diff options
| author | cyBerta <cyberta@riseup.net> | 2023-10-31 11:45:22 +0100 |
|---|---|---|
| committer | cyBerta <cyberta@riseup.net> | 2023-10-31 18:53:25 +0100 |
| commit | 3197444d9da4cf3a22d4c5aaf41da81f36d76bdf (patch) | |
| tree | b59dc5d5a92d5509da8d9b4f39e219ee1b0bccf8 | |
| parent | e85e4a2fc7f6351b3f05ad2306241399e029c757 (diff) | |
remove insecure flavor, it depended on deprecated setup UI
7 files changed, 1 insertions, 703 deletions
diff --git a/app/build.gradle b/app/build.gradle index 305292db..4c9f6a25 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -117,9 +117,6 @@ android { production { dimension "implementation" } - insecure { - dimension "implementation" - } normal { dimension "branding" @@ -355,7 +352,6 @@ android { * normalProductionFatDebug -> Bitmask development build, includes all ABIS * customProductionFatwebDebug -> branded development build, includes all ABIs, for distribution through a download page * normalProductionFatWebDebug -> Bitmask development build, includes all ABIS, for distribution through a download page - * normalInsecureFatDebug -> Bitmask development build, doesn't checks certificates (for test server setup w/o valid certificates), includes all ABIs * * Branded Releases: * ----------------- @@ -389,11 +385,7 @@ android { def supportsSplitApk = variant.flavors[0].splitApk def branding = variant.flavors[0].name // To check for a certain build type, use variant.buildType.name == "<buildType>" - if (((names.contains("insecure") && !names.contains("fat")) || - (names.contains("insecure") && buildTypeName.contains("beta")) || - (names.contains("insecure") && buildTypeName.contains("release")) || - (names.contains("insecure") && branding.contains("custom")) || - (buildTypeName.contains("debug") && !(names.contains("fatweb") || names.contains("fat"))) || + if (((buildTypeName.contains("debug") && !(names.contains("fatweb") || names.contains("fat"))) || (names.contains("fatweb") && buildTypeName.contains("beta")) || (!supportsSplitApk && !names.contains("fat"))) ) { diff --git a/app/src/insecure/AndroidManifest.xml b/app/src/insecure/AndroidManifest.xml deleted file mode 100644 index a720b777..00000000 --- a/app/src/insecure/AndroidManifest.xml +++ /dev/null @@ -1,27 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!-- - Copyright (C) 2011 The Android Open Source Project - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> - -<manifest xmlns:android="http://schemas.android.com/apk/res/android" - package="se.leap.bitmaskclient"> - - <!-- if you want to run test, this permissions are needed. Gradle will get rid of them once we implement it. --> - <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> - <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE"/> - <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> - <uses-permission android:name="android.permission.CHANGE_WIFI_STATE" /> - -</manifest> diff --git a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/AddProviderActivity.java b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/AddProviderActivity.java deleted file mode 100644 index 6d23c48d..00000000 --- a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/AddProviderActivity.java +++ /dev/null @@ -1,92 +0,0 @@ -package se.leap.bitmaskclient.providersetup; - -import android.os.Bundle; -import android.view.View; -import android.widget.Button; -import android.widget.CheckBox; -import android.widget.LinearLayout; -import android.widget.RelativeLayout; - -import androidx.annotation.Nullable; - -import butterknife.BindView; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.providersetup.activities.AddProviderBaseActivity; - -import static android.widget.RelativeLayout.BELOW; -import static android.widget.RelativeLayout.LEFT_OF; -import static se.leap.bitmaskclient.base.models.Constants.DANGER_ON; - -public class AddProviderActivity extends AddProviderBaseActivity { - - final public static String TAG = "AddProviderActivity"; - - @BindView(R.id.danger_checkbox) - CheckBox checkboxDanger; - - @BindView(R.id.button_save) - Button saveButton; - - @Nullable - @BindView(R.id.button_container) - LinearLayout buttonContainer; - - @Override - protected void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - setContentView(R.layout.a_add_provider); - init(); - - checkboxDanger.setVisibility(View.VISIBLE); - checkboxDanger.setText(R.string.danger_checkbox); - checkboxDanger.setChecked(preferences.getBoolean(DANGER_ON, false)); - } - - @Override - public void setupSaveButton() { - saveButton.setOnClickListener(new View.OnClickListener() { - public void onClick(View v) { - preferences.edit().putBoolean(DANGER_ON, checkboxDanger.isChecked()).apply(); - saveProvider(); - } - }); - } - - @Override - protected void showCompactLayout() { - if (isCompactLayout) { - return; - } - super.showCompactLayout(); - showCompactButtonLayout(); - } - - @Override - protected void showStandardLayout() { - if (!isCompactLayout) { - return; - } - super.showStandardLayout(); - showStandardButtonLayout(); - } - - private void showCompactButtonLayout() { - RelativeLayout.LayoutParams phoneButtonContainerParams = (RelativeLayout.LayoutParams) buttonContainer.getLayoutParams(); - phoneButtonContainerParams.addRule(BELOW, 0); - buttonContainer.setLayoutParams(phoneButtonContainerParams); - - RelativeLayout.LayoutParams checkBoxParams = (RelativeLayout.LayoutParams) checkboxDanger.getLayoutParams(); - checkBoxParams.addRule(LEFT_OF, R.id.button_container); - checkboxDanger.setLayoutParams(checkBoxParams); - } - - private void showStandardButtonLayout() { - RelativeLayout.LayoutParams phoneButtonContainerParams = (RelativeLayout.LayoutParams) buttonContainer.getLayoutParams(); - phoneButtonContainerParams.addRule(BELOW, R.id.danger_checkbox); - buttonContainer.setLayoutParams(phoneButtonContainerParams); - - RelativeLayout.LayoutParams checkBoxParams = (RelativeLayout.LayoutParams) checkboxDanger.getLayoutParams(); - checkBoxParams.addRule(LEFT_OF, 0); - checkboxDanger.setLayoutParams(checkBoxParams); - } -} diff --git a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java deleted file mode 100644 index 221871ef..00000000 --- a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java +++ /dev/null @@ -1,480 +0,0 @@ -/** - * Copyright (c) 2018 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -package se.leap.bitmaskclient.providersetup; - -import android.content.SharedPreferences; -import android.content.res.Resources; -import static se.leap.bitmaskclient.BuildConfig.DEBUG_MODE; -import android.os.Bundle; -import android.util.Pair; - -import org.json.JSONException; -import org.json.JSONObject; - -import java.io.FileNotFoundException; -import java.io.IOException; -import java.net.URL; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.List; -import java.util.Scanner; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - -import de.blinkt.openvpn.core.VpnStatus; -import okhttp3.OkHttpClient; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.base.models.Provider; -import se.leap.bitmaskclient.base.utils.ConfigHelper; -import se.leap.bitmaskclient.eip.EIP; -import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; - -import static android.text.TextUtils.isEmpty; -import static se.leap.bitmaskclient.R.string.certificate_error; -import static se.leap.bitmaskclient.R.string.downloading_vpn_certificate_failed; -import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; -import static se.leap.bitmaskclient.R.string.malformed_url; -import static se.leap.bitmaskclient.R.string.setup_error_text; -import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; -import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; -import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_KEY; -import static se.leap.bitmaskclient.base.models.Constants.DANGER_ON; -import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_KEY; -import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_VPN_CERTIFICATE; -import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormattedString; -import static se.leap.bitmaskclient.providersetup.ProviderAPI.ERRORS; -import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING; -import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON; -import static se.leap.bitmaskclient.tor.TorStatusObservable.getProxyPort; - -/** - * Created by cyberta on 04.01.18. - */ - -public class ProviderApiManager extends ProviderApiManagerBase { - - private static final String TAG = ProviderApiManagerBase.class.getName(); - - protected static boolean lastDangerOn = true; - - - public ProviderApiManager(SharedPreferences preferences, Resources resources, OkHttpClientGenerator clientGenerator, ProviderApiServiceCallback callback) { - super(preferences, resources, clientGenerator, callback); - } - - public static boolean lastDangerOn() { - return lastDangerOn; - } - - /** - * Downloads a provider.json from a given URL, adding a new provider using the given name. - * - * @param task containing a boolean meaning if the provider is custom or not, another boolean meaning if the user completely trusts this provider, the provider name and its provider.json url. - * @return a bundle with a boolean value mapped to a key named BROADCAST_RESULT_KEY, and which is true if the update was successful. - */ - @Override - protected Bundle setUpProvider(Provider provider, Bundle task) { - Bundle currentDownload = new Bundle(); - - if (task != null) { - lastDangerOn = task.containsKey(DANGER_ON) && task.getBoolean(DANGER_ON); - } - - if (isEmpty(provider.getMainUrlString()) || provider.getMainUrl().isDefault()) { - setErrorResult(currentDownload, malformed_url, null); - currentDownload.putParcelable(PROVIDER_KEY, provider); - VpnStatus.logWarning("[API] MainURL String is not set. Cannot setup provider."); - return currentDownload; - } - - getPersistedProviderUpdates(provider); - currentDownload = validateProviderDetails(provider); - - //provider details invalid - if (currentDownload.containsKey(ERRORS)) { - currentDownload.putParcelable(PROVIDER_KEY, provider); - return currentDownload; - } - - //no provider certificate available - if (currentDownload.containsKey(BROADCAST_RESULT_KEY) && !currentDownload.getBoolean(BROADCAST_RESULT_KEY)) { - resetProviderDetails(provider); - } - - currentDownload = getAndSetProviderJson(provider, lastDangerOn); - if (provider.hasDefinition() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { - if (!provider.hasCaCert()) - currentDownload = downloadCACert(provider, lastDangerOn); - if (provider.hasCaCert() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { - currentDownload = getAndSetEipServiceJson(provider); - } - if (provider.hasEIP() && !provider.allowsRegistered() && !provider.allowsAnonymous()) { - setErrorResult(currentDownload, setup_error_text, null); - } - } - currentDownload.putParcelable(PROVIDER_KEY, provider); - return currentDownload; - } - - private Bundle getAndSetProviderJson(Provider provider, boolean dangerOn) { - Bundle result = new Bundle(); - - JSONObject providerDefinition = provider.getDefinition(); - String providerMainUrl = provider.getMainUrlString(); - - String providerDotJsonString; - if(providerDefinition.length() == 0 || provider.getCaCert().isEmpty()) - providerDotJsonString = downloadWithCommercialCA(providerMainUrl + "/provider.json", dangerOn); - else - providerDotJsonString = downloadFromApiUrlWithProviderCA("/provider.json", provider, dangerOn); - - if (ConfigHelper.checkErroneousDownload(providerDotJsonString) || !isValidJson(providerDotJsonString)) { - setErrorResult(result, malformed_url, null); - return result; - } - - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] PROVIDER JSON: " + providerDotJsonString); - } - - try { - JSONObject providerJson = new JSONObject(providerDotJsonString); - - if (provider.define(providerJson)) { - result.putBoolean(BROADCAST_RESULT_KEY, true); - } else { - return setErrorResult(result, warning_corrupted_provider_details, ERROR_CORRUPTED_PROVIDER_JSON.toString()); - } - - result.putBoolean(BROADCAST_RESULT_KEY, true); - } catch (JSONException e) { - setErrorResult(result, providerDotJsonString); - } - //TODO: check why the following line is not in production - result.putParcelable(PROVIDER_KEY, provider); - return result; - } - - /** - * Downloads the eip-service.json from a given URL, and saves eip service capabilities including the offered gateways - * @return a bundle with a boolean value mapped to a key named BROADCAST_RESULT_KEY, and which is true if the download was successful. - */ - @Override - protected Bundle getAndSetEipServiceJson(Provider provider) { - Bundle result = new Bundle(); - String eipServiceJsonString = ""; - try { - JSONObject providerDefinition = provider.getDefinition(); - String eipServiceUrl = providerDefinition.getString(Provider.API_URL) + "/" + providerDefinition.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH; - eipServiceJsonString = downloadWithProviderCA(provider.getCaCert(), eipServiceUrl, lastDangerOn); - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] EIP SERVICE JSON: " + eipServiceJsonString); - } - - JSONObject eipServiceJson = new JSONObject(eipServiceJsonString); - - if (eipServiceJson.has(ERRORS)) { - setErrorResult(result, eipServiceJsonString); - } else{ - provider.setEipServiceJson(eipServiceJson); - provider.setLastEipServiceUpdate(System.currentTimeMillis()); - result.putBoolean(BROADCAST_RESULT_KEY, true); - } - } catch (NullPointerException | JSONException e) { - setErrorResult(result, R.string.error_json_exception_user_message, null); - } - //TODO: check why the following line is not in production - result.putParcelable(PROVIDER_KEY, provider); - return result; - } - - /** - * Downloads a new OpenVPN certificate, attaching authenticated cookie for authenticated certificate. - * - * @return true if certificate was downloaded correctly, false if provider.json is not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error. - */ - @Override - protected Bundle updateVpnCertificate(Provider provider) { - Bundle result = new Bundle(); - try { - URL newCertStringUrl = new URL(provider.getApiUrlWithVersion() + "/" + PROVIDER_VPN_CERTIFICATE); - - String certString = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString(), lastDangerOn); - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] VPN CERT: " + certString); - } - if (ConfigHelper.checkErroneousDownload(certString)) { - if (certString == null || certString.isEmpty()) { - // probably 204 - setErrorResult(result, error_io_exception_user_message, null); - } else { - setErrorResult(result, certString); - return result; - } - } - result = loadCertificate(provider, certString); - } catch (IOException e) { - setErrorResult(result, downloading_vpn_certificate_failed, null); - e.printStackTrace(); - } - //TODO: check why the following line is not in production - result.putParcelable(PROVIDER_KEY, provider); - return result; - } - - /** - * Fetches the Geo ip Json, containing a list of gateways sorted by distance from the users current location - * - * @param provider - * @return - */ - @Override - protected Bundle getGeoIPJson(Provider provider) { - Bundle result = new Bundle(); - - if (!provider.shouldUpdateGeoIpJson() || provider.getGeoipUrl().isDefault()) { - result.putBoolean(BROADCAST_RESULT_KEY, false); - return result; - } - - - try { - URL geoIpUrl = provider.getGeoipUrl().getUrl(); - - String geoipJsonString = downloadFromUrlWithProviderCA(geoIpUrl.toString(), provider, lastDangerOn); - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] MENSHEN JSON: " + geoipJsonString); - } - JSONObject geoipJson = new JSONObject(geoipJsonString); - - if (geoipJson.has(ERRORS)) { - result.putBoolean(BROADCAST_RESULT_KEY, false); - } else { - provider.setGeoIpJson(geoipJson); - provider.setLastEipServiceUpdate(System.currentTimeMillis()); - result.putBoolean(BROADCAST_RESULT_KEY, true); - } - - - } catch (JSONException | NullPointerException e) { - result.putBoolean(BROADCAST_RESULT_KEY, false); - e.printStackTrace(); - } - return result; - } - - - private Bundle downloadCACert(Provider provider, boolean dangerOn) { - Bundle result = new Bundle(); - try { - String caCertUrl = provider.getDefinition().getString(Provider.CA_CERT_URI); - String providerDomain = provider.getDomain(); - - String certString = downloadWithCommercialCA(caCertUrl, dangerOn); - - if (validCertificate(provider, certString)) { - provider.setCaCert(certString); - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] CA CERT: " + certString); - } - preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply(); - result.putBoolean(BROADCAST_RESULT_KEY, true); - } else { - setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString()); - } - } catch (JSONException e) { - setErrorResult(result, malformed_url, null); - } - - return result; - } - - /** - * Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider. - * <p/> - * If dangerOn flag is true, SSL exceptions will be managed by futher methods that will try to use some bypass methods. - * - * @param stringUrl - * @param dangerOn if the user completely trusts this provider - * @return - */ - private String downloadWithCommercialCA(String stringUrl, boolean dangerOn) { - String responseString; - JSONObject errorJson = new JSONObject(); - - OkHttpClient okHttpClient = clientGenerator.initCommercialCAHttpClient(errorJson, getProxyPort()); - if (okHttpClient == null) { - return errorJson.toString(); - } - - List<Pair<String, String>> headerArgs = getAuthorizationHeader(); - - responseString = sendGetStringToServer(stringUrl, headerArgs, okHttpClient); - - if (responseString != null && responseString.contains(ERRORS)) { - try { - // try to download with provider CA on certificate error - JSONObject responseErrorJson = new JSONObject(responseString); - if (dangerOn && responseErrorJson.getString(ERRORS).equals( - getProviderFormattedString(resources, R.string.certificate_error))) { - responseString = downloadWithoutCA(stringUrl); - } - } catch (JSONException e) { - e.printStackTrace(); - } - } - - return responseString; - } - - private String downloadFromApiUrlWithProviderCA(String path, Provider provider, boolean dangerOn) { - String baseUrl = provider.getApiUrlString(); - String urlString = baseUrl + path; - - return downloadFromUrlWithProviderCA(urlString, provider, dangerOn); - } - - private String downloadFromUrlWithProviderCA(String urlString, Provider provider, boolean dangerOn) { - String responseString; - JSONObject errorJson = new JSONObject(); - OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(provider.getCaCert(), getProxyPort(), errorJson); - if (okHttpClient == null) { - return errorJson.toString(); - } - - List<Pair<String, String>> headerArgs = getAuthorizationHeader(); - responseString = sendGetStringToServer(urlString, headerArgs, okHttpClient); - - if (responseString != null && responseString.contains(ERRORS)) { - try { - // try to download with provider CA on certificate error - JSONObject responseErrorJson = new JSONObject(responseString); - if (dangerOn && responseErrorJson.getString(ERRORS).equals( - getProviderFormattedString(resources, R.string.certificate_error))) { - responseString = downloadWithCommercialCA(urlString, dangerOn); - } - } catch (JSONException e) { - e.printStackTrace(); - } - } - - return responseString; - } - - /** - * Tries to download the contents of the provided url using not commercially validated CA certificate from chosen provider. - * - * @param urlString as a string - * @param dangerOn true to download CA certificate in case it has not been downloaded. - * @return an empty string if it fails, the url content if not. - */ - private String downloadWithProviderCA(String caCert, String urlString, boolean dangerOn) { - JSONObject initError = new JSONObject(); - String responseString; - - OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(caCert, getProxyPort(), initError); - if (okHttpClient == null) { - return initError.toString(); - } - - List<Pair<String, String>> headerArgs = getAuthorizationHeader(); - - responseString = sendGetStringToServer(urlString, headerArgs, okHttpClient); - - if (responseString.contains(ERRORS)) { - try { - // danger danger: try to download without CA on certificate error - JSONObject responseErrorJson = new JSONObject(responseString); - if (dangerOn && responseErrorJson.getString(ERRORS).equals( - getProviderFormattedString(resources, R.string.certificate_error))) { - responseString = downloadWithoutCA(urlString); - } - } catch (JSONException e) { - e.printStackTrace(); - } - } - - return responseString; - } - - /** - * Downloads the string that's in the url with any certificate. - */ - // This method is totally insecure anyways. So no need to refactor that in order to use okHttpClient, force modern TLS etc.. DO NOT USE IN PRODUCTION! - private String downloadWithoutCA(String urlString) { - String string = ""; - try { - - HostnameVerifier hostnameVerifier = new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }; - - class DefaultTrustManager implements X509TrustManager { - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - - @Override - public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return null; - } - } - - SSLContext context = SSLContext.getInstance("TLS"); - context.init(new KeyManager[0], new TrustManager[]{new DefaultTrustManager()}, new SecureRandom()); - - URL url = new URL(urlString); - HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); - urlConnection.setSSLSocketFactory(context.getSocketFactory()); - urlConnection.setHostnameVerifier(hostnameVerifier); - string = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next(); - System.out.println("String ignoring certificate = " + string); - } catch (FileNotFoundException e) { - e.printStackTrace(); - string = formatErrorMessage(malformed_url); - } catch (IOException e) { - // The downloaded certificate doesn't validate our https connection. - e.printStackTrace(); - string = formatErrorMessage(certificate_error); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyManagementException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return string; - } -} diff --git a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderDetailActivity.java b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderDetailActivity.java deleted file mode 100644 index 2b62a7de..00000000 --- a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderDetailActivity.java +++ /dev/null @@ -1,17 +0,0 @@ -package se.leap.bitmaskclient.providersetup; - -import android.content.SharedPreferences; - -import se.leap.bitmaskclient.base.models.Constants; -import se.leap.bitmaskclient.providersetup.activities.AbstractProviderDetailActivity; - -public class ProviderDetailActivity extends AbstractProviderDetailActivity { - - @Override - public void onBackPressed() { - SharedPreferences.Editor editor = preferences.edit(); - editor.remove(Constants.DANGER_ON).apply(); - super.onBackPressed(); - } - -} diff --git a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderListActivity.java b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderListActivity.java deleted file mode 100644 index 46eb2a05..00000000 --- a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderListActivity.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributors - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ -package se.leap.bitmaskclient.providersetup; - -import android.os.Bundle; -import androidx.annotation.NonNull; - -import se.leap.bitmaskclient.base.models.Provider; -import se.leap.bitmaskclient.providersetup.activities.ProviderListBaseActivity; - -import static se.leap.bitmaskclient.base.models.Constants.DANGER_ON; -import static se.leap.bitmaskclient.providersetup.ProviderAPI.SET_UP_PROVIDER; -import static se.leap.bitmaskclient.providersetup.ProviderSetupInterface.ProviderConfigState.SETTING_UP_PROVIDER; - -/** - * Activity that builds and shows the list of known available providers. - * <p/> - * It also allows the user to enter custom providers with a button. - * - * @author parmegv - * @author cyberta - */ -public class ProviderListActivity extends ProviderListBaseActivity { - - @Override - protected void onItemSelectedLogic() { - boolean danger_on = preferences.getBoolean(DANGER_ON, true); - setUpProvider(danger_on); - } - - @Override - public void cancelSettingUpProvider() { - super.cancelSettingUpProvider(); - preferences.edit().remove(DANGER_ON).apply(); - } - - /** - * Asks ProviderAPI to download a new provider.json file - * - * @param danger_on tells if HTTPS client should bypass certificate errors - */ - public void setUpProvider(boolean danger_on) { - providerConfigState = SETTING_UP_PROVIDER; - - Bundle parameters = new Bundle(); - parameters.putBoolean(DANGER_ON, danger_on); - - ProviderAPICommand.execute(this, SET_UP_PROVIDER, parameters, provider); - } - - /** - * Retrys setup of last used provider, allows bypassing ca certificate validation. - */ - @Override - public void retrySetUpProvider(@NonNull Provider provider) { - providerConfigState = SETTING_UP_PROVIDER; - ProviderAPICommand.execute(this, SET_UP_PROVIDER, provider); - } - -} diff --git a/app/src/insecure/res/values/strings.xml b/app/src/insecure/res/values/strings.xml deleted file mode 100644 index 3e568115..00000000 --- a/app/src/insecure/res/values/strings.xml +++ /dev/null @@ -1,4 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<resources> - <string name="danger_checkbox">Skip security check</string> -</resources> |