def generate_ovpn_file(server_req):
'''Generates OVPN files
Tier 0(1) = Free
Tier 1(2) = Basic
Tier 2(3) = Plus
Tier 3(4) = Visionary
----------
Feature 1: Secure Core
Feature 2: Tor
Feature 4: P2P
Feature 8: XOR (not in use)
Feature 16: IPV6 (not in use)
'''
if not server_req:
return False
if walk_to_file(USER_FOLDER, OVPN_FILE.split("/")[-1]):
delete_file(OVPN_FILE)
if not create_file(OVPN_FILE, server_req.text):
log.warning("Unable to create ovpn file for direct connection.")
return False
print("An ovpn file has bee created, try to establish a connection now.")
return True
def edit_server_conf(self):
if not walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]):
print("Configuration file was not yet setup.")
return False
with open(USER_PREF_FILE) as file:
user_pref = json.load(file)
print("Your config file has stored: ", user_pref)
while True:
userInput = input("Would you like to edit your data ? [y/n]: ")
if userInput[0].lower() == 'n':
break
self.ask_for_server_config()
user_pref['tier'] = self.user_server_conf['tier']
user_pref['protocol'] = self.user_server_conf['protocol']
if not edit_file(USER_PREF_FILE,
json.dumps(user_pref, indent=2),
append=False):
print(
f"Unable to edit, unable to find folder {USER_FOLDER} and/or file {USER_PREF_FILE }"
)
break
return True
def read_user_data(self, is_user_credentials=False):
'''Read user data, it either gets the user credentials or user preferences.
Params:
------
`is_user_credentials`:
If True then return ovpn credentials, otherwise return server confs.
'''
file_name = USER_PREF_FILE.split("/")[-1]
if is_user_credentials:
file_name = USER_CRED_FILE.split("/")[-1]
#print(f"getting from this path ____ {USER_FOLDER}/{file_name}")
user_data_path = walk_to_file(USER_FOLDER,
file_name,
is_return_bool=False)
if not user_data_path:
print("Inside false")
return False
try:
with open(user_data_path, "r") as file:
return json.loads(file.read())
except:
print("Unable to read user preferences file.")
return False
def check_if_user_exist(self):
'''Checks if both server conf file and user credential file is generated
Returns:
-------
Bool:
Return True if both file exists, False otherwise.
'''
if not walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]):
print("Missing user server configuration file (.json)")
return False
if not walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]):
print("Missing user credentials")
return False
return True
def manage_dns(action_type, dns_addr=False):
resolv_conf_path = walk_to_file("/etc/",
"resolv.conf",
is_return_bool=False)
if not resolv_conf_path:
print("The \"resolv.conf\" file was not found on your system.")
log.warning("\"resolv.conf\" file was not found.")
return False
log.info(f"Path to original resolv.conf: \"{resolv_conf_path}\"")
print("Modifying dns...")
if action_type == "custom":
log.info("Applying custom ProtonVPN DNS...")
cmd = f"cat > /etc/resolv.conf <<EOF \n# Generated by openvpn-linux-gui for ProtonVPN\nnameserver {dns_addr}\nEOF"
try:
shutil.copy(resolv_conf_path, RESOLV_BACKUP_FILE)
except:
print("Unable to backup DNS configurations.")
log.warning("Unable to backup DNS configurations.")
return False
output = subprocess.run(["sudo", "bash", "-c", cmd],
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
if not output.returncode == 0:
print("Unable to update DNS configurations")
log.warning("Unable to apply custom ProtonVPN DNS configurations.")
print("DNS updated with new configurations.")
log.debug(f"...custom ProtonVPN DNS applied: {output}")
return True
elif action_type == "restore":
log.info("Restoring original DNS...")
try:
with open(RESOLV_BACKUP_FILE) as f:
content = f.read()
cmd = f"cat > /etc/resolv.conf <<EOF \n{content}\nEOF"
subprocess.run(["sudo", "bash", "-c", cmd])
print("...DNS configurations were restored.")
delete_file(RESOLV_BACKUP_FILE)
log.info(
f"Original configurations restored from: \"{RESOLV_BACKUP_FILE}\""
)
return True
except:
print(
"Unable to restore original DNS configurations, try restarting the Network Manager."
)
log.warning("Unable to restore original DNS configurations.")
return False
def create_user_pref_file(self):
if walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]):
#print("Conf files already exists")
return False
self.ask_for_server_config()
if not folder_exist(USER_FOLDER) or not create_folder(USER_FOLDER):
print("unable to create folder")
return False
if not create_file(USER_PREF_FILE,
json.dumps(self.user_server_conf, indent=2)):
print("Unable to ")
return False
return True
def cache_servers(self):
self.get_servers()
if not folder_exist(CACHE_FOLDER):
create_folder(CACHE_FOLDER)
else:
if not delete_folder_recursive(CACHE_FOLDER):
print("Unable to delete folder ", CACHE_FOLDER)
return False
create_folder(CACHE_FOLDER)
for country, content in self.serverList.items():
country_path = os.path.join(CACHE_FOLDER,
country + SERVER_FILE_TYPE)
if not walk_to_file(CACHE_FOLDER, country + SERVER_FILE_TYPE):
create_file(country_path, json.dumps(content, indent=2))
else:
edit_file(country_path, json.dumps(content, indent=2))
print("Servers cached successfully!")
def create_user_credentials_file(self):
if walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]):
print("There is already an existing user, edit it instead.")
return False
self.ask_for_user_credentials()
user_cred = self.user_credentials[
'username'] + "\n" + self.user_credentials['password']
if not create_folder(USER_FOLDER):
print(
f"Unable to create folder. Check if folder {USER_FOLDER} is present."
)
return False
if not create_file(USER_CRED_FILE, user_cred):
print("Unable to create file.")
return False
return True
def edit_user_credentials(self):
if not walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]):
print("The file does not exist")
return False
self.ask_for_user_credentials()
user_cred = self.user_credentials[
'username'] + "\n" + self.user_credentials['password']
if not delete_file(USER_CRED_FILE):
print("unable to Delete file")
return False
if not create_file(USER_CRED_FILE, user_cred):
print(
f"Unable to edit, unable to find folder {USER_FOLDER} and/or file {USER_CRED_FILE}"
)
return False
return True
def generate_ovpn_for_boot(server_req):
original_req = server_req.text
start_index = original_req.find("auth-user-pass")
modified_request = original_req[:start_index +
14] + " /opt/" + PROJECT_NAME + "/" + USER_CRED_FILE.split(
"/")[-1] + original_req[start_index +
14:]
ovpn_file_created = False
append_to_file = "cat > /etc/openvpn/client/" + OVPN_FILE.split(
"/")[-1].split(".")[0] + ".conf <<EOF " + modified_request + "\nEOF"
try:
output = subprocess.run(["sudo", "bash", "-c", append_to_file],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.debug(f"Injection comand output: {output}")
ovpn_file_created = True
except:
print("Unable to create configuration file in /openvpn/client/")
log.critical(f"Could not generate/modify openVPN file.")
return False
print("Created new file in /openvpn/client/")
log.info(f"\"Start on boot\" path to credentials injected.")
if ovpn_file_created and walk_to_file(
"/opt/", USER_CRED_FILE, in_dirs=True):
log.critical(
f"OVPN file for boot was NOT generated in: \"/etc/openvpn/client/\""
)
return False
if not copy_credentials():
return False
filename = OVPN_FILE.split("/")[-1].split(".")[0]
log.info(
f"OVPN file for boot was generated: \"/etc/openvpn/client/{filename}\""
)
return True
def manage_ipv6(action_type):
if action_type == "disable":
#check for error
default_route = subprocess.run("ip route show | grep default",
shell=True,
stdout=subprocess.PIPE)
if not default_route.returncode == 0:
print("Could not find any IPv6 configurations.")
log.debug(
"Could not find any IPv6 configurations prior to disabling it."
)
return False
# show all ipv6 interfaces and their status
#all_interfaces = subprocess.run(["sudo sysctl --all | grep disable_ipv6"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
default_nic = default_route.stdout.decode().strip().split()[4]
ipv6_info = subprocess.run(
f"ip addr show dev {default_nic} | grep '\<inet6.*global\>'",
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
if not ipv6_info.returncode == 0:
log.debug(f"Could not find ipv6 {ipv6_info}")
return False
ipv6_addr = ipv6_info.stdout.decode().strip().split()[1]
if walk_to_file(USER_FOLDER, IPV6_BACKUP_FILE.split("/")[-1]):
delete_file(IPV6_BACKUP_FILE)
log.info(f"Backup file was deleted: \"{IPV6_BACKUP_FILE}\"")
ipv6_disable = subprocess.run(
f"sudo sysctl -w net.ipv6.conf.{default_nic}.disable_ipv6=1",
shell=True,
stderr=subprocess.PIPE,
stdout=subprocess.PIPE)
if not ipv6_disable.returncode == 0:
log.debug(f"Unable to disable ipv6: {ipv6_disable}")
return False
try:
with open(IPV6_BACKUP_FILE, "w") as file:
file.write(default_nic + " " + ipv6_addr)
except:
print("Unable to save to file")
return False
print("Backup was made")
return True
elif action_type == "restore":
log.info("Start IPV6 restore process.")
try:
with open(IPV6_BACKUP_FILE, "r") as file:
content = file.read().split()
default_nic = content[0].strip()
ipv6_addr = content[1].strip()
except:
log.debug("Unable to open file.")
return False
ipv6_info = subprocess.run(
f"ip addr show dev {default_nic} | grep '\<inet6.*global\>'",
shell=True,
stderr=subprocess.PIPE,
stdout=subprocess.PIPE)
if ipv6_info.returncode == 0:
log.debug("IPv6 already present.")
delete_file(IPV6_BACKUP_FILE)
return True
ipv6_enable = subprocess.run(
f"sudo sysctl -w net.ipv6.conf.{default_nic}.disable_ipv6=0",
shell=True,
stderr=subprocess.PIPE,
stdout=subprocess.PIPE)
if not ipv6_enable.returncode == 0:
print(
"Unable to restore IPv6 configurations, restarting Network Manager might help."
)
log.debug(f"IPv6 configuration restoration error: {ipv6_enable}")
return False
ipv6_restore_address = subprocess.run(
f"sudo ip addr add {ipv6_addr} dev {default_nic}",
shell=True,
stderr=subprocess.PIPE,
stdout=subprocess.PIPE)
if not ipv6_restore_address.returncode == 0:
print("Unable to restore IPv6.")
log.debug(f"IPv6 restoration error: {ipv6_restore_address}")
return False
log.debug("Removing IPv6 backup file.")
delete_file(IPV6_BACKUP_FILE)
log.debug("IPv6 restored")
print("IPv6 restored")
return True
def is_update_resolv_conf_installed(path, fileName):
return walk_to_file(path, fileName)
def is_open_resolv_installed(path, fileName):
return walk_to_file(path, fileName)