diff options
author | cyberta <cyberta@riseup.net> | 2023-11-01 03:52:50 +0000 |
---|---|---|
committer | cyberta <cyberta@riseup.net> | 2023-11-01 03:52:50 +0000 |
commit | 85eb52e62b55d4fbe9434b250f3a6cecc70d77ec (patch) | |
tree | e320ddae310ea2fea65f563205e9d75e3839858d | |
parent | d173064257b150b3ac344c2e0fd1f892e85edbbc (diff) | |
parent | cdd18e62f6a6fa0821445068049cb0b1de9e00f9 (diff) |
Merge branch 'last_tweaks_before_release' into 'master'
Last tweaks before release
See merge request leap/bitmask_android!262
-rw-r--r-- | CHANGELOG | 16 | ||||
-rw-r--r-- | app/src/debug/AndroidManifest.xml | 1 | ||||
-rw-r--r-- | app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 3 | ||||
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/base/fragments/EipFragment.java | 9 | ||||
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java | 64 | ||||
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java | 4 | ||||
-rw-r--r-- | app/src/main/res/drawable/cust_setup_button_primary_pressed.xml | 12 | ||||
-rw-r--r-- | app/src/main/res/layout-xlarge/f_about.xml | 9 | ||||
-rw-r--r-- | app/src/main/res/layout/activity_setup.xml | 5 | ||||
-rw-r--r-- | app/src/main/res/layout/f_about.xml | 9 | ||||
-rw-r--r-- | app/src/main/res/layout/f_configure_provider.xml | 6 | ||||
-rw-r--r-- | app/src/main/res/layout/f_motd.xml | 2 | ||||
-rw-r--r-- | app/src/main/res/values-pt-rBR/strings.xml | 5 | ||||
-rw-r--r-- | app/src/main/res/values-sw600dp/dimens.xml | 4 | ||||
-rw-r--r-- | app/src/main/res/values/colors.xml | 3 | ||||
-rw-r--r-- | app/src/main/res/values/dimens.xml | 4 | ||||
-rw-r--r-- | app/src/main/res/values/styles.xml | 2 |
17 files changed, 105 insertions, 53 deletions
@@ -1,3 +1,19 @@ +1.2.0 +features: +* updated openvpn, openssl, tor, snowflake +* encrypted storage +* new provider setup UI +* Support for Android 13 +* enforce TLS 1.3 on all Android versions +* Dns over Https (DoH) during provider setup + +bugfixes: +* fixed possible on-device DoS vulnerability, leading to app crashes +* fixed task hijacking vulnerability (aka. strandhogg) +* fixed memory leaks +* fixed blocking vpn service stopping and notifications disappearing correctly +* disable location selection button if provider only supports 1 location + 1.1.7 new year release #2 bugfixes: * hide debugging entries in settings in releases diff --git a/app/src/debug/AndroidManifest.xml b/app/src/debug/AndroidManifest.xml index c15de426..803284f3 100644 --- a/app/src/debug/AndroidManifest.xml +++ b/app/src/debug/AndroidManifest.xml @@ -28,7 +28,6 @@ android:appCategory="productivity" android:logo="@mipmap/ic_launcher" android:theme="@style/BitmaskTheme"> - > <provider android:name=".LeakCanaryInstaller" android:authorities="${applicationId}.leakcanary-installer" diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 575f1f59..b38eeb14 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -277,6 +277,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac // Always show notification here to avoid problem with startForeground timeout notificationManager.createOpenVpnNotificationChannel(); notificationManager.buildForegroundServiceNotification(EipStatus.getInstance().getLevel(), this::onNotificationBuild); + notificationManager.cancelVoidVpnServiceNotifications(); } @Override @@ -329,7 +330,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac updateShortCutUsage(mProfile); } VpnStatus.setAlwaysOn(false); - + notificationManager.cancelVoidVpnServiceNotifications(); } else { /* The intent is null when we are set as always-on or the service has been restarted. */ Log.d(TAG, "Starting VPN due to isAlwaysOn system settings or app crash."); diff --git a/app/src/main/java/se/leap/bitmaskclient/base/fragments/EipFragment.java b/app/src/main/java/se/leap/bitmaskclient/base/fragments/EipFragment.java index c500b55b..f4e09e62 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/fragments/EipFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/fragments/EipFragment.java @@ -171,11 +171,16 @@ public class EipFragment extends Fragment implements Observer { } restoreFromSavedInstance(savedInstanceState); - locationButton.setOnClickListener(v -> { + if (provider != null && provider.hasGatewaysInDifferentLocations()) { + locationButton.setOnClickListener(v -> { FragmentManagerEnhanced fragmentManager = new FragmentManagerEnhanced(getActivity().getSupportFragmentManager()); Fragment fragment = new GatewaySelectionFragment(); fragmentManager.replace(R.id.main_container, fragment, MainActivity.TAG); - }); + }); + locationButton.setEnabled(true); + } else { + locationButton.setEnabled(false); + } mainButton.setOnClickListener(v -> { handleIcon(); diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java index 53781f52..b32671ae 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -26,6 +26,8 @@ import android.content.Intent; import android.net.VpnService; import android.os.Binder; import android.os.Build; +import android.os.Handler; +import android.os.HandlerThread; import android.os.IBinder; import android.os.ParcelFileDescriptor; import android.system.OsConstants; @@ -44,15 +46,17 @@ import se.leap.bitmaskclient.base.utils.PreferenceHelper; public class VoidVpnService extends VpnService implements Observer, VpnNotificationManager.VpnServiceCallback { static final String TAG = VoidVpnService.class.getSimpleName(); - static ParcelFileDescriptor fd; - static Thread thread; + private ParcelFileDescriptor fd; private final int ALWAYS_ON_MIN_API_LEVEL = Build.VERSION_CODES.N; private static final String STATE_ESTABLISH = "ESTABLISHVOIDVPN"; public static final String NOTIFICATION_CHANNEL_NEWSTATUS_ID = "bitmask_void_vpn_news"; private EipStatus eipStatus; private VpnNotificationManager notificationManager; + private HandlerThread handlerThread; + private Handler handler; private final IBinder binder = new VoidVpnServiceBinder(); + public class VoidVpnServiceBinder extends Binder { VoidVpnService getService() { // Return this instance of LocalService so clients can call public methods @@ -73,33 +77,31 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat eipStatus = EipStatus.getInstance(); eipStatus.addObserver(this); notificationManager = new VpnNotificationManager(this); + handlerThread = new HandlerThread("VoidVpnServiceHandlerThread", Thread.NORM_PRIORITY); + handlerThread.start(); + handler = new Handler(handlerThread.getLooper()); } @Override public int onStartCommand(Intent intent, int flags, int startId) { String action = intent != null ? intent.getAction() : ""; - if (action.equals(EIP_ACTION_START_BLOCKING_VPN)) { - thread = new Thread(new Runnable() { - public void run() { - establishBlockingVpn(); - PreferenceHelper.isAlwaysOnSync(false); - Log.d(TAG, "start blocking vpn profile - always on = false"); - } + handler.removeCallbacksAndMessages(null); + if (EIP_ACTION_START_BLOCKING_VPN.equals(action)) { + handler.post(() -> { + establishBlockingVpn(); + PreferenceHelper.isAlwaysOnSync(false); + Log.d(TAG, "start blocking vpn profile - always on = false"); }); - thread.run(); - } else if (intent == null || action.equals("android.net.VpnService") && Build.VERSION.SDK_INT >= ALWAYS_ON_MIN_API_LEVEL) { + } else if (intent == null || "android.net.VpnService".equals(action) && Build.VERSION.SDK_INT >= ALWAYS_ON_MIN_API_LEVEL) { //only always-on feature triggers this startWithForegroundNotification(); - thread = new Thread(new Runnable() { - public void run() { - establishBlockingVpn(); - PreferenceHelper.isAlwaysOnSync(true); - requestVpnWithLastSelectedProfile(); - Log.d(TAG, "start blocking vpn profile - always on = true"); - } + handler.post(() -> { + establishBlockingVpn(); + PreferenceHelper.isAlwaysOnSync(true); + requestVpnWithLastSelectedProfile(); + Log.d(TAG, "start blocking vpn profile - always on = true"); }); - thread.run(); - } else if (action.equals(EIP_ACTION_STOP_BLOCKING_VPN)) { + } else if (EIP_ACTION_STOP_BLOCKING_VPN.equals(action)) { stop(); } return START_STICKY; @@ -108,32 +110,31 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat @Override public void onRevoke() { super.onRevoke(); - closeFd(); + stop(); } @Override public void onDestroy() { + Log.d(TAG, "onDestroy"); super.onDestroy(); notificationManager.cancelAll(); + eipStatus.deleteObserver(this); } private void stop() { - if (thread != null) { - thread.interrupt(); - } + handlerThread.interrupt(); closeFd(); VpnStatus.updateStateString("NOPROCESS", "BLOCKING VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); stopForeground(true); + stopSelf(); } - public static boolean isRunning() throws NullPointerException { - return thread.isAlive() && fd != null; - } - - private static void closeFd() { + private void closeFd() { try { - if (fd != null) + if (fd != null) { fd.close(); + fd = null; + } } catch (IOException e) { e.printStackTrace(); } @@ -187,8 +188,7 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat if (observable instanceof EipStatus) { eipStatus = (EipStatus) observable; } - - if (thread == null) { + if (handlerThread.isInterrupted() || !handlerThread.isAlive()) { return; } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java index b4d11f26..f32dc240 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java @@ -200,6 +200,10 @@ public class VpnNotificationManager { compatNotificationManager.cancel(VoidVpnService.NOTIFICATION_CHANNEL_NEWSTATUS_ID.hashCode()); } + public void cancelVoidVpnServiceNotifications() { + compatNotificationManager.cancel(VoidVpnService.NOTIFICATION_CHANNEL_NEWSTATUS_ID.hashCode()); + } + @TargetApi(O) public void createVoidVpnNotificationChannel() { diff --git a/app/src/main/res/drawable/cust_setup_button_primary_pressed.xml b/app/src/main/res/drawable/cust_setup_button_primary_pressed.xml index 6fb664d9..69f6e056 100644 --- a/app/src/main/res/drawable/cust_setup_button_primary_pressed.xml +++ b/app/src/main/res/drawable/cust_setup_button_primary_pressed.xml @@ -1,6 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <layer-list xmlns:android="http://schemas.android.com/apk/res/android" > - <item> + <item + android:bottom="@dimen/button_bevel_pressed" + > + <shape android:shape="rectangle" > + <corners android:radius="8dp" /> + <solid android:color="@color/colorPrimary_transparent_dark"/> + </shape> + </item> + <item + android:bottom="@dimen/button_bevel" + > <shape android:shape="rectangle" > <corners android:radius="8dp" /> <padding android:left="8dp" android:right="8dp"/> diff --git a/app/src/main/res/layout-xlarge/f_about.xml b/app/src/main/res/layout-xlarge/f_about.xml index 90a263a0..4e0d7342 100644 --- a/app/src/main/res/layout-xlarge/f_about.xml +++ b/app/src/main/res/layout-xlarge/f_about.xml @@ -6,16 +6,15 @@ android:layout_width="match_parent" android:layout_height="match_parent" android:orientation="vertical" - android:layout_marginLeft="@dimen/stdpadding" - android:layout_marginStart="@dimen/stdpadding" - android:layout_marginEnd="@dimen/stdpadding" - android:layout_marginRight="@dimen/stdpadding" tools:context=".base.MainActivity"> <LinearLayout android:layout_width="match_parent" android:layout_height="wrap_content" - android:orientation="vertical" > + android:orientation="vertical" + android:paddingHorizontal="@dimen/activity_horizontal_margin" + android:paddingVertical="@dimen/activity_vertical_margin" + > <androidx.appcompat.widget.AppCompatTextView android:id="@+id/version" diff --git a/app/src/main/res/layout/activity_setup.xml b/app/src/main/res/layout/activity_setup.xml index 6a2c5209..a63592f4 100644 --- a/app/src/main/res/layout/activity_setup.xml +++ b/app/src/main/res/layout/activity_setup.xml @@ -169,7 +169,8 @@ android:layout_centerVertical="true" android:text="@string/next" tools:visibility="visible" - + android:gravity="top|center_horizontal" + android:paddingTop="@dimen/setup_button_top_padding" /> <androidx.appcompat.widget.AppCompatButton @@ -179,6 +180,8 @@ android:layout_height="wrap_content" android:layout_alignParentStart="true" android:layout_centerVertical="true" + android:gravity="top|center_horizontal" + android:paddingTop="@dimen/setup_button_top_padding" android:text="@string/cancel" android:visibility="gone" tools:visibility="visible" diff --git a/app/src/main/res/layout/f_about.xml b/app/src/main/res/layout/f_about.xml index 190ac758..28f89adf 100644 --- a/app/src/main/res/layout/f_about.xml +++ b/app/src/main/res/layout/f_about.xml @@ -6,16 +6,15 @@ android:layout_width="match_parent" android:layout_height="match_parent" android:orientation="vertical" - android:layout_marginLeft="@dimen/stdpadding" - android:layout_marginStart="@dimen/stdpadding" - android:layout_marginRight="@dimen/stdpadding" - android:layout_marginEnd="@dimen/stdpadding" tools:context=".base.MainActivity"> <LinearLayout android:layout_width="match_parent" android:layout_height="wrap_content" - android:orientation="vertical" > + android:orientation="vertical" + android:paddingHorizontal="@dimen/activity_horizontal_margin" + android:paddingVertical="@dimen/activity_vertical_margin" + > <androidx.appcompat.widget.AppCompatTextView android:id="@+id/version" diff --git a/app/src/main/res/layout/f_configure_provider.xml b/app/src/main/res/layout/f_configure_provider.xml index 5841ee13..644ae7d1 100644 --- a/app/src/main/res/layout/f_configure_provider.xml +++ b/app/src/main/res/layout/f_configure_provider.xml @@ -137,6 +137,7 @@ app:layout_constraintTop_toBottomOf="@id/tv_tor_status" app:layout_constraintStart_toStartOf="parent" android:padding="4dp" + android:layout_marginStart="@dimen/tor_icon_margin_start" android:src="@drawable/ic_tor" /> <androidx.appcompat.widget.AppCompatTextView android:id="@+id/tor_state" @@ -151,7 +152,7 @@ app:layout_constraintEnd_toEndOf="parent" app:layout_constraintStart_toEndOf="@id/tor_icon" app:layout_constraintHorizontal_bias="0" - android:paddingHorizontal="@dimen/stdpadding" + android:paddingHorizontal="@dimen/compact_padding" android:gravity="bottom" tools:text="test 12321 123 \n sdf,sdf,m\nn 123 " android:ellipsize="end" @@ -181,6 +182,7 @@ android:layout_alignParentStart="true" android:layout_marginBottom="@dimen/stdpadding" android:padding="4dp" + android:layout_marginStart="@dimen/snowflake_icon_margin_start" /> <androidx.appcompat.widget.AppCompatTextView android:id="@+id/snowflake_state" @@ -192,7 +194,7 @@ app:layout_constraintEnd_toEndOf="parent" app:layout_constraintHorizontal_bias="0" android:paddingBottom="1dp" - android:paddingHorizontal="@dimen/stdpadding" + android:paddingHorizontal="@dimen/compact_padding" android:fadingEdge="horizontal" android:maxLines="2" android:text="@string/configuring_provider" diff --git a/app/src/main/res/layout/f_motd.xml b/app/src/main/res/layout/f_motd.xml index 6e763c75..2308c62c 100644 --- a/app/src/main/res/layout/f_motd.xml +++ b/app/src/main/res/layout/f_motd.xml @@ -104,7 +104,7 @@ android:layout_alignParentBottom="true" android:src="@drawable/ic_arrow_right" android:background="?attr/selectableItemBackground" - android:text="next" + android:text="@string/next" /> </androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file diff --git a/app/src/main/res/values-pt-rBR/strings.xml b/app/src/main/res/values-pt-rBR/strings.xml index 9d83ff49..c162690f 100644 --- a/app/src/main/res/values-pt-rBR/strings.xml +++ b/app/src/main/res/values-pt-rBR/strings.xml @@ -67,6 +67,9 @@ <string name="authentication_failed_message">Falha na Autenticação</string> <string name="registration_failed_message">Falha no cadastro</string> <string name="eip_status_start_pending">Inicializando conexão</string> + <string name="eip_status_connecting">Conectando VPN</string> + <string name="eip_status_unsecured">Conexão insegura</string> + <string name="eip_status_secured">Conexão segura</string> <string name="eip_cancel_connect_title">Cancelar conexão?</string> <string name="eip_cancel_connect_text">Há uma tentativa de conexão em andamento. Você deseja cancelar?</string> <string name="eip.warning.browser_inconsistency">Desligar conexão VPN? Quando a VPN está desligada, você pode vazar informações pessoais para o seu provedor de internet ou na rede local.</string> @@ -202,4 +205,6 @@ <string name="disabled_while_udp_on">Desabilitado enquanto UDP estiver ligado.</string> <string name="advanced_settings">Configurações avançadas</string> <string name="cancel_connection">Desconectar</string> + <string name="unknown_location">Local desconhecido</string> + <string name="splash_footer">Desenvolvido pela LEAP</string> </resources> diff --git a/app/src/main/res/values-sw600dp/dimens.xml b/app/src/main/res/values-sw600dp/dimens.xml index ad0fae2c..94eab553 100644 --- a/app/src/main/res/values-sw600dp/dimens.xml +++ b/app/src/main/res/values-sw600dp/dimens.xml @@ -16,4 +16,8 @@ <dimen name="donation_reminder_padding">24dp</dimen> <dimen name="setup_bottom_bar">75dp</dimen> + <dimen name="setup_button_top_padding">10dp</dimen> + <dimen name="tor_icon_margin_start">8dp</dimen> + <dimen name="snowflake_icon_margin_start">8dp</dimen> + </resources>
\ No newline at end of file diff --git a/app/src/main/res/values/colors.xml b/app/src/main/res/values/colors.xml index 0ad20a63..84a2d9f0 100644 --- a/app/src/main/res/values/colors.xml +++ b/app/src/main/res/values/colors.xml @@ -3,7 +3,8 @@ <color name="colorPrimary">#ff1b8b</color> <color name="colorPrimaryLight">#FF69B4</color> <color name="colorPrimaryDark">#ef0072</color> - <color name="colorPrimary_transparent">#0B000000</color> + <color name="colorPrimary_transparent">#0D000000</color> + <color name="colorPrimary_transparent_dark">#1F000000</color> <color name="colorBackground">#fffafafa</color> <color name="colorError">#ef9a9a</color> <color name="colorSuccess">#a5d6a7</color> diff --git a/app/src/main/res/values/dimens.xml b/app/src/main/res/values/dimens.xml index edda28c7..94f9339f 100644 --- a/app/src/main/res/values/dimens.xml +++ b/app/src/main/res/values/dimens.xml @@ -42,9 +42,13 @@ <dimen name="toast_bottom_padding">20dp</dimen> <dimen name="button_bevel">3dp</dimen> + <dimen name="button_bevel_pressed">1dp</dimen> <dimen name="button_radius">16dp</dimen> <dimen name="mainbutton_padding">8dp</dimen> <dimen name="donation_reminder_padding">8dp</dimen> <dimen name="setup_bottom_bar">50dp</dimen> + <dimen name="setup_button_top_padding">5dp</dimen> + <dimen name="tor_icon_margin_start">0dp</dimen> + <dimen name="snowflake_icon_margin_start">2dp</dimen> </resources>
\ No newline at end of file diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml index 8ee40614..3a4dbe40 100644 --- a/app/src/main/res/values/styles.xml +++ b/app/src/main/res/values/styles.xml @@ -68,7 +68,7 @@ <item name="android:textColor">@color/color_font_btn</item> </style> - <style name="BitmaskSetupButton" parent="Widget.AppCompat.Button"> + <style name="BitmaskSetupButton" parent="Widget.AppCompat.Button.Borderless"> <item name="android:background">@drawable/cust_setup_button_primary</item> <item name="android:textAllCaps">false</item> <item name="android:height">36dp</item> |