v2.7.10

YerongAI · Nov 20, 2023 · 4791de4 · 4791de4
1 parent 4e575a4
commit 4791de4
Show file tree

Hide file tree

Showing 78 changed files with 1,205 additions and 1,102 deletions.
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -100,15 +100,15 @@ variables:
     - curl --silent --show-error --fail -u "${NEXUS_USERNAME}:${NEXUS_PASSWORD}" --cacert tools/cacert.pem
       --create-dirs -o ${BUILD_LIBS_FOLDER}/qt.zip "${NEXUS_PATH_DEPS}/${OS_IDENTIFIER}/qt.zip"
 
-.download_dependency_stunnel:
+.download_dependency_wireguard:
   script:
     - curl --silent --show-error --fail -u "${NEXUS_USERNAME}:${NEXUS_PASSWORD}" --cacert tools/cacert.pem
-      --create-dirs -o ${BUILD_LIBS_FOLDER}/stunnel.zip "${NEXUS_PATH_DEPS}/${OS_IDENTIFIER}/stunnel.zip"
+      --create-dirs -o ${BUILD_LIBS_FOLDER}/wireguard.zip "${NEXUS_PATH_DEPS}/${OS_IDENTIFIER}/wireguard.zip"
 
-.download_dependency_wireguard:
+.download_dependency_wstunnel:
   script:
     - curl --silent --show-error --fail -u "${NEXUS_USERNAME}:${NEXUS_PASSWORD}" --cacert tools/cacert.pem
-      --create-dirs -o ${BUILD_LIBS_FOLDER}/wireguard.zip "${NEXUS_PATH_DEPS}/${OS_IDENTIFIER}/wireguard.zip"
+      --create-dirs -o ${BUILD_LIBS_FOLDER}/stunnel.zip "${NEXUS_PATH_DEPS}/${OS_IDENTIFIER}/wstunnel.zip"
 
 .download_dependency_zlib:
   script:
@@ -130,8 +130,8 @@ variables:
     - !reference [.download_dependency_openssl, script]
     - !reference [.download_dependency_openvpn, script]
     - !reference [.download_dependency_qt, script]
-    - !reference [.download_dependency_stunnel, script]
     - !reference [.download_dependency_wireguard, script]
+    - !reference [.download_dependency_wstunnel, script]
     - !reference [.download_dependency_zlib, script]
     - 'IF(Test-Path .\$BUILD_LIBS_FOLDER\) {Get-ChildItem .\$BUILD_LIBS_FOLDER\*.zip | Foreach {.\tools\bin\7z.exe x $_.FullName -o"$BUILD_LIBS_FOLDER\"}}'
     # extractions
@@ -263,8 +263,8 @@ build:win:arm64:installer:tagged:
     - !reference [.download_dependency_openssl, script]
     - !reference [.download_dependency_openvpn, script]
     - !reference [.download_dependency_qt, script]
-    - !reference [.download_dependency_stunnel, script]
     - !reference [.download_dependency_wireguard, script]
+    - !reference [.download_dependency_wstunnel, script]
     - if [ -d ./${BUILD_LIBS_FOLDER}/ ]; then for z in ./${BUILD_LIBS_FOLDER}/*.zip; do unzip -qod ./${BUILD_LIBS_FOLDER} $z; done; fi
     # extractions
     - VAULT_CLIENT_TOKEN=$(curl --cacert tools/cacert.pem --data "{\"role_id\":\"$VAULT_ROLE_ID\",\"secret_id\":\"$VAULT_SECRET_ID\"}"
@@ -334,8 +334,8 @@ build:mac:installer:tagged:
     - !reference [.download_dependency_openssl, script]
     - !reference [.download_dependency_openvpn, script]
     - !reference [.download_dependency_qt, script]
-    - !reference [.download_dependency_stunnel, script]
     - !reference [.download_dependency_wireguard, script]
+    - !reference [.download_dependency_wstunnel, script]
     - if [ -d ./${BUILD_LIBS_FOLDER}/ ]; then for z in ./${BUILD_LIBS_FOLDER}/*.zip; do unzip -qod ./${BUILD_LIBS_FOLDER} $z; done; fi
     # extractions
     - VAULT_CLIENT_TOKEN=$(curl --cacert tools/cacert.pem
@@ -403,6 +403,7 @@ build:rhel:installer:tagged:
 .template_archlinux_build: &template_archlinux_build
   image: archlinux:base-devel
   before_script:
+    - pacman -Syu --noconfirm
     - pacman -Sy --noconfirm git curl python nftables c-ares freetype2 hicolor-icon-theme libglvnd fontconfig libx11 libxkbcommon libxcb net-tools xcb-util-wm xcb-util-image xcb-util-keysyms xcb-util-renderutil
 
 .build_archlinux_installer_prep_build_dir:

diff --git a/backend/linux/helper/server.cpp b/backend/linux/helper/server.cpp
@@ -269,7 +269,7 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
             outCmdAnswer.executed = 1;
         } else if (cmd.target == kTargetStunnel) {
             Logger::instance().out("Killing Stunnel processes");
-            Utils::executeCommand("pkill", {"-f", "windscribestunnel"});
+            Utils::executeCommand("pkill", {"-f", "windscribewstunnel"});
             outCmdAnswer.executed = 1;
         } else if (cmd.target == kTargetWStunnel) {
             Logger::instance().out("Killing WStunnel processes");
@@ -359,7 +359,16 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
         ia >> cmd;
         Logger::instance().out("Starting stunnel");
 
-        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, "/etc/windscribe/stunnel.conf");
+        std::stringstream arguments;
+        arguments << "--listenAddress :" << cmd.localPort;
+        arguments << " --remoteAddress https://" << cmd.hostname << ":" << cmd.port;
+        arguments << " --logFilePath \"\"";
+        if (cmd.extraPadding) {
+            arguments << " --extraTlsPadding";
+        }
+        arguments << " --tunnelType 2";
+        //arguments << " --dev"; // enables verbose logging when necessary
+        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments.str());
         if (fullCmd.empty()) {
             // Something wrong with the command
             outCmdAnswer.executed = 0;
@@ -374,39 +383,17 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
                 outCmdAnswer.executed = 1;
             }
         }
-    } else if (cmdId == HELPER_CMD_CONFIGURE_STUNNEL) {
-        CMD_CONFIGURE_STUNNEL cmd;
-        ia >> cmd;
-
-        std::stringstream conf;
-        conf << "[openvpn]\n";
-        conf << "client = yes\n";
-        conf << "accept = 127.0.0.1:" << cmd.localPort << "\n";
-        conf << "connect = " << cmd.hostname << ":" << cmd.port << "\n";
-        if (cmd.extraPadding) {
-            conf << "options = TLSEXT_PADDING\noptions = TLSEXT_PADDING_SUPER\n";
-        }
-
-        int fd = open("/etc/windscribe/stunnel.conf", O_CREAT | O_WRONLY | O_TRUNC, S_IRWXU);
-        if (fd < 0) {
-            Logger::instance().out("Could not open stunnel config for writing");
-            outCmdAnswer.executed = 0;
-        } else {
-            write(fd, conf.str().c_str(), conf.str().length());
-            close(fd);
-            outCmdAnswer.executed = 1;
-            outCmdAnswer.cmdId = Utils::executeCommand("chown", {"windscribe:windscribe", "/etc/windscribe/stunnel.conf"});
-        }
     } else if (cmdId == HELPER_CMD_START_WSTUNNEL) {
         CMD_START_WSTUNNEL cmd;
         ia >> cmd;
         Logger::instance().out("Starting wstunnel");
 
-        std::string arguments = "--localToRemote 127.0.0.1:" + std::to_string(cmd.localPort) + ":127.0.0.1:1194 wss://" + cmd.hostname + ":" + std::to_string(cmd.port) + " --verbose --upgradePathPrefix=/";
-        if (cmd.isUdp) {
-            arguments += " --udp";
-        }
-        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments);
+        std::stringstream arguments;
+        arguments << "--listenAddress :" << cmd.localPort;
+        arguments << " --remoteAddress wss://" << cmd.hostname << ":" << cmd.port << "/tcp/127.0.0.1/1194";
+        arguments << " --logFilePath \"\"";
+        //arguments << " --dev"; // enables verbose logging when necessary
+        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments.str());
         if (fullCmd.empty()) {
             // Something wrong with the command
             outCmdAnswer.executed = 0;

diff --git a/backend/mac/helper/helper-info.plist b/backend/mac/helper/helper-info.plist
@@ -9,7 +9,7 @@
 	<key>CFBundleName</key>
 	<string>WindscribeHelper</string>
 	<key>CFBundleVersion</key>
-	<string>47</string>
+	<string>48</string>
 	<key>NSHumanReadableCopyright</key>
 	<string>Copyright © 2023 Windscribe Limited. All rights reserved.</string>
 	<key>LSMinimumSystemVersion</key>

diff --git a/backend/mac/helper/server.cpp b/backend/mac/helper/server.cpp
@@ -321,7 +321,7 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
             outCmdAnswer.executed = 1;
         } else if (cmd.target == kTargetStunnel) {
             LOG("Killing Stunnel processes");
-            Utils::executeCommand("pkill", {"-f", "windscribestunnel"});
+            Utils::executeCommand("pkill", {"-f", "windscribewstunnel"});
             outCmdAnswer.executed = 1;
         } else if (cmd.target == kTargetWStunnel) {
             LOG("Killing WStunnel processes");
@@ -446,7 +446,16 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
         ia >> cmd;
         LOG("Starting stunnel");
 
-        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, "/etc/windscribe/stunnel.conf");
+        std::stringstream arguments;
+        arguments << "--listenAddress :" << cmd.localPort;
+        arguments << " --remoteAddress https://" << cmd.hostname << ":" << cmd.port;
+        arguments << " --logFilePath \"\"";
+        if (cmd.extraPadding) {
+            arguments << " --extraTlsPadding";
+        }
+        arguments << " --tunnelType 2";
+        //arguments << " --dev"; // enables verbose logging when necessary
+        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments.str());
         if (fullCmd.empty()) {
             // Something wrong with the command
             outCmdAnswer.executed = 0;
@@ -461,39 +470,17 @@ bool Server::readAndHandleCommand(socket_ptr sock, boost::asio::streambuf *buf,
                 outCmdAnswer.executed = 1;
             }
         }
-    } else if (cmdId == HELPER_CMD_CONFIGURE_STUNNEL) {
-        CMD_CONFIGURE_STUNNEL cmd;
-        ia >> cmd;
-
-        std::stringstream conf;
-        conf << "[openvpn]\n";
-        conf << "client = yes\n";
-        conf << "accept = 127.0.0.1:" << cmd.localPort << "\n";
-        conf << "connect = " << cmd.hostname << ":" << cmd.port << "\n";
-        if (cmd.extraPadding) {
-            conf << "options = TLSEXT_PADDING\noptions = TLSEXT_PADDING_SUPER\n";
-        }
-
-        int fd = open("/etc/windscribe/stunnel.conf", O_CREAT | O_WRONLY | O_TRUNC, S_IRWXU);
-        if (fd < 0) {
-            LOG("Could not open stunnel config for writing");
-            outCmdAnswer.executed = 0;
-        } else {
-            write(fd, conf.str().c_str(), conf.str().length());
-            close(fd);
-            outCmdAnswer.executed = 1;
-            outCmdAnswer.cmdId = Utils::executeCommand("chown", {"windscribe:windscribe", "/etc/windscribe/stunnel.conf"});
-        }
     } else if (cmdId == HELPER_CMD_START_WSTUNNEL) {
         CMD_START_WSTUNNEL cmd;
         ia >> cmd;
         LOG("Starting wstunnel");
 
-        std::string arguments = "--localToRemote 127.0.0.1:" + std::to_string(cmd.localPort) + ":127.0.0.1:1194 wss://" + cmd.hostname + ":" + std::to_string(cmd.port) + " --verbose --upgradePathPrefix=/";
-        if (cmd.isUdp) {
-            arguments += " --udp";
-        }
-        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments);
+        std::stringstream arguments;
+        arguments << "--listenAddress :" << cmd.localPort;
+        arguments << " --remoteAddress wss://" << cmd.hostname << ":" << cmd.port << "/tcp/127.0.0.1/1194";
+        arguments << " --logFilePath \"\"";
+        //arguments << " --dev"; // enables verbose logging when necessary
+        std::string fullCmd = Utils::getFullCommandAsUser("windscribe", cmd.exePath, cmd.executable, arguments.str());
         if (fullCmd.empty()) {
             // Something wrong with the command
             outCmdAnswer.executed = 0;

diff --git a/backend/mac/wstunnel/readme.txt b/backend/mac/wstunnel/readme.txt
diff --git a/backend/mac/wstunnel/windscribewstunnel b/backend/mac/wstunnel/windscribewstunnel
diff --git a/backend/posix_common/helper_commands.h b/backend/posix_common/helper_commands.h
@@ -39,8 +39,7 @@
 #define HELPER_CMD_TASK_KILL                         31
 #define HELPER_CMD_START_CTRLD                       32
 #define HELPER_CMD_START_STUNNEL                     33
-#define HELPER_CMD_CONFIGURE_STUNNEL                 34
-#define HELPER_CMD_START_WSTUNNEL                    35
+#define HELPER_CMD_START_WSTUNNEL                    34
 
 // enums
 
@@ -263,9 +262,6 @@ struct CMD_TASK_KILL {
 struct CMD_START_STUNNEL {
     std::string exePath;
     std::string executable;
-};
-
-struct CMD_CONFIGURE_STUNNEL {
     std::string hostname;
     int port;
     int localPort;
@@ -278,7 +274,6 @@ struct CMD_START_WSTUNNEL {
     std::string hostname;
     int port;
     int localPort;
-    bool isUdp;
 };
 
 #endif
diff --git a/backend/posix_common/helper_commands_serialize.h b/backend/posix_common/helper_commands_serialize.h
@@ -268,15 +268,10 @@ void serialize(Archive &ar, CMD_START_STUNNEL &a, const unsigned int version)
     UNUSED(version);
     ar & a.exePath;
     ar & a.executable;
-}
-
-template<class Archive>
-void serialize(Archive &ar, CMD_CONFIGURE_STUNNEL &a, const unsigned int version)
-{
-    UNUSED(version);
     ar & a.hostname;
     ar & a.port;
     ar & a.localPort;
+    ar & a.extraPadding;
 }
 
 template<class Archive>
@@ -288,7 +283,6 @@ void serialize(Archive &ar, CMD_START_WSTUNNEL &a, const unsigned int version)
     ar & a.hostname;
     ar & a.port;
     ar & a.localPort;
-    ar & a.isUdp;
 }
 
 }

diff --git a/backend/windows/windscribe_service/apps_ids.cpp b/backend/windows/windscribe_service/apps_ids.cpp
@@ -32,7 +32,7 @@ size_t AppsIds::count() const
     return appIds_.size();
 }
 
-FWP_BYTE_BLOB *AppsIds::getAppId(size_t ind)
+const FWP_BYTE_BLOB *AppsIds::getAppId(size_t ind) const
 {
     if (ind < appIds_.size())
     {

diff --git a/backend/windows/windscribe_service/apps_ids.h b/backend/windows/windscribe_service/apps_ids.h
@@ -13,7 +13,7 @@ class AppsIds
     void addFrom(const AppsIds &a);
 
     size_t count() const;
-    FWP_BYTE_BLOB *getAppId(size_t ind);
+    const FWP_BYTE_BLOB *getAppId(size_t ind) const;
 
     bool operator==(const AppsIds& other) const;