Merge branch 'release/3.3.2'

ProtonVPN · Aug 27, 2024 · 0137c33 · 0137c33
2 parents 3afe246 + 48cd9e7
commit 0137c33
Show file tree

Hide file tree

Showing 39 changed files with 165 additions and 442 deletions.
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -298,10 +298,6 @@ artifactlift-release-artifacts:
   rules:
     - when: never
 
-artifactlift-release-metadata:
-  rules:
-    - when: never
-
 release-binary-to-nexus:
   extends: artifactlift-release-candidate-artifacts
   rules:
@@ -313,18 +309,6 @@ release-binary-to-nexus:
 
 release-binary-to-prod:
   extends: artifactlift-release-artifacts
-  rules:
-    - if: '$CI_COMMIT_BRANCH == "release/9.9.9"'
-      when: never
-    - if: '$CI_COMMIT_BRANCH =~ /^release\/\d+\.\d+\.\d+/'
-      when: manual
-    - when: never
-
-release-json-to-prod:
-  extends: artifactlift-release-metadata
-  needs:
-    - job: release-binary-to-prod
-      artifacts: true
   rules:
     - if: '$CI_COMMIT_BRANCH == "release/9.9.9"'
       when: never

diff --git a/ci/build-scripts/guest_hole_server_loader.py b/ci/build-scripts/guest_hole_server_loader.py
@@ -37,7 +37,12 @@ def load():
         if server['EntryIP'] in unique_entries:
             continue
 
-        server_json_object = "".join(['{"host":"', server['Domain'], '","ip":"', server['EntryIP'], '","signature":"', server['Signature'], '","label":"', server['Label'], '"}'])
+        server_json_object = "".join([
+            '{"host":"', server['Domain'],
+            '","ip":"', server['EntryIP'],
+            '","signature":"', server['Signature'],
+            '","label":"', server['Label'],
+            '","publicKey":"', server['X25519PublicKey'], '"}'])
         servers_str = ",".join([servers_str, server_json_object])
         unique_entries.append(server['EntryIP'])
 

diff --git a/src/Api/ProtonVPN.Api.Contracts/IApiClient.cs b/src/Api/ProtonVPN.Api.Contracts/IApiClient.cs
@@ -51,7 +51,7 @@ public interface IApiClient : IClientBase
         Task<ApiResponseResult<UserLocationResponse>> GetLocationDataAsync();
         Task<ApiResponseResult<BaseResponse>> ReportBugAsync(IEnumerable<KeyValuePair<string, string>> fields, IEnumerable<File> files);
         Task<ApiResponseResult<SessionsResponse>> GetSessions();
-        Task<ApiResponseResult<VpnConfigResponse>> GetVpnConfig();
+        Task<ApiResponseResult<VpnConfigResponse>> GetVpnConfig(string country, string ip);
         Task<ApiResponseResult<AnnouncementsResponse>> GetAnnouncementsAsync(AnnouncementsRequest request);
         Task<ApiResponseResult<StreamingServicesResponse>> GetStreamingServicesAsync();
         Task<ApiResponseResult<BaseResponse>> CheckAuthenticationServerStatusAsync();

diff --git a/src/Api/ProtonVPN.Api/ApiClient.cs b/src/Api/ProtonVPN.Api/ApiClient.cs
@@ -35,6 +35,7 @@
 using ProtonVPN.Api.Contracts.VpnConfig;
 using ProtonVPN.Api.Contracts.VpnSessions;
 using ProtonVPN.Common.Configuration;
+using ProtonVPN.Common.Extensions;
 using ProtonVPN.Common.OS.Net.Http;
 using ProtonVPN.Common.StatisticalEvents;
 using ProtonVPN.Core.Settings;
@@ -162,9 +163,13 @@ public async Task<ApiResponseResult<SessionsResponse>> GetSessions()
         return await SendRequest<SessionsResponse>(request, "Get sessions");
     }
 
-    public async Task<ApiResponseResult<VpnConfigResponse>> GetVpnConfig()
+    public async Task<ApiResponseResult<VpnConfigResponse>> GetVpnConfig(string country, string ip)
     {
-        HttpRequestMessage request = GetAuthorizedRequest(HttpMethod.Get, "vpn/v2/clientconfig");
+        HttpRequestMessage request = GetAuthorizedRequest(HttpMethod.Get, "vpn/v2/clientconfig", ip);
+        if (!country.IsNullOrEmpty())
+        {
+            request.Headers.Add("x-pm-country", country);
+        }
         return await SendRequest<VpnConfigResponse>(request, "Get VPN config");
     }
 

diff --git a/src/GlobalAssemblyInfo.cs b/src/GlobalAssemblyInfo.cs
@@ -14,8 +14,8 @@
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
-[assembly: AssemblyVersion("3.3.0.0")]
-[assembly: AssemblyFileVersion("3.3.0.0")]
+[assembly: AssemblyVersion("3.3.2.0")]
+[assembly: AssemblyFileVersion("3.3.2.0")]
 [assembly: ComVisible(false)]
 [assembly: AssemblyInformationalVersion("$AssemblyVersion")]
 [assembly: SupportedOSPlatform("windows")]
diff --git a/...ion/ProtonVPN.ProcessCommunication.EntityMapping.Tests/Vpn/ConnectionRequestMapperTest.cs b/...ion/ProtonVPN.ProcessCommunication.EntityMapping.Tests/Vpn/ConnectionRequestMapperTest.cs
@@ -22,6 +22,7 @@
 using ProtonVPN.Common.Networking;
 using ProtonVPN.Common.Vpn;
 using ProtonVPN.Core.Vpn;
+using ProtonVPN.Crypto;
 using ProtonVPN.EntityMapping.Contracts;
 using ProtonVPN.ProcessCommunication.Contracts.Entities.Vpn;
 using ProtonVPN.ProcessCommunication.EntityMapping.Vpn;
@@ -115,7 +116,8 @@ public void TestMapLeftToRight()
                 new List<VpnHost>(),
                 VpnProtocol.OpenVpnUdp,
                 new VpnConfig(new VpnConfigParameters()),
-                new VpnCredentials(DateTime.UtcNow.Ticks.ToString(), DateTime.UtcNow.Millisecond.ToString()));
+                new VpnCredentials(string.Empty, new AsymmetricKeyPair(
+                    new SecretKey("PVPN", KeyAlgorithm.Unknown), new PublicKey("PVPN", KeyAlgorithm.Unknown))));
 
             ConnectionRequestIpcEntity result = _mapper.Map(entityToTest);
 

diff --git a/...cation/ProtonVPN.ProcessCommunication.EntityMapping.Tests/Vpn/VpnCredentialsMapperTest.cs b/...cation/ProtonVPN.ProcessCommunication.EntityMapping.Tests/Vpn/VpnCredentialsMapperTest.cs
@@ -63,19 +63,6 @@ public void Cleanup()
             _expectedAsymmetricKeyPair = null;
         }
 
-        [TestMethod]
-        public void TestMapLeftToRight_WithUsernameAndPassword()
-        {
-            VpnCredentials entityToTest = new(DateTime.UtcNow.Ticks.ToString(), DateTime.UtcNow.Millisecond.ToString());
-
-            VpnCredentialsIpcEntity result = _mapper.Map(entityToTest);
-
-            Assert.IsNotNull(result);
-            Assert.AreEqual(entityToTest.Username, result.Username);
-            Assert.AreEqual(entityToTest.Password, result.Password);
-            Assert.IsNull(result.ClientCertPem);
-        }
-
         [TestMethod]
         public void TestMapLeftToRight_WithCertificate()
         {
@@ -85,8 +72,6 @@ public void TestMapLeftToRight_WithCertificate()
             VpnCredentialsIpcEntity result = _mapper.Map(entityToTest);
 
             Assert.IsNotNull(result);
-            Assert.IsNull(result.Username);
-            Assert.IsNull(result.Password);
             Assert.AreEqual(entityToTest.ClientCertPem, result.ClientCertPem);
             Assert.AreEqual(_expectedAsymmetricKeyPairIpcEntity, result.ClientKeyPair);
         }
@@ -100,23 +85,6 @@ public void TestMapRightToLeft_ThrowsWhenNull()
             _mapper.Map(entityToTest);
         }
 
-        [TestMethod]
-        public void TestMapRightToLeft_WithUsernameAndPassword()
-        {
-            VpnCredentialsIpcEntity entityToTest = new()
-            {
-                Username = DateTime.UtcNow.Ticks.ToString(),
-                Password = DateTime.UtcNow.Millisecond.ToString()
-            };
-
-            VpnCredentials result = _mapper.Map(entityToTest);
-
-            Assert.IsNotNull(result);
-            Assert.AreEqual(entityToTest.Username, result.Username);
-            Assert.AreEqual(entityToTest.Password, result.Password);
-            Assert.IsNull(result.ClientCertPem);
-        }
-
         [TestMethod]
         public void TestMapRightToLeft_WithCertificate()
         {
@@ -129,8 +97,6 @@ public void TestMapRightToLeft_WithCertificate()
             VpnCredentials result = _mapper.Map(entityToTest);
 
             Assert.IsNotNull(result);
-            Assert.IsNull(result.Username);
-            Assert.IsNull(result.Password);
             Assert.AreEqual(entityToTest.ClientCertPem, result.ClientCertPem);
             Assert.AreEqual(_expectedAsymmetricKeyPair, result.ClientKeyPair);
         }

diff --git a/...essCommunication/ProtonVPN.ProcessCommunication.EntityMapping/Vpn/VpnCredentialsMapper.cs b/...essCommunication/ProtonVPN.ProcessCommunication.EntityMapping/Vpn/VpnCredentialsMapper.cs
@@ -17,7 +17,6 @@
  * along with ProtonVPN.  If not, see <https://www.gnu.org/licenses/>.
  */
 
-using ProtonVPN.Common.Extensions;
 using ProtonVPN.Common.Vpn;
 using ProtonVPN.Crypto;
 using ProtonVPN.EntityMapping.Contracts;
@@ -39,8 +38,6 @@ public VpnCredentialsIpcEntity Map(VpnCredentials leftEntity)
         {
             return new()
                 {
-                    Username = leftEntity.Username,
-                    Password = leftEntity.Password,
                     ClientCertPem = leftEntity.ClientCertPem,
                     ClientKeyPair = _entityMapper.Map<AsymmetricKeyPair, AsymmetricKeyPairIpcEntity>(leftEntity.ClientKeyPair)
                 };
@@ -50,9 +47,7 @@ public VpnCredentials Map(VpnCredentialsIpcEntity rightEntity)
         {
             return rightEntity is null
                 ? throw new ArgumentNullException($"The {nameof(VpnCredentialsIpcEntity)} to be mapped is null.")
-                : rightEntity.ClientCertPem.IsNullOrEmpty() || rightEntity.ClientKeyPair == null
-                    ? new(rightEntity.Username, rightEntity.Password)
-                    : new(rightEntity.ClientCertPem, _entityMapper.Map<AsymmetricKeyPairIpcEntity, AsymmetricKeyPair>(rightEntity.ClientKeyPair));
+                : new(rightEntity.ClientCertPem, _entityMapper.Map<AsymmetricKeyPairIpcEntity, AsymmetricKeyPair>(rightEntity.ClientKeyPair));
         }
     }
 }
diff --git a/src/ProtonVPN.App/Core/Ioc/AppModule.cs b/src/ProtonVPN.App/Core/Ioc/AppModule.cs
@@ -115,7 +115,6 @@ protected override void Load(ContainerBuilder builder)
                 .AsSelf()
                 .SingleInstance();
             builder.RegisterType<UserStorage>().As<IUserStorage>().SingleInstance();
-            builder.RegisterType<TruncatedLocation>().SingleInstance();
 
             builder.RegisterType<PinFactory>()
                 .AsImplementedInterfaces()

diff --git a/src/ProtonVPN.App/Core/UserLocationService.cs b/src/ProtonVPN.App/Core/UserLocationService.cs
@@ -33,7 +33,7 @@
 
 namespace ProtonVPN.Core
 {
-    internal class UserLocationService : IVpnStateAware, IUserLocationService, IConnectionDetailsAware
+    public class UserLocationService : IVpnStateAware, IUserLocationService, IConnectionDetailsAware
     {
         private static readonly TimeSpan UpdateLocationDelay = TimeSpan.FromSeconds(6);
 
@@ -70,6 +70,29 @@ public Task Update()
             return _updateAction.Run();
         }
 
+        public async Task<string> GetTruncatedIpAddressAsync()
+        {
+            string ip = _userStorage.GetLocation().Ip;
+            if (ip.IsNullOrEmpty())
+            {
+                await Update();
+            }
+
+            ip = _userStorage.GetLocation().Ip;
+            if (string.IsNullOrEmpty(ip))
+            {
+                return string.Empty;
+            }
+
+            string[] parts = ip.Split('.');
+            if (parts.Length >= 3)
+            {
+                return string.Join(".", parts[0], parts[1], parts[2], 0);
+            }
+
+            return string.Empty;
+        }
+
         public async Task OnVpnStateChanged(VpnStateChangedEventArgs e)
         {
             VpnStatus status = e.State.Status;

diff --git a/src/ProtonVPN.App/Vpn/Connectors/GuestHoleConnector.cs b/src/ProtonVPN.App/Vpn/Connectors/GuestHoleConnector.cs
@@ -25,13 +25,14 @@
 using ProtonVPN.Common.Configuration;
 using ProtonVPN.Logging.Contracts;
 using ProtonVPN.Logging.Contracts.Events.ConnectLogs;
-using ProtonVPN.Logging.Contracts.Events.GuestHoleLogs;
 using ProtonVPN.Common.Networking;
 using ProtonVPN.Common.Vpn;
 using ProtonVPN.Core.Servers.Contracts;
 using ProtonVPN.Core.Settings;
 using ProtonVPN.Core.Vpn;
 using ProtonVPN.GuestHoles.FileStoraging;
+using ProtonVPN.Core.Auth;
+using ProtonVPN.Crypto;
 
 namespace ProtonVPN.Vpn.Connectors
 {
@@ -46,6 +47,7 @@ public class GuestHoleConnector
         private readonly GuestHoleState _guestHoleState;
         private readonly IConfiguration _config;
         private readonly IGuestHoleServersFileStorage _guestHoleServersFileStorage;
+        private readonly IAuthKeyManager _authKeyManager;
         private readonly ILogger _logger;
 
         public GuestHoleConnector(
@@ -54,20 +56,20 @@ public GuestHoleConnector(
             GuestHoleState guestHoleState,
             IConfiguration config,
             IGuestHoleServersFileStorage guestHoleServersFileStorage,
+            IAuthKeyManager authKeyManager,
             ILogger logger)
         {
             _vpnServiceManager = vpnServiceManager;
             _appSettings = appSettings;
             _guestHoleState = guestHoleState;
             _config = config;
             _guestHoleServersFileStorage = guestHoleServersFileStorage;
+            _authKeyManager = authKeyManager;
             _logger = logger;
         }
 
         public async Task Connect()
         {
-            _logger.Info<GuestHoleLog>("OpenVPN adapters are available. Proceeding with guest hole connection.");
-
             VpnConnectionRequest request = new(
                 Servers(),
                 VpnProtocol.Smart,
@@ -80,14 +82,7 @@ public async Task Connect()
 
         private VpnCredentials CreateVpnCredentials()
         {
-            string username = AddSuffixToUsername(_config.GuestHoleVpnUsername);
-            string password = _config.GuestHoleVpnPassword;
-            return new(username, password);
-        }
-
-        private string AddSuffixToUsername(string username)
-        {
-            return username + _config.VpnUsernameSuffix;
+            return new(string.Empty, _authKeyManager.GenerateTemporaryKeyPair());
         }
 
         public async Task Disconnect()
@@ -124,7 +119,12 @@ public IReadOnlyList<VpnHost> Servers()
         {
             IEnumerable<GuestHoleServerContract> servers = _guestHoleServersFileStorage.Get();
             return servers != null
-                ? servers.Select(server => new VpnHost(server.Host, server.Ip, server.Label, null, server.Signature))
+                ? servers.Select(server => new VpnHost(
+                        server.Host,
+                        server.Ip,
+                        server.Label,
+                        new PublicKey(server.X25519PublicKey, KeyAlgorithm.X25519),
+                        server.Signature))
                     .OrderBy(_ => _random.Next())
                     .ToList()
                 : new List<VpnHost>();
@@ -134,18 +134,15 @@ private VpnConfig VpnConfig()
         {
             Dictionary<VpnProtocol, IReadOnlyCollection<int>> portConfig = new()
             {
-                {VpnProtocol.OpenVpnUdp, _appSettings.OpenVpnUdpPorts},
-                {VpnProtocol.OpenVpnTcp, _appSettings.OpenVpnTcpPorts},
+                { VpnProtocol.WireGuardTls, _appSettings.WireGuardTlsPorts }
             };
 
             return new VpnConfig(new VpnConfigParameters
             {
                 Ports = portConfig,
-                OpenVpnAdapter = OpenVpnAdapter.Tap,
                 PreferredProtocols = new List<VpnProtocol>
                 {
-                    VpnProtocol.OpenVpnUdp,
-                    VpnProtocol.OpenVpnTcp,
+                    VpnProtocol.WireGuardTls,
                 },
             });
         }

diff --git a/src/ProtonVPN.Common/Configuration/Config.cs b/src/ProtonVPN.Common/Configuration/Config.cs
@@ -132,15 +132,6 @@ public class Config : IConfiguration
         [Required]
         public int MaxGuestHoleRetries { get; set; }
 
-        [Required]
-        public string GuestHoleVpnUsername { get; set; }
-
-        [Required]
-        public string GuestHoleVpnPassword { get; set; }
-
-        [Required]
-        public string VpnUsernameSuffix { get; set; }
-
         [Range(typeof(TimeSpan), "00:00:10", "10:00:00:00")]
         public TimeSpan UpdateCheckInterval { get; set; }
 

diff --git a/src/ProtonVPN.Common/Configuration/IConfiguration.cs b/src/ProtonVPN.Common/Configuration/IConfiguration.cs
@@ -131,15 +131,6 @@ public interface IConfiguration
         [Required]
         int MaxGuestHoleRetries { get; set; }
 
-        [Required]
-        string GuestHoleVpnUsername { get; set; }
-
-        [Required]
-        string GuestHoleVpnPassword { get; set; }
-
-        [Required]
-        string VpnUsernameSuffix { get; set; }
-
         [Range(typeof(TimeSpan), "00:00:10", "10:00:00:00")]
         TimeSpan UpdateCheckInterval { get; set; }
 

diff --git a/src/ProtonVPN.Common/Configuration/OpenVpnConfig.cs b/src/ProtonVPN.Common/Configuration/OpenVpnConfig.cs
@@ -41,9 +41,6 @@ public class OpenVpnConfig
         [Required]
         public string ManagementHost { get; set; }
 
-        [Required]
-        public byte[] OpenVpnStaticKey { get; set; }
-
         [Required]
         public string TapAdapterId { get; set; }