diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2018-05-22 10:49:52 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2018-05-22 10:49:52 +0200 |
| commit | 3b7a575d939213f3e147eaa61564146220aeef4b (patch) | |
| tree | 4bacecd68b7397416047aa943d8d607c40a9bac9 | |
| parent | 3263fa23db90981cc59115291e141336764be938 (diff) | |
| parent | df11d791a4faf16957e92a58df66c32d2292f758 (diff) | |
| download | mullvadvpn-3b7a575d939213f3e147eaa61564146220aeef4b.tar.xz mullvadvpn-3b7a575d939213f3e147eaa61564146220aeef4b.zip | |
Merge branch 'bundle-static-openvpn'
| -rw-r--r-- | .gitmodules | 6 | ||||
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | README.md | 12 | ||||
| m--------- | client-binaries | 0 | ||||
| m--------- | dist-assets/binaries | 0 | ||||
| -rw-r--r-- | electron-builder.yml | 6 | ||||
| -rw-r--r-- | mullvad-daemon/src/main.rs | 5 | ||||
| -rw-r--r-- | talpid-core/src/process/openvpn.rs | 6 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/mod.rs | 137 |
9 files changed, 84 insertions, 92 deletions
diff --git a/.gitmodules b/.gitmodules index b1ae57c19a..89f6d60365 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,6 @@ -[submodule "client-binaries"] - path = client-binaries - url = https://github.com/mullvad/client-binaries.git [submodule "wfpctl/libwfp"] path = wfpctl/libwfp url = https://github.com/mullvad/libwfp.git +[submodule "dist-assets/binaries"] + path = dist-assets/binaries + url = https://github.com/mullvad/mullvadvpn-app-binaries diff --git a/CHANGELOG.md b/CHANGELOG.md index 6d19481398..568865b62f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -48,6 +48,8 @@ Line wrap the file at 100 chars. Th - Improve account token hint to be the same length as an expected token. - Update `problem-report` binary to automatically collect log files in predefined known Mullvad log directories. +- Replaced previously bundled OpenVPN 2.4.4 with statically linked 2.4.6 version containing + Mullvad patches for faster connect and other improvements. #### macOS - The installer changed from dmg to pkg format. @@ -63,7 +65,7 @@ Line wrap the file at 100 chars. Th - Reduce RPC timeout to Mullvad API server. - Fix OpenVPN warning about usage of AES-256-CBC cipher. - Fix "Out of time" screen status icon position. -- If necessary, create parent directories for RPC connection info file. +- If necessary, create parent directories for RPC connection info file and tunnel log. ## [2018.1] - 2018-03-01 @@ -11,10 +11,14 @@ Support for Linux, Windows, Android and iOS is in the making. ## Checking out the code -This repository contains a submodule, so clone it recursively: +This repository contains submodules, so clone it recursively: ``` git clone --recursive https://github.com/mullvad/mullvadvpn-app.git ``` +Or if you already cloned it non-recursively: +``` +git submodule update --init --recursive +``` ## Install toolchains and dependencies @@ -181,11 +185,13 @@ the version of the app you are going to release. For example `2018.3-beta1` or ` - **main.js** - entry file for background process - **routes.js** - routes configurator - **transitions.js** - transition rules between views -- **client-binaries/** - Git submodule containing binaries shipped with the client. Most notably - the OpenVPN binaries. - **init.js** - entry file for electron, points to compiled **main.js** - **scripts/** - support scripts for development - **test/** - Electron GUI tests +- **dist-assets/** - Icons, binaries and other files used when creating the distributables + - **binaries/** - Git submodule containing binaries bundled with the app. For example the + statically linked OpenVPN binary. See the README in the submodule for details. + - **pkg-scripts/** - Scripts bundled with and executed by the macOS pkg installer ### Building, testing and misc - **build.sh** - Sanity checks the working directory state and then builds release artifacts for diff --git a/client-binaries b/client-binaries deleted file mode 160000 -Subproject 114db9ca1f8f4625e5781274fadc0ea29e32fe4 diff --git a/dist-assets/binaries b/dist-assets/binaries new file mode 160000 +Subproject 2e4068687389a085588558d1edc0a887250fe64 diff --git a/electron-builder.yml b/electron-builder.yml index 1e9eec65ef..8079aa3350 100644 --- a/electron-builder.yml +++ b/electron-builder.yml @@ -42,8 +42,8 @@ mac: to: . - from: ./target/release/libtalpid_openvpn_plugin.dylib to: . - - from: ./client-binaries/mac/include/openvpn - to: ./openvpn-binaries/openvpn + - from: ./dist-assets/binaries/macos/openvpn + to: . pkg: allowAnywhere: false @@ -78,6 +78,8 @@ linux: to: . - from: ./target/release/libtalpid_openvpn_plugin.so to: . + - from: ./dist-assets/binaries/linux/openvpn + to: . deb: fpm: ["--config-files", "/etc/systemd/system/mullvad-daemon.service", diff --git a/mullvad-daemon/src/main.rs b/mullvad-daemon/src/main.rs index af8ad25d9c..8743285a73 100644 --- a/mullvad-daemon/src/main.rs +++ b/mullvad-daemon/src/main.rs @@ -720,9 +720,12 @@ impl Daemon { fn prepare_tunnel_log_file(&self) -> Result<()> { if let Some(ref file) = self.tunnel_log { + if let Some(log_dir) = file.parent() { + fs::create_dir_all(log_dir).chain_err(|| "Unable to create tunnel log dir")?; + } + let mut backup = file.clone(); backup.set_extension("old.log"); - fs::rename(file, backup).unwrap_or_else(|error| { if error.kind() != io::ErrorKind::NotFound { warn!( diff --git a/talpid-core/src/process/openvpn.rs b/talpid-core/src/process/openvpn.rs index 734918853f..bf7d1ef477 100644 --- a/talpid-core/src/process/openvpn.rs +++ b/talpid-core/src/process/openvpn.rs @@ -111,15 +111,15 @@ impl OpenVpnCommand { let mut cmd = duct::cmd(&self.openvpn_bin, self.get_arguments()).unchecked(); // Prevent forwarding the stdio when it's not available. - if atty::is(atty::Stream::Stdin) { + if !atty::is(atty::Stream::Stdin) { cmd = cmd.stdin_null(); } - if atty::is(atty::Stream::Stdout) { + if !atty::is(atty::Stream::Stdout) { cmd = cmd.stdout_null(); } - if atty::is(atty::Stream::Stderr) { + if !atty::is(atty::Stream::Stderr) { cmd = cmd.stderr_null(); } diff --git a/talpid-core/src/tunnel/mod.rs b/talpid-core/src/tunnel/mod.rs index 8ba7ef2740..3c3e9979f2 100644 --- a/talpid-core/src/tunnel/mod.rs +++ b/talpid-core/src/tunnel/mod.rs @@ -5,8 +5,6 @@ use openvpn_plugin::types::OpenVpnPluginEvent; use process::openvpn::OpenVpnCommand; use std::collections::HashMap; -use std::env; -use std::ffi::{OsStr, OsString}; use std::fs; use std::io::{self, Write}; use std::net::Ipv4Addr; @@ -21,33 +19,48 @@ pub mod openvpn; use self::openvpn::{OpenVpnCloseHandle, OpenVpnMonitor}; -mod errors { - error_chain!{ - errors { - /// An error indicating there was an error listening for events from the VPN tunnel. - TunnelMonitoringError { - description("Error while setting up or processing events from the VPN tunnel") - } - /// The OpenVPN plugin was not found. - PluginNotFound { - description("No OpenVPN plugin found") - } - /// There was an error when writing authentication credentials to temporary file. - CredentialsWriteError { - description("Error while writing credentials to temporary file") - } - /// Running on an operating system which is not supported yet. - UnsupportedPlatform { - description("Running on an unsupported operating system") - } - /// This type of VPN tunnel is not supported. - UnsupportedTunnelProtocol { - description("This tunnel protocol is not supported") - } +#[cfg(target_os = "macos")] +const OPENVPN_PLUGIN_FILENAME: &str = "libtalpid_openvpn_plugin.dylib"; +#[cfg(target_os = "linux")] +const OPENVPN_PLUGIN_FILENAME: &str = "libtalpid_openvpn_plugin.so"; +#[cfg(windows)] +const OPENVPN_PLUGIN_FILENAME: &str = "talpid_openvpn_plugin.dll"; + +#[cfg(unix)] +const OPENVPN_BIN_FILENAME: &str = "openvpn"; +#[cfg(windows)] +const OPENVPN_BIN_FILENAME: &str = "openvpn.exe"; + +error_chain!{ + errors { + /// An error indicating there was an error listening for events from the VPN tunnel. + TunnelMonitoringError { + description("Error while setting up or processing events from the VPN tunnel") + } + /// The OpenVPN binary was not found. + OpenVpnNotFound(path: PathBuf) { + description("No OpenVPN binary found") + display("No OpenVPN binary found at {}", path.display()) + } + /// The OpenVPN plugin was not found. + PluginNotFound(path: PathBuf) { + description("No OpenVPN plugin found") + display("No OpenVPN plugin found at {}", path.display()) + } + /// There was an error when writing authentication credentials to temporary file. + CredentialsWriteError { + description("Error while writing credentials to temporary file") + } + /// Running on an operating system which is not supported yet. + UnsupportedPlatform { + description("Running on an unsupported operating system") + } + /// This type of VPN tunnel is not supported. + UnsupportedTunnelProtocol { + description("This tunnel protocol is not supported") } } } -pub use self::errors::*; /// Possible events from the VPN tunnel and the child process managing it. @@ -139,7 +152,7 @@ impl TunnelMonitor { user_pass_file.as_ref(), log, resource_dir, - ); + )?; let user_pass_file_path = user_pass_file.to_path_buf(); let on_openvpn_event = move |event, env| { @@ -153,8 +166,11 @@ impl TunnelMonitor { } }; - let monitor = openvpn::OpenVpnMonitor::new(cmd, on_openvpn_event, Self::get_plugin_path()?) - .chain_err(|| ErrorKind::TunnelMonitoringError)?; + let monitor = openvpn::OpenVpnMonitor::new( + cmd, + on_openvpn_event, + Self::get_plugin_path(resource_dir)?, + ).chain_err(|| ErrorKind::TunnelMonitoringError)?; Ok(TunnelMonitor { monitor, _user_pass_file: user_pass_file, @@ -167,8 +183,8 @@ impl TunnelMonitor { user_pass_file: &Path, log: Option<&Path>, resource_dir: &Path, - ) -> OpenVpnCommand { - let mut cmd = OpenVpnCommand::new(Self::get_openvpn_bin(resource_dir)); + ) -> Result<OpenVpnCommand> { + let mut cmd = OpenVpnCommand::new(Self::get_openvpn_bin(resource_dir)?); if let Some(config) = Self::get_config_path(resource_dir) { cmd.config(config); } @@ -180,63 +196,26 @@ impl TunnelMonitor { if let Some(log) = log { cmd.log(log); } - cmd - } - - fn get_openvpn_bin(resource_dir: &Path) -> OsString { - let bin = if cfg!(windows) { - OsStr::new("openvpn.exe") - } else { - OsStr::new("openvpn") - }; - let bundled_path = resource_dir.join("openvpn-binaries").join(bin); - if bundled_path.exists() { - bundled_path.into_os_string() - } else { - warn!("Did not find a bundled version of OpenVPN, will rely on the PATH instead"); - bin.to_os_string() - } + Ok(cmd) } - fn get_plugin_path() -> Result<PathBuf> { - let library = Self::get_library_name().chain_err(|| ErrorKind::PluginNotFound)?; - let mut path = Self::get_executable_dir(); - - path.push(library); - + fn get_openvpn_bin(resource_dir: &Path) -> Result<PathBuf> { + let path = resource_dir.join(OPENVPN_BIN_FILENAME); if path.exists() { - debug!("Using OpenVPN plugin at {}", path.display()); + trace!("Using OpenVPN at {}", path.display()); Ok(path) } else { - Err(ErrorKind::PluginNotFound.into()) + bail!(ErrorKind::OpenVpnNotFound(path)); } } - fn get_executable_dir() -> PathBuf { - match env::current_exe() { - Ok(mut path) => { - path.pop(); - path - } - Err(e) => { - error!( - "Failed finding the install directory. Using working directory: {}", - e - ); - PathBuf::from(".") - } - } - } - - fn get_library_name() -> Result<&'static str> { - if cfg!(target_os = "macos") { - Ok("libtalpid_openvpn_plugin.dylib") - } else if cfg!(unix) { - Ok("libtalpid_openvpn_plugin.so") - } else if cfg!(windows) { - Ok("talpid_openvpn_plugin.dll") + fn get_plugin_path(resource_dir: &Path) -> Result<PathBuf> { + let path = resource_dir.join(OPENVPN_PLUGIN_FILENAME); + if path.exists() { + trace!("Using OpenVPN plugin at {}", path.display()); + Ok(path) } else { - bail!(ErrorKind::UnsupportedPlatform); + bail!(ErrorKind::PluginNotFound(path)); } } |