summaryrefslogtreecommitdiff
path: root/app/src/main/java/de/blinkt/openvpn
diff options
context:
space:
mode:
authorcyBerta <cyberta@riseup.net>2019-06-14 18:18:18 +0200
committercyBerta <cyberta@riseup.net>2019-08-02 01:49:37 +0200
commit8f7146a89fba31bcb9a204415a38e796cfa7d403 (patch)
tree7ff6049ca8cd8f1ed6c0739ae3b2c8ff1d15d9fa /app/src/main/java/de/blinkt/openvpn
parent386c580a9a97870f500bf277a1d1ec25a8f4a056 (diff)
* refactor vpn profile generation
* fix lzo-comp flag parsing in ConfigParser
Diffstat (limited to 'app/src/main/java/de/blinkt/openvpn')
-rw-r--r--app/src/main/java/de/blinkt/openvpn/VpnProfile.java25
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java43
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java9
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java16
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java74
5 files changed, 77 insertions, 90 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 9f18b8ed..dc12c6a8 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -5,11 +5,6 @@
package de.blinkt.openvpn;
-import de.blinkt.openvpn.core.connection.Connection;
-import de.blinkt.openvpn.core.connection.OpenvpnConnection;
-import se.leap.bitmaskclient.R;
-import se.leap.bitmaskclient.BuildConfig;
-
import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
@@ -58,7 +53,6 @@ import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
-import de.blinkt.openvpn.core.Connection;
import de.blinkt.openvpn.core.ExtAuthHelper;
import de.blinkt.openvpn.core.NativeUtils;
import de.blinkt.openvpn.core.OpenVPNService;
@@ -68,9 +62,13 @@ import de.blinkt.openvpn.core.Preferences;
import de.blinkt.openvpn.core.VPNLaunchHelper;
import de.blinkt.openvpn.core.VpnStatus;
import de.blinkt.openvpn.core.X509Utils;
+import de.blinkt.openvpn.core.connection.Connection;
+import de.blinkt.openvpn.core.connection.Obfs4Connection;
+import de.blinkt.openvpn.core.connection.OpenvpnConnection;
import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
import static se.leap.bitmaskclient.Constants.PROVIDER_PROFILE;
public class VpnProfile implements Serializable, Cloneable {
@@ -121,7 +119,7 @@ public class VpnProfile implements Serializable, Cloneable {
public String mTLSAuthFilename;
public String mClientKeyFilename;
public String mCaFilename;
- public boolean mUseLzo = true;
+ public boolean mUseLzo = false;
public String mPKCS12Filename;
public String mPKCS12Password;
public boolean mUseTLSAuth = false;
@@ -186,16 +184,16 @@ public class VpnProfile implements Serializable, Cloneable {
// set members to default values
private UUID mUuid;
private int mProfileVersion;
+ public boolean mUsePluggableTransports;
-
- public VpnProfile(String name) {
+ public VpnProfile(String name, Connection.TransportType transportType) {
mUuid = UUID.randomUUID();
mName = name;
mProfileVersion = CURRENT_PROFILE_VERSION;
mConnections = new Connection[1];
- mConnections[0] = new OpenvpnConnection();
mLastUsed = System.currentTimeMillis();
+ mUsePluggableTransports = transportType == OBFS4;
}
public static String openVpnEscape(String unescaped) {
@@ -297,6 +295,7 @@ public class VpnProfile implements Serializable, Cloneable {
return mName;
}
+ @Deprecated
public void upgradeProfile() {
if (mProfileVersion < 2) {
/* default to the behaviour the OS used */
@@ -327,9 +326,10 @@ public class VpnProfile implements Serializable, Cloneable {
}
+ @Deprecated
private void moveOptionsToConnection() {
mConnections = new Connection[1];
- Connection conn = new OpenvpnConnection();
+ Connection conn = mUsePluggableTransports ? new Obfs4Connection() : new OpenvpnConnection();
conn.setServerName(mServerName);
conn.setServerPort(mServerPort);
@@ -499,7 +499,8 @@ public class VpnProfile implements Serializable, Cloneable {
if (!TextUtils.isEmpty(mCrlFilename))
cfg.append(insertFileData("crl-verify", mCrlFilename));
- if (mUseLzo) {
+ // compression does not work in conjunction with shapeshifter-dispatcher so far
+ if (mUseLzo && !mUsePluggableTransports) {
cfg.append("comp-lzo\n");
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
index 0e9b1bc4..4c53087f 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
@@ -6,8 +6,8 @@
package de.blinkt.openvpn.core;
import android.os.Build;
-import android.text.TextUtils;
import android.support.v4.util.Pair;
+import android.text.TextUtils;
import java.io.BufferedReader;
import java.io.IOException;
@@ -23,7 +23,11 @@ import java.util.Vector;
import de.blinkt.openvpn.VpnProfile;
import de.blinkt.openvpn.core.connection.Connection;
+import de.blinkt.openvpn.core.connection.Obfs4Connection;
import de.blinkt.openvpn.core.connection.OpenvpnConnection;
+import se.leap.bitmaskclient.pluggableTransports.DispatcherOptions;
+
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
//! Openvpn Config FIle Parser, probably not 100% accurate but close enough
@@ -136,6 +140,7 @@ public class ConfigParser {
private HashMap<String, Vector<Vector<String>>> options = new HashMap<>();
private HashMap<String, Vector<String>> meta = new HashMap<String, Vector<String>>();
private String auth_user_pass_file;
+ private DispatcherOptions dispatcherOptions;
static public void useEmbbedUserAuth(VpnProfile np, String inlinedata) {
String data = VpnProfile.getEmbeddedContent(inlinedata);
@@ -346,9 +351,9 @@ public class ConfigParser {
// This method is far too long
@SuppressWarnings("ConstantConditions")
- public VpnProfile convertProfile() throws ConfigParseError, IOException {
+ public VpnProfile convertProfile(Connection.TransportType transportType) throws ConfigParseError, IOException {
boolean noauthtypeset = true;
- VpnProfile np = new VpnProfile(CONVERTED_PROFILE);
+ VpnProfile np = new VpnProfile(CONVERTED_PROFILE, transportType);
// Pull, client, tls-client
np.clearDefaults();
@@ -451,6 +456,7 @@ public class ConfigParser {
if (redirectPrivate != null) {
checkRedirectParameters(np, redirectPrivate, false);
}
+
Vector<String> dev = getOption("dev", 1, 1);
Vector<String> devtype = getOption("dev-type", 1, 1);
@@ -476,7 +482,6 @@ public class ConfigParser {
}
}
-
Vector<String> tunmtu = getOption("tun-mtu", 1, 1);
if (tunmtu != null) {
@@ -487,14 +492,12 @@ public class ConfigParser {
}
}
-
Vector<String> mode = getOption("mode", 1, 1);
if (mode != null) {
if (!mode.get(1).equals("p2p"))
throw new ConfigParseError("Invalid mode for --mode specified, need p2p");
}
-
Vector<Vector<String>> dhcpoptions = getAllOption("dhcp-option", 2, 2);
if (dhcpoptions != null) {
for (Vector<String> dhcpoption : dhcpoptions) {
@@ -529,8 +532,10 @@ public class ConfigParser {
if (getOption("float", 0, 0) != null)
np.mUseFloat = true;
- if (getOption("comp-lzo", 0, 1) != null)
- np.mUseLzo = true;
+ Vector<String> useLzo = getOption("comp-lzo", 0, 1);
+ if (useLzo != null) {
+ np.mUseLzo = Boolean.valueOf(useLzo.get(1));
+ }
Vector<String> cipher = getOption("cipher", 1, 1);
if (cipher != null)
@@ -540,7 +545,6 @@ public class ConfigParser {
if (auth != null)
np.mAuth = auth.get(1);
-
Vector<String> ca = getOption("ca", 1, 1);
if (ca != null) {
np.mCaFilename = ca.get(1);
@@ -552,6 +556,7 @@ public class ConfigParser {
np.mAuthenticationType = VpnProfile.TYPE_CERTIFICATES;
noauthtypeset = false;
}
+
Vector<String> key = getOption("key", 1, 1);
if (key != null)
np.mClientKeyFilename = key.get(1);
@@ -612,7 +617,6 @@ public class ConfigParser {
np.mVerb = verb.get(1);
}
-
if (getOption("nobind", 0, 1) != null)
np.mNobind = true;
@@ -682,8 +686,7 @@ public class ConfigParser {
}
-
- Pair<Connection, Connection[]> conns = parseConnectionOptions(null);
+ Pair<Connection, Connection[]> conns = parseConnectionOptions(null, transportType);
np.mConnections = conns.second;
Vector<Vector<String>> connectionBlocks = getAllOption("connection", 1, 1);
@@ -706,6 +709,7 @@ public class ConfigParser {
connIndex++;
}
}
+
if (getOption("remote-random", 0, 0) != null)
np.mRemoteRandom = true;
@@ -748,20 +752,21 @@ public class ConfigParser {
return TextUtils.join(s, str);
}
+ public void setDispatcherOptions(DispatcherOptions dispatcherOptions) {
+ this.dispatcherOptions = dispatcherOptions;
+ }
+
private Pair<Connection, Connection[]> parseConnection(String connection, Connection defaultValues) throws IOException, ConfigParseError {
// Parse a connection Block as a new configuration file
-
ConfigParser connectionParser = new ConfigParser();
StringReader reader = new StringReader(connection.substring(VpnProfile.INLINE_TAG.length()));
connectionParser.parseConfig(reader);
- Pair<Connection, Connection[]> conn = connectionParser.parseConnectionOptions(defaultValues);
-
- return conn;
+ return connectionParser.parseConnectionOptions(defaultValues, defaultValues.getTransportType());
}
- private Pair<Connection, Connection[]> parseConnectionOptions(Connection connDefault) throws ConfigParseError {
+ private Pair<Connection, Connection[]> parseConnectionOptions(Connection connDefault, Connection.TransportType transportType) throws ConfigParseError {
Connection conn;
if (connDefault != null)
try {
@@ -771,7 +776,7 @@ public class ConfigParser {
return null;
}
else
- conn = new OpenvpnConnection();
+ conn = transportType == OBFS4 ? new Obfs4Connection(dispatcherOptions) : new OpenvpnConnection();
Vector<String> port = getOption("port", 1, 1);
if (port != null) {
@@ -825,8 +830,6 @@ public class ConfigParser {
// Parse remote config
Vector<Vector<String>> remotes = getAllOption("remote", 1, 3);
-
-
Vector <String> optionsToRemove = new Vector<>();
// Assume that we need custom options if connectionDefault are set or in the connection specific set
for (Map.Entry<String, Vector<Vector<String>>> option : options.entrySet()) {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index b775921c..4a33fd49 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -48,7 +48,6 @@ import se.leap.bitmaskclient.VpnNotificationManager;
import se.leap.bitmaskclient.pluggableTransports.Dispatcher;
import de.blinkt.openvpn.core.connection.Obfs4Connection;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED;
import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT;
import static de.blinkt.openvpn.core.NetworkSpace.IpAddress;
@@ -386,13 +385,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
VpnStatus.logInfo("Setting up dispatcher.");
Connection connection = mProfile.mConnections[0];
- if (connection.getTransportType() == OBFS4) {
+ if (mProfile.mUsePluggableTransports) {
Obfs4Connection obfs4Connection = (Obfs4Connection) connection;
- dispatcher = new Dispatcher(this,
- obfs4Connection.getmObfs4RemoteProxyName(),
- obfs4Connection.getmObfs4RemoteProxyPort(),
- obfs4Connection.getmObfs4Certificate(),
- obfs4Connection.getmObfs4IatMode());
+ dispatcher = new Dispatcher(this, obfs4Connection.getDispatcherOptions());
dispatcher.initSync();
if (dispatcher.isRunning()) {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
index f333a13e..a318e55d 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
@@ -35,10 +35,22 @@ public abstract class Connection implements Serializable, Cloneable {
}
public enum TransportType {
- OBFS4,
- OPENVPN
+ OBFS4("obfs4"),
+ OPENVPN("openvpn");
+
+ String transport;
+
+ TransportType(String transportType) {
+ this.transport = transportType;
+ }
+
+ @Override
+ public String toString() {
+ return transport;
+ }
}
+
private static final long serialVersionUID = 92031902903829089L;
diff --git a/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java b/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
index 790b8b1a..4f6be276 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
@@ -1,6 +1,9 @@
package de.blinkt.openvpn.core.connection;
-import org.json.JSONObject;
+import se.leap.bitmaskclient.pluggableTransports.DispatcherOptions;
+
+import static se.leap.bitmaskclient.pluggableTransports.Dispatcher.DISPATCHER_IP;
+import static se.leap.bitmaskclient.pluggableTransports.Dispatcher.DISPATCHER_PORT;
/**
* Created by cyberta on 08.03.19.
@@ -9,46 +12,38 @@ import org.json.JSONObject;
public class Obfs4Connection extends Connection {
private static final String TAG = Obfs4Connection.class.getName();
+ private DispatcherOptions options;
-
- private String mObfs4RemoteProxyName = "";
- private String mObfs4RemoteProxyPort = "";
- private String mObfs4Certificate = "";
- private String mObfs4IatMode = "";
-
- public Obfs4Connection() {
- setDefaults();
- }
-
- public Obfs4Connection(Connection connection) {
- mObfs4RemoteProxyName = connection.getServerName();
- setConnectTimeout(connection.getConnectTimeout());
- setCustomConfiguration(connection.getCustomConfiguration());
- setUseCustomConfig(connection.isUseCustomConfig());
-
- setDefaults();
- }
-
- private void setDefaults() {
+ public Obfs4Connection(DispatcherOptions options) {
setUseUdp(false);
- setServerName("127.0.0.1");
- setServerPort("");
+ setServerName(DISPATCHER_IP);
+ setServerPort(DISPATCHER_PORT);
setProxyName("");
setProxyPort("");
setProxyAuthUser(null);
setProxyAuthPassword(null);
setProxyType(ProxyType.NONE);
setUseProxyAuth(false);
+ this.options = options;
}
- public void setTransportOptions(JSONObject jsonObject) {
- mObfs4Certificate = jsonObject.optString("cert");
- mObfs4IatMode = jsonObject.optString("iat-mode");
- }
+ @Deprecated
+ public Obfs4Connection() {
+ setUseUdp(false);
+ setServerName(DISPATCHER_IP);
+ setServerPort(DISPATCHER_PORT);
+ setProxyName("");
+ setProxyPort("");
+ setProxyAuthUser(null);
+ setProxyAuthPassword(null);
+ setProxyType(ProxyType.NONE);
+ setUseProxyAuth(false); }
@Override
public Connection clone() throws CloneNotSupportedException {
- return super.clone();
+ Obfs4Connection connection = (Obfs4Connection) super.clone();
+ connection.options = this.options;
+ return connection;
}
@Override
@@ -56,28 +51,9 @@ public class Obfs4Connection extends Connection {
return TransportType.OBFS4;
}
- public String getmObfs4RemoteProxyName() {
- return mObfs4RemoteProxyName;
- }
-
- public void setObfs4RemoteProxyName(String mObfs4RemoteProxyName) {
- this.mObfs4RemoteProxyName = mObfs4RemoteProxyName;
- }
-
- public String getmObfs4RemoteProxyPort() {
- return mObfs4RemoteProxyPort;
- }
-
- public void setObfs4RemoteProxyPort(String mObfs4RemoteProxyPort) {
- this.mObfs4RemoteProxyPort = mObfs4RemoteProxyPort;
- }
-
- public String getmObfs4Certificate() {
- return mObfs4Certificate;
- }
- public String getmObfs4IatMode() {
- return mObfs4IatMode;
+ public DispatcherOptions getDispatcherOptions() {
+ return options;
}
}