win7 support fixes

wizard added
amnezia-vpn · May 18, 2021 · 4ba964d · 4ba964d
1 parent 45e5ec7
commit 4ba964d
Show file tree

Hide file tree

Showing 16 changed files with 2,053 additions and 477 deletions.
diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp
@@ -203,7 +203,14 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia
     config.replace("$OPENVPN_CA_CERT", connData.caCert);
     config.replace("$OPENVPN_CLIENT_CERT", connData.clientCert);
     config.replace("$OPENVPN_PRIV_KEY", connData.privKey);
-    config.replace("$OPENVPN_TA_KEY", connData.taKey);
+
+    if (config.contains("$OPENVPN_TA_KEY")) {
+        config.replace("$OPENVPN_TA_KEY", connData.taKey);
+    }
+    else {
+        config.replace("<tls-auth>", "");
+        config.replace("</tls-auth>", "");
+    }
 
 #ifdef Q_OS_MAC
     config.replace("block-outside-dns", "");
@@ -222,6 +229,11 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config)
     if (m_settings().customRouting()) {
         config.replace("redirect-gateway def1 bypass-dhcp", "");
     }
+    else {
+        if(!config.contains("redirect-gateway def1 bypass-dhcp")) {
+            config.append("redirect-gateway def1 bypass-dhcp\n");
+        }
+    }
 
 #ifdef Q_OS_MAC
     config.replace("block-outside-dns", "");

diff --git a/client/core/servercontroller.cpp b/client/core/servercontroller.cpp
@@ -508,7 +508,7 @@ ErrorCode ServerController::startupContainerWorker(const ServerCredentials &cred
             genVarsForScript(credentials, container, config)));
 }
 
-ServerController::Vars ServerController::genVarsForScript(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
+ServerController::Vars ServerController::   genVarsForScript(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
 {
     const QJsonObject &openvpnConfig = config.value(config_key::openvpn).toObject();
     const QJsonObject &cloakConfig = config.value(config_key::cloak).toObject();
@@ -529,9 +529,17 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
 
     bool isNcpDisabled = openvpnConfig.value(config_key::ncp_disable).toBool(amnezia::protocols::openvpn::defaultNcpDisable);
     vars.append({{"$OPENVPN_NCP_DISABLE",  isNcpDisabled ? protocols::openvpn::ncpDisableString : "" }});
+
     vars.append({{"$OPENVPN_CIPHER", openvpnConfig.value(config_key::cipher).toString(amnezia::protocols::openvpn::defaultCipher) }});
     vars.append({{"$OPENVPN_HASH", openvpnConfig.value(config_key::hash).toString(amnezia::protocols::openvpn::defaultHash) }});
 
+    bool isTlsAuth = openvpnConfig.value(config_key::tls_auth).toBool(amnezia::protocols::openvpn::defaultTlsAuth);
+    vars.append({{"$OPENVPN_TLS_AUTH", isTlsAuth ? protocols::openvpn::tlsAuthString : "" }});
+    if (!isTlsAuth) {
+        // erase $OPENVPN_TA_KEY, so it will not set in OpenVpnConfigurator::genOpenVpnConfig
+        vars.append({{"$OPENVPN_TA_KEY", "" }});
+    }
+
     // ShadowSocks vars
     vars.append({{"$SHADOWSOCKS_SERVER_PORT", ssConfig.value(config_key::port).toString(amnezia::protocols::shadowsocks::defaultPort) }});
     vars.append({{"$SHADOWSOCKS_LOCAL_PORT", ssConfig.value(config_key::local_port).toString(amnezia::protocols::shadowsocks::defaultLocalProxyPort) }});

diff --git a/client/images/plus.png b/client/images/plus.png
diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h
@@ -29,6 +29,7 @@ constexpr char transport_proto[] = "transport_proto";
 constexpr char cipher[] = "cipher";
 constexpr char hash[] = "hash";
 constexpr char ncp_disable[] = "ncp_disable";
+constexpr char tls_auth[] = "tls_auth";
 
 constexpr char site[] = "site";
 constexpr char block_outside_dns[] = "block_outside_dns";
@@ -72,7 +73,9 @@ constexpr char defaultCipher[] = "AES-256-GCM";
 constexpr char defaultHash[] = "SHA512";
 constexpr bool defaultBlockOutsideDns = true;
 constexpr bool defaultNcpDisable = false;
+constexpr bool defaultTlsAuth = true;
 constexpr char ncpDisableString[] = "ncp-disable";
+constexpr char tlsAuthString[] = "tls-auth /opt/amnezia/openvpn/ta.key 0";
 
 }
 

diff --git a/client/server_scripts/openvpn/configure_container.sh b/client/server_scripts/openvpn/configure_container.sh
@@ -23,5 +23,5 @@ status openvpn-status.log \\n\
 verb 1 \\n\
 tls-server \\n\
 tls-version-min 1.2 \\n\
-tls-auth /opt/amnezia/openvpn/ta.key 0" >>/opt/amnezia/openvpn/server.conf'
+$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
 
diff --git a/client/server_scripts/openvpn_cloak/configure_container.sh b/client/server_scripts/openvpn_cloak/configure_container.sh
@@ -23,7 +23,7 @@ status openvpn-status.log \\n\
 verb 1 \\n\
 tls-server \\n\
 tls-version-min 1.2 \\n\
-tls-auth /opt/amnezia/openvpn/ta.key 0" >>/opt/amnezia/openvpn/server.conf'
+$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
 
 # Cloak config
 sudo docker exec -i $CONTAINER_NAME bash -c '\

diff --git a/client/server_scripts/openvpn_shadowsocks/configure_container.sh b/client/server_scripts/openvpn_shadowsocks/configure_container.sh
@@ -23,7 +23,7 @@ status openvpn-status.log \\n\
 verb 1 \\n\
 tls-server \\n\
 tls-version-min 1.2 \\n\
-tls-auth /opt/amnezia/openvpn/ta.key 0" >>/opt/amnezia/openvpn/server.conf'
+$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
 
 # Cloak config
 sudo docker exec -i $CONTAINER_NAME bash -c '\

diff --git a/client/translations/amneziavpn_ru.qm b/client/translations/amneziavpn_ru.qm