Commit graph

44 commits

Author SHA1 Message Date
Ian VanSchooten
78640437f1
Update Gradle, replace QR code reader library (#162)
I ran the Gradle Upgrade Assistant to get us on the latest version of gradle, but two of our dependencies didn't support it.

- https://pub.dev/documentation/package_info/latest/
- https://github.com/AmolGangadhare/flutter_barcode_scanner

`pacakge_info` is officially deprecated and replaced by `package_info_plus`, which is what I've swapped to here.

A bigger change was switching to https://github.com/juliansteenbakker/mobile_scanner.  It does seem to work a bit better than the other one, and does not throw an error now when cancelling the QR code collection, as it did before.  I've tested on android in the simulator, and iOS with an actual device.  

To test adding a cert:
1. Create a CA on your computer with `nebula-cert ca -name test-mobile`.  This will create a `ca.crt` and `ca.key`
2. Tap the + button in the mobile app to add a site
3. Tap the "Certificate" row
4. Copy the public key to a file on your computer like `test.pub`
5. Create a signed cert with `nebula-cert sign -name test-mobile -ip 192.168.0.20/24 -in-pub test.pub`
6. Create a QR code for it: `nebula-cert print -out-qr "qr.png" -path ./test-mobile.crt`
7. In Android studio, in the "Running devices" tab, open the simulator's extended controls:  
<img width="509" alt="Android Studio 2024-09-23 13 08 08" src="https://github.com/user-attachments/assets/c1f8288e-374c-457c-942a-4109240102ab">

8. Choose the Camera option, and add the qr code image to the wall of the virtual scene
<img width="679" alt="image" src="https://github.com/user-attachments/assets/bafaa9af-72e4-4444-9704-9876c53c883c">

9. Back in the app, when you choose QR Code and "Scan a QR code`, the virtual scene should open.  Hold shift, then move your mouse to look around.  Turn around 180 degrees, and walk forward into the other room (can go through the walls) using the `w` key.  When you get the QR code into the white border, the scanner should close and apply the certificate settings.  If you use a nonsense QR code, or a QR code with a non-matching key, or a CA QR code, you should get an error message when it scans.

The process for scanning a CA qr code is similar.  

1. Run `nebula-cert print -out-qr "qr-ca.png" -path ./ca.crt`
2. Replace the QR in the extended controls
3. Tap CA when adding a site
4. The rest of the process is the same as above.

iOS is similar, except you'll need to use a real device, as the simulator does not include a virtual scene like Android does.
2024-09-24 07:25:09 -04:00
Ian VanSchooten
64d45f66c7
Update Flutter, target android SDK 34 (#160)
This updates flutter to 3.24.1, the latest stable version, and also updates our flutter dependencies to latest.

It targets the latest android sdk, 34, which is required if we want to publish a new version to the Google Play store.

I also needed to make a few adjustments to handle deprecations. The biggest change is that I needed to wrap the main widget in MaterialApp to avoid problems with AdaptiveSwitch in iOS.
2024-09-20 14:19:23 -04:00
John Maguire
76f0ba17df
Don't use Nebula tunnel for app traffic on Android (#153) 2024-03-07 15:57:26 -05:00
John Maguire
ec1af2974a
Fix encryption errors after restoring to a new phone (#143)
When a user restores to a new phone, their TPM will no longer be able to
decrypt the encrypted credentials.

We have code already in place to delete "invalid" sites, which cleans
these up by removing them.

However, when trying to save a new site, Android continues to try to use
the old keys which are no longer decryptable. So, when saving new
encrypted files, simply reset the crypto keys if we are unable to
encrypt.
2023-12-01 15:26:21 -05:00
John Maguire
693c7b6346
Hide CA expiration errors on managed sites (#128) 2023-05-17 12:10:11 -04:00
John Maguire
cfca253ec1
Disallow some problematic app from the VPN (#126) 2023-05-15 17:10:20 -04:00
John Maguire
4bbd6c01ea
Clarify permissions error w/ Always On VPN (#119) 2023-05-10 16:39:32 -04:00
John Maguire
a5139c4335
Hide QR code scanner on devices without cameras (#101) 2022-11-22 16:50:11 -05:00
John Maguire
17cc3477b7
Make user agent consistent on iOS and Android (#98)
Instead of Nebula/, Nebula-DEBUG/, and NebulaNetworkExtension/, ensure
that the user agent is always MobileNebula/.
2022-11-21 16:58:02 -05:00
John Maguire
4924888879
Don't require android.hardware.camera feature (#97)
flutter_barcode_scanner pulls in this feature but we only need it to be
optional. This should help expand support on Chromebook devices.
2022-11-21 16:05:19 -05:00
John Maguire
a5ec4f5ed5
Allow deletion of managed sites on Android (#94) 2022-11-18 16:18:07 -05:00
John Maguire
974c7a4eed
Refresh Sites when a site is saved (closes #89) (#93)
* Refresh Sites when a site is saved (closes #89)

* Update with iOS side fix
2022-11-18 16:03:52 -05:00
John Maguire
37758d4a01
Request VPN permissions on site start (#92)
Previously VPN permissions were requested when the UI was loaded. If the
user denied the permissions it would have to be force stopped and
reopened to get another permission request grant.

Additionally, when requesting VPN permissions Android will kill any
other running VPN service. This avoids that behavior unless a site is
explicitly started.

Also disables the app from showing up in the "Always On" settings.
2022-11-18 14:34:45 -05:00
John Maguire
9dd5b9cad9
Don't reload Nebula unless config is updated (#91) 2022-11-18 14:27:27 -05:00
John Maguire
e4bbd0a31c
Fix majority of Android Studio warnings (#88) 2022-11-17 16:48:44 -05:00
John Maguire
a5684e1978
Fix share on Android by moving to flutter share lib (#87)
Co-authored-by: Nate Brown <nbrown.us@gmail.com>
2022-11-17 15:46:06 -06:00
John Maguire
c7a53c3905
Support DN host enrollment (#86)
Co-authored-by: Nate Brown <nbrown.us@gmail.com>
2022-11-17 16:43:16 -05:00
John Maguire
5ec6004a9f
Fix crash on Android 9 and below (#81) 2022-11-08 08:08:07 -07:00
John Maguire
552d16bce2
Improvements to NebulaVpnService (#79) 2022-10-31 12:49:38 -06:00
Nate Brown
d8e90a1b4b
Support older versions of android to include chromeos (#76) 2022-10-26 09:57:07 -05:00
Nate Brown
b29661abff
Automated build and release (#71) 2022-10-03 15:30:39 -05:00
Nate Brown
dbe67c2f81
Upgrade to flutter 3 (#70)
Co-authored-by: John Maguire <contact@johnmaguire.me>
2022-09-21 15:27:35 -05:00
Nate Brown
e3780bda1e
Show a message on android if permissions were denied (#65) 2022-08-05 16:42:31 -05:00
Nate Brown
958b15d711
Allow import of private key, make it so key material isn't removed when navigating off the add a cert page (#64) 2022-08-05 16:42:17 -05:00
Nate Brown
457952b5ed
Rebind against nebula 1.6 for relays, modernize build (#63) 2022-08-04 19:39:46 -05:00
John Maguire
145a6c9b4f
Mark VPN as unmetered (#53) 2022-01-11 12:09:51 -05:00
John Maguire
47865d568b
Fix DNS over mobile networks on Android (#40)
I think this closes the loop on DNS issues I was experiencing.
Previously, after starting Nebula, DNS would work until you switched
networks (e.g. from mobile to WiFi or vice-versa). This was fixed by
removing some explicit DNS server sets in commit
a283bf8010. This casued DNS to work in
`adb shell` even after toggling networks.

However, it did not actually fix the problem for Android applications.
The new behavior is that they would work while on WiFi, but fail on a
mobile network.

To quote Android docs:

> Allows traffic from the specified address family. By default, if no
> address, route or DNS server of a specific family (IPv4 or IPv6) is
> added to this VPN, then all outgoing traffic of that family is blocked.
> If any address, route or DNS server is added, that family is allowed.
> This method allows an address family to be unblocked even without adding
> an address, route or DNS server of that family. Traffic of that family
> will then typically fall-through to the underlying network if it's
> supported. family must be either AF_INET (for IPv4) or AF_INET6 (for
> IPv6). IllegalArgumentException is thrown if it's neither.

In my case, my home network supports only IPv4 while my mobile network
uses DNS over IPv6. Since my Nebula routes are IPv4-only, IPv6 traffic
stopped working, and DNS requests failed.
2021-05-10 16:16:21 -04:00
Nate Brown
0bb2a30829
Support replacing certs (#33) 2021-05-03 15:16:00 -05:00
Nate Brown
a283bf8010
Remove setting dns as it seems to be unnecessary (#35) 2021-05-03 14:44:13 -05:00
John Maguire
3194028a78
Unregister network callback on stop (Android) (#34)
Previously when `stopVpn()` was called, it was possible for the network
change callback to fire while we were in the middle of shutting down.
This commit unregisters the network change callback before telling
Nebula to shutdown.
2021-05-03 14:58:09 -04:00
John Maguire
1d044a1e36
Fix state when connection toggle is tapped twice (#16)
Fixes #15. When tapping the toggle in rapid succession,
`NebulaVpnService.onStartCommand` is called twice, in serial.  This
method includes logic to show an error to the user if they somehow
attempt to connect to a service while already connected.

However, this method of showing an error message (calling
`announceExit`) sends a signal to `MainActivity` telling it the service
has exited, and that it should set the UI state to "Disconnected." It
does not actually disconnect the service at this point, resulting in a
state mismatch in which you cannot actually disconnect the service.

The solution in this commit is to remove this signalling and simply
return out of `onStartCommand` to avoid processing the start request
twice if the site is already running.
2021-05-03 14:56:21 -04:00
John Maguire
3123ce5f9a
Let Android install debug & release APKs side-by-side (#31) 2021-04-29 16:13:13 -04:00
Nate Brown
a7c32f5bd4
Kotlin active site race on boot fix (#29) 2021-04-29 10:17:43 -05:00
Nathan Brown
4cad646a7c
Disable sleep/wake detection on android (#27) 2021-04-23 16:54:48 -05:00
Nathan Brown
1283ce30e9
IPV6 support (#24) 2021-04-23 16:23:06 -05:00
John Maguire
b2c674d65a Minor tweaks for a clean build
- Updated README with some maybe-helpful instructions for downgrading
  flutter to a version that will build the project
- Added a step to create a missing directory to the Gradle build
  (otherwise the build fails)
- Set `shrinkResources false` - otherwise you get an error that you
  can't shrink resources unless you also enable minifying
2021-04-22 18:46:16 -04:00
Nate Brown
33f73b8ea0 Tweak android icon 2020-09-25 10:47:10 -05:00
Nate Brown
a01b22fcfe Update icon 2020-09-24 16:24:04 -05:00
Nate Brown
0fd4d8d7fc Intercept copy to clipboard on chromeos and inject our file contents into the clipboard 2020-08-31 18:33:25 -05:00
Nate Brown
38389e99d4 Better share functionality 2020-08-18 17:26:06 -05:00
Nate Brown
646550575d Fix share on ipad, improve share file names 2020-08-17 19:12:28 -05:00
Nate Brown
1a4cbceda0 Run check config on app boot, fix early error reporting on android 2020-08-17 11:56:15 -05:00
Nate Brown
9acc4b74ec Update icons and proper case name 2020-08-04 10:35:33 -05:00
Nate Brown
b546dd1c9d Initial commit 2020-07-27 15:43:58 -05:00