diff options
author | Parménides GV <parmegv@sdf.org> | 2014-11-07 11:00:43 +0100 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2014-11-07 11:00:43 +0100 |
commit | 13d154326aaf34798c1232a42318fd71e9df9779 (patch) | |
tree | 4ad051ddb4e6faa11b5c67795e9285bb64d1648a /app | |
parent | 0009911f6b9320b3bea541f88fcdc30364d2a681 (diff) | |
parent | 6544b8d32ccf81a6c1d832217642b873be8dc6b7 (diff) |
Merge branch 'develop' into release-0.8.0
Diffstat (limited to 'app')
104 files changed, 2435 insertions, 1840 deletions
diff --git a/app/build.gradle b/app/build.gradle index 9207ff84..9c1d5b4e 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -1,5 +1,5 @@ apply plugin: 'android' -import org.ajoberstar.grgit.* +//import org.ajoberstar.grgit.* android { compileSdkVersion 19 @@ -58,7 +58,7 @@ def processFileInplace(file, Closure processText) { task checkoutStrippedIcsOpenVPN ( type: Copy ) { //FIXME Checkout ics-openvpn-stripped from branch "ics-openvpn-upstream" - grgit = Grgit.open(project.file('../')) + //grgit = Grgit.open(project.file('../')) from '../../bitmask_android_tmp/ics-openvpn-stripped' into '../ics-openvpn-stripped' diff --git a/app/jni/Application.mk b/app/jni/Application.mk index b7af50cd..21718248 100644 --- a/app/jni/Application.mk +++ b/app/jni/Application.mk @@ -8,4 +8,4 @@ APP_STL:=stlport_shared #LOCAL_ARM_MODE := arm -#NDK_TOOLCHAIN_VERSION=clang +#NDK_TOOLCHAIN_VERSION=clang
\ No newline at end of file diff --git a/app/misc/build-native.bat b/app/misc/build-native.bat index 73a19a00..9885557a 100644 --- a/app/misc/build-native.bat +++ b/app/misc/build-native.bat @@ -1,22 +1,25 @@ @echo on -echo Currently broken, feel free to fix and send me a patch, see .sh file +echo Currently broken, feel free to fix and send me a patch, see the build-native.sh file how native libraries are build on UNIX exit 1 -call ndk-build APP_API=all -j 8 +call ndk-build APP_ABI=x86_64 -j 8 USE_BREAKPAD=0 cd libs -mkdir ..\assets -mkdir ..\build\ +mkdir ..\ovpnlibs +mkdir ..\ovpnlibs\assets for /D %%f in (*) do ( - copy %%f\minivpn ..\assets\minivpn.%%f + copy %%f\nopievpn ..\ovpnlibs\assets\nopievpn.%%f + copy %%f\pievpn ..\ovpnlibs\assets\pievpn.%%f + del %%f\libcrypto.so del %%f\libssl.so - mkdir ..\build\native-libs\%%f\ - copy %%f\*.so ..\build\native-libs\%%f\ + mkdir ..\ovpnlibs\jniLibs + mkdir ..\ovpnlibs\jniLibs\%%f\ + copy %%f\*.so ..\ovpnlibs\jniLibs\%%f\ ) cd .. diff --git a/app/misc/build-native.sh b/app/misc/build-native.sh index f27384cd..7382efc9 100755 --- a/app/misc/build-native.sh +++ b/app/misc/build-native.sh @@ -23,7 +23,7 @@ if [ -d openvpn/.git ]; then fi if [ "x$1" = "x" ]; then - ndk-build APP_API=all -j 8 + ndk-build -j 8 USE_BREAKPAD=0 else ndk-build $@ fi diff --git a/app/misc/fetchtranslations.sh b/app/misc/fetchtranslations.sh index 3529a646..356748d6 100755 --- a/app/misc/fetchtranslations.sh +++ b/app/misc/fetchtranslations.sh @@ -1,38 +1,36 @@ -#! /bin/sh - +#! /bin/zsh +set -o shwordsplit if [ "$ICSCROWDAPIKEY" != "" ] then echo "Generating new translation archives" - fetch -q -1 -o - http://api.crowdin.net/api/project/ics-openvpn/export?key=$ICSCROWDAPIKEY + fetch -q -1 -o - "http://api.crowdin.net/api/project/ics-openvpn/export?key=$ICSCROWDAPIKEY" fi echo "Fetch translation archive" fetch -q http://crowdin.net/download/project/ics-openvpn.zip -langtoinclude="ca cs de es et fr hu it ja ko no nl pl ro ru sv tr uk" - -for lang in $langtoinclude -do - tar -xvf ics-openvpn.zip -C src/main res/values-$lang/ -done # Chinese language require zh-CN and zh-TW -for lang in zh-CN zh-TW id +typeset -A langhash +langhash=(zh-CN zh-rCN zh-TW zh-rTW id-ID in ca-ES ca cs-CZ cs et-EE et ja-JP ja ko-KR ko sv-SE sv uk-UA uk) + +langtoinclude="de es fr hu it no nl pl pt ro ru tr" + +for lang in $langtoinclude ${(k)langhash} do - if [ $lang = "zh-CN" ] ; then - rlang="zh-rCN" - elif [ $lang = "zh-TW" ] ; then - rlang="zh-rTW" - elif [ $lang = "id" ] ; then - rlang="in" - fi - - echo "Fetch archive for $lang" - fetch http://crowdin.net/download/project/ics-openvpn/$lang.zip - tar -xv -C src/main/res/values-$rlang/ --strip-components 3 -f $lang.zip - rm $lang.zip + if (( ${+langhash[$lang]} )); then + alang=$lang + rlang=${langhash[$lang]} + else + alang=$lang-${lang:u} + rlang=$lang + fi + + mkdir -p src/main/res/values-$rlang/ + echo "$alang -> $rlang" + tar -xv -C src/main/res/values-$rlang/ --strip-components 2 -f ics-openvpn.zip res/values-$alang/ done -rm -v ics-openvpn.zip +rm ics-openvpn.zip diff --git a/app/misc/genFAQ.py b/app/misc/genFAQ.py index b1506420..09381caa 100755 --- a/app/misc/genFAQ.py +++ b/app/misc/genFAQ.py @@ -112,7 +112,7 @@ def checkFormatString(lang): int = tstr.find(f)==-1 if ino != int: - print "Mismatch",strid,f,ostr,tstr + print "Mismatch StringID(%s): " % lang,strid,"Original String:",ostr,"Translated String:",tstr if __name__=="__main__": main() diff --git a/app/openvpn/config-version.h b/app/openvpn/config-version.h index 762b9dc6..6e78aeaf 100644 --- a/app/openvpn/config-version.h +++ b/app/openvpn/config-version.h @@ -1,2 +1,2 @@ -#define CONFIGURE_GIT_REVISION "icsopenvpn_618-e63b88d330782d14" +#define CONFIGURE_GIT_REVISION "icsopenvpn_620-df00abd6979b7376" #define CONFIGURE_GIT_FLAGS "" diff --git a/app/openvpn/config.h b/app/openvpn/config.h index b825e2bd..6b699028 100644 --- a/app/openvpn/config.h +++ b/app/openvpn/config.h @@ -631,3 +631,5 @@ #define IPPROTO_IP IPPROTO_IP #define IPPROTO_TCP IPPROTO_TCP + +#define HAVE_AEAD_CIPHER_MODES 1 diff --git a/app/openvpn/configure.ac b/app/openvpn/configure.ac index ffba3749..608ab6d1 100644 --- a/app/openvpn/configure.ac +++ b/app/openvpn/configure.ac @@ -368,15 +368,18 @@ AC_ARG_VAR([IPROUTE], [full path to ip utility]) AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests AC_ARG_VAR([MAN2HTML], [path to man2html utility]) AC_ARG_VAR([GIT], [path to git utility]) +AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) +AC_PATH_PROGS([SYSTEMD_ASK_PASSWORD], [systemd-ask-password],, [$PATH:/usr/local/bin:/usr/bin:/bin]) AC_CHECK_PROGS([NETSTAT], [netstat], [netstat], [$PATH:/usr/local/sbin:/usr/sbin:/sbin:/etc]) # tests AC_CHECK_PROGS([MAN2HTML], [man2html]) AC_CHECK_PROGS([GIT], [git]) # optional AC_DEFINE_UNQUOTED([IFCONFIG_PATH], ["$IFCONFIG"], [Path to ifconfig tool]) AC_DEFINE_UNQUOTED([IPROUTE_PATH], ["$IPROUTE"], [Path to iproute tool]) AC_DEFINE_UNQUOTED([ROUTE_PATH], ["$ROUTE"], [Path to route tool]) +AC_DEFINE_UNQUOTED([SYSTEMD_ASK_PASSWORD_PATH], ["$SYSTEMD_ASK_PASSWORD"], [Path to systemd-ask-password tool]) # # Libtool @@ -994,6 +997,28 @@ if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then fi +dnl +dnl Check for systemd +dnl + +if test "$enable_systemd" = "yes" ; then + PKG_CHECK_MODULES([libsystemd], [systemd libsystemd], + [], + [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])] + ) + AC_CHECK_HEADERS(systemd/sd-daemon.h, + , + [ + AC_MSG_ERROR([systemd development headers not found.]) + ]) + + saved_LIBS="${LIBS}" + LIBS="${LIBS} ${libsystemd_LIBS}" + AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is missing sd_booted()])]) + OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" + AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) + LIBS="${saved_LIBS}" +fi AC_MSG_CHECKING([git checkout]) @@ -1034,7 +1059,6 @@ test "${enable_def_auth}" = "yes" && AC_DEFINE([ENABLE_DEF_AUTH], [1], [Enable d test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal packet filter]) test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers]) test "${enable_password_save}" = "yes" && AC_DEFINE([ENABLE_PASSWORD_SAVE], [1], [Allow --askpass and --auth-user-pass passwords to be read from a file]) -test "${enable_systemd}" = "yes" && AC_DEFINE([ENABLE_SYSTEMD], [1], [Enable systemd support]) case "${with_crypto_library}" in openssl) @@ -1167,6 +1191,7 @@ AC_SUBST([OPTIONAL_SNAPPY_CFLAGS]) AC_SUBST([OPTIONAL_SNAPPY_LIBS]) AC_SUBST([OPTIONAL_LZ4_CFLAGS]) AC_SUBST([OPTIONAL_LZ4_LIBS]) +AC_SUBST([OPTIONAL_SYSTEMD_LIBS]) AC_SUBST([OPTIONAL_PKCS11_HELPER_CFLAGS]) AC_SUBST([OPTIONAL_PKCS11_HELPER_LIBS]) diff --git a/app/openvpn/contrib/OCSP_check/OCSP_check.sh b/app/openvpn/contrib/OCSP_check/OCSP_check.sh index 553c3dce..6876c6d8 100644 --- a/app/openvpn/contrib/OCSP_check/OCSP_check.sh +++ b/app/openvpn/contrib/OCSP_check/OCSP_check.sh @@ -97,12 +97,19 @@ if [ $check_depth -eq -1 ] || [ $cur_depth -eq $check_depth ]; then "$nonce" \ -CAfile "$verify" \ -url "$ocsp_url" \ - -serial "${serial}" 2>/dev/null) + -serial "${serial}" 2>&1) if [ $? -eq 0 ]; then - # check that it's good + # check if ocsp didn't report any errors + if echo "$status" | grep -Eq "(error|fail)"; then + exit 1 + fi + # check that the reported status of certificate is ok if echo "$status" | grep -Fq "^${serial}: good"; then - exit 0 + # check if signature on the OCSP response verified correctly + if echo "$status" | grep -Fq "^Response verify OK"; then + exit 0 + fi fi fi fi diff --git a/app/openvpn/distro/systemd/openvpn@.service b/app/openvpn/distro/systemd/openvpn@.service new file mode 100644 index 00000000..7cd36c36 --- /dev/null +++ b/app/openvpn/distro/systemd/openvpn@.service @@ -0,0 +1,19 @@ +[Unit] +Description=OpenVPN tunnel for %I +After=syslog.target network.target +Documentation=man:openvpn(8) +Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage +Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + +[Service] +PrivateTmp=true +Type=forking +PIDFile=/var/run/openvpn/%i.pid +ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf +CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH +LimitNPROC=10 +DeviceAllow=/dev/null rw +DeviceAllow=/dev/net/tun rw + +[Install] +WantedBy=multi-user.target diff --git a/app/openvpn/doc/android.txt b/app/openvpn/doc/android.txt index cf8b3c79..137edfc5 100644 --- a/app/openvpn/doc/android.txt +++ b/app/openvpn/doc/android.txt @@ -55,6 +55,21 @@ To set the DNS server and search domain. The GUI will then respond with a "needok 'command' ok' or "needok 'command' cancel', e.g. "needok 'IFCONFIG' ok". +PERSIST_TUN_ACTION + +In Android 4.4-4.4.2 a bug exists that does not allow to open a new tun fd +while a tun fd is still open. When OpenVPN wants to open an fd it will do +this query. The UI should compare the last configuration of +the tun device with the current tun configuration and reply with either (or +always respond with OPEN_AFTER_BEFORE/OPEN_BEFORE_CLOSE) + +- NOACTION: Keep using the old fd +- OPEN_AFTER_CLOSE: First close the old fd and then open a new to workaround the bug +- OPEN_BEFORE_CLOSE: the normal behaviour when the VPN configuration changed + +For example the UI could respond with +needok 'PERSIST_TUN_ACTION' OPEN_AFTER_CLOSE + To protect a socket the OpenVPN will send a PROTECTFD to the UI. When sending the PROTECTFD command command to the UI it will send the fd of the socket as ancillary message over the UNIX socket. @@ -74,12 +89,3 @@ are not specific to Android but are rarely used on other platform. For example using SIGUSR1 and management-hold to restart, pause, continue the VPN on network changes or the external key management --management-external-key option and inline files. - -Due to a bug in Android 4.4-4.4.2 there the Android Control will also -query what action the daemon should take when opening the fd. The GUI -should compare the last configuration of the tun device with the current -tun configuration and reply with either - -- NOACTION: Keep using the old fd -- OPEN_AFTER_CLOSE: First close the old fd and then open a new to workaround the bug -- OPEN_BEFORE_CLOSE: the normal behaviour when the VPN configuration changed diff --git a/app/openvpn/src/openvpn/Makefile.am b/app/openvpn/src/openvpn/Makefile.am index fd593c57..d089f50f 100644 --- a/app/openvpn/src/openvpn/Makefile.am +++ b/app/openvpn/src/openvpn/Makefile.am @@ -126,6 +126,7 @@ openvpn_LDADD = \ $(OPTIONAL_PKCS11_HELPER_LIBS) \ $(OPTIONAL_CRYPTO_LIBS) \ $(OPTIONAL_SELINUX_LIBS) \ + $(OPTIONAL_SYSTEMD_LIBS) \ $(OPTIONAL_DL_LIBS) if WIN32 openvpn_SOURCES += openvpn_win32_resources.rc diff --git a/app/openvpn/src/openvpn/base64.c b/app/openvpn/src/openvpn/base64.c index 6dc8479f..258b258e 100644 --- a/app/openvpn/src/openvpn/base64.c +++ b/app/openvpn/src/openvpn/base64.c @@ -108,7 +108,7 @@ token_decode(const char *token) int i; unsigned int val = 0; int marker = 0; - if (strlen(token) < 4) + if (!token[0] || !token[1] || !token[2] || !token[3]) return DECODE_ERROR; for (i = 0; i < 4; i++) { val *= 64; diff --git a/app/openvpn/src/openvpn/console.c b/app/openvpn/src/openvpn/console.c index afda8ca3..d66d4087 100644 --- a/app/openvpn/src/openvpn/console.c +++ b/app/openvpn/src/openvpn/console.c @@ -34,6 +34,10 @@ #include "buffer.h" #include "misc.h" +#ifdef ENABLE_SYSTEMD +#include <systemd/sd-daemon.h> +#endif + #ifdef WIN32 #include "win32.h" @@ -143,14 +147,14 @@ close_tty (FILE *fp) static bool check_systemd_running () { - struct stat a, b; + struct stat c; /* We simply test whether the systemd cgroup hierarchy is - * mounted */ + * mounted, as well as the systemd-ask-password executable + * being available */ - return (lstat("/sys/fs/cgroup", &a) == 0) - && (lstat("/sys/fs/cgroup/systemd", &b) == 0) - && (a.st_dev != b.st_dev); + return (sd_booted() > 0) + && (stat(SYSTEMD_ASK_PASSWORD_PATH, &c) == 0); } @@ -162,7 +166,7 @@ get_console_input_systemd (const char *prompt, const bool echo, char *input, con struct argv argv; argv_init (&argv); - argv_printf (&argv, "/bin/systemd-ask-password"); + argv_printf (&argv, SYSTEMD_ASK_PASSWORD_PATH); argv_printf_cat (&argv, "%s", prompt); if ((std_out = openvpn_popen (&argv, NULL)) < 0) { diff --git a/app/openvpn/src/openvpn/crypto.c b/app/openvpn/src/openvpn/crypto.c index 62c4ab28..69df29de 100644 --- a/app/openvpn/src/openvpn/crypto.c +++ b/app/openvpn/src/openvpn/crypto.c @@ -223,6 +223,30 @@ err: return; } +int verify_hmac(struct buffer *buf, struct key_ctx *ctx, int offset) +{ + uint8_t local_hmac[MAX_HMAC_KEY_LENGTH]; /* HMAC of ciphertext computed locally */ + int hmac_len = 0; + + hmac_ctx_reset(ctx->hmac); + /* Assume the length of the input HMAC */ + hmac_len = hmac_ctx_size (ctx->hmac); + + /* Authentication fails if insufficient data in packet for HMAC */ + if (buf->len - offset < hmac_len) + return 0; + + hmac_ctx_update (ctx->hmac, BPTR (buf) + hmac_len + offset, + BLEN (buf) - hmac_len - offset); + hmac_ctx_final (ctx->hmac, local_hmac); + + /* Compare locally computed HMAC with packet HMAC */ + if (memcmp_constant_time (local_hmac, BPTR (buf) + offset, hmac_len) == 0) + return hmac_len; + + return 0; +} + /* * If (opt->flags & CO_USE_IV) is not NULL, we will read an IV from the packet. * @@ -249,25 +273,9 @@ openvpn_decrypt (struct buffer *buf, struct buffer work, /* Verify the HMAC */ if (ctx->hmac) { - int hmac_len; - uint8_t local_hmac[MAX_HMAC_KEY_LENGTH]; /* HMAC of ciphertext computed locally */ - - hmac_ctx_reset(ctx->hmac); - - /* Assume the length of the input HMAC */ - hmac_len = hmac_ctx_size (ctx->hmac); - - /* Authentication fails if insufficient data in packet for HMAC */ - if (buf->len < hmac_len) - CRYPT_ERROR ("missing authentication info"); - - hmac_ctx_update (ctx->hmac, BPTR (buf) + hmac_len, BLEN (buf) - hmac_len); - hmac_ctx_final (ctx->hmac, local_hmac); - - /* Compare locally computed HMAC with packet HMAC */ - if (memcmp_constant_time (local_hmac, BPTR (buf), hmac_len)) + int hmac_len = verify_hmac(buf, ctx, 0); + if (hmac_len == 0) CRYPT_ERROR ("packet HMAC authentication failed"); - ASSERT (buf_advance (buf, hmac_len)); } @@ -399,10 +407,6 @@ openvpn_decrypt (struct buffer *buf, struct buffer work, bool crypto_test_hmac (struct buffer *buf, const struct crypto_options *opt) { - struct gc_arena gc; - gc_init (&gc); - int offset = 4; /* 1 byte opcode + 3 bytes session-id */ - if (buf->len > 0 && opt->key_ctx_bi) { struct key_ctx *ctx = &opt->key_ctx_bi->decrypt; @@ -410,38 +414,10 @@ crypto_test_hmac (struct buffer *buf, const struct crypto_options *opt) /* Verify the HMAC */ if (ctx->hmac) { - int hmac_len; - uint8_t local_hmac[MAX_HMAC_KEY_LENGTH]; /* HMAC of ciphertext computed locally */ - - hmac_ctx_reset(ctx->hmac); - - /* Assume the length of the input HMAC */ - hmac_len = hmac_ctx_size (ctx->hmac); - - /* Authentication fails if insufficient data in packet for HMAC */ - if ((buf->len - offset) < hmac_len) - { - gc_free (&gc); - return false; - } - - hmac_ctx_update (ctx->hmac, BPTR (buf) + offset + hmac_len, - BLEN (buf) - offset - hmac_len); - hmac_ctx_final (ctx->hmac, local_hmac); - - /* Compare locally computed HMAC with packet HMAC */ - if (memcmp (local_hmac, BPTR (buf) + offset, hmac_len)) - { - gc_free (&gc); - return false; - } - - gc_free (&gc); - return true; + /* sizeof(uint32_t) comes from peer_id (3 bytes) and opcode (1 byte) */ + return verify_hmac(buf, ctx, sizeof(uint32_t)) != 0; } } - - gc_free (&gc); return false; } diff --git a/app/openvpn/src/openvpn/crypto_backend.h b/app/openvpn/src/openvpn/crypto_backend.h index a48ad6c5..bc067a7d 100644 --- a/app/openvpn/src/openvpn/crypto_backend.h +++ b/app/openvpn/src/openvpn/crypto_backend.h @@ -231,7 +231,7 @@ int cipher_kt_block_size (const cipher_kt_t *cipher_kt); int cipher_kt_mode (const cipher_kt_t *cipher_kt); /** - * Check of the supplied cipher is a supported CBC mode cipher. + * Check if the supplied cipher is a supported CBC mode cipher. * * @param cipher Static cipher parameters. May not be NULL. * @@ -241,7 +241,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) __attribute__((nonnull)); /** - * Check of the supplied cipher is a supported OFB or CFB mode cipher. + * Check if the supplied cipher is a supported OFB or CFB mode cipher. * * @param cipher Static cipher parameters. May not be NULL. * diff --git a/app/openvpn/src/openvpn/forward.c b/app/openvpn/src/openvpn/forward.c index a43361b4..0bbdedb0 100644 --- a/app/openvpn/src/openvpn/forward.c +++ b/app/openvpn/src/openvpn/forward.c @@ -948,6 +948,15 @@ read_incoming_tun (struct context *c) return; } + /* Was TUN/TAP I/O operation aborted? */ + if (tuntap_abort(c->c2.buf.len)) + { + register_signal(c, SIGTERM, "tun-abort"); + msg(M_FATAL, "TUN/TAP I/O operation aborted, exiting"); + perf_pop(); + return; + } + /* Check the status return from read() */ check_status (c->c2.buf.len, "read from TUN/TAP", NULL, c->c1.tuntap); diff --git a/app/openvpn/src/openvpn/init.c b/app/openvpn/src/openvpn/init.c index 6137588d..7cec8d9b 100644 --- a/app/openvpn/src/openvpn/init.c +++ b/app/openvpn/src/openvpn/init.c @@ -1718,7 +1718,8 @@ pull_permission_mask (const struct context *c) | OPT_P_MESSAGES | OPT_P_EXPLICIT_NOTIFY | OPT_P_ECHO - | OPT_P_PULL_MODE; + | OPT_P_PULL_MODE + | OPT_P_PEER_ID; if (!c->options.route_nopull) flags |= (OPT_P_ROUTE | OPT_P_IPWIN32); @@ -1795,6 +1796,13 @@ do_deferred_options (struct context *c, const unsigned int found) msg (D_PUSH, "OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified"); if (found & OPT_P_SETENV) msg (D_PUSH, "OPTIONS IMPORT: environment modified"); + + if (found & OPT_P_PEER_ID) + { + msg (D_PUSH, "OPTIONS IMPORT: peer-id set"); + c->c2.tls_multi->use_peer_id = true; + c->c2.tls_multi->peer_id = c->options.peer_id; + } } /* @@ -3179,7 +3187,7 @@ managmenet_callback_network_change (void *arg) reestablishing the connection is required */ socketfd = c->c2.link_socket->sd; - if (!c->options.pull || c->c2.tls_multi->use_session_id) + if (!c->options.pull || c->c2.tls_multi->use_peer_id) return socketfd; else return -2; diff --git a/app/openvpn/src/openvpn/misc.c b/app/openvpn/src/openvpn/misc.c index 63b4c1cf..61bc523d 100644 --- a/app/openvpn/src/openvpn/misc.c +++ b/app/openvpn/src/openvpn/misc.c @@ -365,24 +365,29 @@ openvpn_popen (const struct argv *a, const struct env_set *es) pid = fork (); if (pid == (pid_t)0) /* child side */ { - close (pipe_stdout[0]); + close (pipe_stdout[0]); /* Close read end */ dup2 (pipe_stdout[1],1); execve (cmd, argv, envp); exit (127); } - else if (pid < (pid_t)0) /* fork failed */ + else if (pid > (pid_t)0) /* parent side */ { - msg (M_ERR, "openvpn_popen: unable to fork"); + int status = 0; + + close (pipe_stdout[1]); /* Close write end */ + waitpid(pid, &status, 0); + ret = pipe_stdout[0]; } - else /* parent side */ + else /* fork failed */ { - ret=pipe_stdout[0]; - close (pipe_stdout[1]); + close (pipe_stdout[0]); + close (pipe_stdout[1]); + msg (M_ERR, "openvpn_popen: unable to fork %s", cmd); } } else { - msg (M_WARN, "openvpn_popen: unable to create stdout pipe"); - ret = -1; + msg (M_WARN, "openvpn_popen: unable to create stdout pipe for %s", cmd); + ret = -1; } } else if (!warn_shown && (script_security < SSEC_SCRIPTS)) diff --git a/app/openvpn/src/openvpn/mudp.c b/app/openvpn/src/openvpn/mudp.c index f7ab6253..51227a90 100644 --- a/app/openvpn/src/openvpn/mudp.c +++ b/app/openvpn/src/openvpn/mudp.c @@ -105,29 +105,29 @@ multi_get_create_instance_udp (struct multi_context *m) struct hash_element *he; const uint32_t hv = hash_value (hash, &real); struct hash_bucket *bucket = hash_bucket (hash, hv); - uint8_t* ptr = BPTR(&m->top.c2.buf); + uint8_t* ptr = BPTR(&m->top.c2.buf); uint8_t op = ptr[0] >> P_OPCODE_SHIFT; - uint32_t sess_id; - bool session_forged = false; + uint32_t peer_id; + bool hmac_mismatch = false; if (op == P_DATA_V2) { - sess_id = (*(uint32_t*)ptr) >> 8; - if ((sess_id < m->max_clients) && (m->instances[sess_id])) + peer_id = ntohl((*(uint32_t*)ptr)) & 0xFFFFFF; + if ((peer_id < m->max_clients) && (m->instances[peer_id])) { - mi = m->instances[sess_id]; + mi = m->instances[peer_id]; if (!link_socket_actual_match(&mi->context.c2.from, &m->top.c2.from)) { - msg(D_MULTI_MEDIUM, "floating detected from %s to %s", - print_link_socket_actual (&mi->context.c2.from, &gc), print_link_socket_actual (&m->top.c2.from, &gc)); + msg(D_MULTI_MEDIUM, "float from %s to %s", + print_link_socket_actual (&mi->context.c2.from, &gc), print_link_socket_actual (&m->top.c2.from, &gc)); - /* session-id is not trusted, so check hmac */ - session_forged = !(crypto_test_hmac(&m->top.c2.buf, &mi->context.c2.crypto_options)); - if (session_forged) + /* peer-id is not trusted, so check hmac */ + hmac_mismatch = !(crypto_test_hmac(&m->top.c2.buf, &mi->context.c2.crypto_options)); + if (hmac_mismatch) { mi = NULL; - msg (D_MULTI_MEDIUM, "hmac verification failed, session forge detected!"); + msg (D_MULTI_MEDIUM, "HMAC mismatch for peer-id %d", peer_id); } else { @@ -144,7 +144,7 @@ multi_get_create_instance_udp (struct multi_context *m) mi = (struct multi_instance *) he->value; } } - if (!mi && !session_forged) + if (!mi && !hmac_mismatch) { if (!m->top.c2.tls_auth_standalone || tls_pre_decrypt_lite (m->top.c2.tls_auth_standalone, &m->top.c2.from, &m->top.c2.buf)) @@ -162,7 +162,7 @@ multi_get_create_instance_udp (struct multi_context *m) { if (!m->instances[i]) { - mi->context.c2.tls_multi->vpn_session_id = i; + mi->context.c2.tls_multi->peer_id = i; m->instances[i] = mi; break; } @@ -183,15 +183,6 @@ multi_get_create_instance_udp (struct multi_context *m) { const char *status = mi ? "[ok]" : "[failed]"; - /* - if (he && mi) - status = "[succeeded]"; - else if (!he && mi) - status = "[created]"; - else - status = "[failed]"; - */ - dmsg (D_MULTI_DEBUG, "GET INST BY REAL: %s %s", mroute_addr_print (&real, &gc), status); diff --git a/app/openvpn/src/openvpn/multi.c b/app/openvpn/src/openvpn/multi.c index a4289ac7..bd5948c8 100644 --- a/app/openvpn/src/openvpn/multi.c +++ b/app/openvpn/src/openvpn/multi.c @@ -303,7 +303,6 @@ multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int threa cid_compare_function); #endif - /* * This is our scheduler, for time-based wakeup * events. @@ -374,12 +373,7 @@ multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int threa */ m->max_clients = t->options.max_clients; - int i; - m->instances = malloc(sizeof(struct multi_instance*) * m->max_clients); - for (i = 0; i < m->max_clients; ++ i) - { - m->instances[i] = NULL; - } + m->instances = calloc(m->max_clients, sizeof(struct multi_instance*)); /* * Initialize multi-socket TCP I/O wait object @@ -561,7 +555,7 @@ multi_close_instance (struct multi_context *m, } #endif - m->instances[mi->context.c2.tls_multi->vpn_session_id] = NULL; + m->instances[mi->context.c2.tls_multi->peer_id] = NULL; schedule_remove_entry (m->schedule, (struct schedule_entry *) mi); @@ -664,6 +658,8 @@ multi_create_instance (struct multi_context *m, const struct mroute_addr *real) perf_push (PERF_MULTI_CREATE_INSTANCE); + msg (D_MULTI_MEDIUM, "MULTI: multi_create_instance called"); + ALLOC_OBJ_CLEAR (mi, struct multi_instance); mi->gc = gc_new (); @@ -1467,10 +1463,6 @@ multi_client_connect_post (struct multi_context *m, option_types_found, mi->context.c2.es); - if (!platform_unlink (dc_file)) - msg (D_MULTI_ERRORS, "MULTI: problem deleting temporary file: %s", - dc_file); - /* * If the --client-connect script generates a config file * with an --ifconfig-push directive, it will override any @@ -1713,6 +1705,11 @@ multi_connection_established (struct multi_context *m, struct multi_instance *mi multi_client_connect_post (m, mi, dc_file, option_permissions_mask, &option_types_found); ++cc_succeeded_count; } + + if (!platform_unlink (dc_file)) + msg (D_MULTI_ERRORS, "MULTI: problem deleting temporary file: %s", + dc_file); + script_depr_failed: argv_reset (&argv); } @@ -1766,6 +1763,11 @@ multi_connection_established (struct multi_context *m, struct multi_instance *mi } else cc_succeeded = false; + + if (!platform_unlink (dc_file)) + msg (D_MULTI_ERRORS, "MULTI: problem deleting temporary file: %s", + dc_file); + script_failed: argv_reset (&argv); } diff --git a/app/openvpn/src/openvpn/options.c b/app/openvpn/src/openvpn/options.c index 9ff2db5a..1ca4ad57 100644 --- a/app/openvpn/src/openvpn/options.c +++ b/app/openvpn/src/openvpn/options.c @@ -2926,8 +2926,8 @@ options_string (const struct options *o, o->ifconfig_ipv6_local, o->ifconfig_ipv6_netbits, o->ifconfig_ipv6_remote, - (in_addr_t)0, - (in_addr_t)0, + NULL, + NULL, false, NULL); if (tt) @@ -3913,17 +3913,7 @@ apply_push_options (struct options *options, ++line_num; if (parse_line (line, p, SIZE (p), file, line_num, msglevel, &options->gc)) { - if (streq(p[0], "session_id")) - { - /* Server supports P_DATA_V2 */ - tls_multi->vpn_session_id = atoi(p[1]); - tls_multi->use_session_id = true; - msg(D_PUSH, "session id: %d", tls_multi->vpn_session_id); - } - else - { - add_option (options, p, file, line_num, 0, msglevel, permission_mask, option_types_found, es); - } + add_option (options, p, file, line_num, 0, msglevel, permission_mask, option_types_found, es); } } return true; @@ -6986,6 +6976,12 @@ add_option (struct options *options, options->persist_mode = 1; } #endif + else if (streq (p[0], "peer-id")) + { + VERIFY_PERMISSION (OPT_P_PEER_ID); + options->use_peer_id = true; + options->peer_id = atoi(p[1]); + } else { int i; diff --git a/app/openvpn/src/openvpn/options.h b/app/openvpn/src/openvpn/options.h index 77c942ca..d5f7e95d 100644 --- a/app/openvpn/src/openvpn/options.h +++ b/app/openvpn/src/openvpn/options.h @@ -591,6 +591,9 @@ struct options bool show_net_up; int route_method; #endif + + bool use_peer_id; + uint32_t peer_id; }; #define streq(x, y) (!strcmp((x), (y))) @@ -626,6 +629,7 @@ struct options #define OPT_P_SOCKBUF (1<<25) #define OPT_P_SOCKFLAGS (1<<26) #define OPT_P_CONNECTION (1<<27) +#define OPT_P_PEER_ID (1<<28) #define OPT_P_DEFAULT (~(OPT_P_INSTANCE|OPT_P_PULL_MODE)) diff --git a/app/openvpn/src/openvpn/plugin.c b/app/openvpn/src/openvpn/plugin.c index 0948f238..54c5b52d 100644 --- a/app/openvpn/src/openvpn/plugin.c +++ b/app/openvpn/src/openvpn/plugin.c @@ -291,7 +291,7 @@ plugin_init_item (struct plugin *p, const struct plugin_option *o) static void plugin_vlog (openvpn_plugin_log_flags_t flags, const char *name, const char *format, va_list arglist) { - unsigned int msg_flags; + unsigned int msg_flags = 0; if (!format) return; diff --git a/app/openvpn/src/openvpn/push.c b/app/openvpn/src/openvpn/push.c index 028d838e..c7844499 100644 --- a/app/openvpn/src/openvpn/push.c +++ b/app/openvpn/src/openvpn/push.c @@ -303,9 +303,17 @@ send_push_reply (struct context *c) if (multi_push) buf_printf (&buf, ",push-continuation 1"); - /* Send session_id if client supports it */ - if (c->c2.tls_multi->peer_info && strstr(c->c2.tls_multi->peer_info, "IV_PROTO=2")) { - buf_printf(&buf, ",session_id %d", c->c2.tls_multi->vpn_session_id); + /* Send peer-id if client supports it */ + if (c->c2.tls_multi->peer_info) + { + const char* proto_str = strstr(c->c2.tls_multi->peer_info, "IV_PROTO="); + if (proto_str) + { + int proto = 0; + int r = sscanf(proto_str, "IV_PROTO=%d", &proto); + if ((r == 1) && (proto >= 2)) + buf_printf(&buf, ",peer-id %d", c->c2.tls_multi->peer_id); + } } if (BLEN (&buf) > sizeof(cmd)-1) diff --git a/app/openvpn/src/openvpn/route.c b/app/openvpn/src/openvpn/route.c index 562af9fe..c330169a 100644 --- a/app/openvpn/src/openvpn/route.c +++ b/app/openvpn/src/openvpn/route.c @@ -863,10 +863,12 @@ redirect_default_route_to_vpn (struct route_list *rl, const struct tuntap *tt, u { msg (M_WARN, "%s VPN gateway parameter (--route-gateway or --ifconfig) is missing", err); } +#ifndef TARGET_ANDROID else if (!(rl->rgi.flags & RGI_ADDR_DEFINED)) { msg (M_WARN, "%s Cannot read current default gateway from system", err); } +#endif else if (!(rl->spec.flags & RTSA_REMOTE_HOST)) { msg (M_WARN, "%s Cannot obtain current remote host address", err); @@ -913,6 +915,16 @@ redirect_default_route_to_vpn (struct route_list *rl, const struct tuntap *tt, u if (rl->flags & RG_REROUTE_GW) { +#ifdef TARGET_ANDROID + add_route3 (0, + 0, + rl->spec.remote_endpoint, + tt, + flags, + &rl->rgi, + es); + +#else if (rl->flags & RG_DEF1) { /* add new default route (1st component) */ @@ -953,6 +965,7 @@ redirect_default_route_to_vpn (struct route_list *rl, const struct tuntap *tt, u &rl->rgi, es); } +#endif } /* set a flag so we can undo later */ @@ -1338,15 +1351,18 @@ add_route (struct route_ipv4 *r, #if defined(TARGET_LINUX) #ifdef ENABLE_IPROUTE - /* FIXME -- add on-link support for ENABLE_IPROUTE */ - argv_printf (&argv, "%s route add %s/%d via %s", + argv_printf (&argv, "%s route add %s/%d", iproute_path, network, - count_netmask_bits(netmask), - gateway); + count_netmask_bits(netmask)); + if (r->flags & RT_METRIC_DEFINED) argv_printf_cat (&argv, "metric %d", r->metric); + if (is_on_link (is_local_route, flags, rgi)) + argv_printf_cat (&argv, "dev %s", rgi->iface); + else + argv_printf_cat (&argv, "via %s", gateway); #else argv_printf (&argv, "%s add -net %s netmask %s", ROUTE_PATH, diff --git a/app/openvpn/src/openvpn/sig.c b/app/openvpn/src/openvpn/sig.c index 90e39a42..a3d29de0 100644 --- a/app/openvpn/src/openvpn/sig.c +++ b/app/openvpn/src/openvpn/sig.c @@ -126,7 +126,7 @@ print_signal (const struct signal_info *si, const char *title, int msglevel) { const char *type = (si->signal_text ? si->signal_text : ""); const char *t = (title ? title : "process"); - const char *hs; + const char *hs = NULL; switch (si->source) { case SIG_SOURCE_SOFT: diff --git a/app/openvpn/src/openvpn/socket.c b/app/openvpn/src/openvpn/socket.c index 9e6bd10c..c649d627 100644 --- a/app/openvpn/src/openvpn/socket.c +++ b/app/openvpn/src/openvpn/socket.c @@ -2354,12 +2354,12 @@ print_sockaddr_ex (const struct sockaddr *sa, struct gc_arena *gc) { struct buffer out = alloc_buf_gc (128, gc); - bool addr_is_defined; + bool addr_is_defined = false; char hostaddr[NI_MAXHOST] = ""; char servname[NI_MAXSERV] = ""; int status; - socklen_t salen; + socklen_t salen = 0; switch(sa->sa_family) { case AF_INET: diff --git a/app/openvpn/src/openvpn/ssl.c b/app/openvpn/src/openvpn/ssl.c index 929f95fa..94b7b6d9 100644 --- a/app/openvpn/src/openvpn/ssl.c +++ b/app/openvpn/src/openvpn/ssl.c @@ -1056,7 +1056,7 @@ tls_multi_init (struct tls_options *tls_options) ret->key_scan[2] = &ret->session[TM_LAME_DUCK].key[KS_LAME_DUCK]; /* By default not use P_DATA_V2 */ - ret->use_session_id = false; + ret->use_peer_id = false; return ret; } @@ -2826,7 +2826,7 @@ tls_pre_decrypt (struct tls_multi *multi, opt->flags &= multi->opt.crypto_flags_and; opt->flags |= multi->opt.crypto_flags_or; - ASSERT (buf_advance (buf, op == P_DATA_V1 ? 1 : 4)); + ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1)); ++ks->n_packets; ks->n_bytes += buf->len; @@ -3324,7 +3324,6 @@ tls_pre_decrypt_lite (const struct tls_auth_standalone *tas, return ret; error: - tls_clear_error(); gc_free (&gc); return ret; @@ -3393,7 +3392,7 @@ tls_post_encrypt (struct tls_multi *multi, struct buffer *buf) { struct key_state *ks; uint8_t *op; - uint32_t sess; + uint32_t peer; ks = multi->save_ks; multi->save_ks = NULL; @@ -3401,10 +3400,10 @@ tls_post_encrypt (struct tls_multi *multi, struct buffer *buf) { ASSERT (ks); - if (!multi->opt.server && multi->use_session_id) + if (!multi->opt.server && multi->use_peer_id) { - sess = ((P_DATA_V2 << P_OPCODE_SHIFT) | ks->key_id) | (multi->vpn_session_id << 8); - ASSERT (buf_write_prepend (buf, &sess, 4)); + peer = htonl(((P_DATA_V2 << P_OPCODE_SHIFT) | ks->key_id) << 24 | (multi->peer_id & 0xFFFFFF)); + ASSERT (buf_write_prepend (buf, &peer, 4)); } else { diff --git a/app/openvpn/src/openvpn/ssl.h b/app/openvpn/src/openvpn/ssl.h index 9bdd641f..a338745e 100644 --- a/app/openvpn/src/openvpn/ssl.h +++ b/app/openvpn/src/openvpn/ssl.h @@ -60,7 +60,7 @@ #define P_CONTROL_V1 4 /* control channel packet (usually TLS ciphertext) */ #define P_ACK_V1 5 /* acknowledgement for packets received */ #define P_DATA_V1 6 /* data channel packet */ -#define P_DATA_V2 9 /* data channel packet with session_id */ +#define P_DATA_V2 9 /* data channel packet with peer-id */ /* indicates key_method >= 2 */ #define P_CONTROL_HARD_RESET_CLIENT_V2 7 /* initial key from client, forget previous state */ diff --git a/app/openvpn/src/openvpn/ssl_common.h b/app/openvpn/src/openvpn/ssl_common.h index 2fc72aa6..cb0ba628 100644 --- a/app/openvpn/src/openvpn/ssl_common.h +++ b/app/openvpn/src/openvpn/ssl_common.h @@ -496,8 +496,8 @@ struct tls_multi #endif /* For P_DATA_V2 */ - uint32_t vpn_session_id; - int use_session_id; + uint32_t peer_id; + bool use_peer_id; /* * Our session objects. diff --git a/app/openvpn/src/openvpn/ssl_polarssl.c b/app/openvpn/src/openvpn/ssl_polarssl.c index ddccf1d9..387e6369 100644 --- a/app/openvpn/src/openvpn/ssl_polarssl.c +++ b/app/openvpn/src/openvpn/ssl_polarssl.c @@ -40,6 +40,7 @@ #include "errlevel.h" #include "ssl_backend.h" +#include "base64.h" #include "buffer.h" #include "misc.h" #include "manage.h" @@ -49,8 +50,10 @@ #include "ssl_verify_polarssl.h" #include <polarssl/error.h> +#include <polarssl/oid.h> #include <polarssl/pem.h> #include <polarssl/sha256.h> +#include <polarssl/version.h> void tls_init_lib() @@ -210,12 +213,13 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) void tls_ctx_load_dh_params (struct tls_root_ctx *ctx, const char *dh_file, - const char *dh_file_inline + const char *dh_inline ) { - if (!strcmp (dh_file, INLINE_FILE_TAG) && dh_file_inline) + if (!strcmp (dh_file, INLINE_FILE_TAG) && dh_inline) { - if (0 != dhm_parse_dhm(ctx->dhm_ctx, dh_file_inline, strlen(dh_file_inline))) + if (0 != dhm_parse_dhm(ctx->dhm_ctx, (const unsigned char *) dh_inline, + strlen(dh_inline))) msg (M_FATAL, "Cannot read inline DH parameters"); } else @@ -257,15 +261,15 @@ tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert) void tls_ctx_load_cert_file (struct tls_root_ctx *ctx, const char *cert_file, - const char *cert_file_inline + const char *cert_inline ) { ASSERT(NULL != ctx); - if (!strcmp (cert_file, INLINE_FILE_TAG) && cert_file_inline) + if (!strcmp (cert_file, INLINE_FILE_TAG) && cert_inline) { - if (0 != x509_crt_parse(ctx->crt_chain, cert_file_inline, - strlen(cert_file_inline))) + if (0 != x509_crt_parse(ctx->crt_chain, + (const unsigned char *) cert_inline, strlen(cert_inline))) msg (M_FATAL, "Cannot load inline certificate file"); } else @@ -282,31 +286,31 @@ tls_ctx_load_cert_file (struct tls_root_ctx *ctx, const char *cert_file, int tls_ctx_load_priv_file (struct tls_root_ctx *ctx, const char *priv_key_file, - const char *priv_key_file_inline + const char *priv_key_inline ) { int status; ASSERT(NULL != ctx); - if (!strcmp (priv_key_file, INLINE_FILE_TAG) && priv_key_file_inline) + if (!strcmp (priv_key_file, INLINE_FILE_TAG) && priv_key_inline) { status = pk_parse_key(ctx->priv_key, - priv_key_file_inline, strlen(priv_key_file_inline), + (const unsigned char *) priv_key_inline, strlen(priv_key_inline), NULL, 0); - if (POLARSSL_ERR_PEM_PASSWORD_REQUIRED == status) + if (POLARSSL_ERR_PK_PASSWORD_REQUIRED == status) { char passbuf[512] = {0}; pem_password_callback(passbuf, 512, 0, NULL); status = pk_parse_key(ctx->priv_key, - priv_key_file_inline, strlen(priv_key_file_inline), + (const unsigned char *) priv_key_inline, strlen(priv_key_inline), (unsigned char *) passbuf, strlen(passbuf)); } } else { status = pk_parse_keyfile(ctx->priv_key, priv_key_file, NULL); - if (POLARSSL_ERR_PEM_PASSWORD_REQUIRED == status) + if (POLARSSL_ERR_PK_PASSWORD_REQUIRED == status) { char passbuf[512] = {0}; pem_password_callback(passbuf, 512, 0, NULL); @@ -316,7 +320,7 @@ tls_ctx_load_priv_file (struct tls_root_ctx *ctx, const char *priv_key_file, if (0 != status) { #ifdef ENABLE_MANAGEMENT - if (management && (POLARSSL_ERR_PEM_PASSWORD_MISMATCH == status)) + if (management && (POLARSSL_ERR_PK_PASSWORD_MISMATCH == status)) management_auth_failure (management, UP_TYPE_PRIVATE_KEY, NULL); #endif msg (M_WARN, "Cannot load private key file %s", priv_key_file); diff --git a/app/openvpn/src/openvpn/ssl_verify_openssl.c b/app/openvpn/src/openvpn/ssl_verify_openssl.c index cbcff022..33cd757d 100644 --- a/app/openvpn/src/openvpn/ssl_verify_openssl.c +++ b/app/openvpn/src/openvpn/ssl_verify_openssl.c @@ -101,9 +101,7 @@ static bool extract_x509_extension(X509 *cert, char *fieldname, char *out, int size) { bool retval = false; - X509_EXTENSION *pExt; char *buf = 0; - int length = 0; GENERAL_NAMES *extensions; int nid = OBJ_txt2nid(fieldname); @@ -140,8 +138,8 @@ bool extract_x509_extension(X509 *cert, char *fieldname, char *out, int size) } break; default: - msg (D_TLS_ERRORS, "ASN1 ERROR: can not handle field type %i", - name->type); + msg (D_TLS_DEBUG, "%s: ignoring general name field type %i", + __func__, name->type); break; } } diff --git a/app/openvpn/src/openvpn/tun.h b/app/openvpn/src/openvpn/tun.h index 631b53c6..79e2d188 100644 --- a/app/openvpn/src/openvpn/tun.h +++ b/app/openvpn/src/openvpn/tun.h @@ -391,6 +391,19 @@ tuntap_stop (int status) return false; } +static inline bool +tuntap_abort(int status) +{ + /* + * Typically generated when driver is halted. + */ + if (status < 0) + { + return openvpn_errno() == ERROR_OPERATION_ABORTED; + } + return false; +} + static inline int tun_write_win32 (struct tuntap *tt, struct buffer *buf) { @@ -432,6 +445,12 @@ tuntap_stop (int status) return false; } +static inline bool +tuntap_abort(int status) +{ + return false; +} + static inline void tun_standby_init (struct tuntap *tt) { diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index c405d06f..78fcda56 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -1,281 +1,376 @@ -/**
- * Copyright (c) 2013 LEAP Encryption Access Project and contributers
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
- package se.leap.bitmaskclient;
-
- - - -
-
-import android.app.Activity;
-import android.app.DialogFragment;
-import android.app.Fragment;
-import android.app.FragmentManager;
-import android.app.FragmentTransaction;
-import android.content.BroadcastReceiver;
-import android.content.Context;
-import android.content.Intent;
-import android.content.IntentFilter;
-import android.content.SharedPreferences;
-import android.content.res.AssetManager;
-import android.os.Bundle;
-import android.os.Handler;
-import android.util.Log;
-import android.view.Display;
-import android.view.Menu;
-import android.view.MenuItem;
-import android.view.View.MeasureSpec;
-import android.view.View;
-import android.view.ViewGroup;
-import android.view.WindowManager;
-import android.widget.ListAdapter;
-import android.widget.ListView;
-import android.widget.ProgressBar;
-import android.widget.ProgressBar;
-import android.widget.RelativeLayout;
-import android.widget.TextView;
-import java.io.IOException;
+/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package se.leap.bitmaskclient; + +import android.app.Activity; +import android.app.DialogFragment; +import android.app.Fragment; +import android.app.FragmentTransaction; +import android.content.BroadcastReceiver; +import android.content.Context; +import android.content.Intent; +import android.content.IntentFilter; +import android.content.SharedPreferences; +import android.content.res.AssetManager; +import android.os.Bundle; +import android.os.Handler; +import android.util.Log; +import android.view.Display; +import android.view.Menu; +import android.view.MenuItem; +import android.view.View.MeasureSpec; +import android.view.View; +import android.view.ViewGroup; +import android.view.WindowManager; +import android.widget.ListAdapter; +import android.widget.ListView; +import android.widget.ProgressBar; +import android.widget.ProgressBar; +import android.widget.RelativeLayout; +import android.widget.TextView; +import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; -import java.util.Iterator;
-import org.json.JSONException;
-import org.json.JSONObject;
+import java.util.Iterator; +import org.json.JSONException; +import org.json.JSONObject; + import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; +import se.leap.bitmaskclient.FragmentManagerEnhanced; + import se.leap.bitmaskclient.R; -
-/**
- * Activity that builds and shows the list of known available providers.
- *
- * It also allows the user to enter custom providers with a button.
- *
- * @author parmegv
- *
- */
-public class ConfigurationWizard extends Activity
-implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver {
-
- private ProgressBar mProgressBar;
- private TextView progressbar_description;
- private ProviderListFragment provider_list_fragment;
- private Intent mConfigState = new Intent();
-
- final public static String TAG = "se.leap.bitmaskclient.ConfigurationWizard";
- final public static String TYPE_OF_CERTIFICATE = "type_of_certificate";
- final public static String ANON_CERTIFICATE = "anon_certificate";
- final public static String AUTHED_CERTIFICATE = "authed_certificate";
-
- final protected static String PROVIDER_SET = "PROVIDER SET";
- final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED";
+ +/** + * Activity that builds and shows the list of known available providers. + * + * It also allows the user to enter custom providers with a button. + * + * @author parmegv + * + */ +public class ConfigurationWizard extends Activity +implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { + + private ProgressBar mProgressBar; + private TextView progressbar_description; + private ProviderListFragment provider_list_fragment; + private Intent mConfigState = new Intent(); + + final public static String TAG = ConfigurationWizard.class.getSimpleName(); + final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; + final public static String ANON_CERTIFICATE = "anon_certificate"; + final public static String AUTHED_CERTIFICATE = "authed_certificate"; + + final protected static String PROVIDER_SET = "PROVIDER SET"; + final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; final protected static String ASSETS_URL_FOLDER = "urls"; -
- public ProviderAPIResultReceiver providerAPI_result_receiver;
+ + public ProviderAPIResultReceiver providerAPI_result_receiver; private ProviderAPIBroadcastReceiver_Update providerAPI_broadcast_receiver_update; - private static SharedPreferences preferences;
+ private static SharedPreferences preferences; + FragmentManagerEnhanced fragment_manager; private static boolean setting_up_provider = false; -
- @Override
- protected void onCreate(Bundle savedInstanceState) {
- super.onCreate(savedInstanceState);
+ + @Override + protected void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); -
- setContentView(R.layout.configuration_wizard_activity);
- mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard);
- mProgressBar.setVisibility(ProgressBar.INVISIBLE);
- progressbar_description = (TextView) findViewById(R.id.progressbar_description);
- progressbar_description.setVisibility(TextView.INVISIBLE);
- providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
- providerAPI_result_receiver.setReceiver(this);
- providerAPI_broadcast_receiver_update = new ProviderAPIBroadcastReceiver_Update();
- IntentFilter update_intent_filter = new IntentFilter(ProviderAPI.UPDATE_PROGRESSBAR);
- update_intent_filter.addCategory(Intent.CATEGORY_DEFAULT);
- registerReceiver(providerAPI_broadcast_receiver_update, update_intent_filter);
-
- loadPreseededProviders();
-
- // Only create our fragments if we're not restoring a saved instance
- if ( savedInstanceState == null ){
- // TODO Some welcome screen?
- // We will need better flow control when we have more Fragments (e.g. user auth)
- provider_list_fragment = ProviderListFragment.newInstance();
- Bundle arguments = new Bundle();
- int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1);
- if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) {
- arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true);
- }
- provider_list_fragment.setArguments(arguments);
-
- FragmentManager fragmentManager = getFragmentManager();
- fragmentManager.beginTransaction()
- .replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG)
- .commit();
- }
-
- // TODO: If exposing deep links into your app, handle intents here.
- }
-
- @Override
- protected void onDestroy() {
- super.onDestroy();
- unregisterReceiver(providerAPI_broadcast_receiver_update);
- }
-
- public void refreshProviderList(int top_padding) {
- ProviderListFragment new_provider_list_fragment = new ProviderListFragment();
- Bundle top_padding_bundle = new Bundle();
- top_padding_bundle.putInt(ProviderListFragment.TOP_PADDING, top_padding);
- new_provider_list_fragment.setArguments(top_padding_bundle);
-
- FragmentManager fragmentManager = getFragmentManager();
- fragmentManager.beginTransaction()
- .replace(R.id.configuration_wizard_layout, new_provider_list_fragment, ProviderListFragment.TAG)
- .commit();
- }
-
- @Override
- public void onReceiveResult(int resultCode, Bundle resultData) {
- if(resultCode == ProviderAPI.PROVIDER_OK) {
- mConfigState.setAction(PROVIDER_SET);
-
- if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){
- mConfigState.putExtra(SERVICES_RETRIEVED, true);
- downloadAnonCert();
- } else {
- mProgressBar.incrementProgressBy(1);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- setResult(RESULT_OK); - showProviderDetails(getCurrentFocus());
- } - } else if(resultCode == ProviderAPI.PROVIDER_NOK) {
- //refreshProviderList(0); - String reason_to_fail = resultData.getString(ProviderAPI.ERRORS);
- showDownloadFailedDialog(getCurrentFocus(), reason_to_fail);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE); - preferences.edit().remove(Provider.KEY).commit();
- setting_up_provider = false; - setResult(RESULT_CANCELED, mConfigState);
- }
- else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) {
- mProgressBar.incrementProgressBy(1);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- //refreshProviderList(0);
- setResult(RESULT_OK);
- showProviderDetails(getCurrentFocus());
- } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) {
- //refreshProviderList(0);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- //Toast.makeText(getApplicationContext(), R.string.incorrectly_downloaded_certificate_message, Toast.LENGTH_LONG).show();
- setResult(RESULT_CANCELED, mConfigState);
- } else if(resultCode == AboutActivity.VIEWED) { - // Do nothing, right now - // I need this for CW to wait for the About activity to end before going back to Dashboard. - } - }
-
- /**
- * Callback method from {@link ProviderListFragment.Callbacks}
- * indicating that the item with the given ID was selected.
- */
- @Override
- public void onItemSelected(String id) {
- //TODO Code 2 pane view
- // resetOldConnection();
- ProviderItem selected_provider = getProvider(id);
- int provider_index = getProviderIndex(id);
- - - startProgressBar(provider_index+1); - provider_list_fragment.hideAllBut(provider_index); - - boolean danger_on = true; - if(preferences.contains(ProviderItem.DANGER_ON)) - danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); - setUpProvider(selected_provider.providerMainUrl(), danger_on); - }
-
- @Override
- public void onBackPressed() {
+ fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + + setUpInitialUI(); + + loadPreseededProviders(); + + setUpProviderAPIResultReceiver(); + + // Only create our fragments if we're not restoring a saved instance + if ( savedInstanceState == null ){ + // TODO Some welcome screen? + // We will need better flow control when we have more Fragments (e.g. user auth) + setUpProviderList(); + } + + // TODO: If exposing deep links into your app, handle intents here. + } + + private void setUpInitialUI() { + setContentView(R.layout.configuration_wizard_activity); + + hideProgressBar(); + } + + private void hideProgressBar() { + mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard); + mProgressBar.setVisibility(ProgressBar.INVISIBLE); + + progressbar_description = (TextView) findViewById(R.id.progressbar_description); + progressbar_description.setVisibility(TextView.INVISIBLE); + } + + private void setUpProviderList() { + provider_list_fragment = ProviderListFragment.newInstance(); + + Bundle arguments = new Bundle(); + int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); + if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) + arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); + + provider_list_fragment.setArguments(arguments); + + putProviderListFragment(provider_list_fragment); + } + + private void putProviderListFragment(ProviderListFragment fragment) { + + fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); + } + + @Override + protected void onDestroy() { + super.onDestroy(); + unregisterReceiver(providerAPI_broadcast_receiver_update); + } + + private void setUpProviderAPIResultReceiver() { + providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); + providerAPI_result_receiver.setReceiver(this); + providerAPI_broadcast_receiver_update = new ProviderAPIBroadcastReceiver_Update(); + + IntentFilter update_intent_filter = new IntentFilter(ProviderAPI.UPDATE_PROGRESSBAR); + update_intent_filter.addCategory(Intent.CATEGORY_DEFAULT); + registerReceiver(providerAPI_broadcast_receiver_update, update_intent_filter); + } + + @Override + public void onReceiveResult(int resultCode, Bundle resultData) { + if(resultCode == ProviderAPI.PROVIDER_OK) { + mConfigState.setAction(PROVIDER_SET); + + if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){ + mConfigState.putExtra(SERVICES_RETRIEVED, true); + + downloadAnonCert(); + } else { + mProgressBar.incrementProgressBy(1); + hideProgressBar(); + + setResult(RESULT_OK); + + showProviderDetails(); + } + } else if(resultCode == ProviderAPI.PROVIDER_NOK) { + hideProgressBar(); + preferences.edit().remove(Provider.KEY).commit(); + setting_up_provider = false; + + setResult(RESULT_CANCELED, mConfigState); + + String reason_to_fail = resultData.getString(ProviderAPI.ERRORS); + showDownloadFailedDialog(getCurrentFocus(), reason_to_fail); + } + else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { + mProgressBar.incrementProgressBy(1); + hideProgressBar(); + + setResult(RESULT_OK); + + showProviderDetails(); + } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { + hideProgressBar(); + + setResult(RESULT_CANCELED, mConfigState); + } else if(resultCode == AboutActivity.VIEWED) { + // Do nothing, right now + // I need this for CW to wait for the About activity to end before going back to Dashboard. + } + } + + /** + * Callback method from {@link ProviderListFragment.Callbacks} + * indicating that the item with the given ID was selected. + */ + @Override + public void onItemSelected(String id) { + //TODO Code 2 pane view + ProviderItem selected_provider = getProvider(id); + int provider_index = getProviderIndex(id); + + startProgressBar(provider_index+1); + provider_list_fragment.hideAllBut(provider_index); + + boolean danger_on = true; + if(preferences.contains(ProviderItem.DANGER_ON)) + danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); + setUpProvider(selected_provider.providerMainUrl(), danger_on); + } + + @Override + public void onBackPressed() { if(setting_up_provider) { stopSettingUpProvider(); - } else {
+ } else { usualBackButton(); } } -
- private void stopSettingUpProvider() {
- ProviderAPI.stop();
- mProgressBar.setVisibility(ProgressBar.GONE);
- mProgressBar.setProgress(0);
- progressbar_description.setVisibility(TextView.GONE);
- preferences.edit().remove(Provider.KEY).commit();
- setting_up_provider = false;
+ + private void stopSettingUpProvider() { + ProviderAPI.stop(); + mProgressBar.setVisibility(ProgressBar.GONE); + mProgressBar.setProgress(0); + progressbar_description.setVisibility(TextView.GONE); + preferences.edit().remove(Provider.KEY).commit(); + setting_up_provider = false; showAllProviders(); - }
-
- private void usualBackButton() {
- try {
- boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false;
- boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false;
- if(!is_provider_set_up || !is_provider_set_up_truly) {
- askDashboardToQuitApp();
- } else {
- setResult(RESULT_OK);
- }
- } catch (JSONException e) {
- askDashboardToQuitApp();
- super.onBackPressed();
- e.printStackTrace();
- }
- super.onBackPressed();
- }
- private void askDashboardToQuitApp() {
- Intent ask_quit = new Intent();
- ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT);
- setResult(RESULT_CANCELED, ask_quit);
- }
-
- private ProviderItem getProvider(String name) {
- Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator();
- while(providers_iterator.hasNext()) {
- ProviderItem provider = providers_iterator.next();
- if(provider.name().equalsIgnoreCase(name)) {
- return provider;
- }
- }
- return null;
- }
-
- private String getId(String provider_main_url_string) { + } + + private void usualBackButton() { + try { + boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false; + boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false; + if(!is_provider_set_up || !is_provider_set_up_truly) { + askDashboardToQuitApp(); + } else { + setResult(RESULT_OK); + } + } catch (JSONException e) { + askDashboardToQuitApp(); + super.onBackPressed(); + e.printStackTrace(); + } + super.onBackPressed(); + } + private void askDashboardToQuitApp() { + Intent ask_quit = new Intent(); + ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT); + setResult(RESULT_CANCELED, ask_quit); + } + + private ProviderItem getProvider(String name) { + Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); + while(providers_iterator.hasNext()) { + ProviderItem provider = providers_iterator.next(); + if(provider.name().equalsIgnoreCase(name)) { + return provider; + } + } + return null; + } + + private void startProgressBar() { + mProgressBar.setVisibility(ProgressBar.VISIBLE); + progressbar_description.setVisibility(TextView.VISIBLE); + mProgressBar.setProgress(0); + mProgressBar.setMax(3); + } + + private void startProgressBar(int list_item_index) { + startProgressBar(); + int measured_height = listItemHeight(list_item_index); + mProgressBar.setTranslationY(measured_height); + progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); + } + + private int getProviderIndex(String id) { + int index = 0; + Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); + while(providers_iterator.hasNext()) { + ProviderItem provider = providers_iterator.next(); + if(provider.name().equalsIgnoreCase(id)) { + break; + } else index++; + } + return index; + } + + private int listItemHeight(int list_item_index) { + ListView provider_list_view = (ListView)findViewById(android.R.id.list); + ListAdapter provider_list_adapter = provider_list_view.getAdapter(); + View listItem = provider_list_adapter.getView(0, null, provider_list_view); + listItem.setLayoutParams(new RelativeLayout.LayoutParams( + RelativeLayout.LayoutParams.WRAP_CONTENT, + RelativeLayout.LayoutParams.WRAP_CONTENT)); + WindowManager wm = (WindowManager) getApplicationContext() + .getSystemService(Context.WINDOW_SERVICE); + Display display = wm.getDefaultDisplay(); + int screenWidth = display.getWidth(); // deprecated + + int listViewWidth = screenWidth - 10 - 10; + int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth, + MeasureSpec.AT_MOST); + listItem.measure(widthSpec, 0); + + return listItem.getMeasuredHeight(); +} + + /** + * Loads providers data from url files contained in the assets folder + * @return true if the files were correctly read + */ + private boolean loadPreseededProviders() { + boolean loaded_preseeded_providers = true; + try { + //TODO Put that folder in a better place (also inside the "for") + String[] urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); + for(String url_filepath : urls_filepaths) { + addNewProviderToList(url_filepath); + } + } catch (IOException e) { + loaded_preseeded_providers = false; + } + + return loaded_preseeded_providers; + } + + private void addNewProviderToList(String url_filepath) { + String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); + if(getId(provider_main_url).isEmpty()) { + String provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); + ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); + } + } + + private String extractProviderMainUrlFromAssetsFile(String filepath) { + String provider_main_url = ""; + try { + InputStream input_stream_file_contents = getAssets().open(filepath); + byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; + input_stream_file_contents.read(urls_file_bytes); + String urls_file_content = new String(urls_file_bytes); + JSONObject file_contents = new JSONObject(urls_file_content); + provider_main_url = file_contents.getString(Provider.MAIN_URL); + } catch (JSONException e) { + } catch (IOException e) { + } + return provider_main_url; + } + + private String getId(String provider_main_url) { try { - URL provider_url = new URL(provider_main_url_string); - URL aux_provider_url; + URL provider_url = new URL(provider_main_url); Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); while(providers_iterator.hasNext()) { ProviderItem provider = providers_iterator.next(); - aux_provider_url = new URL(provider.providerMainUrl()); + URL aux_provider_url = new URL(provider.providerMainUrl()); if(isSameURL(provider_url, aux_provider_url)) { return provider.name(); } @@ -284,7 +379,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD e.printStackTrace(); } return ""; - }
+ } /** * Checks, whether 2 urls are pointing to the same location. @@ -306,218 +401,109 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } return true; } -
- private void startProgressBar() {
- mProgressBar.setVisibility(ProgressBar.VISIBLE);
- mProgressBar.setProgress(0);
- mProgressBar.setMax(3);
- }
-
- private void startProgressBar(int list_item_index) {
- mProgressBar.setVisibility(ProgressBar.VISIBLE);
- progressbar_description.setVisibility(TextView.VISIBLE);
- mProgressBar.setProgress(0);
- mProgressBar.setMax(3);
- int measured_height = listItemHeight(list_item_index);
- mProgressBar.setTranslationY(measured_height);
- progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight());
- }
-
- private int getProviderIndex(String id) {
- int index = 0;
- Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator();
- while(providers_iterator.hasNext()) {
- ProviderItem provider = providers_iterator.next();
- if(provider.name().equalsIgnoreCase(id)) {
- break;
- } else index++; - }
- return index;
- }
-
- private int listItemHeight(int list_item_index) {
- ListView provider_list_view = (ListView)findViewById(android.R.id.list);
- ListAdapter provider_list_adapter = provider_list_view.getAdapter();
- View listItem = provider_list_adapter.getView(0, null, provider_list_view);
- listItem.setLayoutParams(new RelativeLayout.LayoutParams(
- RelativeLayout.LayoutParams.WRAP_CONTENT,
- RelativeLayout.LayoutParams.WRAP_CONTENT));
- WindowManager wm = (WindowManager) getApplicationContext()
- .getSystemService(Context.WINDOW_SERVICE);
- Display display = wm.getDefaultDisplay();
- int screenWidth = display.getWidth(); // deprecated
-
- int listViewWidth = screenWidth - 10 - 10;
- int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth,
- MeasureSpec.AT_MOST);
- listItem.measure(widthSpec, 0);
-
- return listItem.getMeasuredHeight();
-}
-
- /** - * Loads providers data from url files contained in the assets folder - * @return true if the files were correctly read - */ - private boolean loadPreseededProviders() { - boolean loaded_preseeded_providers = false; - String[] urls_filepaths = null; - try { - //TODO Put that folder in a better place (also inside the "for") - urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); - String provider_name = ""; - for(String url_filepath : urls_filepaths) { - provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); - String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); - if(getId(provider_main_url).isEmpty()) - ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); - loaded_preseeded_providers = true;
- } - } catch (IOException e) { - loaded_preseeded_providers = false; + + /** + * Asks ProviderAPI to download an anonymous (anon) VPN certificate. + */ + private void downloadAnonCert() { + Intent provider_API_command = new Intent(this, ProviderAPI.class); + + Bundle parameters = new Bundle(); + + parameters.putString(TYPE_OF_CERTIFICATE, ANON_CERTIFICATE); + + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); + provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + + startService(provider_API_command); } - return loaded_preseeded_providers; - } + /** + * Open the new provider dialog + */ + public void addAndSelectNewProvider() { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); + DialogFragment newFragment = NewProviderDialog.newInstance(); + newFragment.show(fragment_transaction, NewProviderDialog.TAG); + } + + /** + * Open the new provider dialog with data + */ + public void addAndSelectNewProvider(String main_url, boolean danger_on) { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); + + DialogFragment newFragment = NewProviderDialog.newInstance(); + Bundle data = new Bundle(); + data.putString(Provider.MAIN_URL, main_url); + data.putBoolean(ProviderItem.DANGER_ON, danger_on); + newFragment.setArguments(data); + newFragment.show(fragment_transaction, NewProviderDialog.TAG); + } + + /** + * Once selected a provider, this fragment offers the user to log in, + * use it anonymously (if possible) + * or cancel his/her election pressing the back button. + * @param view + * @param reason_to_fail + */ + public void showDownloadFailedDialog(View view, String reason_to_fail) { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(DownloadFailedDialog.TAG); + + DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); + newFragment.show(fragment_transaction, DownloadFailedDialog.TAG); + } + + /** + * Once selected a provider, this fragment offers the user to log in, + * use it anonymously (if possible) + * or cancel his/her election pressing the back button. + */ + private void showProviderDetails() { + if(setting_up_provider) { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(ProviderDetailFragment.TAG); - private String extractProviderMainUrlFromAssetsFile(String filepath) { - String provider_main_url = ""; - try { - InputStream input_stream_file_contents = getAssets().open(filepath); - byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - input_stream_file_contents.read(urls_file_bytes); - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); - } catch (JSONException e) { - } catch (IOException e) { + DialogFragment newFragment = ProviderDetailFragment.newInstance(); + newFragment.show(fragment_transaction, ProviderDetailFragment.TAG); + } } - return provider_main_url; - } - - /**
- * Asks ProviderAPI to download an anonymous (anon) VPN certificate.
- */
- private void downloadAnonCert() {
- Intent provider_API_command = new Intent(this, ProviderAPI.class);
-
- Bundle parameters = new Bundle();
-
- parameters.putString(TYPE_OF_CERTIFICATE, ANON_CERTIFICATE);
-
- provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE);
- provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
- provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
-
- startService(provider_API_command);
- }
-
- /**
- * Open the new provider dialog
- */
- public void addAndSelectNewProvider() {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_new_provider_dialog = getFragmentManager().findFragmentByTag(NewProviderDialog.TAG);
- if (previous_new_provider_dialog != null) {
- fragment_transaction.remove(previous_new_provider_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = NewProviderDialog.newInstance();
- newFragment.show(fragment_transaction, NewProviderDialog.TAG);
- }
-
- /**
- * Open the new provider dialog with data
- */
- public void addAndSelectNewProvider(String main_url, boolean danger_on) {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_new_provider_dialog = getFragmentManager().findFragmentByTag(NewProviderDialog.TAG);
- if (previous_new_provider_dialog != null) {
- fragment_transaction.remove(previous_new_provider_dialog);
- }
-
- DialogFragment newFragment = NewProviderDialog.newInstance();
- Bundle data = new Bundle();
- data.putString(Provider.MAIN_URL, main_url);
- data.putBoolean(ProviderItem.DANGER_ON, danger_on);
- newFragment.setArguments(data);
- newFragment.show(fragment_transaction, NewProviderDialog.TAG);
- }
-
- /**
- * Once selected a provider, this fragment offers the user to log in,
- * use it anonymously (if possible)
- * or cancel his/her election pressing the back button.
- * @param view
- * @param reason_to_fail
- */
- public void showDownloadFailedDialog(View view, String reason_to_fail) {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_provider_details_dialog = getFragmentManager().findFragmentByTag(DownloadFailedDialog.TAG);
- if (previous_provider_details_dialog != null) {
- fragment_transaction.remove(previous_provider_details_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail);
- newFragment.show(fragment_transaction, DownloadFailedDialog.TAG);
- }
-
- /**
- * Once selected a provider, this fragment offers the user to log in,
- * use it anonymously (if possible)
- * or cancel his/her election pressing the back button.
- * @param view
- */
- public void showProviderDetails(View view) {
- if(setting_up_provider) {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_provider_details_dialog = getFragmentManager().findFragmentByTag(ProviderDetailFragment.TAG);
- if (previous_provider_details_dialog != null) {
- fragment_transaction.remove(previous_provider_details_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = ProviderDetailFragment.newInstance();
- newFragment.show(fragment_transaction, ProviderDetailFragment.TAG);
- }
- }
-
- public void showAndSelectProvider(String provider_main_url, boolean danger_on) {
+ + public void showAndSelectProvider(String provider_main_url, boolean danger_on) { if(getId(provider_main_url).isEmpty()) - showProvider(provider_main_url, danger_on);
+ showProvider(provider_main_url, danger_on); autoSelectProvider(provider_main_url, danger_on); - }
-
- private void showProvider(final String provider_main_url, final boolean danger_on) {
- String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_");
- ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url);
- provider_list_fragment.addItem(added_provider);
- }
-
- private void autoSelectProvider(String provider_main_url, boolean danger_on) {
- preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).commit();
- onItemSelected(getId(provider_main_url));
- }
-
- /**
- * Asks ProviderAPI to download a new provider.json file
- * @param provider_name
- * @param provider_main_url
- * @param danger_on tells if HTTPS client should bypass certificate errors
- */
- public void setUpProvider(String provider_main_url, boolean danger_on) {
- Intent provider_API_command = new Intent(this, ProviderAPI.class);
- Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, provider_main_url);
- parameters.putBoolean(ProviderItem.DANGER_ON, danger_on);
-
- provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER);
- provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
+ } + + private void showProvider(final String provider_main_url, final boolean danger_on) { + String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); + ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url); + provider_list_fragment.addItem(added_provider); + } + + private void autoSelectProvider(String provider_main_url, boolean danger_on) { + preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).commit(); + onItemSelected(getId(provider_main_url)); + } + + /** + * Asks ProviderAPI to download a new provider.json file + * @param provider_name + * @param provider_main_url + * @param danger_on tells if HTTPS client should bypass certificate errors + */ + public void setUpProvider(String provider_main_url, boolean danger_on) { + Intent provider_API_command = new Intent(this, ProviderAPI.class); + Bundle parameters = new Bundle(); + parameters.putString(Provider.MAIN_URL, provider_main_url); + parameters.putBoolean(ProviderItem.DANGER_ON, danger_on); + + provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - startService(provider_API_command);
+ startService(provider_API_command); setting_up_provider = true; } @@ -534,62 +520,62 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD startService(provider_API_command); } } - @Override
- public boolean onCreateOptionsMenu(Menu menu) {
- getMenuInflater().inflate(R.menu.configuration_wizard_activity, menu);
- return true;
- }
-
- @Override
- public boolean onOptionsItemSelected(MenuItem item){
- switch (item.getItemId()){
+ @Override + public boolean onCreateOptionsMenu(Menu menu) { + getMenuInflater().inflate(R.menu.configuration_wizard_activity, menu); + return true; + } + + @Override + public boolean onOptionsItemSelected(MenuItem item){ + switch (item.getItemId()){ case R.id.about_leap: startActivityForResult(new Intent(this, AboutActivity.class), 0); return true; - case R.id.new_provider:
- addAndSelectNewProvider();
- return true;
- default:
- return super.onOptionsItemSelected(item);
- }
- }
-
- public void showAllProviders() {
- provider_list_fragment = (ProviderListFragment) getFragmentManager().findFragmentByTag(ProviderListFragment.TAG);
- if(provider_list_fragment != null)
- provider_list_fragment.unhideAll();
- }
-
- public void cancelSettingUpProvider() {
- provider_list_fragment = (ProviderListFragment) getFragmentManager().findFragmentByTag(ProviderListFragment.TAG);
- if(provider_list_fragment != null && preferences.contains(ProviderItem.DANGER_ON)) {
- provider_list_fragment.removeLastItem();
- }
- preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit();
- }
-
- @Override
- public void login() {
- Intent ask_login = new Intent();
- ask_login.putExtra(LogInDialog.VERB, LogInDialog.VERB);
- setResult(RESULT_OK, ask_login);
- setting_up_provider = false;
- finish();
- }
-
- @Override
- public void use_anonymously() {
- setResult(RESULT_OK);
- setting_up_provider = false;
- finish();
- }
-
- public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver {
-
- @Override
- public void onReceive(Context context, Intent intent) {
- int update = intent.getIntExtra(ProviderAPI.CURRENT_PROGRESS, 0);
- mProgressBar.setProgress(update);
- }
- }
-}
+ case R.id.new_provider: + addAndSelectNewProvider(); + return true; + default: + return super.onOptionsItemSelected(item); + } + } + + public void showAllProviders() { + provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); + if(provider_list_fragment != null) + provider_list_fragment.unhideAll(); + } + + public void cancelSettingUpProvider() { + provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); + if(provider_list_fragment != null && preferences.contains(ProviderItem.DANGER_ON)) { + provider_list_fragment.removeLastItem(); + } + preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + } + + @Override + public void login() { + Intent ask_login = new Intent(); + ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); + setResult(RESULT_OK, ask_login); + setting_up_provider = false; + finish(); + } + + @Override + public void use_anonymously() { + setResult(RESULT_OK); + setting_up_provider = false; + finish(); + } + + public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver { + + @Override + public void onReceive(Context context, Intent intent) { + int update = intent.getIntExtra(ProviderAPI.CURRENT_PROGRESS, 0); + mProgressBar.setProgress(update); + } + } +} diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index b83f33a1..07e0e2fe 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -93,12 +93,10 @@ public class ProviderAPI extends IntentService { PARAMETERS = "parameters", RESULT_KEY = "result", RECEIVER_KEY = "receiver", - SESSION_ID_COOKIE_KEY = "session_id_cookie_key", - SESSION_ID_KEY = "session_id", ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = "provider_api_tag" + TAG = ProviderAPI.class.getSimpleName(); ; final public static int @@ -127,6 +125,7 @@ public class ProviderAPI extends IntentService { private static boolean last_danger_on = false; private static boolean setting_up_provider = true; private static SharedPreferences preferences; + private static String provider_api_url; public static void stop() { setting_up_provider = false; @@ -174,21 +173,21 @@ public class ProviderAPI extends IntentService { } } } else if (action.equalsIgnoreCase(SRP_REGISTER)) { - Bundle session_id_bundle = tryToRegisterWithSRP(parameters); + Bundle session_id_bundle = tryToRegister(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { receiver.send(SRP_REGISTRATION_SUCCESSFUL, session_id_bundle); } else { receiver.send(SRP_REGISTRATION_FAILED, session_id_bundle); } } else if (action.equalsIgnoreCase(SRP_AUTH)) { - Bundle session_id_bundle = tryToAuthenticateBySRP(parameters); + Bundle session_id_bundle = tryToAuthenticate(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, session_id_bundle); } else { receiver.send(SRP_AUTHENTICATION_FAILED, session_id_bundle); } } else if (action.equalsIgnoreCase(LOG_OUT)) { - if(logOut(parameters)) { + if(logOut()) { receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); @@ -202,44 +201,45 @@ public class ProviderAPI extends IntentService { } } - private Bundle tryToRegisterWithSRP(Bundle task) { + private Bundle tryToRegister(Bundle task) { Bundle session_id_bundle = new Bundle(); int progress = 0; - String username = (String) task.get(LogInDialog.USERNAME); - String password = (String) task.get(LogInDialog.PASSWORD); - String authentication_server = (String) task.get(Provider.API_URL); + String username = (String) task.get(SessionDialogInterface.USERNAME); + String password = (String) task.get(SessionDialogInterface.PASSWORD); + if(validUserLoginData(username, password)) { - session_id_bundle = registerWithSRP(username, password, authentication_server); + session_id_bundle = register(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putString(LogInDialog.USERNAME, username); - session_id_bundle.putBoolean(LogInDialog.PASSWORD_INVALID_LENGTH, true); + session_id_bundle.putString(SessionDialogInterface.USERNAME, username); + session_id_bundle.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putBoolean(LogInDialog.USERNAME_MISSING, true); + session_id_bundle.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); } } return session_id_bundle; } - private Bundle registerWithSRP(String username, String password, String server) { + private Bundle register(String username, String password) { LeapSRPSession client = new LeapSRPSession(username, password); byte[] salt = client.calculateNewSalt(); BigInteger password_verifier = client.calculateV(username, password, salt); - JSONObject api_result = sendNewUserDataToSRPServer(server, username, new BigInteger(1, salt).toString(16), password_verifier.toString(16)); + + JSONObject api_result = sendNewUserDataToSRPServer(provider_api_url, username, new BigInteger(1, salt).toString(16), password_verifier.toString(16)); Bundle result = new Bundle(); if(api_result.has(ERRORS)) result = authFailedNotification(api_result, username); else { - result.putString(LogInDialog.USERNAME, username); - result.putString(LogInDialog.PASSWORD, password); + result.putString(SessionDialogInterface.USERNAME, username); + result.putString(SessionDialogInterface.PASSWORD, password); result.putBoolean(RESULT_KEY, true); } @@ -251,26 +251,24 @@ public class ProviderAPI extends IntentService { * @param task containing: username, password and api url. * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if authentication was successful. */ - private Bundle tryToAuthenticateBySRP(Bundle task) { + private Bundle tryToAuthenticate(Bundle task) { Bundle result = new Bundle(); int progress = 0; - String username = (String) task.get(LogInDialog.USERNAME); - String password = (String) task.get(LogInDialog.PASSWORD); - if(validUserLoginData(username, password)) { - String server = (String) task.get(Provider.API_URL); - - authenticate(username, password, server); + String username = (String) task.get(SessionDialogInterface.USERNAME); + String password = (String) task.get(SessionDialogInterface.PASSWORD); + if(validUserLoginData(username, password)) { + result = authenticate(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { result.putBoolean(RESULT_KEY, false); - result.putString(LogInDialog.USERNAME, username); - result.putBoolean(LogInDialog.PASSWORD_INVALID_LENGTH, true); + result.putString(SessionDialogInterface.USERNAME, username); + result.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { result.putBoolean(RESULT_KEY, false); - result.putBoolean(LogInDialog.USERNAME_MISSING, true); + result.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); } } @@ -278,19 +276,19 @@ public class ProviderAPI extends IntentService { } - private Bundle authenticate(String username, String password, String server) { + private Bundle authenticate(String username, String password) { Bundle result = new Bundle(); LeapSRPSession client = new LeapSRPSession(username, password); byte[] A = client.exponential(); - JSONObject step_result = sendAToSRPServer(server, username, new BigInteger(1, A).toString(16)); + JSONObject step_result = sendAToSRPServer(provider_api_url, username, new BigInteger(1, A).toString(16)); try { String salt = step_result.getString(LeapSRPSession.SALT); byte[] Bbytes = new BigInteger(step_result.getString("B"), 16).toByteArray(); byte[] M1 = client.response(new BigInteger(salt, 16).toByteArray(), Bbytes); if(M1 != null) { - step_result = sendM1ToSRPServer(server, username, M1); + step_result = sendM1ToSRPServer(provider_api_url, username, M1); setTokenIfAvailable(step_result); byte[] M2 = new BigInteger(step_result.getString(LeapSRPSession.M2), 16).toByteArray(); if(client.verify(M2)) { @@ -300,7 +298,7 @@ public class ProviderAPI extends IntentService { } } else { result.putBoolean(RESULT_KEY, false); - result.putString(LogInDialog.USERNAME, username); + result.putString(SessionDialogInterface.USERNAME, username); result.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_srp_math_error_user_message)); } } catch (JSONException e) { @@ -331,7 +329,7 @@ public class ProviderAPI extends IntentService { } catch(JSONException e) {} if(!username.isEmpty()) - user_notification_bundle.putString(LogInDialog.USERNAME, username); + user_notification_bundle.putString(SessionDialogInterface.USERNAME, username); user_notification_bundle.putBoolean(RESULT_KEY, false); return user_notification_bundle; @@ -619,6 +617,7 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject(provider_dot_json_string); + provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); String name = provider_json.getString(Provider.NAME); //TODO setProviderName(name); @@ -860,51 +859,50 @@ public class ProviderAPI extends IntentService { * @param task containing api url from which the user will log out * @return true if there were no exceptions */ - private boolean logOut(Bundle task) { - try { - String delete_url = task.getString(Provider.API_URL) + "/logout"; - int progress = 0; + private boolean logOut() { + try { + String delete_url = provider_api_url + "/logout"; + int progress = 0; - HttpsURLConnection urlConnection = (HttpsURLConnection)new URL(delete_url).openConnection(); - urlConnection.setRequestMethod("DELETE"); - urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); + HttpsURLConnection urlConnection = (HttpsURLConnection)new URL(delete_url).openConnection(); + urlConnection.setRequestMethod("DELETE"); + urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); - int responseCode = urlConnection.getResponseCode(); - broadcast_progress(progress++); - LeapSRPSession.setToken(""); - Log.d(TAG, Integer.toString(responseCode)); - } catch (ClientProtocolException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (IndexOutOfBoundsException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (KeyManagementException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyStoreException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return true; + int responseCode = urlConnection.getResponseCode(); + broadcast_progress(progress++); + LeapSRPSession.setToken(""); + Log.d(TAG, Integer.toString(responseCode)); + } catch (ClientProtocolException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return false; + } catch (IndexOutOfBoundsException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return false; + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return false; + } catch (KeyManagementException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } + return true; + } private boolean updateVpnCertificate() { getNewCert(); - preferences.edit().putInt(EIP.PARSED_SERIAL, 0).commit(); Intent updateEIP = new Intent(getApplicationContext(), EIP.class); updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java index a424a489..d7f3e110 100644 --- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn; import se.leap.bitmaskclient.R; @@ -113,27 +118,25 @@ public class LaunchVPN extends Activity { } } - @Override protected void onActivityResult (int requestCode, int resultCode, Intent data) { - super.onActivityResult(requestCode, resultCode, data); - - if(requestCode==START_VPN_PROFILE) { - SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); - boolean showlogwindow = prefs.getBoolean("showlogwindow", true); - - if(!mhideLog && showlogwindow) - showLogWindow(); - new startOpenVpnThread().start(); - } else if (resultCode == Activity.RESULT_CANCELED) { - // User does not want us to start, so we just vanish - VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled, - ConnectionStatus.LEVEL_NOTCONNECTED); - - finish(); - } + super.onActivityResult(requestCode, resultCode, data); + + if(requestCode==START_VPN_PROFILE) { + SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); + boolean showLogWindow = prefs.getBoolean("showlogwindow", true); + + if(!mhideLog && showLogWindow) + showLogWindow(); + new startOpenVpnThread().start(); + } else if (resultCode == Activity.RESULT_CANCELED) { + // User does not want us to start, so we just vanish + VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled, + ConnectionStatus.LEVEL_NOTCONNECTED); + + finish(); + } } - void showLogWindow() { Intent startLW = new Intent(getBaseContext(),LogWindow.class); diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 6fec5f46..65214c4f 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn; import se.leap.bitmaskclient.R; @@ -40,6 +45,7 @@ import java.util.Collection; import java.util.Locale; import java.util.UUID; import java.util.Vector; +import java.util.concurrent.Future; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; @@ -166,6 +172,12 @@ public class VpnProfile implements Serializable { return VpnProfile.MININONPIEVPN; } + public static String[] replacePieWithNoPie(String[] mArgv) + { + mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); + return mArgv; + } + public static String openVpnEscape(String unescaped) { if (unescaped == null) return null; @@ -174,7 +186,8 @@ public class VpnProfile implements Serializable { escapedString = escapedString.replace("\n", "\\n"); if (escapedString.equals(unescaped) && !escapedString.contains(" ") && - !escapedString.contains("#") && !escapedString.contains(";")) + !escapedString.contains("#") && !escapedString.contains(";") + && !escapedString.equals("")) return unescaped; else return '"' + escapedString + '"'; @@ -579,21 +592,15 @@ public class VpnProfile implements Serializable { - public Intent prepareIntent(Context context) { - String prefix = context.getPackageName(); + public Intent prepareStartService(Context context) { + Intent intent = getStartServiceIntent(context); - Intent intent = new Intent(context, OpenVPNService.class); if (mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) { if (getKeyStoreCertificates(context) == null) return null; } - intent.putExtra(prefix + ".ARGV", buildOpenvpnArgv(context.getCacheDir())); - intent.putExtra(prefix + ".profileUUID", mUuid.toString()); - - ApplicationInfo info = context.getApplicationInfo(); - intent.putExtra(prefix + ".nativelib", info.nativeLibraryDir); try { FileWriter cfg = new FileWriter(context.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE); @@ -607,6 +614,18 @@ public class VpnProfile implements Serializable { return intent; } + public Intent getStartServiceIntent(Context context) { + String prefix = context.getPackageName(); + + Intent intent = new Intent(context, OpenVPNService.class); + intent.putExtra(prefix + ".ARGV", buildOpenvpnArgv(context.getCacheDir())); + intent.putExtra(prefix + ".profileUUID", mUuid.toString()); + + ApplicationInfo info = context.getApplicationInfo(); + intent.putExtra(prefix + ".nativelib", info.nativeLibraryDir); + return intent; + } + public String[] getKeyStoreCertificates(Context context) { return getKeyStoreCertificates(context, 5); } @@ -635,6 +654,21 @@ public class VpnProfile implements Serializable { return false; } + public void checkForRestart(final Context context) { + /* This method is called when OpenVPNService is restarted */ + + if ((mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) + && mPrivateKey==null) { + new Thread( new Runnable() { + @Override + public void run() { + getKeyStoreCertificates(context); + + } + }).start(); + } + } + class NoCertReturnedException extends Exception { public NoCertReturnedException (String msg) { @@ -841,21 +875,23 @@ public class VpnProfile implements Serializable { return false; } - public int needUserPWInput() { + public int needUserPWInput(boolean ignoreTransient) { if ((mAuthenticationType == TYPE_PKCS12 || mAuthenticationType == TYPE_USERPASS_PKCS12) && (mPKCS12Password == null || mPKCS12Password.equals(""))) { - if (mTransientPCKS12PW == null) + if (ignoreTransient || mTransientPCKS12PW == null) return R.string.pkcs12_file_encryption_key; } if (mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES) { if (requireTLSKeyPassword() && TextUtils.isEmpty(mKeyPassword)) - if (mTransientPCKS12PW == null) { + if (ignoreTransient || mTransientPCKS12PW == null) { return R.string.private_key_password; } } - if (isUserPWAuth() && !(!TextUtils.isEmpty(mUsername) && (!TextUtils.isEmpty(mPassword) || mTransientPW != null))) { + if (isUserPWAuth() && + (TextUtils.isEmpty(mUsername) || + (TextUtils.isEmpty(mPassword) && (mTransientPW == null || ignoreTransient)))) { return R.string.password; } return 0; diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java index 5910173a..e6b73a48 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.activities; import android.app.Activity; diff --git a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java index 7ed09dd2..5e4f9517 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.activities; import android.app.Activity; diff --git a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java index 960e7d11..ac9a8ccb 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java +++ b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import java.util.Locale; diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index 9c3621e0..0d8230b7 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import java.io.BufferedReader; @@ -553,8 +558,13 @@ public class ConfigParser { noauthtypeset=false; } + Vector<String> cryptoapicert = getOption("cryptoapicert",1,1); + if(cryptoapicert!=null) { + np.mAuthenticationType = VpnProfile.TYPE_KEYSTORE; + noauthtypeset=false; + } - Vector<String> compatnames = getOption("compat-names",1,2); + Vector<String> compatnames = getOption("compat-names",1,2); Vector<String> nonameremapping = getOption("no-name-remapping",1,1); Vector<String> tlsremote = getOption("tls-remote",1,1); if(tlsremote!=null){ diff --git a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java index 0126d08e..0d75ae51 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java +++ b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.content.BroadcastReceiver; diff --git a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java index 485e5369..83e760ca 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.app.Application; diff --git a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java index a2c4796d..6d7ffdf2 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import java.security.InvalidKeyException; diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java index 8c6cb1f5..35f46513 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.os.Build; diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java index a5a3e9f4..e90c16d1 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; public interface OpenVPNManagement { diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 743e7cc5..ada065ba 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.Manifest.permission; @@ -19,6 +24,7 @@ import android.os.Message; import android.os.ParcelFileDescriptor; import android.preference.PreferenceManager; import android.text.TextUtils; +import android.util.Log; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; @@ -309,26 +315,32 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac return START_REDELIVER_INTENT; } - String UUID = "UUID"; + /* The intent is null when the service has been restarted */ if (intent == null) { - SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); - android.util.Log.d("bitmaskclient", "UUID is " + prefs.getString(UUID, "")); - mProfile = ProfileManager.get(this, prefs.getString(UUID, "")); - android.util.Log.d("bitmaskclient", "mProfile is null? " + (mProfile == null)); - if(mProfile != null) - intent = mProfile.prepareIntent(getBaseContext()); - else + mProfile = ProfileManager.getLastConnectedProfile(this, false); + + /* Got no profile, just stop */ + if (mProfile==null) { + Log.d("OpenVPN", "Got no last connected profile on null intent. Stopping"); + stopSelf(startId); return START_NOT_STICKY; - } - if(mProfile != null) - android.util.Log.d("bitmaskclient", "mProfile != null"); + } + /* Do the asynchronous keychain certificate stuff */ + mProfile.checkForRestart(this); + + /* Recreate the intent */ + intent = mProfile.getStartServiceIntent(this); + + } else { + String profileUUID = intent.getStringExtra(getPackageName() + ".profileUUID"); + mProfile = ProfileManager.get(this, profileUUID); + } + + // Extract information from the intent. String prefix = getPackageName(); String[] argv = intent.getStringArrayExtra(prefix + ".ARGV"); - String nativelibdir = intent.getStringExtra(prefix + ".nativelib"); - String profileUUID = intent.getStringExtra(prefix + ".profileUUID"); - - mProfile = ProfileManager.get(this, profileUUID); + String nativeLibraryDirectory = intent.getStringExtra(prefix + ".nativelib"); String startTitle = getString(R.string.start_vpn_title, mProfile.mName); String startTicker = getString(R.string.start_vpn_ticker, mProfile.mName); @@ -361,13 +373,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac // Start a new session by creating a new thread. SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); - + mOvpn3 = prefs.getBoolean("ovpn3", false); if (!"ovpn3".equals(BuildConfig.FLAVOR)) mOvpn3 = false; - prefs.edit().putString(UUID, profileUUID).commit(); // Open the Management Interface if (!mOvpn3) { @@ -395,7 +406,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } else { HashMap<String, String> env = new HashMap<String, String>(); - processThread = new OpenVPNThread(this, argv, env, nativelibdir); + processThread = new OpenVPNThread(this, argv, env, nativeLibraryDirectory); } synchronized (mProcessLock) { @@ -409,11 +420,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac ProfileManager.setConnectedVpnProfile(this, mProfile); + /* TODO: At the moment we have no way to handle asynchronous PW input + * Fixing will also allow to handle challenge/responsee authentication */ + if (mProfile.needUserPWInput(true) != 0) + return START_NOT_STICKY; - if (mProfile.mPersistTun) - return START_STICKY; - else - return START_NOT_STICKY; + return START_STICKY; } private OpenVPNManagement instantiateOpenVPN3Core() { @@ -517,7 +529,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if ((Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT && !release.startsWith("4.4.3") && !release.startsWith("4.4.4") && !release.startsWith("4.4.5") && !release.startsWith("4.4.6")) && mMtu < 1280) { - VpnStatus.logInfo(String.format("Forcing MTU to 1280 instead of %d to workaround Android Bug #70916", mMtu)); + VpnStatus.logInfo(String.format(Locale.US, "Forcing MTU to 1280 instead of %d to workaround Android Bug #70916", mMtu)); builder.setMtu(1280); } else { builder.setMtu(mMtu); @@ -690,7 +702,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logWarning(R.string.ip_not_cidr, local, netmask, mode); } } - if (("p2p".equals(mode)) && mLocalIP.len < 32 || "net30".equals("net30") && mLocalIP.len < 30) { + if (("p2p".equals(mode) && mLocalIP.len < 32) || ("net30".equals(mode) && mLocalIP.len < 30)) { VpnStatus.logWarning(R.string.ip_looks_like_subnet, local, netmask, mode); } @@ -738,7 +750,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac String ticker = msg; showNotification(msg, ticker, lowpriority , 0, level); return; - } else { + } else { mDisplayBytecount = false; } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java index 5fa2ab9e..e3c60854 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.util.Log; @@ -25,6 +30,7 @@ import de.blinkt.openvpn.core.VpnStatus.LogItem; public class OpenVPNThread implements Runnable { private static final String DUMP_PATH_STRING = "Dump path: "; + private static final String BROKEN_PIE_SUPPORT = "/data/data/de.blinkt.openvpn/cache/pievpn[1]: syntax error:"; private static final String TAG = "OpenVPN"; public static final int M_FATAL = (1 << 4); public static final int M_NONFATAL = (1 << 5); @@ -36,8 +42,9 @@ public class OpenVPNThread implements Runnable { private OpenVPNService mService; private String mDumpPath; private Map<String, String> mProcessEnv; + private boolean mBrokenPie=false; - public OpenVPNThread(OpenVPNService service,String[] argv, Map<String,String> processEnv, String nativelibdir) + public OpenVPNThread(OpenVPNService service,String[] argv, Map<String,String> processEnv, String nativelibdir) { mArgv = argv; mNativeDir = nativelibdir; @@ -68,8 +75,22 @@ public class OpenVPNThread implements Runnable { } catch (InterruptedException ie) { VpnStatus.logError("InterruptedException: " + ie.getLocalizedMessage()); } - if( exitvalue != 0) - VpnStatus.logError("Process exited with exit value " + exitvalue); + if( exitvalue != 0) { + VpnStatus.logError("Process exited with exit value " + exitvalue); + if (mBrokenPie) { + String[] noPieArgv = VpnProfile.replacePieWithNoPie(mArgv); + + // We are already noPIE, nothing to gain + if (!noPieArgv.equals(mArgv)) { + mArgv = noPieArgv; + VpnStatus.logInfo("PIE Version could not be executed. Trying no PIE version"); + run(); + return; + } + + } + + } VpnStatus.updateStateString("NOPROCESS", "No process running.", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); if(mDumpPath!=null) { @@ -123,6 +144,9 @@ public class OpenVPNThread implements Runnable { if (logline.startsWith(DUMP_PATH_STRING)) mDumpPath = logline.substring(DUMP_PATH_STRING.length()); + + if (logline.startsWith(BROKEN_PIE_SUPPORT)) + mBrokenPie = true; // 1380308330.240114 18000002 Send to HTTP proxy: 'X-Online-Host: bla.blabla.com' diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java index e200f210..37094a1b 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.content.Context; diff --git a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java index dd420371..bca0a4ab 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java +++ b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core;/* * This software is provided 'as-is', without any express or implied * warranty. In no event will Google be held liable for any damages diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java index 4cfbcc8e..2a26152e 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import java.io.FileNotFoundException; @@ -23,7 +28,7 @@ public class ProfileManager { - private static final String ONBOOTPROFILE = "onBootProfile"; + private static final String LAST_CONNECTED_PROFILE = "lastConnectedProfile"; @@ -65,7 +70,7 @@ public class ProfileManager { public static void setConntectedVpnProfileDisconnected(Context c) { SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(c); Editor prefsedit = prefs.edit(); - prefsedit.putString(ONBOOTPROFILE, null); + prefsedit.putString(LAST_CONNECTED_PROFILE, null); prefsedit.apply(); } @@ -74,21 +79,23 @@ public class ProfileManager { SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(c); Editor prefsedit = prefs.edit(); - prefsedit.putString(ONBOOTPROFILE, connectedrofile.getUUIDString()); + prefsedit.putString(LAST_CONNECTED_PROFILE, connectedrofile.getUUIDString()); prefsedit.apply(); mLastConnectedVpn=connectedrofile; } - public static VpnProfile getOnBootProfile(Context c) { + public static VpnProfile getLastConnectedProfile(Context c, boolean onBoot) { SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(c); boolean useStartOnBoot = prefs.getBoolean("restartvpnonboot", false); + if (onBoot && !useStartOnBoot) + return null; - String mBootProfileUUID = prefs.getString(ONBOOTPROFILE,null); - if(useStartOnBoot && mBootProfileUUID!=null) - return get(c, mBootProfileUUID); + String lastConnectedProfile = prefs.getString(LAST_CONNECTED_PROFILE, null); + if(lastConnectedProfile!=null) + return get(c, lastConnectedProfile); else return null; } diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java index 47d88279..cf953863 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import java.net.InetSocketAddress; diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java index 57a94ee7..40f9742b 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.content.Context; @@ -70,7 +75,7 @@ public class VPNLaunchHelper { VpnStatus.logInfo(R.string.building_configration); - Intent startVPN = startprofile.prepareIntent(context); + Intent startVPN = startprofile.prepareStartService(context); if(startVPN!=null) context.startService(startVPN); diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java index c19daeb0..25558f13 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.annotation.SuppressLint; diff --git a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java index 35e53c08..ff383e0f 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.core; import android.content.Context; diff --git a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java index ca850533..77fc21e6 100644 --- a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java +++ b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.fragments; import se.leap.bitmaskclient.R; diff --git a/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java b/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java index 88e8e164..e25c2859 100644 --- a/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java +++ b/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2014 Arne Schwabe + * Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.views; import android.content.Context; diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 761afc0a..547e4179 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -21,13 +21,14 @@ import org.json.JSONObject; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; +import se.leap.bitmaskclient.FragmentManagerEnhanced; import se.leap.bitmaskclient.SignUpDialog; + import de.blinkt.openvpn.activities.LogWindow; + import android.app.Activity; import android.app.AlertDialog; import android.app.DialogFragment; -import android.app.Fragment; -import android.app.FragmentManager; import android.app.FragmentTransaction; import android.content.Context; import android.content.DialogInterface; @@ -65,6 +66,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf public static final String START_ON_BOOT = "dashboard start on boot"; final public static String ON_BOOT = "dashboard on boot"; public static final String APP_VERSION = "bitmask version"; + final public static String TAG = Dashboard.class.getSimpleName(); private EipServiceFragment eipFragment; @@ -74,11 +76,10 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected static SharedPreferences preferences; private static Provider provider; - private TextView providerNameTV; - private boolean authed_eip = false; public ProviderAPIResultReceiver providerAPI_result_receiver; + private FragmentManagerEnhanced fragment_manager; @Override protected void onCreate(Bundle savedInstanceState) { @@ -91,6 +92,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); + fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); authed_eip = preferences.getBoolean(EIP.AUTHED_EIP, false); @@ -110,11 +112,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf switch(versionCode) { case 91: // 0.6.0 without Bug #5999 + case 94: // 0.8.0 with if(!preferences.getString(EIP.KEY, "").isEmpty()) { Intent rebuildVpnProfiles = new Intent(getApplicationContext(), EIP.class); rebuildVpnProfiles.setAction(EIP.ACTION_REBUILD_PROFILES); startService(rebuildVpnProfiles); } + break; } } catch (NameNotFoundException e) { } @@ -142,7 +146,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf startService(updateEIP); buildDashboard(false); invalidateOptionsMenu(); - if(data != null && data.hasExtra(LogInDialog.VERB)) { + if(data != null && data.hasExtra(LogInDialog.TAG)) { View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); logInDialog(Bundle.EMPTY); } @@ -189,13 +193,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf setContentView(R.layout.client_dashboard); - providerNameTV = (TextView) findViewById(R.id.providerName); + TextView providerNameTV = (TextView) findViewById(R.id.providerName); providerNameTV.setText(provider.getDomain()); providerNameTV.setTextSize(28); mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - FragmentManager fragMan = getFragmentManager(); if ( provider.hasEIP()){ eipFragment = new EipServiceFragment(); if (hide_and_turn_on_eip) { @@ -204,7 +207,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); eipFragment.setArguments(arguments); } - fragMan.beginTransaction().replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG).commit(); + fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); if (hide_and_turn_on_eip) { onBackPressed(); @@ -212,31 +215,35 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } } - @Override - public boolean onPrepareOptionsMenu(Menu menu) { - JSONObject provider_json; - try { - provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); - boolean authed_eip = preferences.getBoolean(EIP.AUTHED_EIP, false); - boolean allow_registered_eip = service_description.getBoolean(Provider.ALLOW_REGISTRATION); - preferences.edit().putBoolean(EIP.ALLOWED_REGISTERED, allow_registered_eip); - if(allow_registered_eip) { - if(authed_eip) { - menu.findItem(R.id.login_button).setVisible(false); - menu.findItem(R.id.logout_button).setVisible(true); - } else { - menu.findItem(R.id.login_button).setVisible(true); - menu.findItem(R.id.logout_button).setVisible(false); - } - menu.findItem(R.id.signup_button).setVisible(true); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return true; + @Override + public boolean onPrepareOptionsMenu(Menu menu) { + JSONObject provider_json; + try { + String provider_json_string = preferences.getString(Provider.KEY, ""); + if(provider_json_string.isEmpty() == false) { + provider_json = new JSONObject(provider_json_string); + JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); + boolean authed_eip = preferences.getBoolean(EIP.AUTHED_EIP, false); + boolean allow_registered_eip = service_description.getBoolean(Provider.ALLOW_REGISTRATION); + preferences.edit().putBoolean(EIP.ALLOWED_REGISTERED, allow_registered_eip); + + if(allow_registered_eip) { + if(authed_eip) { + menu.findItem(R.id.login_button).setVisible(false); + menu.findItem(R.id.logout_button).setVisible(true); + } else { + menu.findItem(R.id.login_button).setVisible(true); + menu.findItem(R.id.logout_button).setVisible(false); + } + menu.findItem(R.id.signup_button).setVisible(true); + } + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } + return true; + } @Override public boolean onCreateOptionsMenu(Menu menu) { @@ -268,14 +275,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf startActivityForResult(new Intent(this,ConfigurationWizard.class), SWITCH_PROVIDER); return true; case R.id.login_button: - View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); logInDialog(Bundle.EMPTY); return true; case R.id.logout_button: logOut(); return true; case R.id.signup_button: - signUpDialog(((ViewGroup)findViewById(android.R.id.content)).getChildAt(0), Bundle.EMPTY); + signUpDialog(Bundle.EMPTY); return true; default: return super.onOptionsItemSelected(item); @@ -283,38 +289,48 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } - @Override - public void authenticate(String username, String password) { - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - eipStatus = (TextView) findViewById(R.id.eipStatus); + private Intent prepareProviderAPICommand() { + mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); + eipStatus = (TextView) findViewById(R.id.eipStatus); - providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); - providerAPI_result_receiver.setReceiver(this); + providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); + providerAPI_result_receiver.setReceiver(this); - Intent provider_API_command = new Intent(this, ProviderAPI.class); + Intent command = new Intent(this, ProviderAPI.class); - Bundle parameters = new Bundle(); - parameters.putString(LogInDialog.USERNAME, username); - parameters.putString(LogInDialog.PASSWORD, password); - - JSONObject provider_json; - try { - provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - parameters.putString(Provider.API_URL, provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION)); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } + command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + return command; + } + + /** + * Shows the log in dialog. + */ + public void logInDialog(Bundle resultData) { + FragmentTransaction transaction = fragment_manager.removePreviousFragment(LogInDialog.TAG); + + DialogFragment newFragment = LogInDialog.newInstance(); + if(resultData != null && !resultData.isEmpty()) + newFragment.setArguments(resultData); + newFragment.show(transaction, LogInDialog.TAG); + } - provider_API_command.setAction(ProviderAPI.SRP_AUTH); - provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - - mProgressBar.setVisibility(ProgressBar.VISIBLE); - eipStatus.setText(R.string.authenticating_message); - //mProgressBar.setMax(4); - startService(provider_API_command); - } + @Override + public void logIn(String username, String password) { + Intent provider_API_command = prepareProviderAPICommand(); + Bundle parameters = provider_API_command.getExtras().getBundle(ProviderAPI.PARAMETERS); + if(parameters == null) + parameters = new Bundle(); + + parameters.putString(SessionDialogInterface.USERNAME, username); + parameters.putString(SessionDialogInterface.PASSWORD, password); + + mProgressBar.setVisibility(ProgressBar.VISIBLE); + eipStatus.setText(R.string.authenticating_message); + + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); + provider_API_command.setAction(ProviderAPI.SRP_AUTH); + startService(provider_API_command); + } public void cancelAuthedEipOn() { EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); @@ -322,125 +338,59 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } public void cancelLoginOrSignup() { - if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - if(mProgressBar != null) { - mProgressBar.setVisibility(ProgressBar.GONE); - if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); - if(eipStatus != null) eipStatus.setText(""); - } - cancelAuthedEipOn(); + hideProgressBar(); } - /** - * Asks ProviderAPI to log out. - */ - public void logOut() { - providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); - providerAPI_result_receiver.setReceiver(this); - Intent provider_API_command = new Intent(this, ProviderAPI.class); - - Bundle parameters = new Bundle(); - - JSONObject provider_json; - try { - provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - parameters.putString(Provider.API_URL, provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION)); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - provider_API_command.setAction(ProviderAPI.LOG_OUT); - provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - - if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - mProgressBar.setVisibility(ProgressBar.VISIBLE); - if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); - eipStatus.setText(R.string.logout_message); - // eipStatus.setText("Starting to logout"); - - startService(provider_API_command); - //mProgressBar.setMax(1); - - } - - /** - * Shows the log in dialog. - */ - public void logInDialog(Bundle resultData) { - Log.d("Dashboard", "Log In Dialog"); - FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction(); - Fragment previous_log_in_dialog = getFragmentManager().findFragmentByTag(LogInDialog.TAG); - if (previous_log_in_dialog != null) { - fragment_transaction.remove(previous_log_in_dialog); - } - fragment_transaction.addToBackStack(null); - - DialogFragment newFragment = LogInDialog.newInstance(); - if(resultData != null && !resultData.isEmpty()) { - newFragment.setArguments(resultData); - } - newFragment.show(fragment_transaction, LogInDialog.TAG); - } - - @Override - public void signUp(String username, String password) { - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - eipStatus = (TextView) findViewById(R.id.eipStatus); - - providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); - providerAPI_result_receiver.setReceiver(this); - - Intent provider_API_command = new Intent(this, ProviderAPI.class); - - Bundle parameters = new Bundle(); - parameters.putString(SignUpDialog.USERNAME, username); - parameters.putString(SignUpDialog.PASSWORD, password); - - JSONObject provider_json; - try { - provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - parameters.putString(Provider.API_URL, provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION)); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - provider_API_command.setAction(ProviderAPI.SRP_REGISTER); - provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + /** + * Asks ProviderAPI to log out. + */ + public void logOut() { + Intent provider_API_command = prepareProviderAPICommand(); + + if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); + mProgressBar.setVisibility(ProgressBar.VISIBLE); + if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); + eipStatus.setText(R.string.logout_message); - mProgressBar.setVisibility(ProgressBar.VISIBLE); - eipStatus.setText(R.string.signingup_message); - //mProgressBar.setMax(4); - startService(provider_API_command); - } + provider_API_command.setAction(ProviderAPI.LOG_OUT); + startService(provider_API_command); + } - /** - * Shows the sign up dialog. - * @param view from which the dialog is created. - */ - public void signUpDialog(View view, Bundle resultData) { - FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction(); - Fragment previous_sign_up_dialog = getFragmentManager().findFragmentByTag(SignUpDialog.TAG); - if (previous_sign_up_dialog != null) { - fragment_transaction.remove(previous_sign_up_dialog); - } - fragment_transaction.addToBackStack(null); - - DialogFragment newFragment = SignUpDialog.newInstance(); - if(resultData != null && !resultData.isEmpty()) { - newFragment.setArguments(resultData); - } - newFragment.show(fragment_transaction, SignUpDialog.TAG); + /** + * Shows the sign up dialog. + */ + public void signUpDialog(Bundle resultData) { + FragmentTransaction transaction = fragment_manager.removePreviousFragment(SignUpDialog.TAG); + + DialogFragment newFragment = SignUpDialog.newInstance(); + if(resultData != null && !resultData.isEmpty()) { + newFragment.setArguments(resultData); } + newFragment.show(transaction, SignUpDialog.TAG); + } + + @Override + public void signUp(String username, String password) { + Intent provider_API_command = prepareProviderAPICommand(); + Bundle parameters = provider_API_command.getExtras().getBundle(ProviderAPI.PARAMETERS); + if(parameters == null) + parameters = new Bundle(); + + parameters.putString(SessionDialogInterface.USERNAME, username); + parameters.putString(SessionDialogInterface.PASSWORD, password); + + mProgressBar.setVisibility(ProgressBar.VISIBLE); + eipStatus.setText(R.string.signingup_message); + + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); + provider_API_command.setAction(ProviderAPI.SRP_REGISTER); + startService(provider_API_command); + } /** * Asks ProviderAPI to download an authenticated OpenVPN certificate. - * @param session_id cookie for the server to allow us to download the certificate. */ - private void downloadAuthedUserCertificate(/*Cookie session_id*/) { + private void downloadAuthedUserCertificate() { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); providerAPI_result_receiver.setReceiver(this); @@ -448,8 +398,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf Bundle parameters = new Bundle(); parameters.putString(ConfigurationWizard.TYPE_OF_CERTIFICATE, ConfigurationWizard.AUTHED_CERTIFICATE); - /*parameters.putString(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id.getName()); - parameters.putString(ConfigHelper.SESSION_ID_KEY, session_id.getValue());*/ provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); @@ -460,53 +408,55 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf @Override public void onReceiveResult(int resultCode, Bundle resultData) { - if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL){ - authenticate(resultData.getString(LogInDialog.USERNAME), resultData.getString(LogInDialog.PASSWORD)); - } else if(resultCode == ProviderAPI.SRP_REGISTRATION_FAILED){ - signUpDialog(((ViewGroup)findViewById(android.R.id.content)).getChildAt(0), resultData); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL){ - String session_id_cookie_key = resultData.getString(ProviderAPI.SESSION_ID_COOKIE_KEY); - String session_id_string = resultData.getString(ProviderAPI.SESSION_ID_KEY); - setResult(RESULT_OK); - - authed_eip = true; - preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); - - invalidateOptionsMenu(); - mProgressBar.setVisibility(ProgressBar.GONE); - changeStatusMessage(resultCode); + if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL) { + String username = resultData.getString(SessionDialogInterface.USERNAME); + String password = resultData.getString(SessionDialogInterface.PASSWORD); + logIn(username, password); + } else if(resultCode == ProviderAPI.SRP_REGISTRATION_FAILED) { + changeStatusMessage(resultCode); + hideProgressBar(); + + signUpDialog(resultData); + } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL) { + changeStatusMessage(resultCode); + hideProgressBar(); + + invalidateOptionsMenu(); + + authed_eip = true; + preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); - //Cookie session_id = new BasicClientCookie(session_id_cookie_key, session_id_string); - downloadAuthedUserCertificate(/*session_id*/); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { - logInDialog(resultData); - } else if(resultCode == ProviderAPI.LOGOUT_SUCCESSFUL) { - authed_eip = false; - preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); - mProgressBar.setVisibility(ProgressBar.GONE); - mProgressBar.setProgress(0); - invalidateOptionsMenu(); - setResult(RESULT_OK); - changeStatusMessage(resultCode); - - } else if(resultCode == ProviderAPI.LOGOUT_FAILED) { - setResult(RESULT_CANCELED); - changeStatusMessage(resultCode); - mProgressBar.setVisibility(ProgressBar.GONE); - } else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { + downloadAuthedUserCertificate(); + } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { + changeStatusMessage(resultCode); + hideProgressBar(); + + logInDialog(resultData); + } else if(resultCode == ProviderAPI.LOGOUT_SUCCESSFUL) { + changeStatusMessage(resultCode); + hideProgressBar(); + + invalidateOptionsMenu(); + + authed_eip = false; + preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); + + } else if(resultCode == ProviderAPI.LOGOUT_FAILED) { + changeStatusMessage(resultCode); + hideProgressBar(); + + setResult(RESULT_CANCELED); + } else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { + changeStatusMessage(resultCode); + hideProgressBar(); + setResult(RESULT_OK); + eipStart(); + } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { changeStatusMessage(resultCode); - if(mProgressBar != null) - mProgressBar.setVisibility(ProgressBar.GONE); - if(EipServiceFragment.isEipSwitchChecked()) - eipStart(); - else - eipStatus.setText(R.string.eip_state_not_connected); - } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { + hideProgressBar(); setResult(RESULT_CANCELED); - changeStatusMessage(resultCode); - mProgressBar.setVisibility(ProgressBar.GONE); - } + } } private void changeStatusMessage(final int previous_result_code) { @@ -515,6 +465,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected void onReceiveResult(int resultCode, Bundle resultData){ super.onReceiveResult(resultCode, resultData); String request = resultData.getString(EIP.REQUEST_TAG); + if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); if (request.equalsIgnoreCase(EIP.ACTION_IS_EIP_RUNNING)){ if (resultCode == Activity.RESULT_OK){ @@ -534,6 +485,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eipStatus.setText(R.string.succesful_authentication_message); break; case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; + case ProviderAPI.SRP_REGISTRATION_FAILED: eipStatus.setText(R.string.registration_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.logged_out_message); break; @@ -547,6 +499,14 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf eipIsRunning(eip_status_receiver); } + private void hideProgressBar() { + if(mProgressBar == null) + mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); + + mProgressBar.setProgress(0); + mProgressBar.setVisibility(ProgressBar.GONE); + } + /** * For retrieving the base application Context in classes that don't extend * Android's Activity class @@ -558,11 +518,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } - @Override + @Override public void startActivityForResult(Intent intent, int requestCode) { intent.putExtra(Dashboard.REQUEST_CODE, requestCode); super.startActivityForResult(intent, requestCode); } + /** * Send a command to EIP * @@ -577,30 +538,19 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf startService(eip_intent); } - /** - * Send a command to EIP - * - */ - private void eipStop(){ - // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? - Intent eip_intent = new Intent(this, EIP.class); - eip_intent.setAction(EIP.ACTION_STOP_EIP); - // eip_intent.putExtra(EIP.RECEIVER_TAG, eip_receiver);fi - startService(eip_intent); - - } - - private void eipStart(){ - Intent eip_intent = new Intent(this, EIP.class); - eip_intent.setAction(EIP.ACTION_START_EIP); - eip_intent.putExtra(EIP.RECEIVER_TAG, EipServiceFragment.getReceiver()); - startService(eip_intent); + private void eipStop(){ + EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); + eipFragment.stopEIP(); + } + private void eipStart() { + EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); + eipFragment.startEipFromScratch(); } - protected void setProgressBarVisibility(int visibility) { + protected void showProgressBar() { if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - mProgressBar.setVisibility(visibility); + mProgressBar.setVisibility(ProgressBar.VISIBLE); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java index 4a8bae46..ad7552c8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java @@ -87,7 +87,7 @@ public final class EIP extends IntentService { public final static String SERVICE_API_PATH = "config/eip-service.json"; public final static String RECEIVER_TAG = "receiverTag"; public final static String REQUEST_TAG = "requestTag"; - public final static String TAG = "se.leap.bitmaskclient.EIP"; + public final static String TAG = EIP.class.getSimpleName(); public final static SimpleDateFormat certificate_date_format = new SimpleDateFormat("yyyy-MM-dd HH:mm", Locale.US); @@ -113,8 +113,9 @@ public final class EIP extends IntentService { super.onCreate(); context = getApplicationContext(); - - updateEIPService(); + + // Log.d(TAG, "Update EIP Service onCreate EIP"); + // updateEIPService(); } @Override @@ -130,7 +131,7 @@ public final class EIP extends IntentService { protected void onHandleIntent(Intent intent) { String action = intent.getAction(); mReceiver = intent.getParcelableExtra(RECEIVER_TAG); - + if ( action == ACTION_START_EIP ) startEIP(); else if ( action == ACTION_STOP_EIP ) @@ -155,6 +156,7 @@ public final class EIP extends IntentService { activeGateway = selectGateway(); if(activeGateway != null && activeGateway.mVpnProfile != null) { + mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); } } @@ -318,8 +320,11 @@ public final class EIP extends IntentService { */ private void updateEIPService() { try { - eipDefinition = new JSONObject(getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(KEY, "")); - parsedEipSerial = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getInt(PARSED_SERIAL, 0); + String eip_definition_string = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(KEY, ""); + if(eip_definition_string.isEmpty() == false) { + eipDefinition = new JSONObject(eip_definition_string); + } + parsedEipSerial = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getInt(PARSED_SERIAL, 0); } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -327,16 +332,14 @@ public final class EIP extends IntentService { if(parsedEipSerial == 0) { deleteAllVpnProfiles(); } - if (eipDefinition != null && eipDefinition.optInt("serial") > parsedEipSerial) + if (eipDefinition != null && eipDefinition.optInt("serial") >= parsedEipSerial) updateGateways(); } private void deleteAllVpnProfiles() { ProfileManager vpl = ProfileManager.getInstance(context); - VpnProfile[] profiles = (VpnProfile[]) vpl.getProfiles().toArray(new VpnProfile[vpl.getProfiles().size()]); - for (int current_profile = 0; current_profile < profiles.length; current_profile++){ - vpl.removeProfile(context, profiles[current_profile]); - } + Collection<VpnProfile> profiles = vpl.getProfiles(); + profiles.removeAll(profiles); } /** @@ -346,8 +349,8 @@ public final class EIP extends IntentService { */ private void updateGateways(){ JSONArray gatewaysDefined = null; - try { + if(eipDefinition == null) updateEIPService(); gatewaysDefined = eipDefinition.getJSONArray("gateways"); for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ JSONObject gw = null; @@ -360,7 +363,6 @@ public final class EIP extends IntentService { // TODO Auto-generated catch block e.printStackTrace(); } - getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit(); } @@ -483,6 +485,7 @@ public final class EIP extends IntentService { cp.parseConfig(new StringReader(certSecretFromSharedPreferences())); cp.parseConfig(new StringReader("remote-cert-tls server")); cp.parseConfig(new StringReader("persist-tun")); + cp.parseConfig(new StringReader("auth-retry nointeract")); VpnProfile vp = cp.convertProfile(); //vp.mAuthenticationType=VpnProfile.TYPE_STATICKEYS; mVpnProfile = vp; diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 18ee0262..a7d68198 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -195,7 +195,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe eipCommand(EIP.ACTION_START_EIP); } - private void stopEIP() { + protected void stopEIP() { EIP.mIsStarting = false; View eipProgressBar = getActivity().findViewById(R.id.eipProgress); if(eipProgressBar != null) @@ -236,7 +236,8 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe } else if(justDecidedOnDisconnect && level == ConnectionStatus.LEVEL_CONNECTED) { EIP.lastConnectionStatusLevel = ConnectionStatus.LEVEL_NOTCONNECTED; updateState(state, logmessage, localizedResId, level); - } + } // else if(isNewLevel || level == ConnectionStatus.LEVEL_AUTH_FAILED) + // handleNewState(state, logmessage, localizedResId, level); } private void handleNewState(final String state, final String logmessage, final int localizedResId, final ConnectionStatus level) { @@ -248,6 +249,8 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe setNoServerReplyUI(localizedResId, logmessage); else if (level == ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) setServerReplyUI(state, localizedResId, logmessage); + // else if (level == ConnectionStatus.LEVEL_AUTH_FAILED) + // handleSwitchOn(); } private boolean isDisconnectedLevel(final ConnectionStatus level) { @@ -380,7 +383,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe case Activity.RESULT_CANCELED: Dashboard dashboard = (Dashboard) getActivity(); - dashboard.setProgressBarVisibility(ProgressBar.VISIBLE); + dashboard.showProgressBar(); String status = getResources().getString(R.string.updating_certificate_message); setEipStatus(status); diff --git a/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java b/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java new file mode 100644 index 00000000..c4844be9 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java @@ -0,0 +1,51 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package se.leap.bitmaskclient; + +import android.app.Fragment; +import android.app.FragmentManager; +import android.app.FragmentTransaction; + +public class FragmentManagerEnhanced { + + private FragmentManager generic_fragment_manager; + + public FragmentManagerEnhanced(FragmentManager generic_fragment_manager) { + this.generic_fragment_manager = generic_fragment_manager; + } + + public FragmentTransaction removePreviousFragment(String tag) { + FragmentTransaction transaction = generic_fragment_manager.beginTransaction(); + Fragment previous_fragment = generic_fragment_manager.findFragmentByTag(tag); + if (previous_fragment != null) { + transaction.remove(previous_fragment); + } + transaction.addToBackStack(null); + + return transaction; + } + + public void replace(int containerViewId, Fragment fragment, String tag) { + FragmentTransaction transaction = generic_fragment_manager.beginTransaction(); + + transaction.replace(containerViewId, fragment, tag).commit(); + } + + public Fragment findFragmentByTag(String tag) { + return generic_fragment_manager.findFragmentByTag(tag); + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java index 45d3a373..5a0c9a6d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java @@ -42,15 +42,10 @@ import android.widget.TextView; * @author parmegv * */ -public class LogInDialog extends DialogFragment { +public class LogInDialog extends SessionDialogInterface { - final public static String TAG = "logInDialog"; - final public static String VERB = "log in"; - final public static String USERNAME = "username"; - final public static String PASSWORD = "password"; - final public static String USERNAME_MISSING = "username missing"; - final public static String PASSWORD_INVALID_LENGTH = "password_invalid_length"; + final public static String TAG = LogInDialog.class.getSimpleName(); private static boolean is_eip_pending = false; @@ -93,7 +88,7 @@ public class LogInDialog extends DialogFragment { String username = username_field.getText().toString(); String password = password_field.getText().toString(); dialog.dismiss(); - interface_with_Dashboard.authenticate(username, password); + interface_with_Dashboard.logIn(username, password); } }) .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { @@ -120,7 +115,7 @@ public class LogInDialog extends DialogFragment { * */ public interface LogInDialogInterface { - public void authenticate(String username, String password); + public void logIn(String username, String password); public void cancelAuthedEipOn(); public void signUp(String username, String password); public void cancelLoginOrSignup(); @@ -149,8 +144,8 @@ public class LogInDialog extends DialogFragment { @Override public void onCancel(DialogInterface dialog) { + super.onCancel(dialog); if(is_eip_pending) interface_with_Dashboard.cancelAuthedEipOn(); - super.onCancel(dialog); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderAPIResultReceiver.java b/app/src/main/java/se/leap/bitmaskclient/ProviderAPIResultReceiver.java index 7b256124..7e4e95d3 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderAPIResultReceiver.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderAPIResultReceiver.java @@ -14,7 +14,7 @@ * You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
- package se.leap.bitmaskclient;
+package se.leap.bitmaskclient;
import android.os.Bundle;
import android.os.Handler;
diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java new file mode 100644 index 00000000..7b08a4d1 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java @@ -0,0 +1,39 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package se.leap.bitmaskclient; + +import android.app.Activity; +import android.app.AlertDialog; +import android.app.DialogFragment; +import android.content.DialogInterface; +import android.os.Bundle; + +/** + * @author parmegv + */ +public abstract class SessionDialogInterface extends DialogFragment { + final public static String USERNAME = "username"; + final public static String PASSWORD = "password"; + final public static String USERNAME_MISSING = "username missing"; + final public static String PASSWORD_INVALID_LENGTH = "password_invalid_length"; + + @Override + public void onAttach(Activity activity) { super.onAttach(activity); } + + @Override + public void onCancel(DialogInterface dialog) { super.onCancel(dialog); } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java index 120d4eec..3cb41f4f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java @@ -42,14 +42,9 @@ import android.widget.TextView; * @author parmegv * */ -public class SignUpDialog extends DialogFragment { - - final public static String TAG = "signUpDialog"; - final public static String VERB = "log in"; - final public static String USERNAME = "username"; - final public static String PASSWORD = "password"; - final public static String USERNAME_MISSING = "username missing"; - final public static String PASSWORD_INVALID_LENGTH = "password_invalid_length"; +public class SignUpDialog extends SessionDialogInterface { + + final public static String TAG = SignUpDialog.class.getSimpleName(); private static boolean is_eip_pending = false; diff --git a/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java index b7289c23..7b597554 100644 --- a/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java @@ -1,10 +1,11 @@ package se.leap.bitmaskclient; import android.content.Intent; +import android.os.Process; import android.net.VpnService; import android.util.Log; -public class VoidVpnService extends VpnService { +public class VoidVpnService extends VpnService { static final String START_BLOCKING_VPN_PROFILE = "se.leap.bitmaskclient.START_BLOCKING_VPN_PROFILE"; static final String TAG = VoidVpnService.class.getSimpleName(); @@ -14,29 +15,22 @@ public class VoidVpnService extends VpnService { String action = intent.getAction(); if (action == START_BLOCKING_VPN_PROFILE) { new Thread(new Runnable() { - public void run() { - blockConnections(); + public void run() { + Builder builder = new Builder(); + builder.setSession("Blocking until running"); + builder.addAddress("10.42.0.8",16); + builder.addRoute("0.0.0.0", 1); + builder.addRoute("192.168.1.0", 24); + builder.addDnsServer("10.42.0.1"); + try { + builder.establish(); + } catch (Exception e) { + e.printStackTrace(); + } + android.util.Log.d(TAG, "VoidVpnService set up"); } }).run(); } return 0; } - - public void blockConnections() { - Builder builder = new Builder(); - builder.setSession("Blocking until running"); - builder.addAddress("10.42.0.8",16); - builder.addRoute("0.0.0.0", 1); - builder.addRoute("128.0.0.0", 1); - builder.addRoute("192.168.1.0", 24); - builder.addDnsServer("10.42.0.1"); - builder.establish(); - android.util.Log.d(TAG, "VoidVpnService set up"); - try { - new java.net.Socket("sdf.org", 80); - Log.d(TAG, "VoidVpnService doesn's stop traffic"); - } catch (Exception e) { - e.printStackTrace(); - } - } } diff --git a/app/src/main/res/layout-sw600dp-port/log_fragment.xml b/app/src/main/res/layout-sw600dp-port/log_fragment.xml index ddf0506b..2f5c774d 100644 --- a/app/src/main/res/layout-sw600dp-port/log_fragment.xml +++ b/app/src/main/res/layout-sw600dp-port/log_fragment.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" diff --git a/app/src/main/res/layout-sw600dp/log_fragment.xml b/app/src/main/res/layout-sw600dp/log_fragment.xml index c4e1355c..b8997982 100644 --- a/app/src/main/res/layout-sw600dp/log_fragment.xml +++ b/app/src/main/res/layout-sw600dp/log_fragment.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" diff --git a/app/src/main/res/layout/log_fragment.xml b/app/src/main/res/layout/log_fragment.xml index 0b428070..2cc4759e 100644 --- a/app/src/main/res/layout/log_fragment.xml +++ b/app/src/main/res/layout/log_fragment.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" diff --git a/app/src/main/res/layout/log_silders.xml b/app/src/main/res/layout/log_silders.xml index 0ecb5daa..3fcbd85a 100644 --- a/app/src/main/res/layout/log_silders.xml +++ b/app/src/main/res/layout/log_silders.xml @@ -1,6 +1,11 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <LinearLayout xmlns:tools="http://schemas.android.com/tools" xmlns:android="http://schemas.android.com/apk/res/android" diff --git a/app/src/main/res/layout/log_window.xml b/app/src/main/res/layout/log_window.xml index 56c3e349..d7576ca3 100644 --- a/app/src/main/res/layout/log_window.xml +++ b/app/src/main/res/layout/log_window.xml @@ -1,3 +1,8 @@ +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <FrameLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:id="@+id/container" diff --git a/app/src/main/res/layout/vpnstatus.xml b/app/src/main/res/layout/vpnstatus.xml index eb7c53ee..2fd65b4c 100644 --- a/app/src/main/res/layout/vpnstatus.xml +++ b/app/src/main/res/layout/vpnstatus.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <merge xmlns:tools="http://schemas.android.com/tools" xmlns:android="http://schemas.android.com/apk/res/android"> diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml index c8c9e815..a1d2a7b5 100644 --- a/app/src/main/res/menu/logmenu.xml +++ b/app/src/main/res/menu/logmenu.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <menu xmlns:android="http://schemas.android.com/apk/res/android"> diff --git a/app/src/main/res/values-ca/strings-icsopenvpn.xml b/app/src/main/res/values-ca/strings-icsopenvpn.xml index 7e74c198..b18766ca 100755 --- a/app/src/main/res/values-ca/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ca/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-cs/strings-icsopenvpn.xml b/app/src/main/res/values-cs/strings-icsopenvpn.xml index b13bfcdd..6ae5a3f0 100755 --- a/app/src/main/res/values-cs/strings-icsopenvpn.xml +++ b/app/src/main/res/values-cs/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -319,4 +323,9 @@ <string name="files_missing_hint">Některé soubory nemohly být nalezeny. Prosím vyber profil, který chceš importovat:</string> <string name="openvpn_is_no_free_vpn">Pro používání této aplikace je potřeba VPN poskytovatel/brána, která podporuje OpenVPN (často je to zaměstnavatel). Pro více informací a návod na nastavení OpenVPN serveru navštiv http://community.openvpn.net/</string> <string name="import_log">Import logu:</string> + <string name="ip_looks_like_subnet">Vpn topologie \"%3$s\" soecifikována, ale ifconfig %1$s %2$s vypadá spíše jako IP adresa se síťovou maskou. Předpokládám \"podsíťovou\" topologii.</string> + <string name="mssfix_invalid_value">mssfix hodnota musí být celé číslo mezi 0 a 9000</string> + <string name="mssfix_value_dialog">Oznámit TCP sezením běžícím skrze tunel, že mají limitovat velikost odesílaných paketů tak, aby poté, co je OpenVPN zabalí, byla výsledná velikost UDP paketu, které OpenVPN posílá menší než tento počet bytů. (výchozí je 1450)</string> + <string name="mssfix_checkbox">Přepsat hodnotu MSS pro TCP obsah</string> + <string name="mssfix_dialogtitle">Nastavit MSS pro TCP obsah</string> </resources> diff --git a/app/src/main/res/values-de/strings-icsopenvpn.xml b/app/src/main/res/values-de/strings-icsopenvpn.xml index 5ece9326..cebb9646 100755 --- a/app/src/main/res/values-de/strings-icsopenvpn.xml +++ b/app/src/main/res/values-de/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -319,4 +323,9 @@ <string name="files_missing_hint">Einige Dateien konnten nicht gefunden werden. Bitte wählen Sie diese manuell aus:</string> <string name="openvpn_is_no_free_vpn">Um diese Anwendung nutzen zu können brauchen Sie einen OpenVPN fähigen Server. Diese werden häufig von Ihrer Firma oder Universität bereitgestellt. Besuchen Sie http://community.openvpn.net/ um mehr über OpenVPN zu erfahren und wie Sie Ihren eigenen Server aufsetzen können.</string> <string name="import_log">Import-Protokoll:</string> + <string name="ip_looks_like_subnet">VPN-Topologie \"%3$s\" wurde angegeben, die Interface Konfiguration \'ifconfig %1$s %2$s sieht wie eine IP-Adresse mit einer Netzwerkmaske. Topologie \"subnet\" wird angenommen.</string> + <string name="mssfix_invalid_value">mssfix Wert muss eine Zahl zwischen 0 und 9000 sein</string> + <string name="mssfix_value_dialog">Ändere TCP-Verbindungen, die über den Tunnel laufen, so dass die resultierende UDP-Paketgröße nach der Enkapsulierung durch OpenVPN auf diesen Wert beschränkt bleibt. (Standardwert ist 1450)</string> + <string name="mssfix_checkbox">Überschreiben des MSS-Wert von TCP-Nutzlast</string> + <string name="mssfix_dialogtitle">Setze MSS von TCP-Nutzlast</string> </resources> diff --git a/app/src/main/res/values-es/strings-icsopenvpn.xml b/app/src/main/res/values-es/strings-icsopenvpn.xml index 399392bf..92995c6f 100755 --- a/app/src/main/res/values-es/strings-icsopenvpn.xml +++ b/app/src/main/res/values-es/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -319,4 +323,8 @@ <string name="files_missing_hint">Algunos archivos no se pudo encontrar. Por favor, seleccione los archivos que desea importar el perfil:</string> <string name="openvpn_is_no_free_vpn">Para utilizar esta aplicación usted necesita un proveedor de servicio VPN / es un apoyo OpenVPN (a menudo proporcionados por su empleador). Echa un vistazo a http://community.openvpn.net/ para más información sobre OpenVPN y cómo configurar su propio servidor OpenVPN.</string> <string name="import_log">Importar registros:</string> + <string name="ip_looks_like_subnet">Topología de VPN \"%3$s\" especificado pero ifconfig %1$s %2$s se parece más a una dirección IP con una máscara de red. Asumiendo una topología de \"subred\".</string> + <string name="mssfix_invalid_value">El valor de mssfix debe ser un número entero entre 0 y 9000</string> + <string name="mssfix_checkbox">Reemplazar el valor MSS de la carga TCP</string> + <string name="mssfix_dialogtitle">Establecer MSS de la carga TCP</string> </resources> diff --git a/app/src/main/res/values-et/strings-icsopenvpn.xml b/app/src/main/res/values-et/strings-icsopenvpn.xml index 478483ec..7761726e 100755 --- a/app/src/main/res/values-et/strings-icsopenvpn.xml +++ b/app/src/main/res/values-et/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -319,4 +323,9 @@ <string name="files_missing_hint">Mõningaid faile ei leitud. Palun valige importimiseks profiili failid:</string> <string name="openvpn_is_no_free_vpn">Selle rakenduse kasutamiseks vajate OpenVPN toega VPN teenusepakkujat/VPN lüüsi (mida sageli pakub teie tööandja). Lisainfo saamiseks OpenVPN kohta ja oma isikliku OpenVPN serveri seadistamise kohta tutvuge veebilehega http://community.openvpn.net/ .</string> <string name="import_log">Impordi logi:</string> + <string name="ip_looks_like_subnet">Valitud on \"%3$s\" Vpn topoloogia, kuid ifconfig %1$s %2$s sarnaneb rohkem maskiga IP aadressile. Määratakse \"alamvõrgu\" topoloogia.</string> + <string name="mssfix_invalid_value">mssfix väärtus peab olema täisarv vahemikus 0 kuni 9000</string> + <string name="mssfix_value_dialog">Informeeri tunneldatud TCP sessioone et nad piiraksid saadetavate pakettide suuruse nii, et peale OpenVPN kapseldatud paketi partnerile saatmist ei oleks saadud UDP pakett suurem kui ette antud baitide arv. (vaikeväärtus on 1450)</string> + <string name="mssfix_checkbox">Ignoreeri TCP lasti MSS väärtust</string> + <string name="mssfix_dialogtitle">Sea TCP lasti MSS väärtus</string> </resources> diff --git a/app/src/main/res/values-fr/strings-icsopenvpn.xml b/app/src/main/res/values-fr/strings-icsopenvpn.xml index a26ce445..15bc7aa4 100755 --- a/app/src/main/res/values-fr/strings-icsopenvpn.xml +++ b/app/src/main/res/values-fr/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -216,7 +220,6 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces <string name="vpn_import_hint">"Utilisez l\'icône <img src=\"ic_menu_archive\"/> pour importer un fichier profil (.opvpn ou .conf) de votre carte SD."</string> <string name="faq_hint">"Veillez également à consulter la FAQ. Il s\'y trouve un guide de démarrage rapide."</string> <string name="faq_routing_title">"Redirections / Configuration de l\'interface"</string> - <string name="faq_routing">The Routing and interface configuration is not done via traditional ifconfig/route commands but by using the VPNService API. This results in a different routing configuration than on other OSes. The configuration for the VPN tunnel consists of the IP address and the networks that should be routed over this interface. Especially no peer partner address or gateway address is needed. Special routes to reach the VPN Server (for example added when using redirect-gateway) are not needed either. The application will consequently ignore these settings when importing a configuration. The app ensures with the VPNService API that the connection to the server is not routed through the VPN tunnel. Only specifying networks to be routed via tunnel is supported. The app tries to detect networks that should not be routed over tunnel (e.g. route x.x.x.x y.y.y.y net_gateway) and calculates a route set that excludes this routes to emulate the behaviour of other platforms. The log windows shows the configuration of the VPNService upon establishing a connection.</string> <string name="persisttun_summary">Ne pas couper la connexion VPN lors de la reconnexion d\'OpenVPN.</string> <string name="persistent_tun_title">Persistance de l\'interface TUN</string> <string name="openvpn_log">Log OpenVPN</string> diff --git a/app/src/main/res/values-hu/strings-icsopenvpn.xml b/app/src/main/res/values-hu/strings-icsopenvpn.xml index 99c5201f..504ab893 100755 --- a/app/src/main/res/values-hu/strings-icsopenvpn.xml +++ b/app/src/main/res/values-hu/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-in/strings-icsopenvpn.xml b/app/src/main/res/values-in/strings-icsopenvpn.xml index ccb60754..c111cbb5 100755 --- a/app/src/main/res/values-in/strings-icsopenvpn.xml +++ b/app/src/main/res/values-in/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -85,6 +89,7 @@ <string name="use_default_title">Gunakan rute standar</string> <string name="custom_route_message">Masukkan rute butan sendiri. Masukkan tujuan dalam format CIDR. \"10.0.0.0/8 2002:: / 16\" akan mengarahkan jaringan 10.0.0.0/8 dan 2002:: / 16 melalui jaringan VPN</string> <string name="custom_routes_title">Rute buatan sendiri</string> + <string name="custom_routes_title_excluded">Jaringan Dikecualikan</string> <string name="log_verbosity_level">Tingkat rincian catatan</string> <string name="float_summary">Ijinkan paket terotentifikasi dari semua IP</string> <string name="float_title">Ijinkan server mengambang</string> diff --git a/app/src/main/res/values-it/strings-icsopenvpn.xml b/app/src/main/res/values-it/strings-icsopenvpn.xml index 61d09818..29d48904 100755 --- a/app/src/main/res/values-it/strings-icsopenvpn.xml +++ b/app/src/main/res/values-it/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -86,6 +90,7 @@ <string name="custom_route_message">Inserisci instradamenti personalizzati. Usare il formato CIDR. \"10.0.0.0/8 2002::/16\" reindirizza le reti 10.0.0.0/8 e 2002::/16 sulla VPN.</string> <string name="custom_route_message_excluded">Itinerari che dovrebbero non essere instradati su VPN. Utilizzare la stessa sintassi per quanto riguarda le rotte incluse.</string> <string name="custom_routes_title">Routing personalizzati</string> + <string name="custom_routes_title_excluded">Reti escluse</string> <string name="log_verbosity_level">Livello di dettaglio del registro</string> <string name="float_summary">Permette pacchetti autenticati da qualsiasi IP (consente che l\'IP del server possa cambiare)</string> <string name="float_title">Modalità float</string> @@ -99,6 +104,9 @@ <string name="last_openvpn_tun_config">Apertura interfaccia tun in corso:</string> <string name="local_ip_info">Indirizzi locali - IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string> <string name="dns_server_info">DNS Server: %1$s, Dominio: %2$s</string> + <string name="routes_info_incl">Instradamenti: %1$s %2$s</string> + <string name="routes_info_excl">Instradamenti esclusi: %1$s %2$s</string> + <string name="routes_debug">Instradamenti VpnService installati: %1$s %2$s</string> <string name="ip_not_cidr">Ottenute le informazioni sulle interfacce %1$s e %2$s, assumendo che il secondo indirizzo sia il peer remoto. Utilizzata la maschera /32 per l\'IP locale. La modalità impostata da OpenVPN è \"%3$s\".</string> <string name="route_not_cidr">Impossibile utilizzare %1$s e %2$s come reindirizzamenti IP con la maschera CIDR, è stata quindi usata la maschera /32.</string> <string name="route_not_netip">Instradamento %1$s/%2$s corretto con %3$s/%2$s</string> @@ -213,6 +221,7 @@ Effettuata la lettura del file di configurazione</string> <string name="vpn_import_hint">Usa l\'icona <img src=\"ic_menu_archive\"/> per importare il profilo (.ovpn o .conf) dalla tua scheda SD.</string> <string name="faq_hint">Si raccomanda di leggere anche le FAQ. C\'è anche una guida rapida.</string> <string name="faq_routing_title">Configurazione dei reindirizzamenti e dell\'interfaccia</string> + <string name="faq_routing">Il routing e la configurazione dell\'interfaccia non vengono fatti tramite i comandi ifconfig/route tradizionali ma utilizzando l\'API VPNService. Ciò si traduce in una configurazione di routing diversa rispetto ad altri sistemi operativi. La configurazione del tunnel VPN è composta dall\'indirizzo IP e dalle reti che devono essere instradate su tale interfaccia. Soprattutto non è necessario alcun indirizzo peer o gateway. Percorsi speciali per raggiungere il server VPN (ad esempio aggiunti quando si utilizza redirect-gateway) non sono neanche necessari. L\'applicazione pertanto ignorerà queste impostazioni durante l\'importazione di una configurazione. L\'applicazione garantisce con l\'API VPNService che la connessione al server non venga instradata attraverso il tunnel VPN. E\' supportato solo la specifica delle reti che devono essere instradate tramite il tunnel. L\'applicazione cerca di rilevare le reti che non devono essere instradate sul tunnel (ad esempio, route x.x.x.x y.y.y.y net_gateway) e calcola una serie di itinerari che escludono questi percorsi per emulare il comportamento di altre piattaforme. Le schermate del registro mostrano la configurazione del VPNService finché si stabilisce una connessione.</string> <string name="persisttun_summary">Non passa allo stato di \"Nessuna connessione VPN\" quando OpenVPN sta eseguendo un tentativo di riconnessione.</string> <string name="persistent_tun_title">tun persistente</string> <string name="openvpn_log">Log di OpenVPN</string> @@ -307,5 +316,13 @@ Effettuata la lettura del file di configurazione</string> <string name="logview_options">Visualizza opzioni</string> <string name="unhandled_exception">Eccezione non gestita: %1$s\n\n%2$s</string> <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string> + <string name="faq_system_dialog_xposed">Se il tuo dispositivo Android ha il root allora è possibile installare il <a href=\"http://xposed.info/\">framework Xposed</a> e il <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">modulo di conferma VPN Dialog</a> a proprio rischio e pericolo\"</string> <string name="full_licenses">Licenze complete</string> + <string name="blocklocal_summary">Le reti direttamente collegate alle interfacce locali non verranno instradate attraverso la VPN. Deselezionando questa opzione si inoltrerà tutto il traffico dalle reti locali alla VPN.</string> + <string name="blocklocal_title">Ignora VPN per le reti locali</string> + <string name="userpw_file">File nome utente/password</string> + <string name="imported_from_file">[Importato da: %s]</string> + <string name="files_missing_hint">Alcuni file non possono essere trovati. Si prega di selezionare i file da importare nel profilo:</string> + <string name="openvpn_is_no_free_vpn">Per utilizzare questa applicazione è necessario un provider VPN/gateway VPN che supportino OpenVPN (spesso forniti dal datore di lavoro). Vai a http://community.openvpn.net/ per ulteriori informazioni su OpenVPN e come configurare il proprio server OpenVPN.</string> + <string name="import_log">Registro importazione:</string> </resources> diff --git a/app/src/main/res/values-ja/strings-icsopenvpn.xml b/app/src/main/res/values-ja/strings-icsopenvpn.xml index d537e3d8..79474f2d 100755 --- a/app/src/main/res/values-ja/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ja/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -23,7 +27,7 @@ <string name="vpn_list_title">プロファイル</string> <string name="vpn_type">種別</string> <string name="pkcs12pwquery">PKCS12のパスワード</string> - <string name="file_select">選択</string> + <string name="file_select">選択…</string> <string name="file_nothing_selected">ファイルを選択する必要があります。</string> <string name="useTLSAuth">TLS認証を使用します。</string> <string name="tls_direction">TLS Direction</string> @@ -99,7 +103,7 @@ <string name="dns_server_info">DNSサーバ: %1$s, ドメイン: %2$s</string> <string name="routes_info_incl">経路: %1$s %2$s</string> <string name="routes_info_excl">除外された経路: %1$s %2$s</string> - <string name="ip_not_cidr">インターフェース情報として[%1$s]と[%2$s]を取得しました。2つめのアドレスはリモート側のピアアドレスです。32ビットマスクをローカルIPに使用します。 OpenVPNのモードは[%3$s]です。</string> + <string name="ip_not_cidr">インターフェース情報として %1$s と %2$s を取得しました。2つ目のアドレスはリモート側のピアアドレスです。32ビットマスクをローカルIPに使用します。 OpenVPNのモードは \"%3$s\" です。</string> <string name="route_not_cidr">%1$sと%2$sではCIDR形式のIP経路情報として意味をなしません。32ビットマスクを使用します。</string> <string name="route_not_netip">経路情報%1$s/%2$sを%3$s/%2$sに修正しました。</string> <string name="keychain_access">Androidの証明書管理にアクセスできません。(ファームウェアの更新、アプリケーションまたはその設定のリストアによって発生する場合があります)。VPNの設定で証明書の選択を再度行ってください。</string> @@ -107,12 +111,11 @@ <string name="send_logfile">ログ ファイルを送信します。</string> <string name="send">送信</string> <string name="ics_openvpn_log_file">ICS OpenVPN ログ ファイル</string> - <string name="copied_entry">クリップ ボードにコピーされたログ エントリ</string> + <string name="copied_entry">ログ エントリをクリップボードにコピーしました</string> <string name="tap_mode">TAPモード</string> <string name="faq_tap_mode">TAPモードは非root化環境では動作しません。よってこのアプリケーションではTAPをサポートできません。</string> <string name="tap_faq2">またですか?TAPモードはサポートされていませんし、サポートされるかどうかメールを送ることは何の役にも立ちません。</string> - <string name="tap_faq3">3回目です。本当のところ、TUN上で動くレイヤ2エミュレータを書くことはできました。(送信時の情報追加と受信時の情報削除で)。しかしこのエミュレータはARPやおそらくはDHCPをも実装しなければならないでしょう。誰もこのことに気がついていません。もしあなたがこの機能を作る気になったのであれば、どうぞ私に連絡してください。 -</string> + <string name="tap_faq3">3回目です。本当のところ、TUN上で動くレイヤ2エミュレータを書くことはできました。(送信時の情報追加と受信時の情報削除で)。しかしこのエミュレータはARPやおそらくはDHCPをも実装しなければならないでしょう。誰もこのことに気がついていません。もしあなたがこの機能を作る気になったのであれば、どうぞ私に連絡してください。</string> <string name="faq">よくある質問</string> <string name="copying_log_entries">ログ エントリのコピー</string> <string name="faq_copying">1行のログエントリをコピーするには、そのエントリをタッチし続けます。コピー/送信するには「ログエントリを送信」を使用します。GUIで表示されない場合はハードウェアのメニューボタンを使用してください。</string> @@ -138,7 +141,7 @@ <string name="import_could_not_open">インポートされた構成ファイルに記載されたファイル %1$s が見つかりません。</string> <string name="importing_config">構成ファイルを%1$sからインポートしています。</string> <string name="import_warning_custom_options">ユーザインターフェースにマッピングされていないいくつかの設定項目があります。それらの設定はカスタムオプションとして追加されます。カスタムオプションを以下に表示します。</string> - <string name="import_done">構成ファイルの読み取り終了。</string> + <string name="import_done">構成ファイルの読み込みを完了しました。</string> <string name="nobind_summary">ローカル アドレスとポートにバインドを行いません。</string> <string name="no_bind">ローカルバインドしない</string> <string name="import_configuration_file">構成ファイルのインポート</string> @@ -200,8 +203,7 @@ Androidはあなた自身の安全性のために、これらを迂回できな� <p>もしファイルが足りないというエラーが表示されたら、足りなかったファイルをSDカード上に格納してください。</p> <p>インポートされたVPN設定をリストに追加するには、保存アイコンをクリックします。</p> <p>VPNを接続するには、VPNの名称をクリックします。</p> -<p>もし警告やエラーがログエントリに表示されたら、それらを調べて解決してください。</p> -</string> +<p>もし警告やエラーがログエントリに表示されたら、それらを調べて解決してください。</p></string> <string name="faq_howto_title">クイックスタート</string> <string name="setting_loadtun_summary">接続の試行前にTUNデバイスモジュール(tun.ko)を読み込みます。デバイスのroot化が必要です。</string> <string name="setting_loadtun">TUNモジュールをロード</string> @@ -217,8 +219,7 @@ Androidはあなた自身の安全性のために、これらを迂回できな� <string name="restart">再起動</string> <string name="restart_vpn_after_change">設定の変更はVPNの再起動後に反映されます。VPNを(再)起動しますか?</string> <string name="configuration_changed">設定が変更されました</string> - <string name="log_no_last_vpn">編集されたため、最後に接続したプロファイルを確認できませんでした -</string> + <string name="log_no_last_vpn">編集されたため、最後に接続したプロファイルを確認できませんでした</string> <string name="faq_duplicate_notification_title">重複した通知</string> <string name="faq_duplicate_notification">もしAndroidがメモリ不足に陥った場合、その時点で必要とされないアプリケーションやサービスはアクティブなメモリから排除されます。 この処理に伴い、VPN接続は終了されます。 @@ -292,7 +293,7 @@ OpenVPNの接続を保証するためには、アプリケーションを高い� <string name="allowed_apps">許可アプリ: %s</string> <string name="clearappsdialog">許可アプリの一覧をクリアしますか?\n現在の許可アプリ一覧:\n\n%s</string> <string name="screenoff_summary">スクリーンがオフかつ60秒で64kB以下のデータ転送量の場合、VPN通信を中断します。「永続的なTUN」設定が有効な場合、VPN接続が中断されると通信ができなくなります。「永続的なTUN」を無効にすると、VPNによる接続保護は行われなくなります。</string> - <string name="screenoff_title">画面オフ後にVPN接続を中断する</string> + <string name="screenoff_title">画面オフ後にVPN接続を中断</string> <string name="screen_nopersistenttun">警告: このVPN接続には永続的なTUNが設定されていません。スクリーンオフ後の通信は通常のインターネット接続を使用します。</string> <string name="save_password">パスワードを保存</string> <string name="pauseVPN">VPN一時停止</string> @@ -322,10 +323,10 @@ OpenVPNの接続を保証するためには、アプリケーションを高い� <string name="unhandled_exception">未処理の例外: %1$s\n\n%2$s</string> <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string> <string name="faq_system_dialog_xposed">もしあなたがデバイスをroot化しているのであれば、 <a href=\"http://xposed.info/\">Xposed framework</a>と<a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN Dialog confirm module</a> を自己責任においてインストールできます</string> - <string name="full_licenses">フルライセンス</string> + <string name="full_licenses">完全なライセンス告知</string> <string name="blocklocal_summary">ローカルインターフェイスに直接接続されているネットワークはVPNを経由しません。 このオプションを外すとローカルネットワーク宛のすべての通信をVPNにリダイレクトします。</string> - <string name="blocklocal_title">ローカルネットワークはVPNを経由しない</string> + <string name="blocklocal_title">ローカルはVPNを経由しない</string> <string name="userpw_file">ユーザー名/パスワードファイル</string> <string name="imported_from_file">[インポート元: %s]</string> <string name="files_missing_hint">いくつかのファイルが見つかりませんでした。プロファイルをインポートするファイルを選択してください:</string> diff --git a/app/src/main/res/values-ko/strings-icsopenvpn.xml b/app/src/main/res/values-ko/strings-icsopenvpn.xml index cd8bc176..b05e4f51 100755 --- a/app/src/main/res/values-ko/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ko/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-nl/strings-icsopenvpn.xml b/app/src/main/res/values-nl/strings-icsopenvpn.xml index f553449b..2a000195 100755 --- a/app/src/main/res/values-nl/strings-icsopenvpn.xml +++ b/app/src/main/res/values-nl/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-no/strings-icsopenvpn.xml b/app/src/main/res/values-no/strings-icsopenvpn.xml index 7a7dd124..66391eb5 100755 --- a/app/src/main/res/values-no/strings-icsopenvpn.xml +++ b/app/src/main/res/values-no/strings-icsopenvpn.xml @@ -1,11 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> <string name="address">Server adresse:</string> <string name="port">Server port:</string> <string name="location">Plassering</string> + <string name="cant_read_folder">Kan ikke lese katalogen</string> <string name="select">velg</string> <string name="cancel">Avbryt</string> <string name="no_data">Ingen Data</string> @@ -15,32 +20,54 @@ <string name="client_key_title">Klientsertifikat nøkkel</string> <string name="client_pkcs12_title">PKCS12 fil</string> <string name="ca_title">CA-sertifikat</string> + <string name="no_certificate">Du må velge et sertifikat</string> + <string name="copyright_guicode">Kildekode og problemsøkersporing er tilgjengelig på http://code.google.com/p/ics-openvpn/</string> + <string name="copyright_others">Dette programmet bruker følgende komponenter; se kildekoden for detaljer om lisensene</string> <string name="about">Om</string> + <string name="vpn_list_title">Profiler</string> <string name="vpn_type">Type</string> <string name="pkcs12pwquery">PKCS12 passord</string> <string name="file_select">Velg…</string> + <string name="file_nothing_selected">Du må velge en fil</string> <string name="useTLSAuth">Bruke TLS-godkjenning</string> <string name="tls_direction">TLS-retning</string> <string name="ipv6_dialog_tile">Angi IPv6-adresse/nettmaske i CIDR format (f.eks 2000:dd::23/64)</string> <string name="ipv4_dialog_title">Angi IPv6-adresse/nettmaske i CIDR format (f.eks 1.2.3.4/24)</string> <string name="ipv4_address">IPv4-adresse</string> <string name="ipv6_address">IPv6-adresse</string> + <string name="custom_option_warning">Angi egendefinerte OpenVPN-alternativer. Bør brukes med forsiktighet. Vær også oppmerksom på at mange av de tun-relaterte OpenVPN-innstillingene ikke støttes i henhold til utformingen av VPNSettings. Hvis du tror at et viktig alternativ mangler kan du kontakte forfatteren</string> <string name="auth_username">Brukernavn</string> <string name="auth_pwquery">Passord</string> + <string name="static_keys_info">For den statiske konfigurasjonen vil TLS Auth Keys-ene bli brukt som statiske nøkler</string> <string name="configure_the_vpn">Konfigurer VPN</string> <string name="menu_add_profile">Legge til profil</string> <string name="add_profile_name_prompt">Angi et navn som identifiserer den nye profilen</string> + <string name="duplicate_profile_name">Skriv inn et unikt profilnavn</string> <string name="profilename">Profilnavn</string> + <string name="no_keystore_cert_selected">Du må velge et brukersertifikat</string> <string name="no_error_found">Ingen feil funnet</string> <string name="config_error_found">Feil i konfigurasjonen</string> + <string name="ipv4_format_error">Feil ved analyse av IPv4-adressen</string> + <string name="custom_route_format_error">Feil ved analyse av egendefinerte ruter</string> + <string name="pw_query_hint">(La stå tomt for å søke på forespørsel)</string> <string name="vpn_shortcut">OpenVPN snarvei</string> <string name="vpn_launch_title">Koble til VPN</string> + <string name="shortcut_profile_notfound">Profilen som er angitt i snarveien ble ikke funnet</string> <string name="random_host_prefix">Tilfeldig vert prefiks</string> + <string name="random_host_summary">Legger til 6 tilfeldige tegn foran vertsnavn</string> <string name="custom_config_title">Aktiver egendefinerte valg</string> + <string name="custom_config_summary">Angi egendefinerte alternativer. Brukes med forsiktighet!</string> + <string name="route_rejected">Route avvist av Android</string> <string name="cancel_connection">Koble fra</string> + <string name="cancel_connection_long">Koble fra VPN</string> <string name="clear_log">Tøm logg</string> <string name="title_cancel">Avbryt bekreftelse</string> + <string name="cancel_connection_query">Koble fra tilkoblet VPN-forbindelse / avbryt oppkoblingsforsøket ?</string> <string name="remove_vpn">Fjern VPN</string> + <string name="check_remote_tlscert">Kontrollerer om tjeneren bruker et sertifikat med TLS-servertillegg (--remote-cert-TLS-server)</string> + <string name="check_remote_tlscert_title">Forvent TLS-serversertifikat</string> + <string name="remote_tlscn_check_summary">Kontrollerer eksternt tjenersertifikatemne DN</string> + <string name="remote_tlscn_check_title">Sjekk av vertsnavn i sertifikat</string> <string name="tls_auth_file">TLS-Auth-fil</string> <string name="dns">DNS</string> <string name="dns_override_summary">Bruk din egen DNS-server</string> diff --git a/app/src/main/res/values-pl/strings-icsopenvpn.xml b/app/src/main/res/values-pl/strings-icsopenvpn.xml index d628da6c..495eb00e 100755 --- a/app/src/main/res/values-pl/strings-icsopenvpn.xml +++ b/app/src/main/res/values-pl/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-pt/strings-icsopenvpn.xml b/app/src/main/res/values-pt/strings-icsopenvpn.xml index 30bf569e..d0058c68 100755 --- a/app/src/main/res/values-pt/strings-icsopenvpn.xml +++ b/app/src/main/res/values-pt/strings-icsopenvpn.xml @@ -1,139 +1,255 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> <string name="address">Endereço do Servidor:</string> - <string name="port">Porta:</string> + <string name="port">Porta do Servidor:</string> <string name="location">Localização</string> - <string name="cant_read_folder">Não foi possível ler o diretório</string> + <string name="cant_read_folder">Não é possível ler o diretório</string> <string name="select">Selecionar</string> <string name="cancel">Cancelar</string> <string name="no_data">Não há dados</string> <string name="useLZO">Compressão LZO</string> - <string name="client_no_certificate">Sem Certificado</string> - <string name="client_certificate_title">Certificado do Cliente</string> - <string name="client_key_title">Chave do Certificado do Cliente</string> - <string name="client_pkcs12_title">Arquivo PKCS12</string> - <string name="ca_title">Certificado CA</string> - <string name="no_certificate">Você deve selecionar um certificado</string> - <string name="copyright_guicode">O código fonte e o rastreamento de incidentes estão disponíveis em http://code.google.com/p/ics-openvpn/</string> - <string name="copyright_others">Este programa utiliza os seguintes componentes; veja o código fonte para mais detalhes das licenças</string> + <string name="client_no_certificate">Nenhum certificado</string> + <string name="client_certificate_title">Certificado de cliente</string> + <string name="client_key_title">Chave de certificado de cliente</string> + <string name="client_pkcs12_title">Ficheiro PKCS12</string> + <string name="ca_title">Certificado de CA</string> + <string name="no_certificate">Deve selecionar um certificado</string> + <string name="copyright_guicode">Código fonte e controlo de problemas disponível em http://code.google.com/p/ics-openvpn/</string> + <string name="copyright_others">Este programa utiliza os seguintes componentes; Para mais detalhes sobre as licenças consultar o código-fonte</string> <string name="about">Sobre</string> <string name="vpn_list_title">Perfis</string> <string name="vpn_type">Tipo</string> - <string name="pkcs12pwquery">Senha do PKCS12</string> + <string name="pkcs12pwquery">Password PKCS12</string> <string name="file_select">Selecionar…</string> - <string name="file_nothing_selected">Você deve selecionar um arquivo</string> - <string name="useTLSAuth">Utilizar Autenticação TLS</string> + <string name="file_nothing_selected">É necessário selecionar um ficheiro</string> + <string name="useTLSAuth">Usar autenticação TLS</string> <string name="tls_direction">Direção TLS</string> - <string name="ipv6_dialog_tile">Entre o Endereço IPv6/CIDR (ex: 2000:dd::23/64)</string> - <string name="ipv4_dialog_title">Entre o endereço IPv4/CIDR (ex: 1.2.3.4/24)</string> + <string name="ipv6_dialog_tile">Digite o endereço de IPv6/máscara de rede no formato CIDR (por exemplo, 2000:dd::23 / 64)</string> + <string name="ipv4_dialog_title">Digite o endereço de IPv4/máscara de rede no formato CIDR (por exemplo, 1.2.3.4/24)</string> <string name="ipv4_address">Endereço IPv4</string> <string name="ipv6_address">Endereço IPv6</string> - <string name="custom_option_warning">Insira as opções personalizadas para o OpenVPN. Utilize com cuidado. Observe também que muitas das opções relacionadas ao tun do OpenVPN não podem ser suportadas pelo design do VPNSettings. Contate o autor se você acha que uma opção importante está faltando.</string> - <string name="auth_username">Usuário</string> - <string name="auth_pwquery">Senha</string> - <string name="static_keys_info">Para a configuração estática as chaves de autenticação de TLS serão utilizadas como chaves estáticas</string> - <string name="configure_the_vpn">Configurar VPN</string> - <string name="menu_add_profile">Adicionar Perfil</string> - <string name="add_profile_name_prompt">Digite um nome que identifica o novo perfil</string> - <string name="duplicate_profile_name">Por favor, digite um nome de perfil único</string> + <string name="custom_option_warning">Insira opções personalizadas para a ligação OpenVPN. Este opções devem ser usadas com precaução. Note-se também que muitas das opções para OpenVPN relacionados com tun não não suportadas propositadamente. Se achar que uma opção importante está falta entre em contato com o autor</string> + <string name="auth_username">Utilizador</string> + <string name="auth_pwquery">Password</string> + <string name="static_keys_info">Para a configuração estática as chaves de autenticação TLS serão usadas como chaves estáticas</string> + <string name="configure_the_vpn">Configurar a VPN</string> + <string name="menu_add_profile">Adicionar perfil</string> + <string name="add_profile_name_prompt">Digite um nome que identifique o novo perfil</string> + <string name="duplicate_profile_name">Por favor, digite um nome de perfil que não esteja já em uso</string> <string name="profilename">Nome do perfil</string> - <string name="no_keystore_cert_selected">Você deve selecionar um certificado de usuário</string> + <string name="no_keystore_cert_selected">Tem de selecionar um certificado de utilizador</string> <string name="no_error_found">Nenhum erro encontrado</string> <string name="config_error_found">Erro na configuração</string> <string name="ipv4_format_error">Erro ao analisar o endereço IPv4</string> <string name="custom_route_format_error">Erro ao analisar as rotas personalizadas</string> - <string name="pw_query_hint">(deixe em branco para consulta sob demanda)</string> + <string name="pw_query_hint">(deixe em branco para consulta a pedido)</string> <string name="vpn_shortcut">Atalho do OpenVPN</string> - <string name="vpn_launch_title">Conectar a VPN</string> - <string name="shortcut_profile_notfound">O perfil especificado no atalho não foi encontrado</string> + <string name="vpn_launch_title">Ligar à VPN</string> + <string name="shortcut_profile_notfound">Perfil especificado no atalho não encontrado</string> <string name="random_host_prefix">Prefixo de Host aleatório</string> - <string name="random_host_summary">Adiciona 6 caracteres aleatórios na frente do hostname</string> - <string name="custom_config_title">Habilitar opções personalizadas</string> - <string name="custom_config_summary">Opções personalizadas. Use com cuidado!</string> + <string name="random_host_summary">Adiciona 6 caracteres aleatórios ao nome do host</string> + <string name="custom_config_title">Ativar opções personalizadas</string> + <string name="custom_config_summary">Especifique as opções personalizadas. Use com cuidado!</string> <string name="route_rejected">Rota rejeitada pelo Android</string> <string name="cancel_connection">Desconectar</string> <string name="cancel_connection_long">Desconectar VPN</string> - <string name="clear_log">limpar log</string> - <string name="title_cancel">Cancelar confirmação</string> - <string name="cancel_connection_query">Desconectar a VPN conectada/cancelar a tentativa de conexão?</string> + <string name="clear_log">Limpar registo</string> + <string name="title_cancel">Cancelar Confirmação</string> <string name="remove_vpn">Remover VPN</string> - <string name="check_remote_tlscert">Verifica se o servidor usa um certificado com as extensões de servidor TLS (- servidor remoto-cert-TLS)</string> <string name="check_remote_tlscert_title">Esperar certificado do servidor TLS</string> - <string name="remote_tlscn_check_summary">Verifica o DN Subject do certificado do servidor remoto</string> - <string name="remote_tlscn_check_title">Verificar o Hostname do Certificado</string> - <string name="enter_tlscn_dialog">Especificar a conta usada para verificar o certificado remoto DN (por exemplo, C = DE, L = Paderborn, UO = aviária operadoras IP, CN=openvpn.blinkt.de)\n\Especificar o DN completo ou o RDN (openvpn.blinkt.de no exemplo) ou um prefixo RDN para verification.\n\nWhen usando o prefixo RDN \"Servidor\" corresponde a \"Server-1\" e \"Server-2\" \n\nDeixando vazio, o campo de texto irá verificar o RDN contra o servidor hostname.\n\nPara mais detalhes consulte a página principal do 2.3.1+ OpenVPN sob — verificar-X509-nome</string> - <string name="enter_tlscn_title">Subject do certificado remoto</string> - <string name="tls_key_auth">Permite a Autenticação de Chave TLS</string> - <string name="tls_auth_file">Arquivo de Auth TLS</string> - <string name="pull_on_summary">Solicitações de endereços de IP, rotas e opções de sincronização do servidor.</string> - <string name="pull_off_summary">Nenhuma informação é solicitada do servidor. Configurações precisam ser especificadas abaixo.</string> + <string name="remote_tlscn_check_title">Verificar nome de host do certificado</string> + <string name="enter_tlscn_title">Assunto do certificado remoto</string> + <string name="tls_key_auth">Ativa a autenticação de chave TLS</string> + <string name="tls_auth_file">Ficheiro de autenticação TLS</string> + <string name="pull_on_summary">Solicita endereços IP, rotas e tempo do servidor.</string> <string name="use_pull">Obter Configurações</string> <string name="dns">DNS</string> - <string name="override_dns">Substituir as configurações de DNS pelo servidor</string> - <string name="dns_override_summary">Use seus próprios servidores de DNS</string> + <string name="override_dns">Substituir configurações de DNS pelo servidor</string> + <string name="dns_override_summary">Use seus próprios servidores DNS</string> <string name="searchdomain">Domínio de pesquisa</string> - <string name="dns1_summary">Servidor DNS a ser usado.</string> + <string name="dns1_summary">Servidor de DNS a utilizar.</string> <string name="dns_server">Servidor DNS</string> <string name="secondary_dns_message">Servidor DNS secundário utilizado caso o servidor primário esteja inacessível.</string> <string name="backup_dns">Servidor DNS alternativo</string> - <string name="ignored_pushed_routes">Ignorar rotas empurradas</string> - <string name="ignore_routes_summary">Ignorar rota empurrada pelo servidor.</string> <string name="default_route_summary">Redireccionar todo o tráfego pela VPN</string> <string name="use_default_title">Usar rota padrão</string> - <string name="custom_route_message">Digite rotas personalizadas. Apenas indique destino em formato CIDR. \"10.0.0.0 / 8 2002 :: / 16\" iria dirigir as redes 10.0.0.0 / 8 e 2002 :: / 16 sobre a VPN.</string> - <string name="custom_route_message_excluded">As rotas que não devem ser encaminhados pelo VPN. Use a mesma sintaxe para rotas incluídas.</string> <string name="custom_routes_title">Rotas personalizadas</string> <string name="custom_routes_title_excluded">Redes excluídas</string> - <string name="log_verbosity_level">Nível de complexidade do log</string> - <string name="float_summary">Permite pacotes autenticados a partir de qualquer IP</string> + <string name="log_verbosity_level">Nível de verbosidade do log</string> <string name="float_title">Permitir servidor flutuante</string> <string name="custom_options_title">Opções personalizadas</string> - <string name="edit_vpn">Editar configurações de VPN</string> - <string name="remove_vpn_query">Remover o perfil VPN \'%s\'?</string> - <string name="tun_error_helpful">Em algumas imagens ICS personalizado a permissão em / dev / tun pode estar errada, ou o módulo tun pode estar faltando completamente. Para imagens CM9 tente a opção correção propriedade sobre as configurações gerais</string> - <string name="tun_open_error">Falha ao abrir a interface de tun</string> - <string name="error">"Erro:"</string> - <string name="clear">Claro</string> - <string name="last_openvpn_tun_config">Abrindo a interface tun:</string> - <string name="local_ip_info">Local IPv4: %1$s/%2$d IPv6:%3$s MTU:%4$d</string> - <string name="dns_server_info">Servidor DNS: %1$s, domínio: %2$s</string> + <string name="edit_vpn">Editar definições VPN</string> + <string name="remove_vpn_query">Remova o perfil VPN \'%s\'?</string> + <string name="tun_open_error">Falha ao abrir a interface tun</string> + <string name="error">"Erro: "</string> + <string name="clear">Limpar</string> + <string name="last_openvpn_tun_config">A abrir a interface tun:</string> + <string name="local_ip_info">Local IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string> + <string name="dns_server_info">Servidor DNS: %1$s, Dominio: %2$s</string> <string name="routes_info_incl">Rotas: %1$s %2$s</string> <string name="routes_info_excl">Rotas excluídas: %1$s %2$s</string> - <string name="routes_debug">Rotas VpnService instaladas: %1$s %2$s</string> + <string name="routes_debug">Rotas VpnService instaladas: %1$s %2$s</string> <string name="ip_not_cidr">Existem múltiplas informações de interface, %1$s e %2$s, a aplicação assume que o segundo endereço é um endereço \'peer\' do endereço remoto. Será usada uma máscara de rede /32 para o IP local. O modo estabelecido pela OpenVPN é \"%3$s\".</string> - <string name="route_not_cidr">Não consigo entender %1$s e %2$s como uma rota IP com máscara de rede CIDR, usando /32 como máscara de rede.</string> + <string name="route_not_cidr">não é possível fazer sentido de %1$s e %2$s como rotas de IP, com máscara de rede CIDR, será usada uma máscara de rede /32.</string> <string name="route_not_netip">A rota %1$s/%2$s foi corrigida para %3$s/%2$s</string> - <string name="keychain_access">Não é possível aceder aos certificados \'Keychain Android\'. Isso pode ter sido causado por uma atualização de firmware ou uma restauração das configurações da app/app. Será necessário editar o perfil VPN e selecionar novamente o certificado nas configurações básicas para recriar a permissão e possibilitar o acesso ao certificado.</string> + <string name="keychain_access">Não é possível aceder aos certificados \'Keychain Android\'. Isto pode ser causado por uma atualização de firmware ou um restauro das configurações da app/app. Será necessário editar o perfil VPN e selecionar novamente o certificado nas configurações básicas para recriar a permissão e possibilitar o acesso ao certificado.</string> <string name="version_info">%1$s %2$s</string> - <string name="send_logfile">Enviar arquivo de log</string> + <string name="send_logfile">Enviar o ficheiro de registo</string> <string name="send">Enviar</string> <string name="ics_openvpn_log_file">Ficheiro de registo do ICS OpenVPN</string> <string name="copied_entry">Entrada de registo copiada para a área de transferência</string> - <string name="tap_mode">Entrada de registo copiada para a área de transferência</string> + <string name="tap_mode">Modo Tap</string> <string name="faq_tap_mode">A API VPN não permite o modo Tap em dispositivos sem acesso root. Desta forma não é possível oferecer suporte Tap nesta aplicação</string> - <string name="tap_faq2">Novamente? Você está brincando? Não, o modo tap não é suportado de maneira nenhuma e enviar mais emails a perguntar se eventualmente será, não irá ajudar.</string> - <string name="faq">Perguntas frequentes</string> + <string name="tap_faq2">Novamente? Estamos a brincar? Não, o modo tap não é suportado de maneira nenhuma e enviar mais emails a perguntar se eventualmente será, não ai ajudar a que seja.</string> + <string name="tap_faq3">Uma terceira vez? Na verdade, se poderia escrever um um emulador de torneira baseado no tun que adicionar layer2 informações sobre envio e tira informações layer2 em receber. Mas este emulador de torneira também teria que implementar ARP e, possivelmente, um cliente DHCP. Eu não conheço ninguém fazer nenhum trabalho nesse sentido. Contacte-me se você deseja iniciar a codificação sobre isso. Mas este emulador tap também teria que implementar ARP e, possivelmente, um cliente DHCP. Eu não conheço ninguém a fazer nenhum trabalho nesse sentido. Contacte-me se conhece alguém ou deseja a escrever código nesse sentido.</string> + <string name="faq">Perguntas Frequentes</string> + <string name="copying_log_entries">Copia entradas de registo</string> + <string name="faq_copying">Para copiar uma única entrada do registo selecione e mantenha seleciona a respetiva entrada. Para copiar/enviar o registo completo use a opção enviar registo. Use o botão de menu do equipamento caso não esteja visível no GUI.</string> + <string name="faq_shortcut">Atalho para iniciar</string> + <string name="no_vpn_support_image">A imagem não suporta a API VPNService, lamentamos :(</string> <string name="encryption">Encriptação</string> + <string name="cipher_dialog_title">Digite o método de encriptação</string> + <string name="settings_auth">Autenticação/encriptação</string> + <string name="file_explorer_tab">Explorador de ficheiros</string> + <string name="inline_file_tab">Ficheiro embutido</string> + <string name="error_importing_file">Erro ao importar ficheiro</string> + <string name="import_error_message">Não foi possível importar o ficheiro</string> + <string name="inline_file_data">[[Dados do ficheiro embutido]]</string> + <string name="opentun_no_ipaddr">Impossível abrir dispositivo tun sem informações de IP</string> + <string name="menu_import">Importar Perfil a partir de um ficheiro ovpn</string> <string name="menu_import_short">Importar</string> + <string name="import_content_resolve_error">Não foi possível ler o perfil a importação</string> + <string name="error_reading_config_file">Erro ao ler o ficheiro de configuração</string> + <string name="add_profile">Adicionar perfil</string> + <string name="import_could_not_open">Não foi possível encontrar o ficheiro %1$s mencionado no ficheiro de configuração importado</string> + <string name="importing_config">A importar ficheiro configuração a partir de %1$s</string> + <string name="import_done">Terminou a leitura do ficheiro de configuração.</string> + <string name="nobind_summary">Não ligar a endereço e porta local</string> + <string name="no_bind">Não permitir ligações \'locais\'</string> + <string name="import_configuration_file">Importar o ficheiro de configuração</string> + <string name="faq_security_title">Considerações de segurança</string> + <string name="faq_security">"Como OpenVPN é segurança sensíveis algumas notas sobre segurança são sensatas. Todos os dados no sdcard é inerentemente inseguro. Cada aplicativo pode lê-lo (por exemplo, este programa não requer direitos especiais cartão SD). Os dados desta aplicação só pode ser lido pelo próprio aplicativo. Ao usar a opção de importação para cacert / cert / chave no diálogo os dados do arquivo é armazenado no perfil de VPN. Os perfis de VPN são acessíveis apenas por esta aplicação. (Não se esqueça de apagar as cópias no sd cartão depois). Mesmo com acesso apenas por este aplicativo os dados ainda não é criptografado. torcendo por telefone ou outros exploits pode ser possível recuperar os dados. senhas salvas são armazenadas em texto simples assim. Para arquivos PKCS12 é altamente recomendável que você importá-los para o armazenamento de chaves android. "</string> <string name="import_vpn">Importar</string> <string name="ipv4">IPv4</string> <string name="ipv6">IPv6</string> + <string name="speed_waiting">A esperar mensagem de estado...</string> + <string name="converted_profile">perfil importado</string> + <string name="converted_profile_i">Perfil importado %d</string> + <string name="broken_images">Imagens quebradas</string> + <string name="private_key_password">Senha de chave privada</string> <string name="password">Senha</string> + <string name="file_icon">ícone de ficheiro</string> + <string name="tls_authentication">Autenticação TLS</string> + <string name="generated_config">Config gerado</string> <string name="generalsettings">Configurações</string> + <string name="owner_fix">Corrija a propriedade de /dev/tun</string> + <string name="edit_profile_title">A editar \"%s\"</string> + <string name="building_configration">A preparar a configuração...</string> + <string name="netchange">Volte a ligar na mudança de rede</string> + <string name="netstatus">Estado da rede: %s</string> + <string name="select_file">Selecione</string> + <string name="show_log_window">Mostrar a janela de log</string> + <string name="faq_system_dialogs_title">Aviso de ligação e som de notificação</string> + <string name="ipdns">IP e DNS</string> + <string name="basic">Básico</string> + <string name="routing">Encaminhamento</string> <string name="advanced">Avançado</string> + <string name="faq_howto_title">Início Rápido</string> + <string name="using_proxy">A utilizar proxy %1$s %2$d</string> + <string name="use_system_proxy">Usar a proxy do sistema</string> + <string name="onbootrestart">Volte a ligar na reinicialização</string> <string name="ignore">Ignorar</string> <string name="restart">Reiniciar</string> - <string name="state_connecting">Conectando</string> + <string name="restart_vpn_after_change">As alterações de configuração são aplicadas depois de reiniciar a VPN. Reiniciar a VPN agora?</string> + <string name="configuration_changed">Configuração alterada</string> + <string name="faq_duplicate_notification_title">Notificações duplicadas</string> + <string name="no_vpn_profiles_defined">Não há perfis de VPN definidos.</string> + <string name="add_new_vpn_hint">Use o < img src = \"ic_menu_add\" / > ícone para adicionar uma nova VPN</string> + <string name="vpn_import_hint">Use o < img src = \"ic_menu_archive\" / > ícone para importar um perfil existente (ovpn ou conf) do seu sdcard.</string> + <string name="faq_routing_title">Configuração de roteamento/Interface</string> + <string name="persistent_tun_title">Tun Persistente</string> + <string name="openvpn_log">OpenVPN Log</string> + <string name="import_config">Importar configuração OpenVPN</string> + <string name="battery_consumption_title">Consumo de bateria</string> + <string name="vpn_tethering_title">VPN e Tethering</string> + <string name="connection_retries">Tentativas de ligação</string> + <string name="reconnection_settings">Configurações de religação</string> + <string name="connectretrywait">Segundos entre ligações</string> + <string name="send_minidump">Enviar Minidump para desenvolvedor</string> + <string name="notifcation_title">OpenVPN - %s</string> + <string name="session_ipv4string">%1$s - %2$s</string> + <string name="session_ipv6string">%1$s - %3$s, %2$s</string> + <string name="state_connecting">A ligar</string> + <string name="state_wait">A esperar pela resposta do servidor</string> <string name="state_auth">Autenticando</string> - <string name="state_connected">Conectado</string> - <string name="add">Add</string> - <string name="pauseVPN">Pausa VPN</string> + <string name="state_get_config">A obter a configuração do cliente</string> + <string name="state_assign_ip">Atribuindo endereços IP</string> + <string name="state_add_routes">Adicionando rotas</string> + <string name="state_connected">Ligado</string> + <string name="state_disconnected">Desligado</string> + <string name="state_reconnecting">A religar</string> + <string name="state_exiting">A sair</string> + <string name="state_noprocess">Parado</string> + <string name="state_resolve">A resolver nomes de host</string> + <string name="state_tcp_connect">A ligar (TCP)</string> + <string name="state_auth_failed">Falha na autenticação</string> + <string name="state_nonetwork">A aguardar rede utilizável</string> + <string name="statusline_bytecount">↓%2$s/s %1$s - ↑%4$s/s %3$s</string> + <string name="notifcation_title_notconnect">Não ligado</string> + <string name="start_vpn_title">A ligar a VPN %s</string> + <string name="start_vpn_ticker">A ligar a VPN %s</string> + <string name="encryption_cipher">Cifra de encriptação</string> + <string name="packet_auth">Autenticação de pacotes</string> + <string name="auth_dialog_title">Selecione o método de autenticação de pacotes</string> + <string name="built_by">Feito por %s</string> + <string name="debug_build">compilação de debug</string> + <string name="official_build">compilação oficial</string> + <string name="make_selection_inline">Copiar para o perfil</string> + <string name="crashdump">Crashdump</string> + <string name="add">Adicionar</string> + <string name="send_config">Enviar ficheiro de configuração</string> + <string name="complete_dn">DN completo</string> + <string name="rdn">RDN (nome comum)</string> + <string name="rdn_prefix">Prefixo RDN</string> + <string name="tls_remote_deprecated">TLS-remoto (obsoleto)</string> + <string name="help_translate">Pode ajudar a traduzir, visite http://crowdin.net/project/ics-openvpn/invite</string> + <string name="prompt">%1$s tenta controlar %2$s</string> + <string name="remote_trust">Confio nesta aplicação.</string> + <string name="no_external_app_allowed">Nenhuma app pode usar a API externa</string> + <string name="allowed_apps">Aplicações permitidas:%s</string> + <string name="save_password">Guardar senha</string> + <string name="pauseVPN">Pausar VPN</string> <string name="resumevpn">Retomar VPN</string> - <string name="uploaded_data">Upload</string> - <string name="downloaded_data">Download</string> - <string name="vpn_status">Vpn Status</string> - <string name="logview_options">Ver opções</string> + <string name="state_userpause">VPN pausado por solicitação do utilizador</string> + <string name="cannotparsecert">Não é possível mostrar as informações de certificado</string> + <string name="appbehaviour">Comportamento da aplicação</string> + <string name="vpnbehaviour">Comportamento VPN</string> + <string name="allow_vpn_changes">Permitir alterações aos perfis de VPN</string> + <string name="donatePlayStore">Como alternativa, pode enviar uma doação pela Play Store:</string> + <string name="thanks_for_donation">Obrigado por doar %s!</string> + <string name="logCleared">Log limpo.</string> + <string name="show_password">Mostrar a senha</string> + <string name="keyChainAccessError">Erro de acesso às chaves: %s</string> + <string name="timestamp_short">Curto</string> + <string name="timestamp_iso">ISO</string> + <string name="timestamps">Carimbos de hora</string> + <string name="timestamps_none">Nenhum</string> + <string name="uploaded_data">Fazer upload</string> + <string name="downloaded_data">Transferir</string> + <string name="vpn_status">Estado da VPN</string> + <string name="logview_options">Opções de visualização</string> + <string name="unhandled_exception">Unhandled exception: %1$s\n\n%2$s</string> + <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string> + <string name="full_licenses">Licenças completas</string> + <string name="blocklocal_title">Ignorar VPN para redes locais</string> + <string name="userpw_file">Ficheiro de utilizador/senha</string> + <string name="imported_from_file">[Importado de: %s]</string> + <string name="import_log">Log de importação:</string> </resources> diff --git a/app/src/main/res/values-ro/strings-icsopenvpn.xml b/app/src/main/res/values-ro/strings-icsopenvpn.xml index 8ae2770e..ef4e3a75 100755 --- a/app/src/main/res/values-ro/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ro/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-ru/strings-icsopenvpn.xml b/app/src/main/res/values-ru/strings-icsopenvpn.xml index 400269ec..e2bc930c 100755 --- a/app/src/main/res/values-ru/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ru/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> <!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-sv/strings-icsopenvpn.xml b/app/src/main/res/values-sv/strings-icsopenvpn.xml index 1e4f3635..9b974522 100755 --- a/app/src/main/res/values-sv/strings-icsopenvpn.xml +++ b/app/src/main/res/values-sv/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-tr/strings-icsopenvpn.xml b/app/src/main/res/values-tr/strings-icsopenvpn.xml index a40df5bf..90ad068d 100755 --- a/app/src/main/res/values-tr/strings-icsopenvpn.xml +++ b/app/src/main/res/values-tr/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -86,6 +90,7 @@ <string name="use_default_title">Varsayılan Yolu kullan</string> <string name="custom_route_message">Özel yolları girin. CIDR biçimde tek hedef girin. \"10.0.0.0 / 8 2002 :: / 16\" ağlar VPN üzerinden 10.0.0.0 / 8 ve 2002 :: / 16 doğrudan.</string> <string name="custom_routes_title">Özel Yollar</string> + <string name="custom_routes_title_excluded">Dışlanan Ağlar</string> <string name="log_verbosity_level">Ayrıntı düzeyi Log</string> <string name="float_summary">Herhangi bir IP kimlik doğrulaması paketlerini sağlar</string> <string name="float_title">Herhangi bir IP kimlik doğrulaması paketlerini sağlar</string> diff --git a/app/src/main/res/values-uk/strings-icsopenvpn.xml b/app/src/main/res/values-uk/strings-icsopenvpn.xml index 97a1e9a4..92637b74 100755 --- a/app/src/main/res/values-uk/strings-icsopenvpn.xml +++ b/app/src/main/res/values-uk/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> diff --git a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml index e49a2240..93e0cbb1 100755 --- a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml +++ b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml @@ -1,5 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -23,7 +27,7 @@ <string name="vpn_list_title">配置文件</string> <string name="vpn_type">类型</string> <string name="pkcs12pwquery">PKCS12 密码</string> - <string name="file_select">请选择...</string> + <string name="file_select">请选择…</string> <string name="file_nothing_selected">您必须选择一个文件</string> <string name="useTLSAuth">使用 TLS 身份验证</string> <string name="tls_direction">TLS 方向</string> @@ -85,7 +89,6 @@ <string name="use_default_title">使用默认路由</string> <string name="custom_route_message">输入自定义路由。输入 CIDR 格式地址。</string> <string name="custom_routes_title">自定义路由</string> - <string name="custom_routes_title_excluded">just</string> <string name="log_verbosity_level">日志详细级别</string> <string name="float_summary">允许来自任何 IP 的认证数据包</string> <string name="float_title">允许浮服务器</string> @@ -100,7 +103,6 @@ <string name="local_ip_info">本地 IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string> <string name="dns_server_info">DNS 服务器: %1$s, 域名: %2$s</string> <string name="routes_info_excl">排除的路由: %1$s %2$s</string> - <string name="routes_debug">China</string> <string name="ip_not_cidr">已获得接口信息 %1$s 以及 %2$s,将第二个地址作为远程地址。使用 /32 作为本地掩码。OpenVPN 给出的模式是 \"%3$s\"。</string> <string name="route_not_cidr">无法将 %1$s 和 %2$s 作为 CIDR 形式的路由,将使用 /32 的子网掩码。</string> <string name="route_not_netip">纠正路由 %1$s/%2$s 为 %3$s/%2$s</string> @@ -292,7 +294,7 @@ <string name="thanks_for_donation">感谢捐赠 %s!</string> <string name="logCleared">日志已清除。</string> <string name="show_password">显示密码</string> - <string name="keyChainAccessError">钥匙串访问错误: %s</string> + <string name="keyChainAccessError">钥匙串访问错误: %s</string> <string name="timestamp_short">短</string> <string name="timestamp_iso">ISO</string> <string name="timestamps">时间戳</string> diff --git a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml index e467dd5b..bd155362 100755 --- a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml +++ b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml @@ -1,5 +1,10 @@ <?xml version="1.0" encoding="utf-8"?> -<!--Generated by crowdin.net--> +<!--Generated by crowdin.com--> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> +<!-- Generated by crowdin.net --> <resources> <string name="address">伺服器地址:</string> @@ -19,9 +24,10 @@ <string name="copyright_guicode">取得原始碼與個案追蹤,可上 http://code.google.com/p/ics-openvpn/</string> <string name="copyright_others">本程序使用了以下元件,其作者和授權資訊如下</string> <string name="about">關於</string> + <string name="vpn_list_title">設定檔</string> <string name="vpn_type">類型</string> <string name="pkcs12pwquery">PKCS12 密碼</string> - <string name="file_select">選擇…</string> + <string name="file_select">選擇…</string> <string name="file_nothing_selected">你必須選擇一個檔案</string> <string name="useTLSAuth">使用傳輸層防火牆(TLS-Auth)</string> <string name="tls_direction">TLS方向</string> @@ -43,19 +49,22 @@ <string name="ipv4_format_error">解析IPv4地址時發生錯誤</string> <string name="custom_route_format_error">解析自訂路由時發生錯誤</string> <string name="vpn_shortcut">OpenVPN捷徑</string> - <string name="vpn_launch_title">連接到VPN</string> + <string name="vpn_launch_title">連線到VPN</string> <string name="shortcut_profile_notfound">在快捷方式找不到指定的設定檔</string> <string name="random_host_prefix">隨機主機名稱字首</string> <string name="random_host_summary">在主機名稱前加入6個隨機字符</string> <string name="custom_config_title">啟用自訂選項</string> <string name="custom_config_summary">自訂選項,使用時請小心!</string> <string name="route_rejected">路由被Android拒絕</string> - <string name="cancel_connection">斷線</string> + <string name="cancel_connection">中斷連線</string> + <string name="cancel_connection_long">中斷VPN連線</string> <string name="clear_log">清除記錄檔</string> <string name="title_cancel">確認取消</string> + <string name="cancel_connection_query">中斷已連接的VPN/取消正在嘗試的連線?</string> <string name="remove_vpn">移除VPN</string> - <string name="check_remote_tlscert">檢查對方出示的是否TLS伺服器憑證</string> - <string name="check_remote_tlscert_title">預期對方出示TLS伺服器憑證</string> + <string name="check_remote_tlscert_title">預計TLS服務器證書</string> + <string name="remote_tlscn_check_summary">檢查遠程服務器證書的主題DN</string> + <string name="remote_tlscn_check_title">證書的主機名檢查</string> <string name="tls_key_auth">啟用傳輸層防火牆(TLS-Auth)</string> <string name="tls_auth_file">TLS驗證檔</string> <string name="pull_on_summary">向伺服器請求IP地址, 路由和時間資訊</string> @@ -117,7 +126,9 @@ <string name="import_vpn">匯入</string> <string name="ipv4">IPv4</string> <string name="ipv6">IPv6</string> - <string name="speed_waiting">等待狀態訊息…</string> + <string name="speed_waiting">等待狀態訊息…</string> + <string name="converted_profile">匯入設定檔</string> + <string name="converted_profile_i">匯入設定檔%d</string> <string name="pkcs12_file_encryption_key">PKCS12檔加密金鑰</string> <string name="private_key_password">私密金鑰密碼</string> <string name="password">密碼</string> @@ -128,45 +139,55 @@ <string name="owner_fix">修正 /dev/tun 的擁有者</string> <string name="generated_config_summary">顯示本程序生成的設定檔</string> <string name="edit_profile_title">正在編輯\"%s\"</string> - <string name="building_configration">正在生成設定檔…</string> - <string name="netchange_summary">當網絡狀況變更時強制重新連接(例如從WiFi變成手機網絡,反之亦然)</string> - <string name="netchange">網絡異動時重新連接</string> + <string name="building_configration">正在生成設定檔…</string> + <string name="netchange_summary">若切換此選項當網絡狀況變更時將強制重新連線(例如從WiFi變成手機網絡,反之亦然)</string> + <string name="netchange">網絡異動時重新連線</string> <string name="netstatus">網絡狀態: %s</string> <string name="select_file">選擇</string> + <string name="show_log_summary">連接時顯示記錄檔視窗。記錄檔視窗可以隨時從通知欄中進入。</string> <string name="show_log_window">顯示記錄視窗</string> <string name="mobile_info">於 %1$s (%2$s) %3$s 上運行, Android API 版本: %4$d</string> <string name="faq_system_dialogs_title">連線警告和通知時發出音效</string> - <string name="translationby">繁體中文 由 羊羊@自由網絡研究中心 <sora8964@gmail.com> 翻譯</string> + <string name="translationby">繁體中文</string> <string name="ipdns">IP和DNS</string> <string name="basic">基本</string> <string name="routing">路由</string> <string name="obscure">鮮為人知的OpenVPN設定,一般情況下不需要派上用場。</string> <string name="advanced">進階</string> <string name="export_config_title">ICS Openvpn 設定</string> - <string name="warn_no_dns">沒有任何DNS伺服器可用,可能無法進行網域名稱解析。請考慮設置自訂的DNS伺服器</string> <string name="faq_howto_title">快速入門</string> <string name="setting_loadtun_summary">在連線前嘗試載入Tun模組,需要Root。</string> <string name="setting_loadtun">載入Tun模組</string> <string name="getproxy_error">取得代理伺服器資訊時發生錯誤: %s</string> <string name="using_proxy">使用代理伺服器 %1$s %2$d</string> <string name="use_system_proxy">使用系統代理</string> - <string name="use_system_proxy_summary">使用系統配置的 HTTP/HTTPS 代理伺服器進行連接。</string> + <string name="use_system_proxy_summary">使用系統配置的 HTTP/HTTPS 代理伺服器進行連線。</string> <string name="donatewithpaypal">你可以透過 <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPal</a> 提供捐助</string> - <string name="onbootrestartsummary">如果在重新開機或關機前正連接VPN,開機時自動重新連接。在使用這個選項之前請先閱讀連線警告FAQ。</string> - <string name="onbootrestart">開機時重新連接</string> + <string name="onbootrestartsummary">如果在重新開機或關機前正連線VPN,開機時自動重新連線。在使用這個選項之前請先閱讀連線警告FAQ。</string> + <string name="onbootrestart">開機時重新連線</string> <string name="ignore">忽略</string> <string name="restart">重置</string> <string name="restart_vpn_after_change">配置變更只會在重新啟動VPN時才生效,現在要(重新)啟動VPN嗎?</string> <string name="configuration_changed">設定已變更</string> + <string name="log_no_last_vpn">無法判斷最後一次連線使用的設定檔,因此無法編輯設定檔。</string> <string name="faq_duplicate_notification_title">重複的通知</string> <string name="faq_routing_title">路由/網絡介面 設定</string> <string name="openvpn_log">OpenVPN 運作記錄</string> <string name="import_config">匯入 OpenVPN 配置</string> <string name="battery_consumption_title">電池消耗</string> <string name="vpn_tethering_title">VPN與可攜式無線基地台</string> - <string name="connection_retries">連線重試次數</string> - <string name="connectretrymessage">嘗試重新連線之間的等待秒數</string> - <string name="connectretrywait">重新連接間隔時間</string> + <string name="connection_retries">重新連線次數</string> + <string name="reconnection_settings">重新連線設定</string> + <string name="connectretrymessage">嘗試重新連線之間的等待秒數。</string> + <string name="connectretrywait">重新連線的間隔時間</string> <string name="minidump_generated">OpenVPN非預期地崩潰,你或者會考慮在主選單下傳送Minidump給開發人員。</string> <string name="send_minidump">向開發人員傳送Minidump</string> + <string name="state_connecting">連線中</string> + <string name="state_connected">已連線</string> + <string name="state_disconnected">中斷連線</string> + <string name="state_reconnecting">正在重新連線</string> + <string name="state_tcp_connect">連線中 (TCP)</string> + <string name="notifcation_title_notconnect">未連線</string> + <string name="start_vpn_title">正在連接至 VPN %s</string> + <string name="start_vpn_ticker">正在連接至 VPN %s</string> </resources> diff --git a/app/src/main/res/values/dimens.xml b/app/src/main/res/values/dimens.xml index 4f325078..9a53fe4c 100644 --- a/app/src/main/res/values/dimens.xml +++ b/app/src/main/res/values/dimens.xml @@ -1,4 +1,9 @@ <?xml version="1.0" encoding="utf-8"?> +<!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> + <resources> <dimen name="paddingItemsSidebarLog">20dp</dimen> <dimen name="stdpadding">8dp</dimen> diff --git a/app/src/main/res/values/strings-icsopenvpn.xml b/app/src/main/res/values/strings-icsopenvpn.xml index aadbff32..15bf8142 100755 --- a/app/src/main/res/values/strings-icsopenvpn.xml +++ b/app/src/main/res/values/strings-icsopenvpn.xml @@ -1,4 +1,7 @@ -<?xml version="1.0" encoding="utf-8"?> <!-- Generated by crowdin.net --> +<?xml version="1.0" encoding="utf-8"?> <!-- + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <!-- Generated by crowdin.net --> <resources> @@ -323,5 +326,7 @@ <string name="mssfix_value_dialog">Announce to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed this number of bytes. (default is 1450)</string> <string name="mssfix_checkbox">Override MSS value of TCP payload</string> <string name="mssfix_dialogtitle">Set MSS of TCP payload</string> + <string name="client_behaviour">Client behaviour</string> + <string name="clear_external_apps">Clear allowed external apps</string> </resources> diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 8c815786..3666b39c 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -63,6 +63,7 @@ <string name="log_out_failed_message">Didn\'t logged out.</string> <string name="succesful_authentication_message">Authentication succeeded.</string> <string name="authentication_failed_message">Authentication failed.</string> + <string name="registration_failed_message">Registration failed..</string> <string name="successful_authed_cert_downloaded_message">Your own cert has been correctly downloaded.</string> <string name="authed_cert_download_failed_message">Your own cert has incorrectly been downloaded.</string> <string name="eip_status_start_pending">Initiating connection</string> diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml index 95e709b3..7b26a4a7 100644 --- a/app/src/main/res/values/styles.xml +++ b/app/src/main/res/values/styles.xml @@ -1,20 +1,8 @@ <?xml version="1.0" encoding="utf-8"?> <!-- - Copyright (C) 2011 The Android Open Source Project - Copyright (C) 2012 Arne Schwabe - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> + ~ Copyright (c) 2012-2014 Arne Schwabe + ~ Distributed under the GNU GPL v2. For full terms see the file doc/LICENSE.txt + --> <resources> diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index b45d5ae7..619a550f 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -2450,4 +2450,24 @@ + + + + + + + + + + + + + + + + + + + + </resources>
\ No newline at end of file diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index b5a57234..03930c61 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -1,278 +1,372 @@ -/**
- * Copyright (c) 2013 LEAP Encryption Access Project and contributers
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
- package se.leap.bitmaskclient;
-
- - - -
-
-import android.app.Activity;
-import android.app.DialogFragment;
-import android.app.Fragment;
-import android.app.FragmentManager;
-import android.app.FragmentTransaction;
-import android.content.BroadcastReceiver;
-import android.content.Context;
-import android.content.Intent;
-import android.content.IntentFilter;
-import android.content.SharedPreferences;
-import android.content.res.AssetManager;
-import android.os.Bundle;
-import android.os.Handler;
-import android.util.Log;
-import android.view.Display;
-import android.view.Menu;
-import android.view.MenuItem;
-import android.view.View.MeasureSpec;
-import android.view.View;
-import android.view.ViewGroup;
-import android.view.WindowManager;
-import android.widget.ListAdapter;
-import android.widget.ListView;
-import android.widget.ProgressBar;
-import android.widget.ProgressBar;
-import android.widget.RelativeLayout;
-import android.widget.TextView;
-import java.io.IOException;
+/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package se.leap.bitmaskclient; + +import android.app.Activity; +import android.app.DialogFragment; +import android.app.Fragment; +import android.app.FragmentTransaction; +import android.content.BroadcastReceiver; +import android.content.Context; +import android.content.Intent; +import android.content.IntentFilter; +import android.content.SharedPreferences; +import android.content.res.AssetManager; +import android.os.Bundle; +import android.os.Handler; +import android.util.Log; +import android.view.Display; +import android.view.Menu; +import android.view.MenuItem; +import android.view.View.MeasureSpec; +import android.view.View; +import android.view.ViewGroup; +import android.view.WindowManager; +import android.widget.ListAdapter; +import android.widget.ListView; +import android.widget.ProgressBar; +import android.widget.ProgressBar; +import android.widget.RelativeLayout; +import android.widget.TextView; +import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; -import java.util.Iterator;
-import org.json.JSONException;
-import org.json.JSONObject;
+import java.util.Iterator; +import org.json.JSONException; +import org.json.JSONObject; + import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; +import se.leap.bitmaskclient.FragmentManagerEnhanced; + import se.leap.bitmaskclient.R; -
-/**
- * Activity that builds and shows the list of known available providers.
- *
- * It also allows the user to enter custom providers with a button.
- *
- * @author parmegv
- *
- */
-public class ConfigurationWizard extends Activity
-implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver {
-
- private ProgressBar mProgressBar;
- private TextView progressbar_description;
- private ProviderListFragment provider_list_fragment;
- private Intent mConfigState = new Intent();
-
- final public static String TAG = "se.leap.bitmaskclient.ConfigurationWizard";
- final public static String TYPE_OF_CERTIFICATE = "type_of_certificate";
- final public static String ANON_CERTIFICATE = "anon_certificate";
- final public static String AUTHED_CERTIFICATE = "authed_certificate";
-
- final protected static String PROVIDER_SET = "PROVIDER SET";
- final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED";
+ +/** + * Activity that builds and shows the list of known available providers. + * + * It also allows the user to enter custom providers with a button. + * + * @author parmegv + * + */ +public class ConfigurationWizard extends Activity +implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { + + private ProgressBar mProgressBar; + private TextView progressbar_description; + private ProviderListFragment provider_list_fragment; + private Intent mConfigState = new Intent(); + + final public static String TAG = ConfigurationWizard.class.getSimpleName(); + final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; + final public static String ANON_CERTIFICATE = "anon_certificate"; + final public static String AUTHED_CERTIFICATE = "authed_certificate"; + + final protected static String PROVIDER_SET = "PROVIDER SET"; + final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; final protected static String ASSETS_URL_FOLDER = "urls"; -
- public ProviderAPIResultReceiver providerAPI_result_receiver;
+ + public ProviderAPIResultReceiver providerAPI_result_receiver; private ProviderAPIBroadcastReceiver_Update providerAPI_broadcast_receiver_update; - private static SharedPreferences preferences;
+ private static SharedPreferences preferences; + FragmentManagerEnhanced fragment_manager; private static boolean setting_up_provider = false; -
- @Override
- protected void onCreate(Bundle savedInstanceState) {
- super.onCreate(savedInstanceState);
- preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE);
-
- setContentView(R.layout.configuration_wizard_activity);
- mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard);
- mProgressBar.setVisibility(ProgressBar.INVISIBLE);
- progressbar_description = (TextView) findViewById(R.id.progressbar_description);
- progressbar_description.setVisibility(TextView.INVISIBLE);
- providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
- providerAPI_result_receiver.setReceiver(this);
- providerAPI_broadcast_receiver_update = new ProviderAPIBroadcastReceiver_Update();
- IntentFilter update_intent_filter = new IntentFilter(ProviderAPI.UPDATE_PROGRESSBAR);
- update_intent_filter.addCategory(Intent.CATEGORY_DEFAULT);
- registerReceiver(providerAPI_broadcast_receiver_update, update_intent_filter);
-
- loadPreseededProviders();
-
- // Only create our fragments if we're not restoring a saved instance
- if ( savedInstanceState == null ){
- // TODO Some welcome screen?
- // We will need better flow control when we have more Fragments (e.g. user auth)
- provider_list_fragment = ProviderListFragment.newInstance();
- Bundle arguments = new Bundle();
- int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1);
- if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) {
- arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true);
- }
- provider_list_fragment.setArguments(arguments);
-
- FragmentManager fragmentManager = getFragmentManager();
- fragmentManager.beginTransaction()
- .replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG)
- .commit();
- }
-
- // TODO: If exposing deep links into your app, handle intents here.
- }
-
- @Override
- protected void onDestroy() {
- super.onDestroy();
- unregisterReceiver(providerAPI_broadcast_receiver_update);
- }
-
- public void refreshProviderList(int top_padding) {
- ProviderListFragment new_provider_list_fragment = new ProviderListFragment();
- Bundle top_padding_bundle = new Bundle();
- top_padding_bundle.putInt(ProviderListFragment.TOP_PADDING, top_padding);
- new_provider_list_fragment.setArguments(top_padding_bundle);
-
- FragmentManager fragmentManager = getFragmentManager();
- fragmentManager.beginTransaction()
- .replace(R.id.configuration_wizard_layout, new_provider_list_fragment, ProviderListFragment.TAG)
- .commit();
- }
-
- @Override
- public void onReceiveResult(int resultCode, Bundle resultData) {
- if(resultCode == ProviderAPI.PROVIDER_OK) {
- mConfigState.setAction(PROVIDER_SET);
-
- if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){
- mConfigState.putExtra(SERVICES_RETRIEVED, true);
- downloadAnonCert();
- } else {
- mProgressBar.incrementProgressBy(1);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- setResult(RESULT_OK); - showProviderDetails(getCurrentFocus());
- } - } else if(resultCode == ProviderAPI.PROVIDER_NOK) {
- //refreshProviderList(0); - String reason_to_fail = resultData.getString(ProviderAPI.ERRORS);
- showDownloadFailedDialog(getCurrentFocus(), reason_to_fail);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE); - preferences.edit().remove(Provider.KEY).commit();
- setting_up_provider = false; - setResult(RESULT_CANCELED, mConfigState);
- }
- else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) {
- mProgressBar.incrementProgressBy(1);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- //refreshProviderList(0);
- setResult(RESULT_OK);
- showProviderDetails(getCurrentFocus());
- } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) {
- //refreshProviderList(0);
- mProgressBar.setVisibility(ProgressBar.GONE);
- progressbar_description.setVisibility(TextView.GONE);
- //Toast.makeText(getApplicationContext(), R.string.incorrectly_downloaded_certificate_message, Toast.LENGTH_LONG).show();
- setResult(RESULT_CANCELED, mConfigState);
- } else if(resultCode == AboutActivity.VIEWED) { - // Do nothing, right now - // I need this for CW to wait for the About activity to end before going back to Dashboard. - } - }
-
- /**
- * Callback method from {@link ProviderListFragment.Callbacks}
- * indicating that the item with the given ID was selected.
- */
- @Override
- public void onItemSelected(String id) {
- //TODO Code 2 pane view
- // resetOldConnection();
- ProviderItem selected_provider = getProvider(id);
- int provider_index = getProviderIndex(id);
- - - startProgressBar(provider_index+1); - provider_list_fragment.hideAllBut(provider_index); - - setUpProvider(selected_provider.providerMainUrl()); - }
-
- @Override
- public void onBackPressed() {
+ + @Override + protected void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); + fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + + setUpInitialUI(); + + loadPreseededProviders(); + + setUpProviderAPIResultReceiver(); + + // Only create our fragments if we're not restoring a saved instance + if ( savedInstanceState == null ) { + // TODO Some welcome screen? + // We will need better flow control when we have more Fragments (e.g. user auth) + setUpProviderList(); + } + + // TODO: If exposing deep links into your app, handle intents here. + } + + private void setUpInitialUI() { + setContentView(R.layout.configuration_wizard_activity); + + hideProgressBar(); + } + + private void hideProgressBar() { + mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard); + mProgressBar.setVisibility(ProgressBar.INVISIBLE); + + progressbar_description = (TextView) findViewById(R.id.progressbar_description); + progressbar_description.setVisibility(TextView.INVISIBLE); + } + + private void setUpProviderList() { + provider_list_fragment = ProviderListFragment.newInstance(); + + Bundle arguments = new Bundle(); + int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); + if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) + arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); + + provider_list_fragment.setArguments(arguments); + + putProviderListFragment(provider_list_fragment); + } + + private void putProviderListFragment(ProviderListFragment fragment) { + fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); + } + + @Override + protected void onDestroy() { + super.onDestroy(); + unregisterReceiver(providerAPI_broadcast_receiver_update); + } + + private void setUpProviderAPIResultReceiver() { + providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); + providerAPI_result_receiver.setReceiver(this); + providerAPI_broadcast_receiver_update = new ProviderAPIBroadcastReceiver_Update(); + + IntentFilter update_intent_filter = new IntentFilter(ProviderAPI.UPDATE_PROGRESSBAR); + update_intent_filter.addCategory(Intent.CATEGORY_DEFAULT); + registerReceiver(providerAPI_broadcast_receiver_update, update_intent_filter); + } + + @Override + public void onReceiveResult(int resultCode, Bundle resultData) { + if(resultCode == ProviderAPI.PROVIDER_OK) { + mConfigState.setAction(PROVIDER_SET); + + if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){ + mConfigState.putExtra(SERVICES_RETRIEVED, true); + + downloadAnonCert(); + } else { + mProgressBar.incrementProgressBy(1); + hideProgressBar(); + + setResult(RESULT_OK); + + showProviderDetails(); + } + } else if(resultCode == ProviderAPI.PROVIDER_NOK) { + hideProgressBar(); + preferences.edit().remove(Provider.KEY).commit(); + setting_up_provider = false; + + setResult(RESULT_CANCELED, mConfigState); + + String reason_to_fail = resultData.getString(ProviderAPI.ERRORS); + showDownloadFailedDialog(getCurrentFocus(), reason_to_fail); + } + else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { + mProgressBar.incrementProgressBy(1); + hideProgressBar(); + + setResult(RESULT_OK); + + showProviderDetails(); + } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { + hideProgressBar(); + + setResult(RESULT_CANCELED, mConfigState); + } else if(resultCode == AboutActivity.VIEWED) { + // Do nothing, right now + // I need this for CW to wait for the About activity to end before going back to Dashboard. + } + } + + /** + * Callback method from {@link ProviderListFragment.Callbacks} + * indicating that the item with the given ID was selected. + */ + @Override + public void onItemSelected(String id) { + //TODO Code 2 pane view + ProviderItem selected_provider = getProvider(id); + int provider_index = getProviderIndex(id); + + startProgressBar(provider_index+1); + provider_list_fragment.hideAllBut(provider_index); + + setUpProvider(selected_provider.providerMainUrl()); + } + + @Override + public void onBackPressed() { if(setting_up_provider) { stopSettingUpProvider(); - } else {
+ } else { usualBackButton(); } } -
- private void stopSettingUpProvider() {
- ProviderAPI.stop();
- mProgressBar.setVisibility(ProgressBar.GONE);
- mProgressBar.setProgress(0);
- progressbar_description.setVisibility(TextView.GONE);
- preferences.edit().remove(Provider.KEY).commit();
- setting_up_provider = false;
+ + private void stopSettingUpProvider() { + ProviderAPI.stop(); + mProgressBar.setVisibility(ProgressBar.GONE); + mProgressBar.setProgress(0); + progressbar_description.setVisibility(TextView.GONE); + preferences.edit().remove(Provider.KEY).commit(); + setting_up_provider = false; showAllProviders(); - }
-
- private void usualBackButton() {
- try {
- boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false;
- boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false;
- if(!is_provider_set_up || !is_provider_set_up_truly) {
- askDashboardToQuitApp();
- } else {
- setResult(RESULT_OK);
- }
- } catch (JSONException e) {
- askDashboardToQuitApp();
- super.onBackPressed();
- e.printStackTrace();
- }
- super.onBackPressed();
- }
- private void askDashboardToQuitApp() {
- Intent ask_quit = new Intent();
- ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT);
- setResult(RESULT_CANCELED, ask_quit);
- }
-
- private ProviderItem getProvider(String name) {
- Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator();
- while(providers_iterator.hasNext()) {
- ProviderItem provider = providers_iterator.next();
- if(provider.name().equalsIgnoreCase(name)) {
- return provider;
- }
- }
- return null;
- }
-
- private String getId(String provider_main_url_string) { + } + + private void usualBackButton() { + try { + boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false; + boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false; + if(!is_provider_set_up || !is_provider_set_up_truly) { + askDashboardToQuitApp(); + } else { + setResult(RESULT_OK); + } + } catch (JSONException e) { + askDashboardToQuitApp(); + super.onBackPressed(); + e.printStackTrace(); + } + super.onBackPressed(); + } + private void askDashboardToQuitApp() { + Intent ask_quit = new Intent(); + ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT); + setResult(RESULT_CANCELED, ask_quit); + } + + private ProviderItem getProvider(String name) { + Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); + while(providers_iterator.hasNext()) { + ProviderItem provider = providers_iterator.next(); + if(provider.name().equalsIgnoreCase(name)) { + return provider; + } + } + return null; + } + + private void startProgressBar() { + mProgressBar.setVisibility(ProgressBar.VISIBLE); + progressbar_description.setVisibility(TextView.VISIBLE); + mProgressBar.setProgress(0); + mProgressBar.setMax(3); + } + + private void startProgressBar(int list_item_index) { + startProgressBar(); + int measured_height = listItemHeight(list_item_index); + mProgressBar.setTranslationY(measured_height); + progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); + } + + private int getProviderIndex(String id) { + int index = 0; + Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); + while(providers_iterator.hasNext()) { + ProviderItem provider = providers_iterator.next(); + if(provider.name().equalsIgnoreCase(id)) { + break; + } else index++; + } + return index; + } + + private int listItemHeight(int list_item_index) { + ListView provider_list_view = (ListView)findViewById(android.R.id.list); + ListAdapter provider_list_adapter = provider_list_view.getAdapter(); + View listItem = provider_list_adapter.getView(0, null, provider_list_view); + listItem.setLayoutParams(new RelativeLayout.LayoutParams( + RelativeLayout.LayoutParams.WRAP_CONTENT, + RelativeLayout.LayoutParams.WRAP_CONTENT)); + WindowManager wm = (WindowManager) getApplicationContext() + .getSystemService(Context.WINDOW_SERVICE); + Display display = wm.getDefaultDisplay(); + int screenWidth = display.getWidth(); // deprecated + + int listViewWidth = screenWidth - 10 - 10; + int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth, + MeasureSpec.AT_MOST); + listItem.measure(widthSpec, 0); + + return listItem.getMeasuredHeight(); +} + + /** + * Loads providers data from url files contained in the assets folder + * @return true if the files were correctly read + */ + private boolean loadPreseededProviders() { + boolean loaded_preseeded_providers = true; + try { + //TODO Put that folder in a better place (also inside the "for") + String[] urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); + for(String url_filepath : urls_filepaths) { + addNewProviderToList(url_filepath); + } + } catch (IOException e) { + loaded_preseeded_providers = false; + } + + return loaded_preseeded_providers; + } + + private void addNewProviderToList(String url_filepath) { + String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); + if(getId(provider_main_url).isEmpty()) { + String provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); + ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); + } + } + + private String extractProviderMainUrlFromAssetsFile(String filepath) { + String provider_main_url = ""; + try { + InputStream input_stream_file_contents = getAssets().open(filepath); + byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; + input_stream_file_contents.read(urls_file_bytes); + String urls_file_content = new String(urls_file_bytes); + JSONObject file_contents = new JSONObject(urls_file_content); + provider_main_url = file_contents.getString(Provider.MAIN_URL); + } catch (JSONException e) { + } catch (IOException e) { + } + return provider_main_url; + } + + private String getId(String provider_main_url) { try { - URL provider_url = new URL(provider_main_url_string); - URL aux_provider_url; + URL provider_url = new URL(provider_main_url); Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator(); while(providers_iterator.hasNext()) { ProviderItem provider = providers_iterator.next(); - aux_provider_url = new URL(provider.providerMainUrl()); + URL aux_provider_url = new URL(provider.providerMainUrl()); if(isSameURL(provider_url, aux_provider_url)) { return provider.name(); } @@ -281,7 +375,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD e.printStackTrace(); } return ""; - }
+ } /** * Checks, whether 2 urls are pointing to the same location. @@ -303,214 +397,106 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } return true; } -
- private void startProgressBar() {
- mProgressBar.setVisibility(ProgressBar.VISIBLE);
- mProgressBar.setProgress(0);
- mProgressBar.setMax(3);
- }
-
- private void startProgressBar(int list_item_index) {
- mProgressBar.setVisibility(ProgressBar.VISIBLE);
- progressbar_description.setVisibility(TextView.VISIBLE);
- mProgressBar.setProgress(0);
- mProgressBar.setMax(3);
- int measured_height = listItemHeight(list_item_index);
- mProgressBar.setTranslationY(measured_height);
- progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight());
- }
-
- private int getProviderIndex(String id) {
- int index = 0;
- Iterator<ProviderItem> providers_iterator = ProviderListContent.ITEMS.iterator();
- while(providers_iterator.hasNext()) {
- ProviderItem provider = providers_iterator.next();
- if(provider.name().equalsIgnoreCase(id)) {
- break;
- } else index++; - }
- return index;
- }
-
- private int listItemHeight(int list_item_index) {
- ListView provider_list_view = (ListView)findViewById(android.R.id.list);
- ListAdapter provider_list_adapter = provider_list_view.getAdapter();
- View listItem = provider_list_adapter.getView(0, null, provider_list_view);
- listItem.setLayoutParams(new RelativeLayout.LayoutParams(
- RelativeLayout.LayoutParams.WRAP_CONTENT,
- RelativeLayout.LayoutParams.WRAP_CONTENT));
- WindowManager wm = (WindowManager) getApplicationContext()
- .getSystemService(Context.WINDOW_SERVICE);
- Display display = wm.getDefaultDisplay();
- int screenWidth = display.getWidth(); // deprecated
-
- int listViewWidth = screenWidth - 10 - 10;
- int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth,
- MeasureSpec.AT_MOST);
- listItem.measure(widthSpec, 0);
-
- return listItem.getMeasuredHeight();
-}
-
- /** - * Loads providers data from url files contained in the assets folder - * @return true if the files were correctly read - */ - private boolean loadPreseededProviders() { - boolean loaded_preseeded_providers = false; - String[] urls_filepaths = null; - try { - //TODO Put that folder in a better place (also inside the "for") - urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); - String provider_name = ""; - for(String url_filepath : urls_filepaths) { - provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); - String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); - if(getId(provider_main_url).isEmpty()) - ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); - loaded_preseeded_providers = true;
- } - } catch (IOException e) { - loaded_preseeded_providers = false; + + /** + * Asks ProviderAPI to download an anonymous (anon) VPN certificate. + */ + private void downloadAnonCert() { + Intent provider_API_command = new Intent(this, ProviderAPI.class); + + Bundle parameters = new Bundle(); + + parameters.putString(TYPE_OF_CERTIFICATE, ANON_CERTIFICATE); + + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); + provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + + startService(provider_API_command); } - return loaded_preseeded_providers; - } - - private String extractProviderMainUrlFromAssetsFile(String filepath) { - String provider_main_url = ""; - try { - InputStream input_stream_file_contents = getAssets().open(filepath); - byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - input_stream_file_contents.read(urls_file_bytes); - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); - } catch (JSONException e) { - } catch (IOException e) { + /** + * Open the new provider dialog + */ + public void addAndSelectNewProvider() { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); + DialogFragment newFragment = NewProviderDialog.newInstance(); + newFragment.show(fragment_transaction, NewProviderDialog.TAG); } - return provider_main_url; - } - - /**
- * Asks ProviderAPI to download an anonymous (anon) VPN certificate.
- */
- private void downloadAnonCert() {
- Intent provider_API_command = new Intent(this, ProviderAPI.class);
-
- Bundle parameters = new Bundle();
-
- parameters.putString(TYPE_OF_CERTIFICATE, ANON_CERTIFICATE);
-
- provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE);
- provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
- provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
-
- startService(provider_API_command);
- }
-
- /**
- * Open the new provider dialog
- */
- public void addAndSelectNewProvider() {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_new_provider_dialog = getFragmentManager().findFragmentByTag(NewProviderDialog.TAG);
- if (previous_new_provider_dialog != null) {
- fragment_transaction.remove(previous_new_provider_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = NewProviderDialog.newInstance();
- newFragment.show(fragment_transaction, NewProviderDialog.TAG);
- }
-
- /**
- * Open the new provider dialog with data
- */
+ + /** + * Open the new provider dialog with data + */ public void addAndSelectNewProvider(String main_url) { - FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_new_provider_dialog = getFragmentManager().findFragmentByTag(NewProviderDialog.TAG);
- if (previous_new_provider_dialog != null) {
- fragment_transaction.remove(previous_new_provider_dialog);
- }
-
- DialogFragment newFragment = NewProviderDialog.newInstance();
- Bundle data = new Bundle();
- data.putString(Provider.MAIN_URL, main_url);
- newFragment.setArguments(data);
- newFragment.show(fragment_transaction, NewProviderDialog.TAG);
- }
-
- /**
- * Once selected a provider, this fragment offers the user to log in,
- * use it anonymously (if possible)
- * or cancel his/her election pressing the back button.
- * @param view
- * @param reason_to_fail
- */
- public void showDownloadFailedDialog(View view, String reason_to_fail) {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_provider_details_dialog = getFragmentManager().findFragmentByTag(DownloadFailedDialog.TAG);
- if (previous_provider_details_dialog != null) {
- fragment_transaction.remove(previous_provider_details_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail);
- newFragment.show(fragment_transaction, DownloadFailedDialog.TAG);
- }
-
- /**
- * Once selected a provider, this fragment offers the user to log in,
- * use it anonymously (if possible)
- * or cancel his/her election pressing the back button.
- * @param view
- */
- public void showProviderDetails(View view) {
- if(setting_up_provider) {
- FragmentTransaction fragment_transaction = getFragmentManager().beginTransaction();
- Fragment previous_provider_details_dialog = getFragmentManager().findFragmentByTag(ProviderDetailFragment.TAG);
- if (previous_provider_details_dialog != null) {
- fragment_transaction.remove(previous_provider_details_dialog);
- }
- fragment_transaction.addToBackStack(null);
-
- DialogFragment newFragment = ProviderDetailFragment.newInstance();
- newFragment.show(fragment_transaction, ProviderDetailFragment.TAG);
- }
- }
-
- public void showAndSelectProvider(String provider_main_url) {
+ FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); + + DialogFragment newFragment = NewProviderDialog.newInstance(); + Bundle data = new Bundle(); + data.putString(Provider.MAIN_URL, main_url); + newFragment.setArguments(data); + newFragment.show(fragment_transaction, NewProviderDialog.TAG); + } + + /** + * Once selected a provider, this fragment offers the user to log in, + * use it anonymously (if possible) + * or cancel his/her election pressing the back button. + * @param view + * @param reason_to_fail + */ + public void showDownloadFailedDialog(View view, String reason_to_fail) { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(DownloadFailedDialog.TAG); + + DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); + newFragment.show(fragment_transaction, DownloadFailedDialog.TAG); + } + + /** + * Once selected a provider, this fragment offers the user to log in, + * use it anonymously (if possible) + * or cancel his/her election pressing the back button. + * @param view + */ + private void showProviderDetails() { + if(setting_up_provider) { + FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(ProviderDetailFragment.TAG); + + DialogFragment newFragment = ProviderDetailFragment.newInstance(); + newFragment.show(fragment_transaction, ProviderDetailFragment.TAG); + } + } + + public void showAndSelectProvider(String provider_main_url) { if(getId(provider_main_url).isEmpty()) - showProvider(provider_main_url);
+ showProvider(provider_main_url); autoSelectProvider(provider_main_url); - }
-
+ } + private void showProvider(final String provider_main_url) { - String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_");
- ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url);
- provider_list_fragment.addItem(added_provider);
- }
-
+ String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); + ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url); + provider_list_fragment.addItem(added_provider); + } + private void autoSelectProvider(String provider_main_url) { - onItemSelected(getId(provider_main_url));
- }
-
- /**
- * Asks ProviderAPI to download a new provider.json file
- * @param provider_name
- * @param provider_main_url
- */
- public void setUpProvider(String provider_main_url) {
- Intent provider_API_command = new Intent(this, ProviderAPI.class);
- Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, provider_main_url);
-
- provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER);
- provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
+ onItemSelected(getId(provider_main_url)); + } + + /** + * Asks ProviderAPI to download a new provider.json file + * @param provider_name + * @param provider_main_url + */ + public void setUpProvider(String provider_main_url) { + Intent provider_API_command = new Intent(this, ProviderAPI.class); + Bundle parameters = new Bundle(); + parameters.putString(Provider.MAIN_URL, provider_main_url); + + provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); + provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - startService(provider_API_command);
+ startService(provider_API_command); setting_up_provider = true; } @@ -527,62 +513,62 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD startService(provider_API_command); } } - @Override
- public boolean onCreateOptionsMenu(Menu menu) {
- getMenuInflater().inflate(R.menu.configuration_wizard_activity, menu);
- return true;
- }
-
- @Override
- public boolean onOptionsItemSelected(MenuItem item){
- switch (item.getItemId()){
+ @Override + public boolean onCreateOptionsMenu(Menu menu) { + getMenuInflater().inflate(R.menu.configuration_wizard_activity, menu); + return true; + } + + @Override + public boolean onOptionsItemSelected(MenuItem item){ + switch (item.getItemId()){ case R.id.about_leap: startActivityForResult(new Intent(this, AboutActivity.class), 0); return true; - case R.id.new_provider:
- addAndSelectNewProvider();
- return true;
- default:
- return super.onOptionsItemSelected(item);
- }
- }
-
- public void showAllProviders() {
- provider_list_fragment = (ProviderListFragment) getFragmentManager().findFragmentByTag(ProviderListFragment.TAG);
- if(provider_list_fragment != null)
- provider_list_fragment.unhideAll();
- }
-
- public void cancelSettingUpProvider() {
- provider_list_fragment = (ProviderListFragment) getFragmentManager().findFragmentByTag(ProviderListFragment.TAG);
+ case R.id.new_provider: + addAndSelectNewProvider(); + return true; + default: + return super.onOptionsItemSelected(item); + } + } + + public void showAllProviders() { + provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); + if(provider_list_fragment != null) + provider_list_fragment.unhideAll(); + } + + public void cancelSettingUpProvider() { + provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); if(provider_list_fragment != null) { - provider_list_fragment.removeLastItem();
- }
- preferences.edit().remove(Provider.KEY).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit();
- }
-
- @Override
- public void login() {
- Intent ask_login = new Intent();
- ask_login.putExtra(LogInDialog.VERB, LogInDialog.VERB);
- setResult(RESULT_OK, ask_login);
- setting_up_provider = false;
- finish();
- }
-
- @Override
- public void use_anonymously() {
- setResult(RESULT_OK);
- setting_up_provider = false;
- finish();
- }
-
- public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver {
-
- @Override
- public void onReceive(Context context, Intent intent) {
- int update = intent.getIntExtra(ProviderAPI.CURRENT_PROGRESS, 0);
- mProgressBar.setProgress(update);
- }
- }
-}
+ provider_list_fragment.removeLastItem(); + } + preferences.edit().remove(Provider.KEY).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + } + + @Override + public void login() { + Intent ask_login = new Intent(); + ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); + setResult(RESULT_OK, ask_login); + setting_up_provider = false; + finish(); + } + + @Override + public void use_anonymously() { + setResult(RESULT_OK); + setting_up_provider = false; + finish(); + } + + public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver { + + @Override + public void onReceive(Context context, Intent intent) { + int update = intent.getIntExtra(ProviderAPI.CURRENT_PROGRESS, 0); + mProgressBar.setProgress(update); + } + } +} diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index 3c8ec607..749457e4 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -92,12 +92,10 @@ public class ProviderAPI extends IntentService { PARAMETERS = "parameters", RESULT_KEY = "result", RECEIVER_KEY = "receiver", - SESSION_ID_COOKIE_KEY = "session_id_cookie_key", - SESSION_ID_KEY = "session_id", ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = "provider_api_tag" + TAG = ProviderAPI.class.getSimpleName(); ; final public static int @@ -125,6 +123,7 @@ public class ProviderAPI extends IntentService { private static String last_provider_main_url; private static boolean setting_up_provider = true; private static SharedPreferences preferences; + private static String provider_api_url; public static void stop() { setting_up_provider = false; @@ -140,6 +139,12 @@ public class ProviderAPI extends IntentService { super.onCreate(); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ORIGINAL_SERVER)); + if(provider_api_url == null && preferences.contains(Provider.KEY)) { + try { + JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); + provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); + } catch (JSONException e) {} + } } public static String lastProviderMainUrl() { @@ -181,7 +186,7 @@ public class ProviderAPI extends IntentService { receiver.send(SRP_AUTHENTICATION_FAILED, result); } } else if (action.equalsIgnoreCase(LOG_OUT)) { - if(logOut(parameters)) { + if(logOut()) { receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); @@ -199,40 +204,41 @@ public class ProviderAPI extends IntentService { Bundle session_id_bundle = new Bundle(); int progress = 0; - String username = (String) task.get(LogInDialog.USERNAME); - String password = (String) task.get(LogInDialog.PASSWORD); - String authentication_server = (String) task.get(Provider.API_URL); + String username = (String) task.get(SessionDialogInterface.USERNAME); + String password = (String) task.get(SessionDialogInterface.PASSWORD); + if(validUserLoginData(username, password)) { - session_id_bundle = register(username, password, authentication_server); + session_id_bundle = register(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putString(LogInDialog.USERNAME, username); - session_id_bundle.putBoolean(LogInDialog.PASSWORD_INVALID_LENGTH, true); + session_id_bundle.putString(SessionDialogInterface.USERNAME, username); + session_id_bundle.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putBoolean(LogInDialog.USERNAME_MISSING, true); + session_id_bundle.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); } } return session_id_bundle; } - private Bundle register(String username, String password, String server) { + private Bundle register(String username, String password) { LeapSRPSession client = new LeapSRPSession(username, password); byte[] salt = client.calculateNewSalt(); BigInteger password_verifier = client.calculateV(username, password, salt); - JSONObject api_result = sendNewUserDataToSRPServer(server, username, new BigInteger(1, salt).toString(16), password_verifier.toString(16)); + + JSONObject api_result = sendNewUserDataToSRPServer(provider_api_url, username, new BigInteger(1, salt).toString(16), password_verifier.toString(16)); Bundle result = new Bundle(); if(api_result.has(ERRORS)) result = authFailedNotification(api_result, username); else { - result.putString(LogInDialog.USERNAME, username); - result.putString(LogInDialog.PASSWORD, password); + result.putString(SessionDialogInterface.USERNAME, username); + result.putString(SessionDialogInterface.PASSWORD, password); result.putBoolean(RESULT_KEY, true); } @@ -249,42 +255,39 @@ public class ProviderAPI extends IntentService { Bundle result = new Bundle(); int progress = 0; - String username = (String) task.get(LogInDialog.USERNAME); - String password = (String) task.get(LogInDialog.PASSWORD); + String username = (String) task.get(SessionDialogInterface.USERNAME); + String password = (String) task.get(SessionDialogInterface.PASSWORD); if(validUserLoginData(username, password)) { - - String server = (String) task.get(Provider.API_URL); - - authenticate(username, password, server); + result = authenticate(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { result.putBoolean(RESULT_KEY, false); - result.putString(LogInDialog.USERNAME, username); - result.putBoolean(LogInDialog.PASSWORD_INVALID_LENGTH, true); + result.putString(SessionDialogInterface.USERNAME, username); + result.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { result.putBoolean(RESULT_KEY, false); - result.putBoolean(LogInDialog.USERNAME_MISSING, true); + result.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); } } return result; } - private Bundle authenticate(String username, String password, String server) { + private Bundle authenticate(String username, String password) { Bundle result = new Bundle(); LeapSRPSession client = new LeapSRPSession(username, password); byte[] A = client.exponential(); - JSONObject step_result = sendAToSRPServer(server, username, new BigInteger(1, A).toString(16)); + JSONObject step_result = sendAToSRPServer(provider_api_url, username, new BigInteger(1, A).toString(16)); try { String salt = step_result.getString(LeapSRPSession.SALT); byte[] Bbytes = new BigInteger(step_result.getString("B"), 16).toByteArray(); byte[] M1 = client.response(new BigInteger(salt, 16).toByteArray(), Bbytes); if(M1 != null) { - step_result = sendM1ToSRPServer(server, username, M1); + step_result = sendM1ToSRPServer(provider_api_url, username, M1); setTokenIfAvailable(step_result); byte[] M2 = new BigInteger(step_result.getString(LeapSRPSession.M2), 16).toByteArray(); if(client.verify(M2)) { @@ -294,7 +297,7 @@ public class ProviderAPI extends IntentService { } } else { result.putBoolean(RESULT_KEY, false); - result.putString(LogInDialog.USERNAME, username); + result.putString(SessionDialogInterface.USERNAME, username); result.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_srp_math_error_user_message)); } } catch (JSONException e) { @@ -325,7 +328,7 @@ public class ProviderAPI extends IntentService { } catch(JSONException e) {} if(!username.isEmpty()) - user_notification_bundle.putString(LogInDialog.USERNAME, username); + user_notification_bundle.putString(SessionDialogInterface.USERNAME, username); user_notification_bundle.putBoolean(RESULT_KEY, false); return user_notification_bundle; @@ -614,6 +617,7 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject(provider_dot_json_string); + provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); String name = provider_json.getString(Provider.NAME); //TODO setProviderName(name); @@ -847,12 +851,11 @@ public class ProviderAPI extends IntentService { /** * Logs out from the api url retrieved from the task. - * @param task containing api url from which the user will log out * @return true if there were no exceptions */ - private boolean logOut(Bundle task) { + private boolean logOut() { try { - String delete_url = task.getString(Provider.API_URL) + "/logout"; + String delete_url = provider_api_url + "/logout"; int progress = 0; HttpsURLConnection urlConnection = (HttpsURLConnection)new URL(delete_url).openConnection(); @@ -894,7 +897,6 @@ public class ProviderAPI extends IntentService { private boolean updateVpnCertificate() { getNewCert(); - preferences.edit().putInt(EIP.PARSED_SERIAL, 0).commit(); Intent updateEIP = new Intent(getApplicationContext(), EIP.class); updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); @@ -916,7 +918,6 @@ public class ProviderAPI extends IntentService { URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE); String cert_string = downloadWithProviderCA(new_cert_string_url.toString()); - if(!cert_string.isEmpty()) { if(ConfigHelper.checkErroneousDownload(cert_string)) { String reason_to_fail = provider_json.getString(ERRORS); @@ -937,12 +938,12 @@ public class ProviderAPI extends IntentService { } } try { - RSAPrivateKey keyCert = ConfigHelper.parseRsaKeyFromString(keyString); - keyString = Base64.encodeToString( keyCert.getEncoded(), Base64.DEFAULT ); + RSAPrivateKey key = ConfigHelper.parseRsaKeyFromString(keyString); + keyString = Base64.encodeToString(key.getEncoded(), Base64.DEFAULT); preferences.edit().putString(EIP.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); - X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString); - certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT); + X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificateString); + certificateString = Base64.encodeToString(certificate.getEncoded(), Base64.DEFAULT); preferences.edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); preferences.edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); return true; |