summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2014-07-10 08:57:19 +0200
committerParménides GV <parmegv@sdf.org>2014-07-10 08:57:19 +0200
commit0a5c95eb01344aeccc3e3ed848166b6c02bedff9 (patch)
tree71d4ec041fd0162a8bef4b0b1ef9581b7e6511f3 /app
parentfccf31f212eeec368b84d86cfb3775c815fdaa2b (diff)
parenta23c12674abd836b3abd4feeaf057236cfd0ca27 (diff)
Merge branch 'bug/Certificate-expiration-#5821' into develop
Diffstat (limited to 'app')
-rw-r--r--app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java2
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/Dashboard.java17
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/EIP.java99
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java62
-rw-r--r--app/src/main/res/values/strings.xml1
-rw-r--r--app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java4
6 files changed, 135 insertions, 50 deletions
diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
index b17d6bb4..5549252e 100644
--- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -49,6 +49,7 @@ import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
+import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
@@ -943,6 +944,7 @@ public class ProviderAPI extends IntentService {
X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString);
certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT);
getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit();
+ getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit();
return true;
} catch (CertificateException e) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
index cb451b86..117e45d8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
@@ -472,9 +472,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf
} else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) {
setResult(RESULT_OK);
changeStatusMessage(resultCode);
- mProgressBar.setVisibility(ProgressBar.GONE);
+ if(mProgressBar != null)
+ mProgressBar.setVisibility(ProgressBar.GONE);
if(EipServiceFragment.isEipSwitchChecked())
eipStart();
+ else
+ eipStatus.setText(R.string.eip_state_not_connected);
} else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) {
setResult(RESULT_CANCELED);
changeStatusMessage(resultCode);
@@ -570,4 +573,16 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf
startService(eip_intent);
}
+
+ protected void setProgressBarVisibility(int visibility) {
+ if(mProgressBar == null)
+ mProgressBar = (ProgressBar) findViewById(R.id.eipProgress);
+ mProgressBar.setVisibility(visibility);
+ }
+
+ protected void setEipStatus(int status) {
+ if(eipStatus == null)
+ eipStatus = (TextView) findViewById(R.id.eipStatus);
+ eipStatus.setText(status);
+ }
}
diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java
index 21a573fe..75c6ada8 100644
--- a/app/src/main/java/se/leap/bitmaskclient/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java
@@ -16,35 +16,9 @@
*/
package se.leap.bitmaskclient;
-import java.io.StringReader;
-import java.io.IOException;
-import java.util.Calendar;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.NoSuchElementException;
-import java.util.Set;
-import java.util.TreeMap;
-import java.util.Vector;
-import org.json.JSONArray;
-import org.json.JSONException;
-import org.json.JSONObject;
-import se.leap.bitmaskclient.R;
-import se.leap.bitmaskclient.Dashboard;
-import se.leap.bitmaskclient.Provider;
-import de.blinkt.openvpn.activities.DisconnectVPN;
-import de.blinkt.openvpn.core.ConfigParser;
-import de.blinkt.openvpn.core.ConfigParser.ConfigParseError;
-import de.blinkt.openvpn.LaunchVPN;
-import de.blinkt.openvpn.core.OpenVpnManagementThread;
-import de.blinkt.openvpn.core.OpenVpnService;
-import de.blinkt.openvpn.core.OpenVpnService.LocalBinder;
-import de.blinkt.openvpn.core.ProfileManager;
-import de.blinkt.openvpn.VpnProfile;
import android.app.Activity;
import android.app.IntentService;
@@ -58,6 +32,38 @@ import android.os.Bundle;
import android.os.IBinder;
import android.os.ResultReceiver;
import android.util.Log;
+import de.blinkt.openvpn.LaunchVPN;
+import de.blinkt.openvpn.VpnProfile;
+import de.blinkt.openvpn.activities.DisconnectVPN;
+import de.blinkt.openvpn.core.ConfigParser.ConfigParseError;
+import de.blinkt.openvpn.core.ConfigParser;
+import de.blinkt.openvpn.core.OpenVpnManagementThread;
+import de.blinkt.openvpn.core.OpenVpnService.LocalBinder;
+import de.blinkt.openvpn.core.OpenVpnService;
+import de.blinkt.openvpn.core.ProfileManager;
+import java.io.IOException;
+import java.io.StringReader;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.X509Certificate;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Locale;
+import java.util.NoSuchElementException;
+import java.util.Set;
+import java.util.TreeMap;
+import java.util.Vector;
+import org.json.JSONArray;
+import org.json.JSONException;
+import org.json.JSONObject;
+import se.leap.bitmaskclient.Dashboard;
+import se.leap.bitmaskclient.Provider;
+import se.leap.bitmaskclient.R;
/**
* EIP is the abstract base class for interacting with and managing the Encrypted
@@ -72,12 +78,14 @@ import android.util.Log;
public final class EIP extends IntentService {
public final static String AUTHED_EIP = "authed eip";
+ public final static String ACTION_CHECK_CERT_VALIDITY = "se.leap.bitmaskclient.CHECK_CERT_VALIDITY";
public final static String ACTION_START_EIP = "se.leap.bitmaskclient.START_EIP";
public final static String ACTION_STOP_EIP = "se.leap.bitmaskclient.STOP_EIP";
public final static String ACTION_UPDATE_EIP_SERVICE = "se.leap.bitmaskclient.UPDATE_EIP_SERVICE";
public final static String ACTION_IS_EIP_RUNNING = "se.leap.bitmaskclient.IS_RUNNING";
public final static String EIP_NOTIFICATION = "EIP_NOTIFICATION";
public final static String STATUS = "eip status";
+ public final static String DATE_FROM_CERTIFICATE = "date from certificate";
public final static String ALLOWED_ANON = "allow_anonymous";
public final static String CERTIFICATE = "cert";
public final static String PRIVATE_KEY = "private_key";
@@ -87,8 +95,9 @@ public final class EIP extends IntentService {
public final static String RECEIVER_TAG = "receiverTag";
public final static String REQUEST_TAG = "requestTag";
public final static String TAG = "se.leap.bitmaskclient.EIP";
-
-
+
+ public final static SimpleDateFormat certificate_date_format = new SimpleDateFormat("yyyy-MM-dd HH:mm", Locale.US);
+
private static Context context;
private static ResultReceiver mReceiver;
private static OpenVpnService mVpnService;
@@ -138,6 +147,8 @@ public final class EIP extends IntentService {
this.startEIP();
else if ( action == ACTION_STOP_EIP )
this.stopEIP();
+ else if ( action == ACTION_CHECK_CERT_VALIDITY )
+ this.checkCertValidity();
}
/**
@@ -273,7 +284,7 @@ public final class EIP extends IntentService {
disconnect_vpn.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(disconnect_vpn);
}
-
+
if (mReceiver != null){
Bundle resultData = new Bundle();
resultData.putString(REQUEST_TAG, ACTION_STOP_EIP);
@@ -408,6 +419,36 @@ public final class EIP extends IntentService {
getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit();
}
+ private void checkCertValidity() {
+ String certificate_string = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(CERTIFICATE, "");
+ String date_from_certificate_string = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(DATE_FROM_CERTIFICATE, Calendar.getInstance().getTime().toString());
+ X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate_string);
+
+ Calendar offset_date = Calendar.getInstance();
+ try {
+ long difference = Math.abs(certificate_date_format.parse(date_from_certificate_string).getTime() - certificate_x509.getNotAfter().getTime())/2;
+ long current_date_millis = offset_date.getTimeInMillis();
+ offset_date.setTimeInMillis(current_date_millis + difference);
+ Log.d(TAG, "certificate not after = " + certificate_x509.getNotAfter());
+ } catch(ParseException e) {
+ e.printStackTrace();
+ }
+
+ Bundle result_data = new Bundle();
+ result_data.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY);
+ try {
+ Log.d(TAG, "offset_date = " + offset_date.getTime().toString());
+ certificate_x509.checkValidity(offset_date.getTime());
+ mReceiver.send(Activity.RESULT_OK, result_data);
+ Log.d(TAG, "Valid certificate");
+ } catch(CertificateExpiredException e) {
+ mReceiver.send(Activity.RESULT_CANCELED, result_data);
+ Log.d(TAG, "Updating certificate");
+ } catch(CertificateNotYetValidException e) {
+ mReceiver.send(Activity.RESULT_CANCELED, result_data);
+ }
+ }
+
/**
* OVPNGateway provides objects defining gateways and their options and metadata.
* Each instance contains a VpnProfile for OpenVPN specific data and member
diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
index 299d89a4..5a5bb568 100644
--- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
+++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java
@@ -1,6 +1,10 @@
package se.leap.bitmaskclient;
import se.leap.bitmaskclient.R;
+import se.leap.bitmaskclient.ProviderAPIResultReceiver;
+import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver;
+import se.leap.bitmaskclient.Dashboard;
+
import de.blinkt.openvpn.activities.LogWindow;
import de.blinkt.openvpn.core.VpnStatus;
import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
@@ -21,6 +25,7 @@ import android.view.View.OnClickListener;
import android.view.ViewGroup;
import android.widget.CompoundButton.OnCheckedChangeListener;
import android.widget.CompoundButton;
+import android.widget.ProgressBar;
import android.widget.RelativeLayout;
import android.widget.Switch;
import android.widget.TextView;
@@ -37,9 +42,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
private boolean eipAutoSwitched = true;
- private boolean mEipStartPending = false;
-
- private boolean set_switch_off = false;
+ private boolean mEipStartPending = false;
private static EIPReceiver mEIPReceiver;
@@ -96,15 +99,9 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
super.onResume();
VpnStatus.addStateListener(this);
- if(set_switch_off) {
- eipSwitch.setChecked(false);
- set_switch_off = false;
- }
+
+ eipCommand(EIP.ACTION_CHECK_CERT_VALIDITY);
}
-
- protected void setSwitchOff(boolean value) {
- set_switch_off = value;
- }
@Override
public void onPause() {
@@ -131,8 +128,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
}
@Override
public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) {
- Log.d("bitmask", "onCheckChanged");
- if (buttonView.equals(eipSwitch) && !eipAutoSwitched){
+ if (buttonView.equals(eipSwitch) && !eipAutoSwitched){
boolean allowed_anon = getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).getBoolean(EIP.ALLOWED_ANON, false);
String certificate = getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).getString(EIP.CERTIFICATE, "");
if(allowed_anon || !certificate.isEmpty()) {
@@ -173,8 +169,12 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
}
}
else {
- if(!eipSwitch.isChecked())
- eipStatus.setText(R.string.state_noprocess);
+ if(!eipSwitch.isChecked()) {
+ if(getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).getString(EIP.STATUS, "").equalsIgnoreCase(ConnectionStatus.LEVEL_AUTH_FAILED.toString()))
+ startEipFromScratch();
+ else
+ eipStatus.setText(R.string.state_noprocess);
+ }
}
eipAutoSwitched = true;
saveEipStatus();
@@ -198,9 +198,10 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
*/
private void eipCommand(String action){
// TODO validate "action"...how do we get the list of intent-filters for a class via Android API?
- Intent vpnIntent = new Intent(action);
- vpnIntent.putExtra(EIP.RECEIVER_TAG, mEIPReceiver);
- getActivity().startService(vpnIntent);
+ Intent vpn_intent = new Intent(getActivity().getApplicationContext(), EIP.class);
+ vpn_intent.setAction(action);
+ vpn_intent.putExtra(EIP.RECEIVER_TAG, mEIPReceiver);
+ getActivity().startService(vpn_intent);
}
@Override
@@ -256,7 +257,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
@Override
protected void onReceiveResult(int resultCode, Bundle resultData) {
super.onReceiveResult(resultCode, resultData);
-
+
String request = resultData.getString(EIP.REQUEST_TAG);
boolean checked = false;
@@ -298,6 +299,29 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe
checked = false;
break;
}
+ } else if (request == EIP.ACTION_CHECK_CERT_VALIDITY) {
+ checked = eipSwitch.isChecked();
+
+ switch (resultCode) {
+ case Activity.RESULT_OK:
+ break;
+ case Activity.RESULT_CANCELED:
+ Dashboard dashboard = (Dashboard) getActivity();
+
+ dashboard.setProgressBarVisibility(ProgressBar.VISIBLE);
+ dashboard.setEipStatus(R.string.updating_certificate_message);
+
+ Intent provider_API_command = new Intent(getActivity(), ProviderAPI.class);
+ if(dashboard.providerAPI_result_receiver == null) {
+ dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
+ dashboard.providerAPI_result_receiver.setReceiver(dashboard);
+ }
+
+ provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE);
+ provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver);
+ getActivity().startService(provider_API_command);
+ break;
+ }
}
eipAutoSwitched = true;
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index c928f001..1dbe8fee 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -54,6 +54,7 @@
<string name="service_is_down_error">Service is down.</string>
<string name="configuring_provider">Configuring provider</string>
<string name="incorrectly_downloaded_certificate_message">Your anon cert was not downloaded</string>
+ <string name="updating_certificate_message">Updating EIP certificate</string>
<string name="authenticating_message">Logging in</string>
<string name="signingup_message">Signing up</string>
<string name="logout_message">Logging out from this session.</string>
diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java
index cdac8197..625125d8 100644
--- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -43,6 +43,7 @@ import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
+import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
@@ -190,6 +191,7 @@ public class ProviderAPI extends IntentService {
receiver.send(LOGOUT_FAILED, Bundle.EMPTY);
}
} else if (action.equalsIgnoreCase(DOWNLOAD_CERTIFICATE)) {
+ Log.d(TAG, "action.equalsIgnoreCase(DOWNLOAD_CERTIFICATE)");
if(updateVpnCertificate()) {
receiver.send(CORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY);
} else {
@@ -943,7 +945,7 @@ public class ProviderAPI extends IntentService {
X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString);
certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT);
getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit();
-
+ getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit();
return true;
} catch (CertificateException e) {
// TODO Auto-generated catch block