Merge branch 'integrate_obfsvpn' into 'master'

update bitmaskcore, integrating obfsvpn See merge request leap/bitmask_android!190
author: cyberta <cyberta@riseup.net> 2022-07-19 17:26:25 +0000
committer: cyberta <cyberta@riseup.net> 2022-07-19 17:26:25 +0000
commit: 6bc3a79e6d09a8fa1857f1d502a87c1c0633be35 (patch)
tree: 7aa914e63bb6aae27c8521dd198e3f7416e9890c /app/src/main/java/de/blinkt
parent: abd8c8d06f01cc5b794a18779c2ea36b9317b4e3 (diff)
parent: 4a95fbad79333bc1cc83b22c8122293a3d8d332f (diff)
5 files changed, 86 insertions, 24 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index c010ef54..7dd75432 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -70,6 +70,8 @@ import se.leap.bitmaskclient.BuildConfig;
 import se.leap.bitmaskclient.R;
 
 import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
 import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
 import static se.leap.bitmaskclient.base.utils.ConfigHelper.stringEqual;
 
@@ -191,7 +193,8 @@ public class VpnProfile implements Serializable, Cloneable {
     private int mProfileVersion;
     public boolean mBlockUnusedAddressFamilies = true;
     public String mGatewayIp;
-    public boolean mUsePluggableTransports;
+    private boolean mUseObfs4;
+    private boolean mUseObfs4Kcp;
 
     public VpnProfile(String name, Connection.TransportType transportType) {
         mUuid = UUID.randomUUID();
@@ -200,7 +203,8 @@ public class VpnProfile implements Serializable, Cloneable {
 
         mConnections = new Connection[1];
         mLastUsed = System.currentTimeMillis();
-        mUsePluggableTransports = transportType == OBFS4;
+        mUseObfs4 = transportType == OBFS4;
+        mUseObfs4Kcp = transportType == OBFS4_KCP;
     }
 
     public static String openVpnEscape(String unescaped) {
@@ -266,7 +270,8 @@ public class VpnProfile implements Serializable, Cloneable {
         if (obj instanceof VpnProfile) {
             VpnProfile vp = (VpnProfile) obj;
             return stringEqual(vp.mGatewayIp, mGatewayIp) &&
-                    vp.mUsePluggableTransports == mUsePluggableTransports;
+                    vp.mUseObfs4 == mUseObfs4 &&
+                    vp.mUseObfs4Kcp == mUseObfs4Kcp;
         }
         return false;
     }
@@ -296,6 +301,20 @@ public class VpnProfile implements Serializable, Cloneable {
         mUuid = uuid;
     }
 
+    public boolean usePluggableTransports() {
+        return mUseObfs4Kcp || mUseObfs4;
+    }
+
+    public Connection.TransportType getTransportType() {
+        if (mUseObfs4) {
+            return OBFS4;
+        } else if (mUseObfs4Kcp) {
+            return OBFS4_KCP;
+        } else {
+            return OPENVPN;
+        }
+    }
+
     public String getName() {
         if (TextUtils.isEmpty(mName))
             return "No profile name";
@@ -478,7 +497,7 @@ public class VpnProfile implements Serializable, Cloneable {
             cfg.append(insertFileData("crl-verify", mCrlFilename));
 
         // compression does not work in conjunction with shapeshifter-dispatcher so far
-        if (mUseLzo && !mUsePluggableTransports) {
+        if (mUseLzo && !usePluggableTransports()) {
             cfg.append("comp-lzo\n");
         }
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index d624af80..4b394136 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -5,6 +5,12 @@
 
 package de.blinkt.openvpn.core;
 
+import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED;
+import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT;
+import static de.blinkt.openvpn.core.NetworkSpace.IpAddress;
+import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
+import static se.leap.bitmaskclient.base.utils.ConfigHelper.ObfsVpnHelper.useObfsVpn;
+
 import android.Manifest.permission;
 import android.annotation.TargetApi;
 import android.app.Notification;
@@ -47,13 +53,9 @@ import se.leap.bitmaskclient.R;
 import se.leap.bitmaskclient.eip.EipStatus;
 import se.leap.bitmaskclient.eip.VpnNotificationManager;
 import se.leap.bitmaskclient.firewall.FirewallManager;
+import se.leap.bitmaskclient.pluggableTransports.ObfsVpnClient;
 import se.leap.bitmaskclient.pluggableTransports.Shapeshifter;
 
-import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED;
-import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT;
-import static de.blinkt.openvpn.core.NetworkSpace.IpAddress;
-import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
-
 
 public class OpenVPNService extends VpnService implements StateListener, Callback, ByteCountListener, IOpenVPNServiceInternal, VpnNotificationManager.VpnServiceCallback {
     public static final String TAG = OpenVPNService.class.getSimpleName();
@@ -89,6 +91,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
     private Runnable mOpenVPNThread;
     private VpnNotificationManager notificationManager;
     private Shapeshifter shapeshifter;
+    private ObfsVpnClient obfsVpnClient;
     private FirewallManager firewallManager;
 
     private final IBinder mBinder = new IOpenVPNServiceInternal.Stub() {
@@ -241,6 +244,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
                     if (shapeshifter != null) {
                         shapeshifter.stop();
                         shapeshifter = null;
+                    } else if (obfsVpnClient != null && obfsVpnClient.isStarted()) {
+                        obfsVpnClient.stop();
+                        obfsVpnClient = null;
                     }
                     VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED);
                 }
@@ -311,7 +317,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, ConnectionStatus.LEVEL_START);
         notificationManager.buildOpenVpnNotification(
                 mProfile != null ? mProfile.mName : "",
-                mProfile != null && mProfile.mUsePluggableTransports,
+                mProfile != null && mProfile.usePluggableTransports(),
                 VpnStatus.getLastCleanLogMessage(this),
                 VpnStatus.getLastCleanLogMessage(this),
                 ConnectionStatus.LEVEL_START,
@@ -410,9 +416,16 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         // An old running VPN should now be exited
         mStarting = false;
 
-        if (mProfile.mUsePluggableTransports && connection instanceof Obfs4Connection) {
+        if (mProfile.usePluggableTransports() && connection instanceof Obfs4Connection) {
             Obfs4Connection obfs4Connection = (Obfs4Connection) connection;
-            if (shapeshifter == null) {
+            if (useObfsVpn()) {
+                if (obfsVpnClient != null && obfsVpnClient.isStarted()) {
+                    obfsVpnClient.stop();
+                }
+                obfsVpnClient = new ObfsVpnClient(obfs4Connection.getDispatcherOptions());
+                int runningSocksPort = obfsVpnClient.start();
+                connection.setProxyPort(String.valueOf(runningSocksPort));
+            } else if (shapeshifter == null) {
                 shapeshifter = new Shapeshifter(obfs4Connection.getDispatcherOptions());
                 shapeshifter.start();
             }
@@ -474,6 +487,10 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
                     Log.d(TAG, "-> stop shapeshifter");
                     shapeshifter.stop();
                     shapeshifter = null;
+                } else if (obfsVpnClient != null && obfsVpnClient.isStarted()) {
+                    Log.d(TAG, "-> stop obfsvpnClient");
+                    obfsVpnClient.stop();
+                    obfsVpnClient = null;
                 }
                 try {
                     Thread.sleep(1000);
@@ -1016,7 +1033,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
         notificationManager.buildOpenVpnNotification(
                 mProfile != null ? mProfile.mName : "",
-                mProfile != null && mProfile.mUsePluggableTransports,
+                mProfile != null && mProfile.usePluggableTransports(),
                 VpnStatus.getLastCleanLogMessage(this),
                 VpnStatus.getLastCleanLogMessage(this),
                 level,
@@ -1047,7 +1064,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
                     humanReadableByteCount(diffOut / OpenVPNManagement.mBytecountInterval, true, getResources()));
             notificationManager.buildOpenVpnNotification(
                     mProfile != null ? mProfile.mName : "",
-                    mProfile != null && mProfile.mUsePluggableTransports,
+                    mProfile != null && mProfile.usePluggableTransports(),
                     netstat,
                     null,
                     LEVEL_CONNECTED,
@@ -1091,7 +1108,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         VpnStatus.updateStateString("NEED", "need " + needed, resid, LEVEL_WAITING_FOR_USER_INPUT);
         notificationManager.buildOpenVpnNotification(
                 mProfile != null ? mProfile.mName : "",
-                mProfile != null && mProfile.mUsePluggableTransports,
+                mProfile != null && mProfile.usePluggableTransports(),
                 getString(resid),
                 getString(resid),
                 LEVEL_WAITING_FOR_USER_INPUT,
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
index 4fa5a7b6..f28651f3 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
@@ -543,6 +543,6 @@ public class VpnStatus {
     }
 
     public static boolean isUsingBridges() {
-        return lastConnectedProfile != null && lastConnectedProfile.mUsePluggableTransports;
+        return lastConnectedProfile != null && lastConnectedProfile.usePluggableTransports();
     }
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
index 4cb9c0c7..f60e7333 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
@@ -39,7 +39,10 @@ public abstract class Connection implements Serializable, Cloneable {
 
     public enum TransportType {
         OBFS4("obfs4"),
-        OPENVPN("openvpn");
+        OPENVPN("openvpn"),
+        OBFS4_KCP("obfs4-1"),
+
+        PT("metaTransport");
 
         String transport;
 
@@ -51,6 +54,17 @@ public abstract class Connection implements Serializable, Cloneable {
         public String toString() {
             return transport;
         }
+
+        public boolean isPluggableTransport() {
+            return this == OBFS4 || this == OBFS4_KCP || this == PT;
+        }
+
+        public TransportType getMetaType() {
+            if (this == OBFS4 || this == OBFS4_KCP || this == PT) {
+                return PT;
+            }
+            return OPENVPN;
+        }
     }
 
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java b/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
index 82a7a6aa..5189afcc 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/connection/Obfs4Connection.java
@@ -1,10 +1,12 @@
 package de.blinkt.openvpn.core.connection;
 
-import se.leap.bitmaskclient.pluggableTransports.Obfs4Options;
-
+import static se.leap.bitmaskclient.base.utils.ConfigHelper.ObfsVpnHelper.useObfsVpn;
 import static se.leap.bitmaskclient.pluggableTransports.Shapeshifter.DISPATCHER_IP;
 import static se.leap.bitmaskclient.pluggableTransports.Shapeshifter.DISPATCHER_PORT;
 
+import se.leap.bitmaskclient.pluggableTransports.Obfs4Options;
+import se.leap.bitmaskclient.pluggableTransports.ObfsVpnClient;
+
 
 /**
  * Created by cyberta on 08.03.19.
@@ -16,14 +18,24 @@ public class Obfs4Connection extends Connection {
     private Obfs4Options options;
 
     public Obfs4Connection(Obfs4Options options) {
+        if (useObfsVpn()) {
+            setServerName(options.remoteIP);
+            setServerPort(options.remotePort);
+            setProxyName(ObfsVpnClient.SOCKS_IP);
+            setProxyPort(String.valueOf(ObfsVpnClient.SOCKS_PORT.get()));
+            setProxyType(ProxyType.SOCKS5);
+        } else {
+            setServerName(DISPATCHER_IP);
+            setServerPort(DISPATCHER_PORT);
+            setProxyName("");
+            setProxyPort("");
+            setProxyType(ProxyType.NONE);
+        }
+        // while udp/kcp might be used on the wire,
+        // we don't use udp for openvpn in case of a obfs4 connection
         setUseUdp(false);
-        setServerName(DISPATCHER_IP);
-        setServerPort(DISPATCHER_PORT);
-        setProxyName("");
-        setProxyPort("");
         setProxyAuthUser(null);
         setProxyAuthPassword(null);
-        setProxyType(ProxyType.NONE);
         setUseProxyAuth(false);
         this.options = options;
     }
author	cyberta <cyberta@riseup.net>	2022-07-19 17:26:25 +0000
committer	cyberta <cyberta@riseup.net>	2022-07-19 17:26:25 +0000
commit	6bc3a79e6d09a8fa1857f1d502a87c1c0633be35 (patch)
tree	7aa914e63bb6aae27c8521dd198e3f7416e9890c /app/src/main/java/de/blinkt
parent	abd8c8d06f01cc5b794a18779c2ea36b9317b4e3 (diff)
parent	4a95fbad79333bc1cc83b22c8122293a3d8d332f (diff)