summaryrefslogtreecommitdiff
path: root/src/de/blinkt
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2012-06-17 17:48:52 +0200
committerArne Schwabe <arne@rfc2549.org>2012-06-17 17:48:52 +0200
commit39197a456562402ad42c5d78deafbbcefa024582 (patch)
tree3649b57711229c91e4f028bd6b42b9567d6ea255 /src/de/blinkt
parent5cd8e4b40aab5512c7e9c1d606b841df39ae8c81 (diff)
- Fix last commit
- Implement reading extra CA cert from file to fix keystore error on some mobile phones
Diffstat (limited to 'src/de/blinkt')
-rw-r--r--src/de/blinkt/openvpn/LaunchVPN.java2
-rw-r--r--src/de/blinkt/openvpn/OpenVPN.java11
-rw-r--r--src/de/blinkt/openvpn/Settings_Basic.java6
-rw-r--r--src/de/blinkt/openvpn/VpnProfile.java30
4 files changed, 46 insertions, 3 deletions
diff --git a/src/de/blinkt/openvpn/LaunchVPN.java b/src/de/blinkt/openvpn/LaunchVPN.java
index b4151c24..e76057d7 100644
--- a/src/de/blinkt/openvpn/LaunchVPN.java
+++ b/src/de/blinkt/openvpn/LaunchVPN.java
@@ -105,7 +105,7 @@ public class LaunchVPN extends ListActivity implements OnItemClickListener {
if(Intent.ACTION_MAIN.equals(action)) {
// we got called to be the starting point, most likely a shortcut
String shortcutUUID = intent.getStringExtra( EXTRA_KEY);
- String shortcutName = intent.getStringExtra( EXTRA_KEY);
+ String shortcutName = intent.getStringExtra( EXTRA_NAME);
VpnProfile profileToConnect = ProfileManager.get(shortcutUUID);
if(shortcutName != null && profileToConnect ==null)
diff --git a/src/de/blinkt/openvpn/OpenVPN.java b/src/de/blinkt/openvpn/OpenVPN.java
index 39533db3..b09eb60e 100644
--- a/src/de/blinkt/openvpn/OpenVPN.java
+++ b/src/de/blinkt/openvpn/OpenVPN.java
@@ -35,6 +35,12 @@ public class OpenVPN {
mMessage = message;
}
+ public LogItem(int loglevel, String msg) {
+ mLevel = loglevel;
+ mMessage = msg;
+ }
+
+
String getString(Context c) {
if(mMessage !=null) {
return mMessage;
@@ -144,6 +150,11 @@ public class OpenVPN {
}
}
+ public static void logError(String msg) {
+ newlogItem(new LogItem(LogItem.ERROR, msg));
+
+ }
+
}
diff --git a/src/de/blinkt/openvpn/Settings_Basic.java b/src/de/blinkt/openvpn/Settings_Basic.java
index bafee229..1b82b579 100644
--- a/src/de/blinkt/openvpn/Settings_Basic.java
+++ b/src/de/blinkt/openvpn/Settings_Basic.java
@@ -200,7 +200,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
mView.findViewById(R.id.userpassword).setVisibility(View.GONE);
mView.findViewById(R.id.key_password_layout).setVisibility(View.GONE);
- // Fallthroughs are by desing
+ // Fall through are by design
switch(type) {
case VpnProfile.TYPE_USERPASS_CERTIFICATES:
mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE);
@@ -210,18 +210,22 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On
if(mProfile.requireTLSKeyPassword())
mView.findViewById(R.id.key_password_layout).setVisibility(View.VISIBLE);
break;
+
case VpnProfile.TYPE_USERPASS_PKCS12:
mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE);
case VpnProfile.TYPE_PKCS12:
mView.findViewById(R.id.pkcs12).setVisibility(View.VISIBLE);
break;
+
case VpnProfile.TYPE_STATICKEYS:
mView.findViewById(R.id.statickeys).setVisibility(View.VISIBLE);
break;
+
case VpnProfile.TYPE_USERPASS_KEYSTORE:
mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE);
case VpnProfile.TYPE_KEYSTORE:
mView.findViewById(R.id.keystore).setVisibility(View.VISIBLE);
+ mView.findViewById(R.id.cacert).setVisibility(View.VISIBLE);
break;
case VpnProfile.TYPE_USERPASS:
diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java
index e9cb994a..7ca75723 100644
--- a/src/de/blinkt/openvpn/VpnProfile.java
+++ b/src/de/blinkt/openvpn/VpnProfile.java
@@ -1,17 +1,22 @@
package de.blinkt.openvpn;
+import java.io.ByteArrayInputStream;
import java.io.File;
+import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
+import java.io.InputStream;
import java.io.Serializable;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
+import java.security.cert.Certificate;
import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Random;
@@ -474,7 +479,7 @@ public class VpnProfile implements Serializable{
try {
privateKey = KeyChain.getPrivateKey(context,mAlias);
cachain = KeyChain.getCertificateChain(context, mAlias);
- if(cachain.length <= 1)
+ if(cachain.length <= 1 && !nonNull(mCaFilename))
OpenVPN.logMessage(0, "", context.getString(R.string.keychain_nocacert));
@@ -484,6 +489,15 @@ public class VpnProfile implements Serializable{
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(null, null);
+ if(nonNull(mCaFilename)) {
+ try {
+ Certificate cacert = getCacertFromFile();
+
+ ks.setCertificateEntry("cacert", cacert);
+ } catch (Exception e) {
+ OpenVPN.logError("Could not read CA certificate" + e.getLocalizedMessage());
+ }
+ }
ks.setKeyEntry("usercert", privateKey, null, cachain);
String mypw = getTemporaryPKCS12Password();
FileOutputStream fout = new FileOutputStream(context.getCacheDir().getAbsolutePath() + "/" + VpnProfile.OVPNCONFIGPKCS12);
@@ -507,6 +521,20 @@ public class VpnProfile implements Serializable{
}
}
+ private Certificate getCacertFromFile() throws FileNotFoundException, CertificateException {
+ CertificateFactory certFact = CertificateFactory.getInstance("X.509");
+
+ InputStream inStream;
+
+ if(mCaFilename.startsWith(INLINE_TAG))
+ inStream = new ByteArrayInputStream(mCaFilename.replace(INLINE_TAG,"").getBytes());
+ else
+ inStream = new FileInputStream(mCaFilename);
+
+ return certFact.generateCertificate(inStream);
+ }
+
+
//! Return an error if somethign is wrong
int checkProfile() {
if((mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) && mAlias==null)