Skip to content

Commit

Permalink
Merge branch 'change-wireguard-obfuscation-default-to-auto-des-544'
Browse files Browse the repository at this point in the history
  • Loading branch information
@faern
faern committed Feb 28, 2024
2 parents a30c4f9 + 6eb4640 commit 3daced0
Show file tree
Hide file tree
Showing 7 changed files with 317 additions and 11 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ Line wrap the file at 100 chars. Th
### Added
- Add ability to import server IP overrides in GUI.

### Changed
- Change default obfuscation setting to `auto`.
- Migrate obfuscation settings for existing users from `off` to `auto`.

#### Android
- Add support for all screen orientations.
- Add toggle for enabling or disabling split tunneling.
Expand Down
2 changes: 2 additions & 0 deletions mullvad-daemon/src/migrations/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ mod v4;
mod v5;
mod v6;
mod v7;
mod v8;

const SETTINGS_FILE: &str = "settings.json";

Expand Down Expand Up @@ -181,6 +182,7 @@ async fn migrate_settings(
let migration_data = v5::migrate(settings)?;
v6::migrate(settings)?;
v7::migrate(settings)?;
v8::migrate(settings)?;

Ok(migration_data)
}
Expand Down
9 changes: 3 additions & 6 deletions mullvad-daemon/src/migrations/v6.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,15 @@ pub enum QuantumResistantState {

// ======================================================

/// This is an open ended migration. There is no v7 yet!
/// The migrations performed by this function are still backwards compatible.
/// The JSON coming out of this migration can be read by any v6 compatible daemon.
///
/// When further migrations are needed, add them here and if they are not backwards
/// compatible then create v7 and "close" this migration for further modification.
/// This is a closed migration.
///
/// The `use_pq_safe_psk` tunnel option is replaced by `quantum_resistant`, which
/// is optional. `false` is mapped to `None`. `true` is mapped to `Some(true)`.
///
/// Migrate WireGuard over TCP port setting away from Only(443) (to auto),
/// since it's no longer a valid port.
///
/// Migrate location constraints from `GeographicLocationConstraint` to `LocationConstraint`.
pub fn migrate(settings: &mut serde_json::Value) -> Result<()> {
if !version_matches(settings) {
return Ok(());
Expand Down
302 changes: 302 additions & 0 deletions mullvad-daemon/src/migrations/v8.rs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,302 @@
use super::Result;
use mullvad_types::settings::SettingsVersion;

// This migration doesn't vendor any types.

/// This is a closed migraton.
///
/// If `ofuscation_settings.selected_obfuscation` is `off`, set it to `auto`.
pub fn migrate(settings: &mut serde_json::Value) -> Result<()> {
if !version_matches(settings) {
return Ok(());
}

log::info!("Migrating settings format to V9");

migrate_selected_obfuscaton(settings)?;

settings["settings_version"] = serde_json::json!(SettingsVersion::V9);

Ok(())
}

fn migrate_selected_obfuscaton(settings: &mut serde_json::Value) -> Result<()> {
let Some(selected_obfuscation) = settings
.get_mut("obfuscation_settings")
.and_then(|obfuscation_settings| obfuscation_settings.get_mut("selected_obfuscation"))
else {
return Ok(());
};

if selected_obfuscation == "off" {
*selected_obfuscation = "auto".into();
}

Ok(())
}

fn version_matches(settings: &serde_json::Value) -> bool {
settings
.get("settings_version")
.map(|version| version == SettingsVersion::V8 as u64)
.unwrap_or(false)
}

#[cfg(test)]
mod test {
use super::{migrate, migrate_selected_obfuscaton, version_matches};

pub const V8_SETTINGS: &str = r#"
{
"relay_settings": {
"normal": {
"location": {
"only": {
"location": {
"country": "se"
}
}
},
"providers": "any",
"ownership": "any",
"tunnel_protocol": "any",
"wireguard_constraints": {
"port": "any",
"ip_version": "any",
"use_multihop": false,
"entry_location": {
"only": {
"location": {
"country": "se"
}
}
}
},
"openvpn_constraints": {
"port": "any"
}
}
},
"bridge_settings": {
"bridge_type": "normal",
"normal": {
"location": "any",
"providers": "any",
"ownership": "any"
},
"custom": null
},
"obfuscation_settings": {
"selected_obfuscation": "off",
"udp2tcp": {
"port": "any"
}
},
"bridge_state": "auto",
"custom_lists": {
"custom_lists": []
},
"api_access_methods": {
"direct": {
"id": "5b11a427-a06e-4a06-9864-0d3df7402ee4",
"name": "Direct",
"enabled": true,
"access_method": {
"built_in": "direct"
}
},
"mullvad_bridges": {
"id": "bf03faf6-229e-4b1e-a7bd-32e0786ca5cb",
"name": "Mullvad Bridges",
"enabled": true,
"access_method": {
"built_in": "bridge"
}
},
"custom": []
},
"allow_lan": false,
"block_when_disconnected": false,
"auto_connect": false,
"tunnel_options": {
"openvpn": {
"mssfix": null
},
"wireguard": {
"mtu": null,
"quantum_resistant": "auto",
"rotation_interval": null
},
"generic": {
"enable_ipv6": false
},
"dns_options": {
"state": "default",
"default_options": {
"block_ads": false,
"block_trackers": false,
"block_malware": false,
"block_adult_content": false,
"block_gambling": false,
"block_social_media": false
},
"custom_options": {
"addresses": []
}
}
},
"relay_overrides": [],
"show_beta_releases": true,
"settings_version": 8
}
"#;

pub const V9_SETTINGS: &str = r#"
{
"relay_settings": {
"normal": {
"location": {
"only": {
"location": {
"country": "se"
}
}
},
"providers": "any",
"ownership": "any",
"tunnel_protocol": "any",
"wireguard_constraints": {
"port": "any",
"ip_version": "any",
"use_multihop": false,
"entry_location": {
"only": {
"location": {
"country": "se"
}
}
}
},
"openvpn_constraints": {
"port": "any"
}
}
},
"bridge_settings": {
"bridge_type": "normal",
"normal": {
"location": "any",
"providers": "any",
"ownership": "any"
},
"custom": null
},
"obfuscation_settings": {
"selected_obfuscation": "auto",
"udp2tcp": {
"port": "any"
}
},
"bridge_state": "auto",
"custom_lists": {
"custom_lists": []
},
"api_access_methods": {
"direct": {
"id": "5b11a427-a06e-4a06-9864-0d3df7402ee4",
"name": "Direct",
"enabled": true,
"access_method": {
"built_in": "direct"
}
},
"mullvad_bridges": {
"id": "bf03faf6-229e-4b1e-a7bd-32e0786ca5cb",
"name": "Mullvad Bridges",
"enabled": true,
"access_method": {
"built_in": "bridge"
}
},
"custom": []
},
"allow_lan": false,
"block_when_disconnected": false,
"auto_connect": false,
"tunnel_options": {
"openvpn": {
"mssfix": null
},
"wireguard": {
"mtu": null,
"quantum_resistant": "auto",
"rotation_interval": null
},
"generic": {
"enable_ipv6": false
},
"dns_options": {
"state": "default",
"default_options": {
"block_ads": false,
"block_trackers": false,
"block_malware": false,
"block_adult_content": false,
"block_gambling": false,
"block_social_media": false
},
"custom_options": {
"addresses": []
}
}
},
"relay_overrides": [],
"show_beta_releases": true,
"settings_version": 9
}
"#;

#[test]
fn test_v8_to_v9_migration() {
let mut old_settings = serde_json::from_str(V8_SETTINGS).unwrap();

assert!(version_matches(&old_settings));
migrate(&mut old_settings).unwrap();
let new_settings: serde_json::Value = serde_json::from_str(V9_SETTINGS).unwrap();

assert_eq!(&old_settings, &new_settings);
}

/// For obfuscation_settings
/// obfuscation_settings: { selected_obfuscation: "on" } should be not be changed.
#[test]
fn migrate_seleted_obfuscation_from_on() {
let mut migrated_settings: serde_json::Value =
serde_json::from_str(r#"{ "obfuscation_settings": { "selected_obfuscation": "on" } }"#)
.unwrap();
let expected_settings = migrated_settings.clone();

migrate_selected_obfuscaton(&mut migrated_settings).unwrap();

assert_eq!(migrated_settings, expected_settings);
}

/// For obfuscation_settings
/// obfuscation_settings: { selected_obfuscation: "off" } should be replaced with
/// obfuscation_settings: { selected_obfuscation: "auto" }
#[test]
fn migrate_seleted_obfuscation_from_off() {
let mut migrated_settings: serde_json::Value = serde_json::from_str(
r#"{ "obfuscation_settings": { "selected_obfuscation": "off" } }"#,
)
.unwrap();
migrate_selected_obfuscaton(&mut migrated_settings).unwrap();

let expected_settings: serde_json::Value = serde_json::from_str(
r#"{ "obfuscation_settings": { "selected_obfuscation": "auto" } }"#,
)
.unwrap();

assert_eq!(migrated_settings, expected_settings);
}
}
3 changes: 1 addition & 2 deletions mullvad-daemon/src/migrations/vX.rs.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ pub fn migrate(settings: &mut serde_json::Value) -> Result<()> {
Ok(())
}

fn version_matches(settings: &mut serde_json::Value) -> bool {
fn version_matches(settings: &serde_json::Value) -> bool {
settings
.get("settings_version")
// TODO
Expand All @@ -37,7 +37,6 @@ fn version_matches(settings: &mut serde_json::Value) -> bool {
#[cfg(test)]
mod test {
use super::{migrate, version_matches};
use serde_json;

// TODO: Implement tests. Look at other migration modules for inspiration.
}
2 changes: 1 addition & 1 deletion mullvad-types/src/relay_constraints.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -886,8 +886,8 @@ impl BridgeSettings {
#[serde(rename_all = "snake_case")]
#[cfg_attr(feature = "clap", derive(clap::ValueEnum))]
pub enum SelectedObfuscation {
Auto,
#[default]
Auto,
Off,
#[cfg_attr(feature = "clap", clap(name = "udp2tcp"))]
Udp2Tcp,
Expand Down
Loading

0 comments on commit 3daced0

Please sign in to comment.