mirror of
https://github.com/amnezia-vpn/amnezia-client.git
synced 2026-05-08 14:33:23 +00:00
fixed server go
This commit is contained in:
dranik
@@ -214,6 +214,14 @@ if(AMNEZIA_QR_PAIRING_ALLOW_DUPLICATE_VPN_KEY)
|
||||
target_compile_definitions(${PROJECT} PRIVATE AMNEZIA_QR_PAIRING_ALLOW_DUPLICATE_VPN_KEY)
|
||||
endif()
|
||||
|
||||
option(AMNEZIA_LAN_PLAINTEXT_GATEWAY "Dev: plaintext JSON to private LAN gateway hosts (requires AMNEZIA_QR_PAIRING_ALLOW)" OFF)
|
||||
if(AMNEZIA_LAN_PLAINTEXT_GATEWAY)
|
||||
if(NOT AMNEZIA_QR_PAIRING_ALLOW)
|
||||
message(FATAL_ERROR "AMNEZIA_LAN_PLAINTEXT_GATEWAY=ON requires AMNEZIA_QR_PAIRING_ALLOW=ON")
|
||||
endif()
|
||||
target_compile_definitions(${PROJECT} PRIVATE AMNEZIA_LAN_PLAINTEXT_GATEWAY)
|
||||
endif()
|
||||
|
||||
target_sources(${PROJECT} PRIVATE ${SOURCES} ${HEADERS} ${RESOURCES} ${QRC} ${I18NQRC})
|
||||
|
||||
# Finalize the executable so Qt can gather/deploy QML modules and plugins correctly (Android needs this).
|
||||
|
||||
@@ -2,12 +2,14 @@
|
||||
|
||||
#include <QJsonDocument>
|
||||
#include <QSysInfo>
|
||||
#include <QUrl>
|
||||
|
||||
#include "core/controllers/gatewayController.h"
|
||||
#include "core/repositories/secureAppSettingsRepository.h"
|
||||
#include "core/utils/api/apiUtils.h"
|
||||
#include "core/utils/constants/apiConstants.h"
|
||||
#include "core/utils/constants/apiKeys.h"
|
||||
#include "core/utils/networkUtilities.h"
|
||||
#include "version.h"
|
||||
|
||||
using namespace amnezia;
|
||||
@@ -22,10 +24,18 @@ constexpr qsizetype kPairingMaxApiKeyChars = 8192;
|
||||
|
||||
bool isLocalGatewayHost(const QString &gatewayUrl)
|
||||
{
|
||||
return gatewayUrl.contains(QStringLiteral("127.0.0.1"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("localhost"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("[::1]"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("::1"), Qt::CaseInsensitive);
|
||||
if (gatewayUrl.contains(QStringLiteral("127.0.0.1"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("localhost"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("[::1]"), Qt::CaseInsensitive)
|
||||
|| gatewayUrl.contains(QStringLiteral("::1"), Qt::CaseInsensitive)) {
|
||||
return true;
|
||||
}
|
||||
#ifdef AMNEZIA_LAN_PLAINTEXT_GATEWAY
|
||||
const QUrl u(gatewayUrl);
|
||||
return NetworkUtilities::hostIsPrivateLanAddress(u.host());
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
}
|
||||
|
||||
ErrorCode applyGatewayOrOpenApiGenerateError(const QJsonObject &obj, PairingController::QrPairingConfigPayload &outPayload)
|
||||
|
||||
@@ -94,7 +94,13 @@ GatewayController::EncryptedRequestData GatewayController::prepareRequest(const
|
||||
{
|
||||
const QUrl gatewayUrl(m_proxyUrl.isEmpty() ? m_gatewayEndpoint : m_proxyUrl);
|
||||
const QString host = gatewayUrl.host().toLower();
|
||||
if (host == QLatin1String("localhost") || host == QLatin1String("127.0.0.1") || host == QLatin1String("::1")) {
|
||||
bool usePlaintext = (host == QLatin1String("localhost") || host == QLatin1String("127.0.0.1") || host == QLatin1String("::1"));
|
||||
#ifdef AMNEZIA_LAN_PLAINTEXT_GATEWAY
|
||||
if (!usePlaintext) {
|
||||
usePlaintext = NetworkUtilities::hostIsPrivateLanAddress(host);
|
||||
}
|
||||
#endif
|
||||
if (usePlaintext) {
|
||||
encRequestData.isPlaintextLocalGateway = true;
|
||||
encRequestData.requestBody = QJsonDocument(apiPayload).toJson();
|
||||
return encRequestData;
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
#include <QJsonDocument>
|
||||
#include <QJsonArray>
|
||||
#include <QUuid>
|
||||
#include <QUrl>
|
||||
|
||||
#include "core/utils/errorCodes.h"
|
||||
#include "core/utils/routeModes.h"
|
||||
@@ -260,6 +261,14 @@ QString SecureAppSettingsRepository::getGatewayEndpoint(bool isTestPurchase) con
|
||||
|| base.contains(QStringLiteral("[::1]"), Qt::CaseInsensitive)) {
|
||||
return m_gatewayEndpoint;
|
||||
}
|
||||
#ifdef AMNEZIA_LAN_PLAINTEXT_GATEWAY
|
||||
{
|
||||
const QUrl gatewayUrl(base);
|
||||
if (NetworkUtilities::hostIsPrivateLanAddress(gatewayUrl.host())) {
|
||||
return m_gatewayEndpoint;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
return QString(DEV_AGW_ENDPOINT);
|
||||
}
|
||||
return m_gatewayEndpoint;
|
||||
|
||||
@@ -42,6 +42,7 @@
|
||||
#include <net/if.h>
|
||||
#endif
|
||||
|
||||
#include <QAbstractSocket>
|
||||
#include <QHostAddress>
|
||||
#include <QHostInfo>
|
||||
|
||||
@@ -491,3 +492,25 @@ QPair<QString, QNetworkInterface> NetworkUtilities::getGatewayAndIface()
|
||||
return { gateway, QNetworkInterface::interfaceFromIndex(index) };
|
||||
#endif
|
||||
}
|
||||
|
||||
bool NetworkUtilities::hostIsPrivateLanAddress(const QString &host)
|
||||
{
|
||||
if (host.isEmpty()) {
|
||||
return false;
|
||||
}
|
||||
QHostAddress addr(host);
|
||||
if (addr.isNull() || addr.isLoopback()) {
|
||||
return false;
|
||||
}
|
||||
if (addr.protocol() == QAbstractSocket::IPv4Protocol) {
|
||||
return addr.isInSubnet(QHostAddress(QStringLiteral("10.0.0.0")), 8)
|
||||
|| addr.isInSubnet(QHostAddress(QStringLiteral("172.16.0.0")), 12)
|
||||
|| addr.isInSubnet(QHostAddress(QStringLiteral("192.168.0.0")), 16)
|
||||
|| addr.isInSubnet(QHostAddress(QStringLiteral("169.254.0.0")), 16);
|
||||
}
|
||||
if (addr.protocol() == QAbstractSocket::IPv6Protocol) {
|
||||
return addr.isInSubnet(QHostAddress(QStringLiteral("fe80::")), 10)
|
||||
|| addr.isInSubnet(QHostAddress(QStringLiteral("fc00::")), 7);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -30,6 +30,9 @@ public:
|
||||
static QString netMaskFromIpWithSubnet(const QString ip);
|
||||
static QString ipAddressFromIpWithSubnet(const QString ip);
|
||||
static QStringList summarizeRoutes(const QStringList &ips, const QString cidr);
|
||||
|
||||
/// True for RFC1918 / IPv4 link-local / IPv6 ULA or IPv6 link-local (dev-only LAN gateway with tools/local_gateway).
|
||||
static bool hostIsPrivateLanAddress(const QString &host);
|
||||
};
|
||||
|
||||
#endif // NETWORKUTILITIES_H
|
||||
|
||||
Reference in New Issue
Block a user