diff options
| author | cyberta <cyberta@riseup.net> | 2022-05-20 11:19:12 +0000 |
|---|---|---|
| committer | cyberta <cyberta@riseup.net> | 2022-05-20 11:19:12 +0000 |
| commit | 39cf5b1c41af8060af836b93fa9616bbb9c6a60b (patch) | |
| tree | 2ef16c29798b8712bfec1b923a7fb3e2422952bb /app/src/production | |
| parent | 18d3cc0ccbaf3bb9e797fcd542d180669b92dbd8 (diff) | |
| parent | 0ebc7e3a9e84f598a0221fe64f51d0e7906ac377 (diff) | |
Merge branch 'vpn_cert_update' into 'master'
improve VPN cert update
Closes #9087
See merge request leap/bitmask_android!184
Diffstat (limited to 'app/src/production')
| -rw-r--r-- | app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java | 47 |
1 files changed, 25 insertions, 22 deletions
diff --git a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java index d1de62a0..3ec04f32 100644 --- a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java +++ b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java @@ -25,7 +25,6 @@ import android.util.Pair; import org.json.JSONException; import org.json.JSONObject; -import java.io.IOException; import java.net.URL; import java.util.List; import java.util.concurrent.TimeoutException; @@ -199,29 +198,22 @@ public class ProviderApiManager extends ProviderApiManagerBase { @Override protected Bundle updateVpnCertificate(Provider provider) { Bundle result = new Bundle(); - try { - URL newCertStringUrl = new URL(provider.getApiUrlWithVersion() + "/" + PROVIDER_VPN_CERTIFICATE); - - String certString = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString()); - if (DEBUG_MODE) { - VpnStatus.logDebug("[API] VPN CERT: " + certString); - } - if (ConfigHelper.checkErroneousDownload(certString)) { - if (certString == null || certString.isEmpty()) { - // probably 204 - setErrorResult(result, error_io_exception_user_message, null); - } else { - setErrorResult(result, certString); - return result; - } + String certString = downloadFromVersionedApiUrlWithProviderCA("/" + PROVIDER_VPN_CERTIFICATE, provider); + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] VPN CERT: " + certString); + } + if (ConfigHelper.checkErroneousDownload(certString)) { + if (TorStatusObservable.isRunning()) { + setErrorResult(result, downloading_vpn_certificate_failed, null); + } else if (certString == null || certString.isEmpty() ){ + // probably 204 + setErrorResult(result, error_io_exception_user_message, null); + } else { + setErrorResult(result, certString); } - return loadCertificate(provider, certString); - } catch (IOException e) { - // TODO try to get Provider Json - setErrorResult(result, downloading_vpn_certificate_failed, null); - e.printStackTrace(); + return result; } - return result; + return loadCertificate(provider, certString); } /** @@ -352,6 +344,17 @@ public class ProviderApiManager extends ProviderApiManagerBase { return downloadFromUrlWithProviderCA(urlString, provider); } + /** + * Tries to download the contents of $base_url/$version/$path using not commercially validated CA certificate from chosen provider. + * + * @return an empty string if it fails, the response body if not. + */ + private String downloadFromVersionedApiUrlWithProviderCA(String path, Provider provider) { + String baseUrl = provider.getApiUrlWithVersion(); + String urlString = baseUrl + path; + return downloadFromUrlWithProviderCA(urlString, provider); + } + private String downloadFromUrlWithProviderCA(String urlString, Provider provider) { return downloadFromUrlWithProviderCA(urlString, provider, true); } |