From 283e7531d551521dc48efa9b010127ff54316326 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 4 Jul 2019 16:44:35 +0200 Subject: create one vpnprofile per transport per gateway. implement basis to switch between obfs4 and plain openvpn connections --- .../se/leap/bitmaskclient/eip/EipStatusTest.java | 6 +- .../bitmaskclient/eip/GatewaysManagerTest.java | 9 ++ .../bitmaskclient/eip/VpnConfigGeneratorTest.java | 89 +++++++++----- .../test/resources/ptdemo.bitmask.eip-service.json | 4 +- .../resources/ptdemo_pt_tcp_udp.eip-service.json | 2 +- .../resources/ptdemo_pt_udp_tcp.eip-service.json | 2 +- .../resources/ptdemo_three_mixed_gateways.json | 133 +++++++++++++++++++++ 7 files changed, 208 insertions(+), 37 deletions(-) create mode 100644 app/src/test/resources/ptdemo_three_mixed_gateways.json (limited to 'app/src/test') diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/EipStatusTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/EipStatusTest.java index 8495f962..8ba7f5fc 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/EipStatusTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/EipStatusTest.java @@ -10,6 +10,7 @@ import org.powermock.modules.junit4.PowerMockRunner; import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.ConnectionStatus; import de.blinkt.openvpn.core.VpnStatus; +import de.blinkt.openvpn.core.connection.Connection; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.testutils.MockHelper; import se.leap.bitmaskclient.testutils.TestSetupHelper; @@ -23,6 +24,7 @@ import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_START; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_VPNPAUSED; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT; import static de.blinkt.openvpn.core.ConnectionStatus.UNKNOWN_LEVEL; +import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN; import static junit.framework.Assert.assertTrue; import static org.mockito.ArgumentMatchers.anyString; import static org.powermock.api.mockito.PowerMockito.doNothing; @@ -61,7 +63,7 @@ public class EipStatusTest { public void testUpdateState_LEVEL_VPNPAUSED_hasPersistentTun() throws Exception { mockStatic(PreferenceHelper.class); - VpnProfile mockVpnProfile = new VpnProfile("mockProfile"); + VpnProfile mockVpnProfile = new VpnProfile("mockProfile", OPENVPN); mockVpnProfile.mPersistTun = true; doNothing().when(PreferenceHelper.class); VpnStatus.setLastConnectedVpnProfile(null, mockVpnProfile); @@ -74,7 +76,7 @@ public class EipStatusTest { public void testUpdateState_LEVEL_VPNPAUSED_hasNotPersistentTun() throws Exception { mockStatic(PreferenceHelper.class); - VpnProfile mockVpnProfile = new VpnProfile("mockProfile"); + VpnProfile mockVpnProfile = new VpnProfile("mockProfile", OPENVPN); mockVpnProfile.mPersistTun = false; doNothing().when(PreferenceHelper.class); VpnStatus.setLastConnectedVpnProfile(null, mockVpnProfile); diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java index 160e5ddd..0412b11a 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/GatewaysManagerTest.java @@ -57,6 +57,15 @@ public class GatewaysManagerTest { assertEquals(0, gatewaysManager.size()); } + @Test + public void testFromEipServiceJson_ignoreDuplicateGateways_apiv3() throws Exception { + String eipServiceJson = TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_three_mixed_gateways.json")); + gatewaysManager.fromEipServiceJson(new JSONObject(eipServiceJson)); + assertEquals(3, gatewaysManager.size()); + eipServiceJson = TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service.json")); + gatewaysManager.fromEipServiceJson(new JSONObject(eipServiceJson)); + assertEquals(3, gatewaysManager.size()); + } @Test public void testFromEipServiceJson_ignoreDuplicateGateways() throws Exception { diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java index 20a5968d..40da8e43 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java @@ -16,11 +16,16 @@ import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import java.io.File; +import java.util.HashMap; import de.blinkt.openvpn.VpnProfile; +import de.blinkt.openvpn.core.connection.Connection; import se.leap.bitmaskclient.testutils.MockHelper; import se.leap.bitmaskclient.testutils.TestSetupHelper; +import static de.blinkt.openvpn.core.connection.Connection.TransportType.OBFS4; +import static de.blinkt.openvpn.core.connection.Connection.TransportType.OPENVPN; +import static junit.framework.Assert.assertFalse; import static junit.framework.Assert.assertTrue; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.RETURNS_DEEP_STUBS; @@ -44,7 +49,7 @@ public class VpnConfigGeneratorTest { private JSONObject gateway; private JSONObject secrets; - String expectedVPNConfig_tcp_udp = "# Config for OpenVPN 2.x\n" + + String expectedVPNConfig_v1_tcp_udp = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + "management-client\n" + @@ -162,7 +167,7 @@ public class VpnConfigGeneratorTest { "keepalive 10 30 \n" + "tls-cipher DHE-RSA-AES128-SHA"; - String expectedVPNConfig_udp_tcp = "# Config for OpenVPN 2.x\n" + + String expectedVPNConfig_v1_udp_tcp = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + "management-client\n" + @@ -280,7 +285,7 @@ public class VpnConfigGeneratorTest { "keepalive 10 30 \n" + "tls-cipher DHE-RSA-AES128-SHA"; - String expectedVPNConfig_pt_tcp = "# Config for OpenVPN 2.x\n" + + String expectedVPNConfig_v3_obfs4 = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + "management-client\n" + @@ -297,8 +302,7 @@ public class VpnConfigGeneratorTest { "connect-retry 2 300\n" + "resolv-retry 60\n" + "dev tun\n" + - "remote 127.0.0.1 1234 tcp-client\n" + - "remote 37.218.247.60 1195 tcp-client\n" + + "remote 127.0.0.1 4430 tcp-client\n" + "\n" + "-----BEGIN CERTIFICATE-----\n" + "MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRgwFgYDVQQDDA9CaXRt\n" + @@ -386,6 +390,7 @@ public class VpnConfigGeneratorTest { "-----END CERTIFICATE-----\n" + "\n" + "crl-verify file missing in config profile\n" + + "route 37.218.247.60 255.255.255.255 net_gateway\n"+ "remote-cert-tls server\n" + "cipher AES-128-CBC\n" + "auth SHA1\n" + @@ -398,7 +403,7 @@ public class VpnConfigGeneratorTest { "keepalive 10 30 \n" + "tls-cipher DHE-RSA-AES128-SHA \n"; - String expectedVPNConfig_pt_tcp_udp = "# Config for OpenVPN 2.x\n" + + String expectedVPNConfig_v3_ovpn_tcp_udp = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + "management-client\n" + @@ -415,7 +420,6 @@ public class VpnConfigGeneratorTest { "connect-retry 2 300\n" + "resolv-retry 60\n" + "dev tun\n" + - "remote 127.0.0.1 1234 tcp-client\n" + "remote 37.218.247.60 1195 tcp-client\n" + "remote 37.218.247.60 1195 udp\n" + "\n" + @@ -517,7 +521,7 @@ public class VpnConfigGeneratorTest { "keepalive 10 30 \n" + "tls-cipher DHE-RSA-AES128-SHA \n"; - String expectedVPNConfig_pt_udp_tcp = "# Config for OpenVPN 2.x\n" + + String expectedVPNConfig_v3_ovpn_udp_tcp = "# Config for OpenVPN 2.x\n" + "# Enables connection to GUI\n" + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + "management-client\n" + @@ -534,7 +538,6 @@ public class VpnConfigGeneratorTest { "connect-retry 2 300\n" + "resolv-retry 60\n" + "dev tun\n" + - "remote 127.0.0.1 1234 tcp-client\n" + "remote 37.218.247.60 1195 udp\n" + "remote 37.218.247.60 1195 tcp-client\n" + "\n" + @@ -655,45 +658,69 @@ public class VpnConfigGeneratorTest { public void testGenerateVpnProfile_v1_tcp_udp() throws Exception { gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("gateway_tcp_udp.json"))); vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 1); - VpnProfile vpnProfile = vpnConfigGenerator.generateVpnProfile(); - assertTrue(vpnProfile.getConfigFile(context, false).trim().equals(expectedVPNConfig_tcp_udp.trim())); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertFalse(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v1_tcp_udp.trim())); } @Test public void testGenerateVpnProfile_v1_udp_tcp() throws Exception { gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("gateway_udp_tcp.json"))); vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 1); - VpnProfile vpnConfig = vpnConfigGenerator.generateVpnProfile(); - assertTrue(vpnConfig.getConfigFile(context, false).trim().equals(expectedVPNConfig_udp_tcp.trim())); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertFalse(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v1_udp_tcp.trim())); } @Test - public void testGenerateVpnProfile_v2_pt_tcp() throws Exception { - gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + public void testGenerateVpnProfile_v2_tcp_udp() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("gateway_tcp_udp.json"))); vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 2); - VpnProfile vpnProfile = vpnConfigGenerator.generateVpnProfile(); - vpnProfile.mConnections[0].setServerPort("1234"); - System.out.println(vpnProfile.getConfigFile(context, false)); - assertTrue(vpnProfile.getConfigFile(context, false).trim().equals(expectedVPNConfig_pt_tcp.trim())); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertFalse(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v1_tcp_udp.trim())); } @Test - public void testGenerateVpnProfile_v2_pt_tcp_udp() throws Exception { - gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_pt_tcp_udp.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + public void testGenerateVpnProfile_v2_udp_tcp() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("gateway_udp_tcp.json"))); vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 2); - VpnProfile vpnProfile = vpnConfigGenerator.generateVpnProfile(); - vpnProfile.mConnections[0].setServerPort("1234"); - System.out.println(vpnProfile.getConfigFile(context, false)); - assertTrue(vpnProfile.getConfigFile(context, false).trim().equals(expectedVPNConfig_pt_tcp_udp.trim())); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertFalse(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v1_udp_tcp.trim())); } + @Test - public void testGenerateVpnProfile_v2_pt_udp_tcp() throws Exception { + public void testGenerateVpnProfile_v3_obfs4() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo.bitmask.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 3); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertTrue(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.containsKey(OPENVPN)); + System.out.println(vpnProfiles.get(OBFS4).getConfigFile(context, false)); + assertTrue(vpnProfiles.get(OBFS4).getConfigFile(context, false).trim().equals(expectedVPNConfig_v3_obfs4.trim())); + } + + @Test + public void testGenerateVpnProfile_v3_ovpn_tcp_udp() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_pt_tcp_udp.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 3); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertTrue(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.containsKey(OPENVPN)); + System.out.println(vpnProfiles.get(OPENVPN).getConfigFile(context, false)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v3_ovpn_tcp_udp.trim())); + } + + @Test + public void testGenerateVpnProfile_v3_ovpn_udp_tcp() throws Exception { gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ptdemo_pt_udp_tcp.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); - vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 2); - VpnProfile vpnProfile = vpnConfigGenerator.generateVpnProfile(); - vpnProfile.mConnections[0].setServerPort("1234"); - System.out.println(vpnProfile.getConfigFile(context, false)); - assertTrue(vpnProfile.getConfigFile(context, false).trim().equals(expectedVPNConfig_pt_udp_tcp.trim())); + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 3); + HashMap vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + assertTrue(vpnProfiles.containsKey(OBFS4)); + assertTrue(vpnProfiles.containsKey(OPENVPN)); + System.out.println(vpnProfiles.get(OPENVPN).getConfigFile(context, false)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v3_ovpn_udp_tcp.trim())); } } \ No newline at end of file diff --git a/app/src/test/resources/ptdemo.bitmask.eip-service.json b/app/src/test/resources/ptdemo.bitmask.eip-service.json index 38146a40..e5ede239 100644 --- a/app/src/test/resources/ptdemo.bitmask.eip-service.json +++ b/app/src/test/resources/ptdemo.bitmask.eip-service.json @@ -15,7 +15,7 @@ "23049" ], "options": { - "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1", "iat-mode": "0" } }, @@ -60,5 +60,5 @@ "verb" : "3" }, "serial":2, - "version":2 + "version":3 } \ No newline at end of file diff --git a/app/src/test/resources/ptdemo_pt_tcp_udp.eip-service.json b/app/src/test/resources/ptdemo_pt_tcp_udp.eip-service.json index 4337547b..f39a1597 100644 --- a/app/src/test/resources/ptdemo_pt_tcp_udp.eip-service.json +++ b/app/src/test/resources/ptdemo_pt_tcp_udp.eip-service.json @@ -61,5 +61,5 @@ "verb" : "3" }, "serial":2, - "version":2 + "version":3 } \ No newline at end of file diff --git a/app/src/test/resources/ptdemo_pt_udp_tcp.eip-service.json b/app/src/test/resources/ptdemo_pt_udp_tcp.eip-service.json index 4161fced..71c9857a 100644 --- a/app/src/test/resources/ptdemo_pt_udp_tcp.eip-service.json +++ b/app/src/test/resources/ptdemo_pt_udp_tcp.eip-service.json @@ -61,5 +61,5 @@ "verb" : "3" }, "serial":2, - "version":2 + "version":3 } \ No newline at end of file diff --git a/app/src/test/resources/ptdemo_three_mixed_gateways.json b/app/src/test/resources/ptdemo_three_mixed_gateways.json new file mode 100644 index 00000000..f81da6b3 --- /dev/null +++ b/app/src/test/resources/ptdemo_three_mixed_gateways.json @@ -0,0 +1,133 @@ +{ + "gateways":[ + { + "capabilities":{ + "adblock":false, + "filter_dns":false, + "limited":false, + "transport":[ + { + "type":"obfs4", + "protocols":[ + "tcp" + ], + "ports":[ + "23049" + ], + "options": { + "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1", + "iat-mode": "0" + } + }, + { + "type":"openvpn", + "protocols":[ + "tcp" + ], + "ports":[ + "1195" + ] + } + ], + "user_ips":false + }, + "host":"pt.demo.bitmask.net", + "ip_address":"37.218.247.60", + "location":"Amsterdam" + }, + { + "capabilities":{ + "adblock":false, + "filter_dns":false, + "limited":false, + "transport":[ + { + "type":"obfs4", + "protocols":[ + "tcp" + ], + "ports":[ + "443" + ], + "options": { + "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2", + "iat-mode": "0" + } + }, + { + "type":"openvpn", + "protocols":[ + "tcp" + ], + "ports":[ + "1195" + ] + } + ], + "user_ips":false + }, + "host":"moscow.bitmask.net", + "ip_address":"3.21.247.89", + "location":"moscow" + }, + { + "capabilities":{ + "adblock":false, + "filter_dns":false, + "limited":false, + "transport":[ + { + "type":"openvpn", + "protocols":[ + "tcp", + "udp" + ], + "ports":[ + "1195" + ] + } + ], + "user_ips":false + }, + "host":"manila.bitmask.net", + "ip_address":"37.12.247.10", + "location":"manila" + } + ], + "locations":{ + "Amsterdam":{ + "country_code":"NL", + "hemisphere":"N", + "name":"Amsterdam", + "timezone":"-1" + }, + "moscow": { + "country_code": "RU", + "hemisphere": "N", + "name": "Moscow", + "timezone": "+3" + }, + "manila": { + "country_code": "PH", + "hemisphere": "N", + "name": "Manila", + "timezone": "+8" + } + }, + "openvpn_configuration":{ + "auth":"SHA1", + "cipher":"AES-256-CBC", + "keepalive":"10 30", + "tls-cipher":"DHE-RSA-AES128-SHA", + "tun-ipv6":true, + "dev" : "tun", + "sndbuf" : "0", + "rcvbuf" : "0", + "nobind" : true, + "persist-key" : true, + "key-direction" : "1", + "verb" : "3" + }, + "serial":2, + "version":3 +} \ No newline at end of file -- cgit v1.2.3