summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorcyBerta <cyberta@riseup.net>2023-03-31 15:46:09 +0200
committercyBerta <cyberta@riseup.net>2023-04-13 16:47:13 +0200
commitf6017ab12d0c472ab4f22e81d9a768ad2510b134 (patch)
tree8a38157b4218b54a12f3990beaa2852917f4de1d /app
parenta4deca391ce064510002e24ba9f18d965f0dee59 (diff)
don't handle obfs4 over kcp as a separate pluggable transport, instead 'tcp' and 'kcp' become valid protocols for obfs4
Diffstat (limited to 'app')
-rw-r--r--app/src/main/java/de/blinkt/openvpn/VpnProfile.java25
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java21
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java23
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/EIP.java17
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java7
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java33
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java36
-rw-r--r--app/src/test/java/de/blinkt/openvpn/VpnProfileTest.java11
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java52
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java29
-rw-r--r--app/src/test/resources/ptdemo_kcp_gateways.json17
-rw-r--r--app/src/test/resources/ptdemo_misconfigured_kcp_gateways.json4
-rw-r--r--app/src/test/resources/ptdemo_only_experimental_transports_gateways.json8
13 files changed, 138 insertions, 145 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 83cde85e..3428e0c4 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -5,6 +5,11 @@
package de.blinkt.openvpn;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
+import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
+import static se.leap.bitmaskclient.base.utils.ConfigHelper.stringEqual;
+
import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
@@ -34,8 +39,6 @@ import java.io.FileWriter;
import java.io.IOException;
import java.io.Serializable;
import java.io.StringWriter;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
@@ -69,12 +72,6 @@ import de.blinkt.openvpn.core.connection.ConnectionAdapter;
import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
-import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
-import static se.leap.bitmaskclient.base.utils.ConfigHelper.stringEqual;
-
public class VpnProfile implements Serializable, Cloneable {
// Note that this class cannot be moved to core where it belongs since
// the profile loading depends on it being here
@@ -184,6 +181,7 @@ public class VpnProfile implements Serializable, Cloneable {
/* Options no longer used in new profiles */
public String mServerName = "openvpn.example.com";
public String mServerPort = "1194";
+ @Deprecated
public boolean mUseUdp = true;
public boolean mTemporaryProfile = false;
private transient PrivateKey mPrivateKey;
@@ -193,8 +191,7 @@ public class VpnProfile implements Serializable, Cloneable {
private int mProfileVersion;
public boolean mBlockUnusedAddressFamilies = true;
public String mGatewayIp;
- private boolean mUseObfs4;
- private boolean mUseObfs4Kcp;
+ private final boolean mUseObfs4;
public VpnProfile(String name, Connection.TransportType transportType) {
mUuid = UUID.randomUUID();
@@ -204,7 +201,6 @@ public class VpnProfile implements Serializable, Cloneable {
mConnections = new Connection[1];
mLastUsed = System.currentTimeMillis();
mUseObfs4 = transportType == OBFS4;
- mUseObfs4Kcp = transportType == OBFS4_KCP;
}
public static String openVpnEscape(String unescaped) {
@@ -270,8 +266,7 @@ public class VpnProfile implements Serializable, Cloneable {
if (obj instanceof VpnProfile) {
VpnProfile vp = (VpnProfile) obj;
return stringEqual(vp.mGatewayIp, mGatewayIp) &&
- vp.mUseObfs4 == mUseObfs4 &&
- vp.mUseObfs4Kcp == mUseObfs4Kcp;
+ vp.mUseObfs4 == mUseObfs4;
}
return false;
}
@@ -302,14 +297,12 @@ public class VpnProfile implements Serializable, Cloneable {
}
public boolean usePluggableTransports() {
- return mUseObfs4Kcp || mUseObfs4;
+ return mUseObfs4;
}
public Connection.TransportType getTransportType() {
if (mUseObfs4) {
return OBFS4;
- } else if (mUseObfs4Kcp) {
- return OBFS4_KCP;
} else {
return OPENVPN;
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
index f60e7333..137b3f16 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/connection/Connection.java
@@ -37,10 +37,25 @@ public abstract class Connection implements Serializable, Cloneable {
ORBOT
}
+ public enum TransportProtocol {
+ UDP("udp"),
+ TCP("tcp"),
+ KCP("kcp");
+
+ String protocol;
+
+ TransportProtocol(String transportProtocol) {
+ this.protocol = transportProtocol;
+ }
+
+ @Override
+ public String toString() {
+ return protocol;
+ }
+ }
public enum TransportType {
OBFS4("obfs4"),
OPENVPN("openvpn"),
- OBFS4_KCP("obfs4-1"),
PT("metaTransport");
@@ -56,11 +71,11 @@ public abstract class Connection implements Serializable, Cloneable {
}
public boolean isPluggableTransport() {
- return this == OBFS4 || this == OBFS4_KCP || this == PT;
+ return this == OBFS4 || this == PT;
}
public TransportType getMetaType() {
- if (this == OBFS4 || this == OBFS4_KCP || this == PT) {
+ if (this == OBFS4 || this == PT) {
return PT;
}
return OPENVPN;
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
index 53f864cf..62fb1fd2 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
@@ -16,11 +16,13 @@
*/
package se.leap.bitmaskclient.base.models;
+import static de.blinkt.openvpn.core.connection.Connection.TransportProtocol.KCP;
+import static de.blinkt.openvpn.core.connection.Connection.TransportProtocol.TCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static se.leap.bitmaskclient.base.models.Constants.CAPABILITIES;
import static se.leap.bitmaskclient.base.models.Constants.GATEWAYS;
import static se.leap.bitmaskclient.base.models.Constants.LOCATIONS;
+import static se.leap.bitmaskclient.base.models.Constants.PROTOCOLS;
import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_ALLOWED_REGISTERED;
import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_ALLOW_ANONYMOUS;
import static se.leap.bitmaskclient.base.models.Constants.TRANSPORT;
@@ -46,6 +48,7 @@ import java.util.HashSet;
import java.util.Locale;
import java.util.Set;
+import de.blinkt.openvpn.core.connection.Connection.TransportProtocol;
import de.blinkt.openvpn.core.connection.Connection.TransportType;
import motd.IStringCollection;
import motd.Motd;
@@ -181,16 +184,16 @@ public final class Provider implements Parcelable {
public boolean supportsPluggableTransports() {
if (useObfsVpn()) {
- return supportsTransports(new TransportType[]{OBFS4, OBFS4_KCP});
+ return supportsTransports(new Pair[]{new Pair<>(OBFS4, TCP), new Pair<>(OBFS4, KCP)});
}
- return supportsTransports(new TransportType[]{OBFS4});
+ return supportsTransports(new Pair[]{new Pair<>(OBFS4, TCP)});
}
public boolean supportsExperimentalPluggableTransports() {
- return supportsTransports(new TransportType[]{OBFS4_KCP});
+ return supportsTransports(new Pair[]{new Pair<>(OBFS4, KCP)});
}
- private boolean supportsTransports(TransportType[] transportTypes) {
+ private boolean supportsTransports(Pair<TransportType, TransportProtocol>[] transportTypes) {
try {
JSONArray gatewayJsons = eipServiceJson.getJSONArray(GATEWAYS);
for (int i = 0; i < gatewayJsons.length(); i++) {
@@ -199,9 +202,13 @@ public final class Provider implements Parcelable {
getJSONArray(TRANSPORT);
for (int j = 0; j < transports.length(); j++) {
String supportedTransportType = transports.getJSONObject(j).getString(TYPE);
- for (TransportType transportType : transportTypes) {
- if (transportType.toString().equals(supportedTransportType)) {
- return true;
+ JSONArray transportProtocols = transports.getJSONObject(j).getJSONArray(PROTOCOLS);
+ for (Pair<TransportType, TransportProtocol> transportPair : transportTypes) {
+ for (int k = 0; k < transportProtocols.length(); k++) {
+ if (transportPair.first.toString().equals(supportedTransportType) &&
+ transportPair.second.toString().equals(transportProtocols.getString(k))) {
+ return true;
+ }
}
}
}
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index 88cdc715..5b082448 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -91,6 +91,7 @@ import se.leap.bitmaskclient.base.models.Provider;
import se.leap.bitmaskclient.base.models.Pair;
import se.leap.bitmaskclient.base.models.ProviderObservable;
import se.leap.bitmaskclient.base.utils.PreferenceHelper;
+import se.leap.bitmaskclient.eip.GatewaysManager.GatewayOptions;
/**
* EIP is the abstract base class for interacting with and managing the Encrypted
@@ -255,8 +256,8 @@ public final class EIP extends JobIntentService implements Observer {
return;
}
- Pair<Gateway, Connection.TransportType> gatewayTransportTypePair = gatewaysManager.select(nClosestGateway);
- launchActiveGateway(gatewayTransportTypePair, nClosestGateway, result);
+ GatewayOptions gatewayOptions = gatewaysManager.select(nClosestGateway);
+ launchActiveGateway(gatewayOptions, nClosestGateway, result);
if (result.containsKey(BROADCAST_RESULT_KEY) && !result.getBoolean(BROADCAST_RESULT_KEY)) {
tellToReceiverOrBroadcast(this, EIP_ACTION_START, RESULT_CANCELED, result);
} else {
@@ -270,7 +271,7 @@ public final class EIP extends JobIntentService implements Observer {
*/
private void startEIPAlwaysOnVpn() {
GatewaysManager gatewaysManager = new GatewaysManager(getApplicationContext());
- Pair<Gateway, Connection.TransportType> gatewayTransportTypePair = gatewaysManager.select(0);
+ GatewayOptions gatewayOptions = gatewaysManager.select(0);
Bundle result = new Bundle();
if (shouldUpdateVPNCertificate()) {
@@ -279,7 +280,7 @@ public final class EIP extends JobIntentService implements Observer {
ProviderObservable.getInstance().updateProvider(p);
}
- launchActiveGateway(gatewayTransportTypePair, 0, result);
+ launchActiveGateway(gatewayOptions, 0, result);
if (result.containsKey(BROADCAST_RESULT_KEY) && !result.getBoolean(BROADCAST_RESULT_KEY)){
VpnStatus.logWarning("ALWAYS-ON VPN: " + getString(R.string.no_vpn_profiles_defined));
}
@@ -323,13 +324,13 @@ public final class EIP extends JobIntentService implements Observer {
/**
* starts the VPN and connects to the given gateway
*
- * @param gatewayTransportTypePair Pair of Gateway and associated transport used to connect
+ * @param gatewayOptions GatewayOptions model containing a Gateway and the associated transport used to connect
*/
- private void launchActiveGateway(@Nullable Pair<Gateway, Connection.TransportType> gatewayTransportTypePair, int nClosestGateway, Bundle result) {
+ private void launchActiveGateway(@Nullable GatewayOptions gatewayOptions, int nClosestGateway, Bundle result) {
VpnProfile profile;
- if (gatewayTransportTypePair == null || gatewayTransportTypePair.first == null ||
- (profile = gatewayTransportTypePair.first.getProfile(gatewayTransportTypePair.second)) == null) {
+ if (gatewayOptions == null || gatewayOptions.gateway == null ||
+ (profile = gatewayOptions.gateway.getProfile(gatewayOptions.transportType)) == null) {
String preferredLocation = getPreferredCity(getApplicationContext());
if (preferredLocation != null) {
setErrorResult(result, NO_MORE_GATEWAYS.toString(), getStringResourceForNoMoreGateways(), getString(R.string.app_name), preferredLocation);
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
index 929935eb..719b960e 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
@@ -16,6 +16,7 @@
*/
package se.leap.bitmaskclient.eip;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.PT;
import static se.leap.bitmaskclient.base.models.Constants.FULLNESS;
import static se.leap.bitmaskclient.base.models.Constants.HOST;
import static se.leap.bitmaskclient.base.models.Constants.IP_ADDRESS;
@@ -52,7 +53,6 @@ import java.util.HashSet;
import de.blinkt.openvpn.VpnProfile;
import de.blinkt.openvpn.core.ConfigParser;
import de.blinkt.openvpn.core.connection.Connection;
-import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.base.utils.ConfigHelper;
/**
@@ -77,6 +77,9 @@ public class Gateway {
private String name;
private int timezone;
private int apiVersion;
+ /** FIXME: We expect here that not more than one obfs4 transport is offered by a gateway, however
+ * it's possible to setup gateways that have obfs4 over kcp and tcp which result in different VpnProfiles each
+ */
private HashMap<Connection.TransportType, VpnProfile> vpnProfiles;
/**
@@ -209,7 +212,7 @@ public class Gateway {
}
public boolean supportsTransport(Connection.TransportType transportType) {
- if (transportType == Connection.TransportType.PT) {
+ if (transportType == PT) {
return supportsPluggableTransports();
}
return vpnProfiles.get(transportType) != null;
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
index 521d095e..28766998 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
@@ -17,7 +17,6 @@
package se.leap.bitmaskclient.eip;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.PT;
import static se.leap.bitmaskclient.base.models.Constants.GATEWAYS;
@@ -61,7 +60,6 @@ import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.base.models.GatewayJson;
import se.leap.bitmaskclient.base.models.Location;
-import se.leap.bitmaskclient.base.models.Pair;
import se.leap.bitmaskclient.base.models.Provider;
import se.leap.bitmaskclient.base.models.ProviderObservable;
import se.leap.bitmaskclient.base.models.Transport;
@@ -103,6 +101,16 @@ public class GatewaysManager {
}
}
+ public static class GatewayOptions {
+ public Gateway gateway;
+ public TransportType transportType;
+
+ public GatewayOptions(Gateway gateway, TransportType transportType) {
+ this.gateway = gateway;
+ this.transportType = transportType;
+ }
+ }
+
private static final String TAG = GatewaysManager.class.getSimpleName();
public static final String PINNED_OBFUSCATION_PROXY = "pinned.obfuscation.proxy";
@@ -122,7 +130,7 @@ public class GatewaysManager {
* select closest Gateway
* @return the n closest Gateway
*/
- public Pair<Gateway, TransportType> select(int nClosest) {
+ public GatewayOptions select(int nClosest) {
if (PreferenceHelper.useObfuscationPinning(context)) {
if (nClosest > 2) {
// no need to try again the pinned proxy, probably configuration error
@@ -132,14 +140,14 @@ public class GatewaysManager {
if (gateway == null) {
return null;
}
- return new Pair<>(gateway, getObfuscationPinningKCP(context) ? OBFS4_KCP : OBFS4);
+ return new GatewayOptions(gateway, OBFS4);
}
String selectedCity = getPreferredCity(context);
return select(nClosest, selectedCity);
}
- public Pair<Gateway, TransportType> select(int nClosest, String city) {
- TransportType[] transportTypes = getUseBridges(context) ? new TransportType[]{OBFS4, OBFS4_KCP} : new TransportType[]{OPENVPN};
+ public GatewayOptions select(int nClosest, String city) {
+ TransportType[] transportTypes = getUseBridges(context) ? new TransportType[]{OBFS4} : new TransportType[]{OPENVPN};
if (presortedList.size() > 0) {
return getGatewayFromPresortedList(nClosest, transportTypes, city);
}
@@ -266,7 +274,7 @@ public class GatewaysManager {
return Load.getLoadByValue(location.getAverageLoad(transportType));
}
- private Pair<Gateway, TransportType> getGatewayFromTimezoneCalculation(int nClosest, TransportType[] transportTypes, @Nullable String city) {
+ private GatewayOptions getGatewayFromTimezoneCalculation(int nClosest, TransportType[] transportTypes, @Nullable String city) {
List<Gateway> list = new ArrayList<>(gateways.values());
GatewaySelector gatewaySelector = new GatewaySelector(list);
Gateway gateway;
@@ -277,7 +285,7 @@ public class GatewaysManager {
if ((city == null && gateway.supportsTransport(transportType)) ||
(gateway.getName().equals(city) && gateway.supportsTransport(transportType))) {
if (found == nClosest) {
- return new Pair<>(gateway, transportType);
+ return new GatewayOptions(gateway, transportType);
}
found++;
}
@@ -287,14 +295,14 @@ public class GatewaysManager {
return null;
}
- private Pair<Gateway, TransportType> getGatewayFromPresortedList(int nClosest, TransportType[] transportTypes, @Nullable String city) {
+ private GatewayOptions getGatewayFromPresortedList(int nClosest, TransportType[] transportTypes, @Nullable String city) {
int found = 0;
for (Gateway gateway : presortedList) {
for (TransportType transportType : transportTypes) {
if ((city == null && gateway.supportsTransport(transportType)) ||
(gateway.getName().equals(city) && gateway.supportsTransport(transportType))) {
if (found == nClosest) {
- return new Pair<>(gateway, transportType);
+ return new GatewayOptions(gateway, transportType);
}
found++;
}
@@ -387,10 +395,9 @@ public class GatewaysManager {
if (PreferenceHelper.useObfuscationPinning(context)) {
try {
- TransportType transportType = getObfuscationPinningKCP(context) ? OBFS4_KCP : OBFS4;
Transport[] transports = new Transport[]{
- new Transport(transportType.toString(),
- new String[]{"tcp"},
+ new Transport(OBFS4.toString(),
+ new String[]{getObfuscationPinningKCP(context) ? "kcp" : "tcp"},
new String[]{getObfuscationPinningPort(context)},
getObfuscationPinningCert(context))};
GatewayJson.Capabilities capabilities = new GatewayJson.Capabilities(false, false, false, transports, false);
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 72a0d80a..141f6274 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -17,7 +17,6 @@
package se.leap.bitmaskclient.eip;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.PT;
import static se.leap.bitmaskclient.base.models.Constants.CAPABILITIES;
@@ -63,7 +62,6 @@ public class VpnConfigGenerator {
private final JSONObject gateway;
private final JSONObject secrets;
private JSONObject obfs4Transport;
- private JSONObject obfs4TKcpTransport;
private final int apiVersion;
private final boolean preferUDP;
private final boolean experimentalTransports;
@@ -122,11 +120,7 @@ public class VpnConfigGenerator {
JSONObject transport = supportedTransports.getJSONObject(i);
if (transport.getString(TYPE).equals(OBFS4.toString())) {
obfs4Transport = transport;
- if (!experimentalTransports && !obfuscationPinningKCP) {
- break;
- }
- } else if ((experimentalTransports || obfuscationPinningKCP) && transport.getString(TYPE).equals(OBFS4_KCP.toString())) {
- obfs4TKcpTransport = transport;
+ break;
}
}
}
@@ -154,13 +148,6 @@ public class VpnConfigGenerator {
e.printStackTrace();
}
}
- if (supportsObfs4Kcp()) {
- try {
- profiles.put(OBFS4_KCP, createProfile(OBFS4_KCP));
- } catch (ConfigParser.ConfigParseError | NumberFormatException | JSONException | IOException e) {
- e.printStackTrace();
- }
- }
if (profiles.isEmpty()) {
throw new ConfigParser.ConfigParseError("No supported transports detected.");
}
@@ -171,11 +158,7 @@ public class VpnConfigGenerator {
return !useObfuscationPinning && !gatewayConfiguration(OPENVPN).isEmpty();
}
private boolean supportsObfs4(){
- return obfs4Transport != null && !(useObfuscationPinning && obfuscationPinningKCP);
- }
-
- private boolean supportsObfs4Kcp() {
- return obfs4TKcpTransport != null && !(useObfuscationPinning && !obfuscationPinningKCP);
+ return obfs4Transport != null || useObfuscationPinning;
}
private String getConfigurationString(TransportType transportType) {
@@ -194,9 +177,10 @@ public class VpnConfigGenerator {
ConfigParser icsOpenvpnConfigParser = new ConfigParser();
icsOpenvpnConfigParser.parseConfig(new StringReader(configuration));
if (transportType == OBFS4) {
- icsOpenvpnConfigParser.setObfs4Options(getObfs4Options(obfs4Transport, false));
- } else if (transportType == OBFS4_KCP) {
- icsOpenvpnConfigParser.setObfs4Options(getObfs4Options(obfs4TKcpTransport, true));
+ JSONArray protocols = obfs4Transport.getJSONArray(PROTOCOLS);
+ // FIXME: currently only one protocol per obfs4 bridge is supported in this client
+ String protocol = protocols.optString(0);
+ icsOpenvpnConfigParser.setObfs4Options(getObfs4Options(obfs4Transport, protocol.equalsIgnoreCase("kcp")));
}
VpnProfile profile = icsOpenvpnConfigParser.convertProfile(transportType);
@@ -208,7 +192,6 @@ public class VpnConfigGenerator {
return profile;
}
- // TODO: whad does
private Obfs4Options getObfs4Options(JSONObject transportJson, boolean useUdp) throws JSONException {
JSONObject transportOptions = transportJson.getJSONObject(OPTIONS);
String iatMode = transportOptions.getString("iatMode");
@@ -367,8 +350,7 @@ public class VpnConfigGenerator {
case OPENVPN:
return "tcp".equals(protocol) || "udp".equals(protocol);
case OBFS4:
- case OBFS4_KCP:
- return "tcp".equals(protocol);
+ return "tcp".equals(protocol) || "kcp".equals(protocol);
}
return false;
}
@@ -446,10 +428,10 @@ public class VpnConfigGenerator {
String remote;
if (useObfsVpn()) {
if (useObfuscationPinning) {
- remote = REMOTE + " " + obfuscationPinningIP + " " + obfuscationPinningPort + newLine;
+ remote = REMOTE + " " + obfuscationPinningIP + " " + obfuscationPinningPort + " tcp" + newLine;
route = "route " + obfuscationPinningIP + " 255.255.255.255 net_gateway" + newLine;
} else {
- remote = REMOTE + " " + ipAddress + " " + ports.getString(0) + newLine;
+ remote = REMOTE + " " + ipAddress + " " + ports.getString(0) + " tcp" + newLine;
}
} else {
remote = REMOTE + " " + DISPATCHER_IP + " " + DISPATCHER_PORT + " tcp" + newLine;
diff --git a/app/src/test/java/de/blinkt/openvpn/VpnProfileTest.java b/app/src/test/java/de/blinkt/openvpn/VpnProfileTest.java
index 9675c877..5d3c0826 100644
--- a/app/src/test/java/de/blinkt/openvpn/VpnProfileTest.java
+++ b/app/src/test/java/de/blinkt/openvpn/VpnProfileTest.java
@@ -7,7 +7,6 @@ import static org.junit.Assert.assertTrue;
import static org.powermock.api.mockito.PowerMockito.mockStatic;
import static org.powermock.api.mockito.PowerMockito.when;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
import org.json.JSONException;
@@ -29,10 +28,10 @@ import se.leap.bitmaskclient.pluggableTransports.Obfs4Options;
@PrepareForTest({UUID.class, ConfigHelper.ObfsVpnHelper.class})
public class VpnProfileTest {
- private static final String OPENVPNCONNECTION_PROFILE = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":false,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mUseObfs4Kcp\":false,\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mUseUdp\":false,\"mServerName\":\"openvpn.example.com\",\"mProxyType\":\"NONE\",\"mProxyPort\":\"8080\",\"mUseCustomConfig\":false,\"mConnectTimeout\":0,\"mProxyName\":\"proxy.example.com\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.OpenvpnConnection\",\"mServerPort\":\"1194\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
- private static final String OBFS4CONNECTION_PROFILE = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":true,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mUseObfs4Kcp\":false,\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"127.0.0.1\",\"mProxyType\":\"NONE\",\"mConnectTimeout\":0,\"mServerPort\":\"4430\",\"mUseUdp\":false,\"mProxyPort\":\"\",\"mUseCustomConfig\":false,\"options\":{\"udp\":false,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
- private static final String OBFS4CONNECTION_PROFILE_OBFSVPN = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":true,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mUseObfs4Kcp\":false,\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"192.168.0.1\",\"mProxyType\":\"SOCKS5\",\"mConnectTimeout\":0,\"mServerPort\":\"1234\",\"mUseUdp\":false,\"mProxyPort\":\"4430\",\"mUseCustomConfig\":false,\"options\":{\"udp\":false,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"127.0.0.1\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
- private static final String OBFS4CONNECTION_PROFILE_OBFSVPN_KCP = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":false,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mUseObfs4Kcp\":true,\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"192.168.0.1\",\"mProxyType\":\"SOCKS5\",\"mConnectTimeout\":0,\"mServerPort\":\"1234\",\"mUseUdp\":false,\"mProxyPort\":\"4430\",\"mUseCustomConfig\":false,\"options\":{\"udp\":true,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"127.0.0.1\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}\n";
+ private static final String OPENVPNCONNECTION_PROFILE = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":false,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mUseUdp\":false,\"mServerName\":\"openvpn.example.com\",\"mProxyType\":\"NONE\",\"mProxyPort\":\"8080\",\"mUseCustomConfig\":false,\"mConnectTimeout\":0,\"mProxyName\":\"proxy.example.com\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.OpenvpnConnection\",\"mServerPort\":\"1194\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
+ private static final String OBFS4CONNECTION_PROFILE = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":true,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"127.0.0.1\",\"mProxyType\":\"NONE\",\"mConnectTimeout\":0,\"mServerPort\":\"4430\",\"mUseUdp\":false,\"mProxyPort\":\"\",\"mUseCustomConfig\":false,\"options\":{\"udp\":false,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
+ private static final String OBFS4CONNECTION_PROFILE_OBFSVPN = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":true,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"192.168.0.1\",\"mProxyType\":\"SOCKS5\",\"mConnectTimeout\":0,\"mServerPort\":\"1234\",\"mUseUdp\":false,\"mProxyPort\":\"4430\",\"mUseCustomConfig\":false,\"options\":{\"udp\":false,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"127.0.0.1\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}";
+ private static final String OBFS4CONNECTION_PROFILE_OBFSVPN_KCP = "{\"mCipher\":\"\",\"mProfileVersion\":7,\"mLastUsed\":0,\"mCheckRemoteCN\":true,\"mVerb\":\"1\",\"mRemoteRandom\":false,\"mRoutenopull\":false,\"mConnectRetry\":\"2\",\"mAllowedAppsVpn\":[],\"mUserEditable\":true,\"mUseUdp\":true,\"mAllowedAppsVpnAreDisallowed\":true,\"mDNS1\":\"8.8.8.8\",\"mDNS2\":\"8.8.4.4\",\"mUseCustomConfig\":false,\"mUseFloat\":false,\"mUseDefaultRoute\":true,\"mConnectRetryMaxTime\":\"300\",\"mNobind\":true,\"mVersion\":0,\"mConnectRetryMax\":\"-1\",\"mOverrideDNS\":false,\"mAuth\":\"\",\"mTunMtu\":0,\"mUseObfs4\":true,\"mPassword\":\"\",\"mTLSAuthDirection\":\"\",\"mKeyPassword\":\"\",\"mCustomConfigOptions\":\"\",\"mName\":\"mockProfile\",\"mExpectTLSCert\":false,\"mUsername\":\"\",\"mAllowLocalLAN\":false,\"mDataCiphers\":\"\",\"mSearchDomain\":\"blinkt.de\",\"mTemporaryProfile\":false,\"mUseTLSAuth\":false,\"mRemoteCN\":\"\",\"mCustomRoutesv6\":\"\",\"mPersistTun\":false,\"mX509AuthType\":3,\"mUuid\":\"9d295ca2-3789-48dd-996e-f731dbf50fdc\",\"mServerName\":\"openvpn.example.com\",\"mMssFix\":0,\"mPushPeerInfo\":false,\"mAuthenticationType\":2,\"mBlockUnusedAddressFamilies\":true,\"mServerPort\":\"1194\",\"mUseDefaultRoutev6\":true,\"mConnections\":[{\"mCustomConfiguration\":\"\",\"mServerName\":\"192.168.0.1\",\"mProxyType\":\"SOCKS5\",\"mConnectTimeout\":0,\"mServerPort\":\"1234\",\"mUseUdp\":false,\"mProxyPort\":\"4430\",\"mUseCustomConfig\":false,\"options\":{\"udp\":true,\"remoteIP\":\"192.168.0.1\",\"iatMode\":\"1\",\"remotePort\":\"1234\",\"cert\":\"CERT\"},\"mProxyName\":\"127.0.0.1\",\"mUseProxyAuth\":false,\"ConnectionAdapter.META_TYPE\":\"de.blinkt.openvpn.core.connection.Obfs4Connection\",\"mEnabled\":true}],\"mUseLzo\":false,\"mAllowAppVpnBypass\":false,\"mUsePull\":true,\"mUseRandomHostname\":false,\"mAuthRetry\":0}\n";
@Before
public void setup() {
@@ -106,7 +105,7 @@ public class VpnProfileTest {
public void toJson_obfs4_obfsvpn_kcp() throws JSONException {
when(ConfigHelper.ObfsVpnHelper.useObfsVpn()).thenReturn(true);
- VpnProfile mockVpnProfile = new VpnProfile("mockProfile", OBFS4_KCP);
+ VpnProfile mockVpnProfile = new VpnProfile("mockProfile", OBFS4);
mockVpnProfile.mConnections[0] = new Obfs4Connection(new Obfs4Options("192.168.0.1", "1234", "CERT", "1", true));
mockVpnProfile.mLastUsed = 0;
String s = mockVpnProfile.toJson();
diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java
index 3b0d5552..1b42b5d2 100644
--- a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java
@@ -32,7 +32,6 @@ import se.leap.bitmaskclient.testutils.MockSharedPreferences;
import se.leap.bitmaskclient.testutils.TestSetupHelper;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
import static junit.framework.Assert.assertEquals;
import static junit.framework.Assert.assertNull;
@@ -220,7 +219,7 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(true);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("37.12.247.10", gatewaysManager.select(0).first.getRemoteIP());
+ assertEquals("37.12.247.10", gatewaysManager.select(0).gateway.getRemoteIP());
}
@Test
@@ -233,9 +232,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("manila.bitmask.net", gatewaysManager.select(0).first.getHost());
- assertEquals("moscow.bitmask.net", gatewaysManager.select(1).first.getHost());
- assertEquals("pt.demo.bitmask.net", gatewaysManager.select(2).first.getHost());
+ assertEquals("manila.bitmask.net", gatewaysManager.select(0).gateway.getHost());
+ assertEquals("moscow.bitmask.net", gatewaysManager.select(1).gateway.getHost());
+ assertEquals("pt.demo.bitmask.net", gatewaysManager.select(2).gateway.getHost());
}
@Test
@@ -248,8 +247,8 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(true);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("moscow.bitmask.net", gatewaysManager.select(0).first.getHost());
- assertEquals("pt.demo.bitmask.net", gatewaysManager.select(1).first.getHost());
+ assertEquals("moscow.bitmask.net", gatewaysManager.select(0).gateway.getHost());
+ assertEquals("pt.demo.bitmask.net", gatewaysManager.select(1).gateway.getHost());
assertNull(gatewaysManager.select(2));
}
@@ -265,9 +264,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getPreferredCity(any(Context.class))).thenReturn("Paris");
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("mouette.riseup.net", gatewaysManager.select(0).first.getHost());
- assertEquals("hoatzin.riseup.net", gatewaysManager.select(1).first.getHost());
- assertEquals("zarapito.riseup.net", gatewaysManager.select(2).first.getHost());
+ assertEquals("mouette.riseup.net", gatewaysManager.select(0).gateway.getHost());
+ assertEquals("hoatzin.riseup.net", gatewaysManager.select(1).gateway.getHost());
+ assertEquals("zarapito.riseup.net", gatewaysManager.select(2).gateway.getHost());
}
@Test
@@ -281,9 +280,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getPreferredCity(any(Context.class))).thenReturn("Paris");
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("mouette.riseup.net", gatewaysManager.select(0).first.getHost());
- assertEquals("hoatzin.riseup.net", gatewaysManager.select(1).first.getHost());
- assertEquals("zarapito.riseup.net", gatewaysManager.select(2).first.getHost());
+ assertEquals("mouette.riseup.net", gatewaysManager.select(0).gateway.getHost());
+ assertEquals("hoatzin.riseup.net", gatewaysManager.select(1).gateway.getHost());
+ assertEquals("zarapito.riseup.net", gatewaysManager.select(2).gateway.getHost());
}
@Test
@@ -298,9 +297,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getPreferredCity(any(Context.class))).thenReturn("Paris");
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("Paris", gatewaysManager.select(0).first.getName());
- assertEquals("Paris", gatewaysManager.select(1).first.getName());
- assertEquals("Paris", gatewaysManager.select(2).first.getName());
+ assertEquals("Paris", gatewaysManager.select(0).gateway.getName());
+ assertEquals("Paris", gatewaysManager.select(1).gateway.getName());
+ assertEquals("Paris", gatewaysManager.select(2).gateway.getName());
assertEquals(null, gatewaysManager.select(3));
}
@@ -314,9 +313,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("mouette.riseup.net", gatewaysManager.select(0, "Paris").first.getHost());
- assertEquals("hoatzin.riseup.net", gatewaysManager.select(1, "Paris").first.getHost());
- assertEquals("zarapito.riseup.net", gatewaysManager.select(2, "Paris").first.getHost());
+ assertEquals("mouette.riseup.net", gatewaysManager.select(0, "Paris").gateway.getHost());
+ assertEquals("hoatzin.riseup.net", gatewaysManager.select(1, "Paris").gateway.getHost());
+ assertEquals("zarapito.riseup.net", gatewaysManager.select(2, "Paris").gateway.getHost());
}
@Test
@@ -329,9 +328,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("mouette.riseup.net", gatewaysManager.select(0, "Paris").first.getHost());
- assertEquals("hoatzin.riseup.net", gatewaysManager.select(1, "Paris").first.getHost());
- assertEquals("zarapito.riseup.net", gatewaysManager.select(2, "Paris").first.getHost());
+ assertEquals("mouette.riseup.net", gatewaysManager.select(0, "Paris").gateway.getHost());
+ assertEquals("hoatzin.riseup.net", gatewaysManager.select(1, "Paris").gateway.getHost());
+ assertEquals("zarapito.riseup.net", gatewaysManager.select(2, "Paris").gateway.getHost());
}
@Test
@@ -345,9 +344,9 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals("Paris", gatewaysManager.select(0, "Paris").first.getName());
- assertEquals("Paris", gatewaysManager.select(1, "Paris").first.getName());
- assertEquals("Paris", gatewaysManager.select(2, "Paris").first.getName());
+ assertEquals("Paris", gatewaysManager.select(0, "Paris").gateway.getName());
+ assertEquals("Paris", gatewaysManager.select(1, "Paris").gateway.getName());
+ assertEquals("Paris", gatewaysManager.select(2, "Paris").gateway.getName());
assertEquals(null, gatewaysManager.select(3, "Paris"));
}
@@ -534,7 +533,7 @@ public class GatewaysManagerTest {
mockStatic(PreferenceHelper.class);
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- List<Location> locations = gatewaysManager.getSortedGatewayLocations(OBFS4_KCP);
+ List<Location> locations = gatewaysManager.getSortedGatewayLocations(OBFS4);
assertEquals(3, locations.size());
}
@@ -548,7 +547,6 @@ public class GatewaysManagerTest {
when(PreferenceHelper.getUseBridges(any(Context.class))).thenReturn(false);
GatewaysManager gatewaysManager = new GatewaysManager(mockContext);
- assertEquals(0.3, gatewaysManager.getLocation("Amsterdam").getAverageLoad(OBFS4_KCP));
assertEquals(0.3, gatewaysManager.getLocation("Amsterdam").getAverageLoad(OBFS4));
assertEquals(0.3, gatewaysManager.getLocation("Amsterdam").getAverageLoad(OPENVPN));
}
diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java
index 4fb178fc..6b1c5bf3 100644
--- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java
@@ -9,7 +9,6 @@ import static org.mockito.Mockito.mock;
import static org.powermock.api.mockito.PowerMockito.mockStatic;
import static org.powermock.api.mockito.PowerMockito.when;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4_KCP;
import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
import static se.leap.bitmaskclient.base.models.Constants.OPENVPN_CONFIGURATION;
import static se.leap.bitmaskclient.testutils.MockHelper.mockTextUtils;
@@ -34,6 +33,7 @@ import java.util.HashMap;
import de.blinkt.openvpn.VpnProfile;
import de.blinkt.openvpn.core.connection.Connection;
+import de.blinkt.openvpn.core.connection.Obfs4Connection;
import se.leap.bitmaskclient.base.utils.ConfigHelper;
import se.leap.bitmaskclient.testutils.MockHelper;
import se.leap.bitmaskclient.testutils.TestSetupHelper;
@@ -1688,7 +1688,7 @@ public class VpnConfigGeneratorTest {
@Test
public void testGenerateVpnProfileExperimentalTransportsEnabled () throws Exception {
- gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(0);
+ gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2);
generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION);
VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration();
configuration.apiVersion = 3;
@@ -1696,29 +1696,27 @@ public class VpnConfigGeneratorTest {
configuration.preferUDP = true;
vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration);
HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles();
- assertTrue(vpnProfiles.containsKey(OBFS4));
- assertTrue(vpnProfiles.containsKey(OBFS4_KCP));
+ assertTrue(vpnProfiles.containsKey(OBFS4) && ((Obfs4Connection)vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp);
assertTrue(vpnProfiles.containsKey(OPENVPN));
}
@Test
public void testGenerateVpnProfile_experimentalTransportsEnabled_KCPMisconfiguredWithUDP_SkippingObfsKCP () throws Exception {
- gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(0);
+ gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(2);
generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_misconfigured_kcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION);
VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration();
configuration.apiVersion = 3;
configuration.experimentalTransports = true;
vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration);
HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles();
- assertTrue(vpnProfiles.containsKey(OBFS4));
- assertFalse(vpnProfiles.containsKey(OBFS4_KCP));
+ assertFalse(vpnProfiles.containsKey(OBFS4));
assertTrue(vpnProfiles.containsKey(OPENVPN));
}
@Test
public void testGenerateVpnProfile_ObfuscationPinningEnabled_obfs4AndOpenvpnProfile () throws Exception {
- gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(0);
+ gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONArray("gateways").getJSONObject(1);
generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_kcp_gateways.json"))).getJSONObject(OPENVPN_CONFIGURATION);
VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration();
configuration.apiVersion = 3;
@@ -1728,7 +1726,8 @@ public class VpnConfigGeneratorTest {
HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles();
assertFalse("has no openvpn profile", vpnProfiles.containsKey(OPENVPN));
assertTrue("has obfs4 profile", vpnProfiles.containsKey(OBFS4));
- assertFalse("has no obfs4 kcp profile", vpnProfiles.containsKey(OBFS4_KCP));
+ assertTrue("bridge is running KCP", vpnProfiles.get(OBFS4).mGatewayIp.equals("1.2.3.4"));
+
}
@Test
@@ -1738,16 +1737,17 @@ public class VpnConfigGeneratorTest {
VpnConfigGenerator.Configuration configuration = new VpnConfigGenerator.Configuration();
configuration.apiVersion = 3;
configuration.useObfuscationPinning = true;
- configuration.obfuscationProxyKCP = true;
+ configuration.obfuscationProxyKCP = false;
configuration.obfuscationProxyPort = "443";
configuration.obfuscationProxyIP = "5.6.7.8";
configuration.obfuscationProxyCert = "asdfasdf";
configuration.remoteGatewayIP = "1.2.3.4";
vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration);
HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles();
- assertTrue("has obfs4_kcp profile", vpnProfiles.containsKey(OBFS4_KCP));
assertFalse("has openvpn profile", vpnProfiles.containsKey(OPENVPN));
- assertFalse("has no obfs4 profile", vpnProfiles.containsKey(OBFS4));
+ assertTrue("has obfs4 profile", vpnProfiles.containsKey(OBFS4));
+ assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && !vpnProfiles.get(OBFS4).mConnections[0].isUseUdp() );
+ assertTrue("bridge is running KCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp == false);
}
@Test
@@ -1765,9 +1765,10 @@ public class VpnConfigGeneratorTest {
vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, configuration);
HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles();
- assertTrue("has obfs4_kcp profile", vpnProfiles.containsKey(OBFS4_KCP));
assertFalse("has openvpn profile", vpnProfiles.containsKey(OPENVPN));
- assertFalse("has no obfs4 profile", vpnProfiles.containsKey(OBFS4));
+ assertTrue("has no obfs4 profile", vpnProfiles.containsKey(OBFS4));
+ assertTrue("bridge is pinned one", vpnProfiles.get(OBFS4).getTransportType() == OBFS4 && vpnProfiles.get(OBFS4).mGatewayIp.equals("1.2.3.4"));
+ assertTrue("bridge is running KCP", ((Obfs4Connection) vpnProfiles.get(OBFS4).mConnections[0]).getDispatcherOptions().udp == true);
}
} \ No newline at end of file
diff --git a/app/src/test/resources/ptdemo_kcp_gateways.json b/app/src/test/resources/ptdemo_kcp_gateways.json
index 332c8c11..8c2c9d32 100644
--- a/app/src/test/resources/ptdemo_kcp_gateways.json
+++ b/app/src/test/resources/ptdemo_kcp_gateways.json
@@ -20,19 +20,6 @@
}
},
{
- "type":"obfs4-1",
- "protocols":[
- "tcp"
- ],
- "ports":[
- "23050"
- ],
- "options": {
- "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1",
- "iatMode": "0"
- }
- },
- {
"type":"openvpn",
"protocols":[
"tcp"
@@ -101,9 +88,9 @@
]
},
{
- "type":"obfs4-1",
+ "type":"obfs4",
"protocols":[
- "tcp"
+ "kcp"
],
"ports":[
"23050"
diff --git a/app/src/test/resources/ptdemo_misconfigured_kcp_gateways.json b/app/src/test/resources/ptdemo_misconfigured_kcp_gateways.json
index 94a1eafd..28a6a201 100644
--- a/app/src/test/resources/ptdemo_misconfigured_kcp_gateways.json
+++ b/app/src/test/resources/ptdemo_misconfigured_kcp_gateways.json
@@ -20,7 +20,7 @@
}
},
{
- "type":"obfs4-1",
+ "type":"obfs4",
"protocols":[
"udp"
],
@@ -101,7 +101,7 @@
]
},
{
- "type":"obfs4-1",
+ "type":"obfs4",
"protocols":[
"udp"
],
diff --git a/app/src/test/resources/ptdemo_only_experimental_transports_gateways.json b/app/src/test/resources/ptdemo_only_experimental_transports_gateways.json
index 31c919e7..8f98d170 100644
--- a/app/src/test/resources/ptdemo_only_experimental_transports_gateways.json
+++ b/app/src/test/resources/ptdemo_only_experimental_transports_gateways.json
@@ -7,9 +7,9 @@
"limited":false,
"transport":[
{
- "type":"obfs4-1",
+ "type":"obfs4",
"protocols":[
- "tcp"
+ "kcp"
],
"ports":[
"23050"
@@ -75,9 +75,9 @@
]
},
{
- "type":"obfs4-1",
+ "type":"obfs4",
"protocols":[
- "tcp"
+ "kcp"
],
"ports":[
"23050"