summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2012-05-13 23:00:27 +0200
committerArne Schwabe <arne@rfc2549.org>2012-05-13 23:00:27 +0200
commit1f490292a90ab16c24231fc3965771387bbbed05 (patch)
tree949176b4c5ddd26d2ca3089e2a9900ce2240c10d
parent048094fa587dbb0bef8ce1443936528e3912eb2e (diff)
If you think having cought all things that are broken in images one images tries harder to break things...
-rw-r--r--res/values/strings.xml4
-rw-r--r--src/de/blinkt/openvpn/Settings_Basic.java96
2 files changed, 57 insertions, 43 deletions
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 9b0c8f23..85ed7620 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -214,5 +214,7 @@
<string name="import_configuration_file">Import configuration file</string>
<string name="faq_security_title">Security considerations</string>
<string name="faq_security">"As openvpn is security sensitive a few notes about security are sensible. All data on the sdcard is inherently unsecure. Every app can read it (for example this program requires no special sd card rights). The data of this application can only be read by the application itself. By using the import option for cacert/cert/key in the file dialog the data is stored in the vpn profile. The vpn profiles are only accessable by this application. (Do not forget to delte the copies on the sdcard afterwards). Even though accessible only by this application the data is stil unecrypted. By rooting the telephone or other exploits it may be possible to retrieve the data. Saved passwords are stored in plain text as well. For pkcs12 files it is highly recommended that you import them into the android keystore."</string>
- <string name="import_vpn">Import</string>
+ <string name="import_vpn">Import</string>
+ <string name="broken_image_cert_title">Error showing certificate selection</string>
+ <string name="broken_image_cert">Got an excption trying to show the Android 4.0+ certificate selction dialog. This should never happens as this a standard feature of Android 4.0+. Maybe your Android ROM support for certificate storage is broken</string>
</resources>
diff --git a/src/de/blinkt/openvpn/Settings_Basic.java b/src/de/blinkt/openvpn/Settings_Basic.java
index 00663173..6e829228 100644
--- a/src/de/blinkt/openvpn/Settings_Basic.java
+++ b/src/de/blinkt/openvpn/Settings_Basic.java
@@ -19,7 +19,10 @@ package de.blinkt.openvpn;
import java.util.HashMap;
import android.app.Activity;
+import android.app.AlertDialog;
+import android.app.AlertDialog.Builder;
import android.app.Fragment;
+import android.content.ActivityNotFoundException;
import android.content.Intent;
import android.os.Bundle;
import android.os.Handler;
@@ -36,6 +39,7 @@ import android.widget.CheckBox;
import android.widget.EditText;
import android.widget.Spinner;
import android.widget.TextView;
+import android.widget.Toast;
import android.widget.ToggleButton;
@@ -45,7 +49,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
private static final int CHOOSE_FILE_OFFSET = 1000;
private static final int UPDATE_ALIAS = 20;
-
+
private TextView mServerAddress;
private TextView mServerPort;
@@ -63,7 +67,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
-
+
private HashMap<Integer, FileSelectLayout> fileselects = new HashMap<Integer, FileSelectLayout>();
@@ -87,8 +91,8 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
fileselects.put(i, fsl);
fsl.setFragment(this,i);
}
-
-
+
+
public void onCreate(Bundle savedInstanceState) {
String profileuuid =getArguments().getString(getActivity().getPackageName() + ".profileUUID");
mProfile=ProfileManager.get(profileuuid);
@@ -97,10 +101,10 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
@Override
public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
-
-
+
+
mView = inflater.inflate(R.layout.basic_settings,container,false);
-
+
mProfileName = (EditText) mView.findViewById(R.id.profilename);
mServerAddress = (TextView) mView.findViewById(R.id.address);
mServerPort = (TextView) mView.findViewById(R.id.port);
@@ -116,9 +120,9 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
mUserName = (EditText) mView.findViewById(R.id.auth_username);
mPassword = (EditText) mView.findViewById(R.id.auth_password);
-
-
-
+
+
+
addFileSelectLayout(mCaCert);
addFileSelectLayout(mClientCert);
@@ -131,26 +135,26 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
mType.setOnItemSelectedListener(this);
mView.findViewById(R.id.select_keystore_button).setOnClickListener(this);
-
+
if (mHandler == null) {
mHandler = new Handler(this);
}
-
+
return mView;
}
-
-
- @Override
+
+
+ @Override
public void onActivityResult(int request, int result, Intent data) {
- if (result == Activity.RESULT_OK && request >= CHOOSE_FILE_OFFSET) {
- String filedata = data.getStringExtra(FileSelect.RESULT_DATA);
- FileSelectLayout fsl = fileselects.get(request);
- fsl.setData(filedata);
- }
- savePreferences();
- }
-
+ if (result == Activity.RESULT_OK && request >= CHOOSE_FILE_OFFSET) {
+ String filedata = data.getStringExtra(FileSelect.RESULT_DATA);
+ FileSelectLayout fsl = fileselects.get(request);
+ fsl.setData(filedata);
+ }
+ savePreferences();
+ }
+
@Override
public void onActivityCreated(Bundle savedInstanceState) {
@@ -197,7 +201,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
case VpnProfile.TYPE_KEYSTORE:
mView.findViewById(R.id.keystore).setVisibility(View.VISIBLE);
break;
-
+
case VpnProfile.TYPE_USERPASS:
mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE);
mView.findViewById(R.id.cacert).setVisibility(View.VISIBLE);
@@ -222,7 +226,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
mPKCS12Password.setText(mProfile.mPKCS12Password);
mUserName.setText(mProfile.mUsername);
mPassword.setText(mProfile.mPassword);
-
+
setAlias();
}
@@ -258,22 +262,30 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
}
public void showCertDialog () {
- KeyChain.choosePrivateKeyAlias(getActivity(),
- new KeyChainAliasCallback() {
-
- public void alias(String alias) {
- // Credential alias selected. Remember the alias selection for future use.
- mProfile.mAlias=alias;
- mHandler.sendEmptyMessage(UPDATE_ALIAS);
- }
-
-
- },
- new String[] {"RSA", "DSA"}, // List of acceptable key types. null for any
- null, // issuer, null for any
- "internal.example.com", // host name of server requesting the cert, null if unavailable
- 443, // port of server requesting the cert, -1 if unavailable
- null); // alias to preselect, null if unavailable
+ try {
+ KeyChain.choosePrivateKeyAlias(getActivity(),
+ new KeyChainAliasCallback() {
+
+ public void alias(String alias) {
+ // Credential alias selected. Remember the alias selection for future use.
+ mProfile.mAlias=alias;
+ mHandler.sendEmptyMessage(UPDATE_ALIAS);
+ }
+
+
+ },
+ new String[] {"RSA", "DSA"}, // List of acceptable key types. null for any
+ null, // issuer, null for any
+ "internal.example.com", // host name of server requesting the cert, null if unavailable
+ 443, // port of server requesting the cert, -1 if unavailable
+ null); // alias to preselect, null if unavailable
+ } catch (ActivityNotFoundException anf) {
+ Builder ab = new AlertDialog.Builder(getActivity());
+ ab.setTitle(R.string.broken_image_cert_title);
+ ab.setMessage(R.string.broken_image_cert);
+ ab.setPositiveButton(android.R.string.ok, null);
+ ab.show();
+ }
}
@Override
@@ -282,7 +294,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
showCertDialog();
}
}
-
+
@Override
public void onSaveInstanceState(Bundle outState) {
super.onSaveInstanceState(outState);