From 9e7317c9e8323c0a97bca05548928ab0a5f0900d Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 13 Apr 2023 13:52:53 +0200 Subject: Assume port hopping only in case of a missing endpoints json for obfs4-hop. The gateway IP and the cert json field in options substitute the missing endpoints json --- .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 32 ++++++++++++++++------ .../pluggableTransports/HoppingConfig.java | 20 ++++++++++---- .../pluggableTransports/HoppingObfsVpnClient.java | 8 +----- 3 files changed, 38 insertions(+), 22 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java index 853082be..d32d1a71 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java @@ -228,7 +228,7 @@ public class VpnConfigGenerator { } private String gatewayConfiguration(TransportType transportType) { - String remotes = ""; + String configs = ""; StringBuilder stringBuilder = new StringBuilder(); try { @@ -257,12 +257,12 @@ public class VpnConfigGenerator { e.printStackTrace(); } - remotes = stringBuilder.toString(); - if (remotes.endsWith(newLine)) { - remotes = remotes.substring(0, remotes.lastIndexOf(newLine)); + configs = stringBuilder.toString(); + if (configs.endsWith(newLine)) { + configs = configs.substring(0, configs.lastIndexOf(newLine)); } - return remotes; + return configs; } private void gatewayConfigMinApiv3(TransportType transportType, StringBuilder stringBuilder, String[] ipAddresses) throws JSONException { @@ -372,7 +372,9 @@ public class VpnConfigGenerator { } if (transportType == OBFS4_HOP && - (transport.getOptions() == null || transport.getOptions().getEndpoints() == null || transport.getOptions().getPortCount() == 0)) { + (transport.getOptions() == null || + (transport.getOptions().getEndpoints() == null && transport.getOptions().getCert() == null) || + transport.getOptions().getPortCount() == 0)) { VpnStatus.logError("Misconfigured provider: missing properties for transport " + transport.getType() + " on gateway " + ipAddress); return; } @@ -403,10 +405,22 @@ public class VpnConfigGenerator { if (useObfuscationPinning) { return "route " + obfuscationPinningIP + " 255.255.255.255 net_gateway" + newLine; } - if (transport.getTransportType() == OBFS4) { - return "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine; + switch (transport.getTransportType()) { + case OBFS4: + return "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine; + case OBFS4_HOP: + if (transport.getOptions().getEndpoints() != null) { + StringBuilder routes = new StringBuilder(); + for (Transport.Endpoint endpoint : transport.getOptions().getEndpoints()) { + routes.append("route " + endpoint.getIp() + " 255.255.255.255 net_gateway" + newLine); + } + return routes.toString(); + } else { + return "route " + ipAddress + " 255.255.255.255 net_gateway" + newLine; + } } - return newLine; + + return ""; } // While openvpn in TCP mode is required for obfs4, openvpn in UDP mode is required for obfs4-hop diff --git a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingConfig.java b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingConfig.java index e885166a..3780b7dc 100644 --- a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingConfig.java +++ b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingConfig.java @@ -20,17 +20,25 @@ public class HoppingConfig { public HoppingConfig(boolean kcp, String proxyAddr, - Transport transport, + Obfs4Options options, int minHopSeconds, int hopJitter) { this.kcp = kcp; this.proxyAddr = proxyAddr; + Transport transport = options.transport; Transport.Endpoint[] endpoints = transport.getOptions().getEndpoints(); - this.remotes = new String[endpoints.length]; - this.certs = new String[endpoints.length]; - for (int i = 0; i < remotes.length; i++) { - remotes[i] = endpoints[i].getIp(); - certs[i] = endpoints[i].getCert(); + if (endpoints == null) { + // only port hopping, we assume the gateway IP as hopping PT's IP + this.remotes = new String[]{ options.gatewayIP }; + this.certs = new String[] { transport.getOptions().getCert() }; + } else { + // port+ip hopping + this.remotes = new String[endpoints.length]; + this.certs = new String[endpoints.length]; + for (int i = 0; i < remotes.length; i++) { + remotes[i] = endpoints[i].getIp(); + certs[i] = endpoints[i].getCert(); + } } this.portSeed = transport.getOptions().getPortSeed(); this.portCount = transport.getOptions().getPortCount(); diff --git a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingObfsVpnClient.java b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingObfsVpnClient.java index 1b19213f..751208ba 100644 --- a/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingObfsVpnClient.java +++ b/app/src/main/java/se/leap/bitmaskclient/pluggableTransports/HoppingObfsVpnClient.java @@ -1,7 +1,5 @@ package se.leap.bitmaskclient.pluggableTransports; -import static de.blinkt.openvpn.core.connection.Connection.TransportProtocol.KCP; - import client.Client; import client.HopClient; import de.blinkt.openvpn.core.VpnStatus; @@ -21,11 +19,7 @@ public class HoppingObfsVpnClient implements PtClientInterface { //if so, we stick to it, otherwise we flip the flag boolean kcp = Constants.KCP.equals(options.transport.getProtocols()[0]); - if (options.transport.getOptions().getEndpoints() == null) { - throw new IllegalStateException("No Endpoints for hopping pt detected!"); - } - - HoppingConfig hoppingConfig = new HoppingConfig(kcp,IP+":"+PORT, options.transport, 10, 10); + HoppingConfig hoppingConfig = new HoppingConfig(kcp,IP+":"+PORT, options, 10, 10); try { client = Client.newFFIHopClient(hoppingConfig.toString()); } catch (Exception e) { -- cgit v1.2.3