build fixes on windows after cherry-picks

amnezia-vpn · Nov 12, 2024 · 1c6c8a6 · 1c6c8a6
1 parent 5c9895d
commit 1c6c8a6
Show file tree

Hide file tree

Showing 9 changed files with 54 additions and 46 deletions.
diff --git a/client/platforms/windows/daemon/windowsdaemon.cpp b/client/platforms/windows/daemon/windowsdaemon.cpp
@@ -25,6 +25,8 @@
 #include "platforms/windows/windowscommons.h"
 #include "windowsfirewall.h"
 
+#include "core/networkUtilities.h"
+
 namespace {
 Logger logger("WindowsDaemon");
 }
@@ -62,10 +64,10 @@ void WindowsDaemon::prepareActivation(const InterfaceConfig& config, int inetAda
 
 void WindowsDaemon::activateSplitTunnel(const InterfaceConfig& config, int vpnAdapterIndex) {
   if (config.m_vpnDisabledApps.length() > 0) {
-      m_splitTunnelManager.start(m_inetAdapterIndex, vpnAdapterIndex);
-      m_splitTunnelManager.setRules(config.m_vpnDisabledApps);
+      m_splitTunnelManager->start(m_inetAdapterIndex, vpnAdapterIndex);
+      m_splitTunnelManager->excludeApps(config.m_vpnDisabledApps);
   } else {
-      m_splitTunnelManager.stop();
+      m_splitTunnelManager->stop();
   }
 }
 

diff --git a/client/platforms/windows/daemon/windowsdaemon.h b/client/platforms/windows/daemon/windowsdaemon.h
@@ -28,7 +28,7 @@ class WindowsDaemon final : public Daemon {
 
  protected:
   bool run(Op op, const InterfaceConfig& config) override;
-  WireguardUtils* wgutils() const override { return m_wgutils; }
+  WireguardUtils* wgutils() const override { return m_wgutils.get(); }
   DnsUtils* dnsutils() override { return m_dnsutils; }
 
  private:
@@ -42,7 +42,7 @@ class WindowsDaemon final : public Daemon {
 
   int m_inetAdapterIndex = -1;
 
-  WireguardUtilsWindows* m_wgutils = nullptr;
+  std::unique_ptr<WireguardUtilsWindows> m_wgutils;
   DnsUtilsWindows* m_dnsutils = nullptr;
   std::unique_ptr<WindowsSplitTunnel> m_splitTunnelManager;
   QPointer<WindowsFirewall> m_firewallManager;

diff --git a/client/platforms/windows/daemon/windowsfirewall.cpp b/client/platforms/windows/daemon/windowsfirewall.cpp
@@ -13,6 +13,8 @@
 #include <qassert.h>
 #include <stdio.h>
 #include <windows.h>
+#include <Ws2tcpip.h>
+#include "winsock.h"
 
 #include <QApplication>
 #include <QFileInfo>
@@ -26,7 +28,6 @@
 #include "leakdetector.h"
 #include "logger.h"
 #include "platforms/windows/windowsutils.h"
-#include "winsock.h"
 
 #define IPV6_ADDRESS_SIZE 16
 
@@ -51,7 +52,7 @@ constexpr uint8_t MAX_WEIGHT = 15;
 WindowsFirewall* WindowsFirewall::create(QObject* parent) {
   if (s_instance != nullptr) {
     // Only one instance of the firewall is allowed
-    Q_ASSERT(false);
+//    Q_ASSERT(false);
     return s_instance;
   }
   HANDLE engineHandle = nullptr;
@@ -185,7 +186,7 @@ bool WindowsFirewall::enableInterface(int vpnAdapterIndex) {
   FW_OK(allowDHCPTraffic(MED_WEIGHT, "Allow DHCP Traffic"));
   FW_OK(allowHyperVTraffic(MED_WEIGHT, "Allow Hyper-V Traffic"));
   FW_OK(allowTrafficForAppOnAll(getCurrentPath(), MAX_WEIGHT,
-                                "Allow all for Mozilla VPN.exe"));
+                                "Allow all for AmneziaVPN.exe"));
   FW_OK(blockTrafficOnPort(53, MED_WEIGHT, "Block all DNS"));
   FW_OK(
       allowLoopbackTraffic(MED_WEIGHT, "Allow Loopback traffic on device %1"));
@@ -239,7 +240,7 @@ bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) {
 
   // Build the firewall rules for this peer.
   logger.info() << "Enabling traffic for peer"
-                << logger.keys(config.m_serverPublicKey);
+                << config.m_serverPublicKey;
   if (!blockTrafficTo(config.m_allowedIPAddressRanges, LOW_WEIGHT,
                       "Block Internet", config.m_serverPublicKey)) {
     return false;
@@ -284,7 +285,7 @@ bool WindowsFirewall::disablePeerTraffic(const QString& pubkey) {
     return false;
   }
 
-  logger.info() << "Disabling traffic for peer" << logger.keys(pubkey);
+  logger.info() << "Disabling traffic for peer" << pubkey;
   for (const auto& filterID : m_peerRules.values(pubkey)) {
     FwpmFilterDeleteById0(m_sessionHandle, filterID);
     m_peerRules.remove(pubkey, filterID);

diff --git a/client/platforms/windows/daemon/windowssplittunnel.cpp b/client/platforms/windows/daemon/windowssplittunnel.cpp
@@ -302,7 +302,7 @@ bool WindowsSplitTunnel::excludeApps(const QStringList& appPaths) {
   return true;
 }
 
-void WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) {
+bool WindowsSplitTunnel::start(int inetAdapterIndex, int vpnAdapterIndex) {
   // To Start we need to send 2 things:
   // Network info (what is vpn what is network)
   logger.debug() << "Starting SplitTunnel";

diff --git a/client/platforms/windows/daemon/wireguardutilswindows.cpp b/client/platforms/windows/daemon/wireguardutilswindows.cpp
@@ -301,11 +301,11 @@ bool WireguardUtilsWindows::deleteRoutePrefix(const IPAddress& prefix) {
 }
 
 bool WireguardUtilsWindows::addExclusionRoute(const IPAddress& prefix) {
-  return m_routeMonitor.addExclusionRoute(prefix);
+  return m_routeMonitor->addExclusionRoute(prefix);
 }
 
 bool WireguardUtilsWindows::deleteExclusionRoute(const IPAddress& prefix) {
-  return m_routeMonitor.deleteExclusionRoute(prefix);
+  return m_routeMonitor->deleteExclusionRoute(prefix);
 }
 
 bool WireguardUtilsWindows::excludeLocalNetworks(

diff --git a/client/platforms/windows/daemon/wireguardutilswindows.h b/client/platforms/windows/daemon/wireguardutilswindows.h
@@ -44,7 +44,7 @@ class WireguardUtilsWindows final : public WireguardUtils {
   bool addExclusionRoute(const IPAddress& prefix) override;
   bool deleteExclusionRoute(const IPAddress& prefix) override;
 
-  WireguardUtilsWindows::excludeLocalNetworks(const QList<IPAddress>& addresses) override;
+  bool WireguardUtilsWindows::excludeLocalNetworks(const QList<IPAddress>& addresses) override;
 
  signals:
   void backendFailure();

diff --git a/client/platforms/windows/windowsservicemanager.cpp b/client/platforms/windows/windowsservicemanager.cpp
@@ -4,6 +4,7 @@
 
 #include "windowsservicemanager.h"
 
+#include <QApplication>
 #include <QTimer>
 
 #include "Windows.h"
@@ -16,35 +17,44 @@ namespace {
 Logger logger("WindowsServiceManager");
 }
 
-WindowsServiceManager::WindowsServiceManager(LPCWSTR serviceName) {
+WindowsServiceManager::WindowsServiceManager(SC_HANDLE serviceManager,
+                                             SC_HANDLE service)
+    : QObject(qApp), m_serviceManager(serviceManager), m_service(service) {
+  m_timer.setSingleShot(false);
+}
+
+std::unique_ptr<WindowsServiceManager> WindowsServiceManager::open(
+    const QString serviceName) {
+  LPCWSTR service = (const wchar_t*)serviceName.utf16();
+
   DWORD err = NULL;
   auto scm_rights = SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE |
                     SC_MANAGER_QUERY_LOCK_STATUS | STANDARD_RIGHTS_READ;
-  m_serviceManager = OpenSCManager(NULL,  // local computer
-                                   NULL,  // servicesActive database
-                                   scm_rights);
+  auto manager = OpenSCManager(NULL,  // local computer
+                               NULL,  // servicesActive database
+                               scm_rights);
   err = GetLastError();
   if (err != NULL) {
     logger.error() << " OpenSCManager failed code: " << err;
-    return;
+    return {};
   }
   logger.debug() << "OpenSCManager access given - " << err;
 
-  logger.debug() << "Opening Service - "
-                 << QString::fromWCharArray(serviceName);
+  logger.debug() << "Opening Service - " << serviceName;
   // Try to get an elevated handle
-  m_service = OpenService(m_serviceManager,  // SCM database
-                          serviceName,       // name of service
-                          (GENERIC_READ | SERVICE_START | SERVICE_STOP));
+  auto serviceHandle =
+      OpenService(manager,  // SCM database
+                  service,  // name of service
+                  (GENERIC_READ | SERVICE_START | SERVICE_STOP));
   err = GetLastError();
   if (err != NULL) {
+    CloseServiceHandle(manager);
     WindowsUtils::windowsLog("OpenService failed");
-    return;
+    return {};
   }
-  m_has_access = true;
-  m_timer.setSingleShot(false);
 
   logger.debug() << "Service manager execute access granted";
+  return std::make_unique<WindowsServiceManager>(manager, serviceHandle);
 }
 
 WindowsServiceManager::~WindowsServiceManager() {
@@ -85,10 +95,6 @@ bool WindowsServiceManager::startPolling(DWORD goal_state, int max_wait_sec) {
 
 SERVICE_STATUS_PROCESS WindowsServiceManager::getStatus() {
   SERVICE_STATUS_PROCESS serviceStatus;
-  if (!m_has_access) {
-    logger.debug() << "Need read access to get service state";
-    return serviceStatus;
-  }
   DWORD dwBytesNeeded;  // Contains missing bytes if struct is too small?
   QueryServiceStatusEx(m_service,                       // handle to service
                        SC_STATUS_PROCESS_INFO,          // information level
@@ -119,10 +125,6 @@ bool WindowsServiceManager::startService() {
 }
 
 bool WindowsServiceManager::stopService() {
-  if (!m_has_access) {
-    logger.error() << "Need execute access to stop services";
-    return false;
-  }
   auto state = getStatus().dwCurrentState;
   if (state != SERVICE_RUNNING && state != SERVICE_START_PENDING) {
     logger.warning() << ("Service stop not possible, as its not running");

diff --git a/client/platforms/windows/windowsservicemanager.h b/client/platforms/windows/windowsservicemanager.h
@@ -12,15 +12,18 @@
 #include "Winsvc.h"
 
 /**
- * @brief The WindowsServiceManager provides control over the MozillaVPNBroker
+ * @brief The WindowsServiceManager provides control over the a
  * service via SCM
  */
 class WindowsServiceManager : public QObject {
   Q_OBJECT
   Q_DISABLE_COPY_MOVE(WindowsServiceManager)
 
  public:
-  WindowsServiceManager(LPCWSTR serviceName);
+  // Creates a WindowsServiceManager for the Named service.
+  // returns nullptr if
+  static std::unique_ptr<WindowsServiceManager> open(const QString serviceName);
+  WindowsServiceManager(SC_HANDLE serviceManager, SC_HANDLE service);
   ~WindowsServiceManager();
 
   // true if the Service is running
@@ -45,8 +48,6 @@ class WindowsServiceManager : public QObject {
   // See
   // SERVICE_STOPPED,SERVICE_STOP_PENDING,SERVICE_START_PENDING,SERVICE_RUNNING
   SERVICE_STATUS_PROCESS getStatus();
-  bool m_has_access = false;
-  LPWSTR m_serviceName;
   SC_HANDLE m_serviceManager;
   SC_HANDLE m_service;  // Service handle with r/w priv.
   DWORD m_state_target;

diff --git a/ipc/ipcserver.cpp b/ipc/ipcserver.cpp
@@ -35,10 +35,6 @@ int IpcServer::createPrivilegedProcess()
     qDebug() << "IpcServer::createPrivilegedProcess";
 #endif
 
-#ifdef Q_OS_WIN
-    WindowsFirewall::instance()->init();
-#endif
-
     m_localpid++;
 
     ProcessDescriptor pd(this);
@@ -195,7 +191,9 @@ void IpcServer::setLogsEnabled(bool enabled)
 bool IpcServer::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterIndex)
 {
 #ifdef Q_OS_WIN
-    return WindowsFirewall::instance()->enableKillSwitch(vpnAdapterIndex);
+    auto firewallManager = WindowsFirewall::create(this);
+    Q_ASSERT(firewallManager != nullptr);
+    return firewallManager->enableInterface(vpnAdapterIndex);
 #endif
 
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
@@ -282,7 +280,9 @@ bool IpcServer::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterInd
 bool IpcServer::disableKillSwitch()
 {
 #ifdef Q_OS_WIN
-    return WindowsFirewall::instance()->disableKillSwitch();
+    auto firewallManager = WindowsFirewall::create(this);
+    Q_ASSERT(firewallManager != nullptr);
+    return firewallManager->disableKillSwitch();
 #endif
 
 #ifdef Q_OS_LINUX
@@ -347,7 +347,9 @@ bool IpcServer::enablePeerTraffic(const QJsonObject &configStr)
 
     // killSwitch toggle
     if (QVariant(configStr.value(amnezia::config_key::killSwitchOption).toString()).toBool()) {
-        WindowsFirewall::instance()->enablePeerTraffic(config);
+        auto firewallManager = WindowsFirewall::create(this);
+        Q_ASSERT(firewallManager != nullptr);
+        firewallManager->enablePeerTraffic(config);
     }
 
     WindowsDaemon::instance()->prepareActivation(config, inetAdapterIndex);