From db1e1a2045a2e6456d54765be3cf95186ce987f7 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 24 May 2019 18:01:03 +0200
Subject: squashed commit for Pluggable Transports * implement handling of
 different provider API version (v1 and v2) * detect provider's obfs support *
 shapeshifter-dispatcher installation * necessary changes to control
 shapeshifter-dispatcher from Bitmask * route openvpn traffic over
 shapeshifter-dispatcher

---
 .../java/se/leap/bitmaskclient/eip/Gateway.java    |  73 +++++----
 .../se/leap/bitmaskclient/eip/GatewaySelector.java |   2 +-
 .../se/leap/bitmaskclient/eip/GatewaysManager.java |  41 ++++-
 .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 177 +++++++++++++++++----
 4 files changed, 220 insertions(+), 73 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
index 55ade1ae..b1554af0 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
@@ -22,11 +22,17 @@ import org.json.JSONException;
 import org.json.JSONObject;
 
 import java.io.IOException;
-import java.io.StringReader;
 
 import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConfigParser;
 
+import static se.leap.bitmaskclient.Constants.LOCATION;
+import static se.leap.bitmaskclient.Constants.LOCATIONS;
+import static se.leap.bitmaskclient.Constants.NAME;
+import static se.leap.bitmaskclient.Constants.OPENVPN_CONFIGURATION;
+import static se.leap.bitmaskclient.Constants.TIMEZONE;
+import static se.leap.bitmaskclient.Constants.VERSION;
+
 /**
  * Gateway provides objects defining gateways and their metadata.
  * Each instance contains a VpnProfile for OpenVPN specific data and member
@@ -34,6 +40,7 @@ import de.blinkt.openvpn.core.ConfigParser;
  *
  * @author Sean Leonard <meanderingcode@aetherislands.net>
  * @author Parménides GV <parmegv@sdf.org>
+ * @author cyberta
  */
 public class Gateway {
 
@@ -44,50 +51,57 @@ public class Gateway {
     private JSONObject secrets;
     private JSONObject gateway;
 
-    private String mName;
+    private String name;
     private int timezone;
-    private VpnProfile mVpnProfile;
+    private int apiVersion;
+    private VpnProfile vpnProfile;
 
     /**
      * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json
      * and create a VpnProfile belonging to it.
      */
-    public Gateway(JSONObject eip_definition, JSONObject secrets, JSONObject gateway) {
+    public Gateway(JSONObject eipDefinition, JSONObject secrets, JSONObject gateway) {
 
         this.gateway = gateway;
         this.secrets = secrets;
 
-        generalConfiguration = getGeneralConfiguration(eip_definition);
-        timezone = getTimezone(eip_definition);
-        mName = locationAsName(eip_definition);
-
-        mVpnProfile = createVPNProfile();
-        mVpnProfile.mName = mName;
+        generalConfiguration = getGeneralConfiguration(eipDefinition);
+        timezone = getTimezone(eipDefinition);
+        name = locationAsName(eipDefinition);
+        apiVersion = getApiVersion(eipDefinition);
+        vpnProfile = createVPNProfile();
+        if (vpnProfile != null) {
+            vpnProfile.mName = name;
+        }
     }
 
-    private JSONObject getGeneralConfiguration(JSONObject eip_definition) {
+    private JSONObject getGeneralConfiguration(JSONObject eipDefinition) {
         try {
-            return eip_definition.getJSONObject("openvpn_configuration");
+            return eipDefinition.getJSONObject(OPENVPN_CONFIGURATION);
         } catch (JSONException e) {
             return new JSONObject();
         }
     }
 
-    private int getTimezone(JSONObject eip_definition) {
-        JSONObject location = getLocationInfo(eip_definition);
-        return location.optInt("timezone");
+    private int getTimezone(JSONObject eipDefinition) {
+        JSONObject location = getLocationInfo(eipDefinition);
+        return location.optInt(TIMEZONE);
+    }
+
+    private int getApiVersion(JSONObject eipDefinition) {
+        return eipDefinition.optInt(VERSION);
     }
 
-    private String locationAsName(JSONObject eip_definition) {
-        JSONObject location = getLocationInfo(eip_definition);
-        return location.optString("name");
+    private String locationAsName(JSONObject eipDefinition) {
+        JSONObject location = getLocationInfo(eipDefinition);
+        return location.optString(NAME);
     }
 
     private JSONObject getLocationInfo(JSONObject eipDefinition) {
         try {
-            JSONObject locations = eipDefinition.getJSONObject("locations");
+            JSONObject locations = eipDefinition.getJSONObject(LOCATIONS);
 
-            return locations.getJSONObject(gateway.getString("location"));
+            return locations.getJSONObject(gateway.getString(LOCATION));
         } catch (JSONException e) {
             return new JSONObject();
         }
@@ -98,18 +112,9 @@ public class Gateway {
      */
     private VpnProfile createVPNProfile() {
         try {
-            ConfigParser cp = new ConfigParser();
-
-            VpnConfigGenerator vpnConfigurationGenerator = new VpnConfigGenerator(generalConfiguration, secrets, gateway);
-            String configuration = vpnConfigurationGenerator.generate();
-
-            cp.parseConfig(new StringReader(configuration));
-            return cp.convertProfile();
-        } catch (ConfigParser.ConfigParseError e) {
-            // FIXME We didn't get a VpnProfile!  Error handling! and log level
-            e.printStackTrace();
-            return null;
-        } catch (IOException e) {
+            VpnConfigGenerator vpnConfigurationGenerator = new VpnConfigGenerator(generalConfiguration, secrets, gateway, apiVersion);
+            return vpnConfigurationGenerator.generateVpnProfile();
+        } catch (ConfigParser.ConfigParseError | IOException | CloneNotSupportedException | JSONException e) {
             // FIXME We didn't get a VpnProfile!  Error handling! and log level
             e.printStackTrace();
             return null;
@@ -117,11 +122,11 @@ public class Gateway {
     }
 
     public String getName() {
-        return mName;
+        return name;
     }
 
     public VpnProfile getProfile() {
-        return mVpnProfile;
+        return vpnProfile;
     }
 
     public int getTimezone() {
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java
index 2bd666bf..0ba0f207 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java
@@ -36,7 +36,7 @@ public class GatewaySelector {
             }
         }
 
-        Log.e(TAG, "There are less than " + nClosest + " Gateways available.");
+        Log.e(TAG, "There are less than " + (nClosest + 1) + " Gateways available.");
         return null;
     }
 
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
index 060843fd..c650938c 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
@@ -30,11 +30,18 @@ import java.lang.reflect.Type;
 import java.util.ArrayList;
 import java.util.List;
 
+import de.blinkt.openvpn.VpnProfile;
+import de.blinkt.openvpn.core.connection.Connection;
 import se.leap.bitmaskclient.Provider;
 import se.leap.bitmaskclient.utils.PreferenceHelper;
 
+import static se.leap.bitmaskclient.Constants.CAPABILITIES;
+import static se.leap.bitmaskclient.Constants.GATEWAYS;
 import static se.leap.bitmaskclient.Constants.PROVIDER_PRIVATE_KEY;
 import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
+import static se.leap.bitmaskclient.Constants.TRANSPORT;
+import static se.leap.bitmaskclient.Constants.TYPE;
+import static se.leap.bitmaskclient.Constants.VERSION;
 
 /**
  * @author parmegv
@@ -88,10 +95,11 @@ public class GatewaysManager {
      */
     void fromEipServiceJson(JSONObject eipDefinition) {
         try {
-            JSONArray gatewaysDefined = eipDefinition.getJSONArray("gateways");
+            JSONArray gatewaysDefined = eipDefinition.getJSONArray(GATEWAYS);
+            int apiVersion = eipDefinition.getInt(VERSION);
             for (int i = 0; i < gatewaysDefined.length(); i++) {
                 JSONObject gw = gatewaysDefined.getJSONObject(i);
-                if (isOpenVpnGateway(gw)) {
+                if (isOpenVpnGateway(gw, apiVersion)) {
                     JSONObject secrets = secretsConfiguration();
                     Gateway aux = new Gateway(eipDefinition, secrets, gw);
                     if (!gateways.contains(aux)) {
@@ -110,12 +118,29 @@ public class GatewaysManager {
      * @param gateway to check
      * @return true if gateway is an OpenVpn gateway otherwise false
      */
-    private boolean isOpenVpnGateway(JSONObject gateway) {
-        try {
-            String transport = gateway.getJSONObject("capabilities").getJSONArray("transport").toString();
-            return transport.contains("openvpn");
-        } catch (JSONException e) {
-            return false;
+    private boolean isOpenVpnGateway(JSONObject gateway, int apiVersion) {
+        switch (apiVersion) {
+            default:
+            case 1:
+                try {
+                    String transport = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT).toString();
+                    return transport.contains("openvpn");
+                } catch (JSONException e) {
+                    return false;
+                }
+            case 2:
+                try {
+                    JSONArray transports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
+                    for (int i = 0; i < transports.length(); i++) {
+                        JSONObject transport = transports.getJSONObject(i);
+                        if (transport.optString(TYPE).equals("openvpn")) {
+                            return true;
+                        }
+                    }
+                    return false;
+                } catch (JSONException e) {
+                    return false;
+                }
         }
     }
 
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 6f0ccf18..7f09d21e 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -20,48 +20,133 @@ import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;
 
+import java.io.IOException;
+import java.io.StringReader;
 import java.util.Iterator;
 
+import de.blinkt.openvpn.VpnProfile;
+import de.blinkt.openvpn.core.ConfigParser;
+import de.blinkt.openvpn.core.connection.Connection;
+import de.blinkt.openvpn.core.connection.Obfs4Connection;
 import se.leap.bitmaskclient.Provider;
 
+import static se.leap.bitmaskclient.Constants.CAPABILITIES;
+import static se.leap.bitmaskclient.Constants.IP_ADDRESS;
+import static se.leap.bitmaskclient.Constants.OPTIONS;
+import static se.leap.bitmaskclient.Constants.PORTS;
+import static se.leap.bitmaskclient.Constants.PROTOCOLS;
 import static se.leap.bitmaskclient.Constants.PROVIDER_PRIVATE_KEY;
 import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
+import static se.leap.bitmaskclient.Constants.REMOTE;
+import static se.leap.bitmaskclient.Constants.TRANSPORT;
+import static se.leap.bitmaskclient.Constants.TYPE;
 
 public class VpnConfigGenerator {
 
-    private JSONObject general_configuration;
+    private JSONObject generalConfiguration;
     private JSONObject gateway;
     private JSONObject secrets;
+    private JSONObject obfs4Transport;
+    private int apiVersion;
+
+    private ConfigParser icsOpenvpnConfigParser = new ConfigParser();
+
 
     public final static String TAG = VpnConfigGenerator.class.getSimpleName();
     private final String newLine = System.getProperty("line.separator"); // Platform new line
 
-    public VpnConfigGenerator(JSONObject general_configuration, JSONObject secrets, JSONObject gateway) {
-        this.general_configuration = general_configuration;
+    public VpnConfigGenerator(JSONObject generalConfiguration, JSONObject secrets, JSONObject gateway, int apiVersion) {
+        this.generalConfiguration = generalConfiguration;
         this.gateway = gateway;
         this.secrets = secrets;
+        this.apiVersion = apiVersion;
+        checkCapabilities();
     }
 
-    public String generate() {
-        return
-                generalConfiguration()
+    public void checkCapabilities() {
+
+        try {
+            switch (apiVersion) {
+                case 2:
+                    JSONArray supportedTransports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
+                    for (int i = 0; i < supportedTransports.length(); i++) {
+                        JSONObject transport = supportedTransports.getJSONObject(i);
+                        if (transport.getString(TYPE).equals("obfs4")) {
+                            obfs4Transport = transport;
+                        }
+                    }
+                    break;
+                default:
+                    break;
+            }
+
+        } catch (JSONException e) {
+            e.printStackTrace();
+        }
+    }
+
+    public VpnProfile generateVpnProfile() throws IllegalStateException,
+            IOException,
+            ConfigParser.ConfigParseError,
+            CloneNotSupportedException,
+            JSONException,
+            NumberFormatException {
+
+        VpnProfile profile = createOvpnProfile();
+        if (supportsObfs4()) {
+            addPluggableTransportConnections(profile);
+        }
+        return profile;
+    }
+
+    private boolean supportsObfs4(){
+        return obfs4Transport != null;
+    }
+
+    private void addPluggableTransportConnections(VpnProfile profile) throws JSONException, CloneNotSupportedException {
+        JSONArray ports = obfs4Transport.getJSONArray(PORTS);
+        Connection[] updatedConnections = new Connection[profile.mConnections.length + ports.length()];
+
+        for (int i = 0; i < ports.length(); i++) {
+            String port = ports.getString(i);
+            Obfs4Connection obfs4Connection = new Obfs4Connection();
+            obfs4Connection.setObfs4RemoteProxyName(gateway.getString(IP_ADDRESS));
+            obfs4Connection.setObfs4RemoteProxyPort(port);
+            obfs4Connection.setTransportOptions(obfs4Transport.optJSONObject(OPTIONS));
+            updatedConnections[i] = obfs4Connection;
+        }
+        int k = 0;
+        for (int i = ports.length(); i < updatedConnections.length; i++, k++) {
+            updatedConnections[i] = profile.mConnections[k].clone();
+        }
+        profile.mConnections = updatedConnections;
+    }
+
+    private String getConfigurationString() {
+        return generalConfiguration()
                         + newLine
-                        + gatewayConfiguration()
+                        + ovpnGatewayConfiguration()
                         + newLine
                         + secretsConfiguration()
                         + newLine
                         + androidCustomizations();
     }
 
+    private VpnProfile createOvpnProfile() throws IOException, ConfigParser.ConfigParseError {
+        String configuration = getConfigurationString();
+        icsOpenvpnConfigParser.parseConfig(new StringReader(configuration));
+        return icsOpenvpnConfigParser.convertProfile();
+    }
+
     private String generalConfiguration() {
         String commonOptions = "";
         try {
-            Iterator keys = general_configuration.keys();
+            Iterator keys = generalConfiguration.keys();
             while (keys.hasNext()) {
                 String key = keys.next().toString();
 
                 commonOptions += key + " ";
-                for (String word : String.valueOf(general_configuration.get(key)).split(" "))
+                for (String word : String.valueOf(generalConfiguration.get(key)).split(" "))
                     commonOptions += word + " ";
                 commonOptions += newLine;
 
@@ -76,41 +161,73 @@ public class VpnConfigGenerator {
         return commonOptions;
     }
 
-    private String gatewayConfiguration() {
+    private String ovpnGatewayConfiguration() {
         String remotes = "";
 
-        String ipAddressKeyword = "ip_address";
-        String remoteKeyword = "remote";
-        String portsKeyword = "ports";
-        String protocolKeyword = "protocols";
-        String capabilitiesKeyword = "capabilities";
-
+        StringBuilder stringBuilder = new StringBuilder();
         try {
-            String ip_address = gateway.getString(ipAddressKeyword);
-            JSONObject capabilities = gateway.getJSONObject(capabilitiesKeyword);
-            JSONArray ports = capabilities.getJSONArray(portsKeyword);
-            for (int i = 0; i < ports.length(); i++) {
-                String port_specific_remotes = "";
-                int port = ports.getInt(i);
-                JSONArray protocols = capabilities.getJSONArray(protocolKeyword);
-                for (int j = 0; j < protocols.length(); j++) {
-                    String protocol = protocols.optString(j);
-                    String new_remote = remoteKeyword + " " + ip_address + " " + port + " " + protocol + newLine;
-
-                    port_specific_remotes += new_remote;
-                }
-                remotes += port_specific_remotes;
+            String ipAddress = gateway.getString(IP_ADDRESS);
+            JSONObject capabilities = gateway.getJSONObject(CAPABILITIES);
+            JSONArray transports = capabilities.getJSONArray(TRANSPORT);
+            switch (apiVersion) {
+                default:
+                case 1:
+                    ovpnGatewayConfigApiv1(stringBuilder, ipAddress, capabilities);
+                    break;
+                case 2:
+                    ovpnGatewayConfigApiv2(stringBuilder, ipAddress, transports);
+                    break;
             }
         } catch (JSONException e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
         }
+
+        remotes = stringBuilder.toString();
         if (remotes.endsWith(newLine)) {
             remotes = remotes.substring(0, remotes.lastIndexOf(newLine));
         }
         return remotes;
     }
 
+    private void ovpnGatewayConfigApiv1(StringBuilder stringBuilder, String ipAddress, JSONObject capabilities) throws JSONException {
+        int port;
+        String protocol;
+
+        JSONArray ports = capabilities.getJSONArray(PORTS);
+        for (int i = 0; i < ports.length(); i++) {
+            port = ports.getInt(i);
+            JSONArray protocols = capabilities.getJSONArray(PROTOCOLS);
+            for (int j = 0; j < protocols.length(); j++) {
+                protocol = protocols.optString(j);
+                String newRemote = REMOTE + " " + ipAddress + " " + port + " " + protocol + newLine;
+                stringBuilder.append(newRemote);
+            }
+        }
+    }
+
+    private void ovpnGatewayConfigApiv2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+        String port;
+        String protocol;
+        for (int i = 0; i < transports.length(); i++) {
+            JSONObject transport = transports.getJSONObject(i);
+            if (!transport.getString(TYPE).equals("openvpn")) {
+                continue;
+            }
+            JSONArray ports = transport.getJSONArray(PORTS);
+            for (int j = 0; j < ports.length(); j++) {
+                port = ports.getString(j);
+                JSONArray protocols = transport.getJSONArray(PROTOCOLS);
+                for (int k = 0; k < protocols.length(); k++) {
+                    protocol = protocols.optString(k);
+                    String newRemote = REMOTE + " " + ipAddress + " " + port + " " + protocol + newLine;
+                    stringBuilder.append(newRemote);
+                }
+            }
+        }
+    }
+
+
     private String secretsConfiguration() {
         try {
             String ca =
-- 
cgit v1.2.3


From 8f7146a89fba31bcb9a204415a38e796cfa7d403 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 14 Jun 2019 18:18:18 +0200
Subject: * refactor vpn profile generation * fix lzo-comp flag parsing in
 ConfigParser

---
 .../java/se/leap/bitmaskclient/eip/Gateway.java    |   2 +-
 .../se/leap/bitmaskclient/eip/GatewaysManager.java |  10 +-
 .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 145 +++++++++++----------
 3 files changed, 83 insertions(+), 74 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
index b1554af0..50fe74b7 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
@@ -114,7 +114,7 @@ public class Gateway {
         try {
             VpnConfigGenerator vpnConfigurationGenerator = new VpnConfigGenerator(generalConfiguration, secrets, gateway, apiVersion);
             return vpnConfigurationGenerator.generateVpnProfile();
-        } catch (ConfigParser.ConfigParseError | IOException | CloneNotSupportedException | JSONException e) {
+        } catch (ConfigParser.ConfigParseError | IOException | JSONException e) {
             // FIXME We didn't get a VpnProfile!  Error handling! and log level
             e.printStackTrace();
             return null;
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
index c650938c..cd3ec1c6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
@@ -99,12 +99,10 @@ public class GatewaysManager {
             int apiVersion = eipDefinition.getInt(VERSION);
             for (int i = 0; i < gatewaysDefined.length(); i++) {
                 JSONObject gw = gatewaysDefined.getJSONObject(i);
-                if (isOpenVpnGateway(gw, apiVersion)) {
-                    JSONObject secrets = secretsConfiguration();
-                    Gateway aux = new Gateway(eipDefinition, secrets, gw);
-                    if (!gateways.contains(aux)) {
-                        addGateway(aux);
-                    }
+                JSONObject secrets = secretsConfiguration();
+                Gateway aux = new Gateway(eipDefinition, secrets, gw);
+                if (!gateways.contains(aux)) {
+                    addGateway(aux);
                 }
             }
         } catch (JSONException e) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 7f09d21e..a131bdd8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -27,9 +27,11 @@ import java.util.Iterator;
 import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConfigParser;
 import de.blinkt.openvpn.core.connection.Connection;
-import de.blinkt.openvpn.core.connection.Obfs4Connection;
 import se.leap.bitmaskclient.Provider;
+import se.leap.bitmaskclient.pluggableTransports.DispatcherOptions;
 
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
 import static se.leap.bitmaskclient.Constants.CAPABILITIES;
 import static se.leap.bitmaskclient.Constants.IP_ADDRESS;
 import static se.leap.bitmaskclient.Constants.OPTIONS;
@@ -40,9 +42,10 @@ import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
 import static se.leap.bitmaskclient.Constants.REMOTE;
 import static se.leap.bitmaskclient.Constants.TRANSPORT;
 import static se.leap.bitmaskclient.Constants.TYPE;
+import static se.leap.bitmaskclient.pluggableTransports.Dispatcher.DISPATCHER_IP;
+import static se.leap.bitmaskclient.pluggableTransports.Dispatcher.DISPATCHER_PORT;
 
 public class VpnConfigGenerator {
-
     private JSONObject generalConfiguration;
     private JSONObject gateway;
     private JSONObject secrets;
@@ -66,18 +69,14 @@ public class VpnConfigGenerator {
     public void checkCapabilities() {
 
         try {
-            switch (apiVersion) {
-                case 2:
-                    JSONArray supportedTransports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
-                    for (int i = 0; i < supportedTransports.length(); i++) {
-                        JSONObject transport = supportedTransports.getJSONObject(i);
-                        if (transport.getString(TYPE).equals("obfs4")) {
-                            obfs4Transport = transport;
-                        }
+            if (apiVersion == 2) {
+                JSONArray supportedTransports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
+                for (int i = 0; i < supportedTransports.length(); i++) {
+                    JSONObject transport = supportedTransports.getJSONObject(i);
+                    if (transport.getString(TYPE).equals(OBFS4.toString())) {
+                        obfs4Transport = transport;
                     }
-                    break;
-                default:
-                    break;
+                }
             }
 
         } catch (JSONException e) {
@@ -88,54 +87,45 @@ public class VpnConfigGenerator {
     public VpnProfile generateVpnProfile() throws IllegalStateException,
             IOException,
             ConfigParser.ConfigParseError,
-            CloneNotSupportedException,
-            JSONException,
-            NumberFormatException {
+            NumberFormatException, JSONException {
 
-        VpnProfile profile = createOvpnProfile();
         if (supportsObfs4()) {
-            addPluggableTransportConnections(profile);
+            return createProfile(OBFS4);
         }
-        return profile;
+
+        return createProfile(OPENVPN);
     }
 
     private boolean supportsObfs4(){
         return obfs4Transport != null;
     }
 
-    private void addPluggableTransportConnections(VpnProfile profile) throws JSONException, CloneNotSupportedException {
-        JSONArray ports = obfs4Transport.getJSONArray(PORTS);
-        Connection[] updatedConnections = new Connection[profile.mConnections.length + ports.length()];
-
-        for (int i = 0; i < ports.length(); i++) {
-            String port = ports.getString(i);
-            Obfs4Connection obfs4Connection = new Obfs4Connection();
-            obfs4Connection.setObfs4RemoteProxyName(gateway.getString(IP_ADDRESS));
-            obfs4Connection.setObfs4RemoteProxyPort(port);
-            obfs4Connection.setTransportOptions(obfs4Transport.optJSONObject(OPTIONS));
-            updatedConnections[i] = obfs4Connection;
-        }
-        int k = 0;
-        for (int i = ports.length(); i < updatedConnections.length; i++, k++) {
-            updatedConnections[i] = profile.mConnections[k].clone();
-        }
-        profile.mConnections = updatedConnections;
-    }
-
-    private String getConfigurationString() {
+    private String getConfigurationString(Connection.TransportType transportType) {
         return generalConfiguration()
-                        + newLine
-                        + ovpnGatewayConfiguration()
-                        + newLine
-                        + secretsConfiguration()
-                        + newLine
-                        + androidCustomizations();
+                + newLine
+                + gatewayConfiguration(transportType)
+                + newLine
+                + androidCustomizations()
+                + newLine
+                + secretsConfiguration();
     }
 
-    private VpnProfile createOvpnProfile() throws IOException, ConfigParser.ConfigParseError {
-        String configuration = getConfigurationString();
+    private VpnProfile createProfile(Connection.TransportType transportType) throws IOException, ConfigParser.ConfigParseError, JSONException {
+        String configuration = getConfigurationString(transportType);
         icsOpenvpnConfigParser.parseConfig(new StringReader(configuration));
-        return icsOpenvpnConfigParser.convertProfile();
+        if (transportType == OBFS4) {
+            icsOpenvpnConfigParser.setDispatcherOptions(getDispatcherOptions());
+        }
+        return icsOpenvpnConfigParser.convertProfile(transportType);
+    }
+
+    private DispatcherOptions getDispatcherOptions() throws JSONException {
+        JSONObject transportOptions = obfs4Transport.getJSONObject(OPTIONS);
+        String iatMode = transportOptions.getString("iat-mode");
+        String cert = transportOptions.getString("cert");
+        String port = obfs4Transport.getJSONArray(PORTS).getString(0);
+        String ip = gateway.getString(IP_ADDRESS);
+        return new DispatcherOptions(ip, port, cert, iatMode);
     }
 
     private String generalConfiguration() {
@@ -161,21 +151,21 @@ public class VpnConfigGenerator {
         return commonOptions;
     }
 
-    private String ovpnGatewayConfiguration() {
+    private String gatewayConfiguration(Connection.TransportType transportType) {
         String remotes = "";
 
         StringBuilder stringBuilder = new StringBuilder();
         try {
             String ipAddress = gateway.getString(IP_ADDRESS);
             JSONObject capabilities = gateway.getJSONObject(CAPABILITIES);
-            JSONArray transports = capabilities.getJSONArray(TRANSPORT);
             switch (apiVersion) {
                 default:
                 case 1:
-                    ovpnGatewayConfigApiv1(stringBuilder, ipAddress, capabilities);
+                    gatewayConfigApiv1(stringBuilder, ipAddress, capabilities);
                     break;
                 case 2:
-                    ovpnGatewayConfigApiv2(stringBuilder, ipAddress, transports);
+                    JSONArray transports = capabilities.getJSONArray(TRANSPORT);
+                    gatewayConfigApiv2(transportType, stringBuilder, ipAddress, transports);
                     break;
             }
         } catch (JSONException e) {
@@ -190,10 +180,17 @@ public class VpnConfigGenerator {
         return remotes;
     }
 
-    private void ovpnGatewayConfigApiv1(StringBuilder stringBuilder, String ipAddress, JSONObject capabilities) throws JSONException {
+    private void gatewayConfigApiv2(Connection.TransportType transportType, StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+        if (transportType == OBFS4) {
+            obfs4GatewayConfigApiv2(stringBuilder, ipAddress, transports);
+        } else {
+            ovpnGatewayConfigApi2(stringBuilder, ipAddress, transports);
+        }
+    }
+
+    private void gatewayConfigApiv1(StringBuilder stringBuilder, String ipAddress, JSONObject capabilities) throws JSONException {
         int port;
         String protocol;
-
         JSONArray ports = capabilities.getJSONArray(PORTS);
         for (int i = 0; i < ports.length(); i++) {
             port = ports.getInt(i);
@@ -206,27 +203,41 @@ public class VpnConfigGenerator {
         }
     }
 
-    private void ovpnGatewayConfigApiv2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+    private void ovpnGatewayConfigApi2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
         String port;
         String protocol;
+        JSONObject openvpnTransport = getTransport(transports, OPENVPN);
+        JSONArray ports = openvpnTransport.getJSONArray(PORTS);
+        for (int j = 0; j < ports.length(); j++) {
+            port = ports.getString(j);
+            JSONArray protocols = openvpnTransport.getJSONArray(PROTOCOLS);
+            for (int k = 0; k < protocols.length(); k++) {
+                protocol = protocols.optString(k);
+                String newRemote = REMOTE + " " + ipAddress + " " + port + " " + protocol + newLine;
+                stringBuilder.append(newRemote);
+            }
+        }
+    }
+
+    private JSONObject getTransport(JSONArray transports, Connection.TransportType transportType) throws JSONException {
+        JSONObject selectedTransport = new JSONObject();
         for (int i = 0; i < transports.length(); i++) {
             JSONObject transport = transports.getJSONObject(i);
-            if (!transport.getString(TYPE).equals("openvpn")) {
-                continue;
-            }
-            JSONArray ports = transport.getJSONArray(PORTS);
-            for (int j = 0; j < ports.length(); j++) {
-                port = ports.getString(j);
-                JSONArray protocols = transport.getJSONArray(PROTOCOLS);
-                for (int k = 0; k < protocols.length(); k++) {
-                    protocol = protocols.optString(k);
-                    String newRemote = REMOTE + " " + ipAddress + " " + port + " " + protocol + newLine;
-                    stringBuilder.append(newRemote);
-                }
+            if (transport.getString(TYPE).equals(transportType.toString())) {
+                selectedTransport = transport;
+                break;
             }
         }
+        return selectedTransport;
     }
 
+    private void obfs4GatewayConfigApiv2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+        JSONObject obfs4Transport = getTransport(transports, OBFS4);
+        String route = "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine;
+        stringBuilder.append(route);
+        String remote = REMOTE + " " + DISPATCHER_IP + " " + DISPATCHER_PORT + " " + obfs4Transport.getJSONArray(PROTOCOLS).getString(0) + newLine;
+        stringBuilder.append(remote);
+    }
 
     private String secretsConfiguration() {
         try {
-- 
cgit v1.2.3


From bdea6b5469d6a3a136e6a847d1097fbd56ee1053 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Thu, 27 Jun 2019 15:57:25 +0200
Subject: use api version 3 for pluggable Transports

---
 .../java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java   | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index a131bdd8..2214b592 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -58,7 +58,7 @@ public class VpnConfigGenerator {
     public final static String TAG = VpnConfigGenerator.class.getSimpleName();
     private final String newLine = System.getProperty("line.separator"); // Platform new line
 
-    public VpnConfigGenerator(JSONObject generalConfiguration, JSONObject secrets, JSONObject gateway, int apiVersion) {
+    public VpnConfigGenerator(JSONObject generalConfiguration, JSONObject secrets, JSONObject gateway, int apiVersion) throws ConfigParser.ConfigParseError {
         this.generalConfiguration = generalConfiguration;
         this.gateway = gateway;
         this.secrets = secrets;
@@ -66,21 +66,22 @@ public class VpnConfigGenerator {
         checkCapabilities();
     }
 
-    public void checkCapabilities() {
+    public void checkCapabilities() throws ConfigParser.ConfigParseError {
 
         try {
-            if (apiVersion == 2) {
+            if (apiVersion == 3) {
                 JSONArray supportedTransports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
                 for (int i = 0; i < supportedTransports.length(); i++) {
                     JSONObject transport = supportedTransports.getJSONObject(i);
                     if (transport.getString(TYPE).equals(OBFS4.toString())) {
                         obfs4Transport = transport;
+                        break;
                     }
                 }
             }
 
         } catch (JSONException e) {
-            e.printStackTrace();
+            throw new ConfigParser.ConfigParseError("Api version ("+ apiVersion +") did not match required JSON fields");
         }
     }
 
@@ -161,9 +162,10 @@ public class VpnConfigGenerator {
             switch (apiVersion) {
                 default:
                 case 1:
+                case 2:
                     gatewayConfigApiv1(stringBuilder, ipAddress, capabilities);
                     break;
-                case 2:
+                case 3:
                     JSONArray transports = capabilities.getJSONArray(TRANSPORT);
                     gatewayConfigApiv2(transportType, stringBuilder, ipAddress, transports);
                     break;
-- 
cgit v1.2.3


From 2a8bb775183dd08388460c711dc650d3110ca76c Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Wed, 3 Jul 2019 19:16:43 +0200
Subject: update method name for gateway configuration v3

---
 .../java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java   | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 2214b592..18c557dc 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -167,7 +167,7 @@ public class VpnConfigGenerator {
                     break;
                 case 3:
                     JSONArray transports = capabilities.getJSONArray(TRANSPORT);
-                    gatewayConfigApiv2(transportType, stringBuilder, ipAddress, transports);
+                    gatewayConfigApiv3(transportType, stringBuilder, ipAddress, transports);
                     break;
             }
         } catch (JSONException e) {
@@ -182,11 +182,11 @@ public class VpnConfigGenerator {
         return remotes;
     }
 
-    private void gatewayConfigApiv2(Connection.TransportType transportType, StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+    private void gatewayConfigApiv3(Connection.TransportType transportType, StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
         if (transportType == OBFS4) {
-            obfs4GatewayConfigApiv2(stringBuilder, ipAddress, transports);
+            obfs4GatewayConfigApiv3(stringBuilder, ipAddress, transports);
         } else {
-            ovpnGatewayConfigApi2(stringBuilder, ipAddress, transports);
+            ovpnGatewayConfigApi3(stringBuilder, ipAddress, transports);
         }
     }
 
@@ -205,7 +205,7 @@ public class VpnConfigGenerator {
         }
     }
 
-    private void ovpnGatewayConfigApi2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+    private void ovpnGatewayConfigApi3(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
         String port;
         String protocol;
         JSONObject openvpnTransport = getTransport(transports, OPENVPN);
@@ -233,7 +233,7 @@ public class VpnConfigGenerator {
         return selectedTransport;
     }
 
-    private void obfs4GatewayConfigApiv2(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
+    private void obfs4GatewayConfigApiv3(StringBuilder stringBuilder, String ipAddress, JSONArray transports) throws JSONException {
         JSONObject obfs4Transport = getTransport(transports, OBFS4);
         String route = "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine;
         stringBuilder.append(route);
-- 
cgit v1.2.3


From 283e7531d551521dc48efa9b010127ff54316326 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Thu, 4 Jul 2019 16:44:35 +0200
Subject: create one vpnprofile per transport per gateway. implement basis to
 switch between obfs4 and plain openvpn connections

---
 .../main/java/se/leap/bitmaskclient/eip/EIP.java   |  8 ++--
 .../java/se/leap/bitmaskclient/eip/Gateway.java    | 37 ++++++++++++----
 .../se/leap/bitmaskclient/eip/GatewaysManager.java | 50 +++-------------------
 .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 19 ++++----
 4 files changed, 49 insertions(+), 65 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index a5434871..1d702ec1 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -53,6 +53,8 @@ import se.leap.bitmaskclient.R;
 import static android.app.Activity.RESULT_CANCELED;
 import static android.app.Activity.RESULT_OK;
 import static android.content.Intent.CATEGORY_DEFAULT;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
 import static se.leap.bitmaskclient.Constants.BROADCAST_EIP_EVENT;
 import static se.leap.bitmaskclient.Constants.BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT;
 import static se.leap.bitmaskclient.Constants.BROADCAST_RESULT_CODE;
@@ -203,7 +205,7 @@ public final class EIP extends JobIntentService implements Observer {
         GatewaysManager gatewaysManager = gatewaysFromPreferences();
         Gateway gateway = gatewaysManager.select(nClosestGateway);
 
-        if (gateway != null && gateway.getProfile() != null) {
+        if (gateway != null && !gateway.getProfiles().isEmpty()) {
             launchActiveGateway(gateway, nClosestGateway);
             tellToReceiverOrBroadcast(EIP_ACTION_START, RESULT_OK);
         } else
@@ -218,7 +220,7 @@ public final class EIP extends JobIntentService implements Observer {
         GatewaysManager gatewaysManager = gatewaysFromPreferences();
         Gateway gateway = gatewaysManager.select(0);
 
-        if (gateway != null && gateway.getProfile() != null) {
+        if (gateway != null && !gateway.getProfiles().isEmpty()) {
             launchActiveGateway(gateway, 0);
         } else {
             Log.d(TAG, "startEIPAlwaysOnVpn no active profile available!");
@@ -242,7 +244,7 @@ public final class EIP extends JobIntentService implements Observer {
      */
     private void launchActiveGateway(@NonNull Gateway gateway, int nClosestGateway) {
         Intent intent = new Intent(BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT);
-        intent.putExtra(PROVIDER_PROFILE, gateway.getProfile());
+        intent.putExtra(PROVIDER_PROFILE, gateway.getProfile(OPENVPN));
         intent.putExtra(Gateway.KEY_N_CLOSEST_GATEWAY, nClosestGateway);
         LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
 
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
index 50fe74b7..9bc07764 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
@@ -16,16 +16,21 @@
  */
 package se.leap.bitmaskclient.eip;
 
+import android.support.annotation.NonNull;
+
 import com.google.gson.Gson;
 
 import org.json.JSONException;
 import org.json.JSONObject;
 
 import java.io.IOException;
+import java.util.HashMap;
 
 import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConfigParser;
+import de.blinkt.openvpn.core.connection.Connection;
 
+import static se.leap.bitmaskclient.Constants.IP_ADDRESS;
 import static se.leap.bitmaskclient.Constants.LOCATION;
 import static se.leap.bitmaskclient.Constants.LOCATIONS;
 import static se.leap.bitmaskclient.Constants.NAME;
@@ -54,7 +59,7 @@ public class Gateway {
     private String name;
     private int timezone;
     private int apiVersion;
-    private VpnProfile vpnProfile;
+    private HashMap<Connection.TransportType, VpnProfile> vpnProfiles;
 
     /**
      * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json
@@ -69,9 +74,13 @@ public class Gateway {
         timezone = getTimezone(eipDefinition);
         name = locationAsName(eipDefinition);
         apiVersion = getApiVersion(eipDefinition);
-        vpnProfile = createVPNProfile();
-        if (vpnProfile != null) {
-            vpnProfile.mName = name;
+        vpnProfiles = createVPNProfiles();
+    }
+
+    private void addProfileInfos(HashMap<Connection.TransportType, VpnProfile> profiles) {
+        for (VpnProfile profile : profiles.values()) {
+            profile.mName = name;
+            profile.mGatewayIp = gateway.optString(IP_ADDRESS);
         }
     }
 
@@ -92,6 +101,10 @@ public class Gateway {
         return eipDefinition.optInt(VERSION);
     }
 
+    public String getRemoteIP() {
+        return gateway.optString(IP_ADDRESS);
+    }
+
     private String locationAsName(JSONObject eipDefinition) {
         JSONObject location = getLocationInfo(eipDefinition);
         return location.optString(NAME);
@@ -110,23 +123,29 @@ public class Gateway {
     /**
      * Create and attach the VpnProfile to our gateway object
      */
-    private VpnProfile createVPNProfile() {
+    private @NonNull HashMap<Connection.TransportType, VpnProfile> createVPNProfiles() {
+        HashMap<Connection.TransportType, VpnProfile> profiles = new HashMap<>();
         try {
             VpnConfigGenerator vpnConfigurationGenerator = new VpnConfigGenerator(generalConfiguration, secrets, gateway, apiVersion);
-            return vpnConfigurationGenerator.generateVpnProfile();
+            profiles = vpnConfigurationGenerator.generateVpnProfiles();
+            addProfileInfos(profiles);
         } catch (ConfigParser.ConfigParseError | IOException | JSONException e) {
             // FIXME We didn't get a VpnProfile!  Error handling! and log level
             e.printStackTrace();
-            return null;
         }
+        return profiles;
     }
 
     public String getName() {
         return name;
     }
 
-    public VpnProfile getProfile() {
-        return vpnProfile;
+    public HashMap<Connection.TransportType, VpnProfile> getProfiles() {
+        return vpnProfiles;
+    }
+
+    public VpnProfile getProfile(Connection.TransportType transportType) {
+        return vpnProfiles.get(transportType);
     }
 
     public int getTimezone() {
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
index cd3ec1c6..f7038bab 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
@@ -28,20 +28,14 @@ import org.json.JSONObject;
 
 import java.lang.reflect.Type;
 import java.util.ArrayList;
-import java.util.List;
+import java.util.LinkedHashMap;
 
-import de.blinkt.openvpn.VpnProfile;
-import de.blinkt.openvpn.core.connection.Connection;
 import se.leap.bitmaskclient.Provider;
 import se.leap.bitmaskclient.utils.PreferenceHelper;
 
-import static se.leap.bitmaskclient.Constants.CAPABILITIES;
 import static se.leap.bitmaskclient.Constants.GATEWAYS;
 import static se.leap.bitmaskclient.Constants.PROVIDER_PRIVATE_KEY;
 import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
-import static se.leap.bitmaskclient.Constants.TRANSPORT;
-import static se.leap.bitmaskclient.Constants.TYPE;
-import static se.leap.bitmaskclient.Constants.VERSION;
 
 /**
  * @author parmegv
@@ -52,7 +46,7 @@ public class GatewaysManager {
 
     private Context context;
     private SharedPreferences preferences;
-    private List<Gateway> gateways = new ArrayList<>();
+    private LinkedHashMap<String, Gateway> gateways = new LinkedHashMap<>();
     private Type listType = new TypeToken<ArrayList<Gateway>>() {}.getType();
 
     GatewaysManager(Context context, SharedPreferences preferences) {
@@ -65,7 +59,7 @@ public class GatewaysManager {
       * @return the n closest Gateway
      */
     public Gateway select(int nClosest) {
-        GatewaySelector gatewaySelector = new GatewaySelector(gateways);
+        GatewaySelector gatewaySelector = new GatewaySelector(new ArrayList<>(gateways.values()));
         return gatewaySelector.select(nClosest);
     }
 
@@ -96,52 +90,20 @@ public class GatewaysManager {
     void fromEipServiceJson(JSONObject eipDefinition) {
         try {
             JSONArray gatewaysDefined = eipDefinition.getJSONArray(GATEWAYS);
-            int apiVersion = eipDefinition.getInt(VERSION);
             for (int i = 0; i < gatewaysDefined.length(); i++) {
                 JSONObject gw = gatewaysDefined.getJSONObject(i);
                 JSONObject secrets = secretsConfiguration();
                 Gateway aux = new Gateway(eipDefinition, secrets, gw);
-                if (!gateways.contains(aux)) {
+                if (gateways.get(aux.getRemoteIP()) == null) {
                     addGateway(aux);
                 }
             }
-        } catch (JSONException e) {
+        } catch (Exception e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
         }
     }
 
-    /**
-     * check if a gateway is an OpenVpn gateway
-     * @param gateway to check
-     * @return true if gateway is an OpenVpn gateway otherwise false
-     */
-    private boolean isOpenVpnGateway(JSONObject gateway, int apiVersion) {
-        switch (apiVersion) {
-            default:
-            case 1:
-                try {
-                    String transport = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT).toString();
-                    return transport.contains("openvpn");
-                } catch (JSONException e) {
-                    return false;
-                }
-            case 2:
-                try {
-                    JSONArray transports = gateway.getJSONObject(CAPABILITIES).getJSONArray(TRANSPORT);
-                    for (int i = 0; i < transports.length(); i++) {
-                        JSONObject transport = transports.getJSONObject(i);
-                        if (transport.optString(TYPE).equals("openvpn")) {
-                            return true;
-                        }
-                    }
-                    return false;
-                } catch (JSONException e) {
-                    return false;
-                }
-        }
-    }
-
     private JSONObject secretsConfiguration() {
         JSONObject result = new JSONObject();
         try {
@@ -160,7 +122,7 @@ public class GatewaysManager {
     }
 
     private void addGateway(Gateway gateway) {
-        gateways.add(gateway);
+        gateways.put(gateway.getRemoteIP(), gateway);
     }
 
     /**
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 18c557dc..6b76e8d9 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -22,6 +22,7 @@ import org.json.JSONObject;
 
 import java.io.IOException;
 import java.io.StringReader;
+import java.util.HashMap;
 import java.util.Iterator;
 
 import de.blinkt.openvpn.VpnProfile;
@@ -52,8 +53,6 @@ public class VpnConfigGenerator {
     private JSONObject obfs4Transport;
     private int apiVersion;
 
-    private ConfigParser icsOpenvpnConfigParser = new ConfigParser();
-
 
     public final static String TAG = VpnConfigGenerator.class.getSimpleName();
     private final String newLine = System.getProperty("line.separator"); // Platform new line
@@ -85,16 +84,17 @@ public class VpnConfigGenerator {
         }
     }
 
-    public VpnProfile generateVpnProfile() throws IllegalStateException,
-            IOException,
+    public HashMap<Connection.TransportType, VpnProfile> generateVpnProfiles() throws
             ConfigParser.ConfigParseError,
-            NumberFormatException, JSONException {
-
+            NumberFormatException,
+            JSONException,
+            IOException {
+        HashMap<Connection.TransportType, VpnProfile> profiles = new HashMap<>();
+        profiles.put(OPENVPN, createProfile(OPENVPN));
         if (supportsObfs4()) {
-            return createProfile(OBFS4);
+            profiles.put(OBFS4, createProfile(OBFS4));
         }
-
-        return createProfile(OPENVPN);
+        return profiles;
     }
 
     private boolean supportsObfs4(){
@@ -113,6 +113,7 @@ public class VpnConfigGenerator {
 
     private VpnProfile createProfile(Connection.TransportType transportType) throws IOException, ConfigParser.ConfigParseError, JSONException {
         String configuration = getConfigurationString(transportType);
+        ConfigParser icsOpenvpnConfigParser = new ConfigParser();
         icsOpenvpnConfigParser.parseConfig(new StringReader(configuration));
         if (transportType == OBFS4) {
             icsOpenvpnConfigParser.setDispatcherOptions(getDispatcherOptions());
-- 
cgit v1.2.3


From 2ae968a8cfcfeb51874a206fd1abbf40f06cf98b Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Thu, 4 Jul 2019 17:08:29 +0200
Subject: 'using an obfusctation connection' in italic

---
 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index 1d702ec1..9b5176e7 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -244,7 +244,7 @@ public final class EIP extends JobIntentService implements Observer {
      */
     private void launchActiveGateway(@NonNull Gateway gateway, int nClosestGateway) {
         Intent intent = new Intent(BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT);
-        intent.putExtra(PROVIDER_PROFILE, gateway.getProfile(OPENVPN));
+        intent.putExtra(PROVIDER_PROFILE, gateway.getProfile(OBFS4));
         intent.putExtra(Gateway.KEY_N_CLOSEST_GATEWAY, nClosestGateway);
         LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
 
-- 
cgit v1.2.3


From 1d3ecd7bb6cbb9ecac394cc494b095ef830dadee Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Sun, 14 Jul 2019 20:11:44 +0200
Subject: remove equals method in Gateway class after rebasing onto latest
 master

---
 app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java | 13 -------------
 1 file changed, 13 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
index 9bc07764..352d6b18 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java
@@ -157,17 +157,4 @@ public class Gateway {
         return new Gson().toJson(this, Gateway.class);
     }
 
-    @Override
-    public boolean equals(Object obj) {
-        return obj instanceof Gateway &&
-                (this.mVpnProfile != null &&
-                        ((Gateway) obj).mVpnProfile != null &&
-                        this.mVpnProfile.mConnections != null &&
-                        ((Gateway) obj).mVpnProfile != null &&
-                        this.mVpnProfile.mConnections.length > 0 &&
-                        ((Gateway) obj).mVpnProfile.mConnections.length > 0 &&
-                        this.mVpnProfile.mConnections[0].mServerName != null &&
-                        this.mVpnProfile.mConnections[0].mServerName.equals(((Gateway) obj).mVpnProfile.mConnections[0].mServerName)) ||
-                        this.mVpnProfile == null && ((Gateway) obj).mVpnProfile == null;
-    }
 }
-- 
cgit v1.2.3


From 0917317c006b8a3b0a8ee1c991a6287623c9562a Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 19 Jul 2019 14:44:05 +0200
Subject: adapt error handling during eip setup: refresh UI if gateway profile
 could not be started

---
 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java  | 19 +++++++++++++------
 .../java/se/leap/bitmaskclient/eip/EipStatus.java     | 11 +++++++----
 2 files changed, 20 insertions(+), 10 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index 9b5176e7..3855fa12 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -43,6 +43,7 @@ import java.util.Observer;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
 
+import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConnectionStatus;
 import de.blinkt.openvpn.core.IOpenVPNServiceInternal;
 import de.blinkt.openvpn.core.OpenVPNService;
@@ -53,7 +54,6 @@ import se.leap.bitmaskclient.R;
 import static android.app.Activity.RESULT_CANCELED;
 import static android.app.Activity.RESULT_OK;
 import static android.content.Intent.CATEGORY_DEFAULT;
-import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
 import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
 import static se.leap.bitmaskclient.Constants.BROADCAST_EIP_EVENT;
 import static se.leap.bitmaskclient.Constants.BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT;
@@ -205,11 +205,11 @@ public final class EIP extends JobIntentService implements Observer {
         GatewaysManager gatewaysManager = gatewaysFromPreferences();
         Gateway gateway = gatewaysManager.select(nClosestGateway);
 
-        if (gateway != null && !gateway.getProfiles().isEmpty()) {
-            launchActiveGateway(gateway, nClosestGateway);
+        if (launchActiveGateway(gateway, nClosestGateway)) {
             tellToReceiverOrBroadcast(EIP_ACTION_START, RESULT_OK);
-        } else
+        } else {
             tellToReceiverOrBroadcast(EIP_ACTION_START, RESULT_CANCELED);
+        }
     }
 
     /**
@@ -242,11 +242,18 @@ public final class EIP extends JobIntentService implements Observer {
      *
      * @param gateway to connect to
      */
-    private void launchActiveGateway(@NonNull Gateway gateway, int nClosestGateway) {
+    private boolean launchActiveGateway(Gateway gateway, int nClosestGateway) {
+        VpnProfile profile;
+        if (gateway == null ||
+                (profile = gateway.getProfile(OPENVPN)) == null) {
+            return false;
+        }
+
         Intent intent = new Intent(BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT);
-        intent.putExtra(PROVIDER_PROFILE, gateway.getProfile(OBFS4));
+        intent.putExtra(PROVIDER_PROFILE, profile);
         intent.putExtra(Gateway.KEY_N_CLOSEST_GATEWAY, nClosestGateway);
         LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
+        return true;
 
     }
 
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java
index 64904816..69fc483a 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java
@@ -78,8 +78,7 @@ public class EipStatus extends Observable implements VpnStatus.StateListener {
         currentStatus.setLevel(level);
         currentStatus.setEipLevel(level);
         if (tmp != currentStatus.getLevel() || "RECONNECTING".equals(state)) {
-            currentStatus.setChanged();
-            currentStatus.notifyObservers();
+            refresh();
         }
     }
 
@@ -174,8 +173,7 @@ public class EipStatus extends Observable implements VpnStatus.StateListener {
                     default:
                         break;
                 }
-                currentStatus.setChanged();
-                currentStatus.notifyObservers();
+                refresh();
             }
         }
     }
@@ -286,4 +284,9 @@ public class EipStatus extends Observable implements VpnStatus.StateListener {
         return "State: " + state + " Level: " + vpnLevel.toString();
     }
 
+    public static void refresh() {
+        currentStatus.setChanged();
+        currentStatus.notifyObservers();
+    }
+
 }
-- 
cgit v1.2.3


From 990c4fa151adf9f91dc729c21b44edb0f0b55ccf Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 19 Jul 2019 18:46:12 +0200
Subject: add simple UI to enable/disable PT usage

---
 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index 3855fa12..9431ef61 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -48,12 +48,14 @@ import de.blinkt.openvpn.core.ConnectionStatus;
 import de.blinkt.openvpn.core.IOpenVPNServiceInternal;
 import de.blinkt.openvpn.core.OpenVPNService;
 import de.blinkt.openvpn.core.VpnStatus;
+import de.blinkt.openvpn.core.connection.Connection;
 import se.leap.bitmaskclient.OnBootReceiver;
 import se.leap.bitmaskclient.R;
 
 import static android.app.Activity.RESULT_CANCELED;
 import static android.app.Activity.RESULT_OK;
 import static android.content.Intent.CATEGORY_DEFAULT;
+import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
 import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
 import static se.leap.bitmaskclient.Constants.BROADCAST_EIP_EVENT;
 import static se.leap.bitmaskclient.Constants.BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT;
@@ -76,6 +78,7 @@ import static se.leap.bitmaskclient.Constants.SHARED_PREFERENCES;
 import static se.leap.bitmaskclient.MainActivityErrorDialog.DOWNLOAD_ERRORS.ERROR_INVALID_VPN_CERTIFICATE;
 import static se.leap.bitmaskclient.R.string.vpn_certificate_is_invalid;
 import static se.leap.bitmaskclient.utils.ConfigHelper.ensureNotOnMainThread;
+import static se.leap.bitmaskclient.utils.PreferenceHelper.getUsePluggableTransports;
 
 /**
  * EIP is the abstract base class for interacting with and managing the Encrypted
@@ -244,8 +247,9 @@ public final class EIP extends JobIntentService implements Observer {
      */
     private boolean launchActiveGateway(Gateway gateway, int nClosestGateway) {
         VpnProfile profile;
+        Connection.TransportType transportType = getUsePluggableTransports(this) ? OBFS4 : OPENVPN;
         if (gateway == null ||
-                (profile = gateway.getProfile(OPENVPN)) == null) {
+                (profile = gateway.getProfile(transportType)) == null) {
             return false;
         }
 
-- 
cgit v1.2.3


From 84d5cf342d8e085be1996980c005b6c014f20379 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 19 Jul 2019 18:46:41 +0200
Subject: minor cleanup in EIP

---
 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index 9431ef61..fd498df8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -223,9 +223,7 @@ public final class EIP extends JobIntentService implements Observer {
         GatewaysManager gatewaysManager = gatewaysFromPreferences();
         Gateway gateway = gatewaysManager.select(0);
 
-        if (gateway != null && !gateway.getProfiles().isEmpty()) {
-            launchActiveGateway(gateway, 0);
-        } else {
+        if (!launchActiveGateway(gateway, 0)) {
             Log.d(TAG, "startEIPAlwaysOnVpn no active profile available!");
         }
     }
-- 
cgit v1.2.3


From 5144166172e3620a5bd9f6df7436222afeb4d133 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 2 Aug 2019 00:46:10 +0200
Subject: rename DispatcherOptions to Obfs4Options

---
 .../main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java   | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 6b76e8d9..d9bf5dd3 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -29,7 +29,7 @@ import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConfigParser;
 import de.blinkt.openvpn.core.connection.Connection;
 import se.leap.bitmaskclient.Provider;
-import se.leap.bitmaskclient.pluggableTransports.DispatcherOptions;
+import se.leap.bitmaskclient.pluggableTransports.Obfs4Options;
 
 import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4;
 import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN;
@@ -116,18 +116,18 @@ public class VpnConfigGenerator {
         ConfigParser icsOpenvpnConfigParser = new ConfigParser();
         icsOpenvpnConfigParser.parseConfig(new StringReader(configuration));
         if (transportType == OBFS4) {
-            icsOpenvpnConfigParser.setDispatcherOptions(getDispatcherOptions());
+            icsOpenvpnConfigParser.setObfs4Options(getObfs4Options());
         }
         return icsOpenvpnConfigParser.convertProfile(transportType);
     }
 
-    private DispatcherOptions getDispatcherOptions() throws JSONException {
+    private Obfs4Options getObfs4Options() throws JSONException {
         JSONObject transportOptions = obfs4Transport.getJSONObject(OPTIONS);
         String iatMode = transportOptions.getString("iat-mode");
         String cert = transportOptions.getString("cert");
         String port = obfs4Transport.getJSONArray(PORTS).getString(0);
         String ip = gateway.getString(IP_ADDRESS);
-        return new DispatcherOptions(ip, port, cert, iatMode);
+        return new Obfs4Options(ip, port, cert, iatMode);
     }
 
     private String generalConfiguration() {
-- 
cgit v1.2.3


From fa04548dbdf1403e67682fc984bef9941e2f4c78 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 2 Aug 2019 00:47:26 +0200
Subject: remove unused context from GatewaysManager

---
 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java             | 2 +-
 app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/eip')

diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index fd498df8..19c539e8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -288,7 +288,7 @@ public final class EIP extends JobIntentService implements Observer {
      * @return GatewaysManager
      */
     private GatewaysManager gatewaysFromPreferences() {
-        GatewaysManager gatewaysManager = new GatewaysManager(this, preferences);
+        GatewaysManager gatewaysManager = new GatewaysManager(preferences);
         gatewaysManager.configureFromPreferences();
         return gatewaysManager;
     }
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
index f7038bab..740df97f 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java
@@ -44,13 +44,11 @@ public class GatewaysManager {
 
     private static final String TAG = GatewaysManager.class.getSimpleName();
 
-    private Context context;
     private SharedPreferences preferences;
     private LinkedHashMap<String, Gateway> gateways = new LinkedHashMap<>();
     private Type listType = new TypeToken<ArrayList<Gateway>>() {}.getType();
 
-    GatewaysManager(Context context, SharedPreferences preferences) {
-        this.context = context;
+    GatewaysManager(SharedPreferences preferences) {
         this.preferences = preferences;
     }
 
-- 
cgit v1.2.3