From 61bfc6b6d3ad830a8a7569ea31399e93f48dd38d Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Mon, 30 May 2022 23:50:50 +0200
Subject: obfuscate vpn traffic using either shapeshfiter or obfsvpn

---
 .../leap/bitmaskclient/base/models/Constants.java  |  1 +
 .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 24 +++++++++++++++++++---
 .../pluggableTransports/Obfs4Options.java          |  4 +++-
 3 files changed, 25 insertions(+), 4 deletions(-)

(limited to 'app/src/main/java/se')

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java b/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java
index bde909ba..d7a54fcc 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java
@@ -163,6 +163,7 @@ public interface Constants {
     String IP_ADDRESS = "ip_address";
     String IP_ADDRESS6 = "ip_address6";
     String REMOTE = "remote";
+    String SOCKS_PROXY = "socks-proxy";
     String PORTS = "ports";
     String PROTOCOLS = "protocols";
     String UDP = "udp";
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
index 5ddb74ab..061c1aa3 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java
@@ -31,6 +31,7 @@ import de.blinkt.openvpn.VpnProfile;
 import de.blinkt.openvpn.core.ConfigParser;
 import de.blinkt.openvpn.core.VpnStatus;
 import de.blinkt.openvpn.core.connection.Connection;
+import se.leap.bitmaskclient.BuildConfig;
 import se.leap.bitmaskclient.base.models.Provider;
 import se.leap.bitmaskclient.base.utils.ConfigHelper;
 import se.leap.bitmaskclient.pluggableTransports.Obfs4Options;
@@ -46,9 +47,12 @@ import static se.leap.bitmaskclient.base.models.Constants.PROTOCOLS;
 import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PRIVATE_KEY;
 import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_VPN_CERTIFICATE;
 import static se.leap.bitmaskclient.base.models.Constants.REMOTE;
+import static se.leap.bitmaskclient.base.models.Constants.SOCKS_PROXY;
 import static se.leap.bitmaskclient.base.models.Constants.TRANSPORT;
 import static se.leap.bitmaskclient.base.models.Constants.TYPE;
 import static se.leap.bitmaskclient.base.models.Constants.UDP;
+import static se.leap.bitmaskclient.pluggableTransports.ObfsVpnClient.SOCKS_IP;
+import static se.leap.bitmaskclient.pluggableTransports.ObfsVpnClient.SOCKS_PORT;
 import static se.leap.bitmaskclient.pluggableTransports.Shapeshifter.DISPATCHER_IP;
 import static se.leap.bitmaskclient.pluggableTransports.Shapeshifter.DISPATCHER_PORT;
 
@@ -140,7 +144,7 @@ public class VpnConfigGenerator {
         String cert = transportOptions.getString("cert");
         String port = obfs4Transport.getJSONArray(PORTS).getString(0);
         String ip = gateway.getString(IP_ADDRESS);
-        return new Obfs4Options(ip, port, cert, iatMode);
+        return new Obfs4Options(ip, port, cert, iatMode, false);
     }
 
     private String generalConfiguration() {
@@ -321,10 +325,24 @@ public class VpnConfigGenerator {
             return;
         }
 
+        JSONArray ports = obfs4Transport.getJSONArray(PORTS);
+        if (ports.isNull(0)){
+            VpnStatus.logError("Misconfigured provider: no ports defined in obfs4 transport JSON.");
+            return;
+        }
+
         String route = "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine;
         stringBuilder.append(route);
-        String remote = REMOTE + " " + DISPATCHER_IP + " " + DISPATCHER_PORT + " tcp" + newLine;
-        stringBuilder.append(remote);
+        if (BuildConfig.use_obfsvpn) {
+            String proxy = SOCKS_PROXY + " " + SOCKS_IP + " " + SOCKS_PORT + newLine;
+            stringBuilder.append(proxy);
+
+            String remote = REMOTE + " " + ipAddress + " " + ports.getString(0) + newLine;
+            stringBuilder.append(remote);
+        } else {
+            String remote = REMOTE + " " + DISPATCHER_IP + " " + DISPATCHER_PORT + " tcp" + newLine;
+            stringBuilder.append(remote);
+        }
     }
 
     private String secretsConfiguration() {
diff --git a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/Obfs4Options.java b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/Obfs4Options.java
index 2f9cb732..ab6ea445 100644
--- a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/Obfs4Options.java
+++ b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/Obfs4Options.java
@@ -7,12 +7,14 @@ public class Obfs4Options implements Serializable {
     public String iatMode;
     public String remoteIP;
     public String remotePort;
+    public boolean udp;
 
-    public Obfs4Options(String remoteIP, String remotePort, String cert, String iatMode) {
+    public Obfs4Options(String remoteIP, String remotePort, String cert, String iatMode, boolean udp) {
         this.cert = cert;
         this.iatMode = iatMode;
         this.remoteIP = remoteIP;
         this.remotePort = remotePort;
+        this.udp = udp;
     }
 
 }
-- 
cgit v1.2.3