Skip to content

Commit

Permalink
Issue #322: Removed meek-azure bridge, which will stop working soon.
Browse files Browse the repository at this point in the history
  • Loading branch information
tladesignz committed Apr 6, 2021
1 parent 4b53359 commit 21bc184
Show file tree
Hide file tree
Showing 6 changed files with 135 additions and 134 deletions.
240 changes: 115 additions & 125 deletions OnionBrowser/Migration/Migration.swift
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/*
* Onion Browser
* Copyright (c) 2012-2018, Tigas Ventures, LLC (Mike Tigas)
* Copyright (c) 2012-2021, Tigas Ventures, LLC (Mike Tigas)
*
* This file is part of Onion Browser. See LICENSE file for redistribution terms.
*/
Expand All @@ -15,153 +15,143 @@ class Migration: NSObject {
.strict,
.blockXhr,
.open
]
]

/**
Migrates bookmarks, bridge settings and miscelaneous other settings of version 1.x to 2.x.
*/
@objc class func migrate() {
let settings = UserDefaults.standard
/**
Migrates bookmarks, bridge settings and miscelaneous other settings of version 1.x to 2.x.
*/
@objc class func migrate() {
let settings = UserDefaults.standard

let storeUrl = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask).last?
.appendingPathComponent("Settings.sqlite")
let storeUrl = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask).last?
.appendingPathComponent("Settings.sqlite")

var isReachable = try? storeUrl?.checkResourceIsReachable()
var isReachable = try? storeUrl?.checkResourceIsReachable()

// Check, if CoreData SQLite file is there, if so migrate bookmarks and bridge settings.
if isReachable ?? false {
// Check, if CoreData SQLite file is there, if so migrate bookmarks and bridge settings.
if isReachable ?? false {

// Initialize CoreData.
if let mom = NSManagedObjectModel.mergedModel(from: nil) {
let psc = NSPersistentStoreCoordinator(managedObjectModel: mom)
// Initialize CoreData.
if let mom = NSManagedObjectModel.mergedModel(from: nil) {
let psc = NSPersistentStoreCoordinator(managedObjectModel: mom)

let moc = NSManagedObjectContext(concurrencyType: .mainQueueConcurrencyType)
moc.persistentStoreCoordinator = psc
let moc = NSManagedObjectContext(concurrencyType: .mainQueueConcurrencyType)
moc.persistentStoreCoordinator = psc

let store = try? psc.addPersistentStore(ofType: NSSQLiteStoreType,
configurationName: nil,
at: storeUrl,
options: nil)
let store = try? psc.addPersistentStore(ofType: NSSQLiteStoreType,
configurationName: nil,
at: storeUrl,
options: nil)

// Migrate bridges. Needs to be done in the main thread, otherwise it's too late.
let request = NSFetchRequest<Bridge>.init(entityName: "Bridge")
let oldBridges = try? moc.fetch(request)
// Migrate bridges. Needs to be done in the main thread, otherwise it's too late.
let request = NSFetchRequest<Bridge>.init(entityName: "Bridge")
let oldBridges = try? moc.fetch(request)

if (oldBridges?.count ?? 0) > 0 {
// Don't show intro to bridge users - otherwise these settings are lost.
if (oldBridges?.count ?? 0) > 0 {
// Don't show intro to bridge users - otherwise these settings are lost.
Settings.didIntro = true

// Detect default Meek bridges.
if oldBridges!.count == 1 {
let ob = oldBridges![0];
var newBridges = [String]()

if ob.conf == OnionManager.meekAzureBridge.first {
Settings.currentlyUsedBridges = .meekazure
}
}
else {
var newBridges = [String]()
for ob in oldBridges! {
newBridges.append(ob.conf)
}

for ob in oldBridges! {
newBridges.append(ob.conf)
}
Settings.currentlyUsedBridges = .custom
Settings.customBridges = newBridges

Settings.currentlyUsedBridges = .custom
Settings.customBridges = newBridges
}
settings.synchronize()
}

settings.synchronize()
}
// Jump into a background thread to do the rest of the migration.
DispatchQueue.global(qos: .background).async {
// Migrate bookmarks.
let request = NSFetchRequest<OldBookmark>.init(entityName: "Bookmark")
request.sortDescriptors = [NSSortDescriptor.init(key: "order", ascending: true)]

// Jump into a background thread to do the rest of the migration.
DispatchQueue.global(qos: .background).async {
// Migrate bookmarks.
let request = NSFetchRequest<OldBookmark>.init(entityName: "Bookmark")
request.sortDescriptors = [NSSortDescriptor.init(key: "order", ascending: true)]

if let oldBookmarks = try? moc.fetch(request) {
for ob in oldBookmarks {
if let oldBookmarks = try? moc.fetch(request) {
for ob in oldBookmarks {
Bookmark.add(ob.title, ob.url).acquireIcon {
Bookmark.store()
}
}

Bookmark.store()
}

// Remove old CoreData storage.
do {
if store != nil {
try moc.persistentStoreCoordinator?.remove(store!)
}

try FileManager.default.removeItem(at: storeUrl!)
} catch {
// This should not happen.
// Can't do anything now. We tried...
}
}
}
}

let settingsUrl = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask)
.last?.appendingPathComponent("Settings.plist")

isReachable = try? settingsUrl?.checkResourceIsReachable()

// Check, if Settings.plist file is there, if so, migrate some, which apply to Endless, too.
if isReachable ?? false {
DispatchQueue.global(qos: .background).async {
if let raw = FileManager.default.contents(atPath: settingsUrl!.path) {
let oldSettings = try? PropertyListSerialization.propertyList(
from: raw,
options: .mutableContainersAndLeaves,
format: nil)
as? [String: Any]

// Do-Not-Track header.
if let dnt = oldSettings?["dnt"] as? Int
{
// 1.X had 3 settings: 0 = unset, 1 = cantrack, 2 = notrack
// Endless has only two options "send_dnt" true or false.
// Translation table: 0 => false, 1 => false, 2 => true
}

Bookmark.store()
}

// Remove old CoreData storage.
do {
if store != nil {
try moc.persistentStoreCoordinator?.remove(store!)
}

try FileManager.default.removeItem(at: storeUrl!)
} catch {
// This should not happen.
// Can't do anything now. We tried...
}
}
}
}

let settingsUrl = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask)
.last?.appendingPathComponent("Settings.plist")

isReachable = try? settingsUrl?.checkResourceIsReachable()

// Check, if Settings.plist file is there, if so, migrate some, which apply to Endless, too.
if isReachable ?? false {

DispatchQueue.global(qos: .background).async {
if let raw = FileManager.default.contents(atPath: settingsUrl!.path) {
let oldSettings = try? PropertyListSerialization.propertyList(
from: raw,
options: .mutableContainersAndLeaves,
format: nil)
as? [String: Any]

// Do-Not-Track header.
if let dnt = oldSettings?["dnt"] as? Int
{
// 1.X had 3 settings: 0 = unset, 1 = cantrack, 2 = notrack
// Endless has only two options "send_dnt" true or false.
// Translation table: 0 => false, 1 => false, 2 => true
Settings.sendDnt = dnt == 2
}
}

// Content security policy setting. For legacy reasons named "javascript".
if let csp = oldSettings?["javascript"] as? Int {
// From the 1.X sources:
// #define CONTENTPOLICY_STRICT 0 // Blocks nearly every CSP type
// #define CONTENTPOLICY_BLOCK_CONNECT 1 // Blocks `connect-src` (XHR, CORS, WebSocket)
// #define CONTENTPOLICY_PERMISSIVE 2 // Allows all content (DANGEROUS: websockets leak outside tor)
// Content security policy setting. For legacy reasons named "javascript".
if let csp = oldSettings?["javascript"] as? Int {
// From the 1.X sources:
// #define CONTENTPOLICY_STRICT 0 // Blocks nearly every CSP type
// #define CONTENTPOLICY_BLOCK_CONNECT 1 // Blocks `connect-src` (XHR, CORS, WebSocket)
// #define CONTENTPOLICY_PERMISSIVE 2 // Allows all content (DANGEROUS: websockets leak outside tor)

let hs = HostSettings.forDefault()
hs.contentPolicy = cspTranslation[csp]
hs.save().store()
}

// Minimal TLS version. Only the "1.2 only" setting will be migrated, as
// the "SSL v3" setting is not supported in Endless.
if let tlsver = oldSettings?["tlsver"] as? Int {
// From the 1.X sources:
// #define X_TLSVER_ANY 0
// #define X_TLSVER_TLS1 1
// #define X_TLSVER_TLS1_2_ONLY 2

if tlsver == 2 {
Settings.tlsVersion = .tls12
}
}
}

do {
try FileManager.default.removeItem(at: settingsUrl!)
} catch {
// This should not happen.
// Can't do anything now. We tried...
}
}
}
}
}

// Minimal TLS version. Only the "1.2 only" setting will be migrated, as
// the "SSL v3" setting is not supported in Endless.
if let tlsver = oldSettings?["tlsver"] as? Int {
// From the 1.X sources:
// #define X_TLSVER_ANY 0
// #define X_TLSVER_TLS1 1
// #define X_TLSVER_TLS1_2_ONLY 2

if tlsver == 2 {
Settings.tlsVersion = .tls12
}
}
}

do {
try FileManager.default.removeItem(at: settingsUrl!)
} catch {
// This should not happen.
// Can't do anything now. We tried...
}
}
}
}
}
12 changes: 7 additions & 5 deletions OnionBrowser/OnionManager.swift
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
// OnionManager.swift
// OnionBrowser2
//
// Copyright (c) 2012-2020, Tigas Ventures, LLC (Mike Tigas)
// Copyright (c) 2012-2021, Tigas Ventures, LLC (Mike Tigas)
//
// This file is part of Onion Browser. See LICENSE file for redistribution terms.
//
Expand Down Expand Up @@ -94,6 +94,12 @@ class OnionManager : NSObject {

static let obfs4Bridges = NSArray(contentsOfFile: Bundle.main.path(forResource: "obfs4-bridges", ofType: "plist")!) as! [String]

/**
Don't use anymore: Microsoft announced to start blocking domain fronting!

[Microsoft: Securing our approach to domain fronting within Azure](https://www.microsoft.com/security/blog/2021/03/26/securing-our-approach-to-domain-fronting-within-azure/)
*/
@available(*, deprecated)
static let meekAzureBridge = [
"meek_lite 0.0.2.0:3 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com"
]
Expand Down Expand Up @@ -501,10 +507,6 @@ class OnionManager : NSObject {
startObfs4proxy()
return OnionManager.obfs4Bridges

case .meekazure:
startObfs4proxy()
return OnionManager.meekAzureBridge

case .snowflake:
startSnowflake()
return OnionManager.snowflakeBridge
Expand Down
5 changes: 2 additions & 3 deletions OnionBrowser/Settings/BridgeConfViewController.swift
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ BridgeConfDelegate {
"",
String(format: NSLocalizedString("%1$@ %2$@ makes your traffic appear \"random\".",
comment: ""), "\u{2022}", "obfs4"),
String(format: NSLocalizedString("%1$@ %2$@ makes your traffic pose as traffic to a Microsoft website.",
comment: ""), "\u{2022}", "meek-azure"),
String(format: NSLocalizedString("%1$@ %2$@ makes your traffic look like a phone call to a random user on the net.",
comment: ""), "\u{2022}", "snowflake"),
"",
NSLocalizedString("If one type of bridge does not work, try using a different one.",
comment: "")
Expand Down Expand Up @@ -76,7 +76,6 @@ BridgeConfDelegate {
let bridges: [Settings.BridgesType: String] = [
.none: NSLocalizedString("No Bridges", comment: ""),
.obfs4: String(format: NSLocalizedString("Built-in %@", comment: ""), "obfs4"),
.meekazure: String(format: NSLocalizedString("Built-in %@", comment: ""), "meek-azure"),
.snowflake: String(format: NSLocalizedString("Built-in %@", comment: ""), "snowflake"),
.custom: NSLocalizedString("Custom Bridges", comment: ""),
]
Expand Down
12 changes: 11 additions & 1 deletion OnionBrowser/Settings/Settings.swift
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,18 @@ class Settings: NSObject {
enum BridgesType: Int {
case none = 0
case obfs4 = 1

@available(*, deprecated)
case meekamazon = 2 // Legacy. Retaining this number for future use if meek-amazon comes back.
case meekazure = 3

/**
Don't use anymore: Microsoft announced to start blocking domain fronting!

[Microsoft: Securing our approach to domain fronting within Azure](https://www.microsoft.com/security/blog/2021/03/26/securing-our-approach-to-domain-fronting-within-azure/)
*/
@available(*, deprecated)
case meekazure = 3 // Legacy. Retaining this number for future use if meek-azure comes back.

case snowflake = 4
case custom = 99
}
Expand Down
Binary file modified Resources/Base.lproj/Localizable.strings
Binary file not shown.
Binary file modified Resources/de.lproj/Localizable.strings
Binary file not shown.

0 comments on commit 21bc184

Please sign in to comment.