v2.10.7

Windscribe · Apr 1, 2024 · 65d9b8a · 65d9b8a
1 parent 1bd15c9
commit 65d9b8a
Show file tree

Hide file tree

Showing 46 changed files with 180 additions and 81 deletions.
diff --git a/client/common/changelog.txt b/client/common/changelog.txt
@@ -1,3 +1,12 @@
+2.10.7 (01/04/2024)
+All:
+   * Fixed anti-censorship flag (TLS stuffing) does not work for server API. #951
+Windows:
+   * Fixed install may silently be overridden to default folder instead of custom folder. #950
+Linux:
+   * Fixed makepkg bug mangling the ctrld binary by specifying !debug in the PKGBUILD. #953
+
+
 2.10.6 (22/03/2024)
 All:
    * Added a limit of 50 split tunnel entries to ensure stability. #437

diff --git a/client/common/types/enginesettings.cpp b/client/common/types/enginesettings.cpp
@@ -188,7 +188,6 @@ bool EngineSettings::loadFromSettings()
             qCDebug(LOG_BASIC) << "Automatically enabled anti-censorship feature due to locale";
             // TODO: **JDRM** refactor this logic at some point so we don't have two sources of truth for the anti-censorship state.
             setIsAntiCensorship(true);
-            ExtraConfig::instance().setAntiCensorship(true);
         }
     }
 

diff --git a/client/common/utils/extraconfig.cpp b/client/common/utils/extraconfig.cpp
@@ -98,10 +98,6 @@ QString ExtraConfig::getExtraConfigForOpenVpn()
         if (isLegalOpenVpnCommand(line))
             result += line + "\n";
     }
-    if (getAntiCensorship()) {
-        result += "udp-stuffing\n";
-        result += "tcp-split-reset\n";
-    }
     return result;
 }
 
@@ -162,11 +158,6 @@ QString ExtraConfig::modifyVerbParameter(const QString &ovpnData, QString &strEx
     return strOvpn;
 }
 
-void ExtraConfig::setAntiCensorship(bool bEnable)
-{
-    isAntiCensorship_ = bEnable;
-}
-
 int ExtraConfig::getMtuOffsetIkev2(bool &success)
 {
     return getIntFromExtraConfigLines(WS_MTU_OFFSET_IKEV_STR, success);
@@ -257,24 +248,19 @@ bool ExtraConfig::getUseICMPPings()
     return getFlagFromExtraConfigLines(WS_USE_ICMP_PINGS);
 }
 
-bool ExtraConfig::getAntiCensorship()
-{
-    return isAntiCensorship_;
-}
-
 bool ExtraConfig::getStealthExtraTLSPadding()
 {
-    return getFlagFromExtraConfigLines(WS_STEALTH_EXTRA_TLS_PADDING) || getAntiCensorship();
+    return getFlagFromExtraConfigLines(WS_STEALTH_EXTRA_TLS_PADDING);
 }
 
 bool ExtraConfig::getAPIExtraTLSPadding()
 {
-    return getFlagFromExtraConfigLines(WS_API_EXTRA_TLS_PADDING) || getAntiCensorship();
+    return getFlagFromExtraConfigLines(WS_API_EXTRA_TLS_PADDING);
 }
 
 bool ExtraConfig::getWireGuardUdpStuffing()
 {
-    return getFlagFromExtraConfigLines(WS_WG_UDP_STUFFING) || getAntiCensorship();
+    return getFlagFromExtraConfigLines(WS_WG_UDP_STUFFING);
 }
 
 std::optional<QString> ExtraConfig::serverlistCountryOverride()
@@ -357,8 +343,7 @@ bool ExtraConfig::useOpenVpnDCO()
 
 ExtraConfig::ExtraConfig() : path_(QStandardPaths::writableLocation(QStandardPaths::AppLocalDataLocation)
                                    + "/windscribe_extra.conf"),
-                             regExp_("(?m)^(?i)(verb)(\\s+)(\\d+$)"),
-                             isAntiCensorship_(false)
+                             regExp_("(?m)^(?i)(verb)(\\s+)(\\d+$)")
 {
 }
 

diff --git a/client/common/utils/extraconfig.h b/client/common/utils/extraconfig.h
@@ -22,8 +22,6 @@ class ExtraConfig
 
     void logExtraConfig();
     void writeConfig(const QString &cfg);
-    void setAntiCensorship(bool bEnable);
-    bool getAntiCensorship();
 
     QString getExtraConfig(bool bWithLog = false);
     QString getExtraConfigForOpenVpn();
@@ -71,7 +69,6 @@ class ExtraConfig
     QString path_;
     QRegularExpression regExp_;
     QString detectedIp_;
-    bool isAntiCensorship_;
 
     int getIntFromExtraConfigLines(const QString &variableName, bool &success);
     bool getFlagFromExtraConfigLines(const QString &flagName);

diff --git a/client/common/version/windscribe_version.h b/client/common/version/windscribe_version.h
@@ -2,7 +2,7 @@
 
 #define WINDSCRIBE_MAJOR_VERSION 2
 #define WINDSCRIBE_MINOR_VERSION 10
-#define WINDSCRIBE_BUILD_VERSION 6
+#define WINDSCRIBE_BUILD_VERSION 7
 
 // only one of these should be enabled; neither -> stable
 //#define WINDSCRIBE_IS_BETA

diff --git a/client/engine/engine/connectionmanager/connectionmanager.cpp b/client/engine/engine/connectionmanager/connectionmanager.cpp
@@ -151,7 +151,7 @@ void ConnectionManager::clickConnect(const QString &ovpnConfig, const apiinfo::S
                                          QSharedPointer<locationsmodel::BaseLocationInfo> bli,
                                          const types::ConnectionSettings &connectionSettings,
                                          const api_responses::PortMap &portMap, const types::ProxySettings &proxySettings,
-                                         bool bEmitAuthError, const QString &customConfigPath)
+                                         bool bEmitAuthError, const QString &customConfigPath, bool isAntiCensorship)
 {
     WS_ASSERT(state_ == STATE_DISCONNECTED);
 
@@ -160,6 +160,7 @@ void ConnectionManager::clickConnect(const QString &ovpnConfig, const apiinfo::S
     lastProxySettings_ = proxySettings;
     bEmitAuthError_ = bEmitAuthError;
     customConfigPath_ = customConfigPath;
+    isAntiCensorship_ = isAntiCensorship;
     bli_ = bli;
 
     bWasSuccessfullyConnectionAttempt_ = false;
@@ -1009,15 +1010,16 @@ void ConnectionManager::doConnectPart2()
                 lastOvpnConfig_, currentConnectionDescr_.ip, currentConnectionDescr_.protocol,
                 currentConnectionDescr_.port, localPort, mss, defaultAdapterInfo_.gateway(),
                 currentConnectionDescr_.verifyX509name,
-                dnsServersFromConnectedDnsInfo());
+                dnsServersFromConnectedDnsInfo(), isAntiCensorship_);
             if (!bOvpnSuccess) {
                 qCDebug(LOG_CONNECTION) << "Failed create ovpn config";
                 WS_ASSERT(false);
                 return;
             }
 
             if (currentConnectionDescr_.protocol == types::Protocol::STUNNEL) {
-                if (!stunnelManager_->runProcess(currentConnectionDescr_.ip, currentConnectionDescr_.port)) {
+                if (!stunnelManager_->runProcess(currentConnectionDescr_.ip, currentConnectionDescr_.port,
+                                                 ExtraConfig::instance().getStealthExtraTLSPadding() || isAntiCensorship_)) {
                     disconnect();
                     timerReconnection_.stop();
                     emit errorDuringConnection(CONNECT_ERROR::EXE_VERIFY_STUNNEL_ERROR);
@@ -1176,7 +1178,7 @@ void ConnectionManager::doConnectPart3()
             wireGuardConfig_.setPeerPublicKey(currentConnectionDescr_.wgPeerPublicKey);
             wireGuardConfig_.setPeerEndpoint(endpointAndPort);
 
-            if (ExtraConfig::instance().getWireGuardUdpStuffing()) {
+            if (ExtraConfig::instance().getWireGuardUdpStuffing() || isAntiCensorship_) {
                 QString localPort = udpStuffingWithNtp(currentConnectionDescr_.ip, currentConnectionDescr_.port);
                 wireGuardConfig_.setClientListenPort(localPort);
             }

diff --git a/client/engine/engine/connectionmanager/connectionmanager.h b/client/engine/engine/connectionmanager/connectionmanager.h
@@ -46,7 +46,7 @@ class ConnectionManager : public QObject
                       QSharedPointer<locationsmodel::BaseLocationInfo> bli,
                       const types::ConnectionSettings &connectionSettings,
                       const api_responses::PortMap &portMap, const types::ProxySettings &proxySettings,
-                      bool bEmitAuthError, const QString &customConfigPath);
+                      bool bEmitAuthError, const QString &customConfigPath, bool isAntiCensorship);
 
     void clickDisconnect();
     void blockingDisconnect();
@@ -165,6 +165,7 @@ private slots:
     QString lastOvpnConfig_;
     apiinfo::ServerCredentials lastServerCredentials_;
     types::ProxySettings lastProxySettings_;
+    bool isAntiCensorship_ = false;
     bool bEmitAuthError_;
 
     QString customConfigPath_;

diff --git a/client/engine/engine/connectionmanager/makeovpnfile.cpp b/client/engine/engine/connectionmanager/makeovpnfile.cpp
@@ -21,7 +21,7 @@ MakeOVPNFile::~MakeOVPNFile()
 
 bool MakeOVPNFile::generate(const QString &ovpnData, const QString &ip, types::Protocol protocol, uint port,
                             uint portForStunnelOrWStunnel, int mss, const QString &defaultGateway,
-                            const QString &openVpnX509, const QString &customDns)
+                            const QString &openVpnX509, const QString &customDns, bool isAntiCensorship)
 {
 #ifdef Q_OS_WIN
     Q_UNUSED(defaultGateway);
@@ -102,5 +102,10 @@ bool MakeOVPNFile::generate(const QString &ovpnData, const QString &ip, types::P
         config_ += strExtraConfig;
     }
 
+    if (isAntiCensorship) {
+        config_ += "udp-stuffing\n";
+        config_ += "tcp-split-reset\n";
+    }
+
     return true;
 }
diff --git a/client/engine/engine/connectionmanager/makeovpnfile.h b/client/engine/engine/connectionmanager/makeovpnfile.h
@@ -9,7 +9,8 @@ class MakeOVPNFile
     virtual ~MakeOVPNFile();
 
     bool generate(const QString &ovpnData, const QString &ip, types::Protocol protocol, uint port,
-                  uint portForStunnelOrWStunnel, int mss, const QString &defaultGateway, const QString &openVpnX509, const QString &customDns);
+                  uint portForStunnelOrWStunnel, int mss, const QString &defaultGateway, const QString &openVpnX509,
+                  const QString &customDns, bool isAntiCensorship);
     QString config() { return config_; }
 
 private:

diff --git a/client/engine/engine/connectionmanager/stunnelmanager.cpp b/client/engine/engine/connectionmanager/stunnelmanager.cpp
@@ -30,10 +30,9 @@ StunnelManager::~StunnelManager()
     killProcess();
 }
 
-bool StunnelManager::runProcess(const QString &hostname, unsigned int port)
+bool StunnelManager::runProcess(const QString &hostname, unsigned int port, bool isExtraPadding)
 {
     bool ret = false;
-    bool extraPadding = ExtraConfig::instance().getStealthExtraTLSPadding();
 
 #if defined(Q_OS_WIN)
     ExecutableSignature sigCheck;
@@ -50,7 +49,7 @@ bool StunnelManager::runProcess(const QString &hostname, unsigned int port)
     args << "--remoteAddress" << hostaddr;
     args << "--logFilePath" << "";
     args << "--tunnelType" << "2";
-    if (extraPadding) {
+    if (isExtraPadding) {
         args << "--extraTlsPadding";
     }
 
@@ -59,7 +58,7 @@ bool StunnelManager::runProcess(const QString &hostname, unsigned int port)
 #else
     Helper_posix *helper_posix = dynamic_cast<Helper_posix *>(helper_);
 
-    ret = !helper_posix->startStunnel(hostname, port, port_, extraPadding);
+    ret = !helper_posix->startStunnel(hostname, port, port_, isExtraPadding);
     if (ret) {
         emit stunnelStarted();
     }

diff --git a/client/engine/engine/connectionmanager/stunnelmanager.h b/client/engine/engine/connectionmanager/stunnelmanager.h
@@ -11,7 +11,7 @@ class StunnelManager : public QObject
     explicit StunnelManager(QObject *parent, IHelper *helper);
     virtual ~StunnelManager();
 
-    bool runProcess(const QString &hostname, unsigned int port);
+    bool runProcess(const QString &hostname, unsigned int port, bool isExtraPadding);
     void killProcess();
 
     unsigned int getPort();

diff --git a/client/engine/engine/emergencycontroller/emergencycontroller.cpp b/client/engine/engine/emergencycontroller/emergencycontroller.cpp
@@ -39,12 +39,14 @@ EmergencyController::~EmergencyController()
     SAFE_DELETE(makeOVPNFile_);
 }
 
-void EmergencyController::clickConnect(const types::ProxySettings &proxySettings)
+void EmergencyController::clickConnect(const types::ProxySettings &proxySettings, bool isAntiCensorship)
 {
     WS_ASSERT(state_ == STATE_DISCONNECTED);
     state_= STATE_CONNECTING_FROM_USER_CLICK;
 
     proxySettings_ = proxySettings;
+    isAntiCensorship_ = isAntiCensorship;
+
 
     auto callback = [this](std::vector<std::shared_ptr<WSNetEmergencyConnectEndpoint>> endpoints) {
         QMetaObject::invokeMethod(this, [this, endpoints]
@@ -280,7 +282,8 @@ void EmergencyController::doConnect()
     QString ovpnConfig = QString::fromStdString(WSNet::instance()->emergencyConnect()->ovpnConfig());
     WS_ASSERT(!ovpnConfig.isEmpty());
 
-    bool bOvpnSuccess = makeOVPNFile_->generate(ovpnConfig, QString::fromStdString(endpoint->ip()), types::Protocol::fromString(protocol), endpoint->port(), 0, mss, defaultAdapterInfo_.gateway(), "", "");
+    bool bOvpnSuccess = makeOVPNFile_->generate(ovpnConfig, QString::fromStdString(endpoint->ip()), types::Protocol::fromString(protocol),
+                                                endpoint->port(), 0, mss, defaultAdapterInfo_.gateway(), "", "", isAntiCensorship_);
     if (!bOvpnSuccess )
     {
         qCDebug(LOG_EMERGENCY_CONNECT) << "Failed create ovpn config";

diff --git a/client/engine/engine/emergencycontroller/emergencycontroller.h b/client/engine/engine/emergencycontroller/emergencycontroller.h
@@ -21,7 +21,7 @@ class EmergencyController : public QObject
     explicit EmergencyController(QObject *parent, IHelper *helper);
     virtual ~EmergencyController();
 
-    void clickConnect(const types::ProxySettings &proxySettings);
+    void clickConnect(const types::ProxySettings &proxySettings, bool isAntiCensorship);
     void clickDisconnect();
     bool isDisconnected();
     void blockingDisconnect();
@@ -49,6 +49,7 @@ private slots:
     IConnection *connector_;
     MakeOVPNFile *makeOVPNFile_;
     types::ProxySettings proxySettings_;
+    bool isAntiCensorship_ = false;
 
     std::vector<std::shared_ptr<wsnet::WSNetEmergencyConnectEndpoint>> endpoints_;
 

diff --git a/client/engine/engine/engine.cpp b/client/engine/engine/engine.cpp
@@ -94,9 +94,6 @@ Engine::Engine() : QObject(nullptr),
     bool bWsnetSuccess = WSNet::initialize(Utils::getPlatformNameSafe().toStdString(), AppVersion::instance().semanticVersionString().toStdString(), AppVersion::instance().isStaging(), wsnetSettings);
     WS_ASSERT(bWsnetSuccess);
 
-    engineSettings_.loadFromSettings();
-    qCDebug(LOG_BASIC) << "Engine settings" << engineSettings_;
-
     // Skip printing the engine settings if we loaded the defaults.
     if (engineSettings_.loadFromSettings()) {
         qCDebug(LOG_BASIC) << "Engine settings" << engineSettings_;
@@ -1244,14 +1241,14 @@ void Engine::setSettingsImpl(const types::EngineSettings &engineSettings)
     }
 
     WSNet::instance()->serverAPI()->setIgnoreSslErrors(engineSettings_.isIgnoreSslErrors());
+    WSNet::instance()->advancedParameters()->setAPIExtraTLSPadding(ExtraConfig::instance().getAPIExtraTLSPadding() || engineSettings_.isAntiCensorship());
 
     if (isCustomOvpnConfigsPathChanged)
         customConfigs_->changeDir(engineSettings_.customOvpnConfigsPath());
 
     keepAliveManager_->setEnabled(engineSettings_.isKeepAliveEnabled());
 
     WSNet::instance()->serverAPI()->setApiResolutionsSettings(engineSettings_.apiResolutionSettings().getIsAutomatic(), engineSettings_.apiResolutionSettings().getManualAddress().toStdString());
-
     updateProxySettings();
 }
 
@@ -1707,7 +1704,7 @@ void Engine::onConnectionManagerRequestPrivKeyPassword(const QString &pathCustom
 
 void Engine::emergencyConnectClickImpl()
 {
-    emergencyController_->clickConnect(ProxyServerController::instance().getCurrentProxySettings());
+    emergencyController_->clickConnect(ProxyServerController::instance().getCurrentProxySettings(), engineSettings_.isAntiCensorship());
 }
 
 void Engine::emergencyDisconnectClickImpl()
@@ -1768,7 +1765,7 @@ void Engine::updateAdvancedParamsImpl()
     }
 
     // send some parameters to wsnet
-    WSNet::instance()->advancedParameters()->setAPIExtraTLSPadding(ExtraConfig::instance().getAPIExtraTLSPadding());
+    WSNet::instance()->advancedParameters()->setAPIExtraTLSPadding(ExtraConfig::instance().getAPIExtraTLSPadding() || engineSettings_.isAntiCensorship());
     WSNet::instance()->advancedParameters()->setLogApiResponce(ExtraConfig::instance().getLogAPIResponse());
     std::optional<QString> countryOverride = ExtraConfig::instance().serverlistCountryOverride();
     WSNet::instance()->advancedParameters()->setCountryOverrideValue(countryOverride.has_value() ? countryOverride->toStdString() : "");
@@ -2389,7 +2386,7 @@ void Engine::doConnect(bool bEmitAuthError)
         connectionManager_->setLastKnownGoodProtocol(engineSettings_.networkLastKnownGoodProtocol(networkInterface.networkOrSsid));
         connectionManager_->clickConnect(apiResourcesManager_->ovpnConfig(), apiResourcesManager_->serverCredentials(), bli,
             connectionSettings, apiResourcesManager_->portMap(), ProxyServerController::instance().getCurrentProxySettings(),
-            bEmitAuthError, engineSettings_.customOvpnConfigsPath());
+            bEmitAuthError, engineSettings_.customOvpnConfigsPath(), engineSettings_.isAntiCensorship());
     }
     // for custom configs without login
     else
@@ -2398,7 +2395,7 @@ void Engine::doConnect(bool bEmitAuthError)
         qCDebug(LOG_CONNECTION) << "Connecting to" << locationName_;
         connectionManager_->clickConnect("", apiinfo::ServerCredentials(), bli,
             engineSettings_.connectionSettingsForNetworkInterface(networkInterface.networkOrSsid), api_responses::PortMap(),
-            ProxyServerController::instance().getCurrentProxySettings(), bEmitAuthError, engineSettings_.customOvpnConfigsPath());
+            ProxyServerController::instance().getCurrentProxySettings(), bEmitAuthError, engineSettings_.customOvpnConfigsPath(), engineSettings_.isAntiCensorship());
     }
 }
 

diff --git a/client/gui/backend/preferences/preferences.cpp b/client/gui/backend/preferences/preferences.cpp
@@ -426,7 +426,6 @@ void Preferences::setAntiCensorship(bool b)
     if (engineSettings_.isAntiCensorship() != b)
     {
         engineSettings_.setIsAntiCensorship(b);
-        ExtraConfig::instance().setAntiCensorship(b);
         emitEngineSettingsChanged();
         emit isAntiCensorshipChanged(engineSettings_.isAntiCensorship());
     }

diff --git a/installer/common/installer_shim.h b/installer/common/installer_shim.h
@@ -7,7 +7,7 @@ class InstallerShim
 {
 public:
     enum INSTALLER_STATE { STATE_INIT, STATE_EXTRACTING, STATE_CANCELED, STATE_FINISHED, STATE_ERROR, STATE_LAUNCHED };
-    enum INSTALLER_ERROR { ERROR_PERMISSION, ERROR_KILL, ERROR_CONNECT_HELPER, ERROR_DELETE, ERROR_UNINSTALL, ERROR_OTHER };
+    enum INSTALLER_ERROR { ERROR_OTHER = 1, ERROR_PERMISSION, ERROR_KILL, ERROR_CONNECT_HELPER, ERROR_DELETE, ERROR_UNINSTALL, ERROR_MOVE_CUSTOM_DIR };
 
     static InstallerShim &instance()
     {

diff --git a/installer/common/mainwindow.cpp b/installer/common/mainwindow.cpp
@@ -195,6 +195,11 @@ void MainWindow::onInstallerCallback()
                                           Q_ARG(QString, tr("Installation failed")),
                                           Q_ARG(QString, tr("The uninstaller for the existing installation of Windscribe could not be found. Please uninstall the application manually and try again.")),
                                           Q_ARG(bool, true));
+            } else if (error == InstallerShim::ERROR_MOVE_CUSTOM_DIR) {
+                QMetaObject::invokeMethod(this, "showError", Qt::QueuedConnection,
+                                          Q_ARG(QString, tr("Installation failed")),
+                                          Q_ARG(QString, tr("The installation folder contains data which could not be uninstalled. Please uninstall the application manually and try again.")),
+                                          Q_ARG(bool, true));
             } else {
                 QMetaObject::invokeMethod(this, "showError", Qt::QueuedConnection,
                                           Q_ARG(QString, tr("Installation failed")),

diff --git a/installer/common/translations/windscribe_installer_ar.ts b/installer/common/translations/windscribe_installer_ar.ts
@@ -88,6 +88,10 @@
         <source>The uninstaller for the existing installation of Windscribe could not be found. Please uninstall the application manually and try again.</source>
         <translation>تعذر العثور على برنامج إلغاء التثبيت للتثبيت الحالي ل Windscribe. الرجاء إلغاء تثبيت التطبيق يدويا والمحاولة مرة أخرى.</translation>
     </message>
+    <message>
+        <source>The installation folder contains data which could not be uninstalled. Please uninstall the application manually and try again.</source>
+        <translation>يحتوي مجلد التثبيت على بيانات تعذر إلغاء تثبيتها. الرجاء إلغاء تثبيت التطبيق يدويا والمحاولة مرة أخرى.</translation>
+    </message>
 </context>
 <context>
     <name>QObject</name>

diff --git a/installer/common/translations/windscribe_installer_cs.ts b/installer/common/translations/windscribe_installer_cs.ts
@@ -88,6 +88,10 @@
         <source>The uninstaller for the existing installation of Windscribe could not be found. Please uninstall the application manually and try again.</source>
         <translation>Odinstalační program pro stávající instalaci aplikace Windscribe nebyl nalezen. Odinstalujte aplikaci ručně a zkuste to znovu.</translation>
     </message>
+    <message>
+        <source>The installation folder contains data which could not be uninstalled. Please uninstall the application manually and try again.</source>
+        <translation>Instalační složka obsahuje data, která nelze odinstalovat. Odinstalujte aplikaci ručně a zkuste to znovu.</translation>
+    </message>
 </context>
 <context>
     <name>QObject</name>