From db1e1a2045a2e6456d54765be3cf95186ce987f7 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 24 May 2019 18:01:03 +0200 Subject: squashed commit for Pluggable Transports * implement handling of different provider API version (v1 and v2) * detect provider's obfs support * shapeshifter-dispatcher installation * necessary changes to control shapeshifter-dispatcher from Bitmask * route openvpn traffic over shapeshifter-dispatcher --- .../de/blinkt/openvpn/core/OpenVPNService.java | 44 +++++++++++++++++++++- 1 file changed, 43 insertions(+), 1 deletion(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 82c4e1df..55a92cb0 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -42,9 +42,13 @@ import java.util.Vector; import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.VpnStatus.ByteCountListener; import de.blinkt.openvpn.core.VpnStatus.StateListener; +import de.blinkt.openvpn.core.connection.Connection; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.VpnNotificationManager; +import se.leap.bitmaskclient.pluggableTransports.Dispatcher; +import de.blinkt.openvpn.core.connection.Obfs4Connection; +import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT; import static de.blinkt.openvpn.core.NetworkSpace.IpAddress; @@ -52,6 +56,7 @@ import static se.leap.bitmaskclient.Constants.PROVIDER_PROFILE; public class OpenVPNService extends VpnService implements StateListener, Callback, ByteCountListener, IOpenVPNServiceInternal, VpnNotificationManager.VpnServiceCallback { + public static final String TAG = OpenVPNService.class.getSimpleName(); public static final String START_SERVICE = "de.blinkt.openvpn.START_SERVICE"; public static final String START_SERVICE_STICKY = "de.blinkt.openvpn.START_SERVICE_STICKY"; public static final String ALWAYS_SHOW_NOTIFICATION = "de.blinkt.openvpn.NOTIFICATION_ALWAYS_VISIBLE"; @@ -85,6 +90,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac private Toast mlastToast; private Runnable mOpenVPNThread; private VpnNotificationManager notificationManager; + private Dispatcher dispatcher; private static final int PRIORITY_MIN = -2; private static final int PRIORITY_DEFAULT = 0; @@ -242,6 +248,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if(isVpnRunning()) { if (getManagement() != null && getManagement().stopVPN(replaceConnection)) { if (!replaceConnection) { + if (dispatcher.isRunning()) { + dispatcher.stop(); + } VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); } return true; @@ -249,6 +258,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac return false; } else { if (!replaceConnection) { + if (dispatcher.isRunning()) { + dispatcher.stop(); + } VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); return true; } @@ -366,6 +378,36 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac /** * see change above (l. 292 ff) */ + //TODO: investigate how connections[n] with n>0 get called during vpn setup (on connection refused?) + // Do we need to check if there's any obfs4 connection in mProfile.mConnections and start + // the dispatcher here? Can we start the dispatcher at a later point of execution, e.g. when + // connections[n], n>0 gets choosen? + + VpnStatus.logInfo("Setting up dispatcher."); + Connection connection = mProfile.mConnections[0]; + + if (connection.getTransportType() == OBFS4) { + Obfs4Connection obfs4Connection = (Obfs4Connection) connection; + dispatcher = new Dispatcher(this, + obfs4Connection.getmObfs4RemoteProxyName(), + obfs4Connection.getmObfs4RemoteProxyPort(), + obfs4Connection.getmObfs4Certificate(), + obfs4Connection.getmObfs4IatMode()); + dispatcher.initSync(); + + if (dispatcher.getPort() != null && dispatcher.getPort().length() > 0) { + connection.setServerPort(dispatcher.getPort()); + Log.d(TAG, "Dispatcher running. Profile server name and port: " + + connection.getServerName() + ":" + connection.getServerPort()); + VpnStatus.logInfo("Dispatcher running. Profile server name and port: " + + connection.getServerName() + ":" + connection.getServerPort()); + } else { + Log.e(TAG, "Cannot initialize dispatcher for obfs4 connection. Shutting down."); + VpnStatus.logError("Cannot initialize dispatcher for obfs4 connection. Shutting down."); + } + } + + VpnStatus.logInfo(R.string.building_configration); VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, ConnectionStatus.LEVEL_START); @@ -743,7 +785,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac boolean profileUsesOrBot = false; for (Connection c : mProfile.mConnections) { - if (c.mProxyType == Connection.ProxyType.ORBOT) + if (c.getProxyType() == Connection.ProxyType.ORBOT) profileUsesOrBot = true; } -- cgit v1.2.3 From 386c580a9a97870f500bf277a1d1ec25a8f4a056 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Wed, 12 Jun 2019 17:42:32 +0200 Subject: add null checks for the case shapeshifter-dispatcher is not running --- app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 55a92cb0..b775921c 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -248,7 +248,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if(isVpnRunning()) { if (getManagement() != null && getManagement().stopVPN(replaceConnection)) { if (!replaceConnection) { - if (dispatcher.isRunning()) { + if (dispatcher != null && dispatcher.isRunning()) { dispatcher.stop(); } VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); @@ -258,7 +258,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac return false; } else { if (!replaceConnection) { - if (dispatcher.isRunning()) { + if (dispatcher != null && dispatcher.isRunning()) { dispatcher.stop(); } VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); @@ -395,7 +395,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac obfs4Connection.getmObfs4IatMode()); dispatcher.initSync(); - if (dispatcher.getPort() != null && dispatcher.getPort().length() > 0) { + if (dispatcher.isRunning()) { connection.setServerPort(dispatcher.getPort()); Log.d(TAG, "Dispatcher running. Profile server name and port: " + connection.getServerName() + ":" + connection.getServerPort()); -- cgit v1.2.3 From 8f7146a89fba31bcb9a204415a38e796cfa7d403 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 14 Jun 2019 18:18:18 +0200 Subject: * refactor vpn profile generation * fix lzo-comp flag parsing in ConfigParser --- app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index b775921c..4a33fd49 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -48,7 +48,6 @@ import se.leap.bitmaskclient.VpnNotificationManager; import se.leap.bitmaskclient.pluggableTransports.Dispatcher; import de.blinkt.openvpn.core.connection.Obfs4Connection; -import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT; import static de.blinkt.openvpn.core.NetworkSpace.IpAddress; @@ -386,13 +385,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logInfo("Setting up dispatcher."); Connection connection = mProfile.mConnections[0]; - if (connection.getTransportType() == OBFS4) { + if (mProfile.mUsePluggableTransports) { Obfs4Connection obfs4Connection = (Obfs4Connection) connection; - dispatcher = new Dispatcher(this, - obfs4Connection.getmObfs4RemoteProxyName(), - obfs4Connection.getmObfs4RemoteProxyPort(), - obfs4Connection.getmObfs4Certificate(), - obfs4Connection.getmObfs4IatMode()); + dispatcher = new Dispatcher(this, obfs4Connection.getDispatcherOptions()); dispatcher.initSync(); if (dispatcher.isRunning()) { -- cgit v1.2.3 From 63d1ccce6173445efba0028cc0fee1562e4540aa Mon Sep 17 00:00:00 2001 From: cyBerta Date: Wed, 3 Jul 2019 19:10:19 +0200 Subject: show a little ghost and extra information in notifications when trying or using an obfuscated connection --- app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 4a33fd49..184cea2c 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -318,6 +318,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, ConnectionStatus.LEVEL_START); notificationManager.buildOpenVpnNotification( mProfile != null ? mProfile.mName : "", + mProfile != null && mProfile.mUsePluggableTransports, VpnStatus.getLastCleanLogMessage(this), VpnStatus.getLastCleanLogMessage(this), ConnectionStatus.LEVEL_START, @@ -988,6 +989,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac // Does not work :( notificationManager.buildOpenVpnNotification( mProfile != null ? mProfile.mName : "", + mProfile != null && mProfile.mUsePluggableTransports, VpnStatus.getLastCleanLogMessage(this), VpnStatus.getLastCleanLogMessage(this), level, @@ -1019,6 +1021,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac humanReadableByteCount(diffOut / OpenVPNManagement.mBytecountInterval, true, getResources())); notificationManager.buildOpenVpnNotification( mProfile != null ? mProfile.mName : "", + mProfile != null && mProfile.mUsePluggableTransports, netstat, null, LEVEL_CONNECTED, @@ -1062,6 +1065,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.updateStateString("NEED", "need " + needed, resid, LEVEL_WAITING_FOR_USER_INPUT); notificationManager.buildOpenVpnNotification( mProfile != null ? mProfile.mName : "", + mProfile != null && mProfile.mUsePluggableTransports, getString(resid), getString(resid), LEVEL_WAITING_FOR_USER_INPUT, -- cgit v1.2.3 From 22403d3a7c60f92df38b0178780ce4d3e245c2fd Mon Sep 17 00:00:00 2001 From: cyBerta Date: Sun, 14 Jul 2019 20:12:08 +0200 Subject: remove duplicated line in OpenVPNService --- app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 1 - 1 file changed, 1 deletion(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 184cea2c..32e00f86 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -66,7 +66,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac public final static String ORBOT_PACKAGE_NAME = "org.torproject.android"; private static final String PAUSE_VPN = "de.blinkt.openvpn.PAUSE_VPN"; private static final String RESUME_VPN = "se.leap.bitmaskclient.RESUME_VPN"; - private static final String TAG = OpenVPNService.class.getSimpleName(); private static boolean mNotificationAlwaysVisible = false; private final Vector mDnslist = new Vector<>(); private final NetworkSpace mRoutes = new NetworkSpace(); -- cgit v1.2.3 From 5a883a2119500c1d25a7f7dc650f62d5262cb9cc Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 1 Aug 2019 23:16:22 +0200 Subject: add Shapeshifter class managing shapeshifter go library --- .../de/blinkt/openvpn/core/OpenVPNService.java | 32 ++++++++++++---------- 1 file changed, 18 insertions(+), 14 deletions(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 32e00f86..6f817323 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -47,6 +47,7 @@ import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.VpnNotificationManager; import se.leap.bitmaskclient.pluggableTransports.Dispatcher; import de.blinkt.openvpn.core.connection.Obfs4Connection; +import se.leap.bitmaskclient.pluggableTransports.Shapeshifter; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT; @@ -88,7 +89,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac private Toast mlastToast; private Runnable mOpenVPNThread; private VpnNotificationManager notificationManager; - private Dispatcher dispatcher; + private Shapeshifter shapeshifter; private static final int PRIORITY_MIN = -2; private static final int PRIORITY_DEFAULT = 0; @@ -246,9 +247,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if(isVpnRunning()) { if (getManagement() != null && getManagement().stopVPN(replaceConnection)) { if (!replaceConnection) { - if (dispatcher != null && dispatcher.isRunning()) { - dispatcher.stop(); + if (shapeshifter != null) { + shapeshifter.stop(); } + /*if (dispatcher != null && dispatcher.isRunning()) { + dispatcher.stop(); + }*/ VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); } return true; @@ -256,9 +260,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac return false; } else { if (!replaceConnection) { - if (dispatcher != null && dispatcher.isRunning()) { - dispatcher.stop(); + if (shapeshifter != null) { + shapeshifter.stop(); } + /*if (dispatcher != null && dispatcher.isRunning()) { + dispatcher.stop(); + }*/ VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); return true; } @@ -387,15 +394,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (mProfile.mUsePluggableTransports) { Obfs4Connection obfs4Connection = (Obfs4Connection) connection; - dispatcher = new Dispatcher(this, obfs4Connection.getDispatcherOptions()); - dispatcher.initSync(); - - if (dispatcher.isRunning()) { - connection.setServerPort(dispatcher.getPort()); - Log.d(TAG, "Dispatcher running. Profile server name and port: " + - connection.getServerName() + ":" + connection.getServerPort()); - VpnStatus.logInfo("Dispatcher running. Profile server name and port: " + - connection.getServerName() + ":" + connection.getServerPort()); + //dispatcher = new Dispatcher(this, obfs4Connection.getDispatcherOptions()); + //dispatcher.initSync(); + shapeshifter = new Shapeshifter(obfs4Connection.getDispatcherOptions()); + if (shapeshifter.start()) { + // FIXME: we already know the shapeshifter port earlier! + connection.setServerPort(Shapeshifter.DISPATCHER_PORT); } else { Log.e(TAG, "Cannot initialize dispatcher for obfs4 connection. Shutting down."); VpnStatus.logError("Cannot initialize dispatcher for obfs4 connection. Shutting down."); -- cgit v1.2.3 From ec891871adb9ad75918fcdf33c45a33cafba044a Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 2 Aug 2019 00:46:39 +0200 Subject: cleanup in OpenVPNService --- .../de/blinkt/openvpn/core/OpenVPNService.java | 24 +++++----------------- 1 file changed, 5 insertions(+), 19 deletions(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 6f817323..e446021f 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -43,10 +43,9 @@ import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.VpnStatus.ByteCountListener; import de.blinkt.openvpn.core.VpnStatus.StateListener; import de.blinkt.openvpn.core.connection.Connection; +import de.blinkt.openvpn.core.connection.Obfs4Connection; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.VpnNotificationManager; -import se.leap.bitmaskclient.pluggableTransports.Dispatcher; -import de.blinkt.openvpn.core.connection.Obfs4Connection; import se.leap.bitmaskclient.pluggableTransports.Shapeshifter; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED; @@ -250,9 +249,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (shapeshifter != null) { shapeshifter.stop(); } - /*if (dispatcher != null && dispatcher.isRunning()) { - dispatcher.stop(); - }*/ VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); } return true; @@ -263,9 +259,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (shapeshifter != null) { shapeshifter.stop(); } - /*if (dispatcher != null && dispatcher.isRunning()) { - dispatcher.stop(); - }*/ VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); return true; } @@ -389,28 +382,21 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac // the dispatcher here? Can we start the dispatcher at a later point of execution, e.g. when // connections[n], n>0 gets choosen? - VpnStatus.logInfo("Setting up dispatcher."); Connection connection = mProfile.mConnections[0]; if (mProfile.mUsePluggableTransports) { Obfs4Connection obfs4Connection = (Obfs4Connection) connection; - //dispatcher = new Dispatcher(this, obfs4Connection.getDispatcherOptions()); - //dispatcher.initSync(); shapeshifter = new Shapeshifter(obfs4Connection.getDispatcherOptions()); - if (shapeshifter.start()) { - // FIXME: we already know the shapeshifter port earlier! - connection.setServerPort(Shapeshifter.DISPATCHER_PORT); - } else { - Log.e(TAG, "Cannot initialize dispatcher for obfs4 connection. Shutting down."); - VpnStatus.logError("Cannot initialize dispatcher for obfs4 connection. Shutting down."); + if (!shapeshifter.start()) { + //TODO: implement useful error handling + Log.e(TAG, "Cannot initialize shapeshifter dispatcher for obfs4 connection. Shutting down."); + VpnStatus.logError("Cannot initialize shapeshifter dispatcher for obfs4 connection. Shutting down."); } } - VpnStatus.logInfo(R.string.building_configration); VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, ConnectionStatus.LEVEL_START); - try { mProfile.writeConfigFile(this); } catch (IOException e) { -- cgit v1.2.3