amnezia-vpn · fameowner99 · Jun 16, 2024
diff --git a/client/core/controllers/serverController.cpp b/client/core/controllers/serverController.cpp
@@ -504,6 +504,19 @@ ErrorCode ServerController::startupContainerWorker(const ServerCredentials &cred
     if (e)
         return e;
 
+    if (container == DockerContainer::OpenVpn)
+    {
+        QFile file(":/server_scripts/openvpn/password_auth.sh");
+        file.open(QIODevice::ReadOnly);
+        QString scriptContent = QString(file.readAll());
+        const QString serverScriptPath = "/opt/amnezia/password_auth.sh";
+
+        uploadTextFileToContainer(container, credentials, scriptContent, serverScriptPath);
+        runScript(credentials,
+                  replaceVars(QStringLiteral("sudo docker exec -d $CONTAINER_NAME sh -c \"chmod +rx %1\"").arg(serverScriptPath),
+                              genVarsForScript(credentials, container, config)));
+    }
+
     return runScript(credentials,
                      replaceVars("sudo docker exec -d $CONTAINER_NAME sh -c \"chmod a+x /opt/amnezia/start.sh && "
                                  "/opt/amnezia/start.sh\"",

diff --git a/client/core/scripts_registry.cpp b/client/core/scripts_registry.cpp
@@ -47,6 +47,7 @@ QString amnezia::scriptName(ProtocolScriptType type)
     case ProtocolScriptType::configure_container: return QLatin1String("configure_container.sh");
     case ProtocolScriptType::container_startup: return QLatin1String("start.sh");
     case ProtocolScriptType::openvpn_template: return QLatin1String("template.ovpn");
+    case ProtocolScriptType::openvpn_password_auth: return QLatin1String("password_auth.sh");
     case ProtocolScriptType::wireguard_template: return QLatin1String("template.conf");
     case ProtocolScriptType::awg_template: return QLatin1String("template.conf");
     case ProtocolScriptType::xray_template: return QLatin1String("template.json");

diff --git a/client/core/scripts_registry.h b/client/core/scripts_registry.h
@@ -26,6 +26,7 @@ enum ProtocolScriptType {
     configure_container,
     container_startup,
     openvpn_template,
+    openvpn_password_auth,
     wireguard_template,
     awg_template,
     xray_template

diff --git a/client/resources.qrc b/client/resources.qrc
@@ -43,6 +43,7 @@
         <file>server_scripts/openvpn/template.ovpn</file>
         <file>server_scripts/openvpn/Dockerfile</file>
         <file>server_scripts/openvpn/start.sh</file>
+        <file>server_scripts/openvpn/password_auth.sh</file>
         <file>server_scripts/openvpn_shadowsocks/configure_container.sh</file>
         <file>server_scripts/openvpn_shadowsocks/Dockerfile</file>
         <file>server_scripts/openvpn_shadowsocks/run_container.sh</file>

diff --git a/client/server_scripts/openvpn/password_auth.sh b/client/server_scripts/openvpn/password_auth.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+readarray -t lines < $1
+current_login=${lines[0]}
+current_password=${lines[1]}
+
+credentials_file_path=/opt/amnezia/openvpn/auth_credentials.txt
+
+saved_login=$(awk 'NR==1' $credentials_file_path)
+saved_password=$(awk 'NR==2' $credentials_file_path)
+
+if [ "$current_login" == "$saved_login" ] && [ "$current_password" == "$saved_password" ]; then
+  exit 0
+fi
+exit 1
diff --git a/client/ui/models/protocols/openvpnConfigModel.cpp b/client/ui/models/protocols/openvpnConfigModel.cpp
@@ -34,6 +34,12 @@ bool OpenVpnConfigModel::setData(const QModelIndex &index, const QVariant &value
         break;
     case Roles::AdditionalServerCommandsRole:
         m_protocolConfig.insert(config_key::additional_server_config, value.toString());
+        break;
+    case Roles::AuthLogin:
+
+        break;
+    case Roles::AuthPassword:
+
         break;
     }
 
@@ -72,6 +78,8 @@ QVariant OpenVpnConfigModel::data(const QModelIndex &index, int role) const
     case Roles::IsPortEditable: return m_container == DockerContainer::OpenVpn ? true : false;
     case Roles::IsTransportProtoEditable: return m_container == DockerContainer::OpenVpn ? true : false;
     case Roles::HasRemoveButton: return m_container == DockerContainer::OpenVpn ? true : false;
+    case Roles::AuthLogin:return {};
+    case Roles::AuthPassword: return {};
     }
     return QVariant();
 }
@@ -146,6 +154,8 @@ QHash<int, QByteArray> OpenVpnConfigModel::roleNames() const
     roles[IsTransportProtoEditable] = "isTransportProtoEditable";
 
     roles[HasRemoveButton] = "hasRemoveButton";
+    roles[AuthLogin] = "authLogin";
+    roles[AuthPassword] = "authPassword";
 
     return roles;
 }
diff --git a/client/ui/models/protocols/openvpnConfigModel.h b/client/ui/models/protocols/openvpnConfigModel.h
@@ -26,7 +26,10 @@ class OpenVpnConfigModel : public QAbstractListModel
         IsPortEditable,
         IsTransportProtoEditable,
 
-        HasRemoveButton
+        HasRemoveButton,
+
+        AuthLogin,
+        AuthPassword,
     };
 
     explicit OpenVpnConfigModel(QObject *parent = nullptr);

diff --git a/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml b/client/ui/qml/Pages2/PageProtocolOpenVpnSettings.qml
@@ -426,6 +426,68 @@ PageType {
                             }
                         }
 
+                        SwitcherType {
+                            id: authCredentialsSwitcher
+                            Layout.fillWidth: true
+                            Layout.topMargin: 24
+                            parentFlickable: fl
+
+                            checked: authLogin !== "" && authPassword !== ""
+
+                            text: qsTr("Authentication credentials")
+
+                            onCheckedChanged: {
+                                //if (!checked) {
+                                //    additionalServerCommands = ""
+                                //}
+                            }
+                        }
+
+                        TextFieldWithHeaderType {
+                            id: loginTextField
+
+                            Layout.fillWidth: true
+                            parentFlickable: fl
+
+                            //enabled: isPortEditable
+
+                            headerText: qsTr("Login")
+                            textFieldText: authLogin
+                            //textField.maximumLength: 5
+                            //textField.validator: IntValidator { bottom: 1; top: 65535 }
+
+                            textField.onEditingFinished: {
+                                if (textFieldText !== authLogin) {
+                                    authLogin = textFieldText
+                                }
+                            }
+
+                           // KeyNavigation.tab: autoNegotiateEncryprionSwitcher
+                        }
+
+                        TextFieldWithHeaderType {
+                            id: passwordTextField
+
+                            Layout.fillWidth: true
+                            Layout.topMargin: 20
+                            parentFlickable: fl
+
+                            //enabled: isPortEditable
+
+                            headerText: qsTr("Password")
+                             textFieldText: authPassword
+                            //textField.maximumLength: 5
+                            //textField.validator: IntValidator { bottom: 1; top: 65535 }
+
+                            textField.onEditingFinished: {
+                                  if (textFieldText !== authPassword) {
+                                      authPassword = textFieldText
+                                 }
+                            }
+
+                            // KeyNavigation.tab: autoNegotiateEncryprionSwitcher
+                        }
+
                         BasicButtonType {
                             id: saveRestartButton
 
@@ -449,6 +511,7 @@ PageType {
                                 InstallController.updateContainer(OpenVpnConfigModel.getConfig())
                             }
                         }
+
                     }
                 }
             }