Windscribe
diff --git a/‎.gitignore‎
Lines changed: 3 additions & 1 deletion b/‎.gitignore‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 385 additions & 302 deletions b/‎.gitlab-ci.yml‎
Lines changed: 385 additions & 302 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 21 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 139 additions & 151 deletions b/‎README.md‎
Lines changed: 139 additions & 151 deletions
diff --git a/‎backend/linux/helper/execute_cmd.cpp‎
Lines changed: 17 additions & 26 deletions b/‎backend/linux/helper/execute_cmd.cpp‎
Lines changed: 17 additions & 26 deletions
diff --git a/‎backend/linux/helper/execute_cmd.h‎
Lines changed: 1 addition & 1 deletion b/‎backend/linux/helper/execute_cmd.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/linux/helper/helper.pro‎
Lines changed: 19 additions & 6 deletions b/‎backend/linux/helper/helper.pro‎
Lines changed: 19 additions & 6 deletions
diff --git a/‎backend/linux/helper/ipc/helper_security.cpp‎
Lines changed: 1 addition & 1 deletion b/‎backend/linux/helper/ipc/helper_security.cpp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/linux/helper/logger.cpp‎
Lines changed: 1 addition & 1 deletion b/‎backend/linux/helper/logger.cpp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/linux/helper/ovpn.cpp‎
Lines changed: 72 additions & 0 deletions b/‎backend/linux/helper/ovpn.cpp‎
Lines changed: 72 additions & 0 deletions
@@ -1,6 +1,8 @@
 build-*
 *.user
 release/
+release64/
+release_x64/
 debug/
 temp/
 .vs/
@@ -20,7 +22,7 @@ tools/.idea/
 
 # secrets
 tools/notarize.yml
-common/utils/hardcodedsecrets.ini
+client/common/utils/hardcodedsecrets.ini
 common/keys/linux/key.pem
 common/keys/linux/key.pub
 common/keys/linux/key_pub.txt
 
@@ -0,0 +1,21 @@
+# Windscribe Desktop App Contributor's Guide
+
+Please follow this guide for instructions / best practices when reporting issues, proposing new features, and submitting contributions via Pull Requests (PRs).
+
+## Filing an Issue
+
+1. Look for a similar issue that may already exist, including closed issues.
+
+1. If none exists, create a new issue and provide as much description and context as possible.
+
+1. Apply any relevant labels to the issue.
+
+### How to notify the Windscribe devs of an interesting thing to consider for inclusion in the app
+
+Upvote the original issue by clicking its [+😊] button and hitting 👍 (+1) icon or a different one.  This allows us to measure how impactful different issues are compared to others.  Commenting an issue with "+1", "me too", etc. makes it harder to have a conversation and prioritize requests.
+
+## Contributing Fixes or Enhancements
+
+If you are interested in helping to fix an issue and/or implement new features, we'd love your contribution!
+
+When contributing to the Windscribe Desktop App repository, please first discuss the change you wish to make with the Windscribe development team via an issue.  This repository is a mirror of our internal development repository, and is updated only when we make a public release.  Therefore it is possible the development team is already working on, or has completed, this change.  Further, we want to avoid you investing your time in a change that we may not be able to approve for integration into the app.
@@ -2,7 +2,7 @@
 #include <boost/thread.hpp>
 #include <syslog.h>
 
-unsigned long ExecuteCmd::execute(const char *cmd)
+unsigned long ExecuteCmd::execute(const std::string &cmd, const std::string &cwd)
 {
     mutex_.lock();
     curCmdId_++;
@@ -12,25 +12,25 @@ unsigned long ExecuteCmd::execute(const char *cmd)
     cmdDescr->cmdId = curCmdId_;
     executingCmds_.push_back(cmdDescr);
     mutex_.unlock();
-    
-    std::string str = cmd;
-    boost::thread(runCmd, curCmdId_, str);
+
+    if (!cwd.empty()) {
+        boost::thread(runCmd, curCmdId_, "cd \"" + cwd + "\" && " + cmd);
+    } else {
+        boost::thread(runCmd, curCmdId_, cmd);
+    }
 
     return curCmdId_;
 }
 
 void ExecuteCmd::getStatus(unsigned long cmdId, bool &bFinished, std::string &log)
 {
     mutex_.lock();
-    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it)
-    {
-        if ((*it)->cmdId == cmdId)
-        {
+    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it) {
+        if ((*it)->cmdId == cmdId) {
             bFinished = (*it)->bFinished;
             log = (*it)->log;
 
-            if ((*it)->bFinished)
-            {
+            if ((*it)->bFinished) {
                 delete (*it);
                 executingCmds_.erase(it);
             }
@@ -43,8 +43,7 @@ void ExecuteCmd::getStatus(unsigned long cmdId, bool &bFinished, std::string &lo
 void ExecuteCmd::clearCmds()
 {
     mutex_.lock();
-    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it)
-    {
+    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it) {
         delete (*it);
     }
     executingCmds_.clear();
@@ -54,7 +53,6 @@ void ExecuteCmd::clearCmds()
 
 ExecuteCmd::ExecuteCmd() : curCmdId_(0)
 {
-    
 }
 
 void ExecuteCmd::runCmd(unsigned long cmdId, std::string cmd)
@@ -63,32 +61,25 @@ void ExecuteCmd::runCmd(unsigned long cmdId, std::string cmd)
 
     // run openvpn command
     FILE *file = popen(cmd.c_str(), "r");
-    if (file)
-    {
+    if (file) {
         char szLine[4096];
-        while(fgets(szLine, sizeof(szLine), file) != 0)
-        {
-            if (instance().isCmdExist(cmdId))
-            {
+        while(fgets(szLine, sizeof(szLine), file) != 0) {
+            if (instance().isCmdExist(cmdId)) {
                 strReply += szLine;
             }
         }
         pclose(file);
         instance().cmdFinished(cmdId, true, strReply);
-    }
-    else
-    {
+    } else {
         instance().cmdFinished(cmdId, false, std::string());
     }
 }
 
 void ExecuteCmd::cmdFinished(unsigned long cmdId, bool bSuccess, std::string log)
 {
     mutex_.lock();
-    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it)
-    {
-        if ((*it)->cmdId == cmdId)
-        {
+    for (auto it = executingCmds_.begin(); it != executingCmds_.end(); ++it) {
+        if ((*it)->cmdId == cmdId) {
             (*it)->bFinished = true;
             (*it)->bSuccess = bSuccess;
             (*it)->log = log;
 
@@ -15,7 +15,7 @@ class ExecuteCmd
         return i;
     }
 
-    unsigned long execute(const char *cmd);
+    unsigned long execute(const std::string &cmd, const std::string &cwd = "");
     void getStatus(unsigned long cmdId, bool &bFinished, std::string &log);
     void clearCmds();
 
 
@@ -28,29 +28,42 @@ contains(CONFIG, use_signature_check) {
 }
 
 SOURCES += \
-        ../../../common/utils/executable_signature/executable_signature.cpp \
-        ../../../common/utils/executable_signature/executablesignature_linux.cpp \
+        ../../../client/common/utils/executable_signature/executable_signature.cpp \
+        ../../../client/common/utils/executable_signature/executablesignature_linux.cpp \
         execute_cmd.cpp \
         ipc/helper_security.cpp \
         logger.cpp \
         main.cpp \
+        ovpn.cpp \
         server.cpp \
         utils.cpp \
+        routes_manager/routes.cpp \
+        routes_manager/routes_manager.cpp \
+        wireguard/defaultroutemonitor.cpp \
         wireguard/wireguardadapter.cpp \
-        wireguard/wireguardcommunicator.cpp \
+        wireguard/userspace/wireguardgocommunicator.cpp \
+        wireguard/kernelmodule/kernelmodulecommunicator.cpp \
+        wireguard/kernelmodule/wireguard.c \
         wireguard/wireguardcontroller.cpp
 
 HEADERS += \
-    ../../../common/utils/executable_signature/executable_signature.h \
-    ../../../common/utils/executable_signature/executablesignature_linux.h \
+    ../../../client/common/utils/executable_signature/executable_signature.h \
+    ../../../client/common/utils/executable_signature/executablesignature_linux.h \
     ../../posix_common/helper_commands.h \
     ../../posix_common/helper_commands_serialize.h \
     3rdparty/pstream.h \
     execute_cmd.h \
     ipc/helper_security.h \
     logger.h \
+    ovpn.h \
     server.h \
     utils.h \
+    routes_manager/routes.h \
+    routes_manager/routes_manager.h \
+    wireguard/defaultroutemonitor.h \
     wireguard/wireguardadapter.h \
-    wireguard/wireguardcommunicator.h \
+    wireguard/iwireguardcommunicator.h \
+    wireguard/userspace/wireguardgocommunicator.h \
+    wireguard/kernelmodule/kernelmodulecommunicator.h \
+    wireguard/kernelmodule/wireguard.h \
     wireguard/wireguardcontroller.h
@@ -9,7 +9,7 @@
 
 #include "logger.h"
 
-#include "../../../common/utils/executable_signature/executable_signature.h"
+#include "../../../client/common/utils/executable_signature/executable_signature.h"
 
 // Expects symLink to reference /path/*/exe, where * can be 'self', or a pid, or
 // an exe name.
 
@@ -28,7 +28,7 @@ void Logger::out(const char *str, ...)
     if ((bytesOut > 0) && (bytesOut < sizeof(buf)))
     {
         mutex_.lock();
-        FILE* logFile = fopen("/usr/local/windscribe/helper_log.txt", "a");
+        FILE* logFile = fopen("/opt/windscribe/helper_log.txt", "a");
         if (logFile != NULL)
         {
             fprintf(logFile, "%s\n", buf);
 
@@ -0,0 +1,72 @@
+#include "ovpn.h"
+#include "logger.h"
+#include <fcntl.h>
+#include <sstream>
+#include <string>
+#include <unistd.h>
+
+namespace OVPN
+{
+
+bool writeOVPNFile(const std::string &dnsScript, const std::string &config, bool isCustomConfig)
+{
+    std::istringstream stream(config);
+    std::string line;
+    int bytes;
+
+    int fd = open("/etc/windscribe/config.ovpn", O_CREAT | O_WRONLY | O_TRUNC, S_IRWXU | S_IRGRP | S_IROTH);
+    if (fd < 0) {
+        Logger::instance().out("Could not open firewall rules for writing");
+        return false;
+    }
+
+    while(getline(stream, line)) {
+        // trim whitespace
+        line.erase(0, line.find_first_not_of(" \n\r\t"));
+        line.erase(line.find_last_not_of(" \n\r\t") + 1);
+
+        // filter anything that runs an external script
+        // check for up to offset of 2 in case the command starts with '--'
+        if (line.rfind("up", 2) != std::string::npos ||
+            line.rfind("tls-verify", 2) != std::string::npos ||
+            line.rfind("ipchange", 2) != std::string::npos ||
+            line.rfind("client-connect", 2) != std::string::npos ||
+            line.rfind("route-up", 2) != std::string::npos ||
+            line.rfind("route-pre-down", 2) != std::string::npos ||
+            line.rfind("client-disconnect", 2) != std::string::npos ||
+            line.rfind("down", 2) != std::string::npos ||
+            line.rfind("learn-address", 2) != std::string::npos ||
+            line.rfind("auth-user-pass-verify", 2) != std::string::npos)
+        {
+            continue;
+        }
+
+        bytes = write(fd, (line + "\n").c_str(), line.length() + 1);
+        if (bytes <= 0) {
+            Logger::instance().out("Could not write openvpn config");
+            close(fd);
+            return false;
+        }
+
+    }
+
+    // add our own up/down scripts
+    if (!isCustomConfig) {
+        const std::string upScript = \
+            "--script-security 2\n" \
+            "up " + dnsScript + "\n" \
+            "down " + dnsScript + "\n" \
+            "down-pre\n" \
+            "dhcp-option DOMAIN-ROUTE .\n"; // prevent DNS leakage and without it doesn't work update-systemd-resolved script
+        bytes = write(fd, upScript.c_str(), upScript.length());
+        if (bytes <= 0) {
+            Logger::instance().out("Could not write openvpn config");
+            close(fd);
+            return false;
+        }
+    }
+    close(fd);
+    return true;
+}
+
+} // namespace OVPN
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ class ExecuteCmd`
`15`	`15`	`return i;`
`16`	`16`	`}`
`17`	`17`
`18`		`- unsigned long execute(const char *cmd);`
	`18`	`+ unsigned long execute(const std::string &cmd, const std::string &cwd = "");`
`19`	`19`	`void getStatus(unsigned long cmdId, bool &bFinished, std::string &log);`
`20`	`20`	`void clearCmds();`
`21`	`21`
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ void Logger::out(const char *str, ...)`
`28`	`28`	`if ((bytesOut > 0) && (bytesOut < sizeof(buf)))`
`29`	`29`	`{`
`30`	`30`	`mutex_.lock();`
`31`		`- FILE* logFile = fopen("/usr/local/windscribe/helper_log.txt", "a");`
	`31`	`+ FILE* logFile = fopen("/opt/windscribe/helper_log.txt", "a");`
`32`	`32`	`if (logFile != NULL)`
`33`	`33`	`{`
`34`	`34`	`fprintf(logFile, "%s\n", buf);`