Skip to content

Commit

Permalink
v2.11.11
Browse files Browse the repository at this point in the history
  • Loading branch information
bernerdad committed Sep 16, 2024
1 parent f6392c1 commit 6d92ffe
Show file tree
Hide file tree
Showing 35 changed files with 519 additions and 107 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@ The application installs to `/opt/windscribe`.

### Logs
- Client app and location pings: `~/.local/share/Windscribe/Windscribe2`
- Helper: `/opt/windscribe/helper_log.txt`
- Helper: `/var/log/windscribe/helper_log.txt`

## Contributing

Expand Down
19 changes: 18 additions & 1 deletion backend/linux/helper/firewallcontroller.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ bool FirewallController::enable(bool ipv6, const std::string &rules)
// reapply split tunneling rules if necessary
setSplitTunnelIpExceptions(splitTunnelIps_);
setSplitTunnelAppExceptions();
setSplitTunnelIngressRules(defaultAdapterIp_);

return 0;
}
Expand Down Expand Up @@ -88,16 +89,18 @@ void FirewallController::disable()
Utils::executeCommand("rm", {"-f", "/etc/windscribe/rules.v6"});
}

void FirewallController::setSplitTunnelingEnabled(bool isConnected, bool isEnabled, bool isExclude, const std::string &defaultAdapter)
void FirewallController::setSplitTunnelingEnabled(bool isConnected, bool isEnabled, bool isExclude, const std::string &defaultAdapter, const std::string &defaultAdapterIp)
{
connected_ = isConnected;
splitTunnelEnabled_ = isEnabled;
splitTunnelExclude_ = isExclude;
prevAdapter_ = defaultAdapter_;
defaultAdapter_ = defaultAdapter;
defaultAdapterIp_ = defaultAdapterIp;

setSplitTunnelIpExceptions(splitTunnelIps_);
setSplitTunnelAppExceptions();
setSplitTunnelIngressRules(defaultAdapterIp_);
}

void FirewallController::removeExclusiveIpRules()
Expand Down Expand Up @@ -133,6 +136,20 @@ void FirewallController::removeInclusiveAppRules()
}
}

void FirewallController::setSplitTunnelIngressRules(const std::string &defaultAdapterIp)
{
if (!connected_ || !splitTunnelEnabled_ || splitTunnelExclude_) {
Logger::instance().out("Deleting ingress rules");
Utils::executeCommand("iptables", {"-D", "PREROUTING", "-t", "mangle", "-d", defaultAdapterIp.c_str(), "-j", "CONNMARK", "--set-mark", CGroups::instance().mark(), "-m", "comment", "--comment", kTag});
Utils::executeCommand("iptables", {"-D", "OUTPUT", "-t", "mangle", "-j", "CONNMARK", "--restore-mark", "-m", "comment", "--comment", kTag});
return;
}

Logger::instance().out("Adding ingress rules");
addRule({"PREROUTING", "-t", "mangle", "-d", defaultAdapterIp.c_str(), "-j", "CONNMARK", "--set-mark", CGroups::instance().mark(), "-m", "comment", "--comment", kTag});
addRule({"OUTPUT", "-t", "mangle", "-j", "CONNMARK", "--restore-mark", "-m", "comment", "--comment", kTag});
}

void FirewallController::setSplitTunnelAppExceptions()
{
if (!connected_ || !splitTunnelEnabled_) {
Expand Down
5 changes: 4 additions & 1 deletion backend/linux/helper/firewallcontroller.h
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@ class FirewallController
bool isConnected,
bool isEnabled,
bool isExclude,
const std::string &adapter);
const std::string &adapter,
const std::string &adapterIp);
void setSplitTunnelIpExceptions(const std::vector<std::string> &ips);

private:
Expand All @@ -35,6 +36,7 @@ class FirewallController
bool splitTunnelExclude_;
std::vector<std::string> splitTunnelIps_;
std::string defaultAdapter_;
std::string defaultAdapterIp_;
std::string prevAdapter_;
std::string netclassid_;

Expand All @@ -43,5 +45,6 @@ class FirewallController
void removeExclusiveAppRules();
void removeInclusiveAppRules();
void setSplitTunnelAppExceptions();
void setSplitTunnelIngressRules(const std::string &defaultAdapterIp);
void addRule(const std::vector<std::string> &args);
};
4 changes: 3 additions & 1 deletion backend/linux/helper/logger.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,12 @@ void Logger::out(const char *str, ...)
bytesOut += vsnprintf(buf + bytesOut, sizeof(buf) - bytesOut, str, args);
va_end (args);

auto res = system("mkdir -p /var/log/windscribe");

if ((bytesOut > 0) && (bytesOut < sizeof(buf)))
{
mutex_.lock();
FILE* logFile = fopen("/opt/windscribe/helper_log.txt", "a");
FILE* logFile = fopen("/var/log/windscribe/helper_log.txt", "a");
if (logFile != NULL)
{
fprintf(logFile, "%s\n", buf);
Expand Down
2 changes: 1 addition & 1 deletion backend/linux/helper/process_command.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@ CMD_ANSWER startCtrld(boost::archive::text_iarchive &ia)
}
}
if (cmd.isCreateLog) {
arguments << " --log /opt/windscribe/ctrld.log";
arguments << " --log /var/log/windscribe/ctrld.log";
arguments << " -vv";
}

Expand Down
3 changes: 2 additions & 1 deletion backend/linux/helper/split_tunneling/split_tunneling.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ bool SplitTunneling::updateState()
connectStatus_.isConnected,
isSplitTunnelActive_,
isExclude_,
connectStatus_.defaultAdapter.adapterName);
connectStatus_.defaultAdapter.adapterName,
connectStatus_.defaultAdapter.adapterIp);
return false;
}
2 changes: 1 addition & 1 deletion backend/linux/helper/utils.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ std::string getFullCommand(const std::string &exePath, const std::string &execut

// check only for release build
#ifdef NDEBUG
if (std::string(canonicalPath).rfind("/opt/windscribe", 0) != 0) {
if (std::string(canonicalPath).rfind("/opt/windscribe", 0) != 0 && std::string(canonicalPath).rfind("/usr/lib/opt/windscribe", 0) != 0) {
// Don't execute arbitrary commands, only executables that are in our application directory
Logger::instance().out("Executable not in correct path, ignoring.");
free(canonicalPath);
Expand Down
2 changes: 1 addition & 1 deletion backend/mac/helper/helper-info.plist
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<key>CFBundleName</key>
<string>WindscribeHelper</string>
<key>CFBundleVersion</key>
<string>76</string>
<string>77</string>
<key>NSHumanReadableCopyright</key>
<string>Copyright © 2024 Windscribe Limited. All rights reserved.</string>
<key>LSMinimumSystemVersion</key>
Expand Down
4 changes: 0 additions & 4 deletions backend/mac/helper/process_command.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -683,8 +683,6 @@ CMD_ANSWER getInterfaceSsid(boost::archive::text_iarchive &ia)
CMD_ANSWER answer;
CMD_GET_INTERFACE_SSID cmd;
ia >> cmd;
LOG("Get interface SSID for %s", cmd.interface.c_str());

std::string output;

answer.executed = Utils::executeCommand("/usr/bin/wdutil", {"info"}, &output);
Expand All @@ -703,10 +701,8 @@ CMD_ANSWER getInterfaceSsid(boost::archive::text_iarchive &ia)
while (getline(stream, line)) {
if (line.find("SSID") != std::string::npos) {
answer.body = line.substr(line.find(":") + 2);
LOG("Found SSID for %s: %s", cmd.interface.c_str(), answer.body.c_str());
return answer;
}
}
LOG("No SSID for %s", cmd.interface.c_str());
return answer;
}
1 change: 0 additions & 1 deletion client/base/backend/backend.h
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
#pragma once

#include <QObject>
#include <QProcess>
#include <wsnet/WSNet.h>

#include "connectstatehelper.h"
Expand Down
18 changes: 18 additions & 0 deletions client/common/changelog.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,21 @@
2.11.11 (12/09/2024)
All:
* Clear DNS cache in wsnet when connecting or disconnecting to the VPN. #1122


2.11.10 (10/09/2024)
All:
* Fixed unable to reach API after failover while connected. Fix in wsnet, treat address 0.0.0.0 a DNS-error. #1122
Windows:
* Fix ctrld not starting even after external DNS service stopped. #1123
MacOS:
* Fixed macOS auto-update process fails to mount installer. #1118
* Fixed spammy log when getting SSID. #1126
Linux:
* Fixed some ingress packets are dropped incorrectly when using inclusive split tunneling. #1124
* Fixed OpenVPN protocols not working on immutable distros. #1128


2.11.9 (03/09/2024)
All:
* Improved dialog verbiage when secure hotspot is enabled without Wi-Fi. #1005
Expand Down
Loading

0 comments on commit 6d92ffe

Please sign in to comment.