diff --git a/src/Makefile b/src/Makefile index 6891b01..e2b2594 100644 --- a/src/Makefile +++ b/src/Makefile @@ -95,15 +95,16 @@ install: wg @install -v -d "$(DESTDIR)$(BINDIR)" && install -v -m 0755 wg "$(DESTDIR)$(BINDIR)/awg" @install -v -d "$(DESTDIR)$(MANDIR)/man8" && install -v -m 0644 man/wg.8 "$(DESTDIR)$(MANDIR)/man8/awg.8" @[ "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \ - install -v -d "$(DESTDIR)$(BASHCOMPDIR)" && install -v -m 0644 completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/awg" + install -v -d "$(DESTDIR)$(BASHCOMPDIR)" && install -v -m 0644 completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/awg/awg.bash-completion" @[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \ - install -v -m 0755 wg-quick/$(PLATFORM).bash "$(DESTDIR)$(BINDIR)/awg-quick" && install -v -m 0700 -d "$(DESTDIR)$(SYSCONFDIR)/amnezia" + install -v -m 0755 wg-quick/$(PLATFORM).bash "$(DESTDIR)$(BINDIR)/awg-quick" && install -v -m 0700 -d "$(DESTDIR)$(SYSCONFDIR)/amnezia/amneziawg" @[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \ install -v -m 0644 man/wg-quick.8 "$(DESTDIR)$(MANDIR)/man8/awg-quick.8" @[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \ - install -v -m 0644 completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/awg-quick" + install -v -m 0644 completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/awg-quick/awg-quick.bash-completion" @[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_SYSTEMDUNITS)" = "yes" ] || exit 0; \ - install -v -d "$(DESTDIR)$(SYSTEMDUNITDIR)" && install -v -m 0644 systemd/* "$(DESTDIR)$(SYSTEMDUNITDIR)/" + install -v -d "$(DESTDIR)$(SYSTEMDUNITDIR)" && install -v -m 0644 systemd/wg-quick.target "$(DESTDIR)$(SYSTEMDUNITDIR)/awg-quick.target" && \ + install -v -m 0644 systemd/wg-quick@.service "$(DESTDIR)$(SYSTEMDUNITDIR)/awg-quick@.service" check: clean scan-build --html-title=wireguard-tools -maxloop 100 --view --keep-going $(MAKE) wg diff --git a/src/completion/awg-quick.bash-completion b/src/completion/wg-quick.bash-completion similarity index 96% rename from src/completion/awg-quick.bash-completion rename to src/completion/wg-quick.bash-completion index 4db5c64..08eab3a 100644 --- a/src/completion/awg-quick.bash-completion +++ b/src/completion/wg-quick.bash-completion @@ -27,7 +27,7 @@ _awg_quick_completion() { COMPREPLY+=( "${a[@]}" ) elif [[ ${COMP_WORDS[1]} == down ]]; then if [[ $OSTYPE == *openbsd* || $OSTYPE == *darwin* ]]; then - for i in /var/run/wireguard/*.name; do + for i in /var/run/amneziawg/*.name; do i="${i##*/}"; i="${i%.name}" mapfile -t a < <(compgen -W "$i" -- "${COMP_WORDS[2]}") COMPREPLY+=( "${a[@]}" ) diff --git a/src/completion/awg.bash-completion b/src/completion/wg.bash-completion similarity index 100% rename from src/completion/awg.bash-completion rename to src/completion/wg.bash-completion diff --git a/src/ipc-uapi-unix.h b/src/ipc-uapi-unix.h index aaf60ca..fcc47ee 100644 --- a/src/ipc-uapi-unix.h +++ b/src/ipc-uapi-unix.h @@ -14,7 +14,7 @@ #include #include -#define SOCK_PATH RUNSTATEDIR "/wireguard/" +#define SOCK_PATH RUNSTATEDIR "/amneziawg/" #define SOCK_SUFFIX ".sock" static FILE *userspace_interface_file(const char *iface) diff --git a/src/systemd/awg-quick.target b/src/systemd/wg-quick.target similarity index 100% rename from src/systemd/awg-quick.target rename to src/systemd/wg-quick.target diff --git a/src/systemd/awg-quick@.service b/src/systemd/wg-quick@.service similarity index 100% rename from src/systemd/awg-quick@.service rename to src/systemd/wg-quick@.service diff --git a/src/wg-quick/android.c b/src/wg-quick/android.c index 1263ee4..9eee75f 100644 --- a/src/wg-quick/android.c +++ b/src/wg-quick/android.c @@ -41,6 +41,7 @@ static bool is_exiting = false; static bool binder_available = false; static unsigned int sdk_version; +static bool is_asecurity_on = false; static void *xmalloc(size_t size) { @@ -632,7 +633,10 @@ static void auto_su(int argc, char *argv[]) static void add_if(const char *iface) { - cmd("ip link add %s type wireguard", iface); + if (is_asecurity_on) + cmd("amneziawg-go %s", iface); + else + cmd("ip link add %s type wireguard", iface); } static void del_if(const char *iface) @@ -1256,6 +1260,24 @@ static void parse_options(char **iface, char **config, unsigned int *mtu, char * } else if (!strncasecmp(clean, "MTU=", 4) && j > 4) { *mtu = atoi(clean + 4); continue; + } else if (!strncasecmp(clean, "Jc=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "Jmin=", 5) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "Jmax=", 5) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "S1=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "S2=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "H1=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "H2=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "H3=", 3) && j > 4 { + is_asecurity_on = true; + } else if (!strncasecmp(clean, "H4=", 3) && j > 4 { + is_asecurity_on = true; } } *config = concat_and_free(*config, "", line); @@ -1300,4 +1322,4 @@ int main(int argc, char *argv[]) return 1; } return 0; -} +} \ No newline at end of file diff --git a/src/wg-quick/wg b/src/wg-quick/awg similarity index 100% rename from src/wg-quick/wg rename to src/wg-quick/awg diff --git a/src/wg-quick/darwin.bash b/src/wg-quick/darwin.bash index c938112..9efbe09 100755 --- a/src/wg-quick/darwin.bash +++ b/src/wg-quick/darwin.bash @@ -41,7 +41,7 @@ die() { [[ ${BASH_VERSINFO[0]} -ge 4 ]] || die "Version mismatch: bash ${BASH_VERSINFO[0]} detected, when bash 4+ required" -CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard ) +CONFIG_SEARCH_PATHS=( /etc/amnezia/amneziawg /usr/local/etc/amnezia/amneziawg ) parse_options() { local interface_section=0 line key value stripped path v @@ -110,10 +110,10 @@ auto_su() { get_real_interface() { local interface diff wg show interfaces >/dev/null - [[ -f "/var/run/wireguard/$INTERFACE.name" ]] || return 1 - interface="$(< "/var/run/wireguard/$INTERFACE.name")" - [[ -n $interface && -S "/var/run/wireguard/$interface.sock" ]] || return 1 - diff=$(( $(stat -f %m "/var/run/wireguard/$interface.sock" 2>/dev/null || echo 200) - $(stat -f %m "/var/run/wireguard/$INTERFACE.name" 2>/dev/null || echo 100) )) + [[ -f "/var/run/amneziawg/$INTERFACE.name" ]] || return 1 + interface="$(< "/var/run/amneziawg/$INTERFACE.name")" + [[ -n $interface && -S "/var/run/amneziawg/$interface.sock" ]] || return 1 + diff=$(( $(stat -f %m "/var/run/amneziawg/$interface.sock" 2>/dev/null || echo 200) - $(stat -f %m "/var/run/wireguard/$INTERFACE.name" 2>/dev/null || echo 100) )) [[ $diff -ge 2 || $diff -le -2 ]] && return 1 REAL_INTERFACE="$interface" echo "[+] Interface for $INTERFACE is $REAL_INTERFACE" >&2 @@ -121,9 +121,9 @@ get_real_interface() { } add_if() { - export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name" - mkdir -p "/var/run/wireguard/" - cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" utun + export WG_TUN_NAME_FILE="/var/run/amneziawg/$INTERFACE.name" + mkdir -p "/var/run/amneziawg/" + cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-amneziawg-go}" utun get_real_interface } @@ -519,4 +519,4 @@ fi [[ -n $LAUNCHED_BY_LAUNCHD ]] && wait -exit 0 +exit 0 \ No newline at end of file diff --git a/src/wg-quick/freebsd.bash b/src/wg-quick/freebsd.bash index f72daf6..8cb065d 100755 --- a/src/wg-quick/freebsd.bash +++ b/src/wg-quick/freebsd.bash @@ -28,6 +28,8 @@ CONFIG_FILE="" PROGRAM="${0##*/}" ARGS=( "$@" ) +IS_ASESCURITY_ON=0 + cmd() { echo "[#] $*" >&3 "$@" @@ -38,7 +40,7 @@ die() { exit 1 } -CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard ) +CONFIG_SEARCH_PATHS=( /etc/amnezia/amneziawg /usr/local/etc/amnezia/amneziawg ) unset ORIGINAL_TMPDIR make_temp() { @@ -96,6 +98,17 @@ parse_options() { PostDown) POST_DOWN+=( "$value" ); continue ;; SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;; esac + case "$key" in + Jc);& + Jmin);& + Jmax);& + S1);& + S2);& + H1);& + H2);& + H3);& + H4) IS_ASESCURITY_ON=1;; + esac fi WG_CONFIG+="$line"$'\n' done < "$CONFIG_FILE" @@ -116,7 +129,11 @@ auto_su() { add_if() { local ret rc - if ret="$(cmd ifconfig wg create name "$INTERFACE" 2>&1 >/dev/null)"; then + local cmd="ifconfig wg create name "$INTERFACE"" + if [[ $IS_ASESCURITY_ON == 1 ]]; then + cmd="amneziawg-go "$INTERFACE""; + fi + if ret="$(cmd $cmd 2>&1 >/dev/null)"; then return 0 fi rc=$? @@ -125,7 +142,7 @@ add_if() { return $rc fi echo "[!] Missing WireGuard kernel support ($ret). Falling back to slow userspace implementation." >&3 - cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" "$INTERFACE" + cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-amneziawg-go}" "$INTERFACE" } del_routes() { @@ -154,8 +171,8 @@ del_routes() { del_if() { [[ $HAVE_SET_DNS -eq 0 ]] || unset_dns - if [[ -S /var/run/wireguard/$INTERFACE.sock ]]; then - cmd rm -f "/var/run/wireguard/$INTERFACE.sock" + if [[ -S /var/run/amneziawg/$INTERFACE.sock ]]; then + cmd rm -f "/var/run/amneziawg/$INTERFACE.sock" else cmd ifconfig "$INTERFACE" destroy fi @@ -484,4 +501,4 @@ else exit 1 fi -exit 0 +exit 0 \ No newline at end of file diff --git a/src/wg-quick/linux.bash b/src/wg-quick/linux.bash index ab5748e..f503b5e 100755 --- a/src/wg-quick/linux.bash +++ b/src/wg-quick/linux.bash @@ -40,7 +40,7 @@ die() { parse_options() { local interface_section=0 line key value stripped v CONFIG_FILE="$1" - [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] && CONFIG_FILE="/etc/amnezia/$CONFIG_FILE.conf" + [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] && CONFIG_FILE="/etc/amnezia/amneziawg/$CONFIG_FILE.conf" [[ -e $CONFIG_FILE ]] || die "\`$CONFIG_FILE' does not exist" [[ $CONFIG_FILE =~ (^|/)([a-zA-Z0-9_=+.-]{1,15})\.conf$ ]] || die "The config file must be a valid interface name, followed by .conf" CONFIG_FILE="$(readlink -f "$CONFIG_FILE")" @@ -91,7 +91,7 @@ add_if() { ret=$? [[ -e /sys/module/amneziawg ]] || ! command -v "${WG_QUICK_USERSPACE_IMPLEMENTATION:-amneziawg-go}" >/dev/null && exit $ret echo "[!] Missing WireGuard (Amnezia VPN) kernel module. Falling back to slow userspace implementation." >&2 - cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" "$INTERFACE" + cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-amneziawg-go}" "$INTERFACE" fi } diff --git a/src/wg-quick/openbsd.bash b/src/wg-quick/openbsd.bash index b58ecf5..502cc9a 100755 --- a/src/wg-quick/openbsd.bash +++ b/src/wg-quick/openbsd.bash @@ -27,6 +27,7 @@ SAVE_CONFIG=0 CONFIG_FILE="" PROGRAM="${0##*/}" ARGS=( "$@" ) +IS_ASESCURITY_ON=0 cmd() { echo "[#] $*" >&3 @@ -41,7 +42,7 @@ die() { parse_options() { local interface_section=0 line key value stripped CONFIG_FILE="$1" - [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] && CONFIG_FILE="/etc/wireguard/$CONFIG_FILE.conf" + [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] && CONFIG_FILE="/etc/amnezia/amneziawg/$CONFIG_FILE.conf" [[ -e $CONFIG_FILE ]] || die "\`$CONFIG_FILE' does not exist" [[ $CONFIG_FILE =~ (^|/)([a-zA-Z0-9_=+.-]{1,15})\.conf$ ]] || die "The config file must be a valid interface name, followed by .conf" CONFIG_FILE="$(readlink -f "$CONFIG_FILE")" @@ -68,6 +69,17 @@ parse_options() { PostDown) POST_DOWN+=( "$value" ); continue ;; SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;; esac + case "$key" in + Jc);& + Jmin);& + Jmax);& + S1);& + S2);& + H1);& + H2);& + H3);& + H4) IS_ASESCURITY_ON=1;; + esac fi WG_CONFIG+="$line"$'\n' done < "$CONFIG_FILE" @@ -106,14 +118,19 @@ add_if() { while true; do local -A existing_ifs="( $(wg show interfaces | sed 's/\([^ ]*\)/[\1]=1/g') )" local index ret - for ((index=0; index <= 2147483647; ++index)); do [[ -v existing_ifs[wg$index] ]] || break; done - if ret="$(cmd ifconfig wg$index create description "wg-quick: $INTERFACE" 2>&1)"; then - REAL_INTERFACE="wg$index" - return 0 + if [[ $IS_ASESCURITY_ON == 1 ]]; then + cmd "amneziawg-go "$INTERFACE""; + return $? + else + for ((index=0; index <= 2147483647; ++index)); do [[ -v existing_ifs[wg$index] ]] || break; done + if ret="$(cmd ifconfig wg$index create description "wg-quick: $INTERFACE" 2>&1)"; then + REAL_INTERFACE="wg$index" + return 0 + fi + [[ $ret == *"ifconfig: SIOCIFCREATE: File exists"* ]] && continue + echo "$ret" >&3 + return 1 fi - [[ $ret == *"ifconfig: SIOCIFCREATE: File exists"* ]] && continue - echo "$ret" >&3 - return 1 done } @@ -478,4 +495,4 @@ else exit 1 fi -exit 0 +exit 0 \ No newline at end of file