Configuring of ikev2

2026-05-08 14:33:23 +00:00 · 2023-07-07 14:19:03 +03:00
parent b818de3378
commit aef20430f2
5 changed files with 60 additions and 11 deletions
--- a/client/android/src/org/amnezia/vpn/IKEv2Thread.kt
+++ b/client/android/src/org/amnezia/vpn/IKEv2Thread.kt
@@ -58,13 +58,27 @@ class IKEv2Thread(
        mAppDir = filesDirAbsolutePath
    }

+    fun setNextProfile(profile: VpnProfile) {
+
+        // TODO: take a look at "vpnprofileimportactivity" in starongswan repo 
+        //       to understand how to pass the profile object before starting of ikev2 tunnel
+
+        synchronized(this) {
+            mNextProfile = profile
+            mProfileUpdated = true
+            notifyAll()
+        }
+    }
+
    override fun run() {
        while (true) {
            synchronized(this) {
                try {
                    while (!mProfileUpdated) {
+                        Log.i(TAG, "charon contunue")
                        continue
                    }
+
                    mProfileUpdated = false
                    stopCurrentConnection()

--- a/client/android/src/org/amnezia/vpn/VPNService.kt
+++ b/client/android/src/org/amnezia/vpn/VPNService.kt
@@ -150,6 +150,8 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
    private var mOpenVPNThreadv3: OpenVPNThreadv3? = null
    var currentTunnelHandle = -1

+    private var ikev2VpnThread: IKEv2Thread? = null
+
    private var intent: Intent? = null
    private var flags = 0
    private var startId = 0
@@ -165,6 +167,7 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
        Log.e(tag, "Wireguard Version ${wgVersion()}")
        mOpenVPNThreadv3 = OpenVPNThreadv3(this)
        mAlreadyInitialised = true
+        ikev2VpnThread = IKEv2Thread(mbuilder, getFilesDir().getAbsolutePath())
    }

    override fun onCreate() {
@@ -384,8 +387,11 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
                startShadowsocks()
                startTest()
            }
+            "ikev2" -> {
+                startIPSEC()
+            }
            else -> {
-                Log.e(tag, "No protocol")
+                Log.e(tag, "Unknown protocol ($mProtocol)")
                return 0
            }
        }
@@ -393,6 +399,18 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
        return 1
    }

+    private fun startIPSEC() {
+        Log.v(tag, "start ipsec")
+        ikev2VpnThread = IKEv2Thread(mbuilder, getFilesDir().getAbsolutePath())
+        
+        // TODO: pass the "vpnprofile" instance as a parameter
+        // ikev2VpnThread.setNextProfile() 
+
+        Thread({
+            ikev2VpnThread?.run()
+        }).start()
+    }
+
    fun establish(): ParcelFileDescriptor? {
        Log.v(tag, "Aman: establish....................")
        mbuilder.allowFamily(OsConstants.AF_INET)
--- a/client/cmake/3rdparty.cmake
+++ b/client/cmake/3rdparty.cmake
@@ -12,16 +12,16 @@ set(LIBS ${LIBS} SortFilterProxyModel)
 include(${CLIENT_ROOT_DIR}/3rd/qrcodegen/qrcodegen.cmake)
 include(${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/QSimpleCrypto.cmake)

-set(BUILD_SHARED_LIBS ON CACHE BOOL "" FORCE)
-add_subdirectory(${CLIENT_ROOT_DIR}/3rd/zlib)
-if(WIN32)
-    set(ZLIB_LIBRARY $<IF:$<CONFIG:Debug>,zlibd,zlib>)
-else()
-    set(ZLIB_LIBRARY z)
-endif()
-set(ZLIB_INCLUDE_DIR "${CLIENT_ROOT_DIR}/3rd/zlib" "${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib")
-link_directories(${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib)
-link_libraries(${ZLIB_LIBRARY})
+#set(BUILD_SHARED_LIBS ON CACHE BOOL "" FORCE)
+#add_subdirectory(${CLIENT_ROOT_DIR}/3rd/zlib)
+#if(WIN32)
+#    set(ZLIB_LIBRARY $<IF:$<CONFIG:Debug>,zlibd,zlib>)
+#else()
+#    set(ZLIB_LIBRARY z)
+#endif()
+#set(ZLIB_INCLUDE_DIR "${CLIENT_ROOT_DIR}/3rd/zlib" "${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib")
+#link_directories(${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib)
+#link_libraries(${ZLIB_LIBRARY})

 if(IOS)
    set(ENABLE_PROGRAMS OFF CACHE BOOL "" FORCE)
@@ -105,6 +105,7 @@ set(BUILD_WITH_QT6 ON)
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/qtkeychain)
 set(LIBS ${LIBS} qt6keychain)

+
 include(${CLIENT_ROOT_DIR}/3rd/strongswan/strongswan.cmake)

 include_directories(
--- a/client/containers/containers_defs.cpp
+++ b/client/containers/containers_defs.cpp
@@ -170,6 +170,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
    case DockerContainer::WireGuard: return true;
    case DockerContainer::OpenVpn: return true;
    case DockerContainer::ShadowSocks: return true;
+    case DockerContainer::Ipsec: return true;
    default: return false;
    }

--- a/client/platforms/android/android_controller.cpp
+++ b/client/platforms/android/android_controller.cpp
@@ -176,6 +176,21 @@ ErrorCode AndroidController::start()
                appContext.object());

    QJsonDocument doc(m_vpnConfig);
+
+    /*** The following code snippet needs to correct displaying of config in debug console
+     * (Android's stdout limits length of output message)
+     * 
+     * QString string(doc.toJson(QJsonDocument::Compact));
+     * 
+     * qDebug() << "*** config: ";
+     * for (int i = 0; i <= string.length()/100; i++) {
+     *  int start = i*100;
+     *  qDebug() << string.mid(start, 100);
+     * }
+     * 
+     * qDebug() << "*** config: " << m_vpnConfig;
+     ***/
+
    AndroidVPNActivity::sendToService(ServiceAction::ACTION_ACTIVATE, doc.toJson());

    return NoError;