diff options
-rw-r--r-- | .DS_Store | bin | 12292 -> 0 bytes | |||
-rw-r--r-- | openvpn/0001-initial-android-hacks.patch | 523 | ||||
-rw-r--r-- | src/de/blinkt/openvpn/Settings_Authentication.java | 3 |
3 files changed, 2 insertions, 524 deletions
diff --git a/.DS_Store b/.DS_Store Binary files differdeleted file mode 100644 index 2d192e83..00000000 --- a/.DS_Store +++ /dev/null diff --git a/openvpn/0001-initial-android-hacks.patch b/openvpn/0001-initial-android-hacks.patch deleted file mode 100644 index e78cc7de..00000000 --- a/openvpn/0001-initial-android-hacks.patch +++ /dev/null @@ -1,523 +0,0 @@ -From d573932062cb4afd7f001899978e37ce446934e7 Mon Sep 17 00:00:00 2001 -From: Arne Schwabe <arne@rfc2549.org> -Date: Tue, 10 Apr 2012 00:34:51 +0200 -Subject: [PATCH] initial android hacks - ---- - src/compat/compat-rsa_generate_key.c | 47 ++++++++++ - src/openvpn/error.c | 19 ++++- - src/openvpn/jniglue.c | 162 ++++++++++++++++++++++++++++++++++ - src/openvpn/jniglue.h | 19 ++++ - src/openvpn/options.c | 1 + - src/openvpn/route.c | 7 ++- - src/openvpn/socket.c | 25 +++++ - src/openvpn/ssl.c | 2 + - src/openvpn/syshead.h | 2 +- - src/openvpn/tun.c | 22 ++++- - src/openvpn/tun.h | 2 + - 11 files changed, 303 insertions(+), 5 deletions(-) - create mode 100644 src/compat/compat-rsa_generate_key.c - create mode 100644 src/openvpn/jniglue.c - create mode 100644 src/openvpn/jniglue.h - -diff --git a/src/compat/compat-rsa_generate_key.c b/src/compat/compat-rsa_generate_key.c -new file mode 100644 -index 0000000..99725da ---- /dev/null -+++ b/src/compat/compat-rsa_generate_key.c -@@ -0,0 +1,47 @@ -+#include <stdio.h> -+#include <time.h> -+#include "cryptlib.h" -+#include <openssl/bn.h> -+#include <openssl/rsa.h> -+ -+RSA *RSA_generate_key(int bits, unsigned long e_value, -+ void (*callback)(int,int,void *), void *cb_arg) -+{ -+ BN_GENCB cb; -+ int i; -+ RSA *rsa = RSA_new(); -+ BIGNUM *e = BN_new(); -+ -+ if(!rsa || !e) goto err; -+ -+ /* The problem is when building with 8, 16, or 32 BN_ULONG, -+ * unsigned long can be larger */ -+ for (i=0; i<(int)sizeof(unsigned long)*8; i++) -+ { -+ if (e_value & (1UL<<i)) -+ if (BN_set_bit(e,i) == 0) -+ goto err; -+ } -+ -+ BN_GENCB_set_old(&cb, callback, cb_arg); -+ -+ if(RSA_generate_key_ex(rsa, bits, e, &cb)) { -+ BN_free(e); -+ return rsa; -+ } -+ err: -+ if(e) BN_free(e); -+ if(rsa) RSA_free(rsa); -+ return 0; -+} -+ -+ -+ -+void mlockall(){} -+char * -+getpass (prompt) -+ const char *prompt; -+{ -+ return ""; -+} -+ -diff --git a/src/openvpn/error.c b/src/openvpn/error.c -index d6ad639..d4a3cff 100644 ---- a/src/openvpn/error.c -+++ b/src/openvpn/error.c -@@ -199,6 +199,16 @@ msg_fp(const unsigned int flags) - - int x_msg_line_num; /* GLOBAL */ - -+#include "android/log.h" -+void x_msg2(const unsigned int flags, const char *format, ...) { -+ va_list arglist; -+ va_start(arglist,format); -+ // vsnprintf(m1, 100, "foo bbaz",arglist); -+ __android_log_vprint(ANDROID_LOG_DEBUG, "openvpn",format, arglist); -+ va_end(arglist); -+} -+ -+ - void x_msg (const unsigned int flags, const char *format, ...) - { - struct gc_arena gc; -@@ -350,6 +360,10 @@ void x_msg (const unsigned int flags, const char *format, ...) - } - } - -+#ifdef TARGET_ANDROID -+ android_openvpn_log(prefix,prefix_sep,m1);; -+#endif -+ - if (flags & M_FATAL) - msg (M_INFO, "Exiting due to fatal error"); - -@@ -701,7 +715,10 @@ openvpn_exit (const int status) - if (status == OPENVPN_EXIT_STATUS_GOOD) - perf_output_results (); - } -- -+#ifdef TARGET_ANDROID -+ android_openvpn_exit(status); -+#endif -+ - exit (status); - } - -diff --git a/src/openvpn/jniglue.c b/src/openvpn/jniglue.c -new file mode 100644 -index 0000000..2d52936 ---- /dev/null -+++ b/src/openvpn/jniglue.c -@@ -0,0 +1,162 @@ -+#include <jni.h> -+#include <android/log.h> -+#include <stdlib.h> -+#include <setjmp.h> -+ -+#include "jniglue.h" -+ -+JNIEXPORT jint Java_de_blinkt_OpenVPN_startOpenVPNThread(JNIEnv* env, jclass jc); -+ -+ -+extern int main (int argc, char *argv[]); -+ -+static jmp_buf jump_buffer; -+ -+int callmain (int argc, char *argv[]) { -+ if(!setjmp(jump_buffer)) -+ main(argc,argv); -+} -+ -+ -+void android_openvpn_exit(int status) { -+ longjmp(jump_buffer,status+1); -+} -+ -+ -+void testmsg(char* m1, ...) { -+ va_list arglist; -+ va_start(arglist,m1); -+ // vsnprintf(m1, 100, "foo bbaz",arglist); -+ __android_log_vprint(ANDROID_LOG_DEBUG, "openvpn",m1, arglist); -+ va_end(arglist); -+} -+ -+// Store env and class, we allow only one instance -+// so make these variables global for now -+jclass openvpnclass; -+JNIEnv* openvpnjenv; -+ -+//Lde/blinkt/openvpn/OpenVPN startOpenVPNThread startOpenVPNThread -+ jint Java_de_blinkt_openvpn_OpenVPN_startOpenVPNThread(JNIEnv* env, jclass jc){ -+ char* argv[] = {"openvpn", "--client", -+ "--dev","tun", -+ "--comp-lzo", -+// "--redirect-gateway","def1", -+// "--pkcs12","/mnt/sdcard/Network_Certificate.p12", -+ "--remote-cert-eku", "TLS Web Server Authentication", -+ "--remote","openvpn.uni-paderborn.de", -+ "--ca","/mnt/sdcard/ca.pem", -+ "--key","/mnt/sdcard/schwabe.key", -+ "--cert","/mnt/sdcard/schwabe.pem", -+ "--verb","4" -+ }; -+ -+ openvpnclass = jc; -+ openvpnjenv= env; -+ int argc=17; -+ -+ return callmain(argc,argv); -+ } -+ -+void Java_de_blinkt_openvpn_OpenVPN_startOpenVPNThreadArgs(JNIEnv *env,jclass jc, jobjectArray stringArray) { -+ openvpnclass = jc; -+ openvpnjenv= env; -+ -+ int stringCount = (*env)->GetArrayLength(env, stringArray); -+ -+ -+ const char** argv = calloc(stringCount,sizeof(const char*)); -+ -+ int i; -+ for (i=0; i<stringCount; i++) { -+ jstring string = (jstring) (*env)->GetObjectArrayElement(env, stringArray, i); -+ jboolean isCopy; -+ const char* rawString = (*env)->GetStringUTFChars(env, string, &isCopy); -+ -+ // Copy the string to able to release it -+ argv[i] = rawString; -+ -+ } -+ -+ // Call main -+ callmain(stringCount,argv); -+ -+ // Release the Strings -+ for(i=0; i<stringCount;i++){ -+ jstring string = (jstring) (*env)->GetObjectArrayElement(env, stringArray, i); -+ (*env)->ReleaseStringUTFChars(env,string,argv[i]); -+ } -+ free(argv); -+} -+ -+ -+ -+ -+jint JNI_OnLoad(JavaVM *vm, void *reserved) { -+ __android_log_write(ANDROID_LOG_DEBUG,"openvpn", "Loading openvpn native library $id$ compiled on " __DATE__ " " __TIME__ ); -+ return JNI_VERSION_1_2; -+} -+ -+void addInterfaceInformation(int mtu,const char* ifconfig_local, const char* ifconfig_remote) -+{ -+ jstring jlocal = (*openvpnjenv)->NewStringUTF(openvpnjenv, ifconfig_local); -+ jstring jremote = (*openvpnjenv)->NewStringUTF(openvpnjenv, ifconfig_remote); -+ -+ jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "addInterfaceInfo", -+ "(ILjava/lang/String;Ljava/lang/String;)V"); -+ (*openvpnjenv)->CallStaticVoidMethod(openvpnjenv,openvpnclass,aMethodID,mtu,jlocal,jremote); -+ -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jlocal); -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jremote); -+ -+ -+} -+ -+void android_openvpn_log(int level,const char* prefix,const char* prefix_sep,const char* m1) -+{ -+ __android_log_print(ANDROID_LOG_DEBUG,"openvpn","%s%s%s",prefix,prefix_sep,m1); -+ -+ jstring jprefix = (*openvpnjenv)->NewStringUTF(openvpnjenv, prefix); -+ jstring jmessage = (*openvpnjenv)->NewStringUTF(openvpnjenv, m1); -+ -+ jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "logMessage", -+ "(ILjava/lang/String;Ljava/lang/String;)V"); -+ -+ (*openvpnjenv)->CallStaticVoidMethod(openvpnjenv,openvpnclass,aMethodID,level,jprefix,jmessage); -+ -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jprefix); -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jmessage); -+ -+} -+ -+ -+unsigned char android_protect_socket(int sockfd) { -+ jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "protectSocket", -+ "(I)Z"); -+ return (*openvpnjenv)->CallStaticBooleanMethod(openvpnjenv,openvpnclass,aMethodID,sockfd); -+ -+} -+int android_open_tun () { -+ jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "openTunDevice", -+ "()I"); -+ return (*openvpnjenv)->CallStaticIntMethod(openvpnjenv,openvpnclass,aMethodID); -+ -+} -+ -+void addRouteInformation(const char* dest, const char* mask, const char* gw) { -+ -+ jstring jmask = (*openvpnjenv)->NewStringUTF(openvpnjenv, mask); -+ jstring jdest = (*openvpnjenv)->NewStringUTF(openvpnjenv, dest); -+ jstring jgw = (*openvpnjenv)->NewStringUTF(openvpnjenv, gw); -+ jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "addRoute", -+ "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V"); -+ (*openvpnjenv)->CallStaticVoidMethod(openvpnjenv,openvpnclass,aMethodID,jdest,jmask,jgw); -+ -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jmask); -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jdest); -+ (*openvpnjenv)->DeleteLocalRef(openvpnjenv,jgw); -+ -+ -+} -+ -+ -diff --git a/src/openvpn/jniglue.h b/src/openvpn/jniglue.h -new file mode 100644 -index 0000000..cb3ae41 ---- /dev/null -+++ b/src/openvpn/jniglue.h -@@ -0,0 +1,19 @@ -+// -+// jniglue.h -+// xcopenvpn -+// -+// Created by Arne Schwabe on 29.03.12. -+// Copyright (c) 2012 Universität Paderborn. All rights reserved. -+// -+ -+#ifndef xcopenvpn_jniglue_h -+#define xcopenvpn_jniglue_h -+ -+void testmsg(char* m1, ...); -+void addRouteInformation(const char* dest, const char* mask, const char* gw); -+void addInterfaceInformation(int mtu,const char* ifconfig_local, const char* ifconfig_remote); -+void android_openvpn_log(int level,const char* prefix,const char* prefix_sep,const char* m1); -+void android_openvpn_exit(int status); -+ -+ -+#endif -diff --git a/src/openvpn/options.c b/src/openvpn/options.c -index bd83843..fcf436c 100644 ---- a/src/openvpn/options.c -+++ b/src/openvpn/options.c -@@ -560,6 +560,7 @@ static const char usage_message[] = - #if OPENSSL_VERSION_NUMBER >= 0x00907000L - " and CRLs).\n" - #else /* OPENSSL_VERSION_NUMBER >= 0x00907000L */ -+#error WTF! - ").\n" - " WARNING: no support of CRL available with this version.\n" - #endif /* OPENSSL_VERSION_NUMBER >= 0x00907000L */ -diff --git a/src/openvpn/route.c b/src/openvpn/route.c -index 7c25c77..6c3ad90 100644 ---- a/src/openvpn/route.c -+++ b/src/openvpn/route.c -@@ -1344,6 +1344,11 @@ add_route (struct route *r, - argv_msg (D_ROUTE, &argv); - status = openvpn_execve_check (&argv, es, 0, "ERROR: Linux route add command failed"); - -+#elif defined (TARGET_ANDROID) -+#include "jniglue.h" -+ -+ addRouteInformation(network, netmask, gateway); -+ - #elif defined (WIN32) - { - DWORD ai = TUN_ADAPTER_INDEX_INVALID; -@@ -2371,7 +2376,7 @@ show_routes (int msglev) - gc_free (&gc); - } - --#elif defined(TARGET_LINUX) -+#elif defined(TARGET_LINUX) || defined(TARGET_ANDROID) - - void - get_default_gateway (struct route_gateway_info *rgi) -diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c -index 6b1f8d2..364b97e 100644 ---- a/src/openvpn/socket.c -+++ b/src/openvpn/socket.c -@@ -41,6 +41,11 @@ - - #include "memdbg.h" - -+#ifdef TARGET_ANDROID -+#include "jniglue.h" -+#endif -+ -+ - const int proto_overhead[] = { /* indexed by PROTO_x */ - 0, - IPv4_UDP_HEADER_SIZE, /* IPv4 */ -@@ -858,6 +863,11 @@ create_socket_tcp (void) - } - #endif - -+#ifdef TARGET_ANDROID -+ /* Protects the socket from being routed via VPN */ -+ android_protect_socket(sd); -+#endif -+ - return sd; - } - -@@ -885,6 +895,12 @@ create_socket_udp (const unsigned int flags) - #endif - } - #endif -+ -+#ifdef TARGET_ANDROID -+ /* Protects the socket from being routed via VPN */ -+ android_protect_socket(sd); -+#endif -+ - return sd; - } - -@@ -904,6 +920,11 @@ create_socket_udp6 (const unsigned int flags) - msg(M_SOCKERR, "UDP: failed setsockopt for IPV6_RECVPKTINFO"); - } - #endif -+#ifdef TARGET_ANDROID -+ /* Protects the socket from being routed via VPN */ -+ android_protect_socket(sd); -+#endif -+ - return sd; - } - -@@ -922,6 +943,10 @@ create_socket_tcp6 (void) - (void *) &on, sizeof (on)) < 0) - msg (M_SOCKERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP6 socket"); - } -+#ifdef TARGET_ANDROID -+ /* Protects the socket from being routed via VPN */ -+ android_protect_socket(sd); -+#endif - - return sd; - } -diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c -index 251f8ed..537fc12 100644 ---- a/src/openvpn/ssl.c -+++ b/src/openvpn/ssl.c -@@ -1645,6 +1645,8 @@ push_peer_info(struct buffer *buf, struct tls_session *session) - buf_printf (&out, "IV_PLAT=netbsd\n"); - #elif defined(TARGET_FREEBSD) - buf_printf (&out, "IV_PLAT=freebsd\n"); -+#elif defined(TARGET_ANDROID) -+ buf_printf(&out, "IV_PLAT=android\n"); - #elif defined(WIN32) - buf_printf (&out, "IV_PLAT=win\n"); - #endif -diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h -index 0595b67..56a5429 100644 ---- a/src/openvpn/syshead.h -+++ b/src/openvpn/syshead.h -@@ -211,7 +211,7 @@ - #include <net/if_tap.h> - #endif - --#ifdef TARGET_LINUX -+#if defined(TARGET_LINUX) || defined (TARGET_ANDROID) - - #if defined(HAVE_NETINET_IF_ETHER_H) - #include <netinet/if_ether.h> -diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c -index b99071c..db8104d 100644 ---- a/src/openvpn/tun.c -+++ b/src/openvpn/tun.c -@@ -49,6 +49,11 @@ - - #include "memdbg.h" - -+#ifdef TARGET_ANDROID -+#include "jniglue.h" -+#endif -+ -+ - #ifdef WIN32 - - /* #define SIMULATE_DHCP_FAILED */ /* simulate bad DHCP negotiation */ -@@ -768,6 +773,8 @@ do_ifconfig (struct tuntap *tt, - tt->did_ifconfig = true; - - #endif /*ENABLE_IPROUTE*/ -+#elif defined(TARGET_ANDROID) -+ addInterfaceInformation(tun_mtu,ifconfig_local, ifconfig_remote_netmask); - #elif defined(TARGET_SOLARIS) - - /* Solaris 2.6 (and 7?) cannot set all parameters in one go... -@@ -1365,7 +1372,16 @@ close_tun_generic (struct tuntap *tt) - - #endif - --#if defined(TARGET_LINUX) -+#if defined(TARGET_LINUX) || defined(TARGET_ANDROID) -+ -+#if defined (TARGET_ANDROID) -+void -+open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tuntap *tt) -+{ -+ tt->fd = android_open_tun(); -+} -+ -+#else - - #ifdef HAVE_LINUX_IF_TUN_H /* New driver support */ - -@@ -1373,6 +1389,7 @@ close_tun_generic (struct tuntap *tt) - #error header file linux/sockios.h required - #endif - -+ - #if defined(HAVE_TUN_PI) && defined(HAVE_IPHDR) && defined(HAVE_IOVEC) && defined(ETH_P_IPV6) && defined(ETH_P_IP) && defined(HAVE_READV) && defined(HAVE_WRITEV) - #define LINUX_IPV6 1 - /* #warning IPv6 ON */ -@@ -1426,7 +1443,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tu - if (!tt->ipv6) - ifr.ifr_flags = IFF_NO_PI; - --#if defined(IFF_ONE_QUEUE) && defined(SIOCSIFTXQLEN) -+#if defined(IFF_ONE_QUEUE) && defined(SIOCSIFTXQLEN) && !defined(TARGET_ANDROID) - ifr.ifr_flags |= IFF_ONE_QUEUE; - #endif - -@@ -1516,6 +1533,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tu - } - - #endif /* HAVE_LINUX_IF_TUN_H */ -+#endif /* TARGET_ANDROID */ - - #ifdef TUNSETPERSIST - -diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h -index 9bd990f..63ab872 100644 ---- a/src/openvpn/tun.h -+++ b/src/openvpn/tun.h -@@ -292,6 +292,8 @@ ifconfig_order(void) - return IFCONFIG_AFTER_TUN_OPEN; - #elif defined(WIN32) - return IFCONFIG_BEFORE_TUN_OPEN; -+#elif defined(TARGET_ANDROID) -+ return IFCONFIG_BEFORE_TUN_OPEN; - #else - return IFCONFIG_DEFAULT; - #endif --- -1.7.5.4 - diff --git a/src/de/blinkt/openvpn/Settings_Authentication.java b/src/de/blinkt/openvpn/Settings_Authentication.java index 6d21ca6a..4124783b 100644 --- a/src/de/blinkt/openvpn/Settings_Authentication.java +++ b/src/de/blinkt/openvpn/Settings_Authentication.java @@ -46,7 +46,8 @@ public class Settings_Authentication extends PreferenceFragment implements OnPre mProfile = ProfileManager.get(profileUUID); mTLSAuthFile.setOnPreferenceClickListener(this); - mCipher =(EditTextPreference) findPreference("cipher"); + mCipher =(EditTextPreference) findPreference("cipher"); + mCipher.setOnPreferenceChangeListener(this); loadSettings(); |