded(code);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
if (mInstance->parseQrCodeChunk(code)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
return mInstance->parseQrCodeChunk(code);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
@@ -57,7 +57,6 @@ signals:
|
||||
void importErrorOccurred(ErrorCode errorCode, bool goToPageHome);
|
||||
|
||||
void qrDecodingFinished();
|
||||
void transferQrDecoded(const QString &code);
|
||||
|
||||
void restoreAppConfig(const QByteArray &data);
|
||||
|
||||
|
||||
@@ -38,9 +38,6 @@ namespace PageLoader
|
||||
PageSettingsApiInstructions,
|
||||
PageSettingsApiNativeConfigs,
|
||||
PageSettingsApiDevices,
|
||||
PageSettingsApiDevicesLimit,
|
||||
PageSettingsApiAddDeviceConfirm,
|
||||
PageSettingsApiAddDeviceScan,
|
||||
PageSettingsApiSubscriptionKey,
|
||||
PageSettingsKillSwitchExceptions,
|
||||
|
||||
@@ -76,7 +73,6 @@ namespace PageLoader
|
||||
|
||||
PageShareFullAccess,
|
||||
PageShareConnection,
|
||||
PageTransferConfigViaQR,
|
||||
|
||||
PageDevMenu
|
||||
};
|
||||
|
||||
@@ -1,344 +0,0 @@
|
||||
#include "transferController.h"
|
||||
|
||||
#include <QVariant>
|
||||
#include <QJsonParseError>
|
||||
#include <QDebug>
|
||||
#include <qeventloop.h>
|
||||
#include <QNetworkProxyFactory>
|
||||
#include <QNetworkProxyQuery>
|
||||
#include <QUrl>
|
||||
#include "core/api/apiUtils.h"
|
||||
#include "core/qrCodeUtils.h"
|
||||
|
||||
#include "amnezia_application.h"
|
||||
#include "settings.h"
|
||||
#include "ui/models/servers_model.h"
|
||||
#include "ui/controllers/exportController.h"
|
||||
#include "ui/controllers/importController.h"
|
||||
#include "core/api/apiDefs.h"
|
||||
#include "core/controllers/gatewayController.h"
|
||||
#include "core/errorstrings.h"
|
||||
|
||||
namespace {
|
||||
void logSystemProxiesForUrl(const QString &urlStr)
|
||||
{
|
||||
const QUrl url(urlStr);
|
||||
const QList<QNetworkProxy> proxies = QNetworkProxyFactory::systemProxyForQuery(QNetworkProxyQuery(url));
|
||||
QStringList proxyDesc;
|
||||
proxyDesc.reserve(proxies.size());
|
||||
for (const auto &p : proxies) {
|
||||
proxyDesc << QStringLiteral("%1 %2:%3")
|
||||
.arg(p.type() == QNetworkProxy::NoProxy ? QStringLiteral("NoProxy")
|
||||
: p.type() == QNetworkProxy::HttpProxy ? QStringLiteral("HttpProxy")
|
||||
: p.type() == QNetworkProxy::Socks5Proxy ? QStringLiteral("Socks5Proxy")
|
||||
: QStringLiteral("Proxy"))
|
||||
.arg(p.hostName())
|
||||
.arg(p.port());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TransferController::TransferController(const std::shared_ptr<Settings> &settings,
|
||||
const QSharedPointer<ServersModel> &serversModel,
|
||||
ExportController *exportController,
|
||||
QObject *parent)
|
||||
: QObject(parent), m_settings(settings), m_serversModel(serversModel), m_exportController(exportController)
|
||||
{
|
||||
}
|
||||
|
||||
void TransferController::handleImportControllerDestroyed()
|
||||
{
|
||||
m_importController = nullptr;
|
||||
stopWaitForConfig();
|
||||
}
|
||||
|
||||
TransferController::~TransferController() {
|
||||
}
|
||||
|
||||
QString TransferController::buildQrPayloadJson(const QString &gatewayUrl, const QString &uuid) const
|
||||
{
|
||||
QJsonObject obj;
|
||||
obj["gw"] = gatewayUrl;
|
||||
obj["uuid"] = uuid;
|
||||
// Used on the sender side for human-friendly notifications (same style as "Active Devices" list).
|
||||
#if defined(Q_OS_ANDROID)
|
||||
obj["name"] = QStringLiteral("Android");
|
||||
#elif defined(Q_OS_IOS)
|
||||
obj["name"] = QStringLiteral("iOS");
|
||||
#elif defined(Q_OS_WIN)
|
||||
obj["name"] = QStringLiteral("Windows");
|
||||
#elif defined(Q_OS_MACOS)
|
||||
obj["name"] = QStringLiteral("macOS");
|
||||
#elif defined(Q_OS_LINUX)
|
||||
obj["name"] = QStringLiteral("Linux");
|
||||
#else
|
||||
obj["name"] = QStringLiteral("Device");
|
||||
#endif
|
||||
return QString::fromUtf8(QJsonDocument(obj).toJson(QJsonDocument::Compact));
|
||||
}
|
||||
|
||||
void TransferController::generateNewQrCode()
|
||||
{
|
||||
QString gw = m_settings->getGatewayEndpoint();
|
||||
if (!gw.endsWith('/')) {
|
||||
gw.append('/');
|
||||
}
|
||||
m_currentUuid = QUuid::createUuid().toString(QUuid::WithoutBraces);
|
||||
|
||||
m_currentPayload = buildQrPayloadJson(gw, m_currentUuid);
|
||||
|
||||
auto qr = qrCodeUtils::generateQrCode(m_currentPayload.toUtf8());
|
||||
const QString svg = QString::fromStdString(toSvgString(qr, 1));
|
||||
m_qrCodeUrl = qrCodeUtils::svgToBase64(svg);
|
||||
emit qrCodeUpdated();
|
||||
emit currentUuidChanged();
|
||||
emit currentPayloadChanged();
|
||||
}
|
||||
|
||||
void TransferController::stopScanner()
|
||||
{
|
||||
emit scannerShouldStop();
|
||||
}
|
||||
|
||||
QString TransferController::getCurrentApiKey(QString *vpnKeyOut) const
|
||||
{
|
||||
const int idx = m_serversModel ? m_serversModel->getProcessedServerIndex() : -1;
|
||||
if (idx < 0 || !m_serversModel) {
|
||||
return QString();
|
||||
}
|
||||
|
||||
const QJsonObject server = m_serversModel->getServerConfig(idx);
|
||||
|
||||
const QJsonObject apiConfig = server.value(apiDefs::key::apiConfig).toObject();
|
||||
const QJsonObject authData = server.value(QStringLiteral("auth_data")).toObject();
|
||||
|
||||
const QString apiKey = authData.value(QStringLiteral("api_key")).toString();
|
||||
|
||||
if (vpnKeyOut) {
|
||||
QString vpnKey = apiConfig.value(apiDefs::key::vpnKey).toString();
|
||||
if (vpnKey.isEmpty()) {
|
||||
vpnKey = apiUtils::getPremiumV1VpnKey(server);
|
||||
}
|
||||
*vpnKeyOut = vpnKey;
|
||||
}
|
||||
|
||||
return apiKey;
|
||||
}
|
||||
|
||||
void TransferController::onTransferQrScanned(const QString &code)
|
||||
{
|
||||
QJsonParseError err;
|
||||
const QJsonDocument doc = QJsonDocument::fromJson(code.toUtf8(), &err);
|
||||
if (err.error != QJsonParseError::NoError || !doc.isObject()) {
|
||||
qWarning() << "TransferController::onTransferQrScanned: invalid QR JSON " << err.errorString();
|
||||
emit postFailed(QStringLiteral("Invalid QR JSON"));
|
||||
return;
|
||||
}
|
||||
|
||||
const QJsonObject obj = doc.object();
|
||||
QString gw = obj.value("gw").toString();
|
||||
const QString uuid = obj.value("uuid").toString();
|
||||
|
||||
if (gw.isEmpty() || uuid.isEmpty()) {
|
||||
qWarning() << "TransferController::onTransferQrScanned: QR missing gw or uuid";
|
||||
emit postFailed(QStringLiteral("QR missing gw or uuid"));
|
||||
return;
|
||||
}
|
||||
if (!gw.endsWith('/')) {
|
||||
gw.append('/');
|
||||
}
|
||||
|
||||
int chosenServerIdx = -1;
|
||||
QString apiKey;
|
||||
QString vpnKey;
|
||||
|
||||
auto tryServerIndex = [&](int idx) -> bool {
|
||||
if (!m_serversModel || idx < 0 || idx >= m_serversModel->getServersCount()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
const QJsonObject server = m_serversModel->getServerConfig(idx);
|
||||
const QJsonObject apiConfig = server.value(apiDefs::key::apiConfig).toObject();
|
||||
const QJsonObject authData = server.value(QStringLiteral("auth_data")).toObject();
|
||||
|
||||
const QString candidateApiKey = authData.value(QStringLiteral("api_key")).toString();
|
||||
QString candidateVpnKey = apiConfig.value(apiDefs::key::vpnKey).toString();
|
||||
if (candidateVpnKey.isEmpty()) {
|
||||
// Fallback for older Premium V1 configs where vpn_key may be derived.
|
||||
candidateVpnKey = apiUtils::getPremiumV1VpnKey(server);
|
||||
}
|
||||
|
||||
const bool candidateIsPremium = apiUtils::isPremiumServer(server);
|
||||
const bool candidateIsFromGatewayApi = m_serversModel->data(idx, ServersModel::IsServerFromGatewayApiRole).toBool();
|
||||
|
||||
if (candidateApiKey.isEmpty() || candidateVpnKey.isEmpty()) {
|
||||
return false;
|
||||
}
|
||||
if (!candidateIsPremium && !candidateIsFromGatewayApi) {
|
||||
return false;
|
||||
}
|
||||
|
||||
chosenServerIdx = idx;
|
||||
apiKey = candidateApiKey;
|
||||
vpnKey = candidateVpnKey;
|
||||
return true;
|
||||
};
|
||||
|
||||
if (m_serversModel) {
|
||||
tryServerIndex(m_serversModel->getProcessedServerIndex());
|
||||
if (chosenServerIdx < 0) {
|
||||
tryServerIndex(m_serversModel->getDefaultServerIndex());
|
||||
}
|
||||
if (chosenServerIdx < 0) {
|
||||
const int n = m_serversModel->getServersCount();
|
||||
for (int i = 0; i < n; i++) {
|
||||
if (tryServerIndex(i)) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (chosenServerIdx < 0) {
|
||||
qWarning() << "TransferController::onTransferQrScanned: no suitable subscription key/config found to send";
|
||||
emit postFailed(QStringLiteral("No subscription key or config to send"));
|
||||
return;
|
||||
}
|
||||
|
||||
emit postStarted();
|
||||
|
||||
const int sendTimeoutMs = 60000;
|
||||
GatewayController gatewayController(gw,
|
||||
m_settings->isDevGatewayEnv(),
|
||||
sendTimeoutMs,
|
||||
m_settings->isStrictKillSwitchEnabled());
|
||||
|
||||
QJsonObject payload;
|
||||
payload.insert(QStringLiteral("uuid"), uuid);
|
||||
payload.insert(QStringLiteral("api_key"), apiKey);
|
||||
payload.insert(QStringLiteral("config"), vpnKey);
|
||||
|
||||
const QString endpoint = QStringLiteral("%1v1/sendConfig");
|
||||
QByteArray responseBody;
|
||||
const QString fullUrl = endpoint.arg(gw);
|
||||
qDebug() << "TransferController::onTransferQrScanned: POST" << fullUrl
|
||||
<< "uuid:" << uuid;
|
||||
logSystemProxiesForUrl(fullUrl);
|
||||
const auto errorCode = gatewayController.post(endpoint, payload, responseBody);
|
||||
qDebug() << "TransferController::onTransferQrScanned: sendConfig finished with code"
|
||||
<< static_cast<int>(errorCode)
|
||||
<< "response size:" << responseBody.size();
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
qWarning() << "TransferController::onTransferQrScanned: sendConfig failed with code" << static_cast<int>(errorCode);
|
||||
emit postFailed(QStringLiteral("sendConfig failed: %1").arg(errorString(errorCode)));
|
||||
return;
|
||||
}
|
||||
|
||||
QJsonParseError parseErr;
|
||||
const QJsonDocument respDoc = QJsonDocument::fromJson(responseBody, &parseErr);
|
||||
if (parseErr.error == QJsonParseError::NoError && respDoc.isObject()
|
||||
&& respDoc.object().value(QStringLiteral("status")).toString() == QStringLiteral("success")) {
|
||||
emit postSucceeded();
|
||||
stopScanner();
|
||||
return;
|
||||
}
|
||||
|
||||
qWarning() << "TransferController::onTransferQrScanned: unexpected gateway response:" << responseBody;
|
||||
emit postFailed(QStringLiteral("Gateway response error"));
|
||||
}
|
||||
|
||||
QString TransferController::qrCodeUrl() const
|
||||
{
|
||||
return m_qrCodeUrl;
|
||||
}
|
||||
|
||||
void TransferController::startWaitForConfig(ImportController *importController)
|
||||
{
|
||||
QString gw = m_settings->getGatewayEndpoint();
|
||||
if (!gw.endsWith(QLatin1Char('/'))) {
|
||||
gw.append(QLatin1Char('/'));
|
||||
}
|
||||
|
||||
const QString uuid = m_currentUuid;
|
||||
|
||||
if (uuid.isEmpty()) {
|
||||
qWarning() << "TransferController::startWaitForConfig: no uuid";
|
||||
emit waitError(QStringLiteral("No UUID"));
|
||||
return;
|
||||
}
|
||||
|
||||
m_importController = importController;
|
||||
if (m_importController) {
|
||||
connect(m_importController, &ImportController::destroyed,
|
||||
this,
|
||||
&TransferController::handleImportControllerDestroyed,
|
||||
Qt::UniqueConnection);
|
||||
}
|
||||
|
||||
const int waitTimeoutMs = 60000;
|
||||
|
||||
QJsonObject payload;
|
||||
payload.insert(QStringLiteral("uuid"), uuid);
|
||||
|
||||
GatewayController gatewayController(gw,
|
||||
m_settings->isDevGatewayEnv(),
|
||||
waitTimeoutMs,
|
||||
m_settings->isStrictKillSwitchEnabled());
|
||||
|
||||
const QString endpoint = QStringLiteral("%1v1/waitConfig");
|
||||
QByteArray responseBody;
|
||||
const QString fullUrl = endpoint.arg(gw);
|
||||
logSystemProxiesForUrl(fullUrl);
|
||||
const auto errorCode = gatewayController.post(endpoint, payload, responseBody);
|
||||
|
||||
if (errorCode != ErrorCode::NoError) {
|
||||
qWarning() << "TransferController::startWaitForConfig: waitConfig failed with code" << static_cast<int>(errorCode);
|
||||
emit waitError(QStringLiteral("waitConfig failed (%1)").arg(static_cast<int>(errorCode)));
|
||||
return;
|
||||
}
|
||||
|
||||
if (!m_importController) {
|
||||
qWarning() << "TransferController::startWaitForConfig: import controller is null";
|
||||
emit waitError(QStringLiteral("Import Controller destroyed"));
|
||||
return;
|
||||
}
|
||||
|
||||
QJsonParseError parseErr;
|
||||
const QJsonDocument respDoc = QJsonDocument::fromJson(responseBody, &parseErr);
|
||||
if (parseErr.error != QJsonParseError::NoError || !respDoc.isObject()) {
|
||||
qWarning() << "TransferController::startWaitForConfig: invalid JSON response:" << responseBody;
|
||||
emit waitError(QStringLiteral("Invalid gateway response"));
|
||||
return;
|
||||
}
|
||||
const QJsonObject respObj = respDoc.object();
|
||||
const QString status = respObj.value(QStringLiteral("status")).toString();
|
||||
const QString configStr = respObj.value(QStringLiteral("config")).toString();
|
||||
if (status != QStringLiteral("success")) {
|
||||
qWarning() << "TransferController::startWaitForConfig: gateway status not success:" << status;
|
||||
emit waitError(QStringLiteral("Gateway error"));
|
||||
return;
|
||||
}
|
||||
if (configStr.isEmpty()) {
|
||||
emit waitError(QStringLiteral("Empty config"));
|
||||
return;
|
||||
}
|
||||
if (configStr == QStringLiteral("timeout")) {
|
||||
emit waitError(QStringLiteral("Timeout"));
|
||||
return;
|
||||
}
|
||||
|
||||
if (!m_importController->extractConfigFromData(configStr)) {
|
||||
qWarning() << "TransferController::startWaitForConfig: failed to parse config string";
|
||||
emit waitError(QStringLiteral("Invalid config payload"));
|
||||
return;
|
||||
}
|
||||
|
||||
m_importController->importConfig();
|
||||
emit configApplied();
|
||||
}
|
||||
void TransferController::stopWaitForConfig()
|
||||
{
|
||||
qDebug() << "TransferController::stopWaitForConfig: stop flag set";
|
||||
}
|
||||
|
||||
@@ -1,77 +0,0 @@
|
||||
#ifndef TRANSFERCONTROLLER_H
|
||||
#define TRANSFERCONTROLLER_H
|
||||
|
||||
#include <QObject>
|
||||
#include <QScopedPointer>
|
||||
#include <QJsonObject>
|
||||
#include <QJsonDocument>
|
||||
#include <QUuid>
|
||||
|
||||
class Settings;
|
||||
class ServersModel;
|
||||
class ExportController;
|
||||
class ImportController;
|
||||
|
||||
class TransferController : public QObject
|
||||
{
|
||||
Q_OBJECT
|
||||
|
||||
Q_PROPERTY(QString qrCodeUrl READ qrCodeUrl NOTIFY qrCodeUpdated)
|
||||
Q_PROPERTY(QString pendingQrCode READ pendingQrCode WRITE setPendingQrCode NOTIFY pendingQrCodeChanged)
|
||||
Q_PROPERTY(QString currentUuid READ currentUuid NOTIFY currentUuidChanged)
|
||||
Q_PROPERTY(QString currentPayload READ currentPayload NOTIFY currentPayloadChanged)
|
||||
|
||||
public:
|
||||
explicit TransferController(const std::shared_ptr<Settings> &settings,
|
||||
const QSharedPointer<ServersModel> &serversModel,
|
||||
ExportController *exportController,
|
||||
QObject *parent = nullptr);
|
||||
~TransferController() override;
|
||||
|
||||
Q_INVOKABLE void generateNewQrCode();
|
||||
|
||||
Q_INVOKABLE void stopScanner();
|
||||
Q_INVOKABLE void onTransferQrScanned(const QString &code);
|
||||
|
||||
Q_INVOKABLE void setPendingQrCode(const QString &code) { m_pendingQrCode = code; emit pendingQrCodeChanged(); }
|
||||
QString pendingQrCode() const { return m_pendingQrCode; }
|
||||
|
||||
Q_INVOKABLE void startWaitForConfig(ImportController *importController);
|
||||
Q_INVOKABLE void stopWaitForConfig();
|
||||
|
||||
QString qrCodeUrl() const;
|
||||
QString currentUuid() const { return m_currentUuid; }
|
||||
QString currentPayload() const { return m_currentPayload; }
|
||||
|
||||
signals:
|
||||
void qrCodeUpdated();
|
||||
void scannerShouldStop();
|
||||
void pendingQrCodeChanged();
|
||||
void currentUuidChanged();
|
||||
void currentPayloadChanged();
|
||||
|
||||
void waitError(const QString &message);
|
||||
void configApplied();
|
||||
|
||||
void postStarted();
|
||||
void postSucceeded();
|
||||
void postFailed(const QString &message);
|
||||
|
||||
private slots:
|
||||
void handleImportControllerDestroyed();
|
||||
|
||||
private:
|
||||
QString buildQrPayloadJson(const QString &gatewayUrl, const QString &uuid) const;
|
||||
QString m_pendingQrCode;
|
||||
QString getCurrentApiKey(QString *vpnKeyOut = nullptr) const;
|
||||
std::shared_ptr<Settings> m_settings;
|
||||
QSharedPointer<ServersModel> m_serversModel;
|
||||
ExportController *m_exportController { nullptr };
|
||||
ImportController *m_importController { nullptr };
|
||||
|
||||
QString m_qrCodeUrl;
|
||||
QString m_currentUuid;
|
||||
QString m_currentPayload;
|
||||
};
|
||||
|
||||
#endif // TRANSFERCONTROLLER_H
|
||||
@@ -34,7 +34,7 @@ PageType {
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButton.bottom
|
||||
anchors.top: backButtonLayout.bottom
|
||||
anchors.bottom: saveButton.top
|
||||
anchors.right: parent.right
|
||||
anchors.left: parent.left
|
||||
|
||||
@@ -37,7 +37,7 @@ PageType {
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButton.bottom
|
||||
anchors.top: backButtonLayout.bottom
|
||||
anchors.bottom: parent.bottom
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
@@ -17,413 +17,427 @@ import "../Components"
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
BackButtonType {
|
||||
id: backButton
|
||||
ColumnLayout {
|
||||
id: backButtonLayout
|
||||
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
anchors.topMargin: 20
|
||||
|
||||
onActiveFocusChanged: {
|
||||
if(backButton.enabled && backButton.activeFocus) {
|
||||
listView.positionViewAtBeginning()
|
||||
}
|
||||
|
||||
BackButtonType {
|
||||
id: backButton
|
||||
}
|
||||
}
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.top: backButton.bottom
|
||||
FlickableType {
|
||||
id: fl
|
||||
anchors.top: backButtonLayout.bottom
|
||||
anchors.bottom: parent.bottom
|
||||
anchors.right: parent.right
|
||||
anchors.left: parent.left
|
||||
contentHeight: content.implicitHeight
|
||||
|
||||
enabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
Column {
|
||||
id: content
|
||||
|
||||
header: ColumnLayout {
|
||||
width: listView.width
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
BaseHeaderType {
|
||||
id: header
|
||||
enabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
ListView {
|
||||
id: listview
|
||||
|
||||
headerText: qsTr("OpenVPN Settings")
|
||||
}
|
||||
}
|
||||
width: parent.width
|
||||
height: listview.contentItem.height
|
||||
|
||||
model: OpenVpnConfigModel
|
||||
clip: true
|
||||
interactive: false
|
||||
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
model: OpenVpnConfigModel
|
||||
|
||||
spacing: 0
|
||||
delegate: Item {
|
||||
id: delegateItem
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: vpnAddressSubnetTextField
|
||||
property alias vpnAddressSubnetTextField: vpnAddressSubnetTextField
|
||||
property bool isEnabled: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
implicitWidth: listview.width
|
||||
implicitHeight: col.implicitHeight
|
||||
|
||||
enabled: listView.enabled
|
||||
ColumnLayout {
|
||||
id: col
|
||||
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
anchors.top: parent.top
|
||||
anchors.left: parent.left
|
||||
anchors.right: parent.right
|
||||
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== subnetAddress) {
|
||||
subnetAddress = textField.text
|
||||
}
|
||||
}
|
||||
anchors.leftMargin: 16
|
||||
anchors.rightMargin: 16
|
||||
|
||||
checkEmptyText: true
|
||||
}
|
||||
spacing: 0
|
||||
|
||||
ParagraphTextType {
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
BaseHeaderType {
|
||||
Layout.fillWidth: true
|
||||
headerText: qsTr("OpenVPN settings")
|
||||
}
|
||||
|
||||
text: qsTr("Network protocol")
|
||||
}
|
||||
TextFieldWithHeaderType {
|
||||
id: vpnAddressSubnetTextField
|
||||
|
||||
TransportProtoSelector {
|
||||
id: transportProtoSelector
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
|
||||
rootWidth: root.width
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
enabled: isTransportProtoEditable
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
|
||||
currentIndex: {
|
||||
return transportProto === "tcp" ? 1 : 0
|
||||
}
|
||||
parentFlickable: fl
|
||||
|
||||
onCurrentIndexChanged: {
|
||||
if (transportProto === "tcp" && currentIndex === 0) {
|
||||
transportProto = "udp"
|
||||
} else if (transportProto === "udp" && currentIndex === 1) {
|
||||
transportProto = "tcp"
|
||||
}
|
||||
}
|
||||
}
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== subnetAddress) {
|
||||
subnetAddress = textField.text
|
||||
}
|
||||
}
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: portTextField
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 40
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
ParagraphTextType {
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
|
||||
enabled: listView.enabled
|
||||
text: qsTr("Network protocol")
|
||||
}
|
||||
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
textField.validator: IntValidator { bottom: 1; top: 65535 }
|
||||
TransportProtoSelector {
|
||||
id: transportProtoSelector
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
rootWidth: root.width
|
||||
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== port) {
|
||||
port = textField.text
|
||||
}
|
||||
}
|
||||
enabled: isTransportProtoEditable
|
||||
|
||||
checkEmptyText: true
|
||||
}
|
||||
currentIndex: {
|
||||
return transportProto === "tcp" ? 1 : 0
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: autoNegotiateEncryprionSwitcher
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
text: qsTr("Auto-negotiate encryption")
|
||||
checked: autoNegotiateEncryprion
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== autoNegotiateEncryprion) {
|
||||
autoNegotiateEncryprion = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: hashDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 20
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
descriptionText: qsTr("Hash")
|
||||
headerText: qsTr("Hash")
|
||||
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: hashListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("SHA512") }
|
||||
ListElement { name : qsTr("SHA384") }
|
||||
ListElement { name : qsTr("SHA256") }
|
||||
ListElement { name : qsTr("SHA3-512") }
|
||||
ListElement { name : qsTr("SHA3-384") }
|
||||
ListElement { name : qsTr("SHA3-256") }
|
||||
ListElement { name : qsTr("whirlpool") }
|
||||
ListElement { name : qsTr("BLAKE2b512") }
|
||||
ListElement { name : qsTr("BLAKE2s256") }
|
||||
ListElement { name : qsTr("SHA1") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
hashDropDown.text = selectedText
|
||||
hash = hashDropDown.text
|
||||
hashDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
hashDropDown.text = hash
|
||||
|
||||
for (var i = 0; i < hashListView.model.count; i++) {
|
||||
if (hashListView.model.get(i).name === hashDropDown.text) {
|
||||
currentIndex = i
|
||||
onCurrentIndexChanged: {
|
||||
if (transportProto === "tcp" && currentIndex === 0) {
|
||||
transportProto = "udp"
|
||||
} else if (transportProto === "udp" && currentIndex === 1) {
|
||||
transportProto = "tcp"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DropDownType {
|
||||
id: cipherDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
TextFieldWithHeaderType {
|
||||
id: portTextField
|
||||
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 40
|
||||
parentFlickable: fl
|
||||
|
||||
descriptionText: qsTr("Cipher")
|
||||
headerText: qsTr("Cipher")
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
drawerParent: root
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
textField.validator: IntValidator { bottom: 1; top: 65535 }
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: cipherListView
|
||||
textField.onEditingFinished: {
|
||||
if (textField.text !== port) {
|
||||
port = textField.text
|
||||
}
|
||||
}
|
||||
|
||||
rootWidth: root.width
|
||||
checkEmptyText: true
|
||||
}
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("AES-256-GCM") }
|
||||
ListElement { name : qsTr("AES-192-GCM") }
|
||||
ListElement { name : qsTr("AES-128-GCM") }
|
||||
ListElement { name : qsTr("AES-256-CBC") }
|
||||
ListElement { name : qsTr("AES-192-CBC") }
|
||||
ListElement { name : qsTr("AES-128-CBC") }
|
||||
ListElement { name : qsTr("ChaCha20-Poly1305") }
|
||||
ListElement { name : qsTr("ARIA-256-CBC") }
|
||||
ListElement { name : qsTr("CAMELLIA-256-CBC") }
|
||||
ListElement { name : qsTr("none") }
|
||||
}
|
||||
SwitcherType {
|
||||
id: autoNegotiateEncryprionSwitcher
|
||||
|
||||
clickedFunction: function() {
|
||||
cipherDropDown.text = selectedText
|
||||
cipher = cipherDropDown.text
|
||||
cipherDropDown.closeTriggered()
|
||||
}
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
parentFlickable: fl
|
||||
|
||||
Component.onCompleted: {
|
||||
cipherDropDown.text = cipher
|
||||
text: qsTr("Auto-negotiate encryption")
|
||||
checked: autoNegotiateEncryprion
|
||||
|
||||
for (var i = 0; i < cipherListView.model.count; i++) {
|
||||
if (cipherListView.model.get(i).name === cipherDropDown.text) {
|
||||
currentIndex = i
|
||||
onCheckedChanged: {
|
||||
if (checked !== autoNegotiateEncryprion) {
|
||||
autoNegotiateEncryprion = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Rectangle {
|
||||
id: contentRect
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
DropDownType {
|
||||
id: hashDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 20
|
||||
|
||||
Layout.preferredHeight: checkboxLayout.implicitHeight
|
||||
color: AmneziaStyle.color.onyxBlack
|
||||
radius: 16
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
ColumnLayout {
|
||||
id: checkboxLayout
|
||||
descriptionText: qsTr("Hash")
|
||||
headerText: qsTr("Hash")
|
||||
|
||||
anchors.fill: parent
|
||||
drawerParent: root
|
||||
|
||||
CheckBoxType {
|
||||
id: tlsAuthCheckBox
|
||||
Layout.fillWidth: true
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: hashListView
|
||||
|
||||
text: qsTr("TLS auth")
|
||||
checked: tlsAuth
|
||||
rootWidth: root.width
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== tlsAuth) {
|
||||
console.log("tlsAuth changed to: " + checked)
|
||||
tlsAuth = checked
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("SHA512") }
|
||||
ListElement { name : qsTr("SHA384") }
|
||||
ListElement { name : qsTr("SHA256") }
|
||||
ListElement { name : qsTr("SHA3-512") }
|
||||
ListElement { name : qsTr("SHA3-384") }
|
||||
ListElement { name : qsTr("SHA3-256") }
|
||||
ListElement { name : qsTr("whirlpool") }
|
||||
ListElement { name : qsTr("BLAKE2b512") }
|
||||
ListElement { name : qsTr("BLAKE2s256") }
|
||||
ListElement { name : qsTr("SHA1") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
hashDropDown.text = selectedText
|
||||
hash = hashDropDown.text
|
||||
hashDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
hashDropDown.text = hash
|
||||
|
||||
for (var i = 0; i < hashListView.model.count; i++) {
|
||||
if (hashListView.model.get(i).name === hashDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DividerType {}
|
||||
DropDownType {
|
||||
id: cipherDropDown
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
CheckBoxType {
|
||||
id: blockDnsCheckBox
|
||||
Layout.fillWidth: true
|
||||
enabled: !autoNegotiateEncryprionSwitcher.checked
|
||||
|
||||
text: qsTr("Block DNS requests outside of VPN")
|
||||
checked: blockDns
|
||||
descriptionText: qsTr("Cipher")
|
||||
headerText: qsTr("Cipher")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (checked !== blockDns) {
|
||||
blockDns = checked
|
||||
drawerParent: root
|
||||
|
||||
listView: ListViewWithRadioButtonType {
|
||||
id: cipherListView
|
||||
|
||||
rootWidth: root.width
|
||||
|
||||
model: ListModel {
|
||||
ListElement { name : qsTr("AES-256-GCM") }
|
||||
ListElement { name : qsTr("AES-192-GCM") }
|
||||
ListElement { name : qsTr("AES-128-GCM") }
|
||||
ListElement { name : qsTr("AES-256-CBC") }
|
||||
ListElement { name : qsTr("AES-192-CBC") }
|
||||
ListElement { name : qsTr("AES-128-CBC") }
|
||||
ListElement { name : qsTr("ChaCha20-Poly1305") }
|
||||
ListElement { name : qsTr("ARIA-256-CBC") }
|
||||
ListElement { name : qsTr("CAMELLIA-256-CBC") }
|
||||
ListElement { name : qsTr("none") }
|
||||
}
|
||||
|
||||
clickedFunction: function() {
|
||||
cipherDropDown.text = selectedText
|
||||
cipher = cipherDropDown.text
|
||||
cipherDropDown.closeTriggered()
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
cipherDropDown.text = cipher
|
||||
|
||||
for (var i = 0; i < cipherListView.model.count; i++) {
|
||||
if (cipherListView.model.get(i).name === cipherDropDown.text) {
|
||||
currentIndex = i
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalClientCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Rectangle {
|
||||
id: contentRect
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
Layout.preferredHeight: checkboxLayout.implicitHeight
|
||||
color: AmneziaStyle.color.onyxBlack
|
||||
radius: 16
|
||||
|
||||
checked: additionalClientCommands !== ""
|
||||
Connections {
|
||||
target: tlsAuthCheckBox
|
||||
enabled: !GC.isMobile()
|
||||
|
||||
text: qsTr("Additional client configuration commands")
|
||||
function onFocusChanged() {
|
||||
if (tlsAuthCheckBox.activeFocus) {
|
||||
fl.ensureVisible(contentRect)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalClientCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
ColumnLayout {
|
||||
id: checkboxLayout
|
||||
|
||||
TextAreaType {
|
||||
id: additionalClientCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
anchors.fill: parent
|
||||
CheckBoxType {
|
||||
id: tlsAuthCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
visible: additionalClientCommandsSwitcher.checked
|
||||
text: qsTr("TLS auth")
|
||||
checked: tlsAuth
|
||||
|
||||
textAreaText: additionalClientCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
onCheckedChanged: {
|
||||
if (checked !== tlsAuth) {
|
||||
console.log("tlsAuth changed to: " + checked)
|
||||
tlsAuth = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalClientCommands !== textAreaText) {
|
||||
additionalClientCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
DividerType {}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalServerCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
CheckBoxType {
|
||||
id: blockDnsCheckBox
|
||||
Layout.fillWidth: true
|
||||
|
||||
checked: additionalServerCommands !== ""
|
||||
text: qsTr("Block DNS requests outside of VPN")
|
||||
checked: blockDns
|
||||
|
||||
text: qsTr("Additional server configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalServerCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalServerCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
visible: additionalServerCommandsSwitcher.checked
|
||||
|
||||
textAreaText: additionalServerCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalServerCommands !== textAreaText) {
|
||||
additionalServerCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.bottomMargin: 24
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: vpnAddressSubnetTextField.errorText === "" &&
|
||||
portTextField.errorText === ""
|
||||
|
||||
text: qsTr("Save")
|
||||
|
||||
onClicked: function() {
|
||||
forceActiveFocus()
|
||||
|
||||
var headerText = qsTr("Save settings?")
|
||||
var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.")
|
||||
var yesButtonText = qsTr("Continue")
|
||||
var noButtonText = qsTr("Cancel")
|
||||
|
||||
var yesButtonFunction = function() {
|
||||
if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) {
|
||||
PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection"))
|
||||
return
|
||||
onCheckedChanged: {
|
||||
if (checked !== blockDns) {
|
||||
blockDns = checked
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
PageController.goToPage(PageEnum.PageSetupWizardInstalling);
|
||||
InstallController.updateContainer(OpenVpnConfigModel.getConfig())
|
||||
}
|
||||
var noButtonFunction = function() {
|
||||
if (!GC.isMobile()) {
|
||||
saveButton.forceActiveFocus()
|
||||
SwitcherType {
|
||||
id: additionalClientCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 32
|
||||
parentFlickable: fl
|
||||
|
||||
checked: additionalClientCommands !== ""
|
||||
|
||||
text: qsTr("Additional client configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalClientCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalClientCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
visible: additionalClientCommandsSwitcher.checked
|
||||
|
||||
parentFlickable: fl
|
||||
|
||||
textAreaText: additionalClientCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalClientCommands !== textAreaText) {
|
||||
additionalClientCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SwitcherType {
|
||||
id: additionalServerCommandsSwitcher
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
parentFlickable: fl
|
||||
|
||||
checked: additionalServerCommands !== ""
|
||||
|
||||
text: qsTr("Additional server configuration commands")
|
||||
|
||||
onCheckedChanged: {
|
||||
if (!checked) {
|
||||
additionalServerCommands = ""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
TextAreaType {
|
||||
id: additionalServerCommandsTextArea
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 16
|
||||
|
||||
visible: additionalServerCommandsSwitcher.checked
|
||||
|
||||
textAreaText: additionalServerCommands
|
||||
placeholderText: qsTr("Commands:")
|
||||
parentFlickable: fl
|
||||
textArea.onEditingFinished: {
|
||||
if (additionalServerCommands !== textAreaText) {
|
||||
additionalServerCommands = textAreaText
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 24
|
||||
Layout.bottomMargin: 24
|
||||
|
||||
enabled: vpnAddressSubnetTextField.errorText === "" &&
|
||||
portTextField.errorText === ""
|
||||
|
||||
text: qsTr("Save")
|
||||
parentFlickable: fl
|
||||
|
||||
onClicked: function() {
|
||||
forceActiveFocus()
|
||||
|
||||
var headerText = qsTr("Save settings?")
|
||||
var descriptionText = qsTr("All users with whom you shared a connection with will no longer be able to connect to it.")
|
||||
var yesButtonText = qsTr("Continue")
|
||||
var noButtonText = qsTr("Cancel")
|
||||
|
||||
var yesButtonFunction = function() {
|
||||
if (ConnectionController.isConnected && ServersModel.getDefaultServerData("defaultContainer") === ContainersModel.getProcessedContainerIndex()) {
|
||||
PageController.showNotificationMessage(qsTr("Unable change settings while there is an active connection"))
|
||||
return
|
||||
}
|
||||
|
||||
PageController.goToPage(PageEnum.PageSetupWizardInstalling);
|
||||
InstallController.updateContainer(OpenVpnConfigModel.getConfig())
|
||||
}
|
||||
var noButtonFunction = function() {
|
||||
if (!GC.isMobile()) {
|
||||
saveButton.forceActiveFocus()
|
||||
}
|
||||
}
|
||||
showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
|
||||
Keys.onEnterPressed: saveButton.clicked()
|
||||
Keys.onReturnPressed: saveButton.clicked()
|
||||
}
|
||||
}
|
||||
showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
|
||||
Keys.onEnterPressed: saveButton.clicked()
|
||||
Keys.onReturnPressed: saveButton.clicked()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -66,6 +66,8 @@ PageType {
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
headerText: qsTr("VPN address subnet")
|
||||
textField.text: subnetAddress
|
||||
|
||||
@@ -85,6 +87,8 @@ PageType {
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
enabled: delegateItem.isEnabled
|
||||
|
||||
headerText: qsTr("Port")
|
||||
textField.text: port
|
||||
textField.maximumLength: 5
|
||||
|
||||
@@ -43,6 +43,8 @@ PageType {
|
||||
|
||||
LabelWithButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
visible: isVisible
|
||||
|
||||
@@ -66,6 +68,8 @@ PageType {
|
||||
|
||||
visible: GC.isDesktop()
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
|
||||
text: qsTr("Close application")
|
||||
leftImageSource: "qrc:/images/controls/x-circle.svg"
|
||||
|
||||
@@ -1,126 +0,0 @@
|
||||
import QtQuick
|
||||
import QtQuick.Controls
|
||||
import QtQuick.Layouts
|
||||
import QtQuick.Dialogs
|
||||
|
||||
import PageEnum 1.0
|
||||
import Style 1.0
|
||||
|
||||
import "./"
|
||||
import "../Controls2"
|
||||
import "../Controls2/TextTypes"
|
||||
import "../Config"
|
||||
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
property bool isSending: false
|
||||
|
||||
function getAddedDeviceName() {
|
||||
try {
|
||||
var obj = JSON.parse(TransferController.pendingQrCode)
|
||||
if (obj && obj.name && obj.name.length > 0) {
|
||||
return obj.name
|
||||
}
|
||||
} catch (e) {}
|
||||
return qsTr("Device")
|
||||
}
|
||||
|
||||
function getAvailableCount() {
|
||||
var max = ApiAccountInfoModel.data("maxDeviceCount")
|
||||
var active = ApiAccountInfoModel.data("activeDeviceCount")
|
||||
if (!max || max <= 0) max = 7
|
||||
if (!active || active < 0) active = 0
|
||||
var remain = max - active
|
||||
return remain > 0 ? remain : 0
|
||||
}
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.fill: parent
|
||||
anchors.topMargin: 20
|
||||
|
||||
header: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BackButtonType {
|
||||
backButtonFunction: function() {
|
||||
if (root.isSending) {
|
||||
TransferController.stopWaitForConfig()
|
||||
}
|
||||
PageController.closePage()
|
||||
}
|
||||
}
|
||||
|
||||
BaseHeaderType {
|
||||
Layout.fillWidth: true
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
|
||||
headerText: qsTr("Add a new device to the subscription?")
|
||||
descriptionText: qsTr("Devices available with Amnezia Premium: (%1)").arg(getAvailableCount())
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.topMargin: 16
|
||||
|
||||
text: qsTr("Add Device")
|
||||
enabled: !root.isSending && root.getAvailableCount() > 0 && TransferController.pendingQrCode !== ""
|
||||
|
||||
clickedFunc: function() {
|
||||
if (TransferController.pendingQrCode !== "") {
|
||||
root.isSending = true
|
||||
TransferController.onTransferQrScanned(TransferController.pendingQrCode)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.topMargin: 8
|
||||
|
||||
defaultColor: AmneziaStyle.color.transparent
|
||||
hoveredColor: AmneziaStyle.color.translucentWhite
|
||||
pressedColor: AmneziaStyle.color.sheerWhite
|
||||
textColor: AmneziaStyle.color.paleGray
|
||||
borderColor: AmneziaStyle.color.paleGray
|
||||
borderWidth: 1
|
||||
|
||||
text: qsTr("Cancel")
|
||||
enabled: !root.isSending
|
||||
|
||||
clickedFunc: function() {
|
||||
PageController.closePage()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: TransferController
|
||||
|
||||
function onPostStarted() {
|
||||
PageController.showNotificationMessage(qsTr("Sending configuration..."))
|
||||
}
|
||||
|
||||
function onPostSucceeded() {
|
||||
root.isSending = false
|
||||
PageController.showNotificationMessage(qsTr("%1 has been added to your subscription").arg(root.getAddedDeviceName()))
|
||||
PageController.closePage()
|
||||
PageController.closePage()
|
||||
}
|
||||
|
||||
function onPostFailed(message) {
|
||||
root.isSending = false
|
||||
PageController.showErrorMessage(message)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,140 +0,0 @@
|
||||
import QtQuick
|
||||
import QtQuick.Controls
|
||||
import QtQuick.Layouts
|
||||
import QtQuick.Dialogs
|
||||
|
||||
import PageEnum 1.0
|
||||
import QRCodeReader 1.0
|
||||
import Style 1.0
|
||||
|
||||
import "./"
|
||||
import "../Controls2"
|
||||
import "../Controls2/TextTypes"
|
||||
import "../Config"
|
||||
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
property bool scanCompleted: false
|
||||
|
||||
Item {
|
||||
id: cameraArea
|
||||
anchors.fill: parent
|
||||
}
|
||||
|
||||
Loader {
|
||||
id: iosQrLoader
|
||||
anchors.fill: cameraArea
|
||||
active: Qt.platform.os === "ios"
|
||||
|
||||
sourceComponent: Component {
|
||||
QRCodeReader {
|
||||
id: qrCodeReader
|
||||
|
||||
function updateCameraSize() {
|
||||
qrCodeReader.setCameraSize(Qt.rect(cameraArea.x,
|
||||
cameraArea.y,
|
||||
cameraArea.width,
|
||||
cameraArea.height))
|
||||
}
|
||||
|
||||
onCodeReaded: function(code) {
|
||||
if (!code || code.length === 0) {
|
||||
return
|
||||
}
|
||||
|
||||
var obj = null
|
||||
try {
|
||||
obj = JSON.parse(code)
|
||||
} catch (e) {
|
||||
obj = null
|
||||
}
|
||||
|
||||
if (!obj || !obj.gw || !(obj.uuid || obj.u)) {
|
||||
return
|
||||
}
|
||||
|
||||
var normalizedObj = { gw: obj.gw, uuid: (obj.uuid ? obj.uuid : obj.u) }
|
||||
if (obj.name && obj.name.length > 0) {
|
||||
normalizedObj.name = obj.name
|
||||
}
|
||||
var normalized = JSON.stringify(normalizedObj)
|
||||
TransferController.setPendingQrCode(normalized)
|
||||
qrCodeReader.stopReading()
|
||||
PageController.goToPage(PageEnum.PageSettingsApiAddDeviceConfirm)
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
updateCameraSize()
|
||||
qrCodeReader.startReading()
|
||||
}
|
||||
Component.onDestruction: qrCodeReader.stopReading()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
onWidthChanged: {
|
||||
if (iosQrLoader.item && iosQrLoader.item.updateCameraSize) {
|
||||
iosQrLoader.item.updateCameraSize()
|
||||
}
|
||||
}
|
||||
onHeightChanged: {
|
||||
if (iosQrLoader.item && iosQrLoader.item.updateCameraSize) {
|
||||
iosQrLoader.item.updateCameraSize()
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: TransferController
|
||||
function onScannerShouldStop() {
|
||||
if (iosQrLoader.item && iosQrLoader.item.stopReading) {
|
||||
iosQrLoader.item.stopReading()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: ImportController
|
||||
|
||||
function onTransferQrDecoded(code) {
|
||||
if (!code || code.length === 0) {
|
||||
return
|
||||
}
|
||||
|
||||
var obj = null
|
||||
try {
|
||||
obj = JSON.parse(code)
|
||||
} catch (e) {
|
||||
obj = null
|
||||
}
|
||||
if (obj && obj.gw && (obj.uuid || obj.u)) {
|
||||
var normalizedObj = { gw: obj.gw, uuid: (obj.uuid ? obj.uuid : obj.u) }
|
||||
if (obj.name && obj.name.length > 0) {
|
||||
normalizedObj.name = obj.name
|
||||
}
|
||||
code = JSON.stringify(normalizedObj)
|
||||
}
|
||||
|
||||
root.scanCompleted = true
|
||||
TransferController.setPendingQrCode(code)
|
||||
Qt.callLater(function() {
|
||||
PageController.goToPage(PageEnum.PageSettingsApiAddDeviceConfirm)
|
||||
})
|
||||
}
|
||||
|
||||
function onQrDecodingFinished() {
|
||||
if (Qt.platform.os === "android" && !root.scanCompleted) {
|
||||
PageController.closePage()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
TransferController.setPendingQrCode("")
|
||||
root.scanCompleted = false
|
||||
|
||||
if (Qt.platform.os === "android") {
|
||||
ImportController.startDecodingQr()
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -4,7 +4,6 @@ import QtQuick.Layouts
|
||||
import QtQuick.Dialogs
|
||||
|
||||
import QtCore
|
||||
import QRCodeReader 1.0
|
||||
|
||||
import SortFilterProxyModel 0.2
|
||||
|
||||
@@ -20,29 +19,6 @@ import "../Components"
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
function isAtDeviceLimit() {
|
||||
var maxDeviceCount = ApiAccountInfoModel.data("maxDeviceCount")
|
||||
return listView.count >= maxDeviceCount
|
||||
}
|
||||
|
||||
function getConfigFilesCount() {
|
||||
try {
|
||||
var arr = ApiAccountInfoModel.getIssuedConfigsInfo()
|
||||
if (!arr) return 0
|
||||
|
||||
var count = 0
|
||||
for (var i = 0; i < arr.length; i++) {
|
||||
var item = arr[i]
|
||||
if (item && item["source_type"] === "country_config") {
|
||||
++count
|
||||
}
|
||||
}
|
||||
return count
|
||||
} catch (e) {
|
||||
return 0
|
||||
}
|
||||
}
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
@@ -70,41 +46,16 @@ PageType {
|
||||
descriptionText: qsTr("Manage currently connected devices")
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
id: addDeviceQrButton
|
||||
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
WarningType {
|
||||
Layout.topMargin: 16
|
||||
|
||||
visible: GC.isMobile()
|
||||
|
||||
defaultColor: AmneziaStyle.color.transparent
|
||||
hoveredColor: AmneziaStyle.color.translucentWhite
|
||||
pressedColor: AmneziaStyle.color.sheerWhite
|
||||
textColor: AmneziaStyle.color.paleGray
|
||||
borderColor: AmneziaStyle.color.paleGray
|
||||
borderWidth: 1
|
||||
|
||||
text: qsTr("Add device by QR code")
|
||||
|
||||
clickedFunc: function() {
|
||||
if (root.isAtDeviceLimit()) {
|
||||
PageController.goToPage(PageEnum.PageSettingsApiDevicesLimit)
|
||||
} else {
|
||||
PageController.goToPage(PageEnum.PageSettingsApiAddDeviceScan)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SmallTextType {
|
||||
Layout.topMargin: 8
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.fillWidth: true
|
||||
|
||||
text: qsTr("On the other device, tap + at the bottom → Connect to Amnezia Premium")
|
||||
textString: qsTr("You can find the identifier on the Support tab or, for older versions of the app, "
|
||||
+ "by tapping '+' and then the three dots at the top of the page.")
|
||||
|
||||
iconPath: "qrc:/images/controls/alert-circle.svg"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -142,58 +93,6 @@ PageType {
|
||||
|
||||
DividerType {}
|
||||
}
|
||||
|
||||
footer: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
LabelWithButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.topMargin: 6
|
||||
|
||||
text: qsTr("Configuration Files: {%1}").arg(root.getConfigFilesCount())
|
||||
descriptionText: qsTr("Generated configuration files also count towards the device limit")
|
||||
rightImageSource: "qrc:/images/controls/chevron-right.svg"
|
||||
|
||||
clickedFunction: function() {
|
||||
ApiSettingsController.updateApiCountryModel()
|
||||
PageController.goToPage(PageEnum.PageSettingsApiNativeConfigs)
|
||||
}
|
||||
}
|
||||
|
||||
DividerType {}
|
||||
|
||||
WarningType {
|
||||
Layout.topMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
Layout.bottomMargin: 8
|
||||
Layout.fillWidth: true
|
||||
|
||||
textString: qsTr("The Support tag is available on the Support page. In older versions: tap + in the bottom bar, then More (...) in the top-right.")
|
||||
iconPath: "qrc:/images/controls/alert-circle.svg"
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: TransferController
|
||||
|
||||
function onPostStarted() {
|
||||
PageController.showBusyIndicator(true)
|
||||
}
|
||||
|
||||
function onPostSucceeded() {
|
||||
PageController.showBusyIndicator(false)
|
||||
ApiSettingsController.getAccountInfo(true)
|
||||
PageController.showNotificationMessage(qsTr("New device added to subscription"))
|
||||
}
|
||||
|
||||
function onPostFailed(message) {
|
||||
PageController.showBusyIndicator(false)
|
||||
PageController.showErrorMessage(message)
|
||||
}
|
||||
|
||||
function onScannerShouldStop() {}
|
||||
}
|
||||
}
|
||||
|
||||
function deactivateExternalDevice(supportTag, countryCode) {
|
||||
|
||||
@@ -1,53 +0,0 @@
|
||||
import QtQuick
|
||||
import QtQuick.Controls
|
||||
import QtQuick.Layouts
|
||||
import QtQuick.Dialogs
|
||||
|
||||
import PageEnum 1.0
|
||||
import Style 1.0
|
||||
|
||||
import "./"
|
||||
import "../Controls2"
|
||||
import "../Controls2/TextTypes"
|
||||
import "../Config"
|
||||
|
||||
PageType {
|
||||
id: root
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
anchors.fill: parent
|
||||
anchors.topMargin: 20
|
||||
|
||||
header: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BackButtonType {}
|
||||
|
||||
BaseHeaderType {
|
||||
Layout.fillWidth: true
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
|
||||
headerText: qsTr("Your Amnezia Premium subscription already has the maximum number of devices — ") + ApiAccountInfoModel.data("connectedDevices")
|
||||
descriptionText: qsTr("Remove one of the previously connected devices to add a new one")
|
||||
}
|
||||
|
||||
BasicButtonType {
|
||||
Layout.fillWidth: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.topMargin: 16
|
||||
|
||||
text: qsTr("Show all devices")
|
||||
|
||||
clickedFunc: function() {
|
||||
PageController.goToPage(PageEnum.PageSettingsApiDevices)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -104,7 +104,7 @@ PageType {
|
||||
|
||||
actionButtonImage: "qrc:/images/controls/edit-3.svg"
|
||||
|
||||
headerText: root.processedServer && root.processedServer.name ? root.processedServer.name : ""
|
||||
headerText: root.processedServer.name
|
||||
descriptionText: ApiAccountInfoModel.data("serviceDescription")
|
||||
|
||||
actionButtonFunction: function() {
|
||||
@@ -214,6 +214,9 @@ PageType {
|
||||
ApiConfigsController.prepareVpnKeyExport()
|
||||
|
||||
PageController.showBusyIndicator(false)
|
||||
|
||||
// Navigate to PageShareConnection page
|
||||
//PageController.goToPage(PageEnum.PageShareConnection)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -413,6 +416,6 @@ PageType {
|
||||
anchors.fill: parent
|
||||
expandedHeight: parent.height * 0.35
|
||||
|
||||
serverNameText: root.processedServer && root.processedServer.name ? root.processedServer.name : ""
|
||||
serverNameText: root.processedServer.name
|
||||
}
|
||||
}
|
||||
|
||||
@@ -66,13 +66,6 @@ PageType {
|
||||
|
||||
text: qsTr("If AmneziaDNS is not used or installed")
|
||||
}
|
||||
}
|
||||
|
||||
model: 1 // fake model to force the ListView to be created without a model
|
||||
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
spacing: 16
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
id: primaryDns
|
||||
@@ -103,6 +96,13 @@ PageType {
|
||||
regularExpression: InstallController.ipAddressRegExp()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
model: 1 // fake model to force the ListView to be created without a model
|
||||
spacing: 16
|
||||
|
||||
delegate: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BasicButtonType {
|
||||
id: restoreDefaultButton
|
||||
@@ -139,6 +139,10 @@ PageType {
|
||||
showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
footer: ColumnLayout {
|
||||
width: listView.width
|
||||
|
||||
BasicButtonType {
|
||||
id: saveButton
|
||||
|
||||
@@ -18,8 +18,6 @@ PageType {
|
||||
|
||||
signal lastItemTabClickedSignal()
|
||||
|
||||
property bool isServerWithWriteAccess: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
Connections {
|
||||
target: InstallController
|
||||
|
||||
@@ -61,13 +59,15 @@ PageType {
|
||||
target: ServersModel
|
||||
|
||||
function onProcessedServerIndexChanged() {
|
||||
root.isServerWithWriteAccess = ServersModel.isProcessedServerHasWriteAccess()
|
||||
listView.isServerWithWriteAccess = ServersModel.isProcessedServerHasWriteAccess()
|
||||
}
|
||||
}
|
||||
|
||||
ListViewType {
|
||||
id: listView
|
||||
|
||||
property bool isServerWithWriteAccess: ServersModel.isProcessedServerHasWriteAccess()
|
||||
|
||||
anchors.fill: parent
|
||||
|
||||
model: serverActions
|
||||
@@ -107,7 +107,7 @@ PageType {
|
||||
QtObject {
|
||||
id: check
|
||||
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
property bool isVisible: true
|
||||
readonly property string title: qsTr("Check the server for previously installed Amnezia services")
|
||||
readonly property string description: qsTr("Add them to the application if they were not displayed")
|
||||
readonly property var tColor: AmneziaStyle.color.paleGray
|
||||
@@ -121,7 +121,7 @@ PageType {
|
||||
QtObject {
|
||||
id: reboot
|
||||
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
property bool isVisible: true
|
||||
readonly property string title: qsTr("Reboot server")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
@@ -181,7 +181,7 @@ PageType {
|
||||
QtObject {
|
||||
id: clear
|
||||
|
||||
property bool isVisible: root.isServerWithWriteAccess
|
||||
property bool isVisible: true
|
||||
readonly property string title: qsTr("Clear server from Amnezia software")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
@@ -240,7 +240,7 @@ PageType {
|
||||
QtObject {
|
||||
id: switch_to_premium
|
||||
|
||||
property bool isVisible: ServersModel.getProcessedServerData("isServerFromTelegramApi") && ServersModel.processedServerIsPremium
|
||||
property bool isVisible: ServersModel.getProcessedServerData("isServerFromTelegramApi")
|
||||
readonly property string title: qsTr("Switch to the new Amnezia Premium subscription")
|
||||
readonly property string description: ""
|
||||
readonly property var tColor: AmneziaStyle.color.vibrantRed
|
||||
|
||||
@@ -45,7 +45,7 @@ PageType {
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
|
||||
headerText: qsTr("New Connection")
|
||||
headerText: qsTr("Connection")
|
||||
|
||||
actionButtonImage: isVisible ? "qrc:/images/controls/more-vertical.svg" : ""
|
||||
actionButtonFunction: function() {
|
||||
@@ -156,7 +156,7 @@ PageType {
|
||||
Layout.leftMargin: 16
|
||||
Layout.bottomMargin: 24
|
||||
|
||||
text: qsTr("Enter a connection key, import a configuration file, or scan a QR code")
|
||||
text: qsTr("Insert the key, add a configuration file or scan the QR-code")
|
||||
}
|
||||
|
||||
TextFieldWithHeaderType {
|
||||
@@ -166,8 +166,8 @@ PageType {
|
||||
Layout.rightMargin: 16
|
||||
Layout.leftMargin: 16
|
||||
|
||||
headerText: qsTr("Connection key")
|
||||
buttonText: qsTr("Paste")
|
||||
headerText: qsTr("Insert key")
|
||||
buttonText: qsTr("Insert")
|
||||
|
||||
clickedFunc: function() {
|
||||
textField.text = ""
|
||||
@@ -250,7 +250,7 @@ PageType {
|
||||
disabledColor: AmneziaStyle.color.mutedGray
|
||||
textColor: AmneziaStyle.color.goldenApricot
|
||||
|
||||
text: qsTr("Amnezia Website")
|
||||
text: qsTr("Site Amnezia")
|
||||
|
||||
rightImageSource: "qrc:/images/controls/external-link.svg"
|
||||
|
||||
@@ -263,17 +263,18 @@ PageType {
|
||||
|
||||
property list<QtObject> variants: [
|
||||
amneziaVpn,
|
||||
shareViaDevice,
|
||||
selfHostVpn,
|
||||
backupRestore,
|
||||
fileOpen,
|
||||
qrScan
|
||||
qrScan,
|
||||
siteLink
|
||||
]
|
||||
|
||||
QtObject {
|
||||
id: amneziaVpn
|
||||
|
||||
property string title: qsTr("Choose a VPN from Amnezia")
|
||||
property string description: qsTr("Paid and free VPN services from Amnezia")
|
||||
property string title: qsTr("VPN by Amnezia")
|
||||
property string description: qsTr("Connect to classic paid and free VPN services from Amnezia")
|
||||
property string imageSource: "qrc:/images/controls/amnezia.svg"
|
||||
property bool isVisible: true
|
||||
property var handler: function() {
|
||||
@@ -286,23 +287,11 @@ PageType {
|
||||
}
|
||||
}
|
||||
|
||||
QtObject {
|
||||
id: shareViaDevice
|
||||
|
||||
property string title: qsTr("Connect to Amnezia Premium")
|
||||
property string description: qsTr("Via QR code from a phone with an active subscription")
|
||||
property string imageSource: "qrc:/images/controls/monitor-with-phone.svg"
|
||||
property bool isVisible: true
|
||||
property var handler: function() {
|
||||
PageController.goToPage(PageEnum.PageTransferConfigViaQR)
|
||||
}
|
||||
}
|
||||
|
||||
QtObject {
|
||||
id: selfHostVpn
|
||||
|
||||
property string title: qsTr("Set up a Self-hosted VPN")
|
||||
property string description: qsTr("On a private server")
|
||||
property string title: qsTr("Self-hosted VPN")
|
||||
property string description: qsTr("Configure Amnezia VPN on your own server")
|
||||
property string imageSource: "qrc:/images/controls/server.svg"
|
||||
property bool isVisible: true
|
||||
property var handler: function() {
|
||||
@@ -331,8 +320,8 @@ PageType {
|
||||
QtObject {
|
||||
id: fileOpen
|
||||
|
||||
property string title: qsTr("Use a configuration file")
|
||||
property string description: qsTr("Supported formats: .conf, .vpn, .ovpn, .json")
|
||||
property string title: qsTr("File with connection settings")
|
||||
property string description: qsTr("")
|
||||
property string imageSource: "qrc:/images/controls/folder-search-2.svg"
|
||||
property bool isVisible: true
|
||||
property var handler: function() {
|
||||
@@ -345,13 +334,13 @@ PageType {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
QtObject {
|
||||
id: qrScan
|
||||
|
||||
property string title: qsTr("Scan a QR code")
|
||||
property string description: qsTr("To connect to a self-hosted server")
|
||||
property string title: qsTr("QR code")
|
||||
property string description: qsTr("")
|
||||
property string imageSource: "qrc:/images/controls/scan-line.svg"
|
||||
property bool isVisible: SettingsController.isCameraPresent()
|
||||
property var handler: function() {
|
||||
@@ -360,7 +349,7 @@ PageType {
|
||||
PageController.goToPage(PageEnum.PageSetupWizardQrReader)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
QtObject {
|
||||
id: siteLink
|
||||
|
||||
@@ -161,4 +161,10 @@ PageType {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
ShareConnectionDrawer {
|
||||
id: shareConnectionDrawer
|
||||
|
||||
anchors.fill: parent
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,126 +0,0 @@
|
||||
import QtQuick
|
||||
import QtQuick.Controls
|
||||
import QtQuick.Layouts
|
||||
import QtQuick.Dialogs
|
||||
|
||||
import PageEnum 1.0
|
||||
import Style 1.0
|
||||
import "../Controls2"
|
||||
import "../Components"
|
||||
import "../Controls2/TextTypes"
|
||||
|
||||
PageType {
|
||||
id: root
|
||||
objectName: "PageTransferConfigViaQR"
|
||||
|
||||
Rectangle {
|
||||
anchors.fill: parent
|
||||
color: AmneziaStyle.color.midnightBlack
|
||||
z: 0
|
||||
}
|
||||
|
||||
ColumnLayout {
|
||||
z: 1
|
||||
anchors.fill: parent
|
||||
anchors.topMargin: 24
|
||||
spacing: 12
|
||||
|
||||
BackButtonType {
|
||||
Layout.topMargin: 20
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.alignment: Qt.AlignLeft
|
||||
}
|
||||
|
||||
Item {
|
||||
id: contentArea
|
||||
Layout.fillWidth: true
|
||||
Layout.fillHeight: true
|
||||
Layout.leftMargin: 16
|
||||
Layout.rightMargin: 16
|
||||
Layout.bottomMargin: 16
|
||||
|
||||
ColumnLayout {
|
||||
id: qrContent
|
||||
anchors.fill: parent
|
||||
spacing: 16
|
||||
|
||||
Item { Layout.fillHeight: true }
|
||||
|
||||
SmallTextType {
|
||||
id: topHint
|
||||
Layout.fillWidth: true
|
||||
horizontalAlignment: Text.AlignHCenter
|
||||
text: qsTr("Scan this QR code with a phone that has an active\nAmnezia Premium subscription")
|
||||
}
|
||||
|
||||
Rectangle {
|
||||
id: qrFrame
|
||||
Layout.alignment: Qt.AlignHCenter
|
||||
property real maxByHeight: qrContent.height
|
||||
- topHint.implicitHeight
|
||||
- bottomHint.implicitHeight
|
||||
- (qrContent.spacing * 2)
|
||||
property real qrSize: Math.max(180, Math.min(qrContent.width, Math.max(0, maxByHeight)))
|
||||
|
||||
Layout.preferredWidth: qrSize
|
||||
Layout.preferredHeight: qrSize
|
||||
radius: 16
|
||||
color: "white"
|
||||
|
||||
Image {
|
||||
id: qrImage
|
||||
anchors.fill: parent
|
||||
anchors.margins: 12
|
||||
fillMode: Image.PreserveAspectFit
|
||||
smooth: false
|
||||
sourceSize: Qt.size(Math.round(width), Math.round(height))
|
||||
source: TransferController.qrCodeUrl
|
||||
visible: TransferController.qrCodeUrl !== ""
|
||||
}
|
||||
|
||||
BusyIndicator {
|
||||
anchors.centerIn: parent
|
||||
running: TransferController.qrCodeUrl === ""
|
||||
visible: TransferController.qrCodeUrl === ""
|
||||
}
|
||||
}
|
||||
|
||||
SmallTextType {
|
||||
id: bottomHint
|
||||
Layout.fillWidth: true
|
||||
horizontalAlignment: Text.AlignHCenter
|
||||
text: qsTr("AmneziaVPN → Amnezia Premium →\nPersonal Dashboard → Active Devices →\nAdd Device via QR Code")
|
||||
}
|
||||
|
||||
Item { Layout.fillHeight: true }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: TransferController
|
||||
function onConfigApplied() {
|
||||
PageController.showNotificationMessage(qsTr("Device has been added to subscription"))
|
||||
PageController.closePage()
|
||||
PageController.goToPageHome()
|
||||
}
|
||||
function onWaitError(message) {
|
||||
PageController.showErrorMessage(message)
|
||||
}
|
||||
}
|
||||
|
||||
Connections {
|
||||
target: ImportController
|
||||
function onImportErrorOccurred(errorCode, goToPageHome) {
|
||||
PageController.showErrorMessage(errorCode)
|
||||
}
|
||||
}
|
||||
|
||||
Component.onCompleted: {
|
||||
TransferController.generateNewQrCode()
|
||||
TransferController.startWaitForConfig(ImportController)
|
||||
}
|
||||
|
||||
Component.onDestruction: TransferController.stopWaitForConfig()
|
||||
}
|
||||
@@ -1,9 +1,11 @@
|
||||
# Exempt the tunnel interface(s) used by the VPN connection
|
||||
|
||||
utunInterfaces = "{ \
|
||||
utun0, utun1, utun2, utun3, utun4, utun5, utun6, utun7, utun8, utun9, utun10, \
|
||||
utun11, utun12, utun13, utun14, utun15, utun16, utun17, utun18, utun19, utun20, \
|
||||
utun21, utun22, utun23, utun24, utun25, utun26, utun27, utun28, utun29, utun30 \
|
||||
utunInterfaces = "{ \
|
||||
utun0, utun1, utun2, utun3, utun4, utun5, utun6, utun7, utun8, utun9, utun10, \
|
||||
utun11, utun12, utun13, utun14, utun15, utun16, utun17, utun18, utun19, utun20, \
|
||||
utun21, utun22, utun23, utun24, utun25, utun26, utun27, utun28, utun29, utun30, \
|
||||
ipsec0, ipsec1, ipsec2, ipsec3, ipsec4, ipsec5, ipsec6, ipsec7, ipsec8, ipsec9, \
|
||||
ipsec10, ipsec11, ipsec12, ipsec13, ipsec14, ipsec15, ipsec16, ipsec17, ipsec18, ipsec19 \
|
||||
}"
|
||||
|
||||
pass out on $utunInterfaces flags any no state
|
||||
|
||||
@@ -36,5 +36,17 @@ class IpcInterface
|
||||
SLOT( bool enablePeerTraffic( const QJsonObject &configStr) );
|
||||
SLOT( bool enableKillSwitch( const QJsonObject &excludeAddr, int vpnAdapterIndex) );
|
||||
SLOT( bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers) );
|
||||
|
||||
SLOT( bool writeIPsecCaCert(QString cacert, QString uuid) );
|
||||
SLOT( bool writeIPsecPrivate(QString privKey, QString uuid) );
|
||||
SLOT( bool writeIPsecConfig(QString config) );
|
||||
SLOT( bool writeIPsecUserCert(QString usercert, QString uuid) );
|
||||
SLOT( bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) );
|
||||
|
||||
SLOT( bool stopIPsec(QString tunnelName) );
|
||||
SLOT( bool startIPsec(QString tunnelName) );
|
||||
|
||||
SLOT( QString getTunnelStatus(QString tunnelName) );
|
||||
|
||||
};
|
||||
|
||||
|
||||
+194
-1
@@ -4,9 +4,11 @@
|
||||
#include <QFileInfo>
|
||||
#include <QLocalSocket>
|
||||
#include <QObject>
|
||||
#include <QJsonArray>
|
||||
|
||||
#include "logger.h"
|
||||
#include "qjsonarray.h"
|
||||
#include "router.h"
|
||||
#include "logger.h"
|
||||
|
||||
#include "killswitch.h"
|
||||
|
||||
@@ -161,6 +163,7 @@ void IpcServer::StartRoutingIpv6()
|
||||
{
|
||||
Router::StartRoutingIpv6();
|
||||
}
|
||||
|
||||
void IpcServer::StopRoutingIpv6()
|
||||
{
|
||||
Router::StopRoutingIpv6();
|
||||
@@ -204,6 +207,196 @@ bool IpcServer::disableKillSwitch()
|
||||
return KillSwitch::instance()->disableKillSwitch();
|
||||
}
|
||||
|
||||
bool IpcServer::startIPsec(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess processSystemd;
|
||||
QStringList commandsSystemd;
|
||||
commandsSystemd << "systemctl" << "restart" << "ipsec";
|
||||
processSystemd.start("sudo", commandsSystemd);
|
||||
if (!processSystemd.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel!\n";
|
||||
return false;
|
||||
}
|
||||
else if (!processSystemd.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commandsSystemd.clear();
|
||||
|
||||
QThread::msleep(5000);
|
||||
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "up" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel!\n";
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not start ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::stopIPsec(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "down" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return false;
|
||||
}
|
||||
commands.clear();
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecConfig(QString config)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: IPSec config file";
|
||||
QString configFile = QString("/etc/ipsec.conf");
|
||||
QFile ipSecConfFile(configFile);
|
||||
if (ipSecConfFile.open(QIODevice::WriteOnly)) {
|
||||
ipSecConfFile.write(config.toUtf8());
|
||||
ipSecConfFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecUserCert(QString usercert, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: Write user cert " << uuid;
|
||||
QString certName = QString("/etc/ipsec.d/certs/%1.crt").arg(uuid);
|
||||
QFile userCertFile(certName);
|
||||
if (userCertFile.open(QIODevice::WriteOnly)) {
|
||||
userCertFile.write(usercert.toUtf8());
|
||||
userCertFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecCaCert(QString cacert, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: Write CA cert user " << uuid;
|
||||
QString certName = QString("/etc/ipsec.d/cacerts/%1.crt").arg(uuid);
|
||||
QFile caCertFile(certName);
|
||||
if (caCertFile.open(QIODevice::WriteOnly)) {
|
||||
caCertFile.write(cacert.toUtf8());
|
||||
caCertFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::writeIPsecPrivate(QString privKey, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: User private key " << uuid;
|
||||
QString privateKey = QString("/etc/ipsec.d/private/%1.p12").arg(uuid);
|
||||
QFile pKeyFile(privateKey);
|
||||
if (pKeyFile.open(QIODevice::WriteOnly)) {
|
||||
pKeyFile.write(QByteArray::fromBase64(privKey.toUtf8()));
|
||||
pKeyFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool IpcServer::writeIPsecPrivatePass(QString pass, QString host, QString uuid)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
qDebug() << "IPSEC: User private key " << uuid;
|
||||
const QString secretsFilename = "/etc/ipsec.secrets";
|
||||
QStringList lines;
|
||||
|
||||
{
|
||||
QFile secretsFile(secretsFilename);
|
||||
if (secretsFile.open(QIODevice::ReadOnly | QIODevice::Text))
|
||||
{
|
||||
QTextStream edit(&secretsFile);
|
||||
while (!edit.atEnd()) lines.push_back(edit.readLine());
|
||||
}
|
||||
secretsFile.close();
|
||||
}
|
||||
|
||||
for (auto iter = lines.begin(); iter!=lines.end();)
|
||||
{
|
||||
if (iter->contains(host))
|
||||
{
|
||||
iter = lines.erase(iter);
|
||||
}
|
||||
else
|
||||
{
|
||||
++iter;
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
QFile secretsFile(secretsFilename);
|
||||
if (secretsFile.open(QIODevice::WriteOnly | QIODevice::Text))
|
||||
{
|
||||
QTextStream edit(&secretsFile);
|
||||
for (int i=0; i<lines.size(); i++) edit << lines[i] << Qt::endl;
|
||||
}
|
||||
QString P12 = QString("%any %1 : P12 %2.p12 \"%3\" \n").arg(host, uuid, pass);
|
||||
secretsFile.write(P12.toUtf8());
|
||||
secretsFile.close();
|
||||
}
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
QString IpcServer::getTunnelStatus(QString tunnelName)
|
||||
{
|
||||
#ifdef Q_OS_LINUX
|
||||
QProcess process;
|
||||
QStringList commands;
|
||||
commands << "ipsec" << "status" << QString("%1").arg(tunnelName);
|
||||
process.start("sudo", commands);
|
||||
if (!process.waitForStarted(1000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return "";
|
||||
}
|
||||
else if (!process.waitForFinished(2000))
|
||||
{
|
||||
qDebug().noquote() << "Could not stop ipsec tunnel\n";
|
||||
return "";
|
||||
}
|
||||
commands.clear();
|
||||
|
||||
|
||||
QString status = process.readAll();
|
||||
return status;
|
||||
#endif
|
||||
return QString();
|
||||
|
||||
}
|
||||
|
||||
bool IpcServer::enablePeerTraffic(const QJsonObject &configStr)
|
||||
{
|
||||
return KillSwitch::instance()->enablePeerTraffic(configStr);
|
||||
|
||||
@@ -42,6 +42,14 @@ public:
|
||||
virtual bool disableKillSwitch() override;
|
||||
virtual bool refreshKillSwitch( bool enabled ) override;
|
||||
virtual bool updateResolvers(const QString& ifname, const QList<QHostAddress>& resolvers) override;
|
||||
virtual bool writeIPsecCaCert(QString cacert, QString uuid) override;
|
||||
virtual bool writeIPsecPrivate(QString privKey, QString uuid) override;
|
||||
virtual bool writeIPsecConfig(QString config) override;
|
||||
virtual bool writeIPsecUserCert(QString usercert, QString uuid) override;
|
||||
virtual bool writeIPsecPrivatePass(QString pass, QString host, QString uuid) override;
|
||||
virtual bool stopIPsec(QString tunnelName) override;
|
||||
virtual bool startIPsec(QString tunnelName) override;
|
||||
virtual QString getTunnelStatus(QString tunnelName) override;
|
||||
|
||||
private:
|
||||
int m_localpid = 0;
|
||||
|
||||
Reference in New Issue
Block a user