def generate_ovpn_file(server_req): '''Generates OVPN files Tier 0(1) = Free Tier 1(2) = Basic Tier 2(3) = Plus Tier 3(4) = Visionary ---------- Feature 1: Secure Core Feature 2: Tor Feature 4: P2P Feature 8: XOR (not in use) Feature 16: IPV6 (not in use) ''' if not server_req: return False if walk_to_file(USER_FOLDER, OVPN_FILE.split("/")[-1]): delete_file(OVPN_FILE) if not create_file(OVPN_FILE, server_req.text): log.warning("Unable to create ovpn file for direct connection.") return False print("An ovpn file has bee created, try to establish a connection now.") return True
def edit_server_conf(self): if not walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]): print("Configuration file was not yet setup.") return False with open(USER_PREF_FILE) as file: user_pref = json.load(file) print("Your config file has stored: ", user_pref) while True: userInput = input("Would you like to edit your data ? [y/n]: ") if userInput[0].lower() == 'n': break self.ask_for_server_config() user_pref['tier'] = self.user_server_conf['tier'] user_pref['protocol'] = self.user_server_conf['protocol'] if not edit_file(USER_PREF_FILE, json.dumps(user_pref, indent=2), append=False): print( f"Unable to edit, unable to find folder {USER_FOLDER} and/or file {USER_PREF_FILE }" ) break return True
def read_user_data(self, is_user_credentials=False): '''Read user data, it either gets the user credentials or user preferences. Params: ------ `is_user_credentials`: If True then return ovpn credentials, otherwise return server confs. ''' file_name = USER_PREF_FILE.split("/")[-1] if is_user_credentials: file_name = USER_CRED_FILE.split("/")[-1] #print(f"getting from this path ____ {USER_FOLDER}/{file_name}") user_data_path = walk_to_file(USER_FOLDER, file_name, is_return_bool=False) if not user_data_path: print("Inside false") return False try: with open(user_data_path, "r") as file: return json.loads(file.read()) except: print("Unable to read user preferences file.") return False
def check_if_user_exist(self): '''Checks if both server conf file and user credential file is generated Returns: ------- Bool: Return True if both file exists, False otherwise. ''' if not walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]): print("Missing user server configuration file (.json)") return False if not walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]): print("Missing user credentials") return False return True
def manage_dns(action_type, dns_addr=False): resolv_conf_path = walk_to_file("/etc/", "resolv.conf", is_return_bool=False) if not resolv_conf_path: print("The \"resolv.conf\" file was not found on your system.") log.warning("\"resolv.conf\" file was not found.") return False log.info(f"Path to original resolv.conf: \"{resolv_conf_path}\"") print("Modifying dns...") if action_type == "custom": log.info("Applying custom ProtonVPN DNS...") cmd = f"cat > /etc/resolv.conf <<EOF \n# Generated by openvpn-linux-gui for ProtonVPN\nnameserver {dns_addr}\nEOF" try: shutil.copy(resolv_conf_path, RESOLV_BACKUP_FILE) except: print("Unable to backup DNS configurations.") log.warning("Unable to backup DNS configurations.") return False output = subprocess.run(["sudo", "bash", "-c", cmd], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) if not output.returncode == 0: print("Unable to update DNS configurations") log.warning("Unable to apply custom ProtonVPN DNS configurations.") print("DNS updated with new configurations.") log.debug(f"...custom ProtonVPN DNS applied: {output}") return True elif action_type == "restore": log.info("Restoring original DNS...") try: with open(RESOLV_BACKUP_FILE) as f: content = f.read() cmd = f"cat > /etc/resolv.conf <<EOF \n{content}\nEOF" subprocess.run(["sudo", "bash", "-c", cmd]) print("...DNS configurations were restored.") delete_file(RESOLV_BACKUP_FILE) log.info( f"Original configurations restored from: \"{RESOLV_BACKUP_FILE}\"" ) return True except: print( "Unable to restore original DNS configurations, try restarting the Network Manager." ) log.warning("Unable to restore original DNS configurations.") return False
def create_user_pref_file(self): if walk_to_file(USER_FOLDER, USER_PREF_FILE.split("/")[-1]): #print("Conf files already exists") return False self.ask_for_server_config() if not folder_exist(USER_FOLDER) or not create_folder(USER_FOLDER): print("unable to create folder") return False if not create_file(USER_PREF_FILE, json.dumps(self.user_server_conf, indent=2)): print("Unable to ") return False return True
def cache_servers(self): self.get_servers() if not folder_exist(CACHE_FOLDER): create_folder(CACHE_FOLDER) else: if not delete_folder_recursive(CACHE_FOLDER): print("Unable to delete folder ", CACHE_FOLDER) return False create_folder(CACHE_FOLDER) for country, content in self.serverList.items(): country_path = os.path.join(CACHE_FOLDER, country + SERVER_FILE_TYPE) if not walk_to_file(CACHE_FOLDER, country + SERVER_FILE_TYPE): create_file(country_path, json.dumps(content, indent=2)) else: edit_file(country_path, json.dumps(content, indent=2)) print("Servers cached successfully!")
def create_user_credentials_file(self): if walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]): print("There is already an existing user, edit it instead.") return False self.ask_for_user_credentials() user_cred = self.user_credentials[ 'username'] + "\n" + self.user_credentials['password'] if not create_folder(USER_FOLDER): print( f"Unable to create folder. Check if folder {USER_FOLDER} is present." ) return False if not create_file(USER_CRED_FILE, user_cred): print("Unable to create file.") return False return True
def edit_user_credentials(self): if not walk_to_file(USER_FOLDER, USER_CRED_FILE.split("/")[-1]): print("The file does not exist") return False self.ask_for_user_credentials() user_cred = self.user_credentials[ 'username'] + "\n" + self.user_credentials['password'] if not delete_file(USER_CRED_FILE): print("unable to Delete file") return False if not create_file(USER_CRED_FILE, user_cred): print( f"Unable to edit, unable to find folder {USER_FOLDER} and/or file {USER_CRED_FILE}" ) return False return True
def generate_ovpn_for_boot(server_req): original_req = server_req.text start_index = original_req.find("auth-user-pass") modified_request = original_req[:start_index + 14] + " /opt/" + PROJECT_NAME + "/" + USER_CRED_FILE.split( "/")[-1] + original_req[start_index + 14:] ovpn_file_created = False append_to_file = "cat > /etc/openvpn/client/" + OVPN_FILE.split( "/")[-1].split(".")[0] + ".conf <<EOF " + modified_request + "\nEOF" try: output = subprocess.run(["sudo", "bash", "-c", append_to_file], stdout=subprocess.PIPE, stderr=subprocess.PIPE) log.debug(f"Injection comand output: {output}") ovpn_file_created = True except: print("Unable to create configuration file in /openvpn/client/") log.critical(f"Could not generate/modify openVPN file.") return False print("Created new file in /openvpn/client/") log.info(f"\"Start on boot\" path to credentials injected.") if ovpn_file_created and walk_to_file( "/opt/", USER_CRED_FILE, in_dirs=True): log.critical( f"OVPN file for boot was NOT generated in: \"/etc/openvpn/client/\"" ) return False if not copy_credentials(): return False filename = OVPN_FILE.split("/")[-1].split(".")[0] log.info( f"OVPN file for boot was generated: \"/etc/openvpn/client/{filename}\"" ) return True
def manage_ipv6(action_type): if action_type == "disable": #check for error default_route = subprocess.run("ip route show | grep default", shell=True, stdout=subprocess.PIPE) if not default_route.returncode == 0: print("Could not find any IPv6 configurations.") log.debug( "Could not find any IPv6 configurations prior to disabling it." ) return False # show all ipv6 interfaces and their status #all_interfaces = subprocess.run(["sudo sysctl --all | grep disable_ipv6"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) default_nic = default_route.stdout.decode().strip().split()[4] ipv6_info = subprocess.run( f"ip addr show dev {default_nic} | grep '\<inet6.*global\>'", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) if not ipv6_info.returncode == 0: log.debug(f"Could not find ipv6 {ipv6_info}") return False ipv6_addr = ipv6_info.stdout.decode().strip().split()[1] if walk_to_file(USER_FOLDER, IPV6_BACKUP_FILE.split("/")[-1]): delete_file(IPV6_BACKUP_FILE) log.info(f"Backup file was deleted: \"{IPV6_BACKUP_FILE}\"") ipv6_disable = subprocess.run( f"sudo sysctl -w net.ipv6.conf.{default_nic}.disable_ipv6=1", shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE) if not ipv6_disable.returncode == 0: log.debug(f"Unable to disable ipv6: {ipv6_disable}") return False try: with open(IPV6_BACKUP_FILE, "w") as file: file.write(default_nic + " " + ipv6_addr) except: print("Unable to save to file") return False print("Backup was made") return True elif action_type == "restore": log.info("Start IPV6 restore process.") try: with open(IPV6_BACKUP_FILE, "r") as file: content = file.read().split() default_nic = content[0].strip() ipv6_addr = content[1].strip() except: log.debug("Unable to open file.") return False ipv6_info = subprocess.run( f"ip addr show dev {default_nic} | grep '\<inet6.*global\>'", shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE) if ipv6_info.returncode == 0: log.debug("IPv6 already present.") delete_file(IPV6_BACKUP_FILE) return True ipv6_enable = subprocess.run( f"sudo sysctl -w net.ipv6.conf.{default_nic}.disable_ipv6=0", shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE) if not ipv6_enable.returncode == 0: print( "Unable to restore IPv6 configurations, restarting Network Manager might help." ) log.debug(f"IPv6 configuration restoration error: {ipv6_enable}") return False ipv6_restore_address = subprocess.run( f"sudo ip addr add {ipv6_addr} dev {default_nic}", shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE) if not ipv6_restore_address.returncode == 0: print("Unable to restore IPv6.") log.debug(f"IPv6 restoration error: {ipv6_restore_address}") return False log.debug("Removing IPv6 backup file.") delete_file(IPV6_BACKUP_FILE) log.debug("IPv6 restored") print("IPv6 restored") return True
def is_update_resolv_conf_installed(path, fileName): return walk_to_file(path, fileName)
def is_open_resolv_installed(path, fileName): return walk_to_file(path, fileName)