diff options
author | Parménides GV <parmegv@sdf.org> | 2014-06-18 20:35:58 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2014-06-20 11:48:04 +0200 |
commit | b762eed7b3f9117ec682fc6e44125934dddc8d41 (patch) | |
tree | 9cf1e1b8197141b745b3d1e4d4dde995b70d5e70 | |
parent | 3825bb15d7ff41b8c4266a4f601668e60d54ab29 (diff) |
provider.json is downloaded before ca.crt
We don't assume ca.crt is in /ca.crt anymore, but fetch the complete url
from provider.json.
We also signup against users.json file instead of simple "users", which
worked for *.bitmask.net domains.
3 files changed, 61 insertions, 42 deletions
diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index dd7af633..2029a2f5 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -426,7 +426,7 @@ public class ProviderAPI extends IntentService { parameters.put("user[password_verifier]", password_verifier); Log.d(TAG, server_url); Log.d(TAG, parameters.toString()); - return sendToServer(server_url + "/users", "POST", parameters); + return sendToServer(server_url + "/users.json", "POST", parameters); } /** @@ -538,16 +538,16 @@ public class ProviderAPI extends IntentService { CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; } - if(!CA_CERT_DOWNLOADED) - current_download = downloadCACert(last_provider_main_url, last_danger_on); - if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { - broadcast_progress(progress++); - CA_CERT_DOWNLOADED = true; if(!PROVIDER_JSON_DOWNLOADED) current_download = getAndSetProviderJson(last_provider_main_url, last_danger_on); if(PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { + broadcast_progress(progress++); + PROVIDER_JSON_DOWNLOADED = true; + current_download = downloadCACert(last_danger_on); + + if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { broadcast_progress(progress++); - PROVIDER_JSON_DOWNLOADED = true; + CA_CERT_DOWNLOADED = true; current_download = getAndSetEipServiceJson(); if(current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) { broadcast_progress(progress++); @@ -559,17 +559,25 @@ public class ProviderAPI extends IntentService { return current_download; } - private Bundle downloadCACert(String provider_main_url, boolean danger_on) { + private Bundle downloadCACert(boolean danger_on) { Bundle result = new Bundle(); - String cert_string = downloadWithCommercialCA(provider_main_url + "/ca.crt", danger_on); + try { + JSONObject provider_json = new JSONObject(getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(Provider.KEY, "")); + String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI); + String cert_string = downloadWithCommercialCA(ca_cert_url, danger_on); - if(validCertificate(cert_string) && setting_up_provider) { - getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit(); + if(validCertificate(cert_string) && setting_up_provider) { + getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit(); result.putBoolean(RESULT_KEY, true); - } else { + } else { String reason_to_fail = pickErrorMessage(cert_string); result.putString(ERRORS, reason_to_fail); result.putBoolean(RESULT_KEY, false); + } + } catch (JSONException e) { + String reason_to_fail = formatErrorMessage(R.string.malformed_url); + result.putString(ERRORS, reason_to_fail); + result.putBoolean(RESULT_KEY, false); } return result; diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 216f4261..5326709f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -51,6 +51,7 @@ public final class Provider implements Serializable { SERVICE = "service", KEY = "provider", CA_CERT = "ca_cert", + CA_CERT_URI = "ca_cert_uri", NAME = "name", DESCRIPTION = "description", DOMAIN = "domain", diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index 6d1ff879..a328dacc 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -421,7 +421,7 @@ public class ProviderAPI extends IntentService { parameters.put("user[password_verifier]", password_verifier); Log.d(TAG, server_url); Log.d(TAG, parameters.toString()); - return sendToServer(server_url + "/users", "POST", parameters); + return sendToServer(server_url + "/users.json", "POST", parameters); } /** @@ -530,47 +530,57 @@ public class ProviderAPI extends IntentService { * @param task containing a boolean meaning if the provider is custom or not, another boolean meaning if the user completely trusts this provider, the provider name and its provider.json url. * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if the update was successful. */ - private Bundle setUpProvider(Bundle task) { - int progress = 0; - Bundle current_download = new Bundle(); + private Bundle setUpProvider(Bundle task) { + int progress = 0; + Bundle current_download = new Bundle(); - if(task != null && task.containsKey(Provider.MAIN_URL)) { - last_provider_main_url = task.getString(Provider.MAIN_URL); - CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; - } + if(task != null && task.containsKey(Provider.MAIN_URL)) { + last_provider_main_url = task.getString(Provider.MAIN_URL); + CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; + } - if(!CA_CERT_DOWNLOADED) - current_download = downloadCACert(last_provider_main_url); - if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { - broadcast_progress(progress++); - CA_CERT_DOWNLOADED = true; - if(!PROVIDER_JSON_DOWNLOADED) - current_download = getAndSetProviderJson(last_provider_main_url); - if(PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { - broadcast_progress(progress++); - PROVIDER_JSON_DOWNLOADED = true; - current_download = getAndSetEipServiceJson(); - if(current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) { - broadcast_progress(progress++); - EIP_SERVICE_JSON_DOWNLOADED = true; - } - } + if(!PROVIDER_JSON_DOWNLOADED) + current_download = getAndSetProviderJson(last_provider_main_url); + if(PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { + broadcast_progress(progress++); + PROVIDER_JSON_DOWNLOADED = true; + + if(!CA_CERT_DOWNLOADED) + current_download = downloadCACert(); + if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { + broadcast_progress(progress++); + CA_CERT_DOWNLOADED = true; + current_download = getAndSetEipServiceJson(); + if(current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) { + broadcast_progress(progress++); + EIP_SERVICE_JSON_DOWNLOADED = true; } + } + } - return current_download; + return current_download; } - private Bundle downloadCACert(String provider_main_url) { + private Bundle downloadCACert() { Bundle result = new Bundle(); - String cert_string = downloadWithCommercialCA(provider_main_url + "/ca.crt"); + try { + JSONObject provider_json = new JSONObject(getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(Provider.KEY, "")); + String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI); + String cert_string = downloadWithCommercialCA(ca_cert_url); + result.putBoolean(RESULT_KEY, true); - if(validCertificate(cert_string) && setting_up_provider) { - getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit(); + if(validCertificate(cert_string) && setting_up_provider) { + getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit(); result.putBoolean(RESULT_KEY, true); - } else { + } else { String reason_to_fail = pickErrorMessage(cert_string); result.putString(ERRORS, reason_to_fail); result.putBoolean(RESULT_KEY, false); + } + } catch (JSONException e) { + String reason_to_fail = formatErrorMessage(R.string.malformed_url); + result.putString(ERRORS, reason_to_fail); + result.putBoolean(RESULT_KEY, false); } return result; |