コード例 #1
0
ファイル: ConnectionActive.cs プロジェクト: nir94/Eddie
        public void SetAuthUserPass(string username, string password)
        {
            if (PasswordAuthFile != null)
            {
                PasswordAuthFile.Close();
                PasswordAuthFile = null;
            }

            PasswordAuthFile = new TemporaryFile("ppw");
            string fileNameAuthOvpn = PasswordAuthFile.Path;
            string fileNameData     = username + "\n" + password + "\n";

            Platform.Instance.FileContentsWriteText(fileNameAuthOvpn, fileNameData, Encoding.Default); // TOFIX: Check if OpenVPN expect UTF-8
            Platform.Instance.FileEnsurePermission(fileNameAuthOvpn, "600");

            OpenVpnProfileStartup.AppendDirective("auth-user-pass", OpenVpnProfileStartup.EncodePath(fileNameAuthOvpn), "Auth");
        }
コード例 #2
0
ファイル: ConnectionInfo.cs プロジェクト: martin762/Eddie
        public ConnectionActive BuildConnectionActive(bool preview)
        {
            // If preview, no physical additional files are created.

            ConnectionActive connectionActive = new ConnectionActive();

            Storage s = Engine.Instance.Storage;

            connectionActive.OpenVpnProfileStartup = new OvpnBuilder();
            OvpnBuilder ovpn = connectionActive.OpenVpnProfileStartup;

            ovpn.AppendDirective("setenv", "IV_GUI_VER " + Constants.Name + Constants.VersionDesc, "Client level");

            if (s.GetBool("openvpn.skip_defaults") == false)
            {
                ovpn.AppendDirectives(Engine.Instance.Storage.Get("openvpn.directives"), "Client level");
                string directivesPath = Engine.Instance.Storage.Get("openvpn.directives.path");
                if (directivesPath.Trim() != "")
                {
                    try
                    {
                        if (Platform.Instance.FileExists(directivesPath))
                        {
                            string text = Platform.Instance.FileContentsReadText(directivesPath);
                            ovpn.AppendDirectives(text, "Client level");
                        }
                        else
                        {
                            Engine.Instance.Logs.Log(LogType.Warning, LanguageManager.GetText("FileNotFound", directivesPath));
                        }
                    }
                    catch (Exception ex)
                    {
                        Engine.Instance.Logs.Log(LogType.Warning, LanguageManager.GetText("FileErrorRead", directivesPath, ex.Message));
                    }
                }
                Provider.OnBuildOvpnDefaults(ovpn);

                ovpn.AppendDirectives(OvpnDirectives, "Server level");

                if (Path != "")
                {
                    if (Platform.Instance.FileExists(Path))
                    {
                        string text = Platform.Instance.FileContentsReadText(Path);
                        ovpn.AppendDirectives(text, "Config file");

                        string dirPath = Platform.Instance.FileGetDirectoryPath(Path);
                        ovpn.NormalizeRelativePath(dirPath);
                    }
                }
            }

            if (s.Get("openvpn.dev_node") != "")
            {
                ovpn.AppendDirective("dev-node", s.Get("openvpn.dev_node"), "");
            }

            if (s.Get("network.entry.iface") != "")
            {
                ovpn.AppendDirective("local", s.Get("network.entry.iface"), "");
                ovpn.RemoveDirective("nobind");
            }
            else
            {
                ovpn.RemoveDirective("local");
                ovpn.AppendDirective("nobind", "", "");
            }

            int rcvbuf = s.GetInt("openvpn.rcvbuf");

            if (rcvbuf == -2)
            {
                rcvbuf = Platform.Instance.GetRecommendedRcvBufDirective();
            }
            if (rcvbuf == -2)
            {
                rcvbuf = -1;
            }
            if (rcvbuf != -1)
            {
                ovpn.AppendDirective("rcvbuf", rcvbuf.ToString(), "");
            }

            int sndbuf = s.GetInt("openvpn.sndbuf");

            if (sndbuf == -2)
            {
                sndbuf = Platform.Instance.GetRecommendedSndBufDirective();
            }
            if (sndbuf == -2)
            {
                sndbuf = -1;
            }
            if (sndbuf != -1)
            {
                ovpn.AppendDirective("sndbuf", sndbuf.ToString(), "");
            }

            string proxyDirectiveName = "";
            string proxyDirectiveArgs = "";

            string proxyMode = s.GetLower("proxy.mode");
            string proxyWhen = s.GetLower("proxy.when");

            if ((proxyWhen == "none") || (proxyWhen == "web"))
            {
                proxyMode = "none";
            }
            if (proxyMode == "tor")
            {
                proxyDirectiveName = "socks-proxy";
            }
            else if (proxyMode == "http")
            {
                proxyDirectiveName = "http-proxy";
            }
            else if (proxyMode == "socks")
            {
                proxyDirectiveName = "socks-proxy";
            }

            if (proxyDirectiveName != "")
            {
                proxyDirectiveArgs += s.Get("proxy.host") + " " + s.Get("proxy.port");

                if ((s.GetLower("proxy.mode") != "none") && (s.GetLower("proxy.mode") != "tor"))
                {
                    if (s.Get("proxy.auth") != "None")
                    {
                        string fileNameAuthOvpn = "";
                        if (preview)
                        {
                            fileNameAuthOvpn = "dummy.ppw";
                        }
                        else
                        {
                            connectionActive.ProxyAuthFile = new TemporaryFile("ppw");
                            fileNameAuthOvpn = connectionActive.ProxyAuthFile.Path;
                            string fileNameData = s.Get("proxy.login") + "\n" + s.Get("proxy.password") + "\n";
                            Platform.Instance.FileContentsWriteText(connectionActive.ProxyAuthFile.Path, fileNameData, Encoding.Default);                             // TOFIX: Check if OpenVPN expect UTF-8
                            Platform.Instance.FileEnsurePermission(connectionActive.ProxyAuthFile.Path, "600");
                        }
                        proxyDirectiveArgs += " " + ovpn.EncodePath(fileNameAuthOvpn) + " " + s.Get("proxy.auth").ToLowerInvariant();                         // 2.6 Auth Fix
                    }
                }

                ovpn.AppendDirective(proxyDirectiveName, proxyDirectiveArgs, "");
            }

            if (Constants.FeatureIPv6ControlOptions)
            {
                if (s.GetLower("network.ipv4.mode") == "in")
                {
                    connectionActive.TunnelIPv4 = true;
                }
                else if (s.GetLower("network.ipv4.mode") == "in-out")
                {
                    if (SupportIPv4)
                    {
                        connectionActive.TunnelIPv4 = true;
                    }
                    else
                    {
                        connectionActive.TunnelIPv4 = false;
                    }
                }
                else if (s.GetLower("network.ipv4.mode") == "in-block")
                {
                    if (SupportIPv4)
                    {
                        connectionActive.TunnelIPv4 = true;
                    }
                    else
                    {
                        connectionActive.TunnelIPv4 = false;                         // Out, but doesn't matter, will be blocked.
                    }
                }
                else if (s.GetLower("network.ipv4.mode") == "out")
                {
                    connectionActive.TunnelIPv4 = false;
                }
                else if (s.GetLower("network.ipv4.mode") == "block")
                {
                    connectionActive.TunnelIPv4 = false;                     // Out, but doesn't matter, will be blocked.
                }

                if (Engine.Instance.GetNetworkIPv6Mode() == "in")
                {
                    connectionActive.TunnelIPv6 = true;
                }
                else if (Engine.Instance.GetNetworkIPv6Mode() == "in-out")
                {
                    if (SupportIPv6)
                    {
                        connectionActive.TunnelIPv6 = true;
                    }
                    else
                    {
                        connectionActive.TunnelIPv6 = false;
                    }
                }
                else if (Engine.Instance.GetNetworkIPv6Mode() == "in-block")
                {
                    if (SupportIPv6)
                    {
                        connectionActive.TunnelIPv6 = true;
                    }
                    else
                    {
                        connectionActive.TunnelIPv6 = false;
                    }
                }
                else if (Engine.Instance.GetNetworkIPv6Mode() == "out")
                {
                    connectionActive.TunnelIPv6 = false;
                }
                else if (Engine.Instance.GetNetworkIPv6Mode() == "block")
                {
                    connectionActive.TunnelIPv6 = false;
                }

                if (Software.GetTool("openvpn").VersionAboveOrEqual("2.4"))
                {
                    ovpn.RemoveDirective("redirect-gateway");                     // Remove if exists
                    ovpn.AppendDirective("pull-filter", "ignore \"redirect-gateway\"", "Forced at client side");

                    if (connectionActive.TunnelIPv6 == false)
                    {
                        ovpn.AppendDirective("pull-filter", "ignore \"dhcp-option DNS6\"", "Client side");
                        ovpn.AppendDirective("pull-filter", "ignore \"tun-ipv6\"", "Client side");
                        ovpn.AppendDirective("pull-filter", "ignore \"ifconfig-ipv6\"", "Client side");
                    }

                    if ((connectionActive.TunnelIPv4 == false) && (connectionActive.TunnelIPv6 == false))
                    {
                        // no redirect-gateway
                    }
                    else if ((connectionActive.TunnelIPv4 == true) && (connectionActive.TunnelIPv6 == false))
                    {
                        ovpn.AppendDirective("redirect-gateway", "def1 bypass-dhcp", "");
                    }
                    else if ((connectionActive.TunnelIPv4 == false) && (connectionActive.TunnelIPv6 == true))
                    {
                        ovpn.AppendDirective("redirect-gateway", "ipv6 !ipv4 def1 bypass-dhcp", "");
                    }
                    else
                    {
                        ovpn.AppendDirective("redirect-gateway", "ipv6 def1 bypass-dhcp", "");
                    }
                }
                else
                {
                    // OpenVPN <2.4, IPv6 not supported, IPv4 required.
                    connectionActive.TunnelIPv4 = true;
                    connectionActive.TunnelIPv6 = false;

                    if (connectionActive.TunnelIPv4)
                    {
                        ovpn.AppendDirective("redirect-gateway", "def1 bypass-dhcp", "");
                    }
                    else
                    {
                        ovpn.AppendDirective("route-nopull", "", "For Routes Out");

                        // 2.9, this is used by Linux resolv-conf DNS method. Need because route-nopull also filter pushed dhcp-option.
                        // Incorrect with other provider, but the right-approach (pull-filter based) require OpenVPN <2.4.
                        ovpn.AppendDirective("dhcp-option", "DNS " + Constants.DnsVpn, "");
                    }
                }
            }
            else
            {
                string routesDefault = s.Get("routes.default");

                connectionActive.TunnelIPv4 = (routesDefault == "in");
                connectionActive.TunnelIPv6 = (routesDefault == "in");

                if (routesDefault == "out")
                {
                    if (Software.GetTool("openvpn").VersionAboveOrEqual("2.4"))
                    {
                        ovpn.RemoveDirective("redirect-gateway");                         // Remove if exists
                        ovpn.AppendDirective("pull-filter", "ignore \"redirect-gateway\"", "For Routes Out");
                    }
                    else                     // Compatibility <2.4
                    {
                        ovpn.AppendDirective("route-nopull", "", "For Routes Out");

                        // For DNS
                        // < 2.9. route directive useless, and DNS are forced manually in every supported platform. // TOCLEAN

                        /*
                         * ovpn += "dhcp-option DNS " + Constants.DnsVpn + "\n"; // Manually because route-nopull skip it
                         * ovpn += "route 10.4.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.5.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.6.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.7.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.8.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.9.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.30.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         * ovpn += "route 10.50.0.1 255.255.255.255 vpn_gateway # AirDNS\n";
                         */

                        // 2.9, this is used by Linux resolv-conf DNS method. Need because route-nopull also filter pushed dhcp-option.
                        // Incorrect with other provider, but the right-approach (pull-filter based) require OpenVPN <2.4.
                        ovpn.AppendDirective("dhcp-option", "DNS " + Constants.DnsVpn, "");
                    }
                }
            }

            // For Checking
            foreach (IpAddress ip in IpsExit.IPs)
            {
                connectionActive.AddRoute(ip, "vpn_gateway", "For Checking Route");
            }

            string routes = s.Get("routes.custom");

            string[] routes2 = routes.Split(';');
            foreach (string route in routes2)
            {
                string[] routeEntries = route.Split(',');
                if (routeEntries.Length != 3)
                {
                    continue;
                }

                string      ipCustomRoute  = routeEntries[0];
                IpAddresses ipsCustomRoute = new IpAddresses(ipCustomRoute);

                if (ipsCustomRoute.Count == 0)
                {
                    Engine.Instance.Logs.Log(LogType.Verbose, LanguageManager.GetText("CustomRouteInvalid", ipCustomRoute.ToString()));
                }
                else
                {
                    string action = routeEntries[1];
                    string notes  = routeEntries[2];

                    foreach (IpAddress ip in ipsCustomRoute.IPs)
                    {
                        bool layerIn = false;
                        if (ip.IsV4)
                        {
                            layerIn = connectionActive.TunnelIPv4;
                        }
                        else if (ip.IsV6)
                        {
                            layerIn = connectionActive.TunnelIPv6;
                        }
                        string gateway = "";
                        if ((layerIn == false) && (action == "in"))
                        {
                            gateway = "vpn_gateway";
                        }
                        if ((layerIn == true) && (action == "out"))
                        {
                            gateway = "net_gateway";
                        }
                        if (gateway != "")
                        {
                            connectionActive.AddRoute(ip, gateway, (notes != "") ? notes.Safe() : ipCustomRoute);
                        }
                    }
                }
            }

            if (proxyMode == "tor")
            {
                if (preview == false)
                {
                    TorControl.SendNEWNYM();
                }
                IpAddresses torNodeIps = TorControl.GetGuardIps((preview == false));
                foreach (IpAddress torNodeIp in torNodeIps.IPs)
                {
                    if (((connectionActive.TunnelIPv4) && (torNodeIp.IsV4)) ||
                        ((connectionActive.TunnelIPv6) && (torNodeIp.IsV6)))
                    {
                        connectionActive.AddRoute(torNodeIp, "net_gateway", "Tor Guard");
                    }
                }
            }

            {
                string managementPasswordFile = "dummy.ppw";
                if (preview == false)
                {
                    connectionActive.ManagementPassword     = RandomGenerator.GetHash();
                    connectionActive.ManagementPasswordFile = new TemporaryFile("ppw");
                    managementPasswordFile = connectionActive.ManagementPasswordFile.Path;
                    Platform.Instance.FileContentsWriteText(managementPasswordFile, connectionActive.ManagementPassword, Encoding.ASCII); // UTF8 not recognized by OpenVPN
                    Platform.Instance.FileEnsurePermission(managementPasswordFile, "600");
                }

                ovpn.AppendDirective("management", "127.0.0.1 " + Engine.Instance.Storage.Get("openvpn.management_port") + " " + ovpn.EncodePath(managementPasswordFile), "");
            }

            // Experimental - Allow identification as Public Network in Windows. Advanced Option?
            // ovpn.Append("route-metric 512");
            // ovpn.Append("route 0.0.0.0 0.0.0.0");

            Provider.OnBuildConnectionActive(this, connectionActive);

            Provider.OnBuildConnectionActiveAuth(connectionActive);

            Platform.Instance.OnBuildOvpn(ovpn);

            ovpn.AppendDirectives(Engine.Instance.Storage.Get("openvpn.custom"), "Custom level");

            foreach (ConnectionActiveRoute route in connectionActive.Routes)
            {
                if ((route.Address.IsV6) || (Constants.FeatureAlwaysBypassOpenvpnRoute))
                {
                }
                else
                {
                    // We never find a better method to manage IPv6 route via OpenVPN, at least <2.4.4
                    ovpn.AppendDirective("route", route.Address.ToOpenVPN() + " " + route.Gateway, route.Notes.Safe());
                }
            }

            ovpn.Normalize();

            return(connectionActive);
        }