summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/build.gradle5
-rw-r--r--app/src/main/aidl/de/blinkt/openvpn/api/ExternalCertificateProvider.aidl39
-rw-r--r--app/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl2
-rw-r--r--app/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl1
-rw-r--r--app/src/main/java/de/blinkt/openvpn/LaunchVPN.java4
-rw-r--r--app/src/main/java/de/blinkt/openvpn/VpnProfile.java482
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java8
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java379
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/Connection.java33
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ExtAuthHelper.java259
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java2
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java4
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java22
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java103
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java75
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java181
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java239
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OrbotHelper.java202
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java13
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java2
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java6
-rwxr-xr-xapp/src/main/res/values-be/plurals-icsopenvpn.xml3
-rwxr-xr-xapp/src/main/res/values-be/strings-icsopenvpn.xml464
-rwxr-xr-xapp/src/main/res/values-ca/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-cs/strings-icsopenvpn.xml5
-rwxr-xr-xapp/src/main/res/values-da/strings-icsopenvpn.xml88
-rwxr-xr-xapp/src/main/res/values-de/strings-icsopenvpn.xml15
-rwxr-xr-xapp/src/main/res/values-es/strings-icsopenvpn.xml22
-rwxr-xr-xapp/src/main/res/values-et/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-fr/strings-icsopenvpn.xml16
-rwxr-xr-xapp/src/main/res/values-hu/strings-icsopenvpn.xml5
-rwxr-xr-xapp/src/main/res/values-in/strings-icsopenvpn.xml21
-rwxr-xr-xapp/src/main/res/values-it/strings-icsopenvpn.xml24
-rwxr-xr-xapp/src/main/res/values-ja/strings-icsopenvpn.xml19
-rwxr-xr-xapp/src/main/res/values-ko/strings-icsopenvpn.xml13
-rwxr-xr-xapp/src/main/res/values-nl/strings-icsopenvpn.xml5
-rwxr-xr-xapp/src/main/res/values-no/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-pl/plurals-icsopenvpn.xml8
-rwxr-xr-xapp/src/main/res/values-pl/strings-icsopenvpn.xml26
-rwxr-xr-xapp/src/main/res/values-pt/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-ro/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-ru/plurals-icsopenvpn.xml12
-rwxr-xr-xapp/src/main/res/values-ru/strings-icsopenvpn.xml26
-rwxr-xr-xapp/src/main/res/values-sl/strings-icsopenvpn.xml1
-rwxr-xr-xapp/src/main/res/values-sv/strings-icsopenvpn.xml7
-rwxr-xr-xapp/src/main/res/values-tr/strings-icsopenvpn.xml5
-rwxr-xr-xapp/src/main/res/values-uk/plurals-icsopenvpn.xml23
-rwxr-xr-xapp/src/main/res/values-uk/strings-icsopenvpn.xml5
-rwxr-xr-xapp/src/main/res/values-vi/strings-icsopenvpn.xml30
-rwxr-xr-xapp/src/main/res/values-zh-rCN/strings-icsopenvpn.xml32
-rwxr-xr-xapp/src/main/res/values-zh-rTW/plurals-icsopenvpn.xml15
-rwxr-xr-xapp/src/main/res/values-zh-rTW/strings-icsopenvpn.xml181
-rwxr-xr-xapp/src/main/res/values/strings-icsopenvpn.xml23
-rw-r--r--app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java67
-rw-r--r--app/src/test/java/de/blinkt/openvpn/core/TestConfigGenerator.java69
-rw-r--r--app/src/test/java/de/blinkt/openvpn/core/TestConfigParser.java223
-rw-r--r--app/src/test/java/de/blinkt/openvpn/core/TestIpParser.java2
m---------ics-openvpn0
58 files changed, 2804 insertions, 717 deletions
diff --git a/app/build.gradle b/app/build.gradle
index 16d517b4..03d602e4 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -9,6 +9,11 @@ android {
compileSdkVersion 27
buildToolsVersion '27.0.3'
+ compileOptions {
+ targetCompatibility 1.8
+ sourceCompatibility 1.8
+ }
+
defaultConfig {
applicationId "se.leap.bitmaskclient"
versionCode 134
diff --git a/app/src/main/aidl/de/blinkt/openvpn/api/ExternalCertificateProvider.aidl b/app/src/main/aidl/de/blinkt/openvpn/api/ExternalCertificateProvider.aidl
new file mode 100644
index 00000000..c6db965b
--- /dev/null
+++ b/app/src/main/aidl/de/blinkt/openvpn/api/ExternalCertificateProvider.aidl
@@ -0,0 +1,39 @@
+// ExternalCertificateProvider.aidl
+package de.blinkt.openvpn.api;
+
+
+/*
+ * This is very simple interface that is specialised to have only the minimal set of crypto
+ * operation that are needed for OpenVPN to authenticate with an external certificate
+ */
+interface ExternalCertificateProvider {
+ /**
+ * Requests signing the data with RSA/ECB/PKCS1PADDING
+ * for RSA certficate and with NONEwithECDSA for EC certificates
+ * @parm alias the parameter that
+ */
+ byte[] getSignedData(in String alias, in byte[] data);
+
+ /**
+ * Requests the certificate chain for the selected alias
+ * The first certifcate returned is assumed to be
+ * the user certificate
+ */
+ byte[] getCertificateChain(in String alias);
+
+ /**
+ * This function is called for the app to get additional meta information from the
+ * external provider and will be called with the stored alias in the app
+ *
+ * For external app provider that do not provide an activity to configure them, this
+ * is used to get the alias that should be used.
+ * The format is the same as the activity should return, i.e.
+ *
+ * EXTRA_ALIAS = "de.blinkt.openvpn.api.KEY_ALIAS"
+ * EXTRA_DESCRIPTION = "de.blinkt.openvpn.api.KEY_DESCRIPTION"
+ *
+ * as the keys for the bundle.
+ *
+ */
+ Bundle getCertificateMetaData(in String alias);
+}
diff --git a/app/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl b/app/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl
index 75d0c329..e907bfd6 100644
--- a/app/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl
+++ b/app/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl
@@ -18,7 +18,7 @@ interface IOpenVPNAPIService {
boolean addVPNProfile (String name, String config);
/** start a profile using a config as inline string. Make sure that all needed data is inlined,
- * e.g., using <ca>...</ca> or <auth-user-data>...</auth-user-data>
+ * e.g., using <ca>...</ca> or <auth-user-pass>...</auth-user-pass>
* See the OpenVPN manual page for more on inlining files */
void startVPN (in String inlineconfig);
diff --git a/app/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl b/app/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl
index b19cf99e..293c2b6d 100644
--- a/app/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl
+++ b/app/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl
@@ -22,4 +22,5 @@ interface IOpenVPNServiceInternal {
boolean stopVPN(boolean replaceConnection);
boolean isVpnRunning();
+
}
diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
index e83cffa0..5bf178ae 100644
--- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
@@ -7,6 +7,8 @@ package de.blinkt.openvpn;
import se.leap.bitmaskclient.R;
+import se.leap.bitmaskclient.R;
+
import android.annotation.TargetApi;
import android.app.Activity;
import android.app.AlertDialog;
@@ -231,4 +233,4 @@ public class LaunchVPN extends Activity {
VpnStatus.logException("SU command", e);
}
}
-}
+} \ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 4becdc32..bd28ae16 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -6,7 +6,6 @@
package de.blinkt.openvpn;
import se.leap.bitmaskclient.R;
-
import se.leap.bitmaskclient.BuildConfig;
import android.annotation.SuppressLint;
@@ -16,10 +15,12 @@ import android.content.SharedPreferences;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.os.Build;
+import android.os.RemoteException;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.support.annotation.NonNull;
+import android.support.annotation.Nullable;
import android.text.TextUtils;
import android.util.Base64;
@@ -62,14 +63,9 @@ public class VpnProfile implements Serializable, Cloneable {
public static final String EXTRA_PROFILEUUID = "de.blinkt.openvpn.profileUUID";
public static final String INLINE_TAG = "[[INLINE]]";
public static final String DISPLAYNAME_TAG = "[[NAME]]";
-
- private static final long serialVersionUID = 7085688938959334563L;
public static final int MAXLOGLEVEL = 4;
- public static final int CURRENT_PROFILE_VERSION = 6;
+ public static final int CURRENT_PROFILE_VERSION = 7;
public static final int DEFAULT_MSSFIX_SIZE = 1280;
- public static String DEFAULT_DNS1 = "8.8.8.8";
- public static String DEFAULT_DNS2 = "8.8.4.4";
-
public static final int TYPE_CERTIFICATES = 0;
public static final int TYPE_PKCS12 = 1;
public static final int TYPE_KEYSTORE = 2;
@@ -78,17 +74,20 @@ public class VpnProfile implements Serializable, Cloneable {
public static final int TYPE_USERPASS_CERTIFICATES = 5;
public static final int TYPE_USERPASS_PKCS12 = 6;
public static final int TYPE_USERPASS_KEYSTORE = 7;
+ public static final int TYPE_EXTERNAL_APP = 8;
public static final int X509_VERIFY_TLSREMOTE = 0;
public static final int X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING = 1;
public static final int X509_VERIFY_TLSREMOTE_DN = 2;
public static final int X509_VERIFY_TLSREMOTE_RDN = 3;
public static final int X509_VERIFY_TLSREMOTE_RDN_PREFIX = 4;
-
-
public static final int AUTH_RETRY_NONE_FORGET = 0;
- private static final int AUTH_RETRY_NONE_KEEP = 1;
public static final int AUTH_RETRY_NOINTERACT = 2;
+ public static final boolean mIsOpenVPN22 = false;
+ private static final long serialVersionUID = 7085688938959334563L;
+ private static final int AUTH_RETRY_NONE_KEEP = 1;
private static final int AUTH_RETRY_INTERACT = 3;
+ public static String DEFAULT_DNS1 = "8.8.8.8";
+ public static String DEFAULT_DNS2 = "8.8.4.4";
// variable named wrong and should haven beeen transient
// but needs to keep wrong name to guarante loading of old
// profiles
@@ -105,7 +104,6 @@ public class VpnProfile implements Serializable, Cloneable {
public String mPKCS12Filename;
public String mPKCS12Password;
public boolean mUseTLSAuth = false;
-
public String mDNS1 = DEFAULT_DNS1;
public String mDNS2 = DEFAULT_DNS2;
public String mIPv4Address;
@@ -127,7 +125,7 @@ public class VpnProfile implements Serializable, Cloneable {
public String mCustomConfigOptions = "";
public String mVerb = "1"; //ignored
public String mCipher = "";
- public boolean mNobind = false;
+ public boolean mNobind = true;
public boolean mUseDefaultRoutev6 = true;
public String mCustomRoutesv6 = "";
public String mKeyPassword = "";
@@ -139,13 +137,7 @@ public class VpnProfile implements Serializable, Cloneable {
public String mAuth = "";
public int mX509AuthType = X509_VERIFY_TLSREMOTE_RDN;
public String mx509UsernameField = null;
-
- private transient PrivateKey mPrivateKey;
- // Public attributes, since I got mad with getter/setter
- // set members to default values
- private UUID mUuid;
public boolean mAllowLocalLAN;
- private int mProfileVersion;
public String mExcludedRoutes;
public String mExcludedRoutesv6;
public int mMssFix = 0; // -1 is default,
@@ -153,26 +145,26 @@ public class VpnProfile implements Serializable, Cloneable {
public boolean mRemoteRandom = false;
public HashSet<String> mAllowedAppsVpn = new HashSet<>();
public boolean mAllowedAppsVpnAreDisallowed = true;
-
public String mCrlFilename;
public String mProfileCreator;
-
+ public String mExternalAuthenticator;
public int mAuthRetry = AUTH_RETRY_NONE_FORGET;
public int mTunMtu;
-
-
public boolean mPushPeerInfo = false;
- public static final boolean mIsOpenVPN22 = false;
-
public int mVersion = 0;
-
// timestamp when the profile was last used
public long mLastUsed;
-
+ public String importedProfileHash;
/* Options no longer used in new profiles */
public String mServerName = "openvpn.example.com";
public String mServerPort = "1194";
public boolean mUseUdp = true;
+ public boolean mTemporaryProfile = false;
+ private transient PrivateKey mPrivateKey;
+ // Public attributes, since I got mad with getter/setter
+ // set members to default values
+ private UUID mUuid;
+ private int mProfileVersion;
public VpnProfile(String name) {
@@ -200,6 +192,48 @@ public class VpnProfile implements Serializable, Cloneable {
return '"' + escapedString + '"';
}
+ public static boolean doUseOpenVPN3(Context c) {
+ SharedPreferences prefs = Preferences.getDefaultSharedPreferences(c);
+ boolean useOpenVPN3 = prefs.getBoolean("ovpn3", false);
+ if (!BuildConfig.openvpn3)
+ useOpenVPN3 = false;
+ return useOpenVPN3;
+ }
+
+ //! Put inline data inline and other data as normal escaped filename
+ public static String insertFileData(String cfgentry, String filedata) {
+ if (filedata == null) {
+ return String.format("%s %s\n", cfgentry, "file missing in config profile");
+ } else if (isEmbedded(filedata)) {
+ String dataWithOutHeader = getEmbeddedContent(filedata);
+ return String.format(Locale.ENGLISH, "<%s>\n%s\n</%s>\n", cfgentry, dataWithOutHeader, cfgentry);
+ } else {
+ return String.format(Locale.ENGLISH, "%s %s\n", cfgentry, openVpnEscape(filedata));
+ }
+ }
+
+ public static String getDisplayName(String embeddedFile) {
+ int start = DISPLAYNAME_TAG.length();
+ int end = embeddedFile.indexOf(INLINE_TAG);
+ return embeddedFile.substring(start, end);
+ }
+
+ public static String getEmbeddedContent(String data) {
+ if (!data.contains(INLINE_TAG))
+ return data;
+
+ int start = data.indexOf(INLINE_TAG) + INLINE_TAG.length();
+ return data.substring(start);
+ }
+
+ public static boolean isEmbedded(String data) {
+ if (data == null)
+ return false;
+ if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG))
+ return true;
+ else
+ return false;
+ }
@Override
public boolean equals(Object obj) {
@@ -223,6 +257,7 @@ public class VpnProfile implements Serializable, Cloneable {
mAllowLocalLAN = true;
mPushPeerInfo = false;
mMssFix = 0;
+ mNobind = false;
}
public UUID getUUID() {
@@ -230,6 +265,11 @@ public class VpnProfile implements Serializable, Cloneable {
}
+ // Only used for the special case of managed profiles
+ public void setUUID(UUID uuid) {
+ mUuid = uuid;
+ }
+
public String getName() {
if (TextUtils.isEmpty(mName))
return "No profile name";
@@ -248,6 +288,7 @@ public class VpnProfile implements Serializable, Cloneable {
}
if (mAllowedAppsVpn == null)
mAllowedAppsVpn = new HashSet<>();
+
if (mConnections == null)
mConnections = new Connection[0];
@@ -255,7 +296,11 @@ public class VpnProfile implements Serializable, Cloneable {
if (TextUtils.isEmpty(mProfileCreator))
mUserEditable = true;
}
-
+ if (mProfileVersion < 7) {
+ for (Connection c : mConnections)
+ if (c.mProxyType == null)
+ c.mProxyType = Connection.ProxyType.NONE;
+ }
mProfileVersion = CURRENT_PROFILE_VERSION;
@@ -274,68 +319,61 @@ public class VpnProfile implements Serializable, Cloneable {
}
-
- public static boolean doUseOpenVPN3(Context c) {
- SharedPreferences prefs = Preferences.getDefaultSharedPreferences(c);
- boolean useOpenVPN3 = prefs.getBoolean("ovpn3", false);
- if (!BuildConfig.openvpn3)
- useOpenVPN3 = false;
- return useOpenVPN3;
- }
-
public String getConfigFile(Context context, boolean configForOvpn3) {
File cacheDir = context.getCacheDir();
- String cfg = "";
+ StringBuilder cfg = new StringBuilder();
if (!configForOvpn3) {
// Enable management interface
- cfg += "# Config for OpenVPN 2.x\n";
- cfg += "# Enables connection to GUI\n";
- cfg += "management ";
+ cfg.append("# Config for OpenVPN 2.x\n");
+ cfg.append("# Enables connection to GUI\n");
+ cfg.append("management ");
- cfg += cacheDir.getAbsolutePath() + "/" + "mgmtsocket";
- cfg += " unix\n";
- cfg += "management-client\n";
+ cfg.append(cacheDir.getAbsolutePath()).append("/").append("mgmtsocket");
+ cfg.append(" unix\n");
+ cfg.append("management-client\n");
// Not needed, see updated man page in 2.3
//cfg += "management-signal\n";
- cfg += "management-query-passwords\n";
- cfg += "management-hold\n\n";
+ cfg.append("management-query-passwords\n");
+ cfg.append("management-hold\n\n");
- cfg += String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context)));
+ cfg.append(String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context))));
String versionString = getPlatformVersionEnvString();
- cfg += String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString));
+ cfg.append(String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString)));
} else {
- cfg += "# Config for OpeNVPN 3 C++\n";
+ cfg.append("# Config for OpenVPN 3 C++\n");
}
- cfg += "machine-readable-output\n";
- cfg += "allow-recursive-routing\n";
-
- // Users are confused by warnings that are misleading...
- cfg += "ifconfig-nowarn\n";
+ if (!configForOvpn3) {
+ cfg.append("machine-readable-output\n");
+ if (!mIsOpenVPN22)
+ cfg.append("allow-recursive-routing\n");
+ // Users are confused by warnings that are misleading...
+ cfg.append("ifconfig-nowarn\n");
+ }
boolean useTLSClient = (mAuthenticationType != TYPE_STATICKEYS);
if (useTLSClient && mUsePull)
- cfg += "client\n";
+ cfg.append("client\n");
else if (mUsePull)
- cfg += "pull\n";
+ cfg.append("pull\n");
else if (useTLSClient)
- cfg += "tls-client\n";
+ cfg.append("tls-client\n");
//cfg += "verb " + mVerb + "\n";
- cfg += "verb " + MAXLOGLEVEL + "\n";
+ cfg.append("verb " + MAXLOGLEVEL + "\n");
if (mConnectRetryMax == null) {
mConnectRetryMax = "-1";
}
if (!mConnectRetryMax.equals("-1"))
- cfg += "connect-retry-max " + mConnectRetryMax + "\n";
+ cfg.append("connect-retry-max ").append(mConnectRetryMax).append("\n");
if (TextUtils.isEmpty(mConnectRetry))
mConnectRetry = "2";
@@ -345,34 +383,34 @@ public class VpnProfile implements Serializable, Cloneable {
if (!mIsOpenVPN22)
- cfg += "connect-retry " + mConnectRetry + " " + mConnectRetryMaxTime + "\n";
- else if (mIsOpenVPN22 && mUseUdp)
- cfg += "connect-retry " + mConnectRetry + "\n";
+ cfg.append("connect-retry ").append(mConnectRetry).append(" ").append(mConnectRetryMaxTime).append("\n");
+ else if (mIsOpenVPN22 && !mUseUdp)
+ cfg.append("connect-retry ").append(mConnectRetry).append("\n");
- cfg += "resolv-retry 60\n";
+ cfg.append("resolv-retry 60\n");
// We cannot use anything else than tun
- cfg += "dev tun\n";
+ cfg.append("dev tun\n");
boolean canUsePlainRemotes = true;
if (mConnections.length == 1) {
- cfg += mConnections[0].getConnectionBlock();
+ cfg.append(mConnections[0].getConnectionBlock(configForOvpn3));
} else {
for (Connection conn : mConnections) {
canUsePlainRemotes = canUsePlainRemotes && conn.isOnlyRemote();
}
if (mRemoteRandom)
- cfg += "remote-random\n";
+ cfg.append("remote-random\n");
if (canUsePlainRemotes) {
for (Connection conn : mConnections) {
if (conn.mEnabled) {
- cfg += conn.getConnectionBlock();
+ cfg.append(conn.getConnectionBlock(configForOvpn3));
}
}
}
@@ -381,91 +419,101 @@ public class VpnProfile implements Serializable, Cloneable {
switch (mAuthenticationType) {
case VpnProfile.TYPE_USERPASS_CERTIFICATES:
- cfg += "auth-user-pass\n";
+ cfg.append("auth-user-pass\n");
case VpnProfile.TYPE_CERTIFICATES:
// Ca
- cfg += insertFileData("ca", mCaFilename);
+ cfg.append(insertFileData("ca", mCaFilename));
// Client Cert + Key
- cfg += insertFileData("key", mClientKeyFilename);
- cfg += insertFileData("cert", mClientCertFilename);
+ cfg.append(insertFileData("key", mClientKeyFilename));
+ cfg.append(insertFileData("cert", mClientCertFilename));
break;
case VpnProfile.TYPE_USERPASS_PKCS12:
- cfg += "auth-user-pass\n";
+ cfg.append("auth-user-pass\n");
case VpnProfile.TYPE_PKCS12:
- cfg += insertFileData("pkcs12", mPKCS12Filename);
+ cfg.append(insertFileData("pkcs12", mPKCS12Filename));
+
+ if (!TextUtils.isEmpty(mCaFilename))
+ {
+ cfg.append(insertFileData("ca", mCaFilename));
+ }
break;
case VpnProfile.TYPE_USERPASS_KEYSTORE:
- cfg += "auth-user-pass\n";
+ cfg.append("auth-user-pass\n");
case VpnProfile.TYPE_KEYSTORE:
+ case VpnProfile.TYPE_EXTERNAL_APP:
if (!configForOvpn3) {
- String[] ks = getKeyStoreCertificates(context);
- cfg += "### From Keystore ####\n";
+ String[] ks = getExternalCertificates(context);
+ cfg.append("### From Keystore/ext auth app ####\n");
if (ks != null) {
- cfg += "<ca>\n" + ks[0] + "\n</ca>\n";
- if (ks[1] != null)
- cfg += "<extra-certs>\n" + ks[1] + "\n</extra-certs>\n";
- cfg += "<cert>\n" + ks[2] + "\n</cert>\n";
- cfg += "management-external-key\n";
+ cfg.append("<ca>\n").append(ks[0]).append("\n</ca>\n");
+ if (!TextUtils.isEmpty(ks[1]))
+ cfg.append("<extra-certs>\n").append(ks[1]).append("\n</extra-certs>\n");
+ cfg.append("<cert>\n").append(ks[2]).append("\n</cert>\n");
+ cfg.append("management-external-key nopadding\n");
} else {
- cfg += context.getString(R.string.keychain_access) + "\n";
+ cfg.append(context.getString(R.string.keychain_access)).append("\n");
if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN)
if (!mAlias.matches("^[a-zA-Z0-9]$"))
- cfg += context.getString(R.string.jelly_keystore_alphanumeric_bug) + "\n";
+ cfg.append(context.getString(R.string.jelly_keystore_alphanumeric_bug)).append("\n");
}
}
break;
case VpnProfile.TYPE_USERPASS:
- cfg += "auth-user-pass\n";
- cfg += insertFileData("ca", mCaFilename);
+ cfg.append("auth-user-pass\n");
+ cfg.append(insertFileData("ca", mCaFilename));
+ if (configForOvpn3) {
+ // OpenVPN 3 needs to be told that a client certificate is not required
+ cfg.append("client-cert-not-required\n");
+ }
}
if (isUserPWAuth()) {
- if (mAuthenticationType == AUTH_RETRY_NOINTERACT)
- cfg += "auth-retry nointeract";
+ if (mAuthRetry == AUTH_RETRY_NOINTERACT)
+ cfg.append("auth-retry nointeract\n");
}
if (!TextUtils.isEmpty(mCrlFilename))
- cfg += insertFileData("crl-verify", mCrlFilename);
+ cfg.append(insertFileData("crl-verify", mCrlFilename));
if (mUseLzo) {
- cfg += "comp-lzo\n";
+ cfg.append("comp-lzo\n");
}
if (mUseTLSAuth) {
boolean useTlsCrypt = mTLSAuthDirection.equals("tls-crypt");
if (mAuthenticationType == TYPE_STATICKEYS)
- cfg += insertFileData("secret", mTLSAuthFilename);
+ cfg.append(insertFileData("secret", mTLSAuthFilename));
else if (useTlsCrypt)
- cfg += insertFileData("tls-crypt", mTLSAuthFilename);
+ cfg.append(insertFileData("tls-crypt", mTLSAuthFilename));
else
- cfg += insertFileData("tls-auth", mTLSAuthFilename);
+ cfg.append(insertFileData("tls-auth", mTLSAuthFilename));
if (!TextUtils.isEmpty(mTLSAuthDirection) && !useTlsCrypt) {
- cfg += "key-direction ";
- cfg += mTLSAuthDirection;
- cfg += "\n";
+ cfg.append("key-direction ");
+ cfg.append(mTLSAuthDirection);
+ cfg.append("\n");
}
}
if (!mUsePull) {
if (!TextUtils.isEmpty(mIPv4Address))
- cfg += "ifconfig " + cidrToIPAndNetmask(mIPv4Address) + "\n";
+ cfg.append("ifconfig ").append(cidrToIPAndNetmask(mIPv4Address)).append("\n");
if (!TextUtils.isEmpty(mIPv6Address)) {
// Use our own ip as gateway since we ignore it anyway
String fakegw = mIPv6Address.split("/", 2)[0];
- cfg += "ifconfig-ipv6 " + mIPv6Address + " " + fakegw + "\n";
+ cfg.append("ifconfig-ipv6 ").append(mIPv6Address).append(" ").append(fakegw).append("\n");
}
}
if (mUsePull && mRoutenopull)
- cfg += "route-nopull\n";
+ cfg.append("route-nopull\n");
String routes = "";
@@ -483,128 +531,129 @@ public class VpnProfile implements Serializable, Cloneable {
if (mUseDefaultRoutev6)
- cfg += "route-ipv6 ::/0\n";
+ cfg.append("route-ipv6 ::/0\n");
else
for (String route : getCustomRoutesv6(mCustomRoutesv6)) {
routes += "route-ipv6 " + route + "\n";
}
- cfg += routes;
+ cfg.append(routes);
if (mOverrideDNS || !mUsePull) {
if (!TextUtils.isEmpty(mDNS1)) {
- cfg += "dhcp-option DNS " + mDNS1 + "\n";
+ cfg.append("dhcp-option DNS ").append(mDNS1).append("\n");
}
if (!TextUtils.isEmpty(mDNS2)) {
- cfg += "dhcp-option DNS " + mDNS2 + "\n";
+ cfg.append("dhcp-option DNS ").append(mDNS2).append("\n");
}
if (!TextUtils.isEmpty(mSearchDomain))
- cfg += "dhcp-option DOMAIN " + mSearchDomain + "\n";
+ cfg.append("dhcp-option DOMAIN ").append(mSearchDomain).append("\n");
}
if (mMssFix != 0) {
if (mMssFix != 1450) {
- cfg += String.format(Locale.US, "mssfix %d\n", mMssFix);
+ cfg.append(String.format(Locale.US, "mssfix %d\n", mMssFix));
} else
- cfg += "mssfix\n";
+ cfg.append("mssfix\n");
}
if (mTunMtu >= 48 && mTunMtu != 1500) {
- cfg += String.format(Locale.US, "tun-mtu %d\n", mTunMtu);
+ cfg.append(String.format(Locale.US, "tun-mtu %d\n", mTunMtu));
}
if (mNobind)
- cfg += "nobind\n";
+ cfg.append("nobind\n");
// Authentication
if (mAuthenticationType != TYPE_STATICKEYS) {
if (mCheckRemoteCN) {
if (mRemoteCN == null || mRemoteCN.equals(""))
- cfg += "verify-x509-name " + openVpnEscape(mConnections[0].mServerName) + " name\n";
+ cfg.append("verify-x509-name ").append(openVpnEscape(mConnections[0].mServerName)).append(" name\n");
else
switch (mX509AuthType) {
// 2.2 style x509 checks
case X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING:
- cfg += "compat-names no-remapping\n";
+ cfg.append("compat-names no-remapping\n");
case X509_VERIFY_TLSREMOTE:
- cfg += "tls-remote " + openVpnEscape(mRemoteCN) + "\n";
+ cfg.append("tls-remote ").append(openVpnEscape(mRemoteCN)).append("\n");
break;
case X509_VERIFY_TLSREMOTE_RDN:
- cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name\n";
+ cfg.append("verify-x509-name ").append(openVpnEscape(mRemoteCN)).append(" name\n");
break;
case X509_VERIFY_TLSREMOTE_RDN_PREFIX:
- cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name-prefix\n";
+ cfg.append("verify-x509-name ").append(openVpnEscape(mRemoteCN)).append(" name-prefix\n");
break;
case X509_VERIFY_TLSREMOTE_DN:
- cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + "\n";
+ cfg.append("verify-x509-name ").append(openVpnEscape(mRemoteCN)).append("\n");
break;
}
if (!TextUtils.isEmpty(mx509UsernameField))
- cfg += "x509-username-field " + openVpnEscape(mx509UsernameField) + "\n";
+ cfg.append("x509-username-field ").append(openVpnEscape(mx509UsernameField)).append("\n");
}
if (mExpectTLSCert)
- cfg += "remote-cert-tls server\n";
+ cfg.append("remote-cert-tls server\n");
}
if (!TextUtils.isEmpty(mCipher)) {
- cfg += "cipher " + mCipher + "\n";
+ cfg.append("cipher ").append(mCipher).append("\n");
}
if (!TextUtils.isEmpty(mAuth)) {
- cfg += "auth " + mAuth + "\n";
+ cfg.append("auth ").append(mAuth).append("\n");
}
// Obscure Settings dialog
if (mUseRandomHostname)
- cfg += "#my favorite options :)\nremote-random-hostname\n";
+ cfg.append("#my favorite options :)\nremote-random-hostname\n");
if (mUseFloat)
- cfg += "float\n";
+ cfg.append("float\n");
if (mPersistTun) {
- cfg += "persist-tun\n";
- cfg += "# persist-tun also enables pre resolving to avoid DNS resolve problem\n";
- cfg += "preresolve\n";
+ cfg.append("persist-tun\n");
+ cfg.append("# persist-tun also enables pre resolving to avoid DNS resolve problem\n");
+ if (!mIsOpenVPN22)
+ cfg.append("preresolve\n");
}
if (mPushPeerInfo)
- cfg += "push-peer-info\n";
+ cfg.append("push-peer-info\n");
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
boolean usesystemproxy = prefs.getBoolean("usesystemproxy", true);
- if (usesystemproxy && !mIsOpenVPN22 && !configForOvpn3) {
- cfg += "# Use system proxy setting\n";
- cfg += "management-query-proxy\n";
+ if (usesystemproxy && !mIsOpenVPN22 && !configForOvpn3 && !usesExtraProxyOptions()) {
+ cfg.append("# Use system proxy setting\n");
+ cfg.append("management-query-proxy\n");
}
if (mUseCustomConfig) {
- cfg += "# Custom configuration options\n";
- cfg += "# You are on your on own here :)\n";
- cfg += mCustomConfigOptions;
- cfg += "\n";
+ cfg.append("# Custom configuration options\n");
+ cfg.append("# You are on your on own here :)\n");
+ cfg.append(mCustomConfigOptions);
+ cfg.append("\n");
}
if (!canUsePlainRemotes) {
- cfg += "# Connection Options are at the end to allow global options (and global custom options) to influence connection blocks\n";
+ cfg.append("# Connection Options are at the end to allow global options (and global custom options) to influence connection blocks\n");
for (Connection conn : mConnections) {
if (conn.mEnabled) {
- cfg += "<connection>\n";
- cfg += conn.getConnectionBlock();
- cfg += "</connection>\n";
+ cfg.append("<connection>\n");
+ cfg.append(conn.getConnectionBlock(configForOvpn3));
+ cfg.append("</connection>\n");
}
}
}
- return cfg;
+ return cfg.toString();
}
public String getPlatformVersionEnvString() {
@@ -624,18 +673,6 @@ public class VpnProfile implements Serializable, Cloneable {
}
- //! Put inline data inline and other data as normal escaped filename
- public static String insertFileData(String cfgentry, String filedata) {
- if (filedata == null) {
- return String.format("%s %s\n", cfgentry, "file missing in config profile");
- } else if (isEmbedded(filedata)) {
- String dataWithOutHeader = getEmbeddedContent(filedata);
- return String.format(Locale.ENGLISH, "<%s>\n%s\n</%s>\n", cfgentry, dataWithOutHeader, cfgentry);
- } else {
- return String.format(Locale.ENGLISH, "%s %s\n", cfgentry, openVpnEscape(filedata));
- }
- }
-
@NonNull
private Collection<String> getCustomRoutes(String routes) {
Vector<String> cidrRoutes = new Vector<>();
@@ -697,7 +734,6 @@ public class VpnProfile implements Serializable, Cloneable {
return parts[0] + " " + netmask;
}
-
public Intent prepareStartService(Context context) {
Intent intent = getStartServiceIntent(context);
@@ -727,33 +763,6 @@ public class VpnProfile implements Serializable, Cloneable {
return intent;
}
- public String[] getKeyStoreCertificates(Context context) {
- return getKeyStoreCertificates(context, 5);
- }
-
- public static String getDisplayName(String embeddedFile) {
- int start = DISPLAYNAME_TAG.length();
- int end = embeddedFile.indexOf(INLINE_TAG);
- return embeddedFile.substring(start, end);
- }
-
- public static String getEmbeddedContent(String data) {
- if (!data.contains(INLINE_TAG))
- return data;
-
- int start = data.indexOf(INLINE_TAG) + INLINE_TAG.length();
- return data.substring(start);
- }
-
- public static boolean isEmbedded(String data) {
- if (data == null)
- return false;
- if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG))
- return true;
- else
- return false;
- }
-
public void checkForRestart(final Context context) {
/* This method is called when OpenVPNService is restarted */
@@ -762,7 +771,7 @@ public class VpnProfile implements Serializable, Cloneable {
new Thread(new Runnable() {
@Override
public void run() {
- getKeyStoreCertificates(context);
+ getExternalCertificates(context);
}
}).start();
@@ -798,26 +807,40 @@ public class VpnProfile implements Serializable, Cloneable {
}
+ private X509Certificate[] getKeyStoreCertificates(Context context) throws KeyChainException, InterruptedException {
+ PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias);
+ mPrivateKey = privateKey;
- class NoCertReturnedException extends Exception {
- public NoCertReturnedException(String msg) {
- super(msg);
- }
+
+ X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias);
+ return caChain;
+ }
+
+ private X509Certificate[] getExtAppCertificates(Context context) throws KeyChainException {
+ if (mExternalAuthenticator == null || mAlias == null)
+ throw new KeyChainException("Alias or external auth provider name not set");
+ return ExtAuthHelper.getCertificateChain(context, mExternalAuthenticator, mAlias);
+ }
+
+ public String[] getExternalCertificates(Context context) {
+ return getExternalCertificates(context, 5);
}
- synchronized String[] getKeyStoreCertificates(Context context, int tries) {
+
+ synchronized String[] getExternalCertificates(Context context, int tries) {
// Force application context- KeyChain methods will block long enough that by the time they
// are finished and try to unbind, the original activity context might have been destroyed.
context = context.getApplicationContext();
try {
- PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias);
- mPrivateKey = privateKey;
-
String keystoreChain = null;
-
- X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias);
+ X509Certificate caChain[];
+ if (mAuthenticationType == TYPE_EXTERNAL_APP) {
+ caChain = getExtAppCertificates(context);
+ } else {
+ caChain = getKeyStoreCertificates(context);
+ }
if (caChain == null)
throw new NoCertReturnedException("No certificate returned from Keystore");
@@ -900,14 +923,18 @@ public class VpnProfile implements Serializable, Cloneable {
} catch (InterruptedException e1) {
VpnStatus.logException(e1);
}
- return getKeyStoreCertificates(context, tries - 1);
+ return getExternalCertificates(context, tries - 1);
}
}
+ public int checkProfile(Context c) {
+ return checkProfile(c, doUseOpenVPN3(c));
+ }
+
//! Return an error if something is wrong
- public int checkProfile(Context context) {
- if (mAuthenticationType == TYPE_KEYSTORE || mAuthenticationType == TYPE_USERPASS_KEYSTORE) {
+ public int checkProfile(Context context, boolean useOpenVPN3) {
+ if (mAuthenticationType == TYPE_KEYSTORE || mAuthenticationType == TYPE_USERPASS_KEYSTORE || mAuthenticationType == TYPE_EXTERNAL_APP) {
if (mAlias == null)
return R.string.no_keystore_cert_selected;
} else if (mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES) {
@@ -944,21 +971,35 @@ public class VpnProfile implements Serializable, Cloneable {
boolean noRemoteEnabled = true;
- for (Connection c : mConnections)
+ for (Connection c : mConnections) {
if (c.mEnabled)
noRemoteEnabled = false;
+ }
if (noRemoteEnabled)
return R.string.remote_no_server_selected;
- if (doUseOpenVPN3(context)) {
+ if (useOpenVPN3) {
if (mAuthenticationType == TYPE_STATICKEYS) {
return R.string.openvpn3_nostatickeys;
}
if (mAuthenticationType == TYPE_PKCS12 || mAuthenticationType == TYPE_USERPASS_PKCS12) {
return R.string.openvpn3_pkcs12;
}
+ for (Connection conn : mConnections) {
+ if (conn.mProxyType == Connection.ProxyType.ORBOT || conn.mProxyType == Connection.ProxyType.SOCKS5)
+ return R.string.openvpn3_socksproxy;
+ }
}
+ for (Connection c : mConnections) {
+ if (c.mProxyType == Connection.ProxyType.ORBOT) {
+ if (usesExtraProxyOptions())
+ return R.string.error_orbot_and_proxy_options;
+ if (!OrbotHelper.checkTorReceier(context))
+ return R.string.no_orbotfound;
+ }
+ }
+
// Everything okay
return R.string.no_error_found;
@@ -1073,18 +1114,42 @@ public class VpnProfile implements Serializable, Cloneable {
}
public String getUUIDString() {
- return mUuid.toString();
+ return mUuid.toString().toLowerCase(Locale.ENGLISH);
}
public PrivateKey getKeystoreKey() {
return mPrivateKey;
}
- public String getSignedData(String b64data) {
- PrivateKey privkey = getKeystoreKey();
-
+ @Nullable
+ public String getSignedData(Context c, String b64data, boolean pkcs1padding) {
byte[] data = Base64.decode(b64data, Base64.DEFAULT);
+ byte[] signed_bytes;
+ if (mAuthenticationType == TYPE_EXTERNAL_APP)
+ signed_bytes = getExtAppSignedData(c, data);
+ else
+ signed_bytes = getKeyChainSignedData(data, pkcs1padding);
+ if (signed_bytes != null)
+ return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
+ else
+ return null;
+ }
+
+ private byte[] getExtAppSignedData(Context c, byte[] data) {
+ if (TextUtils.isEmpty(mExternalAuthenticator))
+ return null;
+ try {
+ return ExtAuthHelper.signData(c, mExternalAuthenticator, mAlias, data);
+ } catch (KeyChainException | InterruptedException e) {
+ VpnStatus.logError(R.string.error_extapp_sign, mExternalAuthenticator, e.getClass().toString(), e.getLocalizedMessage());
+ return null;
+ }
+ }
+
+ private byte[] getKeyChainSignedData(byte[] data, boolean pkcs1padding) {
+
+ PrivateKey privkey = getKeystoreKey();
// The Jelly Bean *evil* Hack
// 4.2 implements the RSA/ECB/PKCS1PADDING in the OpenSSLprovider
if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
@@ -1109,15 +1174,17 @@ public class VpnProfile implements Serializable, Cloneable {
the public/private part in the TLS exchange
*/
Cipher signer;
- signer = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+ if (pkcs1padding)
+ signer = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+ else
+ signer = Cipher.getInstance("RSA/ECB/NoPadding");
signer.init(Cipher.ENCRYPT_MODE, privkey);
signed_bytes = signer.doFinal(data);
}
- return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
-
+ return signed_bytes;
} catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException
| BadPaddingException | NoSuchPaddingException | SignatureException e) {
VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
@@ -1125,7 +1192,7 @@ public class VpnProfile implements Serializable, Cloneable {
}
}
- private String processSignJellyBeans(PrivateKey privkey, byte[] data) {
+ private byte[] processSignJellyBeans(PrivateKey privkey, byte[] data) {
try {
Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey");
getKey.setAccessible(true);
@@ -1143,8 +1210,7 @@ public class VpnProfile implements Serializable, Cloneable {
getPkeyContext.setAccessible(false);
// 112 with TLS 1.2 (172 back with 4.3), 36 with TLS 1.0
- byte[] signed_bytes = NativeUtils.rsasign(data, pkey);
- return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
+ return NativeUtils.rsasign(data, pkey);
} catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) {
VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
@@ -1152,6 +1218,22 @@ public class VpnProfile implements Serializable, Cloneable {
}
}
+ private boolean usesExtraProxyOptions() {
+ if (mUseCustomConfig && mCustomConfigOptions != null && mCustomConfigOptions.contains("http-proxy-option "))
+ return true;
+ for (Connection c : mConnections)
+ if (c.usesExtraProxyOptions())
+ return true;
+
+ return false;
+ }
+
+ class NoCertReturnedException extends Exception {
+ public NoCertReturnedException(String msg) {
+ super(msg);
+ }
+ }
+
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
index 799c68c9..ca3d1161 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
@@ -14,6 +14,11 @@ class CIDRIP {
public CIDRIP(String ip, String mask) {
mIp = ip;
+ len = calculateLenFromMask(mask);
+
+ }
+
+ public static int calculateLenFromMask(String mask) {
long netmask = getInt(mask);
// Add 33. bit to ensure the loop terminates
@@ -24,6 +29,7 @@ class CIDRIP {
lenZeros++;
netmask = netmask >> 1;
}
+ int len;
// Check if rest of netmask is only 1s
if (netmask != (0x1ffffffffl >> lenZeros)) {
// Asume no CIDR, set /32
@@ -31,7 +37,7 @@ class CIDRIP {
} else {
len = 32 - lenZeros;
}
-
+ return len;
}
public CIDRIP(String address, int prefix_length) {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
index 9889754d..0148bfb7 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
@@ -5,17 +5,15 @@
package de.blinkt.openvpn.core;
-import android.text.TextUtils;
+import android.os.Build;
import android.support.v4.util.Pair;
+import android.text.TextUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Vector;
+import java.util.*;
import de.blinkt.openvpn.VpnProfile;
@@ -29,10 +27,127 @@ public class ConfigParser {
public static final String CONVERTED_PROFILE = "converted Profile";
- private HashMap<String, Vector<Vector<String>>> options = new HashMap<String, Vector<Vector<String>>>();
+ final String[] unsupportedOptions = {"config",
+ "tls-server"
+
+ };
+ // Ignore all scripts
+ // in most cases these won't work and user who wish to execute scripts will
+ // figure out themselves
+ private final String[] ignoreOptions = {"tls-client",
+ "allow-recursive-routing",
+ "askpass",
+ "auth-nocache",
+ "up",
+ "down",
+ "route-up",
+ "ipchange",
+ "route-pre-down",
+ "auth-user-pass-verify",
+ "block-outside-dns",
+ "client-cert-not-required",
+ "dhcp-release",
+ "dhcp-renew",
+ "dh",
+ "group",
+ "ip-win32",
+ "ifconfig-nowarn",
+ "management-hold",
+ "management",
+ "management-client",
+ "management-query-remote",
+ "management-query-passwords",
+ "management-query-proxy",
+ "management-external-key",
+ "management-forget-disconnect",
+ "management-signal",
+ "management-log-cache",
+ "management-up-down",
+ "management-client-user",
+ "management-client-group",
+ "pause-exit",
+ "preresolve",
+ "plugin",
+ "machine-readable-output",
+ "persist-key",
+ "push",
+ "register-dns",
+ "route-delay",
+ "route-gateway",
+ "route-metric",
+ "route-method",
+ "status",
+ "script-security",
+ "show-net-up",
+ "suppress-timestamps",
+ "tap-sleep",
+ "tmp-dir",
+ "tun-ipv6",
+ "topology",
+ "user",
+ "win-sys",
+ };
+ private final String[][] ignoreOptionsWithArg =
+ {
+ {"setenv", "IV_GUI_VER"},
+ {"setenv", "IV_PLAT_VER"},
+ {"setenv", "IV_OPENVPN_GUI_VERSION"},
+ {"engine", "dynamic"},
+ {"setenv", "CLIENT_CERT"},
+ {"resolv-retry", "60"}
+ };
+ private final String[] connectionOptions = {
+ "local",
+ "remote",
+ "float",
+ "port",
+ "connect-retry",
+ "connect-timeout",
+ "connect-retry-max",
+ "link-mtu",
+ "tun-mtu",
+ "tun-mtu-extra",
+ "fragment",
+ "mtu-disc",
+ "local-port",
+ "remote-port",
+ "bind",
+ "nobind",
+ "proto",
+ "http-proxy",
+ "http-proxy-retry",
+ "http-proxy-timeout",
+ "http-proxy-option",
+ "socks-proxy",
+ "socks-proxy-retry",
+ "http-proxy-user-pass",
+ "explicit-exit-notify",
+ };
+ private HashSet<String> connectionOptionsSet = new HashSet<>(Arrays.asList(connectionOptions));
+
+ private HashMap<String, Vector<Vector<String>>> options = new HashMap<>();
private HashMap<String, Vector<String>> meta = new HashMap<String, Vector<String>>();
private String auth_user_pass_file;
+ static public void useEmbbedUserAuth(VpnProfile np, String inlinedata) {
+ String data = VpnProfile.getEmbeddedContent(inlinedata);
+ String[] parts = data.split("\n");
+ if (parts.length >= 2) {
+ np.mUsername = parts[0];
+ np.mPassword = parts[1];
+ }
+ }
+
+ static public void useEmbbedHttpAuth(Connection c, String inlinedata) {
+ String data = VpnProfile.getEmbeddedContent(inlinedata);
+ String[] parts = data.split("\n");
+ if (parts.length >= 2) {
+ c.mProxyAuthUser = parts[0];
+ c.mProxyAuthPassword = parts[1];
+ c.mUseProxyAuth = true;
+ }
+ }
+
public void parseConfig(Reader reader) throws IOException, ConfigParseError {
HashMap<String, String> optionAliases = new HashMap<>();
@@ -76,7 +191,7 @@ public class ConfigParser {
checkinlinefile(args, br);
String optionname = args.get(0);
- if (optionAliases.get(optionname)!=null)
+ if (optionAliases.get(optionname) != null)
optionname = optionAliases.get(optionname);
if (!options.containsKey(optionname)) {
@@ -119,8 +234,8 @@ public class ConfigParser {
}
} while (true);
- if(inlinefile.endsWith("\n"))
- inlinefile = inlinefile.substring(0, inlinefile.length()-1);
+ if (inlinefile.endsWith("\n"))
+ inlinefile = inlinefile.substring(0, inlinefile.length() - 1);
args.clear();
args.add(argname);
@@ -133,11 +248,6 @@ public class ConfigParser {
return auth_user_pass_file;
}
- enum linestate {
- initial,
- readin_single_quote, reading_quoted, reading_unquoted, done
- }
-
private boolean space(char c) {
// I really hope nobody is using zero bytes inside his/her config file
// to sperate parameter but here we go:
@@ -145,15 +255,6 @@ public class ConfigParser {
}
- public static class ConfigParseError extends Exception {
- private static final long serialVersionUID = -60L;
-
- public ConfigParseError(String msg) {
- super(msg);
- }
- }
-
-
// adapted openvpn's parse function to java
private Vector<String> parseline(String line) throws ConfigParseError {
Vector<String> parameters = new Vector<String>();
@@ -226,7 +327,7 @@ public class ConfigParser {
backslash = false;
}
- /* store parameter character */
+ /* store parameter character */
if (out != 0) {
currentarg += out;
}
@@ -235,105 +336,6 @@ public class ConfigParser {
return parameters;
}
-
- final String[] unsupportedOptions = {"config",
- "tls-server"
-
- };
-
- // Ignore all scripts
- // in most cases these won't work and user who wish to execute scripts will
- // figure out themselves
- final String[] ignoreOptions = {"tls-client",
- "askpass",
- "auth-nocache",
- "up",
- "down",
- "route-up",
- "ipchange",
- "route-up",
- "route-pre-down",
- "auth-user-pass-verify",
- "block-outside-dns",
- "dhcp-release",
- "dhcp-renew",
- "dh",
- "group",
- "allow-recursive-routing",
- "ip-win32",
- "ifconfig-nowarn",
- "management-hold",
- "management",
- "management-client",
- "management-query-remote",
- "management-query-passwords",
- "management-query-proxy",
- "management-external-key",
- "management-forget-disconnect",
- "management-signal",
- "management-log-cache",
- "management-up-down",
- "management-client-user",
- "management-client-group",
- "pause-exit",
- "preresolve",
- "plugin",
- "machine-readable-output",
- "persist-key",
- "push",
- "register-dns",
- "route-delay",
- "route-gateway",
- "route-metric",
- "route-method",
- "status",
- "script-security",
- "show-net-up",
- "suppress-timestamps",
- "tmp-dir",
- "tun-ipv6",
- "topology",
- "user",
- "win-sys",
- };
-
- final String[][] ignoreOptionsWithArg =
- {
- {"setenv", "IV_GUI_VER"},
- {"setenv", "IV_OPENVPN_GUI_VERSION"},
- {"engine", "dynamic"},
- {"setenv", "CLIENT_CERT"},
- {"resolve-retry","60"}
- };
-
- final String[] connectionOptions = {
- "local",
- "remote",
- "float",
- "port",
- "connect-retry",
- "connect-timeout",
- "connect-retry-max",
- "link-mtu",
- "tun-mtu",
- "tun-mtu-extra",
- "fragment",
- "mtu-disc",
- "local-port",
- "remote-port",
- "bind",
- "nobind",
- "proto",
- "http-proxy",
- "http-proxy-retry",
- "http-proxy-timeout",
- "http-proxy-option",
- "socks-proxy",
- "socks-proxy-retry",
- "explicit-exit-notify",
- };
-
-
// This method is far too long
@SuppressWarnings("ConstantConditions")
public VpnProfile convertProfile() throws ConfigParseError, IOException {
@@ -403,8 +405,8 @@ public class ConfigParser {
}
Vector<String> routeNoPull = getOption("route-nopull", 0, 0);
- if (routeNoPull!=null)
- np.mRoutenopull=true;
+ if (routeNoPull != null)
+ np.mRoutenopull = true;
// Also recognize tls-auth [inline] direction ...
Vector<Vector<String>> tlsauthoptions = getAllOption("tls-auth", 1, 2);
@@ -426,7 +428,7 @@ public class ConfigParser {
np.mTLSAuthDirection = direction.get(1);
Vector<String> tlscrypt = getOption("tls-crypt", 1, 1);
- if (tlscrypt!=null) {
+ if (tlscrypt != null) {
np.mUseTLSAuth = true;
np.mTLSAuthFilename = tlscrypt.get(1);
np.mTLSAuthDirection = "tls-crypt";
@@ -467,7 +469,7 @@ public class ConfigParser {
}
- Vector<String> tunmtu = getOption("mtu", 1, 1);
+ Vector<String> tunmtu = getOption("tun-mtu", 1, 1);
if (tunmtu != null) {
try {
@@ -478,7 +480,6 @@ public class ConfigParser {
}
-
Vector<String> mode = getOption("mode", 1, 1);
if (mode != null) {
if (!mode.get(1).equals("p2p"))
@@ -592,9 +593,9 @@ public class ConfigParser {
}
- Vector<String> x509usernamefield = getOption("x509-username-field", 1,1);
- if (x509usernamefield!=null) {
- np.mx509UsernameField = x509usernamefield.get(1);
+ Vector<String> x509usernamefield = getOption("x509-username-field", 1, 1);
+ if (x509usernamefield != null) {
+ np.mx509UsernameField = x509usernamefield.get(1);
}
@@ -666,7 +667,7 @@ public class ConfigParser {
if (crlfile != null) {
// If the 'dir' parameter is present just add it as custom option ..
if (crlfile.size() == 3 && crlfile.get(2).equals("dir"))
- np.mCustomConfigOptions += TextUtils.join(" ", crlfile) + "\n";
+ np.mCustomConfigOptions += join(" ", crlfile) + "\n";
else
// Save the filename for the config converter to add later
np.mCrlFilename = crlfile.get(1);
@@ -732,6 +733,13 @@ public class ConfigParser {
return np;
}
+ private String join(String s, Vector<String> str) {
+ if (Build.VERSION.SDK_INT > 26)
+ return String.join(s, str);
+ else
+ return TextUtils.join(s, str);
+ }
+
private Pair<Connection, Connection[]> parseConnection(String connection, Connection defaultValues) throws IOException, ConfigParseError {
// Parse a connection Block as a new configuration file
@@ -783,20 +791,48 @@ public class ConfigParser {
}
}
- // Parse remote config
- Vector<Vector<String>> remotes = getAllOption("remote", 1, 3);
+ Vector<String> proxy = getOption("socks-proxy", 1, 2);
+ if (proxy == null)
+ proxy = getOption("http-proxy", 2, 2);
+
+ if (proxy != null) {
+ if (proxy.get(0).equals("socks-proxy")) {
+ conn.mProxyType = Connection.ProxyType.SOCKS5;
+ // socks defaults to 1080, http always sets port
+ conn.mProxyPort = "1080";
+ } else {
+ conn.mProxyType = Connection.ProxyType.HTTP;
+ }
+
+ conn.mProxyName = proxy.get(1);
+ if (proxy.size() >= 3)
+ conn.mProxyPort = proxy.get(2);
+ }
+ Vector<String> httpproxyauthhttp = getOption("http-proxy-user-pass", 1, 1);
+ if (httpproxyauthhttp != null)
+ useEmbbedHttpAuth(conn, httpproxyauthhttp.get(1));
- // Assume that we need custom options if connectionDefault are set
- if (connDefault != null) {
- for (Vector<Vector<String>> option : options.values()) {
- conn.mCustomConfiguration += getOptionStrings(option);
+ // Parse remote config
+ Vector<Vector<String>> remotes = getAllOption("remote", 1, 3);
+
+
+ Vector <String> optionsToRemove = new Vector<>();
+ // Assume that we need custom options if connectionDefault are set or in the connection specific set
+ for (Map.Entry<String, Vector<Vector<String>>> option : options.entrySet()) {
+ if (connDefault != null || connectionOptionsSet.contains(option.getKey())) {
+ conn.mCustomConfiguration += getOptionStrings(option.getValue());
+ optionsToRemove.add(option.getKey());
}
- if (!TextUtils.isEmpty(conn.mCustomConfiguration))
- conn.mUseCustomConfig = true;
}
+ for (String o: optionsToRemove)
+ options.remove(o);
+
+ if (!(conn.mCustomConfiguration == null || "".equals(conn.mCustomConfiguration.trim())))
+ conn.mUseCustomConfig = true;
+
// Make remotes empty to simplify code
if (remotes == null)
remotes = new Vector<Vector<String>>();
@@ -821,6 +857,7 @@ public class ConfigParser {
}
i++;
}
+
return Pair.create(conn, connections);
}
@@ -830,19 +867,19 @@ public class ConfigParser {
boolean noIpv4 = false;
if (defaultRoute)
- for (Vector<String> redirect : defgw)
- for (int i = 1; i < redirect.size(); i++) {
- if (redirect.get(i).equals("block-local"))
- np.mAllowLocalLAN = false;
- else if (redirect.get(i).equals("unblock-local"))
- np.mAllowLocalLAN = true;
- else if (redirect.get(i).equals("!ipv4"))
- noIpv4=true;
- else if (redirect.get(i).equals("ipv6"))
- np.mUseDefaultRoutev6=true;
- }
+ for (Vector<String> redirect : defgw)
+ for (int i = 1; i < redirect.size(); i++) {
+ if (redirect.get(i).equals("block-local"))
+ np.mAllowLocalLAN = false;
+ else if (redirect.get(i).equals("unblock-local"))
+ np.mAllowLocalLAN = true;
+ else if (redirect.get(i).equals("!ipv4"))
+ noIpv4 = true;
+ else if (redirect.get(i).equals("ipv6"))
+ np.mUseDefaultRoutev6 = true;
+ }
if (defaultRoute && !noIpv4)
- np.mUseDefaultRoute=true;
+ np.mUseDefaultRoute = true;
}
private boolean isUdpProto(String proto) throws ConfigParseError {
@@ -861,15 +898,6 @@ public class ConfigParser {
return isudp;
}
- static public void useEmbbedUserAuth(VpnProfile np, String inlinedata) {
- String data = VpnProfile.getEmbeddedContent(inlinedata);
- String[] parts = data.split("\n");
- if (parts.length >= 2) {
- np.mUsername = parts[0];
- np.mPassword = parts[1];
- }
- }
-
private void checkIgnoreAndInvalidOptions(VpnProfile np) throws ConfigParseError {
for (String option : unsupportedOptions)
if (options.containsKey(option))
@@ -880,7 +908,16 @@ public class ConfigParser {
options.remove(option);
- if (options.size() > 0) {
+ boolean customOptions=false;
+ for (Vector<Vector<String>> option: options.values())
+ {
+ for (Vector<String> optionsline : option) {
+ if (!ignoreThisOption(optionsline)) {
+ customOptions = true;
+ }
+ }
+ }
+ if (customOptions) {
np.mCustomConfigOptions = "# These options found in the config file do not map to config settings:\n"
+ np.mCustomConfigOptions;
@@ -894,7 +931,6 @@ public class ConfigParser {
}
}
-
boolean ignoreThisOption(Vector<String> option) {
for (String[] ignoreOption : ignoreOptionsWithArg) {
@@ -920,7 +956,7 @@ public class ConfigParser {
if (!ignoreThisOption(optionsline)) {
// Check if option had been inlined and inline again
if (optionsline.size() == 2 &&
- ("extra-certs".equals(optionsline.get(0)) || "http-proxy-user-pass".equals(optionsline.get(0)))) {
+ "extra-certs".equals(optionsline.get(0))) {
custom += VpnProfile.insertFileData(optionsline.get(0), optionsline.get(1));
} else {
for (String arg : optionsline)
@@ -932,7 +968,6 @@ public class ConfigParser {
return custom;
}
-
private void fixup(VpnProfile np) {
if (np.mRemoteCN.equals(np.mServerName)) {
np.mRemoteCN = "";
@@ -947,7 +982,6 @@ public class ConfigParser {
return alloptions.lastElement();
}
-
private Vector<Vector<String>> getAllOption(String option, int minarg, int maxarg) throws ConfigParseError {
Vector<Vector<String>> args = options.get(option);
if (args == null)
@@ -964,6 +998,19 @@ public class ConfigParser {
return args;
}
+ enum linestate {
+ initial,
+ readin_single_quote, reading_quoted, reading_unquoted, done
+ }
+
+ public static class ConfigParseError extends Exception {
+ private static final long serialVersionUID = -60L;
+
+ public ConfigParseError(String msg) {
+ super(msg);
+ }
+ }
+
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/Connection.java
index ff15daec..df071894 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/Connection.java
@@ -19,11 +19,25 @@ public class Connection implements Serializable, Cloneable {
public boolean mEnabled = true;
public int mConnectTimeout = 0;
public static final int CONNECTION_DEFAULT_TIMEOUT = 120;
+ public ProxyType mProxyType = ProxyType.NONE;
+ public String mProxyName = "proxy.example.com";
+ public String mProxyPort = "8080";
+
+ public boolean mUseProxyAuth;
+ public String mProxyAuthUser = null;
+ public String mProxyAuthPassword = null;
+
+ public enum ProxyType {
+ NONE,
+ HTTP,
+ SOCKS5,
+ ORBOT
+ }
private static final long serialVersionUID = 92031902903829089L;
- public String getConnectionBlock() {
+ public String getConnectionBlock(boolean isOpenVPN3) {
String cfg = "";
// Server Address
@@ -39,14 +53,31 @@ public class Connection implements Serializable, Cloneable {
if (mConnectTimeout != 0)
cfg += String.format(Locale.US, " connect-timeout %d\n", mConnectTimeout);
+ // OpenVPN 2.x manages proxy connection via management interface
+ if ((isOpenVPN3 || usesExtraProxyOptions()) && mProxyType == ProxyType.HTTP)
+ {
+ cfg+=String.format(Locale.US,"http-proxy %s %s\n", mProxyName, mProxyPort);
+ if (mUseProxyAuth)
+ cfg+=String.format(Locale.US, "<http-proxy-user-pass>\n%s\n%s\n</http-proxy-user-pass>\n", mProxyAuthUser, mProxyAuthPassword);
+ }
+ if (usesExtraProxyOptions() && mProxyType == ProxyType.SOCKS5) {
+ cfg+=String.format(Locale.US,"socks-proxy %s %s\n", mProxyName, mProxyPort);
+ }
if (!TextUtils.isEmpty(mCustomConfiguration) && mUseCustomConfig) {
cfg += mCustomConfiguration;
cfg += "\n";
}
+
+
return cfg;
}
+ public boolean usesExtraProxyOptions() {
+ return (mUseCustomConfig && mCustomConfiguration.contains("http-proxy-option "));
+ }
+
+
@Override
public Connection clone() throws CloneNotSupportedException {
return (Connection) super.clone();
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ExtAuthHelper.java b/app/src/main/java/de/blinkt/openvpn/core/ExtAuthHelper.java
new file mode 100644
index 00000000..166bce12
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/core/ExtAuthHelper.java
@@ -0,0 +1,259 @@
+/*
+ * Copyright (c) 2012-2018 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.core;
+
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.content.ServiceConnection;
+import android.content.pm.PackageManager;
+import android.content.pm.ResolveInfo;
+import android.os.*;
+import android.security.KeyChainException;
+import android.support.annotation.NonNull;
+import android.support.annotation.Nullable;
+import android.support.annotation.WorkerThread;
+import android.widget.ArrayAdapter;
+import android.widget.Spinner;
+import android.widget.SpinnerAdapter;
+import de.blinkt.openvpn.api.ExternalCertificateProvider;
+
+import java.io.ByteArrayInputStream;
+import java.io.Closeable;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.*;
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.LinkedBlockingQueue;
+
+public class ExtAuthHelper {
+
+ public static final String ACTION_CERT_CONFIGURATION = "de.blinkt.openvpn.api.ExternalCertificateConfiguration";
+ public static final String ACTION_CERT_PROVIDER = "de.blinkt.openvpn.api.ExternalCertificateProvider";
+
+ public static final String EXTRA_ALIAS = "de.blinkt.openvpn.api.KEY_ALIAS";
+ public static final String EXTRA_DESCRIPTION = "de.blinkt.openvpn.api.KEY_DESCRIPTION";
+
+
+ public static void setExternalAuthProviderSpinnerList(Spinner spinner, String selectedApp) {
+ Context c = spinner.getContext();
+ final PackageManager pm = c.getPackageManager();
+ ArrayList<ExternalAuthProvider> extProviders = getExternalAuthProviderList(c);
+
+ int selectedPos = -1;
+
+ if (extProviders.size() ==0)
+ {
+ selectedApp = "";
+ ExternalAuthProvider noauthprovider = new ExternalAuthProvider();
+ noauthprovider.label = "No external auth provider found";
+ noauthprovider.packageName = selectedApp;
+ noauthprovider.configurable = false;
+ extProviders.add(noauthprovider);
+ }
+
+
+ for (int i = 0; i < extProviders.size(); i++) {
+ if (extProviders.get(i).packageName.equals(selectedApp))
+ selectedPos = i;
+ }
+ SpinnerAdapter extAppAdapter = new ArrayAdapter<ExternalAuthProvider>(c, android.R.layout.simple_spinner_item, android.R.id.text1, extProviders);
+ spinner.setAdapter(extAppAdapter);
+ if (selectedPos != -1)
+ spinner.setSelection(selectedPos);
+ }
+
+ static ArrayList<ExternalAuthProvider> getExternalAuthProviderList(Context c) {
+ Intent configureExtAuth = new Intent(ACTION_CERT_CONFIGURATION);
+
+ final PackageManager packageManager = c.getPackageManager();
+ List<ResolveInfo> configureList =
+ packageManager.queryIntentActivities(configureExtAuth, 0);
+
+ Intent serviceExtAuth = new Intent(ACTION_CERT_PROVIDER);
+
+ List<ResolveInfo> serviceList =
+ packageManager.queryIntentServices(serviceExtAuth, 0);
+
+
+ // For now only list those who appear in both lists
+
+ ArrayList<ExternalAuthProvider> providers = new ArrayList<ExternalAuthProvider>();
+
+ for (ResolveInfo service : serviceList) {
+ ExternalAuthProvider ext = new ExternalAuthProvider();
+ ext.packageName = service.serviceInfo.packageName;
+
+ ext.label = (String) service.serviceInfo.applicationInfo.loadLabel(packageManager);
+
+ for (ResolveInfo activity : configureList) {
+ if (service.serviceInfo.packageName.equals(activity.activityInfo.packageName)) {
+ ext.configurable = true;
+ }
+ }
+ providers.add(ext);
+
+ }
+ return providers;
+
+ }
+
+ @Nullable
+ @WorkerThread
+ public static byte[] signData(@NonNull Context context,
+ @NonNull String extAuthPackageName,
+ @NonNull String alias,
+ @NonNull byte[] data
+ ) throws KeyChainException, InterruptedException
+
+ {
+
+
+ try (ExternalAuthProviderConnection authProviderConnection = bindToExtAuthProvider(context.getApplicationContext(), extAuthPackageName)) {
+ ExternalCertificateProvider externalAuthProvider = authProviderConnection.getService();
+ return externalAuthProvider.getSignedData(alias, data);
+
+ } catch (RemoteException e) {
+ throw new KeyChainException(e);
+ }
+ }
+
+ @Nullable
+ @WorkerThread
+ public static X509Certificate[] getCertificateChain(@NonNull Context context,
+ @NonNull String extAuthPackageName,
+ @NonNull String alias) throws KeyChainException {
+
+ final byte[] certificateBytes;
+ try (ExternalAuthProviderConnection authProviderConnection = bindToExtAuthProvider(context.getApplicationContext(), extAuthPackageName)) {
+ ExternalCertificateProvider externalAuthProvider = authProviderConnection.getService();
+ certificateBytes = externalAuthProvider.getCertificateChain(alias);
+ if (certificateBytes == null) {
+ return null;
+ }
+ Collection<X509Certificate> chain = toCertificates(certificateBytes);
+ return chain.toArray(new X509Certificate[chain.size()]);
+
+ } catch (RemoteException | RuntimeException | InterruptedException e) {
+ throw new KeyChainException(e);
+ }
+ }
+
+ public static Bundle getCertificateMetaData(@NonNull Context context,
+ @NonNull String extAuthPackageName,
+ String alias) throws KeyChainException
+ {
+ try (ExternalAuthProviderConnection authProviderConnection = bindToExtAuthProvider(context.getApplicationContext(), extAuthPackageName)) {
+ ExternalCertificateProvider externalAuthProvider = authProviderConnection.getService();
+ return externalAuthProvider.getCertificateMetaData(alias);
+
+ } catch (RemoteException | RuntimeException | InterruptedException e) {
+ throw new KeyChainException(e);
+ }
+ }
+
+ public static Collection<X509Certificate> toCertificates(@NonNull byte[] bytes) {
+ final String BEGINCERT = "-----BEGIN CERTIFICATE-----";
+ try {
+ Vector<X509Certificate> retCerts = new Vector<>();
+ // Java library is broken, although the javadoc says it will extract all certificates from a byte array
+ // it only extracts the first one
+ String allcerts = new String(bytes, "iso8859-1");
+ String[] certstrings = allcerts.split(BEGINCERT);
+ for (String certstring: certstrings) {
+ certstring = BEGINCERT + certstring;
+ CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+ retCerts.addAll((Collection<? extends X509Certificate>) certFactory.generateCertificates(
+ new ByteArrayInputStream((certstring.getBytes("iso8859-1")))));
+
+ }
+ return retCerts;
+
+ } catch (CertificateException e) {
+ throw new AssertionError(e);
+ } catch (UnsupportedEncodingException e) {
+ throw new AssertionError(e);
+ }
+ }
+
+ // adapted form Keychain
+ @WorkerThread
+ public static ExternalAuthProviderConnection bindToExtAuthProvider(@NonNull Context context, String packagename) throws KeyChainException, InterruptedException {
+ ensureNotOnMainThread(context);
+ final BlockingQueue<ExternalCertificateProvider> q = new LinkedBlockingQueue<>(1);
+ ServiceConnection extAuthServiceConnection = new ServiceConnection() {
+ volatile boolean mConnectedAtLeastOnce = false;
+
+ @Override
+ public void onServiceConnected(ComponentName name, IBinder service) {
+ if (!mConnectedAtLeastOnce) {
+ mConnectedAtLeastOnce = true;
+ try {
+ q.put(ExternalCertificateProvider.Stub.asInterface(service));
+ } catch (InterruptedException e) {
+ // will never happen, since the queue starts with one available slot
+ }
+ }
+ }
+
+ @Override
+ public void onServiceDisconnected(ComponentName name) {
+ }
+ };
+ Intent intent = new Intent(ACTION_CERT_PROVIDER);
+ intent.setPackage(packagename);
+
+ if (!context.bindService(intent, extAuthServiceConnection, Context.BIND_AUTO_CREATE)) {
+ throw new KeyChainException("could not bind to external authticator app: " + packagename);
+ }
+ return new ExternalAuthProviderConnection(context, extAuthServiceConnection, q.take());
+ }
+
+ private static void ensureNotOnMainThread(@NonNull Context context) {
+ Looper looper = Looper.myLooper();
+ if (looper != null && looper == context.getMainLooper()) {
+ throw new IllegalStateException(
+ "calling this from your main thread can lead to deadlock");
+ }
+ }
+
+ public static class ExternalAuthProvider {
+
+ public String packageName;
+ public boolean configurable = false;
+ private String label;
+
+ @Override
+ public String toString() {
+ return label;
+ }
+ }
+
+ public static class ExternalAuthProviderConnection implements Closeable {
+ private final Context context;
+ private final ServiceConnection serviceConnection;
+ private final ExternalCertificateProvider service;
+
+ protected ExternalAuthProviderConnection(Context context,
+ ServiceConnection serviceConnection,
+ ExternalCertificateProvider service) {
+ this.context = context;
+ this.serviceConnection = serviceConnection;
+ this.service = service;
+ }
+
+ @Override
+ public void close() {
+ context.unbindService(serviceConnection);
+ }
+
+ public ExternalCertificateProvider getService() {
+ return service;
+ }
+ }
+}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
index 38f51807..5b1307b7 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
@@ -65,4 +65,4 @@ public class ICSOpenVPNApplication extends Application {
mChannel.setLightColor(Color.BLUE);
mNotificationManager.createNotificationChannel(mChannel);
}
-}
+} \ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
index 57d1fb22..fca633b6 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
@@ -134,7 +134,9 @@ class LogFileHandler extends Handler {
if (!logfile.exists() || !logfile.canRead())
return;
- readCacheContents(new FileInputStream(logfile));
+ FileInputStream log = new FileInputStream(logfile);
+ readCacheContents(log);
+ log.close();
} catch (java.io.IOException | java.lang.RuntimeException e) {
VpnStatus.logError("Reading cached logfile failed");
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
index 70c7455a..6b633c34 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
@@ -16,7 +16,15 @@ public class NativeUtils {
static native void jniclose(int fdint);
- public static native String getNativeAPI();
+ public static String getNativeAPI()
+ {
+ if (isRoboUnitTest())
+ return "ROBO";
+ else
+ return getJNIAPI();
+ }
+
+ private static native String getJNIAPI();
public final static int[] openSSLlengths = {
@@ -26,8 +34,14 @@ public class NativeUtils {
public static native double[] getOpenSSLSpeed(String algorithm, int testnum);
static {
- System.loadLibrary("opvpnutil");
- if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN)
- System.loadLibrary("jbcrypto");
+ if (!isRoboUnitTest()) {
+ System.loadLibrary("opvpnutil");
+ if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN)
+ System.loadLibrary("jbcrypto");
+ }
+ }
+
+ public static boolean isRoboUnitTest() {
+ return "robolectric".equals(Build.FINGERPRINT);
}
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
index 37689b3f..0c54b050 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
@@ -7,9 +7,6 @@ package de.blinkt.openvpn.core;
import android.os.Build;
import android.support.annotation.NonNull;
-import android.text.TextUtils;
-
-import junit.framework.Assert;
import java.math.BigInteger;
import java.net.Inet6Address;
@@ -21,9 +18,17 @@ import java.util.Vector;
import se.leap.bitmaskclient.BuildConfig;
+
+
public class NetworkSpace {
- static class ipAddress implements Comparable<ipAddress> {
+ static void assertTrue(boolean f)
+ {
+ if (!f)
+ throw new IllegalStateException();
+ }
+
+ static class IpAddress implements Comparable<IpAddress> {
private BigInteger netAddress;
public int networkMask;
private boolean included;
@@ -38,7 +43,7 @@ public class NetworkSpace {
* 2. smaller networks are returned as smaller
*/
@Override
- public int compareTo(@NonNull ipAddress another) {
+ public int compareTo(@NonNull IpAddress another) {
int comp = getFirstAddress().compareTo(another.getFirstAddress());
if (comp != 0)
return comp;
@@ -59,22 +64,22 @@ public class NetworkSpace {
*/
@Override
public boolean equals(Object o) {
- if (!(o instanceof ipAddress))
+ if (!(o instanceof IpAddress))
return super.equals(o);
- ipAddress on = (ipAddress) o;
+ IpAddress on = (IpAddress) o;
return (networkMask == on.networkMask) && on.getFirstAddress().equals(getFirstAddress());
}
- public ipAddress(CIDRIP ip, boolean include) {
+ public IpAddress(CIDRIP ip, boolean include) {
included = include;
netAddress = BigInteger.valueOf(ip.getInt());
networkMask = ip.len;
isV4 = true;
}
- public ipAddress(Inet6Address address, int mask, boolean include) {
+ public IpAddress(Inet6Address address, int mask, boolean include) {
networkMask = mask;
included = include;
@@ -130,7 +135,7 @@ public class NetworkSpace {
return String.format(Locale.US, "%s/%d", getIPv6Address(), networkMask);
}
- ipAddress(BigInteger baseAddress, int mask, boolean included, boolean isV4) {
+ IpAddress(BigInteger baseAddress, int mask, boolean included, boolean isV4) {
this.netAddress = baseAddress;
this.networkMask = mask;
this.included = included;
@@ -138,26 +143,26 @@ public class NetworkSpace {
}
- public ipAddress[] split() {
- ipAddress firstHalf = new ipAddress(getFirstAddress(), networkMask + 1, included, isV4);
- ipAddress secondHalf = new ipAddress(firstHalf.getLastAddress().add(BigInteger.ONE), networkMask + 1, included, isV4);
+ public IpAddress[] split() {
+ IpAddress firstHalf = new IpAddress(getFirstAddress(), networkMask + 1, included, isV4);
+ IpAddress secondHalf = new IpAddress(firstHalf.getLastAddress().add(BigInteger.ONE), networkMask + 1, included, isV4);
if (BuildConfig.DEBUG)
- Assert.assertTrue(secondHalf.getLastAddress().equals(getLastAddress()));
- return new ipAddress[]{firstHalf, secondHalf};
+ assertTrue(secondHalf.getLastAddress().equals(getLastAddress()));
+ return new IpAddress[]{firstHalf, secondHalf};
}
String getIPv4Address() {
if (BuildConfig.DEBUG) {
- Assert.assertTrue(isV4);
- Assert.assertTrue(netAddress.longValue() <= 0xffffffffl);
- Assert.assertTrue(netAddress.longValue() >= 0);
+ assertTrue(isV4);
+ assertTrue(netAddress.longValue() <= 0xffffffffl);
+ assertTrue(netAddress.longValue() >= 0);
}
long ip = netAddress.longValue();
return String.format(Locale.US, "%d.%d.%d.%d", (ip >> 24) % 256, (ip >> 16) % 256, (ip >> 8) % 256, ip % 256);
}
String getIPv6Address() {
- if (BuildConfig.DEBUG) Assert.assertTrue(!isV4);
+ if (BuildConfig.DEBUG) assertTrue(!isV4);
BigInteger r = netAddress;
String ipv6str = null;
@@ -186,7 +191,7 @@ public class NetworkSpace {
return ipv6str;
}
- public boolean containsNet(ipAddress network) {
+ public boolean containsNet(IpAddress network) {
// this.first >= net.first && this.last <= net.last
BigInteger ourFirst = getFirstAddress();
BigInteger ourLast = getLastAddress();
@@ -201,12 +206,12 @@ public class NetworkSpace {
}
- TreeSet<ipAddress> mIpAddresses = new TreeSet<ipAddress>();
+ TreeSet<IpAddress> mIpAddresses = new TreeSet<IpAddress>();
- public Collection<ipAddress> getNetworks(boolean included) {
- Vector<ipAddress> ips = new Vector<ipAddress>();
- for (ipAddress ip : mIpAddresses) {
+ public Collection<IpAddress> getNetworks(boolean included) {
+ Vector<IpAddress> ips = new Vector<IpAddress>();
+ for (IpAddress ip : mIpAddresses) {
if (ip.included == included)
ips.add(ip);
}
@@ -220,35 +225,35 @@ public class NetworkSpace {
void addIP(CIDRIP cidrIp, boolean include) {
- mIpAddresses.add(new ipAddress(cidrIp, include));
+ mIpAddresses.add(new IpAddress(cidrIp, include));
}
public void addIPSplit(CIDRIP cidrIp, boolean include) {
- ipAddress newIP = new ipAddress(cidrIp, include);
- ipAddress[] splitIps = newIP.split();
- for (ipAddress split : splitIps)
+ IpAddress newIP = new IpAddress(cidrIp, include);
+ IpAddress[] splitIps = newIP.split();
+ for (IpAddress split : splitIps)
mIpAddresses.add(split);
}
void addIPv6(Inet6Address address, int mask, boolean included) {
- mIpAddresses.add(new ipAddress(address, mask, included));
+ mIpAddresses.add(new IpAddress(address, mask, included));
}
- TreeSet<ipAddress> generateIPList() {
+ TreeSet<IpAddress> generateIPList() {
- PriorityQueue<ipAddress> networks = new PriorityQueue<ipAddress>(mIpAddresses);
+ PriorityQueue<IpAddress> networks = new PriorityQueue<IpAddress>(mIpAddresses);
- TreeSet<ipAddress> ipsDone = new TreeSet<ipAddress>();
+ TreeSet<IpAddress> ipsDone = new TreeSet<IpAddress>();
- ipAddress currentNet = networks.poll();
+ IpAddress currentNet = networks.poll();
if (currentNet == null)
return ipsDone;
while (currentNet != null) {
// Check if it and the next of it are compatible
- ipAddress nextNet = networks.poll();
+ IpAddress nextNet = networks.poll();
- if (BuildConfig.DEBUG) Assert.assertNotNull(currentNet);
+ if (BuildConfig.DEBUG) assertTrue(currentNet!=null);
if (nextNet == null || currentNet.getLastAddress().compareTo(nextNet.getFirstAddress()) == -1) {
// Everything good, no overlapping nothing to do
ipsDone.add(currentNet);
@@ -263,7 +268,7 @@ public class NetworkSpace {
currentNet = nextNet;
} else {
// our currentNet is included in next and types differ. Need to split the next network
- ipAddress[] newNets = nextNet.split();
+ IpAddress[] newNets = nextNet.split();
// TODO: The contains method of the Priority is stupid linear search
@@ -274,7 +279,7 @@ public class NetworkSpace {
if (newNets[0].getLastAddress().equals(currentNet.getLastAddress())) {
if (BuildConfig.DEBUG)
- Assert.assertEquals(newNets[0].networkMask, currentNet.networkMask);
+ assertTrue(newNets[0].networkMask == currentNet.networkMask);
// Don't add the lower half that would conflict with currentNet
} else {
if (!networks.contains(newNets[0]))
@@ -284,9 +289,9 @@ public class NetworkSpace {
}
} else {
if (BuildConfig.DEBUG) {
- Assert.assertTrue(currentNet.networkMask < nextNet.networkMask);
- Assert.assertTrue(nextNet.getFirstAddress().compareTo(currentNet.getFirstAddress()) == 1);
- Assert.assertTrue(currentNet.getLastAddress().compareTo(nextNet.getLastAddress()) != -1);
+ assertTrue(currentNet.networkMask < nextNet.networkMask);
+ assertTrue(nextNet.getFirstAddress().compareTo(currentNet.getFirstAddress()) == 1);
+ assertTrue(currentNet.getLastAddress().compareTo(nextNet.getLastAddress()) != -1);
}
// This network is bigger than the next and last ip of current >= next
@@ -296,13 +301,13 @@ public class NetworkSpace {
// simply ignore the next and move on
} else {
// We need to split our network
- ipAddress[] newNets = currentNet.split();
+ IpAddress[] newNets = currentNet.split();
if (newNets[1].networkMask == nextNet.networkMask) {
if (BuildConfig.DEBUG) {
- Assert.assertTrue(newNets[1].getFirstAddress().equals(nextNet.getFirstAddress()));
- Assert.assertTrue(newNets[1].getLastAddress().equals(currentNet.getLastAddress()));
+ assertTrue(newNets[1].getFirstAddress().equals(nextNet.getFirstAddress()));
+ assertTrue(newNets[1].getLastAddress().equals(currentNet.getLastAddress()));
// split second equal the next network, do not add it
}
networks.add(nextNet);
@@ -322,11 +327,11 @@ public class NetworkSpace {
return ipsDone;
}
- Collection<ipAddress> getPositiveIPList() {
- TreeSet<ipAddress> ipsSorted = generateIPList();
+ Collection<IpAddress> getPositiveIPList() {
+ TreeSet<IpAddress> ipsSorted = generateIPList();
- Vector<ipAddress> ips = new Vector<ipAddress>();
- for (ipAddress ia : ipsSorted) {
+ Vector<IpAddress> ips = new Vector<IpAddress>();
+ for (IpAddress ia : ipsSorted) {
if (ia.included)
ips.add(ia);
}
@@ -334,7 +339,7 @@ public class NetworkSpace {
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) {
// Include postive routes from the original set under < 4.4 since these might overrule the local
// network but only if no smaller negative route exists
- for (ipAddress origIp : mIpAddresses) {
+ for (IpAddress origIp : mIpAddresses) {
if (!origIp.included)
continue;
@@ -345,7 +350,7 @@ public class NetworkSpace {
boolean skipIp = false;
// If there is any smaller net that is excluded we may not add the positive route back
- for (ipAddress calculatedIp : ipsSorted) {
+ for (IpAddress calculatedIp : ipsSorted) {
if (!calculatedIp.included && origIp.containsNet(calculatedIp)) {
skipIp = true;
break;
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java
new file mode 100644
index 00000000..40449118
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2012-2018 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.core;
+
+import android.content.Context;
+import android.net.*;
+import android.os.Build;
+import android.text.TextUtils;
+
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.util.Vector;
+
+public class NetworkUtils {
+
+ public static Vector<String> getLocalNetworks(Context c, boolean ipv6) {
+ Vector<String> nets = new Vector<>();
+ ConnectivityManager conn = (ConnectivityManager) c.getSystemService(Context.CONNECTIVITY_SERVICE);
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
+ Network[] networks = conn.getAllNetworks();
+ for (Network network : networks) {
+ NetworkInfo ni = conn.getNetworkInfo(network);
+ LinkProperties li = conn.getLinkProperties(network);
+
+ NetworkCapabilities nc = conn.getNetworkCapabilities(network);
+
+ // Skip VPN networks like ourselves
+ if (nc.hasTransport(NetworkCapabilities.TRANSPORT_VPN))
+ continue;
+
+ // Also skip mobile networks
+ if (nc.hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR))
+ continue;
+
+
+ for (LinkAddress la : li.getLinkAddresses()) {
+ if ((la.getAddress() instanceof Inet4Address && !ipv6) ||
+ (la.getAddress() instanceof Inet6Address && ipv6))
+ nets.add(la.toString());
+ }
+ }
+ } else {
+ // Old Android Version, use native utils via ifconfig instead
+ // Add local network interfaces
+ if (ipv6)
+ return nets;
+
+ String[] localRoutes = NativeUtils.getIfconfig();
+
+ // The format of mLocalRoutes is kind of broken because I don't really like JNI
+ for (int i = 0; i < localRoutes.length; i += 3) {
+ String intf = localRoutes[i];
+ String ipAddr = localRoutes[i + 1];
+ String netMask = localRoutes[i + 2];
+
+ if (intf == null || intf.equals("lo") ||
+ intf.startsWith("tun") || intf.startsWith("rmnet"))
+ continue;
+
+ if (ipAddr == null || netMask == null) {
+ VpnStatus.logError("Local routes are broken?! (Report to author) " + TextUtils.join("|", localRoutes));
+ continue;
+ }
+ nets.add(ipAddr + "/" + CIDRIP.calculateLenFromMask(netMask));
+
+ }
+
+ }
+ return nets;
+ }
+
+} \ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index f701b7aa..11bc4da3 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -7,8 +7,12 @@ package de.blinkt.openvpn.core;
import android.Manifest.permission;
import android.annotation.TargetApi;
+import android.app.Activity;
import android.app.Notification;
+import android.app.NotificationManager;
+import android.app.PendingIntent;
import android.app.UiModeManager;
+import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageManager;
@@ -16,14 +20,17 @@ import android.content.pm.ShortcutManager;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.net.ConnectivityManager;
+import android.net.Uri;
import android.net.VpnService;
import android.os.Build;
+import android.os.Bundle;
import android.os.Handler;
import android.os.Handler.Callback;
import android.os.IBinder;
import android.os.Message;
import android.os.ParcelFileDescriptor;
import android.os.RemoteException;
+import android.support.annotation.NonNull;
import android.support.annotation.RequiresApi;
import android.system.OsConstants;
import android.text.TextUtils;
@@ -32,6 +39,7 @@ import android.widget.Toast;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
@@ -39,6 +47,8 @@ import java.util.Collection;
import java.util.Locale;
import java.util.Vector;
+import de.blinkt.openvpn.LaunchVPN;
+import se.leap.bitmaskclient.R;
import de.blinkt.openvpn.VpnProfile;
import de.blinkt.openvpn.core.VpnStatus.ByteCountListener;
import de.blinkt.openvpn.core.VpnStatus.StateListener;
@@ -47,7 +57,7 @@ import se.leap.bitmaskclient.VpnNotificationManager;
import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED;
import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT;
-import static de.blinkt.openvpn.core.NetworkSpace.ipAddress;
+import static de.blinkt.openvpn.core.NetworkSpace.IpAddress;
public class OpenVPNService extends VpnService implements StateListener, Callback, ByteCountListener, IOpenVPNServiceInternal, VpnNotificationManager.VpnServiceCallback {
@@ -55,12 +65,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
public static final String START_SERVICE_STICKY = "de.blinkt.openvpn.START_SERVICE_STICKY";
public static final String ALWAYS_SHOW_NOTIFICATION = "de.blinkt.openvpn.NOTIFICATION_ALWAYS_VISIBLE";
public static final String DISCONNECT_VPN = "de.blinkt.openvpn.DISCONNECT_VPN";
- private static final String PAUSE_VPN = "de.blinkt.openvpn.PAUSE_VPN";
- private static final String RESUME_VPN = "se.leap.bitmaskclient.RESUME_VPN";
public static final String NOTIFICATION_CHANNEL_BG_ID = "openvpn_bg";
public static final String NOTIFICATION_CHANNEL_NEWSTATUS_ID = "openvpn_newstat";
public static final String VPNSERVICE_TUN = "vpnservice-tun";
-
+ public final static String ORBOT_PACKAGE_NAME = "org.torproject.android";
+ private static final String PAUSE_VPN = "de.blinkt.openvpn.PAUSE_VPN";
+ private static final String RESUME_VPN = "se.leap.bitmaskclient.RESUME_VPN";
private static boolean mNotificationAlwaysVisible = false;
private final Vector<String> mDnslist = new Vector<>();
private final NetworkSpace mRoutes = new NetworkSpace();
@@ -407,8 +417,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
Runnable processThread;
- if (useOpenVPN3)
- {
+ if (useOpenVPN3) {
OpenVPNManagement mOpenVPN3 = instantiateOpenVPN3Core();
processThread = (Runnable) mOpenVPN3;
mManagement = mOpenVPN3;
@@ -545,7 +554,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
if (mLocalIP != null) {
- addLocalNetworksToRoutes();
+ // OpenVPN3 manages excluded local networks by callback
+ if (!VpnProfile.doUseOpenVPN3(this))
+ addLocalNetworksToRoutes();
try {
builder.addAddress(mLocalIP.mIp, mLocalIP.len);
} catch (IllegalArgumentException iae) {
@@ -584,15 +595,15 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
builder.setMtu(mMtu);
}
- Collection<ipAddress> positiveIPv4Routes = mRoutes.getPositiveIPList();
- Collection<ipAddress> positiveIPv6Routes = mRoutesv6.getPositiveIPList();
+ Collection<IpAddress> positiveIPv4Routes = mRoutes.getPositiveIPList();
+ Collection<IpAddress> positiveIPv6Routes = mRoutesv6.getPositiveIPList();
if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) {
// Check if the first DNS Server is in the VPN range
try {
- ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true);
+ IpAddress dnsServer = new IpAddress(new CIDRIP(mDnslist.get(0), 32), true);
boolean dnsIncluded = false;
- for (ipAddress net : positiveIPv4Routes) {
+ for (IpAddress net : positiveIPv4Routes) {
if (net.containsNet(dnsServer)) {
dnsIncluded = true;
}
@@ -609,9 +620,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
}
- ipAddress multicastRange = new ipAddress(new CIDRIP("224.0.0.0", 3), true);
+ IpAddress multicastRange = new IpAddress(new CIDRIP("224.0.0.0", 3), true);
- for (NetworkSpace.ipAddress route : positiveIPv4Routes) {
+ for (IpAddress route : positiveIPv4Routes) {
try {
if (multicastRange.containsNet(route))
@@ -623,7 +634,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
}
- for (NetworkSpace.ipAddress route6 : positiveIPv6Routes) {
+ for (IpAddress route6 : positiveIPv6Routes) {
try {
builder.addRoute(route6.getIPv6Address(), route6.networkMask);
} catch (IllegalArgumentException ia) {
@@ -635,7 +646,16 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
if (mDomain != null)
builder.addSearchDomain(mDomain);
- VpnStatus.logInfo(R.string.local_ip_info, mLocalIP.mIp, mLocalIP.len, mLocalIPv6, mMtu);
+ String ipv4info;
+ int ipv4len;
+ if (mLocalIP!=null) {
+ ipv4len=mLocalIP.len;
+ ipv4info=mLocalIP.mIp;
+ } else {
+ ipv4len = -1;
+ ipv4info="(not set)";
+ }
+ VpnStatus.logInfo(R.string.local_ip_info, ipv4info, ipv4len, mLocalIPv6, mMtu);
VpnStatus.logInfo(R.string.dns_server_info, TextUtils.join(", ", mDnslist), mDomain);
VpnStatus.logInfo(R.string.routes_info_incl, TextUtils.join(", ", mRoutes.getNetworks(true)), TextUtils.join(", ", mRoutesv6.getNetworks(true)));
VpnStatus.logInfo(R.string.routes_info_excl, TextUtils.join(", ", mRoutes.getNetworks(false)), TextUtils.join(", ", mRoutesv6.getNetworks(false)));
@@ -643,6 +663,10 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
setAllowedVpnPackages(builder);
}
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP_MR1) {
+ // VPN always uses the default network
+ builder.setUnderlyingNetworks(null);
+ }
String session = mProfile.mName;
@@ -650,6 +674,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
session = getString(R.string.session_ipv6string, session, mLocalIP, mLocalIPv6);
else if (mLocalIP != null)
session = getString(R.string.session_ipv4string, session, mLocalIP);
+ else
+ session = getString(R.string.session_ipv4string, session, mLocalIPv6);
builder.setSession(session);
@@ -691,25 +717,11 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
private void addLocalNetworksToRoutes() {
-
- // Add local network interfaces
- String[] localRoutes = NativeUtils.getIfconfig();
-
- // The format of mLocalRoutes is kind of broken because I don't really like JNI
- for (int i = 0; i < localRoutes.length; i += 3) {
- String intf = localRoutes[i];
- String ipAddr = localRoutes[i + 1];
- String netMask = localRoutes[i + 2];
-
- if (intf == null || intf.equals("lo") ||
- intf.startsWith("tun") || intf.startsWith("rmnet"))
- continue;
-
- if (ipAddr == null || netMask == null) {
- VpnStatus.logError("Local routes are broken?! (Report to author) " + TextUtils.join("|", localRoutes));
- continue;
- }
-
+ for (String net: NetworkUtils.getLocalNetworks(this, false))
+ {
+ String[] netparts = net.split("/");
+ String ipAddr = netparts[0];
+ int netMask = Integer.parseInt(netparts[1]);
if (ipAddr.equals(mLocalIP.mIp))
continue;
@@ -719,19 +731,50 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
} else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && mProfile.mAllowLocalLAN)
mRoutes.addIP(new CIDRIP(ipAddr, netMask), false);
}
+
+ // IPv6 is Lollipop+ only so we can skip the lower than KITKAT case
+ if (mProfile.mAllowLocalLAN) {
+ for (String net : NetworkUtils.getLocalNetworks(this, true)) {
+ addRoutev6(net, false);;
+ }
+ }
+
+
}
@TargetApi(Build.VERSION_CODES.LOLLIPOP)
private void setAllowedVpnPackages(Builder builder) {
+ boolean profileUsesOrBot = false;
+
+ for (Connection c : mProfile.mConnections) {
+ if (c.mProxyType == Connection.ProxyType.ORBOT)
+ profileUsesOrBot = true;
+ }
+
+ if (profileUsesOrBot)
+ VpnStatus.logDebug("VPN Profile uses at least one server entry with Orbot. Setting up VPN so that OrBot is not redirected over VPN.");
+
+
boolean atLeastOneAllowedApp = false;
+
+ if (mProfile.mAllowedAppsVpnAreDisallowed && profileUsesOrBot) {
+ try {
+ builder.addDisallowedApplication(ORBOT_PACKAGE_NAME);
+ } catch (PackageManager.NameNotFoundException e) {
+ VpnStatus.logDebug("Orbot not installed?");
+ }
+ }
+
for (String pkg : mProfile.mAllowedAppsVpn) {
try {
if (mProfile.mAllowedAppsVpnAreDisallowed) {
builder.addDisallowedApplication(pkg);
} else {
- builder.addAllowedApplication(pkg);
- atLeastOneAllowedApp = true;
+ if (!(profileUsesOrBot && pkg.equals(ORBOT_PACKAGE_NAME))) {
+ builder.addAllowedApplication(pkg);
+ atLeastOneAllowedApp = true;
+ }
}
} catch (PackageManager.NameNotFoundException e) {
mProfile.mAllowedAppsVpn.remove(pkg);
@@ -776,13 +819,13 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
CIDRIP route = new CIDRIP(dest, mask);
boolean include = isAndroidTunDevice(device);
- NetworkSpace.ipAddress gatewayIP = new NetworkSpace.ipAddress(new CIDRIP(gateway, 32), false);
+ IpAddress gatewayIP = new IpAddress(new CIDRIP(gateway, 32), false);
if (mLocalIP == null) {
VpnStatus.logError("Local IP address unset and received. Neither pushed server config nor local config specifies an IP addresses. Opening tun device is most likely going to fail.");
return;
}
- NetworkSpace.ipAddress localNet = new NetworkSpace.ipAddress(mLocalIP, true);
+ IpAddress localNet = new IpAddress(mLocalIP, true);
if (localNet.containsNet(gatewayIP))
include = true;
@@ -802,10 +845,13 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
public void addRoutev6(String network, String device) {
- String[] v6parts = network.split("/");
+ // Tun is opened after ROUTE6, no device name may be present
boolean included = isAndroidTunDevice(device);
+ addRoutev6(network, included);
+ }
- // Tun is opened after ROUTE6, no device name may be present
+ public void addRoutev6(String network, boolean included) {
+ String[] v6parts = network.split("/");
try {
Inet6Address ip = (Inet6Address) InetAddress.getAllByName(v6parts[0])[0];
@@ -870,7 +916,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
if (mLocalIP.len <= 31 && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
CIDRIP interfaceRoute = new CIDRIP(mLocalIP.mIp, mLocalIP.len);
interfaceRoute.normalise();
- addRoute(interfaceRoute ,true);
+ addRoute(interfaceRoute, true);
}
@@ -895,11 +941,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
// Display byte count only after being connected
{
- if (level == LEVEL_WAITING_FOR_USER_INPUT) {
- // The user is presented a dialog of some kind, no need to inform the user
- // with a notifcation
- return;
- } else if (level == LEVEL_CONNECTED) {
+ if (level == LEVEL_CONNECTED) {
mDisplayBytecount = true;
mConnecttime = System.currentTimeMillis();
if (!runningOnAndroidTV())
@@ -1005,4 +1047,51 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
public void onNotificationStop() {
stopForeground(true);
}
+
+ public void trigger_url_open(String info) {
+ /*
+ String channel = NOTIFICATION_CHANNEL_USERREQ_ID;
+
+
+ String url = info.split(":",2)[1];
+
+ NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
+
+ Notification.Builder nbuilder = new Notification.Builder(this);
+ nbuilder.setContentTitle(getString(R.string.openurl_requested));
+
+ nbuilder.setContentText(url);
+ nbuilder.setAutoCancel(true);
+
+ int icon = android.R.drawable.ic_dialog_info;
+
+ nbuilder.setSmallIcon(icon);
+
+ Intent openUrlIntent = new Intent(Intent.ACTION_VIEW);
+ openUrlIntent.setData(Uri.parse(url));
+ openUrlIntent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
+
+ nbuilder.setContentIntent(PendingIntent.getActivity(this,0, openUrlIntent, 0));
+
+
+ // Try to set the priority available since API 16 (Jellybean)
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN)
+ jbNotificationExtras(PRIORITY_MAX, nbuilder);
+
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
+ lpNotificationExtras(nbuilder, Notification.CATEGORY_STATUS);
+
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+ //noinspection NewApi
+ nbuilder.setChannelId(channel);
+ }
+
+ @SuppressWarnings("deprecation")
+ Notification notification = nbuilder.getNotification();
+
+ int notificationId = channel.hashCode();
+
+ mNotificationManager.notify(notificationId, notification);
+ */
+ }
} \ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
index 2b6df9af..4f7a5bda 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
@@ -6,16 +6,20 @@
package de.blinkt.openvpn.core;
import android.content.Context;
+import android.content.Intent;
import android.net.LocalServerSocket;
import android.net.LocalSocket;
import android.net.LocalSocketAddress;
+import android.os.Build;
import android.os.Handler;
import android.os.ParcelFileDescriptor;
import android.support.annotation.NonNull;
-import android.text.TextUtils;
+import android.support.annotation.RequiresApi;
+import android.system.ErrnoException;
+import android.system.Os;
import android.util.Log;
-
-import junit.framework.Assert;
+import se.leap.bitmaskclient.R;
+import de.blinkt.openvpn.VpnProfile;
import java.io.FileDescriptor;
import java.io.IOException;
@@ -24,19 +28,13 @@ import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.Locale;
-import java.util.Vector;
-
-import se.leap.bitmaskclient.BuildConfig;
-import se.leap.bitmaskclient.R;
-import de.blinkt.openvpn.VpnProfile;
+import java.util.*;
public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
+ public static final int ORBOT_TIMEOUT_MS = 20 * 1000;
private static final String TAG = "openvpn";
+ private static final Vector<OpenVpnManagementThread> active = new Vector<>();
private final Handler mResumeHandler;
private LocalSocket mSocket;
private VpnProfile mProfile;
@@ -45,13 +43,55 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
private LocalServerSocket mServerSocket;
private boolean mWaitingForRelease = false;
private long mLastHoldRelease = 0;
-
- private static final Vector<OpenVpnManagementThread> active = new Vector<>();
private LocalSocket mServerSocketLocal;
private pauseReason lastPauseReason = pauseReason.noNetwork;
private PausedStateCallback mPauseCallback;
private boolean mShuttingDown;
+ private Runnable mResumeHoldRunnable = () -> {
+ if (shouldBeRunning()) {
+ releaseHoldCmd();
+ }
+ };
+ private Runnable orbotStatusTimeOutRunnable = new Runnable() {
+ @Override
+ public void run() {
+ sendProxyCMD(Connection.ProxyType.SOCKS5, "127.0.0.1", Integer.toString(OrbotHelper.SOCKS_PROXY_PORT_DEFAULT), false);
+ OrbotHelper.get(mOpenVPNService).removeStatusCallback(statusCallback);
+
+ }
+ };
+ private OrbotHelper.StatusCallback statusCallback = new OrbotHelper.StatusCallback() {
+
+ @Override
+ public void onStatus(Intent statusIntent) {
+ StringBuilder extras = new StringBuilder();
+ for (String key : statusIntent.getExtras().keySet()) {
+ Object val = statusIntent.getExtras().get(key);
+
+ extras.append(String.format(Locale.ENGLISH, "%s - '%s'", key, val == null ? "null" : val.toString()));
+ }
+ VpnStatus.logDebug("Got Orbot status: " + extras);
+ }
+
+ @Override
+ public void onNotYetInstalled() {
+ VpnStatus.logDebug("Orbot not yet installed");
+ }
+
+ @Override
+ public void onOrbotReady(Intent intent, String socksHost, int socksPort) {
+ mResumeHandler.removeCallbacks(orbotStatusTimeOutRunnable);
+ sendProxyCMD(Connection.ProxyType.SOCKS5, socksHost, Integer.toString(socksPort), false);
+ OrbotHelper.get(mOpenVPNService).removeStatusCallback(this);
+ }
+
+ @Override
+ public void onDisabled(Intent intent) {
+ VpnStatus.logWarning("Orbot integration for external applications is disabled. Waiting %ds before connecting to the default port. Enable external app integration in Orbot or use Socks v5 config instead of Orbot to avoid this delay.");
+ }
+ };
+ private transient Connection mCurrentProxyConnection;
public OpenVpnManagementThread(VpnProfile profile, OpenVPNService openVpnService) {
mProfile = profile;
@@ -60,14 +100,21 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
- private Runnable mResumeHoldRunnable = new Runnable() {
- @Override
- public void run() {
- if (shouldBeRunning()) {
- releaseHoldCmd();
+ private static boolean stopOpenVPN() {
+ synchronized (active) {
+ boolean sendCMD = false;
+ for (OpenVpnManagementThread mt : active) {
+ sendCMD = mt.managmentCommand("signal SIGINT\n");
+ try {
+ if (mt.mSocket != null)
+ mt.mSocket.close();
+ } catch (IOException e) {
+ // Ignore close error on already closed socket
+ }
}
+ return sendCMD;
}
- };
+ }
public boolean openManagementInterface(@NonNull Context c) {
// Could take a while to open connection
@@ -122,7 +169,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
return false;
}
-
@Override
public void run() {
byte[] buffer = new byte[2048];
@@ -198,9 +244,13 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
//ParcelFileDescriptor pfd = ParcelFileDescriptor.fromFd(fdint);
//pfd.close();
- NativeUtils.jniclose(fdint);
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
+ fdCloseLollipop(fd);
+ } else {
+ NativeUtils.jniclose(fdint);
+ }
return;
- } catch (NoSuchMethodException | IllegalArgumentException | InvocationTargetException | IllegalAccessException | NullPointerException e) {
+ } catch ( NoSuchMethodException | IllegalArgumentException | InvocationTargetException | IllegalAccessException | NullPointerException e) {
VpnStatus.logException("Failed to retrieve fd from socket (" + fd + ")", e);
}
@@ -208,6 +258,15 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
+ @RequiresApi(api = Build.VERSION_CODES.LOLLIPOP)
+ private void fdCloseLollipop(FileDescriptor fd) {
+ try {
+ Os.close(fd);
+ } catch (Exception e) {
+ VpnStatus.logException("Failed to close fd (" + fd + ")", e);
+ }
+ }
+
private String processInput(String pendingInput) {
@@ -223,11 +282,9 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
return pendingInput;
}
-
private void processCommand(String command) {
//Log.i(TAG, "Line from managment" + command);
-
if (command.startsWith(">") && command.contains(":")) {
String[] parts = command.split(":", 2);
String cmd = parts[0].substring(1);
@@ -263,6 +320,9 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
case "PK_SIGN":
processSignCommand(argument);
break;
+ case "INFOMSG":
+ processInfoMessage(argument);
+ break;
default:
VpnStatus.logWarning("MGMT: Got unrecognized command" + command);
Log.i(TAG, "Got unrecognized command" + command);
@@ -281,6 +341,14 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
}
+ private void processInfoMessage(String info)
+ {
+ if (info.startsWith("OPEN_URL:"))
+ {
+ mOpenVPNService.trigger_url_open(info);
+ }
+ }
+
private void processLogMessage(String argument) {
String[] args = argument.split(",", 4);
// 0 unix time stamp
@@ -367,7 +435,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
//managmentCommand("log on all\n");
}
-
public void releaseHold() {
if (mWaitingForRelease)
releaseHoldCmd();
@@ -375,27 +442,81 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
private void processProxyCMD(String argument) {
String[] args = argument.split(",", 3);
- SocketAddress proxyaddr = ProxyDetection.detectProxy(mProfile);
+ Connection.ProxyType proxyType = Connection.ProxyType.NONE;
+
+ int connectionEntryNumber = Integer.parseInt(args[0]) - 1;
+ String proxyport = null;
+ String proxyname = null;
+ boolean proxyUseAuth = false;
+
+ if (mProfile.mConnections.length > connectionEntryNumber) {
+ Connection connection = mProfile.mConnections[connectionEntryNumber];
+ proxyType = connection.mProxyType;
+ proxyname = connection.mProxyName;
+ proxyport = connection.mProxyPort;
+ proxyUseAuth = connection.mUseProxyAuth;
+
+ // Use transient variable to remember http user/password
+ mCurrentProxyConnection = connection;
+
+ } else {
+ VpnStatus.logError(String.format(Locale.ENGLISH, "OpenVPN is asking for a proxy of an unknown connection entry (%d)", connectionEntryNumber));
+ }
- if (args.length >= 2) {
+ // atuo detection of proxy
+ if (proxyType == Connection.ProxyType.NONE) {
+ SocketAddress proxyaddr = ProxyDetection.detectProxy(mProfile);
+ if (proxyaddr instanceof InetSocketAddress) {
+ InetSocketAddress isa = (InetSocketAddress) proxyaddr;
+ proxyType = Connection.ProxyType.HTTP;
+ proxyname = isa.getHostName();
+ proxyport = String.valueOf(isa.getPort());
+ proxyUseAuth = false;
+
+ }
+ }
+
+
+ if (args.length >= 2 && proxyType == Connection.ProxyType.HTTP) {
String proto = args[1];
if (proto.equals("UDP")) {
- proxyaddr = null;
+ proxyname = null;
+ VpnStatus.logInfo("Not using an HTTP proxy since the connection uses UDP");
}
}
- if (proxyaddr instanceof InetSocketAddress) {
- InetSocketAddress isa = (InetSocketAddress) proxyaddr;
- VpnStatus.logInfo(R.string.using_proxy, isa.getHostName(), isa.getPort());
+ if (proxyType == Connection.ProxyType.ORBOT) {
+ VpnStatus.updateStateString("WAIT_ORBOT", "Waiting for Orbot to start", R.string.state_waitorbot, ConnectionStatus.LEVEL_CONNECTING_NO_SERVER_REPLY_YET);
+ OrbotHelper orbotHelper = OrbotHelper.get(mOpenVPNService);
+ if (!orbotHelper.checkTorReceier(mOpenVPNService))
+ VpnStatus.logError("Orbot does not seem to be installed!");
+
+ mResumeHandler.postDelayed(orbotStatusTimeOutRunnable, ORBOT_TIMEOUT_MS);
+ orbotHelper.addStatusCallback(mOpenVPNService, statusCallback);
+
+ orbotHelper.sendOrbotStartAndStatusBroadcast();
+
+ } else {
+ sendProxyCMD(proxyType, proxyname, proxyport, proxyUseAuth);
+ }
+ }
+
+ private void sendProxyCMD(Connection.ProxyType proxyType, String proxyname, String proxyport, boolean usePwAuth) {
+ if (proxyType != Connection.ProxyType.NONE && proxyname != null) {
+
+ VpnStatus.logInfo(R.string.using_proxy, proxyname, proxyname);
- String proxycmd = String.format(Locale.ENGLISH, "proxy HTTP %s %d\n", isa.getHostName(), isa.getPort());
+ String pwstr = usePwAuth ? " auto" : "";
+
+ String proxycmd = String.format(Locale.ENGLISH, "proxy %s %s %s%s\n",
+ proxyType == Connection.ProxyType.HTTP ? "HTTP" : "SOCKS",
+ proxyname, proxyport, pwstr);
managmentCommand(proxycmd);
} else {
managmentCommand("proxy NONE\n");
}
-
}
private void processState(String argument) {
@@ -408,7 +529,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
VpnStatus.updateStateString(currentstate, args[2]);
}
-
private void processByteCount(String argument) {
// >BYTECOUNT:{BYTES_IN},{BYTES_OUT}
int comma = argument.indexOf(',');
@@ -419,7 +539,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
-
private void processNeedCommand(String argument) {
int p1 = argument.indexOf('\'');
int p2 = argument.indexOf('\'', p1 + 1);
@@ -452,7 +571,8 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
*/
if (routeparts.length == 5) {
- if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]);
+ //if (BuildConfig.DEBUG)
+ // assertEquals("dev", routeparts[3]);
mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]);
} else if (routeparts.length >= 3) {
mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null);
@@ -473,8 +593,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
mOpenVPNService.setLocalIP(ifconfigparts[0], ifconfigparts[1], mtu, ifconfigparts[3]);
break;
case "IFCONFIG6":
- mOpenVPNService.setLocalIPv6(extra);
-
+ String[] ifconfig6parts = extra.split(" ");
+ mtu = Integer.parseInt(ifconfig6parts[1]);
+ mOpenVPNService.setMtu(mtu);
+ mOpenVPNService.setLocalIPv6(ifconfig6parts[0]);
break;
case "PERSIST_TUN_ACTION":
// check if tun cfg stayed the same
@@ -546,6 +668,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
try {
+ // Ignore Auth token message, already managed by openvpn itself
+ if (argument.startsWith("Auth-Token:")) {
+ return;
+ }
int p1 = argument.indexOf('\'');
int p2 = argument.indexOf('\'', p1 + 1);
@@ -560,17 +686,26 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
String pw = null;
+ String username = null;
if (needed.equals("Private Key")) {
pw = mProfile.getPasswordPrivateKey();
} else if (needed.equals("Auth")) {
pw = mProfile.getPasswordAuth();
+ username = mProfile.mUsername;
- String usercmd = String.format("username '%s' %s\n",
- needed, VpnProfile.openVpnEscape(mProfile.mUsername));
- managmentCommand(usercmd);
+ } else if (needed.equals("HTTP Proxy")) {
+ if( mCurrentProxyConnection != null) {
+ pw = mCurrentProxyConnection.mProxyAuthPassword;
+ username = mCurrentProxyConnection.mProxyAuthUser;
+ }
}
if (pw != null) {
+ if (username !=null) {
+ String usercmd = String.format("username '%s' %s\n",
+ needed, VpnProfile.openVpnEscape(username));
+ managmentCommand(usercmd);
+ }
String cmd = String.format("password '%s' %s\n", needed, VpnProfile.openVpnEscape(pw));
managmentCommand(cmd);
} else {
@@ -580,28 +715,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
}
-
private void proccessPWFailed(String needed, String args) {
VpnStatus.updateStateString("AUTH_FAILED", needed + args, R.string.state_auth_failed, ConnectionStatus.LEVEL_AUTH_FAILED);
}
-
- private static boolean stopOpenVPN() {
- synchronized (active) {
- boolean sendCMD = false;
- for (OpenVpnManagementThread mt : active) {
- sendCMD = mt.managmentCommand("signal SIGINT\n");
- try {
- if (mt.mSocket != null)
- mt.mSocket.close();
- } catch (IOException e) {
- // Ignore close error on already closed socket
- }
- }
- return sendCMD;
- }
- }
-
@Override
public void networkChange(boolean samenetwork) {
if (mWaitingForRelease)
@@ -634,7 +751,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
private void processSignCommand(String b64data) {
- String signed_string = mProfile.getSignedData(b64data);
+ String signed_string = mProfile.getSignedData(mOpenVPNService, b64data, false);
if (signed_string == null) {
managmentCommand("pk-sig\n");
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OrbotHelper.java b/app/src/main/java/de/blinkt/openvpn/core/OrbotHelper.java
new file mode 100644
index 00000000..68f5835f
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/core/OrbotHelper.java
@@ -0,0 +1,202 @@
+/*
+ * Copyright (c) 2012-2018 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+/*
+ * Portions Copyright 2014-2016 Hans-Christoph Steiner
+ * Portions Copyright 2012-2016 Nathan Freitas
+ * Portions Copyright (c) 2016 CommonsWare, LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+package de.blinkt.openvpn.core;
+
+import android.content.BroadcastReceiver;
+import android.content.ComponentName;
+import android.content.Context;
+import android.content.Intent;
+import android.content.IntentFilter;
+import android.content.pm.PackageManager;
+import android.content.pm.ResolveInfo;
+import android.text.TextUtils;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import static de.blinkt.openvpn.core.OpenVPNService.ORBOT_PACKAGE_NAME;
+
+public class OrbotHelper {
+ //! Based on the class from NetCipher but stripped down and modified for icsopenvpn
+
+ /**
+ * {@link Intent} send by Orbot with {@code ON/OFF/STARTING/STOPPING} status
+ * included as an {@link #EXTRA_STATUS} {@code String}. Your app should
+ * always receive {@code ACTION_STATUS Intent}s since any other app could
+ * start Orbot. Also, user-triggered starts and stops will also cause
+ * {@code ACTION_STATUS Intent}s to be broadcast.
+ */
+ public final static String ACTION_STATUS = "org.torproject.android.intent.action.STATUS";
+ public final static String STATUS_ON = "ON";
+ public final static String STATUS_STARTS_DISABLED = "STARTS_DISABLED";
+
+ public final static String STATUS_STARTING = "STARTING";
+ public final static String STATUS_STOPPING = "STOPPING";
+ public final static String EXTRA_STATUS = "org.torproject.android.intent.extra.STATUS";
+ /**
+ * A request to Orbot to transparently start Tor services
+ */
+ public final static String ACTION_START = "org.torproject.android.intent.action.START";
+ public final static String EXTRA_PACKAGE_NAME = "org.torproject.android.intent.extra.PACKAGE_NAME";
+ public static final int SOCKS_PROXY_PORT_DEFAULT = 9050;
+ private static OrbotHelper mInstance;
+
+ String EXTRA_SOCKS_PROXY_HOST = "org.torproject.android.intent.extra.SOCKS_PROXY_HOST";
+ String EXTRA_SOCKS_PROXY_PORT = "org.torproject.android.intent.extra.SOCKS_PROXY_PORT";
+ private Context mContext;
+ private Set<StatusCallback> statusCallbacks = new HashSet<>();
+ private BroadcastReceiver orbotStatusReceiver = new BroadcastReceiver() {
+ @Override
+ public void onReceive(Context c, Intent intent) {
+ if (TextUtils.equals(intent.getAction(),
+ OrbotHelper.ACTION_STATUS)) {
+ for (StatusCallback cb : statusCallbacks) {
+ cb.onStatus(intent);
+ }
+
+ String status = intent.getStringExtra(EXTRA_STATUS);
+ if (TextUtils.equals(status, STATUS_ON)) {
+ int socksPort = intent.getIntExtra(EXTRA_SOCKS_PROXY_PORT, SOCKS_PROXY_PORT_DEFAULT);
+ String socksHost = intent.getStringExtra(EXTRA_SOCKS_PROXY_HOST);
+ if (TextUtils.isEmpty(socksHost))
+ socksHost = "127.0.0.1";
+ for (StatusCallback cb : statusCallbacks) {
+ cb.onOrbotReady(intent, socksHost, socksPort);
+ }
+ } else if (TextUtils.equals(status, STATUS_STARTS_DISABLED)) {
+ for (StatusCallback cb : statusCallbacks)
+ cb.onDisabled(intent);
+ }
+
+ }
+ }
+ };
+
+ private OrbotHelper() {
+
+ }
+
+ public static OrbotHelper get(OpenVPNService mOpenVPNService) {
+ if (mInstance == null)
+ mInstance = new OrbotHelper();
+ return mInstance;
+ }
+
+ /**
+ * Gets an {@link Intent} for starting Orbot. Orbot will reply with the
+ * current status to the {@code packageName} of the app in the provided
+ * {@link Context} (i.e. {@link Context#getPackageName()}.
+ */
+ public static Intent getOrbotStartIntent(Context context) {
+ Intent intent = new Intent(ACTION_START);
+ intent.setPackage(ORBOT_PACKAGE_NAME);
+ intent.putExtra(EXTRA_PACKAGE_NAME, context.getPackageName());
+ return intent;
+ }
+
+ public static boolean checkTorReceier(Context c) {
+ Intent startOrbot = getOrbotStartIntent(c);
+ PackageManager pm = c.getPackageManager();
+ Intent result = null;
+ List<ResolveInfo> receivers =
+ pm.queryBroadcastReceivers(startOrbot, 0);
+
+ return receivers != null && receivers.size() > 0;
+ }
+
+ /**
+ * Adds a StatusCallback to be called when we find out that
+ * Orbot is ready. If Orbot is ready for use, your callback
+ * will be called with onEnabled() immediately, before this
+ * method returns.
+ *
+ * @param cb a callback
+ * @return the singleton, for chaining
+ */
+ public synchronized OrbotHelper addStatusCallback(Context c, StatusCallback cb) {
+ if (statusCallbacks.size() == 0) {
+ c.getApplicationContext().registerReceiver(orbotStatusReceiver,
+ new IntentFilter(OrbotHelper.ACTION_STATUS));
+ mContext = c.getApplicationContext();
+ }
+ if (!checkTorReceier(c))
+ cb.onNotYetInstalled();
+ statusCallbacks.add(cb);
+ return (this);
+ }
+
+ /**
+ * Removes an existing registered StatusCallback.
+ *
+ * @param cb the callback to remove
+ * @return the singleton, for chaining
+ */
+ public synchronized void removeStatusCallback(StatusCallback cb) {
+ statusCallbacks.remove(cb);
+ if (statusCallbacks.size() == 0)
+ mContext.unregisterReceiver(orbotStatusReceiver);
+ }
+
+ public void sendOrbotStartAndStatusBroadcast() {
+ mContext.sendBroadcast(getOrbotStartIntent(mContext));
+ }
+
+ private void startOrbotService(String action) {
+ Intent clearVPNMode = new Intent();
+ clearVPNMode.setComponent(new ComponentName(ORBOT_PACKAGE_NAME, ".service.TorService"));
+ clearVPNMode.setAction(action);
+ mContext.startService(clearVPNMode);
+ }
+
+ public interface StatusCallback {
+ /**
+ * Called when Orbot is operational
+ *
+ * @param statusIntent an Intent containing information about
+ * Orbot, including proxy ports
+ */
+ void onStatus(Intent statusIntent);
+
+
+ /**
+ * Called if Orbot is not yet installed. Usually, you handle
+ * this by checking the return value from init() on OrbotInitializer
+ * or calling isInstalled() on OrbotInitializer. However, if
+ * you have need for it, if a callback is registered before
+ * an init() call determines that Orbot is not installed, your
+ * callback will be called with onNotYetInstalled().
+ */
+ void onNotYetInstalled();
+
+ void onOrbotReady(Intent intent, String socksHost, int socksPort);
+
+ /**
+ * Called if Orbot background control is disabled.
+ * @param intent the intent delivered
+ */
+ void onDisabled(Intent intent);
+ }
+}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
index f776fc2e..b9edc4b2 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
@@ -128,6 +128,7 @@ public class ProfileManager {
}
public static void setTemporaryProfile(Context c, VpnProfile tmp) {
+ tmp.mTemporaryProfile = true;
ProfileManager.tmpprofile = tmp;
saveProfile(c, tmp, true, true);
}
@@ -174,8 +175,9 @@ public class ProfileManager {
vlist.add(TEMPORARY_PROFILE_FILENAME);
for (String vpnentry : vlist) {
+ ObjectInputStream vpnfile=null;
try {
- ObjectInputStream vpnfile = new ObjectInputStream(context.openFileInput(vpnentry + ".vp"));
+ vpnfile = new ObjectInputStream(context.openFileInput(vpnentry + ".vp"));
VpnProfile vp = ((VpnProfile) vpnfile.readObject());
// Sanity check
@@ -189,9 +191,18 @@ public class ProfileManager {
profiles.put(vp.getUUID().toString(), vp);
}
+
} catch (IOException | ClassNotFoundException e) {
if (!vpnentry.equals(TEMPORARY_PROFILE_FILENAME))
VpnStatus.logException("Loading VPN List", e);
+ } finally {
+ if (vpnfile!=null) {
+ try {
+ vpnfile.close();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
}
}
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
index 97a73964..810974df 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
@@ -48,7 +48,7 @@ public class VPNLaunchHelper {
}
}
- return null;
+ throw new RuntimeException("Cannot find any execulte for this device's ABIs " + abis.toString());
}
@TargetApi(Build.VERSION_CODES.LOLLIPOP)
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
index a9cc4f18..5fbb440b 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
@@ -300,6 +300,8 @@ public class VpnStatus {
return R.string.state_resolve;
case "TCP_CONNECT":
return R.string.state_tcp_connect;
+ case "AUTH_PENDING":
+ return R.string.state_auth_pending;
default:
return R.string.unknown_state;
}
@@ -323,7 +325,7 @@ public class VpnStatus {
private static ConnectionStatus getLevel(String state) {
String[] noreplyet = {"CONNECTING", "WAIT", "RECONNECTING", "RESOLVE", "TCP_CONNECT"};
- String[] reply = {"AUTH", "GET_CONFIG", "ASSIGN_IP", "ADD_ROUTES"};
+ String[] reply = {"AUTH", "GET_CONFIG", "ASSIGN_IP", "ADD_ROUTES", "AUTH_PENDING"};
String[] connected = {"CONNECTED"};
String[] notconnected = {"DISCONNECTED", "EXITING"};
@@ -385,7 +387,7 @@ public class VpnStatus {
for (StateListener sl : stateListener) {
sl.updateState(state, msg, resid, level);
}
- newLogItem(new LogItem((LogLevel.DEBUG), String.format("New OpenVPN Status (%s->%s): %s",state,level.toString(),msg)));
+ //newLogItem(new LogItem((LogLevel.DEBUG), String.format("New OpenVPN Status (%s->%s): %s",state,level.toString(),msg)));
}
public static void logInfo(String message) {
diff --git a/app/src/main/res/values-be/plurals-icsopenvpn.xml b/app/src/main/res/values-be/plurals-icsopenvpn.xml
new file mode 100755
index 00000000..70489fbc
--- /dev/null
+++ b/app/src/main/res/values-be/plurals-icsopenvpn.xml
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--Generated by crowdin.com-->
+<resources></resources>
diff --git a/app/src/main/res/values-be/strings-icsopenvpn.xml b/app/src/main/res/values-be/strings-icsopenvpn.xml
new file mode 100755
index 00000000..45ec6c69
--- /dev/null
+++ b/app/src/main/res/values-be/strings-icsopenvpn.xml
@@ -0,0 +1,464 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--Generated by crowdin.com-->
+<!--
+ ~ Copyright (c) 2012-2016 Arne Schwabe
+ ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ -->
+<resources>
+
+ <string name="address">ÐÐ´Ñ€Ð°Ñ Ñервера:</string>
+ <string name="port">Порт Ñервера:</string>
+ <string name="location">РазмÑшчÑнне</string>
+ <string name="cant_read_folder">Ðе атрымоўваецца прачытаць каталог</string>
+ <string name="select">Выбраць</string>
+ <string name="cancel">Ðдмена</string>
+ <string name="no_data">ÐÑма дадзеных</string>
+ <string name="useLZO">СціÑк LZO</string>
+ <string name="client_no_certificate">ÐÑма Ñертыфіката</string>
+ <string name="client_certificate_title">Сертыфікат кліента</string>
+ <string name="client_key_title">Ключ Ñертыфіката кліента</string>
+ <string name="client_pkcs12_title">Файл PKCS12</string>
+ <string name="ca_title">Сертыфікат ЦС</string>
+ <string name="no_certificate">ТрÑба выбраць Ñертыфікат</string>
+ <string name="copyright_guicode">Зыходны код Ñ– адÑочванне праблем даÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ Ð½Ð° https://github.com/schwabe/ics-openvpn/</string>
+ <string name="copyright_others">Ð”Ð°Ð´Ð·ÐµÐ½Ð°Ñ Ð¿Ñ€Ð°Ð³Ñ€Ð°Ð¼Ð° выкарыÑтоўвае наÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ ÐºÐ°Ð¼Ð¿Ð°Ð½ÐµÐ½Ñ‚Ñ‹; гледзіце зыходны код Ð´Ð»Ñ Ð°Ñ‚Ñ€Ñ‹Ð¼Ð°Ð½Ð½Ñ Ð¿Ð°Ð´Ñ€Ð°Ð±Ñзнай інфармацыі пра ліцÑнзію</string>
+ <string name="about">Пра дадатак</string>
+ <string name="vpn_list_title">Профілі</string>
+ <string name="vpn_type">Тып</string>
+ <string name="pkcs12pwquery">Пароль Ð´Ð»Ñ PKCS12</string>
+ <string name="file_select">Выбраць&#8230;</string>
+ <string name="file_nothing_selected">Вы павінны выбраць файл</string>
+ <string name="useTLSAuth">СкарыÑтаць аўтÑнтыфікацыю TLS</string>
+ <string name="tls_direction">Кірунак праверкі TLS</string>
+ <string name="ipv6_dialog_tile">УвÑдзіце адраÑ/маÑку падÑеткі IPv6 у фармаце CIDR (прыкладам, 2000:dd::23/64)</string>
+ <string name="ipv4_dialog_title">УвÑдзіце адраÑ/маÑку падÑеткі IPv4 у фармаце CIDR (прыкладам, 1.2.3.4/24)</string>
+ <string name="ipv4_address">ÐÐ´Ñ€Ð°Ñ IPv4</string>
+ <string name="ipv6_address">ÐÐ´Ñ€Ð°Ñ IPv6</string>
+ <string name="custom_option_warning">УвÑдзіце Ð´Ð°Ð´Ð°Ñ‚ÐºÐ¾Ð²Ñ‹Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹ OpenVPN. ВыкарыÑтоўвайце гÑту магчымаÑць з вÑлікай аÑцÑрожнаÑцю. Калі вы лічыце, што адÑутнічае важны параметр, звÑжыцеÑÑ Ð· аўтарам</string>
+ <string name="auth_username">Ð†Ð¼Ñ ÐºÐ°Ñ€Ñ‹Ñтача</string>
+ <string name="auth_pwquery">Пароль</string>
+ <string name="static_keys_info">Ð”Ð»Ñ ÐºÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ– Ñа Ñтатычнымі Ñертыфікатамі будуць выкарыÑтоўвацца ключы TLS</string>
+ <string name="configure_the_vpn">Ðалада VPN</string>
+ <string name="menu_add_profile">Дадаць канфігурацыю</string>
+ <string name="add_profile_name_prompt">УвÑдзіце назву новай канфігурацыі</string>
+ <string name="duplicate_profile_name">Калі лаÑка, увÑдзіце ўнікальную назву канфігурацыі</string>
+ <string name="profilename">Ðазва канфігурацыі</string>
+ <string name="no_keystore_cert_selected">ТрÑба выбраць Ñертыфікат карыÑтача</string>
+ <string name="no_ca_cert_selected">ТрÑба выбраць Ñертыфікат ЦС</string>
+ <string name="no_error_found">Памылак не знойдзена</string>
+ <string name="config_error_found">Ошибка в конфигурации</string>
+ <string name="ipv4_format_error">Ðемагчыма раÑпазнаць IPv4 адраÑ</string>
+ <string name="custom_route_format_error">Ðемагчыма раÑпазнаць карыÑÑ‚Ð°Ñ†ÐºÑ–Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹</string>
+ <string name="pw_query_hint">(пакіньце пуÑтым Ð´Ð»Ñ Ð·Ð°Ð¿Ñ‹Ñ‚Ñƒ па вымозе)</string>
+ <string name="vpn_shortcut">ЦÑтлік OpenVPN</string>
+ <string name="vpn_launch_title">ПадключÑнне да VPN&#8230;</string>
+ <string name="shortcut_profile_notfound">Ðе знойдзены профіль, азначаны Ñž цÑтліку</string>
+ <string name="random_host_prefix">Выпадковы прÑÑ„Ñ–ÐºÑ Ð²ÑƒÐ·Ð»Ð°</string>
+ <string name="random_host_summary">Дадае 6 выпадковых знакаў перад іменем хаÑта</string>
+ <string name="custom_config_title">Уключыць карыÑÑ‚Ð°Ñ†ÐºÑ–Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹</string>
+ <string name="custom_config_summary">КарыÑÑ‚Ð°Ñ†ÐºÑ–Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹. СкарыÑтайце з аÑцÑрожнаÑцю!</string>
+ <string name="route_rejected">Маршрут адхілены Android</string>
+ <string name="cancel_connection">Ðдключыць</string>
+ <string name="cancel_connection_long">Ðдключыць VPN</string>
+ <string name="clear_log">ачыÑціць журнал</string>
+ <string name="title_cancel">Пацверджанне ÑкаÑаваннÑ</string>
+ <string name="cancel_connection_query">Ðдключыць актыўны VPN/ÑкаÑаваць Ñпробу падключÑннÑ?</string>
+ <string name="remove_vpn">Выдаліць VPN</string>
+ <string name="check_remote_tlscert">ПравÑрае, ці выкарыÑтоўвае Ñервер Ñертыфікат з Ñервернымі пашырÑннÑмі TLS (--remote-cert-tls server)</string>
+ <string name="check_remote_tlscert_title">Чакаць Ñерверны Ñертыфікат TLS</string>
+ <string name="remote_tlscn_check_summary">Праверка DN аб\'екта падаленага Ñертыфіката</string>
+ <string name="remote_tlscn_check_title">Праверка Ñ–Ð¼Ñ Ñ…Ð°Ñта Ñертыфіката</string>
+ <string name="enter_tlscn_dialog">УвÑдзіце значÑнне Ð´Ð»Ñ Ð¿Ñ€Ð°Ð²ÐµÑ€ÐºÑ– DN выдаленага Ñертыфіката (прыкладам, C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\n \ÐœÐ°Ð³Ñ‡Ñ‹Ð¼Ñ‹Ñ Ð·Ð½Ð°Ñ‡Ñнні: поўны DN ці RDN (у прыкладзе вышÑй openvpn.blinkt.de) ці толькі прÑÑ„Ñ–ÐºÑ RDN Ð´Ð»Ñ Ð¿Ñ€Ð°Ð²ÐµÑ€ÐºÑ–.\n\nПры выкарыÑтанні прÑфікÑа RDN, «Server» падыдзе Ð´Ð»Ñ Â«Server-1» Ñ– «Server-2»\n\nПры пуÑтой Ñ‚ÑкÑтавай падлозе будзе правÑрацца, што RDN Ñупадае з іменем вузла.\n\nПадрабÑзнаÑці гледзіце Ñž кіраўніцтве OpenVPN 2.3.1+, падзел --verify-x509-name</string>
+ <string name="enter_tlscn_title">Ðб\'ект падаленага Ñертыфіката</string>
+ <string name="tls_key_auth">Уключыць аўтÑнтыфікацыю па TLS ключу</string>
+ <string name="tls_auth_file">Файл аўтÑнтыфікацыі TLS</string>
+ <string name="pull_on_summary">Запыт IP-адраÑа, маршрутаў Ñ– параметраў ад Ñервера.</string>
+ <string name="pull_off_summary">Ігнараваць уÑе параметры Ñервера. Параметры павінны быць азначаны ніжÑй.</string>
+ <string name="use_pull">Запытваць параметры</string>
+ <string name="dns">DNS</string>
+ <string name="override_dns">Перавызначыць параметры DNS ад Ñервера</string>
+ <string name="dns_override_summary">ВыкарыÑтоўваць вашы DNS</string>
+ <string name="searchdomain">Дамен пошуку</string>
+ <string name="dns1_summary">DNS-Ñервер Ð´Ð»Ñ Ð²Ñ‹ÐºÐ°Ñ€Ñ‹ÑтаннÑ.</string>
+ <string name="dns_server">DNS-Ñервер</string>
+ <string name="secondary_dns_message">ДругаÑны DNS-Ñервер выкарыÑтоўваецца, калі не атрыманы адказ ад першага Ñервера DNS.</string>
+ <string name="backup_dns">РÑзервовы Ñервер DNS</string>
+ <string name="ignored_pushed_routes">Ігнараваць паÑÑ‹Ð»Ð°Ð½Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹</string>
+ <string name="ignore_routes_summary">Ігнараваць маршруты, паÑÑ‹Ð»Ð°Ð½Ñ‹Ñ Ñерверам.</string>
+ <string name="default_route_summary">Перанакіроўвае ўвеÑÑŒ трафік праз VPN</string>
+ <string name="use_default_title">ВыкарыÑтоўваць маршрут па змаўчанні</string>
+ <string name="custom_route_message">УвÑдзіце карыÑÑ‚Ð°Ð»ÑŒÐ½Ñ–Ñ†ÐºÑ–Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹. СкарыÑтайце толькі Ð°Ð´Ñ€Ð°Ñ Ð¿Ñ€Ñ‹Ð·Ð½Ð°Ñ‡ÑÐ½Ð½Ñ Ñž фармаце CIDR. \"10.0.0.0/8 2002::/16\" Ñкіруе Ñеткі 10.0.0.0/8 Ñ– 2002::/16 праз VPN.</string>
+ <string name="custom_route_message_excluded">Маршруты, ÑÐºÑ–Ñ ÐЕ павінны Ñкіроўвацца праз VPN. СкарыÑтайце той жа ÑінтакÑÑ–Ñ, што Ñ– Ð´Ð»Ñ ÑžÐºÐ»ÑŽÑ‡Ð°Ð½Ñ‹Ñ… маршрутаў.</string>
+ <string name="custom_routes_title">КарыÑÑ‚Ð°Ð»ÑŒÐ½Ñ–Ñ†ÐºÑ–Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹</string>
+ <string name="custom_routes_title_excluded">ВынÑÑ‚Ñ‹Ñ Ñеткі</string>
+ <string name="log_verbosity_level">Ровень дÑталізацыі журнала</string>
+ <string name="float_summary">Разрешить аутентифицированные пакеты Ñ Ð»ÑŽÐ±Ð¾Ð³Ð¾ IP-адреÑа</string>
+ <string name="float_title">Дазволіць «плавальны» Ñервер</string>
+ <string name="custom_options_title">КарыÑÑ‚Ð°Ð»ÑŒÐ½Ñ–Ñ†ÐºÑ–Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹</string>
+ <string name="edit_vpn">РÑдагаванне параметраў VPN</string>
+ <string name="remove_vpn_query">Выдаліць профіль VPN «%s»?</string>
+ <string name="tun_error_helpful">Ðа некаторых каÑтамных зборках права на /dev/tun могуць быць нÑправільнымі ці tun-модуль можа быць не ўключаны. Ð”Ð»Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÑ– CM9 можаце паÑпрабаваць выправіць уладальніка проÑта з налад праграмы</string>
+ <string name="tun_open_error">Ðе атрымоўваецца адкрыць tun інтÑрфейÑ</string>
+ <string name="error">"Памылка: "</string>
+ <string name="clear">ÐчыÑціць</string>
+ <string name="last_openvpn_tun_config">Ðдкрыццё tun-інтÑрфейÑу:</string>
+ <string name="local_ip_info">ÐÐ´Ñ€Ð°Ñ IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
+ <string name="dns_server_info">DNS-Ñервер: %1$s, Дамен: %2$s</string>
+ <string name="routes_info_incl">Маршруты: %1$s %2$s</string>
+ <string name="routes_info_excl">ВынÑÑ‚Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹: %1$s %2$s</string>
+ <string name="routes_debug">ÐŸÐ°Ð´Ð»ÑƒÑ‡Ð°Ð½Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹ ÑÑрвіÑу Vpn: %1$s %2$s</string>
+ <string name="ip_not_cidr">Ðтрымана Ñ–Ð½Ñ„Ð°Ñ€Ð¼Ð°Ñ†Ñ‹Ñ Ñ–Ð½Ñ‚ÑрфейÑу %1$s Ñ– %2$s, другі Ð°Ð´Ñ€Ð°Ñ Ð·\'ÑўлÑецца падаленым адраÑам канала. ВыкарыÑтоўваецца ÑÐµÑ‚ÐºÐ°Ð²Ð°Ñ Ð¼Ð°Ñка /32 Ð´Ð»Ñ Ð»Ð°ÐºÐ°Ð»ÑŒÐ½Ð°Ð³Ð° IP адраÑа. РÑжым, уÑталÑваны OpenVPN: \"%3$s\".</string>
+ <string name="route_not_cidr">Ðемагчыма ÑкарыÑтаць выразы %1$s Ñ– %2$s Ñк маршрут па Ñтандарце CIDR. выкарыÑтоўваецца /32 Ñк маÑка падÑеткі.</string>
+ <string name="route_not_netip">Маршрут выпраўлены з %1$s/%2$s на %3$s/%2$s</string>
+ <string name="keychain_access">Ðе атрымоўваецца атрымаць доÑтуп да Ñховішча ключоў Ñ– Ñертыфікатаў Android. ГÑта можа быць выклікана абнаўленнем прашыўкі ці Ð°Ð´Ð½Ð°ÑžÐ»ÐµÐ½Ð½Ñ Ñтарой копіі дадатку ці Ñго налад. Калі лаÑка, адрÑдагуйце профіль VPN Ñ– наноў пакажыце ключы Ñ– Ñертыфікаты Ñž падзеле ÐÑÐ½Ð¾ÑžÐ½Ñ‹Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹.</string>
+ <string name="version_info">%1$s %2$s</string>
+ <string name="send_logfile">Ðдправіць файл журнала</string>
+ <string name="send">Ðдправіць</string>
+ <string name="ics_openvpn_log_file">ICS OpenVPN лог файл</string>
+ <string name="copied_entry">Ð—Ð°Ð¿Ñ–Ñ Ð¶ÑƒÑ€Ð½Ð°Ð»Ð° ÑкапіÑваны Ñž буфер абмену</string>
+ <string name="tap_mode">РÑжым TAP</string>
+ <string name="faq_tap_mode">РÑжым TAP немагчымы на прыладах без root-а. Таму гÑÑ‚Ñ‹ дадатак не падтрымвае TAP</string>
+ <string name="tap_faq2">Ізноў? Ð’Ñ‹ здзекуецеÑÑ? Ðе падтрымваецца Ñ€Ñжым TAP Ñ– проÑьбы да аўтара пра гÑта не дапамогуць Ñму Ñ€Ñалізавацца.</string>
+ <string name="tap_faq3">ТрÑці раз? ÐаÑамрÑч можна было б піÑаць ÑмулÑтар TAP, заÑÐ½Ð°Ð²Ð°Ð½Ñ‹Ñ Ð½Ð° tun, Ñкі б дадаваў інфармацыю 2 роўні пры адпраўленні Ñ– здабываў бы Ñе пры атрыманні. Ðле гÑÑ‚Ñ‹ ÑмулÑтар запатрабуе такÑама ARP Ñ–, магчыма, кліента DHCP. Я не ведаю нікога, хто мог бы гÑтым занÑцца. ЗвÑжыцеÑÑ Ñа мной, калі вы хочаце занÑцца гÑтым.</string>
+ <string name="faq">Пытанні і адказы</string>
+ <string name="copying_log_entries">КапіÑванне запіÑамі журнала</string>
+ <string name="faq_copying">Ð”Ð»Ñ ÐºÐ°Ð¿Ñ–ÑÐ²Ð°Ð½Ð½Ñ Ð°Ð´Ð½Ð°Ð³Ð¾ запіÑу журнала Ñ‚Ñ€Ñба нажаць на Ñе Ñ– ўтрымваць. Каб ÑкапіÑваць/адправіць увеÑÑŒ файл журнала, ÑкарыÑтайце опцыю «Ðдправіць файл журнала». Калі Ñна ўтоена, ÑкарыÑтайце апаратную кнопку меню.</string>
+ <string name="faq_shortcut">ЦÑтлік Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑку</string>
+ <string name="faq_howto_shortcut">Ð’Ñ‹ можаце Ñтварыць цÑтлік Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑку OpenVPN на працоўным Ñтале. У залежнаÑці ад вашага аÑÑÑ€Ð¾Ð´Ð´Ð·Ñ Ñ‚Ñ€Ñба дадаць цÑтлік ці віджÑÑ‚.</string>
+ <string name="no_vpn_support_image">Ваша прашыўка не падтрымвае VPNService API, прабачыце :(</string>
+ <string name="encryption">Шыфраванне</string>
+ <string name="cipher_dialog_title">Вызначце метад шыфраваннÑ</string>
+ <string name="chipher_dialog_message">Вызначце алгарытм шыфрацыі, Ñкі выкарыÑтоўваецца OpenVPN. Пакіньце пуÑтым, каб ÑкарыÑтаць шыфраванне па змаўчанні.</string>
+ <string name="auth_dialog_message">УвÑдзіце Ñ…Ñш-функцыю Ð´Ð»Ñ Ð°ÑžÑ‚Ñнтыфікацыі Ñž OpenVPN. Пакіньце пуÑтым Ð´Ð»Ñ Ð²Ñ‹ÐºÐ°Ñ€Ñ‹ÑÑ‚Ð°Ð½Ð½Ñ Ð·Ð½Ð°Ñ‡ÑÐ½Ð½Ñ Ð¿Ð° змаўчанні.</string>
+ <string name="settings_auth">ÐўтÑнтыфікацыÑ/шыфраванне</string>
+ <string name="file_explorer_tab">ÐглÑд файлаў</string>
+ <string name="inline_file_tab">Убудаваны файл</string>
+ <string name="error_importing_file">Памылка імпарту файла</string>
+ <string name="import_error_message">Ðе атрымалаÑÑ Ñ–Ð¼Ð¿Ð°Ñ€Ñ‚Ð°Ð²Ð°Ñ†ÑŒ файл з файлавай ÑÑ–ÑÑ‚Ñмы</string>
+ <string name="inline_file_data">[[Убудаваны файл дадзеных]]</string>
+ <string name="opentun_no_ipaddr">Ðдмова Ñž адкрыцці прылады tun без інфармацыі пра IP-адраÑ</string>
+ <string name="menu_import">Імпарт канфігурацыі з файла .ovpn</string>
+ <string name="menu_import_short">Імпарт</string>
+ <string name="import_content_resolve_error">Ðе атрымалаÑÑ Ð¿Ñ€Ð°Ñ‡Ñ‹Ñ‚Ð°Ñ†ÑŒ канфігурацыю Ð´Ð»Ñ Ñ–Ð¼Ð¿Ð°Ñ€Ñ‚Ñƒ</string>
+ <string name="error_reading_config_file">Памылка Ñ‡Ñ‹Ñ‚Ð°Ð½Ð½Ñ Ñ„Ð°Ð¹Ð»Ð° канфігурацыі</string>
+ <string name="add_profile">Дадаць канфігурацыю</string>
+ <string name="import_could_not_open">Ðе атрымалаÑÑ Ð·Ð½Ð°Ð¹Ñці файл %1$s, азначаны Ñž файле канфігурацыі</string>
+ <string name="importing_config">Імпарт файла канфігурацыі з зыходнага %1$s</string>
+ <string name="import_warning_custom_options">Ваша ÐºÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ Ð¼ÐµÐ»Ð° некалькі параметраў, ÑÐºÑ–Ñ Ð½Ðµ ўваходзÑць у параметры Ñтандартнай канфігурацыі. ГÑÑ‚Ñ‹Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹ былі вынеÑены Ñž карыÑтацкую канфігурацыю. КарыÑÑ‚Ð°Ñ†ÐºÐ°Ñ ÐºÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ Ð°Ð´Ð»ÑŽÑтроўваецца ніжÑй:</string>
+ <string name="import_done">Файл канфігурацыі паÑпÑхова прачытаны.</string>
+ <string name="nobind_summary">Ðе прывÑзвацца да лакальнага адраÑа Ñ– порта</string>
+ <string name="no_bind">Ðе выкарыÑтоўваць прывÑзкі</string>
+ <string name="import_configuration_file">Імпарт файла канфігурацыі</string>
+ <string name="faq_security_title">Меркаванні бÑÑпекі</string>
+ <string name="faq_security">"Калі OpenVPN адчувальны да бÑÑпекі, то дарÑÑ‡Ð½Ñ‹Ñ Ð±ÑƒÐ´ÑƒÑ†ÑŒ некалькі заўваг на Ñе рахунак. УÑе Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð½Ð° SD-карце Ñž Ñ–ÑнаÑці не абаронены. Кожны дадатак можа прачытаць Ñ–Ñ… (прыкладам, гÑта праграма не патрабуе адмыÑловых прывілеÑÑž на SD-карту). Ð”Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð³Ñтага дадатку могуць быць прачытаны толькі ім Ñамім. Пры выкарыÑтанні опцыі імпарту Ñертыфікатаў Ñ– ключоў у дыÑлогавым акне Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð·Ð°Ñ…Ð¾ÑžÐ²Ð°ÑŽÑ†Ñ†Ð° Ñž профілі VPN. Профілі VPN даÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ Ñ‚Ð¾Ð»ÑŒÐºÑ– гÑтаму дадатку. (Ðе забудзьцеÑÑ Ð¿Ð¾Ñ‚Ñ‹Ð¼ выдаліць копіі на SD-карце). ÐÑгледзÑчы на тое, што Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð´Ð°ÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ Ñ‚Ð¾Ð»ÑŒÐºÑ– гÑтаму дадатку, Ñны ÑžÑÑ‘ ÑÑˆÑ‡Ñ Ð½Ðµ зашыфраваны. Пры наÑўнаÑці праў адмініÑтратара (root) на Ñ‚Ñлефоне ці праз нейкую ўразліваÑць гÑÑ‚Ñ‹Ñ Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð¼Ð¾Ð¶Ð½Ð° вынÑць. ТакÑама Ð·Ð°Ñ…Ð°Ð²Ð°Ð½Ñ‹Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ– захоўваюцца Ñž звычайным Ñ‚ÑкÑтавым выглÑдзе. ÐаÑтойліва Ñ€Ñкамендуецца файлы pkcs12 імпартаваць у android keystore."</string>
+ <string name="import_vpn">Імпарт</string>
+ <string name="broken_image_cert_title">Памылка адлюÑÑ‚Ñ€Ð°Ð²Ð°Ð½Ð½Ñ Ð²Ñ‹Ð±Ð°Ñ€Ñƒ Ñертыфіката</string>
+ <string name="broken_image_cert">ÐдбылаÑÑ Ð¿Ð°Ð¼Ñ‹Ð»ÐºÐ° пры Ñпробе выкліку ÑÑ–ÑÑ‚Ñмнага дыÑлогу выбару Ñертыфікатаў Android 4.0+. ГÑтага не павінна было здарыцца на Ñтандартнай прашыўцы. Можа быць у вашай прашыўцы ÑапÑавана Ñховішча Ñертыфікатаў</string>
+ <string name="ipv4">IPv4</string>
+ <string name="ipv6">IPv6</string>
+ <string name="speed_waiting">Чаканне Ð¿Ð°Ð²ÐµÐ´Ð°Ð¼Ð»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð° Ñтан&#8230;</string>
+ <string name="converted_profile">імпартаваны профіль</string>
+ <string name="converted_profile_i">імпартаваны профіль %d</string>
+ <string name="broken_images">Ð—Ð»Ð°Ð¼Ð°Ð½Ñ‹Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÑ–</string>
+ <string name="broken_images_faq">&lt;p&gt; Ð’Ñдома, што Ð°Ñ„Ñ–Ñ†Ñ‹Ð¹Ð½Ñ‹Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÑ– HTC маюць Ð´Ð·Ñ–ÑžÐ½Ñ‹Ñ Ð¿Ñ€Ð°Ð±Ð»ÐµÐ¼Ñ‹ з маршрутызацыÑй, што прыводзіць да таго, што трафік не ідзе праз тунÑль (гл. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt; у баг-Ñ‚Ñ€Ñкеры).&lt;/p&gt;&lt;p&gt;ТакÑама паведамлÑлаÑÑ, што Ñž Ñтарых афіцыйных прашыўках SONY ад Xperia Arc S Ñ– Xperia Ray цалкам адÑутнічае ÑÑÑ€Ð²Ñ–Ñ VPNService (гл. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt; у баг-Ñ‚Ñ€Ñкеры).&lt;/p&gt;&lt;p&gt;У некаторых неафіцыйных прашыўках модуль tun можа адÑутнічаць, ці файл прылады /dev/tun можа мець нÑÐ¿Ñ€Ð°Ð²Ñ–Ð»ÑŒÐ½Ñ‹Ñ Ð¿Ñ€Ð°Ð²Ñ‹. ÐÐµÐºÐ°Ñ‚Ð¾Ñ€Ñ‹Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÑ– CM9 могуць патрабаваць выпраўленні праў на /dev/tun у наладах «Хакі Ð´Ð»Ñ Ð´Ð°Ð´Ð·ÐµÐ½Ð°Ð¹ прылады».&lt;/p&gt;&lt;p&gt;І Ñамае галоўнае: калі Ñž Ð²Ð°Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÐ° з паказанымі праблемамі, паведаміце пра гÑта вытворцу прылады. Чым больш за карыÑтачоў паведаміць пра праблему, тым больш за шанцы, што вытворца Ñе выправіць.&lt;/p&gt;</string>
+ <string name="pkcs12_file_encryption_key">Файл PKCS12-ключа</string>
+ <string name="private_key_password">Пароль закрытага ключа</string>
+ <string name="password">Пароль</string>
+ <string name="file_icon">файл значка</string>
+ <string name="tls_authentication">ÐўтÑнтыфікацыÑ/шыфраванне TLS</string>
+ <string name="generated_config">Ð—Ð³ÐµÐ½ÐµÑ€Ð°Ð²Ð°Ð½Ð°Ñ ÐºÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ</string>
+ <string name="generalsettings">Ðалады</string>
+ <string name="owner_fix_summary">ПаÑпрабаваць змÑніць уладальніка Ð´Ð»Ñ /dev/tun. ÐÐµÐºÐ°Ñ‚Ð¾Ñ€Ñ‹Ñ Ð¿Ñ€Ð°ÑˆÑ‹ÑžÐºÑ– CM9 патрабуюць гÑтага Ð´Ð»Ñ ÐºÐ°Ñ€Ñктнай працы API OpenVPN. Патрабуецца root.</string>
+ <string name="owner_fix">Выправіць правы Ð´Ð»Ñ /dev/tun</string>
+ <string name="generated_config_summary">Паказаць згенераваны файл канфігурацыі OpenVPN</string>
+ <string name="edit_profile_title">Праўка «%s»</string>
+ <string name="building_configration">СтварÑнне канфігурацыі&#8230;</string>
+ <string name="netchange_summary">Перападлучацца, калі змÑнÑецца Ñтан Ñеткі (прыкладам, пры пераключÑнні з Wi-Fi на мабільную Ñ– наадварот)</string>
+ <string name="netchange">Перападлучацца, калі змÑнÑецца Ñтан Ñеткі (прыкладам, пры пераключÑнні з Wi-Fi на мабільную Ñ– наадварот)</string>
+ <string name="netstatus">Ð¡Ñ‚Ð°Ñ‚ÑƒÑ Ñеткі: %s</string>
+ <string name="extracahint">Сертыфікат ЦС звычайна захоўваецца Ñž Android Keystore. Вызначце аÑобны Ñертыфікат, калі Ñž Ð²Ð°Ñ Ð¿Ð°ÑžÑталі абмылы пры праверцы Ñертыфіката.</string>
+ <string name="select_file">Выбраць</string>
+ <string name="keychain_nocacert">Ðе атрымалаÑÑ Ð°Ñ‚Ñ€Ñ‹Ð¼Ð°Ñ†ÑŒ Ñертыфікат ЦС Ñа Ñховішча ключоў Android. ÐапÑўна, аўтÑÐ½Ñ‚Ñ‹Ñ„Ñ–ÐºÐ°Ñ†Ñ‹Ñ Ð·Ð°Ð²ÐµÑ€ÑˆÑ‹Ñ†Ñ†Ð° абмылай.</string>
+ <string name="show_log_summary">Паказвае акно журнала пры падлучÑнні. Ðкно журнала заўÑёды даÑтупнае з панÑлі апавÑшчÑннÑÑž.</string>
+ <string name="show_log_window">Паказаць акно журнала</string>
+ <string name="mobile_info">%10$s %9$s працуе на %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
+ <string name="error_rsa_sign">Памылка подпіÑу з выкарыÑтаннем ключа Ñа Ñховішча Android %1$s: %2$s</string>
+ <string name="faq_system_dialogs">ПапÑÑ€Ñджанне VPN злучÑннÑ, што гаворыць, што гÑÑ‚Ñ‹ дадатак можа перахаплÑць увеÑÑŒ Ñеткавы трафік, паказваецца ÑÑ–ÑÑ‚Ñмай Ð´Ð»Ñ Ð¿Ñ€Ð°Ð´ÑƒÑ…Ñ–Ð»ÐµÐ½Ð½Ñ Ð·Ð»Ð¾ÑžÐ¶Ñ‹Ð²Ð°Ð½Ð½Ñ API VPNService.\nÐпавÑшчÑнне пра VPN злучÑнні (знак ключа) такÑама фармуецца ÑÑ–ÑÑ‚Ñмай Android Ð´Ð»Ñ Ñігналізацыі выходнага VPN злучÑннÑ. У некаторых прашыўках гÑта апавÑшчÑнне Ñуправаджаецца гукам.\nAndroid выкарыÑтоўвае гÑÑ‚Ñ‹Ñ ÑÑ–ÑÑ‚ÑÐ¼Ð½Ñ‹Ñ Ð°Ð¿Ð°Ð²ÑшчÑнні Ð´Ð»Ñ Ð²Ð°ÑˆÐ°Ð¹ жа ўлаÑнай бÑÑпекі Ñ– Ñ–Ñ… нÑможна абыÑці. (Ðа жаль, на некаторых прашыўках гÑта Ñтавіцца Ñ– да гуку апавÑшчÑннÑ)</string>
+ <string name="faq_system_dialogs_title">Паведамленне пра падлучÑнне Ñ– гук апавÑшчÑннÑ</string>
+ <string name="translationby">БеларуÑкі пераклад ад MikalaiB &lt;bregid69@gmail.com&gt;</string>
+ <string name="ipdns">IP-Ð°Ð´Ñ€Ð°Ñ Ñ– DNS</string>
+ <string name="basic">ÐÑноўныÑ</string>
+ <string name="routing">МаршрутызацыÑ</string>
+ <string name="obscure">Ð£Ñ‚Ð¾ÐµÐ½Ñ‹Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹ OpenVPN. Звычайна не патрабуюцца.</string>
+ <string name="advanced">ПашыраныÑ</string>
+ <string name="export_config_title">ICS Openvpn канфігурацыÑ</string>
+ <string name="warn_no_dns">Серверы DNS не выкарыÑтоўваюцца. Дазвол імёнаў можа не працаваць. Разгледзіце магчымаÑць уÑталёўкі карыÑтацкіх DNS-Ñервераў. ТакÑама звернеце ўвагу, што Android будзе працÑгваць ÑкарыÑтаць параметры, Ð¿Ð°ÐºÐ°Ð·Ð°Ð½Ñ‹Ñ Ð´Ð»Ñ Ð²Ð°ÑˆÐ°Ð³Ð° мабільнага/Wi-Fi злучÑннÑ, калі не азначаны DNS-Ñерверы.</string>
+ <string name="dns_add_error">Ðе атрымалаÑÑ Ð´Ð°Ð´Ð°Ñ†ÑŒ DNS-Ñервер «%1$s», адхілены ÑÑ–ÑÑ‚Ñмай: %2$s</string>
+ <string name="ip_add_error">Ðе атрымалаÑÑ Ð½Ð°Ð»Ð°Ð´Ð·Ñ–Ñ†ÑŒ IP-Ð°Ð´Ñ€Ð°Ñ Â«%1$s», адхілены ÑÑ–ÑÑ‚Ñмай: %2$s</string>
+ <string name="faq_howto">&lt;p&gt;СкарыÑтайце гатовую канфігурацыю (пратÑÑтаваную на вашым кампутары ці атрыманую ад вашага правайдара)&lt;/p&gt;&lt;p&gt;Калі гÑта праÑтой файл без pem/pkcs12, вы можаце адправіць Ñго Ñк укладанне па Ñлектроннай пошце на Ñваю прыладу. Калі ж файлаў некалькі, вы можаце ÑкарыÑтаць Ñ–Ñ… Ñа Ñваёй карты памÑці.&lt;/p&gt;&lt;p&gt;ПроÑта адкрыйце .conf файл ці выберыце Ñго Ñž дыÑлогу імпарту (значок Ñ‚Ñчкі Ñž ÑпіÑе профілÑÑž)&lt;/p&gt;&lt;p&gt;Калі праграма выдаÑць памылку пра нÑÑтачу некаторых файлаў, проÑта змеÑціце гÑÑ‚Ñ‹Ñ Ñ„Ð°Ð¹Ð»Ñ‹ на карту памÑці.&lt;/p&gt;&lt;p&gt;ÐаціÑніце кнопку Ð·Ð°Ñ…Ð°Ð²Ð°Ð½Ð½Ñ Ð´Ð»Ñ Ð´Ð°Ð´Ð°Ð½Ð½Ñ Ñ–Ð¼Ð¿Ð°Ñ€Ñ‚Ð°Ð²Ð°Ð½Ð°Ð¹ канфігурацыі Ñž праграму&lt;/p&gt;&lt;p&gt;ЗапуÑціце ваш VPN-тунÑль, нажаўшы на Ñго назву Ñž ÑпіÑе&lt;/p&gt;&lt;p&gt;Калі пры запуÑку выніклі памылкі, паÑпрабуйце разабрацца Ñ– ўхіліць Ñ–Ñ….&lt;/p&gt; </string>
+ <string name="faq_howto_title">Хуткі Ñтарт</string>
+ <string name="setting_loadtun_summary">ПаÑпрабуйце загрузіць модуль Ñдра tun.ko, Перад тым Ñк Ñпрабаваць падлучыцца. Патрабуецца root-доÑтуп на прыладзе.</string>
+ <string name="setting_loadtun">Загрузіць tun-модуль</string>
+ <string name="importpkcs12fromconfig">Імпарт PKCS12 Ñа Ñховішча ключоў Android</string>
+ <string name="getproxy_error">Памылка пры атрыманні параметраў прокÑÑ–-Ñервера: %s</string>
+ <string name="using_proxy">ВыкарыÑтоўваецца прокÑÑ–-Ñервер %1$s %2$s</string>
+ <string name="use_system_proxy">ВыкарыÑтоўваць прокÑÑ–-Ñервер ÑÑ–ÑÑ‚Ñмы</string>
+ <string name="use_system_proxy_summary">ВыкарыÑтоўваць ÑÑ–ÑÑ‚Ñмную канфігурацыю прокÑÑ– HTTP/HTTPS Ð´Ð»Ñ Ð·Ð»ÑƒÑ‡ÑннÑ.</string>
+ <string name="onbootrestartsummary">OpenVPN будзе падключацца да паказанага VPN, калі ён быў актыўны пры загрузцы ÑÑ–ÑÑ‚Ñмы. Калі лаÑка, прачытайце FAQ пра папÑÑ€Ñджанне пры падлучÑнні перад тым, Ñк ÑкарыÑтаць гÑту опцыю на Android &lt; 5.0.</string>
+ <string name="onbootrestart">ПадключÑнне пры загрузцы</string>
+ <string name="ignore">Ігнараваць</string>
+ <string name="restart">ПеразапуÑк</string>
+ <string name="restart_vpn_after_change">Змены канфігурацыі ўжываюцца паÑÐ»Ñ Ð¿ÐµÑ€Ð°Ð·Ð°Ð¿ÑƒÑку VPN. (Пера)запуÑціць VPN цÑпер?</string>
+ <string name="configuration_changed">ÐšÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ Ð·Ð¼ÐµÐ½ÐµÐ½Ð°</string>
+ <string name="log_no_last_vpn">Ðе атрымалаÑÑ Ð²Ñ‹Ð·Ð½Ð°Ñ‡Ñ‹Ñ†ÑŒ апошні карыÑтаны профіль Ð´Ð»Ñ Ñ€ÑдагаваннÑ</string>
+ <string name="faq_duplicate_notification_title">ÐпавÑшчÑнні што дублююцца</string>
+ <string name="faq_duplicate_notification">Калі Ñž Android узнікае нÑÑтача аператыўнай памÑці (RAM), непатрÑÐ±Ð½Ñ‹Ñ Ñлужбы Ñ– дадаткі ÑпынÑюцца. З-за гÑтага перапынÑецца ÑžÑталÑванае VPN-злучÑнне. Каб пазбегнуць гÑтага, дадатак Ñ‚Ñ€Ñба запуÑкаць з падвышаным прыÑрытÑтам. Ð”Ð»Ñ Ð·Ð°Ð¿ÑƒÑку з выÑокім прыÑрытÑтам дадатак павінен вывеÑці апавÑшчÑнне. Значок ключа паказваецца наверÑе панÑлі апавÑшчÑннÑÑž Ñамай ÑÑ–ÑÑ‚Ñмай, Ñк апіÑана Ñž папÑÑ€Ñднім пытанні. Ðн не лічыцца тым апавÑшчÑннем, Ñкое дадатку патрÑбна Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑку з выÑокім прыÑрытÑтам.</string>
+ <string name="no_vpn_profiles_defined">Профілі VPN не азначаны.</string>
+ <string name="add_new_vpn_hint">ВыкарыÑтоўвайце значок &lt;img src=\"ic_menu_add\"/&gt; Ð´Ð»Ñ Ð´Ð°Ð´Ð°Ð½Ð½Ñ Ð½Ð¾Ð²Ð°Ð³Ð° VPN</string>
+ <string name="vpn_import_hint">СкарыÑтайце кнопку &lt;img src=\"ic_menu_archive\"/&gt; Ð´Ð»Ñ Ñ–Ð¼Ð¿Ð°Ñ€Ñ‚Ñƒ Ñ–Ñнавалых профілÑÑž (.ovpn ці .conf) з карты памÑці.</string>
+ <string name="faq_hint">Ðе забудзьцеÑÑ Ð·Ð°Ð·Ñ–Ñ€Ð½ÑƒÑ†ÑŒ у FAQ. Там Ñ‘Ñць кароткае кіраўніцтва.</string>
+ <string name="faq_routing_title">ÐšÐ¾Ð½Ñ„Ð¸Ð³ÑƒÑ€Ð°Ñ†Ð¸Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ð¸Ð·Ð°Ñ†Ð¸Ð¸/интерфейÑа</string>
+ <string name="faq_routing">ÐšÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹Ð·Ð°Ñ†Ñ‹Ñ– Ñ– інтÑрфейÑу выраблÑецца не праз Ñ‚Ñ€Ð°Ð´Ñ‹Ñ†Ñ‹Ð¹Ð½Ñ‹Ñ ifconfig/route каманды, а з дапамогай VPNService API. ГÑта прыводзіць да ÑтварÑÐ½Ð½Ñ Ñ–Ð½ÑˆÐ°Ð¹ канфігурацыі маршрутызацыі, адрознай ад канфігурацый, што выкарыÑтоўваюцца на іншых ÐС. ÐšÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ VPN-тунÑÐ»Ñ Ñкладаецца з IP-адраÑоў Ñ– Ñетак, ÑÐºÑ–Ñ Ð¿Ð°Ð²Ñ–Ð½Ð½Ñ‹ Ñкіроўвацца праз гÑÑ‚Ñ‹ інтÑрфейÑ. ÐÑ–Ñкіх адменных партнёрÑкіх адраÑоў ці адраÑоў шлюза не патрабуецца. ТакÑама не патрабуюцца Ñ– адмыÑÐ»Ð¾Ð²Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹ Ð´Ð»Ñ Ð·Ð»ÑƒÑ‡ÑÐ½Ð½Ñ Ð· VPN-Ñерверам (прыкладам, Ð´Ð°Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ Ð¿Ñ€Ñ‹ выкарыÑтанні redirect-gateway). Такім чынам, дадатак будзе ігнараваць гÑÑ‚Ñ‹Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹ пры імпарце канфігурацыі. Дадатак з дапамогай VPNService API гарантуе, што падлучÑнне да Ñервера не Ñкіроўваецца праз VPN-тунÑль. Падтрымліваецца кірунак праз тунÑль толькі пÑўных Ñетак. Дадатак Ñпрабуе вызначыць Ñеткі, ÑÐºÑ–Ñ Ð½Ðµ павінны быць Ñкіраваны праз тунÑль (прыкладам, маршрут x.x.x.x y.y.y.y net_gateway) Ñ– вылічае ÑÐ¿Ñ–Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ð°Ñž, у Ñкі не ўлучаюцца гÑÑ‚Ñ‹Ñ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ñ‹, каб ÑмулÑваць паводзіны іншых платформаў. Вокны журналаў Ñ– логаваў паказваюць канфігурацыю ÑÑрвіÑу VPN паÑÐ»Ñ ÑžÑталÑÐ²Ð°Ð½Ð½Ñ Ð·Ð»ÑƒÑ‡ÑннÑ.</string>
+ <string name="persisttun_summary">Ðе выкарыÑтоўваць звычайнае злучÑнне без VPN пры перападлучÑнні OpenVPN.</string>
+ <string name="persistent_tun_title">ЗаўÑёдны tun</string>
+ <string name="openvpn_log">Журнал OpenVPN</string>
+ <string name="import_config">Імпарт канфігурацыі OpenVPN</string>
+ <string name="battery_consumption_title">Спажыванне батарÑÑ–</string>
+ <string name="baterry_consumption">У маіх Ñ‚ÑÑтах галоўнай крыніцай выÑокага ÑÐ¿Ð°Ð¶Ñ‹Ð²Ð°Ð½Ð½Ñ ÑлектраÑнергіі батарÑÑ– былі пакеты keepalive. БольшаÑць OpenVPN-Ñервераў утрымваюць дырÑктыву накшталт «keepalive 10 60», ÑÐºÐ°Ñ Ð¿Ñ€Ñ‹Ð¼ÑƒÑˆÐ°Ðµ кліент Ñ– Ñервер мÑнÑцца keepalive-пакетамі ÐºÐ¾Ð¶Ð½Ñ‹Ñ 10 Ñекундаў. &lt;p&gt; Хоць гÑÑ‚Ñ‹Ñ Ð¿Ð°ÐºÐµÑ‚Ñ‹ Ñ– маленькіÑ, Ñ– не раÑходуюць шмат трафіка, Ñны прымушаюць радыёмодуль увеÑÑŒ Ñ‡Ð°Ñ Ð¿Ñ€Ð°Ñ†Ð°Ð²Ð°Ñ†ÑŒ, што павÑлічвае выдатак Ñнергіі. (гл. &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;) &lt;p&gt; Ðалады keepalive не могуць быць зменены на кліенту, гÑта можа зрабіць толькі ÑÑ–ÑÑ‚Ñмны адмініÑтратар OpenVPN. &lt;p&gt; Ðа жаль, выкарыÑтанне keepalive больш, чым 60 Ñекундаў з UDP, можа прывеÑці да таго, што Ð½ÐµÐºÐ°Ñ‚Ð¾Ñ€Ñ‹Ñ ÑˆÐ»ÑŽÐ·Ñ‹ NAT будуць абрываць злучÑнне з-за адÑутнаÑці актыўнаÑці. ВыкарыÑтанне TCP з вÑлікім keepalive-таймаўтам будзе працаваць, але прадукцыйнаÑць тунÑлÑÐ²Ð°Ð½Ð½Ñ TCP праз TCP у Ñетках з выÑокімі Ñтратамі пакетаў вельмі Ð½Ñ–Ð·ÐºÐ°Ñ (гл. &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt;Why TCP Over TCP Is A Bad Idea&lt;/a&gt;)</string>
+ <string name="faq_tethering">Ð¤ÑƒÐ½ÐºÑ†Ñ‹Ñ Ñ‚ÑÑ‚Ñрынгу Android (праз WiFi, USB ці Bluetooth) Ñ– VPNService API (карыÑтанае гÑтай праграмай) не працуюць разам. ПадрабÑзней у &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/34\"&gt;праблеме â„–34&lt;/a&gt;</string>
+ <string name="vpn_tethering_title">VPN и Tethering</string>
+ <string name="connection_retries">Спробы падлучÑннÑ</string>
+ <string name="reconnection_settings">Параметры перападлучÑннÑ</string>
+ <string name="connectretrymessage">КолькаÑць Ñекундаў паміж Ñпробамі падлучÑннÑ.</string>
+ <string name="connectretrywait">Секундаў паміж злучÑннÑмі</string>
+ <string name="minidump_generated">OpenVPN завÑршылаÑÑ Ð½ÐµÑ‡Ð°ÐºÐ°Ð½Ð°. Калі лаÑка, пагледзіце опцыю \"Ðдправіць Minidump\" у галоўным меню</string>
+ <string name="send_minidump">Ðдправіць Minidump раÑпрацоўніку</string>
+ <string name="send_minidump_summary">Ðдпраўленне адладкавай інфармацыі раÑпрацоўніку пра апошнÑе аварыйнае завÑршÑнне</string>
+ <string name="notifcation_title">OpenVPN - %s</string>
+ <string name="session_ipv4string">%1$s - %2$s</string>
+ <string name="session_ipv6string">%1$s - %3$s, %2$s</string>
+ <string name="state_connecting">ПадключÑнне</string>
+ <string name="state_wait">Чаканне адказу Ñервера</string>
+ <string name="state_auth">Праверка ÑапраўднаÑці</string>
+ <string name="state_get_config">Ðтрыманне канфігурацыі кліента</string>
+ <string name="state_assign_ip">ПрызначÑнне IP-адраÑоў</string>
+ <string name="state_add_routes">Даданне маршрутаў</string>
+ <string name="state_connected">Падлучана</string>
+ <string name="state_disconnected">Ðдключыцца</string>
+ <string name="state_reconnecting">Паўторнае падлучÑнне</string>
+ <string name="state_exiting">ВыйÑце</string>
+ <string name="state_noprocess">Ðе запушчана</string>
+ <string name="state_resolve">Дазвол імёнаў вузлоў</string>
+ <string name="state_tcp_connect">ПадключÑнне (TCP)</string>
+ <string name="state_auth_failed">Памылка аўтÑнтыфікацыі</string>
+ <string name="state_nonetwork">Чаканне працы Ñеткі</string>
+ <string name="statusline_bytecount">↓%2$s %1$s - ↑%4$s %3$s</string>
+ <string name="notifcation_title_notconnect">Раз\'Ñднана</string>
+ <string name="start_vpn_title">Подключение к VPN %s</string>
+ <string name="start_vpn_ticker">ПадключÑнне да VPN %s</string>
+ <string name="jelly_keystore_alphanumeric_bug">У некаторых верÑÑ–ÑÑ… Android 4.1 Ñ‘Ñць праблемы, калі Ñ–Ð¼Ñ Ñертыфіката ўтрымвае не літарна-Ð»Ñ–Ñ‡Ð±Ð°Ð²Ñ‹Ñ Ð·Ð½Ð°ÐºÑ– (прыкладам, прабелы, падкрÑÑленні ці працÑжнік). ПаÑпрабуйце пераўÑталÑваць Ñертыфікат без выкарыÑÑ‚Ð°Ð½Ð½Ñ Ð°Ð´Ð¼Ñ‹Ñловых знакаў.</string>
+ <string name="encryption_cipher">Ðлгарытм шыфраваннÑ</string>
+ <string name="packet_auth">Праверка ÑапраўднаÑці пакетаў</string>
+ <string name="auth_dialog_title">Вызначце метад праверкі ÑапраўднаÑці пакетаў</string>
+ <string name="built_by">Ñоздан %s</string>
+ <string name="debug_build">зборка Ð´Ð»Ñ Ð°Ð´Ð»Ð°Ð´ÐºÑ–</string>
+ <string name="official_build">Ð°Ñ„Ñ–Ñ†Ñ‹Ð¹Ð½Ð°Ñ Ð·Ð±Ð¾Ñ€ÐºÐ°</string>
+ <string name="make_selection_inline">СкапіÑваць у профіль</string>
+ <string name="crashdump">Справаздача пра паданне</string>
+ <string name="add">Дадаць</string>
+ <string name="send_config">Ðдправіць канфігурацыйны файл</string>
+ <string name="complete_dn">Поўнае DN</string>
+ <string name="remotetlsnote">Ð†Ð¼Ð¿Ð°Ñ€Ñ‚Ð°Ð²Ð°Ð½Ð°Ñ ÐºÐ°Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ‹Ñ Ð²Ñ‹ÐºÐ°Ñ€Ñ‹Ñтоўвае СÐСТÐРЭЛУЮ опцыю tls-remote, ÑÐºÐ°Ñ Ð¼Ð°Ðµ іншы фармат DN.</string>
+ <string name="rdn">RDN (поўнае імÑ)</string>
+ <string name="rdn_prefix">ПрÑÑ„Ñ–ÐºÑ RDN</string>
+ <string name="tls_remote_deprecated">tls-remote (СÐСТÐРЭЛÐЕ)</string>
+ <string name="help_translate">Вы можаце палепшыць пераклад, наведаўшы http://crowdin.net/project/ics-openvpn/invite</string>
+ <string name="prompt">%1$s Ñпрабуе кіраваць %2$s</string>
+ <string name="remote_warning">ПрацÑгваючы, вы даÑце дадатку права на кіраванне \"OpenVPN Ð´Ð»Ñ Android\" Ñ– перахоп уÑÑго Ñеткавага трафіка. <b> Ðе працÑгвайце, калі не давÑраеце цалкам гÑтаму дадатку. </b> У адваротным выпадку вы рызыкуеце збегам Ñ– выкарыÑтаннем вашых дадзеных злачынцамі.</string>
+ <string name="remote_trust">Я давÑраю гÑтаму дадатку.</string>
+ <string name="no_external_app_allowed">Ðет приложений, авторизованных Ð´Ð»Ñ Ð²Ð½ÐµÑˆÐ½ÐµÐ³Ð¾ API</string>
+ <string name="allowed_apps">Ð”Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÑ–: %s</string>
+ <string name="clearappsdialog">ÐчыÑціць ÑÐ¿Ñ–Ñ Ð°ÑžÑ‚Ð°Ñ€Ñ‹Ð·Ð°Ð²Ð°Ð½Ñ‹Ñ… вонкавых дадаткаў?\nÐ¡Ð¿Ñ–Ñ Ð´Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ… дадаткаў:\n\n%s</string>
+ <string name="screenoff_summary">ПриоÑтанавливать VPN, еÑли Ñкран выключен и передано меньше 64kb данных за 60 Ñек. Когда включена Ð¾Ð¿Ñ†Ð¸Ñ \"ПоÑтоÑнный туннель\", приоÑтановка VPN оÑтавит ваше уÑтройÑтво без Ñетевого подключениÑ. Без опции \"ПоÑтоÑнный туннель\" уÑтройÑтво не будет иметь VPN-ÑоединениÑ/защиты.</string>
+ <string name="screenoff_title">Прыпыніць VPN-злучÑнне пры вымкнутым Ñкране</string>
+ <string name="screenoff_pause">Прыпыненне злучÑÐ½Ð½Ñ Ð¿Ñ€Ñ‹ вымкнутым Ñкране: менш, чым %1$s за %2$sÑ</string>
+ <string name="screen_nopersistenttun">Увага: ЗаўÑёдны тунÑль не ўключаны Ð´Ð»Ñ Ð³Ñтага VPN. Трафік будзе ÑкарыÑтаць звычайнае інтÑрнÑÑ‚ злучÑнне, калі Ñкран вымкнуты.</string>
+ <string name="save_password">Захаваць пароль</string>
+ <string name="pauseVPN">Прыпыніць VPN</string>
+ <string name="resumevpn">ПрацÑгнуць VPN</string>
+ <string name="state_userpause">VPN прыпынены па запыце карыÑтача</string>
+ <string name="state_screenoff">VPN прыпынены - вымк. Ñкран</string>
+ <string name="device_specific">Хакі Ð´Ð»Ñ Ð´Ð°Ð´Ð·ÐµÐ½Ð°Ð¹ прылады</string>
+ <string name="cannotparsecert">Ðе атрымоўваецца адлюÑтраваць звеÑткі пра Ñертыфікат</string>
+ <string name="appbehaviour">Паводзіны дадатку</string>
+ <string name="vpnbehaviour">Паводзіны VPN</string>
+ <string name="allow_vpn_changes">Дазволіць змену профілÑÑž VPN</string>
+ <string name="hwkeychain">Ðпаратнае Ñховішча ключоў:</string>
+ <string name="permission_icon_app">Ðбразок дадатку Ñпрабуе ÑкарыÑтаць OpenVPN Ð´Ð»Ñ Android</string>
+ <string name="faq_vpndialog43">"Пачынаючы з Android 4.3, дыÑлог Ð¿Ð°Ñ†Ð²ÐµÑ€Ð´Ð¶Ð°Ð½Ð½Ñ VPN-злучÑÐ½Ð½Ñ Ð°Ð±Ð°Ñ€Ð¾Ð½ÐµÐ½Ñ‹ ад дадаткаў, «што накладаюцца паўзверх Ñкрана». ГÑта прыводзіць да таго, што дыÑлогавае акно Ð¿Ð°Ñ†Ð²ÐµÑ€Ð´Ð¶Ð°Ð½Ð½Ñ Ð½Ðµ Ñ€Ñагуе на ÑÑнÑÐ¾Ñ€Ð½Ñ‹Ñ Ð½Ð°Ñ†Ñ–Ñкі. Калі вам трапіцца дадатак, што выкарыÑтоўвае накладанні Ñ– выклікае Ñ‚Ð°ÐºÑ–Ñ Ð¿Ð°Ð²Ð¾Ð´Ð·Ñ–Ð½Ñ‹, звÑжыцеÑÑ Ð· аўтарам гÑтага дадаткі. ГÑта праблема закранае ÑžÑе VPN дадаткі на Android 4.3 Ñ– пазнейшых верÑÑ–ÑÑ…. Гледзіце такÑама &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"&gt;Issue 185&lt;a&gt; Ð´Ð»Ñ Ð°Ñ‚Ñ€Ñ‹Ð¼Ð°Ð½Ð½Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÐ¾Ð²Ñ‹Ñ… звеÑтак"</string>
+ <string name="faq_vpndialog43_title">Ðкно Ð¿Ð°Ñ†Ð²ÐµÑ€Ð´Ð¶Ð°Ð½Ð½Ñ VPN Ð´Ð»Ñ Android 4.3 Ñ– пазней</string>
+ <string name="donatePlayStore">ТакÑама Ð’Ñ‹ можаце выказаць падзÑку Ñž выглÑдзе ахвÑÑ€Ð°Ð²Ð°Ð½Ð½Ñ Ð½Ð° Краме Play:</string>
+ <string name="thanks_for_donation">ДзÑкуй за ахвÑраванне %s!</string>
+ <string name="logCleared">Журнал вычышчаны.</string>
+ <string name="show_password">Паказаць пароль</string>
+ <string name="keyChainAccessError">памылка пры доÑтупе да Ñховішча ключоў: %s</string>
+ <string name="timestamp_short">Коратка</string>
+ <string name="timestamp_iso">ISO</string>
+ <string name="timestamps">ЧаÑ</string>
+ <string name="timestamps_none">Ðе</string>
+ <string name="uploaded_data">Выгружана</string>
+ <string name="downloaded_data">Загружана</string>
+ <string name="vpn_status">Ð¡Ñ‚Ð°Ñ‚ÑƒÑ VPN</string>
+ <string name="logview_options">Ðалады выглÑду</string>
+ <string name="unhandled_exception">ÐÐµÐ°Ð¿Ð°Ð·Ð½Ð°Ð½Ð°Ñ Ð¿Ð°Ð¼Ñ‹Ð»ÐºÐ°: %1$s\n\n%2$s</string>
+ <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
+ <string name="faq_system_dialog_xposed">Калі на вашай прыладзе Ñ‘Ñць root, можаце ÑžÑталÑваць &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; Ñ– &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;модуль аўтаматычнага Ð¿Ð°Ñ†Ð²ÐµÑ€Ð´Ð¶Ð°Ð½Ð½Ñ Ð´Ñ‹Ñлогу падлучÑÐ½Ð½Ñ VPN&lt;/a&gt; на Ñвой Ñтрах Ñ– рызык</string>
+ <string name="full_licenses">ÐŸÐ¾ÑžÐ½Ñ‹Ñ Ñ‚ÑкÑÑ‚Ñ‹ ліцÑнзій</string>
+ <string name="blocklocal_summary">Сеткі, даÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ Ð½Ð°ÑžÐ¿Ñ€Ð¾ÑÑ‚ праз лакальны інтÑрфейÑ, не будуць маршрутызаваны праз VPN. Ðдключыце гÑту опцыю, каб Ñкіраваць трафік праз VPN.</string>
+ <string name="blocklocal_title">Ðе выкарыÑтоўваць VPN Ð´Ð»Ñ Ð»Ð°ÐºÐ°Ð»ÑŒÐ½Ñ‹Ñ… адраÑоў</string>
+ <string name="userpw_file">Файл логіна Ñ– паролÑ</string>
+ <string name="imported_from_file">[Імпартавана з: %s]</string>
+ <string name="files_missing_hint">Ðекоторые файлы не найдены. Выберите файлы Ð´Ð»Ñ Ð¸Ð¼Ð¿Ð¾Ñ€Ñ‚Ð° в профиль:</string>
+ <string name="openvpn_is_no_free_vpn">Ð”Ð»Ñ Ð²Ñ‹ÐºÐ°Ñ€Ñ‹ÑÑ‚Ð°Ð½Ð½Ñ Ð´Ð°Ð´Ð·ÐµÐ½Ð°Ð³Ð° дадатку патрÑбен правайдар/шлюз VPN, што падтрымвае OpenVPN (чаÑта падаецца працадаўцам). Ðа http://community.openvpn.net/ можна знайÑці інфармацыю пра OpenVPN Ñ– Ñк наладзіць улаÑны Ñервер OpenVPN.</string>
+ <string name="import_log">Лог імпарту:</string>
+ <string name="ip_looks_like_subnet">Указана Ñ‚Ð°Ð¿Ð°Ð»Ð¾Ð³Ñ–Ñ VPN «%3$s», але ifconfig %1$s %2$s больш падобна на IP-Ð°Ð´Ñ€Ð°Ñ Ð· маÑкай Ñеткі. ВыкарыÑтоўваецца Ñ‚Ð°Ð¿Ð°Ð»Ð¾Ð³Ñ–Ñ Â«Ð¿Ð°Ð´Ñетка».</string>
+ <string name="mssfix_invalid_value">ЗначÑнне, што перазапіÑвае MSS, павінна быць цÑлым лікам ад 0 да 9000</string>
+ <string name="mtu_invalid_value">ЗначÑнне, пÑравызначальнае MTU, павінна быць цÑлым лікам ад 64 да 9000</string>
+ <string name="mssfix_value_dialog">ÐбвÑÑціць TCP ÑеÑÑ–Ñм, што працуюць праз тунÑль, што Ñны павінны абмежаваць памер Ñваіх пакетаў так, каб паÑÐ»Ñ Ñ–Ñ… інкапÑулÑцыі OpenVPN выніковы памер UDP-пакета, Ñкі OpenVPN паÑылае Ñваім балÑм, не перавышаў гÑÑ‚Ñ‹ лік байт. (1450 па змаўчанні)</string>
+ <string name="mssfix_checkbox">Перавызначыць MSS Ð´Ð»Ñ Ð½Ð°Ð³Ñ€ÑƒÐ·ÐºÑ– TCP</string>
+ <string name="mssfix_dialogtitle">Задаць MSS Ð´Ð»Ñ Ð½Ð°Ð³Ñ€ÑƒÐ·ÐºÑ– TCP</string>
+ <string name="client_behaviour">Паводзіны кліента</string>
+ <string name="clear_external_apps">ÐчыÑціць Ð´Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ Ð·Ð½ÐµÑˆÐ½Ñ–Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÑ–</string>
+ <string name="loading">Загружаецца&#8230;</string>
+ <string name="allowed_vpn_apps_info">Ð”Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÑ– VPN: %1$s</string>
+ <string name="disallowed_vpn_apps_info">Ð—Ð°Ð±Ð°Ñ€Ð¾Ð½ÐµÐ½Ñ‹Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÑ– VPN: %1$s</string>
+ <string name="app_no_longer_exists">Пакет %s больш не ÑžÑталÑваны, ён падалÑецца Ñа ÑпіÑа дазволеных/забароненых дадаткаў</string>
+ <string name="vpn_disallow_radio">ВыкарыÑтоўваць VPN Ð´Ð»Ñ ÑžÑÑ–Ñ… дадаткаў, апроч абраных</string>
+ <string name="vpn_allow_radio">ВыкарыÑтоўваць VPN толькі Ð´Ð»Ñ Ð°Ð±Ñ€Ð°Ð½Ñ‹Ñ… дадаткаў</string>
+ <string name="query_delete_remote">Прыбраць Ð·Ð°Ð¿Ñ–Ñ Ð²Ñ‹Ð´Ð°Ð»ÐµÐ½Ð°Ð³Ð° Ñервера?</string>
+ <string name="keep">Захаваць</string>
+ <string name="delete">Выдаліць</string>
+ <string name="add_remote">Дадаць новую падаленку</string>
+ <string name="remote_random">ВыкарыÑтоўваць ÑÐ¿Ñ–Ñ Ð¿Ð°Ð´Ð»ÑƒÑ‡ÑннÑÑž у выпадковым парадку пры злучÑнні</string>
+ <string name="remote_no_server_selected">Ð’Ñ‹ павінны вызначыць Ñ– ўключыць прынамÑÑ– адзін выдалены Ñервер.</string>
+ <string name="server_list">Ð¡Ð¿Ñ–Ñ Ñервераў</string>
+ <string name="vpn_allowed_apps">Ð”Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ Ð´Ð°Ð´Ð°Ñ‚ÐºÑ–</string>
+ <string name="advanced_settings">ÐŸÐ°ÑˆÑ‹Ñ€Ð°Ð½Ñ‹Ñ Ð½Ð°Ð»Ð°Ð´Ñ‹</string>
+ <string name="payload_options">Ðалады карыÑнай нагрузкі</string>
+ <string name="tls_settings">Ðалады TLS</string>
+ <string name="no_remote_defined">ÐÑма зададзенай падаленкі</string>
+ <string name="duplicate_vpn">ДублÑваць профіль VPN</string>
+ <string name="duplicate_profile_title">ДублÑванне профілю: %s</string>
+ <string name="show_log">Паказаць акно журнала</string>
+ <string name="faq_android_clients">ІÑнуюць Ñ€Ð¾Ð·Ð½Ñ‹Ñ ÐºÐ»Ñ–ÐµÐ½Ñ‚Ñ‹ OpenVPN Ð´Ð»Ñ Android. Ð¡Ð°Ð¼Ñ‹Ñ Ð¿Ð°ÑˆÑ‹Ñ€Ð°Ð½Ñ‹Ñ â€” OpenVPN Ð´Ð»Ñ Android (гÑÑ‚Ñ‹ кліент), OpenVPN Connect Ñ– OpenVPN Settings.&lt;p&gt;Кліенты можна падзÑліць на дзве групы: OpenVPN Ð´Ð»Ñ Android Ñ– OpenVPN Connect ÑкарыÑтаюць афіцыйны VPNService API (Android 4.0+) Ñ– не патрабуюць root-доÑтуп, Ñ– OpenVPN Settings, Ñкі патрабуе root.&lt;p&gt;OpenVPN Ð´Ð»Ñ Android — кліент з адкрытым зыходным кодам, Ñкі раÑпрацаваў Arne Schwabe. Ðн прызначаны Ð´Ð»Ñ Ð±Ð¾Ð»ÑŒÑˆ за доÑледных карыÑтачоў Ñ– падае шмат налад, магчымаÑць імпарту профілÑÑž з файлаў Ñ– наладжваць/змÑнÑць профілі ÑžÑÑÑ€Ñдзіне дадатку. ГÑÑ‚Ñ‹ кліент заÑнаваны на грамадÑкай верÑÑ–Ñ– OpenVPN. Рменавіта на выточным кодзе OpenVPN 2.x. ГÑÑ‚Ñ‹ кліент можна ÑžÑвіць Ñк напаўафіцыйны кліент ÑупольнаÑці. &lt;p&gt;OpenVPN Connect — кліент з зачыненым зыходным кодам, Ñкі раÑпрацоўваецца OpenVPN Technologies, Inc. Ðн закліканы Ð´Ð»Ñ Ð·Ð²Ñ‹Ñ‡Ð°Ð¹Ð½Ð°Ð³Ð° выкарыÑÑ‚Ð°Ð½Ð½Ñ Ñ– прызначаны Ð´Ð»Ñ Ð¿Ñ€Ð¾ÑÑ‚Ñ‹Ñ… карыÑтачоў, Ñ– дазвалÑе імпартаваць профілі з OpenVPN. ГÑÑ‚Ñ‹ кліент заÑнаваны на OpenVPN C++, іншай Ñ€Ñалізацыі пратакола OpenVPN (ГÑта запатрабавалаÑÑ OpenVPN Technologies, Inc, каб апублікаваць дадатак OpenVPN на iOS). ГÑÑ‚Ñ‹ кліент — афіцыйны кліент OpenVPN technologies &lt;p&gt; OpenVPN Settings — найÑтары з кліентаў, ён такÑама UI Ð´Ð»Ñ OpenVPN з адкрытым зыходным кодам. У адрозненне ад OpenVPN Ð´Ð»Ñ Android, ён патрабуе root-правы Ñ– не выкарыÑтоўвае VPNService API. Ðн не залежыць ад Android 4.0+</string>
+ <string name="faq_androids_clients_title">Ðдрозненні паміж кліентамі OpenVPN Ð´Ð»Ñ Android</string>
+ <string name="ignore_multicast_route">Ігнаруецца мультыадраÑны маршрут: %s</string>
+ <string name="ab_only_cidr">Android падтрымвае толькі CIDR маршруты да VPN. Бо не CIDR маршруты амаль ніколі не выкарыÑтоўваюцца, OpenVPN Ð´Ð»Ñ Android будзе выкарыÑтоўваць /32 Ð´Ð»Ñ Ð½Ðµ CIDR маршрутаў Ñ– выдаваць папÑÑ€Ñджанне.</string>
+ <string name="ab_tethering_44">ТÑÑ‚Ñрынг/раздача інтÑрнÑту працуе, калі актыўны VPN. МадÑмнае злучÑнне (Ñ‚ÑÑ‚Ñрынг) ÐЕ БУДЗЕ выкарыÑтоўваць VPN.</string>
+ <string name="ab_kitkat_mss">Ð Ð°Ð½Ð½Ñ–Ñ Ð²ÐµÑ€ÑÑ–Ñ– KitKat уÑталёўваюць нÑÑлушнае значÑнне MSS Ð´Ð»Ñ TCP злучÑннÑÑž (#61948). ПаÑпрабуйце ўключыць опцыю mssfix, каб абыÑці гÑÑ‚Ñ‹ баг.</string>
+ <string name="ab_proxy">Android будзе працÑгваць ÑкарыÑтаць вашы налады прокÑÑ–, Ð¿Ð°ÐºÐ°Ð·Ð°Ð½Ñ‹Ñ Ð´Ð»Ñ Ð¼Ð°Ð±Ñ–Ð»ÑŒÐ½Ð°Ð³Ð°/Wi-Fi злучÑннÑ, калі не ÑžÑталÑваны DNS Ñервер. OpenVPN Ð´Ð»Ñ Android папÑÑ€Ñдзіць Ð²Ð°Ñ Ð¿Ñ€Ð° гÑта Ñž журнале.<p>Калі VPN уÑталёўвае DNS Ñервер Android не выкарыÑтоўвае прокÑÑ–. Ð”Ð»Ñ ÑžÑталёўкі прокÑÑ– Ð´Ð»Ñ VPN злучÑÐ½Ð½Ñ Ð½Ñма API.</p></string>
+ <string name="ab_lollipop_reinstall">ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ VPN могут переÑтать работать поÑле ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ Ð¸ повторной уÑтановки. ПодробноÑти Ñм. #80074</string>
+ <string name="ab_not_route_to_vpn">Сканфігураваны IP-Ð°Ð´Ñ€Ð°Ñ ÐºÐ»Ñ–ÐµÐ½Ñ‚Ð° Ñ– IP-адраÑа Ñž Ñго падÑеткі (паводле Ñеткавай маÑкі) не Ñкіроўваюцца праз VPN. OpenVPN абыходзіць гÑÑ‚Ñ‹ баг, відавочна дадаючы маршрут, Ñкі адпавÑдае кліенцкаму IP Ñ– Ñго Ñеткавай маÑцы</string>
+ <string name="ab_persist_tun">Ðдкрыццё тунÑлÑ, калі тунÑль ужо актыўны, Ð´Ð»Ñ Ñго нÑзменнага ўтрыманнÑ, можа прывеÑці да памылкі Ñ– VPNServices зачыніцца на прыладзе. Ð”Ð»Ñ Ð°Ð´Ð½Ð°ÑžÐ»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð°Ñ†Ñ‹ VPN патрабуецца перазагрузка. OpenVPN Ð´Ð»Ñ Android Ñпрабуе ўнікнуць уÑталёўкі другога тунÑлÑ, Ñ– калі Ñапраўды патрÑбна - Ñпачатку зачынÑе бÑгучы тунÑль, перад адкрыццём новага, каб пазбегнуць краху праграмы. ГÑта можа прывеÑці да маленькага інтÑрвалу, у Ñкім перадача пакетаў адбываецца па звычайным (не VPN) злучÑнню. Ðават з гÑтымі хітрыкамі VPNServices чаÑам падае Ñ– патрабуе перазагрузкі прылады.</string>
+ <string name="ab_secondary_users">VPN зуÑім не працуе Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð°Ñных карыÑтачоў.</string>
+ <string name="ab_kitkat_reconnect">"Ð Ð¾Ð·Ð½Ñ‹Ñ ÐºÐ°Ñ€Ñ‹Ñтачы паведамлÑюць, што Ð¼Ð°Ð±Ñ–Ð»ÑŒÐ½Ð°Ñ ÑувÑзь/Ð¼Ð°Ð±Ñ–Ð»ÑŒÐ½Ð°Ñ Ð¿ÐµÑ€Ð°Ð´Ð°Ñ‡Ð° дадзеных чаÑта абрываецца, калі выкарыÑтоўваецца VPN дадатак. Ð¢Ð°ÐºÑ–Ñ Ð¿Ð°Ð²Ð¾Ð´Ð·Ñ–Ð½Ñ‹, здаецца, закранае толькі Ð½ÐµÐºÐ°Ñ‚Ð¾Ñ€Ñ‹Ñ ÐºÐ°Ð¼Ð±Ñ–Ð½Ð°Ñ†Ñ‹Ñ– правайдараў/прылад, Ñ– пакуль што не выÑўлена прычына/нÑма абыходу гÑтага бага."</string>
+ <string name="ab_vpn_reachability_44">ÐдраÑÑ‹ могуць працаваць праз VPN толькі Ñ‚Ñ‹Ñ, што даÑÑ‚ÑƒÐ¿Ð½Ñ‹Ñ Ð±ÐµÐ· VPN. IPv6 VPN не працуюць зуÑім.</string>
+ <string name="ab_only_cidr_title">Ðе CIDR маршруты</string>
+ <string name="ab_proxy_title">Паводзіны прокÑÑ– Ð´Ð»Ñ VPN</string>
+ <string name="ab_lollipop_reinstall_title">ПераўÑталÑванне дадаткаў VPN</string>
+ <string name="version_upto">%s і раней</string>
+ <string name="copy_of_profile">ÐšÐ¾Ð¿Ñ–Ñ %s</string>
+ <string name="ab_not_route_to_vpn_title">Маршрут Ð´Ð»Ñ ÑžÑталÑванага IP-адраÑа</string>
+ <string name="ab_kitkat_mss_title">ÐÑÑлушнае значÑнне MSS Ð´Ð»Ñ VPN злучÑннÑ</string>
+ <string name="ab_secondary_users_title">Ð”Ð°Ð´Ð°Ñ‚ÐºÐ¾Ð²Ñ‹Ñ ÐºÐ°Ñ€Ñ‹Ñтачы прылады</string>
+ <string name="custom_connection_options_warng">Вызначце аÑÐ°Ð±Ð»Ñ–Ð²Ñ‹Ñ ÐºÐ°Ñ€Ñ‹ÑÑ‚Ð°Ð»ÑŒÐ½Ñ–Ñ†ÐºÑ–Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹ падключÑннÑ. ВыкарыÑтоўвайце з аÑцÑрожнаÑцю</string>
+ <string name="custom_connection_options">КарыÑÑ‚Ð°Ð»ÑŒÐ½Ñ–Ñ†ÐºÑ–Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹</string>
+ <string name="remove_connection_entry">Выдаліць Ð·Ð°Ð¿Ñ–Ñ Ð¿Ð°Ð´ÐºÐ»ÑŽÑ‡ÑннÑ</string>
+ <string name="ab_kitkat_reconnect_title">Ð’Ñ‹Ð¿Ð°Ð´ÐºÐ¾Ð²Ñ‹Ñ Ð°Ð´ÐºÐ»ÑŽÑ‡Ñнні ад мабільнай Ñеткі</string>
+ <string name="ab_vpn_reachability_44_title">ÐŸÐ°Ð´Ð°Ð»ÐµÐ½Ñ‹Ñ Ñеткі недаÑтупныÑ</string>
+ <string name="ab_persist_tun_title">ПрымуÑовы Ñ€Ñжым tun</string>
+ <string name="version_and_later">%s Ñ– вышÑй</string>
+ <string name="tls_cipher_alert_title">ÐÑўдалае злучÑнне з SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
+ <string name="tls_cipher_alert">ÐÐ¾Ð²Ñ‹Ñ Ð²ÐµÑ€ÑÑ–Ñ– OpenVPN Ð´Ð»Ñ Android (0.6.29/Сакавік 2015) ÑкарыÑтаюць больш бÑÑÐ¿ÐµÑ‡Ð½Ñ‹Ñ Ð½Ð°Ð»Ð°Ð´Ñ‹ па змаўчанні Ð´Ð»Ñ Ð´Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ… набораў шыфраў (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Ðа жаль, Ñпыненне выкарыÑÑ‚Ð°Ð½Ð½Ñ Ð¼ÐµÐ½Ñˆ за бÑÑÐ¿ÐµÑ‡Ð½Ñ‹Ñ Ñ– ÑкÑпартных набораў шыфраў, а аÑабліва Ñ‚Ñ‹Ñ… набораў шыфраў, што не падтрымваюць Perfect Forward Secrecy (Diffie-Hellman), прыводзіць да некаторых праблем. Звычайна гÑта адбываецца з-за добранамернай, але дрÑнна Ñ€Ñалізаванай Ñпробы ÑžÐ·Ð¼Ð°Ñ†Ð½ÐµÐ½Ð½Ñ Ð±ÑÑпекі TLS шлÑхам уÑталёўкі tls-cipher на Ñерверы ці некаторых убудаваных ÐС з падрÑзаным SSL (прыкладам, MikroTik).\nКаб вырашыць гÑту праблему, уÑталюеце налады tls-cipher на Ñерверы на Ñ€Ð°Ð·ÑƒÐ¼Ð½Ñ‹Ñ Ð¿Ð° змаўчанні, Ñ‚Ð°ÐºÑ–Ñ Ñк tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Каб абыÑці праблему на кліенту, дадайце аÑобную наладу tls-cipher DEFAULT у Android-кліент.</string>
+ <string name="message_no_user_edit">Дадзены профіль быў дададзены з вонкавага дадатку (%s) Ñ– быў адзначаны Ñк непрыдатны да Ñ€ÑÐ´Ð°Ð³Ð°Ð²Ð°Ð½Ð½Ñ ÐºÐ°Ñ€Ñ‹Ñтачамі.</string>
+ <string name="crl_file">Ð¡Ð¿Ñ–Ñ Ð°Ð´ÐºÐ»Ñ–ÐºÐ°Ð½Ñ‹Ñ… Ñертыфікатаў</string>
+ <string name="service_restarted">ПеразапуÑк ÑÑрвіÑу OpenVPN (Дадатак, напÑўна, упаў ці быў зачынена з-за нÑÑтачы памÑці)</string>
+ <string name="import_config_error">Імпартаванне канфігурацыі прывÑло да памылкі, немагчыма захаваць змены</string>
+ <string name="Search">Пошук</string>
+ <string name="lastdumpdate">(Ðпошні дамп Ñтвораны %1$d г. Ñ– %2$d Ñ…. назад (%3$s))</string>
+ <string name="clear_log_on_connect">ЧыÑціць журнал пры новым злучÑнні</string>
+ <string name="connect_timeout">Ð§Ð°Ñ Ñ‡Ð°ÐºÐ°Ð½Ð½Ñ Ð·Ð»ÑƒÑ‡ÑннÑ</string>
+ <string name="no_allowed_app">Ðе дададзена дазволеных дадаткаў. Дадаём ÑÑбе (%s), каб у ÑпіÑе дазволеных дадаткаў быў хоць бы адзін дадатак, інакш уÑе дадаткі дададуцца Ñž ÑÐ¿Ñ–Ñ Ð´Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ…</string>
+ <string name="query_permissions_sdcard">OpenVPN Ð´Ð»Ñ Android можа паÑпрабаваць знайÑці адÑÑƒÑ‚Ð½Ñ‹Ñ Ñ„Ð°Ð¹Ð»Ñ‹ на SD-карце аўтаматычна. ÐаціÑніце на гÑта паведамленне, каб атрымаць запыт на дазвол.</string>
+ <string name="protocol">Пратакол</string>
+ <string name="enabled_connection_entry">Уключана</string>
+ <string name="abi_mismatch">Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch</string>
+ <string name="permission_revoked">Дазвол VPN адкліканы ÐС (прыкладам, запушчана Ñ–Ð½ÑˆÐ°Ñ Ð¿Ñ€Ð°Ð³Ñ€Ð°Ð¼Ð° VPN), ÑпынÑем VPN</string>
+ <string name="pushpeerinfo">Ðдправіць інфармацыю пра ўдзельніка</string>
+ <string name="pushpeerinfosummary">Ðдправіць дадатковую інфармацыю на Ñервер, прыкладам, верÑÑ–ÑŽ SSL Ñ– верÑÑ–ÑŽ Android</string>
+ <string name="pw_request_dialog_title">Патрабуецца %1$s</string>
+ <string name="pw_request_dialog_prompt">Калі лаÑка, увÑдзіце пароль Ð´Ð»Ñ Ð¿Ñ€Ð¾Ñ„Ñ–Ð»ÑŽ %1$s</string>
+ <string name="menu_use_inline_data">Ужыць ÑƒÐ±ÑƒÐ´Ð°Ð²Ð°Ð½Ñ‹Ñ Ð´Ð°Ð´Ð·ÐµÐ½Ñ‹Ñ</string>
+ <string name="export_config_chooser_title">ЭкÑпарт файла канфігурацыі</string>
+ <string name="missing_tlsauth">файл tls-auth адÑутнічае</string>
+ <string name="missing_certificates">ÐдÑутнічае Ñертыфікат карыÑтача ці файл ключа Ñертыфіката карыÑтача</string>
+ <string name="missing_ca_certificate">ОтÑутÑтвует Ñертификат ЦС</string>
+ <string name="crl_title">Ð¡Ð¿Ñ–Ñ Ð°Ð´ÐºÐ»Ñ–ÐºÐ°Ð½Ñ‹Ñ… Ñертыфікатаў (апцыÑнальна)</string>
+ <string name="reread_log">Перачытаць (%d) Ñлементаў лога з файла кÑша лога</string>
+ <string name="samsung_broken">Ðават нÑгледзÑчы на тое, што Ñ‚Ñлефоны Samsung з\'ÑўлÑюцца аднымі з найболей прадаваных Ñ‚Ñлефонаў на Android, прашыўкі Samsung такÑама з\'ÑўлÑюцца Ñ– найболей праблемнымі прашыўкамі на Android. Памылкі не абмÑжоўваюцца толькі працай VPN на гÑÑ‚Ñ‹Ñ… прыладах, але Ð¼Ð½Ð¾Ð³Ñ–Ñ Ð· Ñ–Ñ… можна абыÑці. Далей апіÑаны Ð½ÐµÐºÐ°Ñ‚Ð¾Ñ€Ñ‹Ñ Ð· гÑÑ‚Ñ‹Ñ… памылкаў.\n\nDNS не працуе, калі Ñервер DNS не Ñž дыÑпазоне VPN.\n\nÐа многіх прыладах Samsung 5.x Ñ„ÑƒÐ½ÐºÑ†Ñ‹Ñ Ð´Ð°Ð·Ð²Ð¾Ð»ÐµÐ½Ñ‹Ñ…/забароненых дадаткаў не працуе.\nÐа Samsung 6.x, Ñк паведамлÑецца, VPN не працуе, пакуль дадатку VPN не дазволена не Ñканоміць зарад батарÑÑ–.</string>
+ <string name="samsung_broken_title">ТÑлефоны Samsung</string>
+ <string name="novpn_selected">Ðе абрана VPN.</string>
+ <string name="defaultvpn">VPN па змаўчанні</string>
+ <string name="defaultvpnsummary">VPN, Ñкі будзе выкарыÑтоўвацца па змаўчанні, калі гÑта патрÑбна. Рменавіта, пры загрузцы, Ð´Ð»Ñ Â«ÐÑзменнай VPN» Ñ– Ð´Ð»Ñ Ð¿ÐµÑ€Ð°Ð¼Ñ‹ÐºÐ°Ñ‡Ð° Ñž «Хуткіх наладах».</string>
+ <string name="vpnselected">У гÑÑ‚Ñ‹ Ñ‡Ð°Ñ Ð°Ð±Ñ€Ð°Ð½Ñ‹ VPN: \'%s\'</string>
+ <string name="reconnect">Перадалучыць</string>
+ <string name="qs_title">ПераключÑнне VPN</string>
+ <string name="qs_connect">Падлучыцца да %s</string>
+ <string name="qs_disconnect">Ðдключыцца ад %s</string>
+ <string name="connectretrymaxmessage">УвÑдзіце макÑімальны Ñ‡Ð°Ñ Ð¿Ð°Ð¼Ñ–Ð¶ Ñпробамі злучÑннÑ. OpenVPN будзе павольна падымаць Ñвой Ñ‡Ð°Ñ Ñ‡Ð°ÐºÐ°Ð½Ð½Ñ Ð¿Ð°ÑÐ»Ñ Ð½Ñўдалай Ñпробы падлучÑÐ½Ð½Ñ Ð´Ð° гÑтага значÑннÑ. Па змаўчанні 300 Ñек.</string>
+ <string name="connectretrymaxtitle">МакÑімальны Ñ‡Ð°Ñ Ð¿Ð°Ð¼Ñ–Ð¶ Ñпробамі злучÑннÑ</string>
+ <string name="state_waitconnectretry">Чаканне %ss Ñекундаў паміж Ñпробай падлучÑннÑ</string>
+ <string name="nought_alwayson_warning"><![CDATA[Калі дыÑлог Ð¿Ð°Ñ†Ð²ÐµÑ€Ð´Ð¶Ð°Ð½Ð½Ñ VPN не адкрыўÑÑ, то Ñž Ð²Ð°Ñ Ð°Ð±Ñ€Ð°Ð½Ñ‹ іншы дадатак у «ÐÑÐ·Ð¼ÐµÐ½Ð½Ð°Ñ VPN». ГÑта значыць, што толькі дадзенаму дадатку дазволена падключацца да VPN. Праверце Ðалады -> (Сеткі) Ð¯ÑˆÑ‡Ñ -> VPN]]></string>
+ <string name="management_socket_closed">ПадключÑнне да OpenVPN зачынена (%s)</string>
+ <string name="change_sorting">ЗмÑніць Ñартаванне</string>
+ <string name="sort">Сартаваць</string>
+ <string name="sorted_lru">Профілі адÑартаваны па парадку апошнÑга выкарыÑтаннÑ</string>
+ <string name="sorted_az">Профілі адÑартаваны па назве</string>
+ <string name="deprecated_tls_remote">Файл налады выкарыÑтоўвае опцыю tls-remote, ÑÐºÐ°Ñ Ð±Ñ‹Ð»Ð° абвешчана ÑаÑтарÑлай у верÑÑ–Ñ– 2.3 Ñ– канчаткова выдалена Ñž верÑÑ–Ñ– 2.4</string>
+ <string name="auth_failed_behaviour">Паводзіны пры AUTH_FAILED</string>
+ <string name="graph">Графік</string>
+ <string name="use_logarithmic_scale">ВыкарыÑтоўваць лагарыфмічную шкалу</string>
+ <string name="notenoughdata">ÐедаÑтаткова дадзеных</string>
+ <string name="avghour">У ÑÑÑ€Ñднім за гадзіну</string>
+ <string name="avgmin">У ÑÑÑ€Ñднім за хвіліну</string>
+ <string name="last5minutes">ÐÐ¿Ð¾ÑˆÐ½Ñ–Ñ 5 хвілін</string>
+ <string name="data_in">Уваходны</string>
+ <string name="data_out">Выходны</string>
+ <string name="bits_per_second">%.0f біт/Ñ</string>
+ <string name="kbits_per_second">%.1f Кбіт/Ñ</string>
+ <string name="mbits_per_second">%.1f Мбіт/Ñ</string>
+ <string name="gbits_per_second">%.1f Гбіт/Ñ</string>
+ <string name="weakmd">&lt;p&gt; Пачынаючы з OpenSSL верÑÑ–Ñ– 1.1, OpenSSL адхілÑе ÑÐ»Ð°Ð±Ñ‹Ñ Ð¿Ð¾Ð´Ð¿Ñ–ÑÑ‹ Ñž такіх Ñертыфікатах, Ñк MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5, подпіÑÑ‹ цалкам небÑÑÐ¿ÐµÑ‡Ð½Ñ‹Ñ Ñ– больш не павінны выкарыÑтоўвацца.&lt;/b&gt; Сутыкненні MD5 могуць быць Ñтвораны Ñž &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt; праз некалькі гадзін з мінімальнымі выдаткамі.&lt;/a&gt;. Ð’Ñ‹ павінны Ñк мага хутчÑй абнавіць Ñертыфікаты VPN. &lt;/p&gt;&lt;p&gt;Ðа жаль, ÑÑ‚Ð°Ñ€Ñ‹Ñ Ð´Ñ‹Ñтрыбутывы easy-rsa улучалі опцыю канфігурацыі «default_md md5». Калі вы ÑкарыÑтаеце Ñтарую верÑÑ–ÑŽ easy-rsa, абновіце Ñе да &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;latest верÑÑ–Ñ–&lt;/a&gt;) ці зменіце md5 на sha256 Ñ– адновіце Ñвае Ñертыфікаты.&lt;/p&gt;&lt;p&gt;Калі вы Ñапраўды хочаце ÑкарыÑтаць ÑÑ‚Ð°Ñ€Ñ‹Ñ Ñ– Ð¿Ð°ÑˆÐºÐ¾Ð´Ð¶Ð°Ð½Ñ‹Ñ Ñертыфікаты, ÑкарыÑтайце наладжвальны параметр канфігурацыі tls-cipher «DEFAULT: @SECLEVEL = 0 \"у пашыранай канфігурацыі ці Ñž ÑкаÑці дадатковага радка Ñž вашай імпартаванай канфігурацыі&lt;/p&gt;</string>
+ <string name="volume_byte">%.0f Б</string>
+ <string name="volume_kbyte">%.1f КБ</string>
+ <string name="volume_mbyte">%.1f МБ</string>
+ <string name="volume_gbyte">%.1f ГБ</string>
+ <string name="channel_name_background">СтатыÑтыка падключÑннÑ</string>
+ <string name="channel_description_background">БÑÐ³ÑƒÑ‡Ð°Ñ ÑтатыÑтыка ÑžÑталÑванага злучÑÐ½Ð½Ñ OpenVPN</string>
+ <string name="channel_name_status">Изменение ÑтатуÑа ÑоединениÑ</string>
+ <string name="channel_description_status">Змены Ñтану злучÑÐ½Ð½Ñ OpenVPN (падлучÑнне, аўтÑнтыфікацыÑ,...)</string>
+ <string name="weakmd_title">Ð¡Ð»Ð°Ð±Ñ‹Ñ (MD5) Ñ…Ñшы Ñž Ñігнатуры Ñертыфіката (SSL_CTX_use_certificate md занадта Ñлабы)</string>
+ <string name="title_activity_open_sslspeed">ТÑÑÑ‚ хуткаÑці OpenSSL</string>
+ <string name="openssl_cipher_name">Імёны шыфраў OpenSSL</string>
+ <string name="osslspeedtest">ТÑÑÑ‚ хуткаÑці OpenSSL Crypto</string>
+ <string name="openssl_error">OpenSSL вÑрнуў памылку</string>
+ <string name="running_test">ЗапуÑк Ñ‚ÑÑту&#8230;</string>
+ <string name="test_algoirhtms">ТÑÑтаванне абраных алгарытмаў</string>
+ <string name="all_app_prompt">Вонкавы дадатак Ñпрабуе кантралÑваць %s. Дадатак, што запытвае доÑтуп, не можа быць вызначаны. Дазвол гÑтага дадатку падае доÑтуп уÑім дадаткам.</string>
+ <string name="openvpn3_nostatickeys">РÑÐ°Ð»Ñ–Ð·Ð°Ñ†Ñ‹Ñ OpenVPN 3 C ++ не падтрымвае ÑÑ‚Ð°Ñ‚Ñ‹Ñ‡Ð½Ñ‹Ñ ÐºÐ»ÑŽÑ‡Ñ‹. Перайдзіце Ñž OpenVPN 2.x пад Ð°Ð³ÑƒÐ»ÑŒÐ½Ñ‹Ñ Ð½Ð°Ð»Ð°Ð´Ñ‹.</string>
+ <string name="openvpn3_pkcs12">ВыкарыÑтанне файлаў PKCS12 наўпроÑÑ‚ з дапамогай OpenVPN 3 C ++ не падтрымваецца. Імпартуйце файлы pkcs12 у Ñховішча ключоў Android ці заменіце OpenVPN 2.x на Ð°Ð³ÑƒÐ»ÑŒÐ½Ñ‹Ñ Ð½Ð°Ð»Ð°Ð´Ñ‹.</string>
+ <string name="proxy">ПрокÑÑ–</string>
+ <string name="Use_no_proxy">Ðічога</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
+</resources>
diff --git a/app/src/main/res/values-ca/strings-icsopenvpn.xml b/app/src/main/res/values-ca/strings-icsopenvpn.xml
index 48eca2d6..1bf7c91a 100755
--- a/app/src/main/res/values-ca/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ca/strings-icsopenvpn.xml
@@ -105,7 +105,6 @@
<string name="routing">Ruting</string>
<string name="advanced">Avançat</string>
<string name="faq_howto_title">Inici rapid</string>
- <string name="using_proxy">Utilitzant el proxy %1$s %2$d</string>
<string name="use_system_proxy">Utiliza el proxy del sistema</string>
<string name="ignore">Ignorar</string>
<string name="restart">Reinicia</string>
diff --git a/app/src/main/res/values-cs/strings-icsopenvpn.xml b/app/src/main/res/values-cs/strings-icsopenvpn.xml
index 40feea2c..dc33007c 100755
--- a/app/src/main/res/values-cs/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-cs/strings-icsopenvpn.xml
@@ -201,7 +201,6 @@
<string name="setting_loadtun">Nahrát tun modul</string>
<string name="importpkcs12fromconfig">Importovat PKCS12 z konfigurace do Andoidího úložiště</string>
<string name="getproxy_error">Chyba při zjišťování nastavení proxy: %s</string>
- <string name="using_proxy">Používám proxy %1$s %2$d</string>
<string name="use_system_proxy">Použít systémovou proxy</string>
<string name="use_system_proxy_summary">K připojení použít systémové nastavení pro HTTP/HTTPS.</string>
<string name="onbootrestartsummary">OpenVPN se automaticky připojí k vybrané VPN po startu systému. Prosím věnujte pozornost upozornění ve FAQ pro verzi Android &lt; 5.0.</string>
@@ -357,6 +356,8 @@
<string name="ab_kitkat_mss">Dřívější KitKat verze nastavovaly špatnou hodnotu MSS na TCP spojení (#61948). OpenVPN automaticky zapne mssfix možnost pro obejití chyby.</string>
<string name="ab_lollipop_reinstall">Aplikace VPN mohou přestat fungovat po odinstalování a reinstalaci. Podrobnosti najdete v #80074</string>
<string name="ab_secondary_users">VPN vůbec nefunguje pro vedlejší uživatele.</string>
+ <string name="ab_kitkat_reconnect">"Více uživatelů hlasí, že mobilní pÅ™ipojení / mobilní datové pÅ™ipojení má Äasté výpadky bÄ›hem používání této VPN aplikace, Vypadá, že chování ovlivňuje jen nÄ›jaké kombinace mobilních dodavatelů / zaÅ™izení a zatím jsme pÅ™es žádnou pÅ™iÄinu nemohli identifikovat chybu."</string>
+ <string name="ab_vpn_reachability_44">Jediná destinace může být dosažena přes VPN které nejsou dosažitelné bez VPN. Sítě IPv6 nefungují vůbec.</string>
<string name="ab_only_cidr_title">Ne-CIDR trasy</string>
<string name="ab_proxy_title">Proxy chování pro VPN</string>
<string name="ab_lollipop_reinstall_title">Přeinstalování VPN aplikací</string>
@@ -381,6 +382,7 @@
<string name="lastdumpdate">(Poslední výpis je %1$d: %2$dh starý (%3$s))</string>
<string name="clear_log_on_connect">Vymazat log při novém připojení</string>
<string name="connect_timeout">Časový limit připojení</string>
+ <string name="query_permissions_sdcard">Aplikace OpenVPN pro systém Android se může pokusit automaticky zjistit chybějící soubor(y) na sdcard. Klepnutím na tuto zprávu spusťte žádost o povolení.</string>
<string name="protocol">Protokol</string>
<string name="enabled_connection_entry">Povoleno</string>
<string name="pushpeerinfo">Push Peer info</string>
@@ -427,4 +429,5 @@
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-da/strings-icsopenvpn.xml b/app/src/main/res/values-da/strings-icsopenvpn.xml
index 2635c79e..e1012c0a 100755
--- a/app/src/main/res/values-da/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-da/strings-icsopenvpn.xml
@@ -21,7 +21,7 @@
<string name="ca_title">CA Certifikat</string>
<string name="no_certificate">Du skal vælge et certifikat</string>
<string name="copyright_guicode">Kildekode og fejl tracker findes på http://code.google.com/p/ics-openvpn/</string>
- <string name="copyright_others">Dette program bruger følgende komponenter: se kildekoden for alle detaljer om licenserne</string>
+ <string name="copyright_others">Dette program bruger følgende komponenter (se kildekoden for detaljer om licenserne)</string>
<string name="about">Om</string>
<string name="vpn_list_title">Profiler</string>
<string name="vpn_type">Type</string>
@@ -83,7 +83,7 @@
<string name="dns_server">DNS-server</string>
<string name="secondary_dns_message">Sekundær DNS-Server som bruges, hvis den normale DNS-serveren ikke kan nås.</string>
<string name="backup_dns">Backup DNS-server</string>
- <string name="ignored_pushed_routes">Ignorer skubbet ruter</string>
+ <string name="ignored_pushed_routes">Ignorer modtagne routes</string>
<string name="ignore_routes_summary">Ignorer ruter modtaget fra serveren.</string>
<string name="default_route_summary">Omdiriger al trafik over VPN\'en</string>
<string name="use_default_title">Brug standard Rute</string>
@@ -121,7 +121,7 @@
<string name="tap_faq2">Igen? Laver du sjov? Nej, tap-tilstand er virkelig ikke understøttet og det hjælper ikke at sende mig mails og spørge om det bliver understøttet.</string>
<string name="tap_faq3">En tredje gang? Man kunne faktisk skrive en tap-emulator baseret på tun der kunne tilføje layer2 information når den sender og fjerne layer2 information når det modtages. Men en sådan tap-emulator skulle også implementere ARP og muligvis en DHCP-klient. JEg kender ikke nogen der arbejder i denne retning. Kontakt mig hvis du vil begynde at programmere det.</string>
<string name="faq">OFTE STILLEDE SPØRGSMÅL</string>
- <string name="copying_log_entries">Kopiere logposter</string>
+ <string name="copying_log_entries">Kopierer log poster</string>
<string name="faq_copying">For at kopiere en enkelt logpost skal du trykke og holde på logposten. For at kopiere/sende hele log\'en skal du bruge Send Log valgmuligheden. Brug hardware menu knappen hvis den ikke er vist i GUI\'en.</string>
<string name="faq_shortcut">Genvej til start</string>
<string name="faq_howto_shortcut">Du kan placere en genvej til at starte OpenVPN på dit skrivebord. Afhængigt af dit homescreen-program skal du enten tilføje en genvej eller et widget.</string>
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Indlæs tun-modul</string>
<string name="importpkcs12fromconfig">Importer pkcs12 fra konfigurationen til Android Keystore</string>
<string name="getproxy_error">Fejl under indlæsning af proxy-indstillinger: %s</string>
- <string name="using_proxy">Anvender proxy %1$s %2$d</string>
+ <string name="using_proxy">Anvender proxy %1$s %2$s</string>
<string name="use_system_proxy">Anvend system-proxy</string>
<string name="use_system_proxy_summary">Anvend systemets globale konfiguration til forbindelse af HTTP/HTTPS proxy\'er.</string>
<string name="onbootrestartsummary">OpenVPN vil forbinde til den angivne VPN hvis den var aktiv under system opstart. Læs venligst forbindelses advarsel FAQ før du bruger demme valgmulighed på Android &lt; 5.0.</string>
@@ -279,15 +279,15 @@
<string name="no_external_app_allowed">Ingen app har lov til at anvende ekstern API</string>
<string name="allowed_apps">Tilladte apps: %s</string>
<string name="clearappsdialog">Ryd liste over tilladte eksterne apps?\nNuværende liste over tilladte apps:\n\n%s</string>
- <string name="screenoff_summary">Paus VPN når skærmen er slukket og mindre end 64 kB data er blevet overført de sidste 60 sekunder. Når \"Vedvarende Tun\" indstillingen er slået til, vil din enhed ikke have forbindelse til netværket når VPN\'en er pauset. Uden \"Vedvarende Tun\" indstillingen til enheden ikke have nogen VPN forbindelse/beskyttelse.</string>
- <string name="screenoff_title">Paus VPN-forbindelse efter skærmen slukkes</string>
- <string name="screenoff_pause">Pauser forbindelse i slukket-skræm tilstand: Mindre end %1$s på %2$ss</string>
+ <string name="screenoff_summary">Sæt VPN-forbindelsen på pause når skærmen er slukket og mindre end 64 kB data er blevet overført de sidste 60 sekunder. Når \"Vedvarende Tun\" indstillingen er slået til, vil din enhed ikke have forbindelse til netværket når VPN\'en er sat på pause. Uden \"Vedvarende Tun\" indstillingen til enheden ikke have nogen VPN forbindelse/beskyttelse.</string>
+ <string name="screenoff_title">Sæt VPN-forbindelsen på pause efter skærmen slukkes</string>
+ <string name="screenoff_pause">Sæt VPN-forbindelsen på pause i slukket-skræm tilstand: Mindre end %1$s på %2$ss</string>
<string name="screen_nopersistenttun">Advarsel: Vedvarende Tun er ikke slået til på denne VPN. Internettrafik vil anvende den normale internetforbindelse når skærmen er slukket.</string>
<string name="save_password">Gem adgangskode</string>
- <string name="pauseVPN">Paus VPN</string>
+ <string name="pauseVPN">Pause VPN</string>
<string name="resumevpn">Genoptag VPN</string>
- <string name="state_userpause">VPN pausning anmodet af bruger</string>
- <string name="state_screenoff">VPN pauset - Skærmen er slukket</string>
+ <string name="state_userpause">VPN pauset af bruger</string>
+ <string name="state_screenoff">VPN-forbindelsen på pause - Skærmen slukket</string>
<string name="device_specific">Enheds-specifikke hacks</string>
<string name="cannotparsecert">Kan ikke vise certifikatsinformation</string>
<string name="appbehaviour">Program opførsel</string>
@@ -315,7 +315,7 @@
<string name="faq_system_dialog_xposed">Hvis du har rootet din androidenhed kan du installere &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; og &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm module&lt;/a&gt; på din egen risiko</string>
<string name="full_licenses">Fulde licenser</string>
<string name="blocklocal_summary">Netværk forbundet direkte til det lokale interface vil ikke blive dirigeret gennem VPN\'en. Fravælges denne indstilling vil alt trafik til lokale netværk dirigeres gennem VPN\'en.</string>
- <string name="blocklocal_title">Forbipasser VPN for lokale netværk</string>
+ <string name="blocklocal_title">Undgå brug af VPN for lokale netværk</string>
<string name="userpw_file">Brugernavn/password fil</string>
<string name="imported_from_file">[Importeret fra: %s]</string>
<string name="files_missing_hint">Nogle filer kunne ikke findes. Vælg venligst filerne for at importere profilen:</string>
@@ -385,15 +385,81 @@
<string name="service_restarted">Genstarter OpenVPN Service (App\'en crashede, den crashede sandsynligvis eller blev stoppet på grund a RAM overbelastning)</string>
<string name="import_config_error">Import af konfigurationsfilen gav en fejl, kan ikke gemme</string>
<string name="Search">Søg</string>
+ <string name="lastdumpdate">(Sidste dump er %1$d:%2$dh gammel (%3$s))</string>
<string name="clear_log_on_connect">Ryd log ved ny forbindelse</string>
<string name="connect_timeout">Forbindelses-timeout</string>
<string name="no_allowed_app">Ingen tilladt app tilføjet. Tilføjer selve appen (%s) for at have mindst én tilladt app, ellers vil alle apps være tilladte</string>
<string name="query_permissions_sdcard">OpenVPN til Android kan forsøge at finde de(n) manglende fil(er) automatisk på SD-kortet. Klik på denne besked for at starte rettighedsanmodningen.</string>
<string name="protocol">Protokol</string>
<string name="enabled_connection_entry">Aktiveret</string>
+ <string name="abi_mismatch">Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch</string>
<string name="permission_revoked">VPN tilladelse tilbagekaldt af styresystemet (f.eks. kan et andet VPN program være startet), stopper VPN</string>
+ <string name="pushpeerinfo">Modtagne Peer info</string>
+ <string name="pushpeerinfosummary">Send ekstra information til serveren, f.eks. SSL-version og Android-version</string>
+ <string name="pw_request_dialog_title">Kræver %1$s</string>
+ <string name="pw_request_dialog_prompt">Angiv adgangskoden for profil %1$s</string>
+ <string name="menu_use_inline_data">Brug inline data</string>
+ <string name="export_config_chooser_title">Eksporter konfigurationsfil</string>
+ <string name="missing_tlsauth">tls-auth-filen mangler</string>
+ <string name="missing_certificates">Manglende brugercertifikat eller brugercertifikat nøglefil</string>
+ <string name="missing_ca_certificate">Manglende CA-certifikat</string>
+ <string name="crl_title">Certifcate Revoke List (valgfrit)</string>
+ <string name="reread_log">Genlæse (%d) log-linier fra cache</string>
+ <string name="samsung_broken">Selv om Samsung-telefoner er blandt de mest solgte Android-telefoner, er Samsungs firmware også blandt de mest fejlagtige Android-implementationer. Fejlene er ikke begrænset til VPN-operationer på disse enheder, men mange af dem kan løses. I det følgende beskrives nogle af disse fejl. \n\nDNS virker ikke, medmindre DNS-serveren er i samme VPN-område. \n\nMed mange Samsung 5.x-enheder virker funktionen for tilladte/afviste apps ikke. \nMed Samsung 6.x rapporteres at VPN ikke fungere, medmindre VPN-appen er undtaget fra Powersave-funktioner.</string>
+ <string name="samsung_broken_title">Samsung telefoner</string>
+ <string name="novpn_selected">Ingen VPN valgt.</string>
+ <string name="defaultvpn">Standard VPN</string>
+ <string name="defaultvpnsummary">VPN bruges i situationer, hvor en standard VPN er påkrævet. Disse er i øjeblikket ved opstart, til Always-On og Quick Settings Tile.</string>
+ <string name="vpnselected">Aktuelt valgt VPN: \'%s\'</string>
+ <string name="reconnect">Gentilslutter</string>
+ <string name="qs_title">Skift VPN</string>
+ <string name="qs_connect">Opret forbindelse til %s</string>
+ <string name="qs_disconnect">Afbryd %s</string>
+ <string name="connectretrymaxmessage">Indtast den maksimale tid mellem forbindelsesforsøg. OpenVPN vil langsomt øge ventetiden efter et mislykket forbindelsesforsøg op til denne værdi. Standard er 300 sekunder.</string>
+ <string name="connectretrymaxtitle">Maksimal tid mellem forbindelsesforsøg</string>
+ <string name="state_waitconnectretry">Venter %ssekunder mellem forbindelsesforsøg</string>
+ <string name="nought_alwayson_warning"><![CDATA[Hvis du ikke fik en VPN-bekræftelsesdialog, har du \"Always on VPN\" aktiveret af en anden app. I så fald må kun den app forbinde til en VPN. Se under Settings-> Networks more .. -> VPNs]]></string>
+ <string name="management_socket_closed">Forbindelse til OpenVPN lukket (%s)</string>
+ <string name="change_sorting">Skift sortering</string>
+ <string name="sort">Sorter</string>
+ <string name="sorted_lru">Profiler sorteret efter senest anvendelse</string>
+ <string name="sorted_az">Profiler sorteret efter navn</string>
+ <string name="deprecated_tls_remote">Konfigurationen bruger \"tls-remote\", understøttelsen af denne er fjernet i 2.4</string>
+ <string name="auth_failed_behaviour">Handling ved AUTH_FAILED</string>
+ <string name="graph">Graf</string>
+ <string name="use_logarithmic_scale">Brug logaritmisk skala</string>
+ <string name="notenoughdata">Ikke nok data</string>
+ <string name="avghour">Gennemsnit pr. time</string>
+ <string name="avgmin">Gennemsnit pr. minut</string>
+ <string name="last5minutes">Sidste 5 minutter</string>
+ <string name="data_in">Ind</string>
+ <string name="data_out">Ud</string>
+ <string name="bits_per_second">%.0f bit/s</string>
+ <string name="kbits_per_second">%.1f kbit/s</string>
+ <string name="mbits_per_second">%.1f Mbit / s</string>
+ <string name="gbits_per_second">%.1f Gbit / s</string>
+ <string name="weakmd">&lt;p&gt;Startende med OpenSSL version 1.1 vil OpenSSL afvise svage signaturer i certifikater som f.eks MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5 signaturer er usikre og bør ikke længere anvendes.&lt;/b&gt; MD5 sammenfald (collisions) kan fremstilles &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt; på kort tid uden de store ressourcer.&lt;/a&gt;. Du skal opdatere dine VPN-certifikaterne så hurtigt som muligt.&lt;/p&gt;&lt;p&gt;Desværre inkluderede ældre easy-rsa-distributioner config-opsætningen \"default_md md5\". Hvis du bruger en gammel easy-rsa-version, skal du opdatere til den &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;seneste version&lt;/a&gt;) eller skifte md5 til sha256 og regenerere dine certifikater.&lt;/p&gt;&lt;p&gt;Hvis du virkelig vil bruge gamle og usikre certifikater, skal du bruge den tilpassede konfigurationsindstilling tls-cipher \"DEFAULT: @ SECLEVEL = 0\" under avanceret konfiguration eller som ekstra linje i din importerede konfiguration&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Forbindelsesstatistik</string>
+ <string name="channel_description_background">Løbende statistikker af den etablerede OpenVPN-forbindelse</string>
+ <string name="channel_name_status">Forbindelses status ændring</string>
+ <string name="channel_description_status">Status ændringer i OpenVPN-forbindelsen (Tilslutning, godkendelse, etc)</string>
+ <string name="weakmd_title">Svag (MD5) hashes i certifikat signatur (SSL_CTX_use_certificate md for svag)</string>
+ <string name="title_activity_open_sslspeed">OpenSSL Speed ​​Test</string>
+ <string name="openssl_cipher_name">OpenSSL cipher navne</string>
+ <string name="osslspeedtest">OpenSSL Crypto Speed ​​test</string>
+ <string name="openssl_error">OpenSSL returnerede en fejl</string>
+ <string name="running_test">Tester ...</string>
+ <string name="test_algoirhtms">Test valgte algoritmer</string>
+ <string name="all_app_prompt">En ekstern app forsøger at styre %s. Appen, der anmoder om adgang, kan ikke bestemmes. Tillad, at denne app giver ALLE apps adgang.</string>
+ <string name="openvpn3_nostatickeys">OpenVPN 3 C ++ implementeringen understøtter ikke statiske nøgler. Venligst skift til OpenVPN 2.x under generelle indstillinger.</string>
+ <string name="openvpn3_pkcs12">Brug af PKCS12 filer direkte med OpenVPN 3 C ++ implementering understøttes ikke. Indtast venligst pkcs12-filerne i Android-keystore eller skift til OpenVPN 2.x under generelle indstillinger.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Ingen</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-de/strings-icsopenvpn.xml b/app/src/main/res/values-de/strings-icsopenvpn.xml
index 04c50cd2..245a3e40 100755
--- a/app/src/main/res/values-de/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-de/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Tun-Modul laden</string>
<string name="importpkcs12fromconfig">In der Konfiguration angegebene PKCS12-Datei in den Android-Zertifikatsspeicher importieren</string>
<string name="getproxy_error">Fehler beim Ermitteln der Proxy-Einstellungen: %s</string>
- <string name="using_proxy">Verwende Proxy %1$s %2$d</string>
+ <string name="using_proxy">Verwende Proxy %1$s %2$s</string>
<string name="use_system_proxy">System-Proxys verwenden</string>
<string name="use_system_proxy_summary">Systemweite Einstellungen für HTTP- und HTTPS-Proxys beim Verbinden verwenden.</string>
<string name="onbootrestartsummary">Beim Systemstart das angegebene VPN verbinden. Auf Geräten mit Android 5.0 und höher bitte vor der Verwendung dieser Option die FAQ zum Bestätigungsdialog lesen.</string>
@@ -438,12 +438,18 @@
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;Seit der OpenSSL Version 1.1, verweigert OpenSSL schwache Signaturen - wie MD5 - in Zertifikaten.&lt;/p&gt;
+&lt;p&gt;&lt;b&gt;MD5-Signaturen sind komplett unsicher und sollten nicht mehr verwendet werden.
+&lt;/b&gt;MD5-Kollisionen können in &lt;a href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;wenigen Stunden mit minimalen Kosten&lt;/a&gt; erzeugt werden. Sie sollten die VPN-Zertifikate so schnell wie möglich aktualisieren.&lt;/p&gt;
+&lt;p&gt;Leider enthielten ältere easy-rsa Distributionen die config-Option \"default_md md5\". Falls Sie eine alte Version von easy-rsa verwenden, aktualisieren Sie auf die &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;neueste Version&lt;/a&gt; oder ändern Sie md5 auf sha256 und erzeugen Sie Ihre Zertifikate neu.&lt;/p&gt;
+&lt;p&gt;Falls Sie wirklich alte und unsichere Zertifikate verwenden wollen, benutzen Sie die benutzerdefinierte Konfigurationsoption tls-cipher \"DEFAULT:@SECLEVEL=0\" in der erweiterten Profil-Konfiguration oder als zusätzliche Zeile in Ihrer importierten Konfiguration.&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
<string name="channel_name_background">Verbindungsstatistiken</string>
- <string name="channel_description_background">Laufende Statistiken der OpenVPN-Verbindung</string>
+ <string name="channel_description_background">Laufende Statistik der OpenVPN-Verbindung</string>
<string name="channel_name_status">Verbindungsstatus Änderungen</string>
<string name="channel_description_status">Statusänderungen der OpenVPN-Verbindung (Verbindung, Authentifizierung,...)</string>
<string name="weakmd_title">Schwache (MD5) Hashes in Zertifikatssignatur (SSL_CTX_use_certificate md too weak)</string>
@@ -455,5 +461,8 @@
<string name="test_algoirhtms">Ausgewählte Algorithmen testen</string>
<string name="all_app_prompt">Eine andere App versucht, %s zu steuern. Die anforderne App kann nicht bestimmt werden. Wenn Sie diesen Zugriff zulassen, erhalten ALLE Apps Zugriff.</string>
<string name="openvpn3_nostatickeys">Die OpenVPN 3 C ++ - Implementierung unterstützt keine statischen Schlüssel. Bitte wechseln Sie zu OpenVPN 2.x unter den allgemeinen Einstellungen.</string>
- <string name="openvpn3_pkcs12">Die Benutzung von PKCS12 Dateien mit der OpenVPN 3 C++ Implementierung wird nicht unterstützt. Bitte importieren Sie entweder die PKCS12 Datei in den Android Keystore oder nutzen Sie die Option OpenVPN 2.x in den allgemeinen Einstellungen auszuwählen.</string>
+ <string name="openvpn3_pkcs12">Die Benutzung von PKCS12 Dateien mit der OpenVPN 3 C++ Implementierung wird nicht unterstützt. Bitte importieren Sie entweder die PKCS12 Datei in den Android Keystore oder wählen Sie die Option OpenVPN 2.x in den allgemeinen Einstellungen aus.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Keinen</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-es/strings-icsopenvpn.xml b/app/src/main/res/values-es/strings-icsopenvpn.xml
index 42a15975..3f0ab495 100755
--- a/app/src/main/res/values-es/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-es/strings-icsopenvpn.xml
@@ -202,7 +202,7 @@ hacia/de Móvil)</string>
<string name="setting_loadtun">Cargar modulo tun</string>
<string name="importpkcs12fromconfig">Importar PKCS12 de la configuración en el almacén de claves de Android</string>
<string name="getproxy_error">Error al obtener la configuración de proxy: %s</string>
- <string name="using_proxy">Usando proxy %1$s %2$d</string>
+ <string name="using_proxy">Using proxy %1$s %2$s</string>
<string name="use_system_proxy">Usar el proxy del sistema</string>
<string name="use_system_proxy_summary">Utilice la configuración del sistema para los proxies HTTP/HTTPS al conectar.</string>
<string name="onbootrestartsummary">OpenVPN se conectará la VPN se especifica si está activa en el arranque del sistema. Por favor, lea las preguntas frecuentes de aviso de conexión antes de utilizar esta opción en Android &lt; 5.0.</string>
@@ -440,8 +440,28 @@ hacia/de Móvil)</string>
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;a partir de la versión 1.1 de OpenSSL, OpenSSL rechaza débiles firmas en certificados como el MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5 firmas son totalmente inseguras y no deberían utilizarse nunca más.&lt;/b&gt; las colisiones MD5 pueden crearse en &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;pocas horas a un costo mínimo.&lt;/a&gt;. Debe actualizar los certificados VPN tan pronto como sea posible.&lt;p&gt;de&lt;/p&gt;Desafortunadamente, distribuciones antiguas de easy-rsa incluyeron la opción de configuración \"default_md md5\". Si está utilizando una versión antigua de easy-rsa, actualizar a la &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;última versión&lt;/a&gt;) o cambiar de md5 a sha256 y regenerar sus certificados.&lt;/p&gt;&lt;p&gt;si desea utilizar certificados viejos y rotos use el configuración personalizada opción tls-cipher \"DEFAULT:@SECLEVEL=0\" debajo de configuración avanzada o como línea adicional en su configuración importada&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Estadísticas de conexión</string>
+ <string name="channel_description_background">Ongoing statistics of the established OpenVPN connection</string>
+ <string name="channel_name_status">Cambio de estado de conexión</string>
+ <string name="channel_description_status">Cambios de estado de la conexión OpenVPN (Conexión, autenticación, ...)</string>
+ <string name="weakmd_title">Hashes débiles (MD5) en la firma del certificado (SSL_CTX_use_certificate md too weak)</string>
+ <string name="title_activity_open_sslspeed">Prueba de velocidad OpenSSL</string>
+ <string name="openssl_cipher_name">Nombres de cifrado OpenSSL</string>
+ <string name="osslspeedtest">Prueba de velocidad de Crypto OpenSSL</string>
+ <string name="openssl_error">OpenSSL devolvió un error</string>
+ <string name="running_test">Ejecutando prueba...</string>
+ <string name="test_algoirhtms">Pruebe los algoritmos seleccionados</string>
+ <string name="all_app_prompt">Una aplicación externa intenta controlar %s. La aplicación que solicita acceso no puede determinarse. Permitir que esta aplicación otorgue acceso a TODAS las aplicaciones.</string>
+ <string name="openvpn3_nostatickeys">La implementación OpenVPN 3 C ++ no admite claves estáticas. Cambie a OpenVPN 2.x en la configuración general.</string>
+ <string name="openvpn3_pkcs12">Usar archivos PKCS12 directamente con la implementación OpenVPN 3 C++ no esta soportada. Por favor, importe los ficheros pkcs12 en el almacén de claves de Android o cambie a OpenVPN 2.x en configuración general.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Ninguno</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-et/strings-icsopenvpn.xml b/app/src/main/res/values-et/strings-icsopenvpn.xml
index 916e8db1..266b38fc 100755
--- a/app/src/main/res/values-et/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-et/strings-icsopenvpn.xml
@@ -201,7 +201,6 @@
<string name="setting_loadtun">Laadi tun moodul</string>
<string name="importpkcs12fromconfig">Lae PKCS12 OpenVPN konfiguratsioonist Androidi võtmehoidlasse</string>
<string name="getproxy_error">Viga proxy seadistuste vastuvõtul: %s</string>
- <string name="using_proxy">Kasutusel proxy %1$s %2$d</string>
<string name="use_system_proxy">Kasuta süsteemset proxy\'t</string>
<string name="use_system_proxy_summary">Kasuta ühendumisel süsteemse HTTP/HTTPS proxy konfiguratsiooni.</string>
<string name="onbootrestartsummary">OpenVPN ühendab määratud VPN kui see oli süsteemi käivitumisel aktiivne. Palun tutvuge, enne Android &lt; 5.0 peal selle võimaluse kasutamist, KKK hoiatusega ühendumise kohta.</string>
diff --git a/app/src/main/res/values-fr/strings-icsopenvpn.xml b/app/src/main/res/values-fr/strings-icsopenvpn.xml
index a647bf40..7b37e6fd 100755
--- a/app/src/main/res/values-fr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-fr/strings-icsopenvpn.xml
@@ -85,7 +85,7 @@
<string name="backup_dns">Serveur DNS secondaire</string>
<string name="ignored_pushed_routes">Ignorer les routes envoyées</string>
<string name="ignore_routes_summary">Ignorer les règles de routage envoyées par le serveur.</string>
- <string name="default_route_summary">Redirige tout le trafic vers la connexion VPN</string>
+ <string name="default_route_summary">"Redirige tout le trafic sur la connexion VPN"</string>
<string name="use_default_title">Utiliser la route par défaut</string>
<string name="custom_route_message">Entrer les règles de routage. Saisissez seulement les destinations au format CIDR. Exemple: \"10.0.0.0/8 2002::/16\" devrait router les réseaux 10.0.0.0/8 et 2002::/16 via le VPN.</string>
<string name="custom_route_message_excluded">Routes qui ne devant pas être routées à travers le VPN. Utilisez la même syntaxe que pour les règles de routage.</string>
@@ -202,7 +202,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="setting_loadtun">"Charger le module TUN"</string>
<string name="importpkcs12fromconfig">"Importer PKCS12 de la configuration dans le gestionnaire de clés Android"</string>
<string name="getproxy_error">Erreur d\'obtention des paramètres de proxy : %s</string>
- <string name="using_proxy">"Utilisation du proxy %1$s %2$d"</string>
+ <string name="using_proxy">"Utilisation du proxy %1$s %2$s"</string>
<string name="use_system_proxy">"Utiliser le proxy système"</string>
<string name="use_system_proxy_summary">"Utiliser la configuration générale du système pour que les proxy HTTP / HTTPS se connectent."</string>
<string name="onbootrestartsummary">OpenVPN connectera le VPN spécifié si elle était active au démarrage du système. Veuillez lire l\'avertissement de connexion FAQ avant d\'utiliser cette option sur Android &lt; 5.0.</string>
@@ -253,6 +253,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="state_tcp_connect">Connexion (TCP)</string>
<string name="state_auth_failed">Authentification échouée</string>
<string name="state_nonetwork">En attente d\'un réseau utilisable</string>
+ <string name="statusline_bytecount">↓%2$s %1$s - ↑%4$s %3$s</string>
<string name="notifcation_title_notconnect">Non connecté</string>
<string name="start_vpn_title">Connexion au VPN %s</string>
<string name="start_vpn_ticker">Connexion au VPN %s</string>
@@ -359,8 +360,10 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="ab_proxy">Android va continuer à utiliser vos paramètres de proxy spécifiés pour la connexion mobile / Wi-Fi lorsque aucun serveur DNS n\'est définis. OpenVPN pour Android vous avertira à ce sujet dans le log.<p>Quand un VPN définit un serveur de DNS, Android n\'utilisera pas de proxy. Il n\'y a pas d\'API pour définir un proxy pour un connection VPN.</p></string>
<string name="ab_lollipop_reinstall">Les applications VPN peuvent s\'arrêter de fonctionner lors d\'une désinstallation suivie d\'une réinstallation. Pour plus de détails, voir #80074</string>
<string name="ab_not_route_to_vpn">L\'adresse IP du client, et les adresses IP de ce réseau ne sont pas routées par le VPN. OpenVPN contourne ce problème en ajoutant une route qui corresponds à l’adresse IP et le Masque de sous réseau du client</string>
+ <string name="ab_persist_tun">Ouvrir un appareil en mode TUN pendant qu\'un autre appareil en mode TUN est actif, ce qui est requis pour la prise en charge de la persistance TUN, produit une panne de VPNServices sur l\'appareil. Un redémarrage est nécessaire pour faire fonctionner le VPN à nouveau. OpenVPN pour Android tente d\'éviter de ré-ouvrir l\'appareil en mode TUN , et si cela est indispensable il arrête d\'abord le TUN actuel avant d\'ouvrir le nouveau TUN pour éviter une panne. Cela peut conduire à une courte période pendant laquelle les paquets sont envoyés hors de la connexion VPN. Même avec cette solution de contournement, VPNServices se bloque parfois et nécessite un redémarrage de l\'appareil.</string>
<string name="ab_secondary_users">Le VPN ne fonctionnera pas du tout pour tous les utilisateurs secondaires.</string>
<string name="ab_kitkat_reconnect">"Plusieurs utilisateurs ont signalés des prêtes de paquets durant l\'utilisation d\'un VPN sur leur connexion mobile. Ce comportement semble lier à certains fournisseurs, il n\'y a pas de contournement connu ou de bug que l\'on puisse régler."</string>
+ <string name="ab_vpn_reachability_44">Seulement la destination accessible sans VPN peut etre etteinte via VPN. Les VPNs IPv6 me fonctionnent Pas su tour.</string>
<string name="ab_only_cidr_title">Routes non CIDR</string>
<string name="ab_proxy_title">Comportement proxy pour les VPN</string>
<string name="ab_lollipop_reinstall_title">Réinstallation des applications VPN</string>
@@ -377,6 +380,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="ab_persist_tun_title">Mode tun persistant</string>
<string name="version_and_later">%s et ultérieur</string>
<string name="tls_cipher_alert_title">Échec de la connexion avec l\'erreur SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
+ <string name="tls_cipher_alert">Les nouvelles versions d\'OpenVPN pour Android (0.6.29 / Mars 2015) utilisent une valeur par défaut plus sécurisée pour les suites cryptographiques autorisées (tls-cipher \"DEFAULT:! EXP:! PSK:! SRP:! KRSA\"). Malheureusement, en omettant les suites cryptographiques moins sécurisées et les suites EXPORT, en particulier l\'omission de suites qui ne prennent pas en charge Perfect Forward Secrecy (Diffie-Hellman) pose certains problèmes. Cela est généralement dû à une tentative bien intentionnée mais mal exécutée de renforcer la sécurité TLS en configurant tls-cipher sur le serveur ou sur certains systèmes d\'exploitation embarqués avec un SSL dépouillé (par exemple MikroTik).\nPour résoudre ce problème, réglez le paramètre tls-cipher sur le serveur à une valeur par défaut raisonnable comme \"DEFAULT:! EXP:! PSK:! SRP:! kRSA\". Pour contourner le problème sur le client, ajoutez l\'option personnalisée tls-cipher DEFAULT sur le client Android.</string>
<string name="message_no_user_edit">Ce profil a été ajouté à partir d\'une application externe (%s) et a été marqué comme non modifiable par l\'utilisateur.</string>
<string name="crl_file">Liste des certificats révoqués</string>
<string name="service_restarted">Redémarrage du service OpenVPN (l\'Application a probablement plantée ou a été tué pour cause d\'utilisation excessive de la mémoire)</string>
@@ -389,6 +393,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="query_permissions_sdcard">OpenVPN pour Android va essayer de chercher le(s) fichier(s) manquant(s) sur une sdcard. Tapoter cette fenêtre de dialogue va démarrer une demande d\'autorisation.</string>
<string name="protocol">Protocole</string>
<string name="enabled_connection_entry">Activé</string>
+ <string name="abi_mismatch">A precedencia da ABI nativa preferida deste dispositivo (%1$s) e a ABI referenciada por bibliotecas intrínsecas (%2$s) não combinam</string>
<string name="permission_revoked">Autorisation de VPN révoquée par le système d\'exploitation (ex : un autre programme VPN est lancé), arrêt du VPN</string>
<string name="pushpeerinfo">Envoyer plus d\'infos</string>
<string name="pushpeerinfosummary">Envoyer des informations supplémentaires sur le serveur, par exemple la version SSL et la version Android</string>
@@ -434,4 +439,11 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Statistiques de connexion</string>
+ <string name="title_activity_open_sslspeed">Test de vitesse OpenSSL</string>
+ <string name="openssl_error">OpenSSL a retourné une erreur</string>
+ <string name="test_algoirhtms">Tester les algorithmes sélectionnés</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Aucun</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-hu/strings-icsopenvpn.xml b/app/src/main/res/values-hu/strings-icsopenvpn.xml
index 4eafc9c1..dec919b5 100755
--- a/app/src/main/res/values-hu/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-hu/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Tun modul betöltése</string>
<string name="importpkcs12fromconfig">PKCS12 konfiguráció importálása az Android Keystore-ba</string>
<string name="getproxy_error">Hiba a proxy beállítások lekérésekor: %s</string>
- <string name="using_proxy">Proxy használatban: %1$s %2$d</string>
+ <string name="using_proxy">%1$s %2$s proxy használata</string>
<string name="use_system_proxy">Rendszerproxy használata</string>
<string name="use_system_proxy_summary">Rendszerszintű konfiguráció használata a HTTP/HTTPS proxy csatlakozáshoz.</string>
<string name="onbootrestartsummary">Az OpenVPN csatlakozni fog a VPN-hez, ha az a rendszer indulásakor aktív. Kérem, olvassa el a csatlakozás figyelmeztető GYIK-et mielőtt ezt az opciót Android &lt; 5.0-n használná.</string>
@@ -474,4 +474,7 @@
<string name="openvpn3_pkcs12">PKCS12-fájlok közvetlen használata nem támogatott az OpenVPN 3 C++ implementációval.
Kérem, importálja az Android kulcstárba a pkcs12 fájlokat, vagy váltson OpenVPN 2.x-re az általános beállításokban.
</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Egyik sem</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-in/strings-icsopenvpn.xml b/app/src/main/res/values-in/strings-icsopenvpn.xml
index 784ee9bf..823e9d5f 100755
--- a/app/src/main/res/values-in/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-in/strings-icsopenvpn.xml
@@ -14,17 +14,17 @@
<string name="cancel">Batal</string>
<string name="no_data">Tidak ada data</string>
<string name="useLZO">Kompresi LZO</string>
- <string name="client_no_certificate">Tidak ada Sertifikat</string>
+ <string name="client_no_certificate">Sertifikat CA</string>
<string name="client_certificate_title">Sertifikat Klien</string>
<string name="client_key_title">Kunci Sertifikat Klien</string>
<string name="client_pkcs12_title">Berkas PKCS12</string>
<string name="ca_title">Sertifikat CA</string>
<string name="no_certificate">Anda harus memilih sertifikat</string>
- <string name="copyright_guicode">Kode sumber dan masalah pelacak tersedia di http://code.google.com/p/ics-openvpn/</string>
- <string name="copyright_others">Program ini menggunakan komponen berikut ini; lihat kode sumber penjelasan lengkap mengenai lisensi</string>
+ <string name="copyright_guicode">Kode sumber dan pelacak masalah tersedia di https://github.com/schwabe/ics-openvpn/</string>
+ <string name="copyright_others">Program ini memakai komponen berikut ini. Lihat sumber untuk mengetahui rincian lisensi</string>
<string name="about">Tentang</string>
<string name="vpn_list_title">Profil</string>
- <string name="vpn_type">Tipe</string>
+ <string name="vpn_type">Mengetik</string>
<string name="pkcs12pwquery">Password PKCS12</string>
<string name="file_select">Pilih&#8230;</string>
<string name="file_nothing_selected">Anda harus memilih setidaknya satu berkas</string>
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Pakai modul TUN</string>
<string name="importpkcs12fromconfig">Ambil PKCS12 dari konfigurasi ke Android Keystore</string>
<string name="getproxy_error">Gagal mendapatkan pengaturan proxy: %s</string>
- <string name="using_proxy">Menggunakan proxy %1$s %2$d</string>
+ <string name="using_proxy">Menggunakan proxy %1$s %2$s</string>
<string name="use_system_proxy">Gunakan sistem proxy</string>
<string name="use_system_proxy_summary">Gunakan konfigurasi lebih luas untuk menyambung system melalui proxy HTTP/HTTPS</string>
<string name="onbootrestartsummary">OpenVPN akan menghubungkan VPN ditentukan apakah itu aktif di sistem boot. Silakan baca koneksi peringatan FAQ sebelum menggunakan opsi ini pada Android &lt; 5.0.</string>
@@ -438,6 +438,17 @@
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;Starting with OpenSSL version 1.1, OpenSSL rejects weak signatures in certificates like
+ MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5 signatures are completely insecure and should not be used anymore.&lt;/b&gt; MD5
+ collisions can be created in &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;few hours at a minimal cost.&lt;/a&gt;.
+ You should update the VPN certificates as soon as possible.&lt;/p&gt;&lt;p&gt;Unfortunately, older easy-rsa
+ distributions included the config option \"default_md md5\". If you are using an old easy-rsa version, update to
+ the &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;latest version&lt;/a&gt;) or change md5 to sha256 and
+ regenerate your certificates.&lt;/p&gt;&lt;p&gt;If you really want to use old and broken certificates use the custom
+ configuration option tls-cipher \"DEFAULT:@SECLEVEL=0\" under advanced configuration or as additional line in your
+ imported configuration&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
diff --git a/app/src/main/res/values-it/strings-icsopenvpn.xml b/app/src/main/res/values-it/strings-icsopenvpn.xml
index 77866ab8..d6f378b7 100755
--- a/app/src/main/res/values-it/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-it/strings-icsopenvpn.xml
@@ -203,7 +203,7 @@ Effettuata la lettura del file di configurazione</string>
<string name="setting_loadtun">Carica il modulo tun</string>
<string name="importpkcs12fromconfig">Importa i PKCS12 dalla configurazione presente nel Keystore di Android</string>
<string name="getproxy_error">Errore nell\'ottenere le impostazioni del proxy: %s</string>
- <string name="using_proxy">Si sta utilizzando il proxy %1$s %2$d</string>
+ <string name="using_proxy">Utilizzo del proxy %1$s %2$s</string>
<string name="use_system_proxy">Utilizza il proxy di sistema</string>
<string name="use_system_proxy_summary">Utilizza la configurazione generale del sistema relativa ai proxy HTTP/HTTPS per connettersi.</string>
<string name="onbootrestartsummary">OpenVPN connetterà la VPN specificata se è attiva durante l\'avvio del sistema. Leggi le domande di avviso di connessione prima di utilizzare questa opzione in Android &lt; 5.0.</string>
@@ -420,7 +420,7 @@ Effettuata la lettura del file di configurazione</string>
<string name="connectretrymaxmessage">Inserire il tempo massimo tra i tentativi di connessione. OpenVPN aumenterà lentamente il tempo di attesa dopo un tentativo di connessione non riuscito fino a questo valore. Il valore predefinito è 300s.</string>
<string name="connectretrymaxtitle">Tempo massimo tra i tentativi di connessione</string>
<string name="state_waitconnectretry">Attendere %ss secondi tra i tentativi di connessione</string>
- <string name="nought_alwayson_warning"><![CDATA[Se non hai ottenuto una finestra di conferma VPN, hai abilitato \"Sempre in VPN \" per un'altra applicazione. In questo caso solo l'applicazione può connettersi a una VPN. Controlla in Impostazioni-> Altre reti .. -> VPNS]]></string>
+ <string name="nought_alwayson_warning"><![CDATA[Se non hai ottenuto una finestra di conferma VPN, hai abilitato \"Sempre in VPN \" per un\'altra applicazione. In questo caso solo l\'applicazione può connettersi a una VPN. Controlla in Impostazioni-> Altre reti .. -> VPNS]]></string>
<string name="management_socket_closed">Connessione a OpenVPN chiusa (%s)</string>
<string name="change_sorting">Cambia ordinamento</string>
<string name="sort">Ordina</string>
@@ -440,8 +440,28 @@ Effettuata la lettura del file di configurazione</string>
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;A partire da OpenSSL versione 1.1, OpenSSL rifiuta le firme deboli in certificati come MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;firme MD5 sono completamente insicure e non dovrebbero essere più utilizzate.&lt;/b&gt; collisioni MD5 possono essere create in &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;ore a un costo minimo.&lt;/a&gt;. È necessario aggiornare i certificati VPN il prima possibile.&lt;/p&gt;&lt;p&gt;Sfortunatamente, le vecchie distribuzioni easy-rsa includevano l\'opzione di configurazione \"default_md md5\". Se si utilizza una vecchia versione easy-rsa, si aggiorna alla versione &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;più recente&lt;/a&gt;) o si modifica md5 in sha256 e si rigenerano i certificati.&lt;/p&gt;&lt;p&gt;Se si desidera utilizzare effettivamente certificati vecchi e guasti, utilizzare l\'opzione di configurazione personalizzata tls-cipher \"DEFAULT: @ SECLEVEL = 0\" in configurazione avanzata o come riga aggiuntiva nella configurazione importata&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Statistiche di connessione</string>
+ <string name="channel_description_background">Statistiche in corso della connessione OpenVPN stabilita</string>
+ <string name="channel_name_status">Cambio dello stato della connessione</string>
+ <string name="channel_description_status">Cambiamenti di stato della connessione OpenVPN (Connessione, autenticazione, ...)</string>
+ <string name="weakmd_title">Hash (MD5) troppo deboli nella firma del certificato (SSL_CTX_use_certificate md too weak)</string>
+ <string name="title_activity_open_sslspeed">Test di velocità OpenSSL</string>
+ <string name="openssl_cipher_name">Nomi di cifratura OpenSSL</string>
+ <string name="osslspeedtest">OpenSSL Crypto Speed ​​test</string>
+ <string name="openssl_error">OpenSSL ha restituito un errore</string>
+ <string name="running_test">Esecuzione di test&#8230;</string>
+ <string name="test_algoirhtms">Testa gli algoritmi selezionati</string>
+ <string name="all_app_prompt">Un\'app esterna tenta di controllare %s. L\'app che richiede l\'accesso non può essere determinata. Consentendo questa app garantisce l\'accesso a TUTTE le app.</string>
+ <string name="openvpn3_nostatickeys">L\'implementazione di OpenVPN 3 C ++ non supporta le chiavi statiche. Passare a OpenVPN 2.x nelle impostazioni generali.</string>
+ <string name="openvpn3_pkcs12">L\'utilizzo di file PKCS12 direttamente con l\'implementazione di OpenVPN 3 C++ non è supportato. Importare i file pkcs12 nel keystore Android o passare a OpenVPN 2.x nelle impostazioni generali.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Nessuno</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-ja/strings-icsopenvpn.xml b/app/src/main/res/values-ja/strings-icsopenvpn.xml
index c491ce93..4f0a6359 100755
--- a/app/src/main/res/values-ja/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ja/strings-icsopenvpn.xml
@@ -216,7 +216,7 @@ Androidã¯ã‚ãªãŸè‡ªèº«ã®å®‰å…¨æ€§ã®ãŸã‚ã«ã€ã“れらを迂回ã§ããªã
<string name="setting_loadtun">TUNモジュールをロード</string>
<string name="importpkcs12fromconfig">PKCS12ã®è¨­å®šã‚’Androidã®ã‚­ãƒ¼ã‚¹ãƒˆã‚¢ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™</string>
<string name="getproxy_error">プロキシ設定ã§ã‚¨ãƒ©ãƒ¼ï¼š %s</string>
- <string name="using_proxy">プロキシを使用ã—ã¾ã™ %1$s %2$d</string>
+ <string name="using_proxy">プロキシを使用ã—ã¾ã™ %1$s %2$s</string>
<string name="use_system_proxy">システムã®ãƒ—ロキシ設定を使用ã™ã‚‹</string>
<string name="use_system_proxy_summary">接続ã«ã‚·ã‚¹ãƒ†ãƒ å…¨ä½“ã®æ§‹æˆã® HTTP/HTTPS プロキシを使用ã—ã¾ã™ã€‚</string>
<string name="onbootrestartsummary">有効ã«ã™ã‚‹ã¨ã€OpenVPNã¯ã‚·ã‚¹ãƒ†ãƒ ã®èµ·å‹•æ™‚ã«æŒ‡å®šã•ã‚ŒãŸVPNã«æŽ¥ç¶šã—ã¾ã™ã€‚Android 5.0よりå‰ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã“ã®ã‚ªãƒ—ションを使用ã™ã‚‹å ´åˆã¯ã€æŽ¥ç¶šæ™‚ã®è­¦å‘Šã«é–¢ã™ã‚‹ã€Œã‚ˆãã‚る質å•ã€ã‚’読んã§ãã ã•ã„。</string>
@@ -477,12 +477,29 @@ Android 4.4以上ã¯ãƒãƒªã‚·ãƒ¼ãƒ«ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚’使用ã—ã¾ã™ã€‚route/ifc
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;OpenSSL version 1.1よりã€OpenSSLã¯MD5ã®ã‚ˆã†ãªè„†å¼±ãªç½²åã«ã‚ˆã‚‹è¨¼æ˜Žæ›¸ã‚’æ‹’å¦ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5ã«ã‚ˆã‚‹ç½²åã¯å®Œå…¨ã«è„†å¼±ã§ã„ã‹ãªã‚‹å ´é¢ã§ã‚‚使ã‚れるã¹ãã§ã¯ã‚ã‚Šã¾ã›ã‚“。&lt;/b&gt; è¡çªã™ã‚‹MD5ã®ç”Ÿæˆã¯&lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;最短ã§æ•°æ™‚é–“&lt;/a&gt;ã§å¯èƒ½ã§ã™ã€‚ã§ãã‚‹ã ã‘æ—©ãVPNã®è¨¼æ˜Žæ›¸ã‚’æ›´æ–°ã™ã¹ãã§ã™ã€‚&lt;/p&gt;&lt;p&gt;残念ãªã“ã¨ã«ã€å¤ã„easy-rsaディストリビューションã®ä¸­ã«ã¯è¨­å®šã¨ã—ã¦\"default_md md5\"ãŒå…¥ã£ã¦ã„ã¾ã™ã€‚ ã‚‚ã—å¤ã„easy-rsaを使用ã—ã¦ã„るよã†ãªã‚‰ã€&lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;最新版&lt;/a&gt;)ã«ã‚¢ãƒƒãƒ—デートã™ã‚‹ã‹ã€MD5ã‹ã‚‰SHA256ã«å¤‰æ›´ã—ã¦è¨¼æ˜Žæ›¸ã‚’å†ç”Ÿæˆã—ã¦ãã ã•ã„。
+&lt;/p&gt;&lt;p&gt;ã‚‚ã—ã©ã†ã—ã¦ã‚‚å¤ã劣化ã—ãŸè¨¼æ˜Žæ›¸ã‚’使ã„ãŸã„ã®ãªã‚‰ã€é«˜åº¦ãªè¨­å®šã®ã‚«ã‚¹ã‚¿ãƒ ã‚ªãƒ—ションã§tls-cipher \"DEFAULT:@SECLEVEL=0\"を追加ã—ã¦ãã ã•ã„。&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Connection statistics</string>
+ <string name="channel_description_background">確立ã•ã‚ŒãŸOpenVPN接続ã®ç¶™ç¶šçš„ãªçµ±è¨ˆ</string>
+ <string name="channel_name_status">接続状態ã®å¤‰åŒ–</string>
+ <string name="channel_description_status">OpenVPN接続ã®çŠ¶æ…‹å¤‰åŒ–(接続ã€èªè¨¼ç­‰)</string>
+ <string name="weakmd_title">証明書ã®ç½²åã¯å¼±ã„MD5ã§ã™ (SSL_CTX_use_certificate md ã¯å¼±ã™ãŽã¾ã™)</string>
<string name="title_activity_open_sslspeed">OpenSSLスピードテスト</string>
+ <string name="openssl_cipher_name">OpenSSLã®æš—å·å</string>
+ <string name="osslspeedtest">OpenSSLã®æš—å·åŒ–スピードテスト</string>
<string name="openssl_error">OpenSSLãŒã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã—ãŸ</string>
<string name="running_test">テストを実行中...</string>
+ <string name="test_algoirhtms">é¸æŠžã—ãŸã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã‚’テストã™ã‚‹</string>
<string name="all_app_prompt">外部アプリãŒ%sを制御ã—よã†ã¨ã—ã¦ã„ã¾ã™ã€‚アクセスをリクエストã—ã¦ã„るアプリã¯ç‰¹å®šã§ãã¾ã›ã‚“。ã“ã®ã‚¢ãƒ—リを許å¯ã™ã‚‹ã¨ã€ã™ã¹ã¦ã®ã‚¢ãƒ—リãŒã‚¢ã‚¯ã‚»ã‚¹è¨±å¯ã•ã‚Œã¾ã™ã€‚</string>
+ <string name="openvpn3_nostatickeys">OpenVPN 3 C ++実装ã¯é™çš„キーをサãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã›ã‚“。設定ã§OpenVPN 2.xã«å¤‰æ›´ã—ã¦ãã ã•ã„。</string>
+ <string name="openvpn3_pkcs12">OpenVPN 3 C++実装ã§ã¯PKCS12ファイルを直接使用ã™ã‚‹ã“ã¨ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“。 PKCS12ファイルをAndroidキーストアã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã™ã‚‹ã‹ã€è¨­å®šã§OpenVPN 2.xã«å¤‰æ›´ã—ã¦ãã ã•ã„。</string>
+ <string name="proxy">プロキシ</string>
+ <string name="Use_no_proxy">使用ã—ãªã„</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-ko/strings-icsopenvpn.xml b/app/src/main/res/values-ko/strings-icsopenvpn.xml
index e610bf79..02c8c364 100755
--- a/app/src/main/res/values-ko/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ko/strings-icsopenvpn.xml
@@ -98,10 +98,10 @@
<string name="edit_vpn">VPN 설정 편집</string>
<string name="remove_vpn_query">VPN í”„ë¡œíŒŒì¼ \'%s\'ì„ ì‚­ì œí• ê¹Œìš”?</string>
<string name="tun_error_helpful">ì¼ë¶€ 커스텀 ICS ì´ë¯¸ì§€ì—서는 /dev/tunì— ëŒ€í•œ ê¶Œí•œì´ ìž˜ëª»ë˜ì–´ 있거나 tun 모듈 ìžì²´ê°€ 누ë½ë  수 있습니다. CM9 ì´ë¯¸ì§€ëŠ” ì¼ë°˜ ì„¤ì •ì— ìžˆëŠ” 소유권 고치기 ì˜µì…˜ì„ ì‚¬ìš©í•´ 보십시오.</string>
- <string name="tun_open_error">TUN ì¸í„°íŽ˜ì´ìŠ¤ë¥¼ 열지 못했습니다</string>
+ <string name="tun_open_error">Tun ì¸í„°íŽ˜ì´ìŠ¤ë¥¼ 열지 못했습니다</string>
<string name="error">"오류: "</string>
<string name="clear">지우기</string>
- <string name="last_openvpn_tun_config">TUN ì¸í„°íŽ˜ì´ìŠ¤ 열기:</string>
+ <string name="last_openvpn_tun_config">Tun ì¸í„°íŽ˜ì´ìŠ¤ 열기:</string>
<string name="local_ip_info">로컬 IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
<string name="dns_server_info">DNS 서버: %1$s, ë„ë©”ì¸: %2$s</string>
<string name="routes_info_incl">경로: %1$s %2$s</string>
@@ -116,7 +116,7 @@
<string name="send">보내기</string>
<string name="ics_openvpn_log_file">ICS OpenVPN 로그 파ì¼</string>
<string name="copied_entry">í´ë¦½ë³´ë“œë¡œ 로그 복사</string>
- <string name="tap_mode">TAP 모드</string>
+ <string name="tap_mode">Tap 모드</string>
<string name="faq_tap_mode">TAP 모드는 루트가 ì•„ë‹Œ VPN APIì—서는 불가능합니다. ë”°ë¼ì„œ 본 ì•±ì€ TAP 지ì›ì„ 제공할 수 없습니다</string>
<string name="tap_faq2">ë˜? ë†ë‹´ì¸ê°€ìš”? 아니요. ì •ë§ë¡œ TAP 모드는 지ì›ì´ 불가능합니다. 계ì†í•´ì„œ ë©”ì¼ì„ ë³´ë‚´ë©´ì„œ 요구하신다고 ë„ì›€ë  ì¼ì´ 아닙니다.</string>
<string name="tap_faq3">세 번째로? 실제로는 송신 ë•Œ ë ˆì´ì–´2 정보를 추가하고 수신 ë•Œ ë ˆì´ì–´2 정보를 떼내는 TUNì„ ì´ìš©í•œ TAP ì—뮬레ì´í„°ë¥¼ 제작하는 ê²ƒì´ ê°€ëŠ¥í•©ë‹ˆë‹¤. 하지만 ì´ê²ƒë§Œì´ ì•„ë‹Œ ARP 그리고 어쩌면 DHCP í´ë¼ì´ì–¸íŠ¸ê¹Œì§€ë„ 구현해야 합니다. 본ì¸ì€ ì´ ê°™ì€ ìž‘ì—…ì„ í•˜ëŠ” ë¶„ì„ ì•Œê³  있지 않습니다. ì½”ë”©ì„ ì‹œìž‘í•˜ë ¤ê³  하시는 ë¶„ì´ ê³„ì‹œë©´ 제게 ì—°ë½í•´ 주십시오.</string>
@@ -201,7 +201,7 @@
<string name="setting_loadtun">TUN 모듈 로드하기</string>
<string name="importpkcs12fromconfig">êµ¬ì„±ì— ìžˆëŠ” PKCS12를 안드로ì´ë“œ 키 저장소로 가져오기</string>
<string name="getproxy_error">프ë¡ì‹œ 설정 가져오기 오류: %s</string>
- <string name="using_proxy">프ë¡ì‹œ %1$s %2$d를 사용</string>
+ <string name="using_proxy">%1$s</string>
<string name="use_system_proxy">시스템 프ë¡ì‹œë¥¼ 사용</string>
<string name="use_system_proxy_summary">ì—°ê²°í•  HTTP/HTTPS 프ë¡ì‹œë¡œ 시스템 ë²”ìœ„ì˜ ì„¤ì •ì„ ì‚¬ìš©í•©ë‹ˆë‹¤.</string>
<string name="onbootrestartsummary">OpenVPNì´ ì‹œìŠ¤í…œ ë¶€íŒ…ì‹œì— í™œì„±í™”ë˜ë©´ ì§€ì •ëœ VPNì— ì—°ê²°í•©ë‹ˆë‹¤. 안드로ì´ë“œ 5.0 ì´ì „ ë²„ì „ì— ì´ ì˜µì…˜ì„ ì‚¬ìš©í•˜ê¸° ì „ì— ì—°ê²° 경고 FAQ를 ì½ì–´ 보시기 ë°”ëžë‹ˆë‹¤.</string>
@@ -215,7 +215,7 @@
<string name="faq_duplicate_notification">안드로ì´ë“œëŠ” ì‹œìŠ¤í…œì˜ ë©”ëª¨ë¦¬(램)ê°€ 부족한 경우, 현재 필요하지 않는 앱들과 ì„œë¹„ìŠ¤ë“¤ì„ í™œì„± 메모리ì—ì„œ 삭제합니다. ì´ ê³¼ì •ì—ì„œ ì§„í–‰ì¤‘ì¸ VPN ì—°ê²°ì´ ëŠì–´ì§‘니다. ì´ë ‡ê²Œ ë˜ì§€ 않기 위해서 OpenVPN 서비스는 ë” ë†’ì€ ìš°ì„  순위로 실행ë©ë‹ˆë‹¤. ë” ë†’ì€ ìš°ì„  순위로 실행ë˜ê¸° 위해서는 ì•±ì´ ì•Œë¦¼ì„ í‘œì‹œí•´ì•¼ 합니다. 열쇠 알림 ì•„ì´ì½˜ì€ ì´ì „ FAQì—ì„œ ì„¤ëª…ëœ ëŒ€ë¡œ 시스템ì—ì„œ 강요하는 것입니다. ì´ê²ƒì€ ë” ë†’ì€ ìš°ì„  순위로 실행ë˜ê¸° 위한 앱 ì•Œë¦¼ì´ ì•„ë‹™ë‹ˆë‹¤.</string>
<string name="no_vpn_profiles_defined">ì •ì˜ëœ VPN 프로파ì¼ì´ 없습니다.</string>
<string name="add_new_vpn_hint">ì´ &lt;img src=\"ic_menu_add\"/&gt; ì•„ì´ì½˜ì„ 사용하여 VPNì„ ì¶”ê°€í•˜ì„¸ìš”</string>
- <string name="vpn_import_hint">ì´ &lt;img src=\"ic_menu_archive\"/&gt; ì•„ì´ì½˜ì„ 사용하여 ê·€í•˜ì˜ SD ì¹´ë“œì—ì„œ 기존 (.ovpn ë˜ëŠ” .conf) 프로파ì¼ì„ 가져오세요.</string>
+ <string name="vpn_import_hint">ì´ &lt;img src=\"ic_menu_archive\"/&gt; ì•„ì´ì½˜ì„ 사용하여 ê·€í•˜ì˜ Sd ì¹´ë“œì—ì„œ 기존 (.ovpn ë˜ëŠ” .conf) 프로파ì¼ì„ 가져오세요.</string>
<string name="faq_hint">ê¼­ FAQ를 확ì¸í•˜ì„¸ìš”. 빠른 시작 ê°€ì´ë“œê°€ 있습니다.</string>
<string name="faq_routing_title">ë¼ìš°íŒ…/ì¸í„°íŽ˜ì´ìŠ¤ 구성</string>
<string name="faq_routing">ë¼ìš°íŒ… ë° ì¸í„°íŽ˜ì´ìŠ¤ êµ¬ì„±ì€ ê¸°ì¡´ ifconfig/route ëª…ë ¹ì„ í†µí•˜ì§€ ì•Šê³  VPNService API를 사용하여 수행ë©ë‹ˆë‹¤. ê·¸ ê²°ê³¼ 다른 OS와 다른 ë¼ìš°íŒ… êµ¬ì„±ì´ ìƒê¹ë‹ˆë‹¤.\nVPN í„°ë„ì˜ êµ¬ì„±ì€ IP 주소와 ì´ ì¸í„°íŽ˜ì´ìŠ¤ë¥¼ 통해 ë¼ìš°íŒ…ë˜ì–´ì•¼ 하는 네트워í¬ë“¤ë¡œ ì´ë£¨ì–´ì ¸ 있습니다. 특히 피어 파트너 주소 ë˜ëŠ” 게ì´íŠ¸ì›¨ì´ 주소가 필요하거나 요구ë˜ì§€ 않습니다. VPN ì„œë²„ì— ì´ë¥´ëŠ” 특수 경로들(예컨대 redirect-gateway 사용시 추가ë˜ëŠ” 것)ë„ í•„ìš”í•˜ì§€ 않습니다. ë”°ë¼ì„œ ì•±ì€ êµ¬ì„±ì„ ê°€ì ¸ì˜¬ ë•Œ ì´ëŸ¬í•œ ì„¤ì •ì„ ë¬´ì‹œí•©ë‹ˆë‹¤. ì´ ì•±ì€ VPNService API를 사용하여 ì„œë²„ì— ëŒ€í•œ ì—°ê²°ì´ VPN í„°ë„ì„ í†µí•´ ë¼ìš°íŒ…ë˜ì§€ ì•Šë„ë¡ í•©ë‹ˆë‹¤.\nVPNService API는 VPNì„ í†µí•´ ë¼ìš°íŠ¸í•˜ì§€ 않아야 í•  네트워í¬ë“¤ì„ 지정하는 걸 허용하지 않습니다. 우회 방법으로서 ì•±ì´ í„°ë„ì„ í†µí•´ ë¼ìš°íŒ…해서는 안 ë˜ëŠ” 네트워í¬ë“¤(예: route x.x.x.x y.y.y.y net_gateway)ì„ ê°ì§€í•˜ê³  다른 플랫í¼ì˜ ë™ìž‘ì„ ëª¨ë°©í•˜ê¸° 위해 ì´ ê²½ë¡œë“¤ì„ ì œì™¸í•œ ì¼ë ¨ì˜ ê²½ë¡œë“¤ì„ ê³„ì‚°í•©ë‹ˆë‹¤. 로그 ì°½ì€ ì—°ê²°ì„ ìˆ˜ë¦½í•  ë•Œ VPNServiceì˜ ì„¤ì •ì„ ë³´ì—¬ì¤ë‹ˆë‹¤.\n무대 ë’¤ì—ì„œ: Android 4.4 ì´ìƒì€ ì •ì±… ë¼ìš°íŒ…ì„ ì‚¬ìš©í•©ë‹ˆë‹¤. route/ifconfig를 사용해선 ì„¤ì¹˜ëœ ê²½ë¡œë¥¼ ë³¼ 수 ì—†ì„ ê²ƒìž…ë‹ˆë‹¤. 대신 ip rule, iptables -t mangle -Lì„ ì‚¬ìš©í•˜ì‹­ì‹œì˜¤.</string>
@@ -469,4 +469,7 @@
<string name="all_app_prompt">ì–´ë–¤ 외부 ì•±ì´ %s를 제어하려고 합니다. ì ‘ê·¼ì„ ìš”ì²­í•˜ëŠ” ì•±ì„ ì •í•´ ë†“ì„ ìˆ˜ 없습니다. ì´ ì•±ì„ í—ˆìš©í•˜ë©´ 모든 ì•±ì˜ ì ‘ê·¼ì„ ìŠ¹ì¸í•˜ê²Œ ë©ë‹ˆë‹¤.</string>
<string name="openvpn3_nostatickeys">OpenVPN 3 C++ êµ¬í˜„ì€ ê³ ì • 키를 지ì›í•˜ì§€ 않습니다. ì¼ë°˜ 설정ì—ì„œ OpenVPN 2.xë¡œ 변경해 주세요.</string>
<string name="openvpn3_pkcs12">OpenVPN 3 C++ 구현과 함께 PKCS12 파ì¼ì„ ì§ì ‘ 사용하는 ê²ƒì€ ì§€ì›ë˜ì§€ 않습니다. PKCS12 파ì¼ì„ 안드로ì´ë“œ 키 저장소로 가져 오거나 ì¼ë°˜ 설정ì—ì„œ OpenVPN 2.x으로 변경하세요.</string>
+ <string name="proxy">대리</string>
+ <string name="Use_no_proxy">ì—†ìŒ</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-nl/strings-icsopenvpn.xml b/app/src/main/res/values-nl/strings-icsopenvpn.xml
index 737cc2d3..e7a2b5a1 100755
--- a/app/src/main/res/values-nl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-nl/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Laad tun module</string>
<string name="importpkcs12fromconfig">Importeer PKCS12 van configuratie naar Android Keystore</string>
<string name="getproxy_error">Fout bij het verkrijgen van proxy-instellingen: %s</string>
- <string name="using_proxy">Proxy %1$s %2$d is in gebruik</string>
+ <string name="using_proxy">Proxy %1$s %2$s is in gebruik</string>
<string name="use_system_proxy">Gebruik systeemproxy</string>
<string name="use_system_proxy_summary">Gebruik de systeemconfiguratie voor HTTP/HTTPS proxies om te verbinden.</string>
<string name="onbootrestartsummary">OpenVPN verbindt met de opgegeven VPN als deze actief was bij het opstarten van het systeem. Lees de FAQ over verbindingswaarschuwingen voordat u deze optie gebruikt op Android &lt; 5.0.</string>
@@ -464,4 +464,7 @@
<string name="all_app_prompt">Een externe app probeert %s te besturen. De app die om toegang vraagt, kan niet worden vastgesteld. Als u deze app toestaat, krijgen ALLE apps toegang.</string>
<string name="openvpn3_nostatickeys">De OpenVPN 3 C++ -implementatie ondersteunt geen statische sleutels. Verander naar OpenVPN 2.x onder algemene instellingen.</string>
<string name="openvpn3_pkcs12">PKCS12-bestanden rechtstreeks gebruiken met OpenVPN 3 C++ -implementatie wordt niet ondersteund. Importeer de pkcs12-bestanden in de Android keystore of verander naar OpenVPN 2.x onder algemene instellingen.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Geen</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-no/strings-icsopenvpn.xml b/app/src/main/res/values-no/strings-icsopenvpn.xml
index 5c29339d..68638149 100755
--- a/app/src/main/res/values-no/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-no/strings-icsopenvpn.xml
@@ -172,7 +172,6 @@
<string name="setting_loadtun_summary">Prøv å laste tun.ko kjernemodul før tilkobling. Krever at enheten er rootet.</string>
<string name="setting_loadtun">Last tun modul</string>
<string name="getproxy_error">Feil ved henting av proxy-innstillinger: %s</string>
- <string name="using_proxy">Bruker proxy %1$s %2$d</string>
<string name="use_system_proxy">Bruk systemet proxy</string>
<string name="use_system_proxy_summary">Bruk global systemkonfigurasjon for HTTP/HTTPS proxy for å koble til.</string>
<string name="onbootrestart">Koble til ved oppstart</string>
diff --git a/app/src/main/res/values-pl/plurals-icsopenvpn.xml b/app/src/main/res/values-pl/plurals-icsopenvpn.xml
index 906e4395..70489fbc 100755
--- a/app/src/main/res/values-pl/plurals-icsopenvpn.xml
+++ b/app/src/main/res/values-pl/plurals-icsopenvpn.xml
@@ -1,9 +1,3 @@
<?xml version="1.0" encoding="utf-8"?>
<!--Generated by crowdin.com-->
-<resources>
- <plurals name="months_left">
- <item quantity="one">Pozostał jeden miesiąc</item>
- <item quantity="few">Pozostało %d miesięcy</item>
- <item quantity="other">pozostało %d miesięcy</item>
- </plurals>
-</resources>
+<resources></resources>
diff --git a/app/src/main/res/values-pl/strings-icsopenvpn.xml b/app/src/main/res/values-pl/strings-icsopenvpn.xml
index 414a0f11..07017e6a 100755
--- a/app/src/main/res/values-pl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-pl/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Załaduj moduł tun</string>
<string name="importpkcs12fromconfig">Importuj PKCS12 z konfiguracji do pęku kluczy Androida</string>
<string name="getproxy_error">Błąd pobierania ustawień proxy: %s</string>
- <string name="using_proxy">Używam proxy %1$s%2$d</string>
+ <string name="using_proxy">Korzystanie z serwera proxy %1$s %2$s</string>
<string name="use_system_proxy">Użyj proxy systemowego</string>
<string name="use_system_proxy_summary">Połącz używając systemowej konfiguracji proxy HTTP/HTTPS.</string>
<string name="onbootrestartsummary">OpenVPN połączy się z wybranym VPN jeżeli będzie aktywny podczas startu systemu. Przeczytaj FAQ dotyczący połączeń przed zastosowaniem tej opcji na Androidzie &lt; 5.0.</string>
@@ -393,6 +393,7 @@ OpenVPN dla Androida ostrzeże Cię o tym w logu.<p>Kiedy VPN ustawi serwer DNS
<string name="query_permissions_sdcard">OpenVPN dla Android spróbuje automatycznie wykryć brakujące pliki na karcie SD. Dotknij tego komunikatu, aby żądać uprawnień.</string>
<string name="protocol">Protokół</string>
<string name="enabled_connection_entry">WÅ‚Ä…czony</string>
+ <string name="abi_mismatch">Preferowane natywne pierwszeństwo ABI tego urządzenia (%1$s) i ABI zgłoszone przez niezgodność bibliotek (%2$s) natywnych</string>
<string name="permission_revoked">Pozwolenie VPN odwołane przez system (na przykład inny program VPN jest uruchomiony), zatrzymuję VPN</string>
<string name="pushpeerinfo">Naciśnij \"Peer info\"</string>
<string name="pushpeerinfosummary">Wyślij dodatkowe informację do serwera, na przykład wersję SSL oraz Androida</string>
@@ -409,6 +410,7 @@ OpenVPN dla Androida ostrzeże Cię o tym w logu.<p>Kiedy VPN ustawi serwer DNS
<string name="samsung_broken_title">Telefony Samsung</string>
<string name="novpn_selected">Nie wybrano VPN.</string>
<string name="defaultvpn">Domyślny VPN</string>
+ <string name="defaultvpnsummary">VPN używany w miejscach, gdzie trzeba domyślnego VPN. Obecnie przy uruchomieniu, dla Always-On i pliku Quick Settings.</string>
<string name="vpnselected">Obecnie wybrana sieć VPN: \'%s\'</string>
<string name="reconnect">Podłącz ponownie</string>
<string name="qs_title">Przełącz VPN</string>
@@ -417,6 +419,7 @@ OpenVPN dla Androida ostrzeże Cię o tym w logu.<p>Kiedy VPN ustawi serwer DNS
<string name="connectretrymaxmessage">Podaj maksymalny czas pomiędzy kolejnymi próbami połączenia. OpenVPN będzie powoli zwiększał czas oczekiwania po każdej nieudanej próbie połączenia aż do podanej wartości. Domyślna wartość to 300 sekund.</string>
<string name="connectretrymaxtitle">Maksymalny czas między próbami połączenia</string>
<string name="state_waitconnectretry">Oczekiwanie %s sekund pomiędzy kolejnymi próbami połączenia</string>
+ <string name="nought_alwayson_warning"><![CDATA[Jeśli nie dostałeś potwierdzenia VPN, masz włączony \"Always on VPN\" dla innej aplikacji. W tym przypadku tylko ona może łączyć się z VPN. Sprawdź Ustawienia-> Sieci więcej .. -> VPN]]></string>
<string name="management_socket_closed">Połączenie OpenVPN zamknięte (%s)</string>
<string name="change_sorting">Zmień sortowanie</string>
<string name="sort">Sortowanie</string>
@@ -436,8 +439,29 @@ OpenVPN dla Androida ostrzeże Cię o tym w logu.<p>Kiedy VPN ustawi serwer DNS
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit / s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;Począwszy od wersji OpenSSL 1.1, OpenSSL odrzuca słabe sygnatury w certyfikatach takich jak MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;Podpisy MD5 są całkowicie niezabezpieczone i nie powinny być już używane.&lt;/b&gt; Zderzenia MD5 można utworzyć w ciągu &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;godzin przy minimalnych kosztach.&lt;/a&gt;. Należy zaktualizować certyfikaty VPN tak szybko, jak to możliwe.&lt;/p&gt;&lt;p&gt;Niestety, starsze dystrybucje easy-rsa zawierały opcję konfiguracji \"default_md md5\". Jeśli używasz starej wersji easy-rsa, zaktualizuj do &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;najnowszej wersji&lt;/a&gt;) lub zmień md5 na sha256 i zrestartuj swoje certyfikaty.&lt;/p&gt;&lt;p&gt;Jeśli naprawdę chcesz używać starych i uszkodzonych certyfikatów, użyj niestandardowej opcji konfiguracji tls-cipher \"DEFAULT: @ SECLEVEL = 0\" w konfiguracji zaawansowanej lub jako dodatkowej linii w zaimportowanej konfiguracji&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Statystyki połączenia</string>
+ <string name="channel_description_background">Statystyki obecnie nawiązanego połączenia OpenVPN</string>
+ <string name="channel_name_status">Zmiana statusu połączenia</string>
+ <string name="channel_description_status">Zmiana statusu poÅ‚Ä…czenia OpenVPN (ÅÄ…czenie, uwierzytelnianie,...)</string>
+ <string name="weakmd_title">SÅ‚abe hasze (MD5) w podpisie certyfikatu
+(SSL_CTX_use_certificate md za słabe)</string>
+ <string name="title_activity_open_sslspeed">OpenSSL Test Prędkości</string>
+ <string name="openssl_cipher_name">OpenSSL nazwy szyfrów</string>
+ <string name="osslspeedtest">OpenSSL Test Szybkości Crypto</string>
+ <string name="openssl_error">OpenSSL zwrócił błąd</string>
+ <string name="running_test">Testowanie&#8230;</string>
+ <string name="test_algoirhtms">Test wybranych algorytmów</string>
+ <string name="all_app_prompt">Zewnętrzna aplikacja próbuje przejąć kontrolę %s. Prośba o dostęp nie może być zweryfikowana. Zezwolenie da jej dostęp do WSZYSTKICH aplikacji.</string>
+ <string name="openvpn3_nostatickeys">Implementacja OpenVPN 3 C++ nie wspiera kluczy statycznych. Proszę zmienić na OpenVPN 2.x pod głównymi ustawieniami.</string>
+ <string name="openvpn3_pkcs12">Używanie plików PKCS22 bezpośrednio z implementacją OpenVPN 3 C++ nie jest wspierane. Proszę zaimportować pliki PKCS12 do magazynu kluczy Androida lub przejść na OpenVPN 2.x pod głównymi ustawieniami.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Żaden</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-pt/strings-icsopenvpn.xml b/app/src/main/res/values-pt/strings-icsopenvpn.xml
index 52772eba..7f1407f9 100755
--- a/app/src/main/res/values-pt/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-pt/strings-icsopenvpn.xml
@@ -191,7 +191,6 @@
<string name="setting_loadtun_summary">Tente carregar o módulo tun.ko do kernel antes de ligar. Necessita de acesso root ao dispositivo.</string>
<string name="setting_loadtun">Carregar o módulo tun</string>
<string name="getproxy_error">Erro ao obter definições proxy %s</string>
- <string name="using_proxy">A utilizar proxy %1$s %2$d</string>
<string name="use_system_proxy">Usar a proxy do sistema</string>
<string name="onbootrestart">Ligar no arranque</string>
<string name="ignore">Ignorar</string>
diff --git a/app/src/main/res/values-ro/strings-icsopenvpn.xml b/app/src/main/res/values-ro/strings-icsopenvpn.xml
index 8ca5dce3..a784a190 100755
--- a/app/src/main/res/values-ro/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ro/strings-icsopenvpn.xml
@@ -201,7 +201,6 @@
<string name="setting_loadtun">Încarcă modulul tun</string>
<string name="importpkcs12fromconfig">Import PKCS12 configurare în Android Keystore</string>
<string name="getproxy_error">Eroare la obţinerea setărilor proxy: %s</string>
- <string name="using_proxy">Folosesc proxy %1$s %2$d</string>
<string name="use_system_proxy">FoloseÅŸte proxy sistem</string>
<string name="use_system_proxy_summary">FoloseÅŸte configurarea sistem pentru proxy HTTP/HTTPS folosit la conectare.</string>
<string name="onbootrestartsummary">OpenVPN va conecta VPN-ul specificat dacă vs fi activ la pornirea sistemului. Citiți întrebările frecvente privind avertizare de conexiune înainte de a utiliza această opțiune pe Android &lt; 5.0.</string>
diff --git a/app/src/main/res/values-ru/plurals-icsopenvpn.xml b/app/src/main/res/values-ru/plurals-icsopenvpn.xml
index 7cc8112c..66f65501 100755
--- a/app/src/main/res/values-ru/plurals-icsopenvpn.xml
+++ b/app/src/main/res/values-ru/plurals-icsopenvpn.xml
@@ -2,23 +2,27 @@
<!--Generated by crowdin.com-->
<resources>
<plurals name="months_left">
- <item quantity="one">ОÑталÑÑ Ð¾Ð´Ð¸Ð½ меÑÑц</item>
+ <item quantity="one">ОÑталÑÑ %d меÑÑц</item>
<item quantity="few">ОÑталоÑÑŒ %d меÑÑца</item>
+ <item quantity="many">ОÑталоÑÑŒ %d меÑÑцев</item>
<item quantity="other">ОÑталоÑÑŒ %d меÑÑцев</item>
</plurals>
<plurals name="days_left">
- <item quantity="one">ОÑталÑÑ Ð¾Ð´Ð¸Ð½ день</item>
+ <item quantity="one">ОÑталÑÑ %d день</item>
<item quantity="few">ОÑталоÑÑŒ %d днÑ</item>
+ <item quantity="many">ОÑталоÑÑŒ %d дней</item>
<item quantity="other">ОÑталоÑÑŒ %d дней</item>
</plurals>
<plurals name="hours_left">
- <item quantity="one">ОÑталÑÑ Ð¾Ð´Ð¸Ð½ чаÑ</item>
+ <item quantity="one">ОÑталÑÑ %d чаÑ</item>
<item quantity="few">ОÑталоÑÑŒ %d чаÑа</item>
+ <item quantity="many">ОÑталоÑÑŒ %d чаÑов</item>
<item quantity="other">ОÑталоÑÑŒ %d чаÑов</item>
</plurals>
<plurals name="minutes_left">
- <item quantity="one">ОÑталаÑÑŒ одна минута</item>
+ <item quantity="one">ОÑталаÑÑŒ %d минута</item>
<item quantity="few">ОÑталоÑÑŒ %d минуты</item>
+ <item quantity="many">ОÑталоÑÑŒ %d минут</item>
<item quantity="other">ОÑталоÑÑŒ %d минут</item>
</plurals>
</resources>
diff --git a/app/src/main/res/values-ru/strings-icsopenvpn.xml b/app/src/main/res/values-ru/strings-icsopenvpn.xml
index 73acc96a..9dda5191 100755
--- a/app/src/main/res/values-ru/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ru/strings-icsopenvpn.xml
@@ -201,10 +201,10 @@
<string name="setting_loadtun">Загрузить tun-модуль</string>
<string name="importpkcs12fromconfig">Импорт PKCS12 из хранилища ключей Android</string>
<string name="getproxy_error">Ошибка при получении параметров прокÑи-Ñервера: %s</string>
- <string name="using_proxy">ИÑпользуетÑÑ Ð¿Ñ€Ð¾ÐºÑи-Ñервер %1$s %2$d</string>
+ <string name="using_proxy">ИÑпользуетÑÑ Ð¿Ñ€Ð¾ÐºÑи-Ñервер %1$s %2$s</string>
<string name="use_system_proxy">ИÑпользовать прокÑи-Ñервер ÑиÑтемы</string>
<string name="use_system_proxy_summary">ИÑпользовать ÑиÑтемную конфигурацию прокÑи HTTP/HTTPS Ð´Ð»Ñ ÑоединениÑ.</string>
- <string name="onbootrestartsummary">OpenVPN будет подключатьÑÑ Ðº указанному VPN, еÑли он был активен при загрузке ÑиÑтемы. ПожалуйÑта, прочитайте FAQ о предупреждении при подключении перед тем, как иÑпользовать Ñту опцию на Android &lt; 5.0.</string>
+ <string name="onbootrestartsummary">OpenVPN будет подключатьÑÑ Ðº указанному VPN, еÑли он был активен при загрузке ÑиÑтемы. ПожалуйÑта, прочитайте FAQ о предупреждении при подключении перед тем, как иÑпользовать Ñту функцию на Android &lt; 5.0.</string>
<string name="onbootrestart">Подключение при загрузке</string>
<string name="ignore">Игнорировать</string>
<string name="restart">ПерезапуÑк</string>
@@ -268,7 +268,7 @@
<string name="add">Добавить</string>
<string name="send_config">Отправить конфигурационный файл</string>
<string name="complete_dn">Полное DN</string>
- <string name="remotetlsnote">Ð˜Ð¼Ð¿Ð¾Ñ€Ñ‚Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ð°Ñ ÐºÐ¾Ð½Ñ„Ð¸Ð³ÑƒÑ€Ð°Ñ†Ð¸Ñ Ð¸Ñпользует УСТÐРЕВШУЮ опцию tls-remote, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð¸Ð¼ÐµÐµÑ‚ другой формат DN.</string>
+ <string name="remotetlsnote">Ð˜Ð¼Ð¿Ð¾Ñ€Ñ‚Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ð°Ñ ÐºÐ¾Ð½Ñ„Ð¸Ð³ÑƒÑ€Ð°Ñ†Ð¸Ñ Ð¸Ñпользует УСТÐРЕВШУЮ функцию tls-remote, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð¸Ð¼ÐµÐµÑ‚ другой формат DN.</string>
<string name="rdn">RDN (полное имÑ)</string>
<string name="rdn_prefix">ÐŸÑ€ÐµÑ„Ð¸ÐºÑ RDN</string>
<string name="tls_remote_deprecated">tls-remote (УСТÐРЕВШЕЕ)</string>
@@ -279,7 +279,7 @@
<string name="no_external_app_allowed">Ðет приложений, авторизованных Ð´Ð»Ñ Ð²Ð½ÐµÑˆÐ½ÐµÐ³Ð¾ API</string>
<string name="allowed_apps">Разрешённые приложениÑ: %s</string>
<string name="clearappsdialog">ОчиÑтить ÑпиÑок авторизованных внешних приложений?\nСпиÑок разрешенных приложений:\n\n%s</string>
- <string name="screenoff_summary">ПриоÑтанавливать VPN, еÑли Ñкран выключен и передано меньше 64kb данных за 60 Ñек. Когда включена Ð¾Ð¿Ñ†Ð¸Ñ \"ПоÑтоÑнный туннель\", приоÑтановка VPN оÑтавит ваше уÑтройÑтво без Ñетевого подключениÑ. Без опции \"ПоÑтоÑнный туннель\" уÑтройÑтво не будет иметь VPN-ÑоединениÑ/защиты.</string>
+ <string name="screenoff_summary">ПриоÑтанавливать VPN, еÑли Ñкран выключен и передано меньше 64 КБ данных за 60 Ñек. Когда включена Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ \"ПоÑтоÑнный туннель\", приоÑтановка VPN оÑтавит ваше уÑтройÑтво без Ñетевого подключениÑ. Без функции \"ПоÑтоÑнный туннель\" уÑтройÑтво не будет иметь VPN-ÑоединениÑ/защиты.</string>
<string name="screenoff_title">ПриоÑтановить VPN-Ñоединение при выключенном Ñкране</string>
<string name="screenoff_pause">ПриоÑтановка ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸ выключенном Ñкране: меньше, чем %1$s за %2$sÑ</string>
<string name="screen_nopersistenttun">Внимание: ПоÑтоÑнный туннель не включен Ð´Ð»Ñ Ñтого VPN. Трафик будет иÑпользовать обычное интернет Ñоединение, когда Ñкран выключен.</string>
@@ -314,7 +314,7 @@
<string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
<string name="faq_system_dialog_xposed">ЕÑли на вашем уÑтройÑтве еÑÑ‚ÑŒ root, можете уÑтановить &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; и &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;модуль автоматичеÑкого Ð¿Ð¾Ð´Ñ‚Ð²ÐµÑ€Ð¶Ð´ÐµÐ½Ð¸Ñ Ð´Ð¸Ð°Ð»Ð¾Ð³Ð° Ð¿Ð¾Ð´ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ VPN&lt;/a&gt; на Ñвой Ñтрах и риÑк</string>
<string name="full_licenses">Полные текÑÑ‚Ñ‹ лицензий</string>
- <string name="blocklocal_summary">Сети, доÑтупные напрÑмую через локальный интерфейÑ, не будут маршрутизированы через VPN. Отключите Ñту опцию, чтобы направить трафик через VPN.</string>
+ <string name="blocklocal_summary">Сети, доÑтупные напрÑмую через локальный интерфейÑ, не будут маршрутизированы через VPN. Отключите Ñту функцию, чтобы направить трафик через VPN.</string>
<string name="blocklocal_title">Ðе иÑпользовать VPN Ð´Ð»Ñ Ð»Ð¾ÐºÐ°Ð»ÑŒÐ½Ñ‹Ñ… адреÑов</string>
<string name="userpw_file">Файл логина и паролÑ</string>
<string name="imported_from_file">[Импортировано из: %s]</string>
@@ -355,7 +355,7 @@
<string name="ignore_multicast_route">ИгнорируетÑÑ Ð¼ÑƒÐ»ÑŒÑ‚Ð¸Ð°Ð´Ñ€ÐµÑный маршрут: %s</string>
<string name="ab_only_cidr">Android поддерживает только CIDR маршруты к VPN. ПоÑкольку не CIDR маршруты почти никогда не иÑпользуютÑÑ, OpenVPN Ð´Ð»Ñ Android будет иÑпользовать /32 Ð´Ð»Ñ Ð½Ðµ CIDR маршрутов и выдавать предупреждение.</string>
<string name="ab_tethering_44">Тетеринг/раздача интернета работает, когда активен VPN. Модемное Ñоединение (тетеринг) ÐЕ БУДЕТ иÑпользовать VPN.</string>
- <string name="ab_kitkat_mss">Ранние верÑии KitKat уÑтанавливают неверное значение MSS Ð´Ð»Ñ TCP Ñоединений (#61948). Попробуйте включить опцию mssfix, чтобы обойти Ñтот баг.</string>
+ <string name="ab_kitkat_mss">Ранние верÑии KitKat уÑтанавливают неверное значение MSS Ð´Ð»Ñ TCP-Ñоединений (#61948). Попробуйте включить функцию mssfix, чтобы обойти Ñту ошибку.</string>
<string name="ab_proxy">Android будет продолжать иÑпользовать ваши наÑтройки прокÑи, указанные Ð´Ð»Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ð¾Ð³Ð¾/Wi-Fi ÑоединениÑ, когда не уÑтановлен DNS Ñервер. OpenVPN for Android предупредит Ð²Ð°Ñ Ð¾Ð± Ñтом в журнале.<p>Когда VPN уÑтанавливает DNS Ñервер Android не иÑпользует прокÑи. Ð”Ð»Ñ ÑƒÑтановки прокÑи Ð´Ð»Ñ VPN ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ð½ÐµÑ‚ API.</p></string>
<string name="ab_lollipop_reinstall">ÐŸÑ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ VPN могут переÑтать работать поÑле ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ Ð¸ повторной уÑтановки. ПодробноÑти Ñм. #80074</string>
<string name="ab_not_route_to_vpn">Сконфигурированный IP-Ð°Ð´Ñ€ÐµÑ ÐºÐ»Ð¸ÐµÐ½Ñ‚Ð° и IP-адреÑа в его подÑети (ÑоглаÑно Ñетевой маÑке) не направлÑÑŽÑ‚ÑÑ Ñ‡ÐµÑ€ÐµÐ· VPN. OpenVPN обходит Ñтот баг, Ñвно добавлÑÑ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚, который ÑоответÑтвует клиентÑкому IP и его Ñетевой маÑке</string>
@@ -424,7 +424,7 @@
<string name="sort">Сортировать</string>
<string name="sorted_lru">Профили отÑортированы по порÑдку поÑледнего иÑпользованиÑ</string>
<string name="sorted_az">Профили отÑортированы по названию</string>
- <string name="deprecated_tls_remote">Файл наÑтройки иÑпользует опцию tls-remote, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±Ñ‹Ð»Ð° объÑвлена уÑтаревшей в верÑии 2.3 и окончательно удалена в верÑии 2.4</string>
+ <string name="deprecated_tls_remote">Файл наÑтройки иÑпользует функцию tls-remote, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±Ñ‹Ð»Ð° объÑвлена уÑтаревшей в верÑии 2.3 и окончательно удалена в верÑии 2.4</string>
<string name="auth_failed_behaviour">Поведение при AUTH_FAILED</string>
<string name="graph">График</string>
<string name="use_logarithmic_scale">ИÑпользовать логарифмичеÑкую шкалу</string>
@@ -438,8 +438,7 @@
<string name="kbits_per_second">%.1f Кбит/Ñ</string>
<string name="mbits_per_second">%.1f Мбит/Ñ</string>
<string name="gbits_per_second">%.1f Гбит/Ñ</string>
- <string name="weakmd">&lt;p&gt; ÐÐ°Ñ‡Ð¸Ð½Ð°Ñ Ñ OpenSSL верÑии 1.1, OpenSSL отклонÑет Ñлабые подпиÑи в таких Ñертификатах, как MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5, подпиÑи полноÑтью небезопаÑны и больше не должны иÑпользоватьÑÑ.&lt;/b&gt; Ð¡Ñ‚Ð¾Ð»ÐºÐ½Ð¾Ð²ÐµÐ½Ð¸Ñ MD5 могут быть Ñозданы в &lt;a
- href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt; через неÑколько чаÑов Ñ Ð¼Ð¸Ð½Ð¸Ð¼Ð°Ð»ÑŒÐ½Ñ‹Ð¼Ð¸ затратами.&lt;/a&gt;. Ð’Ñ‹ должны как можно Ñкорее обновить Ñертификаты VPN. &lt;/p&gt;&lt;p&gt;К Ñожалению, Ñтарые диÑтрибутивы easy-rsa включали опцию конфигурации «default_md md5». ЕÑли вы иÑпользуете Ñтарую верÑию easy-rsa, обновите ее до &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;latest верÑии&lt;/a&gt;) или измените md5 на sha256 и воÑÑтановите Ñвои Ñертификаты.&lt;/p&gt;&lt;p&gt;ЕÑли вы дейÑтвительно хотите иÑпользовать Ñтарые и поврежденные Ñертификаты, иÑпользуйте наÑтраиваемый параметр конфигурации tls-cipher «DEFAULT: @SECLEVEL = 0 \"в раÑширенной конфигурации или в качеÑтве дополнительной Ñтроки в вашей импортированной конфигурации&lt;/p&gt;
+ <string name="weakmd">&lt;p&gt; ÐÐ°Ñ‡Ð¸Ð½Ð°Ñ Ñ OpenSSL верÑии 1.1, OpenSSL отклонÑет Ñлабые подпиÑи Ñертификатов, такие как MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;ПодпиÑи MD5 полноÑтью небезопаÑны и больше не должны иÑпользоватьÑÑ.&lt;/b&gt; Коллизии MD5 могут быть Ñозданы &lt;a href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt; за неÑколько чаÑов Ñ Ð¼Ð¸Ð½Ð¸Ð¼Ð°Ð»ÑŒÐ½Ñ‹Ð¼Ð¸ затратами.&lt;/a&gt;Ð’Ñ‹ должны как можно Ñкорее обновить Ñертификаты VPN. &lt;/p&gt;&lt;p&gt;К Ñожалению, Ñтарые верÑии easy-rsa включали опцию конфигурации «default_md md5». ЕÑли вы иÑпользуете Ñтарую верÑию easy-rsa, обновите её до &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;поÑледней верÑии&lt;/a&gt; или измените md5 на sha256 и обновите Ñвои Ñертификаты.&lt;/p&gt;&lt;p&gt;ЕÑли вы дейÑтвительно хотите иÑпользовать Ñтарые и проблемные Ñертификаты, иÑпользуйте пользовательÑкий параметр tls-cipher \"DEFAULT:@SECLEVEL=0\" на вкладке «РаÑширенные» или в качеÑтве дополнительной Ñтроки в вашей импортированной конфигурации&lt;/p&gt;
</string>
<string name="volume_byte">%.0f Б</string>
<string name="volume_kbyte">%.1f КБ</string>
@@ -454,9 +453,12 @@
<string name="openssl_cipher_name">Имена шифров OpenSSL</string>
<string name="osslspeedtest">ТеÑÑ‚ ÑкороÑти OpenSSL Crypto</string>
<string name="openssl_error">OpenSSL возвратил ошибку</string>
- <string name="running_test">ЗапуÑк теÑта&#8230;</string>
+ <string name="running_test">ТеÑтирование&#8230;</string>
<string name="test_algoirhtms">ТеÑтирование выбранных алгоритмов</string>
<string name="all_app_prompt">Внешнее приложение пытаетÑÑ ÐºÐ¾Ð½Ñ‚Ñ€Ð¾Ð»Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ %s. Приложение, запрашивающее доÑтуп, не может быть определено. Разрешение Ñтого Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñ Ð¿Ñ€ÐµÐ´Ð¾ÑтавлÑет доÑтуп вÑем приложениÑм.</string>
- <string name="openvpn3_nostatickeys">Ð ÐµÐ°Ð»Ð¸Ð·Ð°Ñ†Ð¸Ñ OpenVPN 3 C ++ не поддерживает ÑтатичеÑкие ключи. Перейдите в OpenVPN 2.x под общие наÑтройки.</string>
- <string name="openvpn3_pkcs12">ИÑпользование файлов PKCS12 напрÑмую Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ OpenVPN 3 C ++ не поддерживаетÑÑ. Импортируйте файлы pkcs12 в хранилище ключей Android или замените OpenVPN 2.x на общие наÑтройки.</string>
+ <string name="openvpn3_nostatickeys">Ð ÐµÐ°Ð»Ð¸Ð·Ð°Ñ†Ð¸Ñ OpenVPN 3 C ++ не поддерживает ÑтатичеÑкие ключи. ПереключитеÑÑŒ на OpenVPN 2.x в общих наÑтройках.</string>
+ <string name="openvpn3_pkcs12">ИÑпользование файлов PKCS12 напрÑмую Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ OpenVPN 3 C ++ не поддерживаетÑÑ. Импортируйте файлы pkcs12 в хранилище ключей Android или переключитеÑÑŒ на OpenVPN 2.x в общих наÑтройках.</string>
+ <string name="proxy">ПрокÑи</string>
+ <string name="Use_no_proxy">Ðичего</string>
+ <string name="tor_orbot">Тор (Орбот)</string>
</resources>
diff --git a/app/src/main/res/values-sl/strings-icsopenvpn.xml b/app/src/main/res/values-sl/strings-icsopenvpn.xml
index 019e27e4..d7ce31b9 100755
--- a/app/src/main/res/values-sl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-sl/strings-icsopenvpn.xml
@@ -201,7 +201,6 @@
<string name="setting_loadtun">Naloži modul TUN</string>
<string name="importpkcs12fromconfig">Uvozi PKCS12 iz nastavitev v Androidovo shrambo kljuÄev</string>
<string name="getproxy_error">Napaka pri dobivanju nastavitev posredniškega strežnika: %s</string>
- <string name="using_proxy">Uporaba posredniškega strežnika %1$s %2$d</string>
<string name="use_system_proxy">Uporabi sis. pos. str.</string>
<string name="use_system_proxy_summary">Za povezavo uporabi nastavitve celega sistema za posredniške strežnike HTTP/HTTPS.</string>
<string name="onbootrestartsummary">OpenVPN bo povezal navedeni VPN, Äe je bil dejaven ob zagonu sistema. Preberite pogosta vpraÅ¡anja o opozorilih glede povezav pred uporabo te možnosti na Androidu &lt; 5.0.</string>
diff --git a/app/src/main/res/values-sv/strings-icsopenvpn.xml b/app/src/main/res/values-sv/strings-icsopenvpn.xml
index c39906be..217de2aa 100755
--- a/app/src/main/res/values-sv/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-sv/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Ladda tun modul</string>
<string name="importpkcs12fromconfig">Importera PKCS12 från konfigurationen till Android Keystore</string>
<string name="getproxy_error">Fel vid hämtning av proxyinställningar: %s</string>
- <string name="using_proxy">Använder proxy %1$s %2$d</string>
+ <string name="using_proxy">Använder proxy %1$s %2$s</string>
<string name="use_system_proxy">Använd system proxy</string>
<string name="use_system_proxy_summary">Använda systemkonfigurationen för HTTP/HTTPS proxy för att ansluta.</string>
<string name="onbootrestartsummary">OpenVPN kommer att ansluta angiven VPN om den var aktivt vid systemets uppstart. Vänligen läs anslutningsvarnings FAQ innan du använder det här alternativet på Android &lt; 5.0.</string>
@@ -448,9 +448,14 @@
<string name="weakmd_title">Svag (MD5) hashes i certifikat signatur (SSL_CTX_use_certificate md för svag)</string>
<string name="title_activity_open_sslspeed">OpenSSL-hastighetstest</string>
<string name="openssl_cipher_name">OpenSSL-ciffernamn</string>
+ <string name="osslspeedtest">OpenSSL Crypto-hastighetstest</string>
<string name="openssl_error">OpenSSL returnerade ett fel</string>
<string name="running_test">Kör test&#8230;</string>
<string name="test_algoirhtms">Testa valda algoritmer</string>
<string name="all_app_prompt">En extern app försöker kontrollera %s. Appen som begär åtkomst kan inte bestämmas. Tillåtelse av den här appen ger åtkomst till ALLA program.</string>
<string name="openvpn3_nostatickeys">OpenVPN 3 C ++-implementeringen stöder inte statiska nycklar. Ändra till OpenVPN 2.x under allmänna inställningar.</string>
+ <string name="openvpn3_pkcs12">Användning av PKCS12-filer direkt med OpenVPN 3 C++-implementering stöds inte. Vänligen importera pkcs12-filerna till Android-nyckelbutiken eller ändra till OpenVPN 2.x under allmänna inställningar.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Ingen</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-tr/strings-icsopenvpn.xml b/app/src/main/res/values-tr/strings-icsopenvpn.xml
index 5f82c364..8b2fad33 100755
--- a/app/src/main/res/values-tr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-tr/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Tun modülünü yükle</string>
<string name="importpkcs12fromconfig">PKCS12 yapılandırmasını Android anahtar deposuna alma</string>
<string name="getproxy_error">Vekil sunucu ayarları alınırken hata oluştu: %s</string>
- <string name="using_proxy">%1$s %2$d vekil sunucusu kullanarak</string>
+ <string name="using_proxy">%1$s %2$s Vekil Sunucusu kullanılıyor</string>
<string name="use_system_proxy">Sistem vekil sunucusunu kullan</string>
<string name="use_system_proxy_summary">Bağlanmak için sistem çapındaki HTTP/HTTPS vekil sunucularını kullan.</string>
<string name="onbootrestartsummary">Sistem önyüklemesi üzerinde etkinse, OpenVPN belirtilen VPN bağlantısına bağlanır. Lütfen bu seçeneği Android &lt; 5.0 üzerinde kullanmadan önce bağlantı uyarısı için SSS bölümünü okuyun.</string>
@@ -462,4 +462,7 @@
<string name="openvpn3_pkcs12">PKCS12 dosyalarını doğrudan OpenVPN 3 C++ uygulamasıyla kullanmak desteklenmiyor.
Lütfen, pkcs12 dosyalarını Android anahtar deposuna aktarın veya genel ayarlar altında OpenVPN 2.x\'e geçin.
</string>
+ <string name="proxy">Vekil Sunucu</string>
+ <string name="Use_no_proxy">Hiçbiri</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-uk/plurals-icsopenvpn.xml b/app/src/main/res/values-uk/plurals-icsopenvpn.xml
index 0fa0f62e..70489fbc 100755
--- a/app/src/main/res/values-uk/plurals-icsopenvpn.xml
+++ b/app/src/main/res/values-uk/plurals-icsopenvpn.xml
@@ -1,24 +1,3 @@
<?xml version="1.0" encoding="utf-8"?>
<!--Generated by crowdin.com-->
-<resources>
- <plurals name="months_left">
- <item quantity="one">ЗалишивÑÑ Ð¾Ð´Ð¸Ð½ міÑÑць</item>
- <item quantity="few">ЗалишоÑÑŒ %d міÑÑці</item>
- <item quantity="other">ЗалишоÑÑŒ %d міÑÑці(-ів)</item>
- </plurals>
- <plurals name="days_left">
- <item quantity="one">ЗалишивÑÑ Ð¾Ð´Ð¸Ð½ день</item>
- <item quantity="few">ЗалишилоÑÑŒ %d дні</item>
- <item quantity="other">ЗалишилоÑÑŒ %d днів</item>
- </plurals>
- <plurals name="hours_left">
- <item quantity="one">ЗалишилаÑÑŒ одна година</item>
- <item quantity="few">ЗалишилоÑÑŒ %d години</item>
- <item quantity="other">ЗалишилоÑÑŒ %d годин</item>
- </plurals>
- <plurals name="minutes_left">
- <item quantity="one">ЗалишилаÑÑ Ð¾Ð´Ð½Ð° хвилина</item>
- <item quantity="few">ЗалишилоÑÑŒ %d хвилини</item>
- <item quantity="other">ЗалишилоÑÑŒ %d хвилин</item>
- </plurals>
-</resources>
+<resources></resources>
diff --git a/app/src/main/res/values-uk/strings-icsopenvpn.xml b/app/src/main/res/values-uk/strings-icsopenvpn.xml
index 61c350af..547ba025 100755
--- a/app/src/main/res/values-uk/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-uk/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Завантажити tun-модуль</string>
<string name="importpkcs12fromconfig">Імпорт PKCS12 з конфігурації у Ñховищі ключів Ðндроїд</string>
<string name="getproxy_error">Помилка Ð¾Ñ‚Ñ€Ð¸Ð¼Ð°Ð½Ð½Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ–Ð² прокÑÑ–: %s</string>
- <string name="using_proxy">ВикориÑтовуєтьÑÑ Ð¿Ñ€Ð¾ÐºÑÑ– %1$s %2$d</string>
+ <string name="using_proxy">ВикориÑтовуєтьÑÑ Ð¿Ñ€Ð¾ÐºÑÑ–-Ñервер %1$s %2$s</string>
<string name="use_system_proxy">ВикориÑтовувати ÑиÑтемний прокÑÑ–</string>
<string name="use_system_proxy_summary">ВикориÑтовувати ÑиÑтемну конфігурацію HTTP/HTTPS прокÑÑ– Ð´Ð»Ñ Ð·\'єднаннÑ.</string>
<string name="onbootrestartsummary">OpenVPN підключатиметьÑÑ Ð´Ð¾ вказаного VPN, Ñкщо він був активний при завантаженні ÑиÑтеми. Будь лаÑка, прочитайте FAQ про Ð¿Ð¾Ð¿ÐµÑ€ÐµÐ´Ð¶ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¸ підключенні перед викориÑтаннÑм цієї опції на Android &lt; 5.0.</string>
@@ -459,4 +459,7 @@
<string name="all_app_prompt">Зовнішній заÑтоÑунок намагаєтьÑÑ ÐºÐ¾Ð½Ñ‚Ñ€Ð¾Ð»ÑŽÐ²Ð°Ñ‚Ð¸ %s. ЗаÑтоÑунок, що запитує про доÑтуп, не може бути визначений. Дозвіл цьому заÑтоÑунку надає доÑтуп вÑім додаткам.</string>
<string name="openvpn3_nostatickeys">Ð ÐµÐ°Ð»Ñ–Ð·Ð°Ñ†Ñ–Ñ OpenVPN 3 C ++ не підтримує Ñтатичні ключи. Перейдіть в OpenVPN 2.x під загальними налаштуваннÑми.</string>
<string name="openvpn3_pkcs12">ВикориÑÑ‚Ð°Ð½Ð½Ñ Ñ„Ð°Ð¹Ð»Ñ–Ð² PKCS12 напрÑму за допомогою OpenVPN 3 C ++ не підтримуєтьÑÑ. Імпортуйте файли pkcs12 в Ñховище ключів Android або замініть OpenVPN 2.x на загальні налаштуваннÑ.</string>
+ <string name="proxy">ПрокÑÑ–</string>
+ <string name="Use_no_proxy">Ðемає</string>
+ <string name="tor_orbot">Тор (Орбот)</string>
</resources>
diff --git a/app/src/main/res/values-vi/strings-icsopenvpn.xml b/app/src/main/res/values-vi/strings-icsopenvpn.xml
index f38aaf3e..c047ca54 100755
--- a/app/src/main/res/values-vi/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-vi/strings-icsopenvpn.xml
@@ -201,7 +201,7 @@
<string name="setting_loadtun">Tải tun module</string>
<string name="importpkcs12fromconfig">Nhập PKCS12 từ cấu hình vào Khóa lưu trữ Android</string>
<string name="getproxy_error">Lỗi nhận cấu hình proxy: %s</string>
- <string name="using_proxy">Äang sá»­ dụng proxy %1$s %2$d</string>
+ <string name="using_proxy">ใช้พร็อà¸à¸‹à¸µ% 1 $ s% 2 $ s</string>
<string name="use_system_proxy">Sử dụng proxy hệ thống</string>
<string name="use_system_proxy_summary">Sử dụng các cấu hình hệ thống rộng cho HTTP/HTTPS proxy để kết nối.</string>
<string name="onbootrestartsummary">OpenVPN sẽ kết nối VPN xác định nếu nó đã hoạt Ä‘á»™ng trên hệ thống khởi Ä‘á»™ng. Xin vui lòng Ä‘á»c hÆ°Æ¡Ìng dẫn cảnh báo kết nối trÆ°á»›c khi sá»­ dụng tùy chá»n này trên Android &lt; 5.0.</string>
@@ -438,8 +438,36 @@
<string name="kbits_per_second">%.1f kbit/giây</string>
<string name="mbits_per_second">%.1f Mbit/giây</string>
<string name="gbits_per_second">%.1f Gbit/giây</string>
+ <string name="weakmd">&lt;p&gt;Bắt đầu với OpenSSL phiên bản 1.1, OpenSSL từ chối chữ ký yếu trong các chứng chỉ như
+ MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;Chữ ký MD5 hoàn toàn không an toàn và không nên sử dụng nữa.&lt;/b&gt; vụ va chạm MD5
+ có thể được tạo trong &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;giỠvới chi phí tối thiểu.&lt;/a&gt;.
+ Bạn nên cập nhật chứng chỉ VPN càng sớm càng tốt.&lt;/p&gt;&lt;p&gt;Thật không may, các bản phân phối
+ easy-rsa cÅ© hÆ¡n bao gồm tùy chá»n cấu hình \"default_md md5\". Nếu bạn Ä‘ang sá»­ dụng phiên bản easy-rsa cÅ©, hãy cập nhật lên
+ phiên bản &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;mới nhất&lt;/a&gt;) hoặc thay đổi md5 thành sha256 và
+ tạo lại chứng chỉ của bạn.&lt;/p&gt;&lt;p&gt;Nếu bạn thá»±c sá»± muốn sá»­ dụng chứng chỉ cÅ© và bị há»ng, hãy sá»­ dụng tùy chá»n cấu hình tls-mật mã tùy chỉnh
+ \"DEFAULT: @ SECLEVEL = 0\" trong cấu hình nâng cao hoặc làm dòng bổ sung trong
+ cấu hình đã nhập của bạn&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">Connection statistics</string>
+ <string name="channel_description_background">Số liệu thống kê liên tục của kết nối OpenVPN đã được thiết lập</string>
+ <string name="channel_name_status">Thay đổi trạng thái kết nối</string>
+ <string name="channel_description_status">Thay đổi trạng thái của kết nối OpenVPN (Äang kết nối, xác thá»±c,&#8230;)</string>
+ <string name="weakmd_title">Hàm băm yếu (MD5) trong chữ ký chứng chỉ (SSL_CTX_use_certificate md quá yếu)</string>
+ <string name="title_activity_open_sslspeed">Kiểm tra tốc độ OpenSSL</string>
+ <string name="openssl_cipher_name">Tên mã hóa OpenSSL</string>
+ <string name="osslspeedtest">Kiểm tra tốc độ OpenSSL Crypto</string>
+ <string name="openssl_error">OpenSSL trả vỠlỗi</string>
+ <string name="running_test">Äang chạy kiểm tra&#8230;</string>
+ <string name="test_algoirhtms">Kiểm tra các thuật toán đã chá»n</string>
+ <string name="all_app_prompt">Má»™t ứng dụng bên ngoài cố gắng kiểm soát %s. Không thể xác định ứng dụng yêu cầu quyá»n truy cập. Cho phép ứng dụng này cấp cho TẤT CẢ quyá»n truy cập ứng dụng.</string>
+ <string name="openvpn3_nostatickeys">Việc triển khai OpenVPN 3 C ++ không hỗ trợ các khóa tĩnh. Vui lòng thay đổi thành OpenVPN 2.x trong cài đặt chung.</string>
+ <string name="openvpn3_pkcs12">Việc sử dụng tệp PKCS12 trực tiếp với triển khai OpenVPN 3 C ++ không được hỗ trợ. Vui lòng nhập tệp pkcs12 vào kho khóa Android hoặc thay đổi thành OpenVPN 2.x trong cài đặt chung.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">Không</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
index 061a9827..4d6cc300 100755
--- a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
@@ -150,7 +150,7 @@
<string name="no_bind">无本地绑定</string>
<string name="import_configuration_file">导入é…置文件</string>
<string name="faq_security_title">安全注æ„事项</string>
- <string name="faq_security">“OpenVPN 是éžå¸¸æ³¨é‡å®‰å…¨çš„,所以在此æ供一些安全方é¢çš„建议。所有ä¿å­˜åœ¨å­˜å‚¨å¡ä¸Šçš„æ•°æ®éƒ½æ˜¯ä¸å®‰å…¨çš„,任何应用都å¯ä»¥è¯»å–存储å¡ä¸Šçš„文件,å³ä½¿è¿™ä¸ªåº”用没有‘写入存储å¡â€™çš„æƒé™ä¹Ÿæ˜¯å¦‚此。应用自身的数æ®åªèƒ½è¢«åº”用自己读å–。在选择 CA è¯ä¹¦ã€è¯ä¹¦æ–‡ä»¶æˆ–者密钥文件的时候请使用导入功能,这样这些数æ®å°±ä¼šä¿å­˜åœ¨ OpenVPN 自身的数æ®æ–‡ä»¶ä¸­ï¼Œä¿è¯ä¸ä¼šè¢«å…¶ä»–的应用æ¶æ„读å–。当然导入è¯ä¹¦ä¹‹åŽè®°å¾—è¦æŠŠè¯ä¹¦ä»Žå­˜å‚¨å¡ä¸Šåˆ é™¤æŽ‰ã€‚ä¸è¿‡ï¼Œè™½ç„¶è¿™äº›æ•°æ®ä¸èƒ½è¢«å…¶ä»–应用读å–,但是这些数æ®æ˜¯æ˜Žæ–‡ä¿å­˜çš„,如果你的系统是 rooted 的,那么这些数æ®å°†èƒ½å¤Ÿè¢«ä»»ä½•æ‹¥æœ‰ root æƒé™çš„应用轻æ¾åœ°è¯»å–。ä¿å­˜åœ¨ OpenVPN 中的密ç ä¹Ÿæ˜¯ä»¥æ˜Žæ–‡ä¿å­˜çš„,如果设备被 rooted 了,这些密ç ä¹Ÿæœ‰å¯èƒ½è¢«å…¶ä»–应用æ¶æ„读å–。强烈建议使用 pkcs12 è¯ä¹¦å¹¶å°†è¯ä¹¦å¯¼å…¥åˆ° Android 自己的è¯ä¹¦ç®¡ç†ç³»ç»Ÿé‡Œã€‚â€</string>
+ <string name="faq_security">"As OpenVPN is security sensitive a few notes about security are sensible. All data on the sdcard is incoherently insecure. Every app can read it (for example this program requires no special sd card rights). The data of this application can only be read by the application itself. By using the import option for cacert/cert/key in the file dialog the data is stored in the VPN profile. The VPN profiles are only accessible by this application. (Do not forget to delete the copies on the sd card afterwards). Even though accessible only by this application the data is still unencrypted. By rooting the telephone or other exploits it may be possible to retrieve the data. Saved passwords are stored in plain text as well. For pkcs12 files it is highly recommended that you import them into the android keystore."</string>
<string name="import_vpn">导入</string>
<string name="broken_image_cert_title">显示è¯ä¹¦é€‰æ‹©é”™è¯¯</string>
<string name="broken_image_cert">å°è¯•æ˜¾ç¤º Android 4.0 + è¯ä¹¦é€‰æ‹©å¯¹è¯æ¡†æ—¶å‡ºçŽ°å¼‚常。Android 4.0 以上的系统ä¸å¯èƒ½å‡ºçŽ°è¯¥é—®é¢˜ï¼Œå› ä¸ºè¿™æ˜¯æ ‡å‡†çš„系统功能。å¯èƒ½æ‚¨å½“å‰ ROM 中的è¯ä¹¦å­˜å‚¨å·²ç»æŸå。</string>
@@ -203,7 +203,7 @@
<string name="setting_loadtun">加载tun模å—</string>
<string name="importpkcs12fromconfig">å°†PKCS12从é…置导入到Android Keystore</string>
<string name="getproxy_error">获å–代ç†è®¾ç½®æ—¶å‡ºé”™ï¼š%s</string>
- <string name="using_proxy">ä½¿ç”¨ä»£ç† %1$s %2$d</string>
+ <string name="using_proxy">Using proxy %1$s %2$s</string>
<string name="use_system_proxy">使用系统代ç†</string>
<string name="use_system_proxy_summary">使用系统设置连接 HTTP/HTTPS 代ç†æœåŠ¡å™¨ã€‚</string>
<string name="onbootrestartsummary">如果在系统å¯åŠ¨æ—¶OpenVPN处于活动状æ€ï¼Œé‚£ä¹ˆå®ƒä¼šè¿žæŽ¥æŒ‡å®šçš„VPN。在Android 5.0上使用这个选项å‰ï¼Œè¯·é˜…读连接警告的常è§é—®é¢˜ã€‚</string>
@@ -442,8 +442,36 @@
<string name="kbits_per_second">%.1f kbit/s</string>
<string name="mbits_per_second">%.1f Mbit/s</string>
<string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;Starting with OpenSSL version 1.1, OpenSSL rejects weak signatures in certificates like
+ MD5.&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5 signatures are completely insecure and should not be used anymore.&lt;/b&gt; MD5
+ collisions can be created in &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;few hours at a minimal cost.&lt;/a&gt;.
+ You should update the VPN certificates as soon as possible.&lt;/p&gt;&lt;p&gt;Unfortunately, older easy-rsa
+ distributions included the config option \"default_md md5\". If you are using an old easy-rsa version, update to
+ the &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;latest version&lt;/a&gt;) or change md5 to sha256 and
+ regenerate your certificates.&lt;/p&gt;&lt;p&gt;If you really want to use old and broken certificates use the custom
+ configuration option tls-cipher \"DEFAULT:@SECLEVEL=0\" under advanced configuration or as additional line in your
+ imported configuration&lt;/p&gt;
+ </string>
<string name="volume_byte">%.0f B</string>
<string name="volume_kbyte">%.1f kB</string>
<string name="volume_mbyte">%.1f MB</string>
<string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">连接统计</string>
+ <string name="channel_description_background">正在建立的OpenVPN连接的统计数æ®</string>
+ <string name="channel_name_status">连接状æ€æ”¹å˜</string>
+ <string name="channel_description_status">OpenVPN连接的状æ€æ›´æ”¹ï¼ˆè¿žæŽ¥ï¼Œèº«ä»½éªŒè¯...)</string>
+ <string name="weakmd_title">è¯ä¹¦ç­¾å中的弱 (MD5) 哈希 (SSL_CTX_use_certificate md 太弱)</string>
+ <string name="title_activity_open_sslspeed">OpenSSL 速度测试</string>
+ <string name="openssl_cipher_name">OpenSSL密ç å称</string>
+ <string name="osslspeedtest">OpenSSL Crypto速度测试</string>
+ <string name="openssl_error">OpenSSL 返回错误</string>
+ <string name="running_test">正在è¿è¡Œæµ‹è¯•&#8230;</string>
+ <string name="test_algoirhtms">测试选定的算法</string>
+ <string name="all_app_prompt">An external app tries to control %s. The app requesting access cannot be determined. Allowing this app grants ALL apps access.</string>
+ <string name="openvpn3_nostatickeys">OpenVPN 3 C ++实现ä¸æ”¯æŒé™æ€å¯†é’¥ã€‚请在常规设置下更改为OpenVPN 2.x.</string>
+ <string name="openvpn3_pkcs12">ä¸æ”¯æŒç›´æŽ¥ä½¿ç”¨ OpenVPN 3 c++ 实现的 PKCS12 文件。请将 pkcs12 文件导入 Android 密钥库, 或在常规设置下更改为 OpenVPN 2.x。</string>
+ <string name="proxy">代ç†</string>
+ <string name="Use_no_proxy">æ— </string>
+ <string name="tor_orbot">Tor (Orbot)</string>
</resources>
diff --git a/app/src/main/res/values-zh-rTW/plurals-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/plurals-icsopenvpn.xml
index 70489fbc..ba0d8399 100755
--- a/app/src/main/res/values-zh-rTW/plurals-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rTW/plurals-icsopenvpn.xml
@@ -1,3 +1,16 @@
<?xml version="1.0" encoding="utf-8"?>
<!--Generated by crowdin.com-->
-<resources></resources>
+<resources>
+ <plurals name="months_left">
+ <item quantity="other">還剩 %d 個月</item>
+ </plurals>
+ <plurals name="days_left">
+ <item quantity="other">還剩 %d 天</item>
+ </plurals>
+ <plurals name="hours_left">
+ <item quantity="other">還剩 %d å°æ™‚</item>
+ </plurals>
+ <plurals name="minutes_left">
+ <item quantity="other">還剩 %d 分é˜</item>
+ </plurals>
+</resources>
diff --git a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
index ba2e7d8d..a754440e 100755
--- a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
@@ -7,7 +7,7 @@
<resources>
<string name="address">伺æœå™¨åœ°å€ï¼š</string>
- <string name="port">伺æœå™¨ç«¯å£:</string>
+ <string name="port">伺æœå™¨é€£æŽ¥åŸ ï¼š</string>
<string name="location">ä½ç½®</string>
<string name="cant_read_folder">無法讀å–檔案目錄</string>
<string name="select">é¸æ“‡</string>
@@ -68,31 +68,31 @@
<string name="check_remote_tlscert_title">é æœŸçš„ TLS 伺æœå™¨æ†‘è­‰</string>
<string name="remote_tlscn_check_summary">檢查é ç«¯çš„伺æœå™¨æ†‘證主旨 DN</string>
<string name="remote_tlscn_check_title">憑證主機å稱檢查</string>
- <string name="enter_tlscn_dialog">指定用於驗證é ç¨‹è­‰æ›¸çš„DN(例如C = DE,L =帕德åšæ©ï¼ŒOU =禽æµIPé‹ç‡Ÿå•†ï¼ŒCN = openvpn.blinkt.de)\ñ\ n指定完整的DN或RDN檢查(openvpn.blinkt.de在這個例å­ä¸­ï¼‰æˆ–RDNå‰ç¶´é€²è¡Œé©—證。\ N使用RDNå‰ç¶´â€œæœå‹™å™¨â€\ n當匹é…“æœå‹™å™¨1â€å’Œâ€œæœå‹™å™¨2â€\ñ\ nLeaving文本字段為空將檢查RDNå°æœå‹™å™¨çš„主機å。 \ñ\ n有關詳細信æ¯è«‹åƒè¦‹ä¸‹-verify-X509-åçš„OpenVPN 2.3.1+手冊é </string>
+ <string name="enter_tlscn_dialog">指定這個檢查用於驗證é ç«¯æ†‘è­‰ DN(例如:C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\n指定完整的 DN 或 RDN(openvpn.blinkt.de 在範例中)或 RDN å‰ç¶´ä¾†é©—證。\n\n當使用 RDN å‰ç¶´ \"Server\" ç¬¦åˆ \"Server-1\" åŠ \"Server-2\"\n\n如文字欄ä½ç‚ºç©ºï¼Œå°‡æª¢æŸ¥ RDN 的主機å稱。\n\n更多詳情,請åƒé–± OpenVPN 2.3.1 + 在 manpage çš„ —verify-x509-name</string>
<string name="enter_tlscn_title">é ç«¯æ†‘證主旨</string>
<string name="tls_key_auth">啟用 TLS 密鑰èªè­‰</string>
<string name="tls_auth_file">TLS 驗證檔</string>
- <string name="pull_on_summary">å‘伺æœå™¨è«‹æ±‚ IP 地å€,ã€è·¯ç”±å’Œæ™‚間資訊</string>
+ <string name="pull_on_summary">å‘伺æœå™¨è«‹æ±‚ IP 地å€ã€è·¯ç”±å’Œæ™‚間資訊</string>
<string name="pull_off_summary">沒有來自伺æœå™¨çš„資訊,需è¦åœ¨ä¸‹é¢æŒ‡å®šè¨­å®šã€‚</string>
- <string name="use_pull">拉設置</string>
+ <string name="use_pull">å–得設定</string>
<string name="dns">DNS</string>
- <string name="override_dns">覆蓋的DNS設置æœå‹™å™¨</string>
- <string name="dns_override_summary">使用您自己的DNSæœå‹™å™¨</string>
+ <string name="override_dns">伺æœå™¨è¦†è“‹ DNS 設定</string>
+ <string name="dns_override_summary">使用您自己的 DNS 伺æœå™¨</string>
<string name="searchdomain">sea​​rchDomain</string>
- <string name="dns1_summary">è¦ä½¿ç”¨çš„DNSæœå‹™å™¨ã€‚</string>
- <string name="dns_server">DNSæœå‹™å™¨</string>
- <string name="secondary_dns_message">備用DNSæœå‹™å™¨ä½¿ç”¨ï¼Œå¦‚果正常的DNSæœå‹™å™¨ç„¡æ³•åˆ°é”。</string>
- <string name="backup_dns">備份DNSæœå‹™å™¨</string>
+ <string name="dns1_summary">è¦ä½¿ç”¨çš„ DNS 伺æœå™¨ã€‚</string>
+ <string name="dns_server">DNS 伺æœå™¨</string>
+ <string name="secondary_dns_message">如果無法使用正常的 DNS 伺æœå™¨ï¼Œæœƒä½¿ç”¨æ¬¡è¦çš„ DNS 伺æœå™¨</string>
+ <string name="backup_dns">備用的 DNS 伺æœå™¨</string>
<string name="ignored_pushed_routes">忽略伺æœå™¨æŽ¨é€çš„路由</string>
- <string name="ignore_routes_summary">忽略路由推æœå‹™å™¨ã€‚</string>
+ <string name="ignore_routes_summary">忽略由伺æœå™¨æŽ¨é€çš„路由</string>
<string name="default_route_summary">é‡æ–°æ‰€æœ‰æµé‡å°Žåˆ° VPN</string>
<string name="use_default_title">使用é è¨­è·¯ç”±</string>
- <string name="custom_route_message">輸入自定義的路線。åªæœ‰åœ¨CIDRæ ¼å¼è¼¸å…¥ç›®çš„地。 “10.0.0.0/8 2002:: / 16â€å°±ç›´æŽ¥ç¶²çµ¡10.0.0.0/8å’Œ2002:: / 16通éŽVPN。</string>
- <string name="custom_route_message_excluded">路線ä¸æ‡‰è©²è¢«è·¯ç”±é€šéŽVPN。使用相åŒçš„語法包括路線。</string>
- <string name="custom_routes_title">自定義路線</string>
- <string name="custom_routes_title_excluded">排除網絡</string>
+ <string name="custom_route_message">輸入自訂的路由。åªæœ‰åœ¨ä»¥ CIDR æ ¼å¼è¼¸å…¥ç›®çš„,\"10.0.0.0/8 2002::/16\" æ‰æœƒå°‡ 10.0.0.0/8 åŠ 2002::/16 ç¶²è·¯å°Žå‘ VPN。</string>
+ <string name="custom_route_message_excluded">路由ä¸æ‡‰æµç¶“éŽ VPN,使用相åŒçš„語法來排除路由。</string>
+ <string name="custom_routes_title">自訂路由</string>
+ <string name="custom_routes_title_excluded">排除的網絡</string>
<string name="log_verbosity_level">日誌的詳細等級</string>
- <string name="float_summary">å…許來自任何IP驗證的數據包</string>
+ <string name="float_summary">å…許來自任何 IP çš„é©—è­‰å°åŒ…</string>
<string name="float_title">å…許浮動伺æœå™¨</string>
<string name="custom_options_title">自訂é¸é …</string>
<string name="edit_vpn">編輯 VPN 設定</string>
@@ -102,25 +102,25 @@
<string name="error">"錯誤: "</string>
<string name="clear">清除</string>
<string name="last_openvpn_tun_config">打開 tun 介é¢ï¼š</string>
- <string name="local_ip_info">本地 IPv4:%1$s / %2$d IPv6:%3$s MTU:%4$d</string>
+ <string name="local_ip_info">本機 IPv4:%1$s / %2$d IPv6:%3$s MTU:%4$d</string>
<string name="dns_server_info">DNS 伺æœå™¨å™¨ï¼š%1$s,域å:%2$s</string>
<string name="routes_info_incl">路由:%1$s %2$s</string>
<string name="routes_info_excl">排除的路由:%1$s %2$s</string>
<string name="routes_debug">VpnService 路由安è£ï¼š%1$s %2$s</string>
- <string name="ip_not_cidr">GOT的接å£ä¿¡æ¯%1$så’Œ%2$s,å‡è¨­ç¬¬äºŒå€‹åœ°å€æ˜¯é ç¨‹çš„å°ç­‰åœ°å€ã€‚使用/ 32掩碼本地IP。通éŽOpenVPN的給定方å¼æ˜¯â€œ%3$sâ€ã€‚</string>
- <string name="route_not_cidr">ä¸èƒ½ä½¿%1$så’Œ%2$s如IP路由CIDRå­ç¶²æŽ©ç¢¼æ„Ÿï¼Œä½¿ç”¨/ 32å­ç¶²æŽ©ç¢¼ã€‚</string>
+ <string name="ip_not_cidr">å–得介é¢è¨Šæ¯ %1$s åŠ %2$s,å‡è¨­ç¬¬äºŒå€‹ä½å€æ˜¯é ç«¯å°ç­‰çš„ä½å€ã€‚使用 /32 å­ç¶²è·¯é®ç½©çµ¦æœ¬æ©Ÿ IP。OpenVPN 的模å¼æ˜¯ã€Œ%3$sã€ã€‚</string>
+ <string name="route_not_cidr">無法將 %1$s å’Œ %2$s 作為具有 CIDR å­ç¶²è·¯é®ç½©çš„ IP 路由,使用 /32 作為å­ç¶²è·¯é®ç½©ã€‚</string>
<string name="route_not_netip">修正路由 %1$s / %2$s 到 %3$s / %2$s</string>
- <string name="keychain_access">無法訪å•Android鑰匙扣證書。這å¯ä»¥é€šéŽå›ºä»¶å‡ç´šæˆ–通éŽæ¢å¾©çš„應用程åº/應用程åºè¨­ç½®çš„備份引起。請編輯VPNå’Œé‡æ–°é¸æ“‡ä¸‹åŸºæœ¬è¨­ç½®è­‰æ›¸é‡æ–°è¨ªå•è­‰æ›¸çš„權é™ã€‚</string>
+ <string name="keychain_access">ç„¡æ³•å­˜å– Android 鑰匙圈憑證。這å¯èƒ½æ˜¯ç”±éŸŒé«”更新,或還原此應用程å¼/應用程å¼è¨­å®šé€ æˆã€‚請在基本設定下,編輯 VPN åŠé‡æ–°é¸æ“‡æ†‘證,以é‡æ–°å»ºç«‹å­˜å–憑證的權é™ã€‚</string>
<string name="version_info">%1$s %2$s</string>
<string name="send_logfile">é€å‡ºæ—¥èªŒæª”案</string>
<string name="send">傳é€</string>
<string name="ics_openvpn_log_file">ICS OpenVPN 日誌檔案</string>
<string name="copied_entry">已將記錄複製到剪貼簿</string>
<string name="tap_mode">Tap 模å¼</string>
- <string name="faq_tap_mode">點擊模å¼æ˜¯ä¸å¯èƒ½çš„éžæ ¹VPN API。因此,該應用程åºä¸èƒ½æ供自來水的支æŒ</string>
+ <string name="faq_tap_mode">éž root çš„ VPN API 無法使用 Tap 模å¼ï¼Œå› æ­¤ï¼Œæ­¤æ‡‰ç”¨ç¨‹å¼ç„¡æ³•æä¾› tap 支æ´ã€‚</string>
<string name="tap_faq2">å†ä¸€æ¬¡ï¼Ÿä½ åœ¨é–‹çŽ©ç¬‘å§ï¼Ÿé€™çœŸçš„ä¸æ”¯æ´ tap 模å¼ï¼Œå°±ç®—å†å¯„é›»å­éƒµä»¶è©¢å•èƒ½ä¸èƒ½æ”¯æ´ä¹Ÿæ˜¯æ²’用的。</string>
<string name="tap_faq3">第三次嗎?實際上,一個å¯ä»¥å¯«åŸºæ–¼å±¯ï¼Œä¸¦æ·»åŠ  2 層資訊發é€å¸¶ 2 層資訊上水é¾é ­æ¨¡æ“¬å™¨æŽ¥æ”¶ã€‚但這個水é¾é ­æ¨¡æ“¬å™¨é‚„必須實施 ARP å’Œå¯èƒ½ DHCP 用戶端。我ä¸çŸ¥é“的任何人åšä»»ä½•å·¥ä½œåœ¨é€™å€‹æ–¹å‘。與我è¯ç¹«ï¼Œå¦‚果你想è¦é–‹å§‹å°æ­¤ç·¨ç¢¼ã€‚</string>
- <string name="faq">FAQ</string>
+ <string name="faq">常å•å•é¡Œ</string>
<string name="copying_log_entries">複製記錄項目</string>
<string name="faq_copying">è‹¥è¦è¤‡è£½å–®ç­†è¨˜éŒ„,在此記錄項目上點é¸ã€‚è‹¥è¦è¤‡è£½/é€å‡ºæ•´ç­†è¨˜éŒ„,使用é€å‡ºè¨˜éŒ„é¸é …。如果這個按鈕在畫é¢ä¸­ç„¡æ³•é¡¯ç¤ºï¼Œè«‹ä½¿ç”¨å¯¦é«”çš„é¸å–®æŒ‰éˆ•ã€‚</string>
<string name="faq_shortcut">以快æ·æ–¹å¼å•Ÿå‹•</string>
@@ -135,33 +135,33 @@
<string name="inline_file_tab">內嵌檔案</string>
<string name="error_importing_file">匯入éŽç¨‹ä¸­ç™¼ç”ŸéŒ¯èª¤</string>
<string name="import_error_message">無法從檔案系統中匯入檔案</string>
- <string name="inline_file_data">&lt;內嵌於設定檔&gt;</string>
- <string name="opentun_no_ipaddr">拒絕開啟 tun 沒有 IP 資訊的è£ç½®</string>
+ <string name="inline_file_data">[[內嵌於設定檔]]</string>
+ <string name="opentun_no_ipaddr">拒絕開啟沒有 IP 資訊的 tun è£ç½®</string>
<string name="menu_import">從 .ovpn 檔案匯入設定檔</string>
<string name="menu_import_short">匯入</string>
- <string name="import_content_resolve_error">匯入éŽç¨‹ä¸­ç„¡æ³•è®€å–設定檔</string>
+ <string name="import_content_resolve_error">無法讀å–設定檔來匯入</string>
<string name="error_reading_config_file">讀å–設定檔時發生錯誤</string>
<string name="add_profile">新增設定檔</string>
<string name="import_could_not_open">找ä¸åˆ°åœ¨å°Žå…¥é…置文件中æ到的文件%1$s</string>
<string name="importing_config">從æºé ­%1$så°Žå…¥é…置文件</string>
<string name="import_warning_custom_options">ä½ çš„é…置有沒有被映射到用戶界é¢é…置一些é…ç½®é¸é …。這些é¸é …被添加為自定義é…ç½®é¸é …。將顯示自定義é…置如下:</string>
<string name="import_done">æˆåŠŸè®€å–設定檔</string>
- <string name="nobind_summary">ä¸è¦ç¶å®šæœ¬åœ°åœ°å€å’Œç«¯å£</string>
- <string name="no_bind">沒有本地ç¶å®š</string>
+ <string name="nobind_summary">ä¸è¦ç¶å®šæœ¬æ©Ÿä½å€èˆ‡åŸ </string>
+ <string name="no_bind">沒有本機ç¶å®š</string>
<string name="import_configuration_file">匯入設定檔</string>
- <string name="faq_security_title">ä¿å®‰ä¸Šçš„考慮</string>
+ <string name="faq_security_title">安全考é‡</string>
<string name="faq_security">“由於OpenVPN是安全æ•æ„Ÿçš„有關安全性的幾個音符都是明智的。在​​SDå¡çš„所有數據本質上是ä¸å®‰å…¨çš„。æ¯ä¸€å€‹æ‡‰ç”¨ç¨‹åºå¯ä»¥è®€å–它(比如這個方案並ä¸éœ€è¦ç‰¹åˆ¥çš„SDå¡çš„權é™ï¼‰ã€‚此應用程åºçš„數據åªèƒ½è®€ç”±æ‡‰ç”¨ç¨‹åºæœ¬èº«ã€‚通éŽä½¿ç”¨CACERT /證書/密鑰的文件å°è©±æ¡†ä¸­çš„數據導入é¸é …存儲在VPNé…置文件的VPNé…置文件åªèƒ½ç”±è©²æ‡‰ç”¨ç¨‹åºé€²è¡Œè¨ªå•ã€‚(ä¸è¦å¿˜äº†åˆªé™¤åœ¨SD副本å¡å¾Œï¼‰ã€‚å³ä½¿åªèƒ½ç”±è©²æ‡‰ç”¨ç¨‹åºä¸­çš„數據ä»ç„¶æ˜¯æœªåŠ å¯†çš„,通éŽç”Ÿæ ¹é›»è©±æˆ–其他攻擊有å¯èƒ½æª¢ç´¢æ•¸æ“šã€‚ä¿å­˜çš„密碼是明文存儲以åŠå°æ–¼PKCS12文件,強烈建議你將它們導入到android的密鑰庫。“</string>
<string name="import_vpn">匯入</string>
- <string name="broken_image_cert_title">錯誤顯示證書é¸æ“‡</string>
+ <string name="broken_image_cert_title">顯示憑證é¸æ“‡éŒ¯èª¤</string>
<string name="broken_image_cert">有一個例外,試圖展示了Android 4.0+證書é¸æ“‡å°è©±æ¡†ã€‚這ä¸æ‡‰è©²ç™¼ç”Ÿï¼Œå› ç‚ºé€™æ¬¾Android 4.0+的標準功能。也許å°æ–¼è­‰æ›¸å­˜å„²ä½ çš„Andr​​oid ROM支æŒè¢«æ‰“ç ´</string>
<string name="ipv4">IPv4</string>
<string name="ipv6">IPv6</string>
- <string name="speed_waiting">等待狀態訊æ¯&#8230;</string>
- <string name="converted_profile">匯入設定檔</string>
- <string name="converted_profile_i">匯入設定檔 %d</string>
+ <string name="speed_waiting">等待狀態訊æ¯...</string>
+ <string name="converted_profile">已匯入設定檔</string>
+ <string name="converted_profile_i">已匯入設定檔 %d</string>
<string name="broken_images">æ壞的映åƒ</string>
<string name="broken_images_faq">&lt;p&gt;Official HTC圖åƒï¼Œå·²çŸ¥æœ‰ä¸€ç¨®å¥‡æ€ªçš„路由å•é¡Œé€ æˆäº¤é€šä¸æµéŽéš§é“(也&lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt;看到bug跟踪系統。)的的Xperia弧S和的Xperiaé›·&lt;/p&gt;&lt;p&gt;Older官方SONY圖åƒå·²è¢«å ±å°Žå®Œå…¨ç¼ºå°‘VPNService從圖åƒã€‚ (也&lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt;看到bug跟踪系統。)&lt;/p&gt;&lt;p&gt;On自定義生æˆçš„TUN模塊å¯èƒ½æœƒä¸Ÿå¤±ç…§ç‰‡æˆ–為/ dev / TUN的權利å¯èƒ½æ˜¯éŒ¯èª¤çš„。一些CM9圖åƒéœ€è¦åœ¨â€œè¨­å‚™ç‰¹å®šçš„黑客â€enabled.&lt;/p&gt;&lt;p&gt;Mosté‡è¦çš„是“修復所有權â€é¸é …:如果您的設備有一個破碎的機器人形象,報告給你的供應商。越多的人誰給供應商報告å•é¡Œæ™‚,他們越有å¯èƒ½è§£æ±ºit.&lt;/p&gt;</string>
- <string name="pkcs12_file_encryption_key">PKCS12檔加密金鑰</string>
+ <string name="pkcs12_file_encryption_key">PKCS12 檔加密金鑰</string>
<string name="private_key_password">ç§å¯†é‡‘鑰密碼</string>
<string name="password">密碼</string>
<string name="file_icon">檔案圖標</string>
@@ -186,7 +186,7 @@
<string name="faq_system_dialogs">系統的 VPN 連線警告說明這個應用程å¼å¯ä»¥æ””截所有æµé‡ï¼Œé€™æ˜¯é˜²æ­¢ VPNService API 被濫用。\n為了æ示正在進行的 VPN 連線, Android 系統會產生通知 (鑰匙符號) ,在一些系統中,會發出æ示è²ã€‚\nAndroid 這麼åšæ˜¯ç‚ºäº†ç¢ºä¿ä½ çš„安全。</string>
<string name="faq_system_dialogs_title">連線警告和通知時發出音效</string>
<string name="translationby">ç¹é«”中文</string>
- <string name="ipdns">IPå’ŒDNS</string>
+ <string name="ipdns">IP 和 DNS</string>
<string name="basic">基本</string>
<string name="routing">路由</string>
<string name="obscure">鮮為人知的OpenVPN設定,一般情æ³ä¸‹ä¸éœ€è¦æ´¾ä¸Šç”¨å ´ã€‚</string>
@@ -195,19 +195,18 @@
<string name="warn_no_dns">ä¸ä½¿ç”¨ä»»ä½•DNSæœå‹™å™¨ã€‚å稱解æžå¯èƒ½ç„¡æ³•æ­£å¸¸å·¥ä½œã€‚考慮設置自定義DNSæœå‹™å™¨ã€‚å¦è«‹æ³¨æ„,Android將繼續使用您的手機/ Wi-Fi連接指定的代ç†æœå‹™å™¨è¨­ç½®æ™‚沒有DNSæœå‹™å™¨è¨­ç½®ã€‚</string>
<string name="dns_add_error">無法添加DNSæœå‹™å™¨â€œ%1$sâ€ï¼Œç³»çµ±æ‹’絕:%2$s</string>
<string name="ip_add_error">無法é…ç½®IP地å€â€œ%1$sâ€ï¼Œç³»çµ±æ‹’絕:%2$s</string>
- <string name="faq_howto">&lt;p&gt;Get工作的é…置(從供應商/機構檢測您的電腦或下載)&lt;/p&gt;&lt;p&gt;If它沒有多餘的PEM / pks12文件,你å¯ä»¥è‡ªå·±é€šéŽé›»å­éƒµä»¶ç™¼é€æ–‡ä»¶å’Œæ‰“開附件的單個文件。如果您有多個文件,把它們放在你的SD card.&lt;/p&gt;&lt;p&gt;Click上的電å­éƒµä»¶é™„件/使用的文件夾圖標,在VPN列表導入é…ç½®file&lt;/p&gt;&lt;p&gt;If大約有丟失的文件將丟失的文件在你的SD card.&lt;/p&gt;&lt;p&gt;Click上ä¿å­˜éŒ¯èª¤æ¨™èªŒå°‡å°Žå…¥çš„VPN添加到您的VPN list&lt;/p&gt;&lt;p&gt;Connectçš„VPN通éŽé»žæ“ŠVPN&lt;/p&gt;&lt;p&gt;Ifçš„å字有錯誤或警告日誌試著去了解警告/錯誤,並嘗試修復them&lt;/p&gt; </string>
+ <string name="faq_howto">&lt;p&gt;å–得正在使用的設定(在電腦測試éŽçš„,或從供應商/組織下載的)&lt;/p&gt;&lt;p&gt;如果單一檔案且沒有沒有é¡å¤– pem/pks12 檔案,你å¯ä»¥ç™¼é€é€™å€‹æª”案給自,打開附件。如果你有多個檔案,把他們放在你的 SD å¡ã€‚&lt;/p&gt;&lt;p&gt;é»žé¸ email 附件/使用在 VPN 清單的資料夾圖示,來匯入設定檔&lt;/p&gt;&lt;p&gt;如果有關在 SD å¡å…§ï¼Œæª”案éºå¤±çš„錯誤。&lt;/p&gt;&lt;p&gt;點é¸å„²å­˜ç¬¦è™Ÿï¼Œä¾†åŠ å…¥å·²åŒ¯å…¥çš„ VPN 到你的 VPN 清單內&lt;/p&gt;&lt;p&gt;é»žé¸ VPN çš„å稱來連線到此 VPN&lt;/p&gt;&lt;p&gt;如果在日誌中發ç¾éŒ¯èª¤æˆ–警告,試著去了解警告/錯誤,並嘗試修復它&lt;/p&gt; </string>
<string name="faq_howto_title">快速入門</string>
<string name="setting_loadtun_summary">在連線å‰å˜—試載入 Tun æ¨¡çµ„ï¼Œéœ€è¦ Root。</string>
<string name="setting_loadtun">載入 tun 模組</string>
<string name="importpkcs12fromconfig">å°Žå…¥PKCS12從é…置到Android的密鑰庫</string>
<string name="getproxy_error">å–得代ç†ä¼ºæœå™¨è³‡è¨Šæ™‚發生錯誤: %s</string>
- <string name="using_proxy">使用代ç†ä¼ºæœå™¨ %1$s %2$d</string>
<string name="use_system_proxy">使用系統代ç†</string>
<string name="use_system_proxy_summary">使用系統é…置的 HTTP/HTTPS 代ç†ä¼ºæœå™¨é€²è¡Œé€£ç·šã€‚</string>
<string name="onbootrestartsummary">OpenVPN 將會在系統啟動時連線到特定的 VPN。在 Android &lt; 5.0 上使用這個設定å‰ï¼Œè«‹é–±è®€é€£ç·šè­¦å‘Š FAQ。</string>
<string name="onbootrestart">啟動時連線</string>
<string name="ignore">忽略</string>
- <string name="restart">é‡ç½®</string>
+ <string name="restart">é‡æ–°å•Ÿå‹•</string>
<string name="restart_vpn_after_change">é…置變更åªæœƒåœ¨é‡æ–°å•Ÿå‹•VPN時æ‰ç”Ÿæ•ˆï¼Œç¾åœ¨è¦(é‡æ–°)å•Ÿå‹•VPN嗎?</string>
<string name="configuration_changed">設定已變更</string>
<string name="log_no_last_vpn">無法判斷最後一次連線使用的設定檔,因此無法編輯設定檔。</string>
@@ -222,7 +221,7 @@
<string name="persisttun_summary">當 OpenVPN é‡æ–°é€£ç·šæ™‚,æŒçºŒä½¿ç”¨ VPN 連線。</string>
<string name="persistent_tun_title">ä¿æŒ tun 通é“</string>
<string name="openvpn_log">OpenVPN é‹ä½œè¨˜éŒ„</string>
- <string name="import_config">匯入 OpenVPN é…ç½®</string>
+ <string name="import_config">匯入 OpenVPN 設定</string>
<string name="battery_consumption_title">電池消耗</string>
<string name="baterry_consumption">在我個人的測試中的 OpenVPN 高電池消耗的主è¦åŽŸå› æ˜¯ä¿æ´»è³‡æ–™åŒ…。大多數的 OpenVPN 伺æœå™¨æœ‰ä¸€å€‹é…ç½®æŒ‡ä»¤åƒ \' keepalive 10 60\',這會導致用戶端和伺æœå™¨äº¤æ›ä¿æ´»è³‡æ–™åŒ…æ¯å秒。&lt; P &gt; 雖然這些資料包是å°å’Œä¸ä½¿ç”¨å¤ªå¤šçš„交通,它們ä¿æŒç§»å‹•ç„¡ç·šé›»ç¶²è·¯å¿™ï¼Œå¢žåŠ äº†èƒ½æºæ¶ˆè€—。(è«‹åƒè¦‹ &lt; href =\"HTTP://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt; 無線電狀態機 |Android 開發者 &lt; /a &gt;) &lt; p &gt; æ­¤ keepalive 設置ä¸èƒ½æ›´æ”¹ç”¨æˆ¶ç«¯ä¸Šã€‚åªæœ‰ OpenVPN 的系統管ç†å“¡å¯ä»¥æ›´æ”¹çš„設置。&lt; P &gt; ä¸å¹¸çš„ udp 使用ä¿æ´»å¤§æ–¼ 60 秒å¯ä»¥å°Žè‡´ä¸€äº› NAT é–˜é“來斷開連接由於ä¸æ´»å‹•è¶…時。用ä¸äº†å¤šä¹…使用 TCP ä¿æŒæ´»è‘—è¶…æ™‚å·¥ä½œï¼Œä½†éš§é“ TCP é€šéŽ TCP 表ç¾æ¥µç‚ºä¸ä½³èˆ‡é«˜è³‡æ–™åŒ…丟失連接上。(è«‹åƒé–± &lt; href =\"HTTP://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt; 為什麼 TCP 在 TCP æ˜¯ä¸€å€‹å£žé»žå­ &lt; /a &gt;)</string>
<string name="faq_tethering">網路共用的功能 (é€éŽ Wi-Fiã€USB 或è—牙) å’Œ VPNService API (此程å¼ä½¿ç”¨) ä¸ä¸€èµ·ä½œç”¨ã€‚更多細節請看 &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/34\"&gt;issue #34&lt;/a&gt;</string>
@@ -239,14 +238,14 @@
<string name="session_ipv6string">%1$s - %3$s, %2$s</string>
<string name="state_connecting">連線中</string>
<string name="state_wait">等待伺æœå™¨å›žè¦†</string>
- <string name="state_auth">身份驗證</string>
- <string name="state_get_config">å–得客戶端é…ç½®</string>
+ <string name="state_auth">身份驗證中...</string>
+ <string name="state_get_config">正在å–得客戶端設定</string>
<string name="state_assign_ip">åˆ†é… IP ä½å€</string>
- <string name="state_add_routes">添加路由</string>
+ <string name="state_add_routes">增加路由</string>
<string name="state_connected">已連線</string>
<string name="state_disconnected">中斷連線</string>
<string name="state_reconnecting">正在é‡æ–°é€£ç·š</string>
- <string name="state_exiting">退出</string>
+ <string name="state_exiting">離開</string>
<string name="state_noprocess">ä¸åœ¨åŸ·è¡Œ</string>
<string name="state_resolve">解æžä¸»æ©Ÿå稱</string>
<string name="state_tcp_connect">連線中 (TCP)</string>
@@ -254,8 +253,8 @@
<string name="state_nonetwork">等待å¯ä½¿ç”¨çš„網路</string>
<string name="statusline_bytecount">↓%2$s/秒 %1$s - ↑%4$s/秒 %3$s</string>
<string name="notifcation_title_notconnect">未連線</string>
- <string name="start_vpn_title">正在連接至 VPN %s</string>
- <string name="start_vpn_ticker">正在連接至 VPN %s</string>
+ <string name="start_vpn_title">正在連線至 VPN %s</string>
+ <string name="start_vpn_ticker">正在連線至 VPN %s</string>
<string name="jelly_keystore_alphanumeric_bug">如果,密鑰憑證的å稱包å«éžå­—æ¯æ•¸å­—å­—å…ƒ (如空白ã€åº•ç·šã€ç ´æŠ˜è™Ÿ),在æŸäº› Android 4.1 版本å¯èƒ½æœƒå‡ºç¾å•é¡Œã€‚請嘗試é‡æ–°åŒ¯å…¥ä¸å«ç‰¹æ®Šå­—元的憑證。</string>
<string name="encryption_cipher">加密密鑰</string>
<string name="packet_auth">å°åŒ…é©—è­‰</string>
@@ -265,28 +264,26 @@
<string name="official_build">æ­£å¼ç‰ˆæœ¬</string>
<string name="make_selection_inline">複製到設定檔</string>
<string name="crashdump">異常傾å°</string>
- <string name="add">添加</string>
- <string name="send_config">發é€é…置檔</string>
+ <string name="add">增加</string>
+ <string name="send_config">傳é€è¨­å®šæª”案</string>
<string name="complete_dn">完整的 DN</string>
<string name="remotetlsnote">你匯入的設定使用了已經éŽèˆŠä¸”ä¸å»ºè­°çš„ tls-remote é¸é …使用了ä¸åŒçš„ DN æ ¼å¼ã€‚</string>
<string name="rdn">RDN (common name)</string>
<string name="rdn_prefix">RDN å‰ç¶´</string>
<string name="tls_remote_deprecated">tls-remote (ä¸å»ºè­°ä½¿ç”¨)</string>
- <string name="help_translate">您å¯ä»¥è¨ªå•
-http://crowdin.net/project/ics-openvpn/invite
-幫助我們翻譯本軟體</string>
+ <string name="help_translate">ä½ å¯ä»¥æ‹œè¨ª http://crowdin.net/project/ics-openvpn/invite 來å”助翻譯</string>
<string name="prompt">%1$s 試圖控制 %2$s</string>
<string name="remote_warning">你正在æ供這個應用程å¼å®Œå…¨æŽ§åˆ¶ OpenVPN for Android 與攔截所有網路æµé‡çš„權é™ï¼Œ<b>ä¸å…許,除éžä¿¡ä»»æ­¤æ‡‰ç”¨ç¨‹å¼ã€‚</b>å¦å‰‡ï¼Œä½ çš„資料會å—到惡æ„軟體洩æ¼çš„風險。</string>
- <string name="remote_trust">信任此應用程å¼</string>
+ <string name="remote_trust">我信任此應用程å¼</string>
<string name="no_external_app_allowed">ä¸å…許應用程å¼ä½¿ç”¨å¤–部 API </string>
<string name="allowed_apps">å…許的應用程å¼ï¼š%s</string>
<string name="clearappsdialog">清除å…許外部應用程å¼çš„清單?\nç›®å‰çš„å…許應用程å¼çš„清單:\n\n%s</string>
<string name="screenoff_summary">當螢幕關閉和 60 秒內的傳輸資料,å°æ–¼ 60 KB çš„æ™‚ï¼Œæš«åœ VPN。當 「ä¿æŒ Tun 通é“ã€é¸é …é–‹å•Ÿæ™‚ï¼Œæš«åœ VPN 會讓你的è£ç½®æ²’有網路連線。如果ä¸ä½¿ç”¨ã€Œä¿æŒ Tun 通é“ã€é¸é …,這個è£ç½®æœƒæ²’有 VPN 連線/ä¿è­·ã€‚</string>
- <string name="screenoff_title">當螢幕關閉時暫åœVPN連線</string>
+ <string name="screenoff_title">ç•¶èž¢å¹•é—œé–‰æ™‚æš«åœ VPN 連線</string>
<string name="screenoff_pause">螢幕在關閉狀態時暫åœé€£ç·šï¼šå°‘æ–¼ %1$s 在 %2$s 秒</string>
<string name="screen_nopersistenttun">警告:ä¿æŒ tun 通é“沒有在此 VPN 中開啟。當螢幕關閉時,將會使用一般的網際網路連線。</string>
<string name="save_password">記ä½å¯†ç¢¼</string>
- <string name="pauseVPN">æš«åœVPN</string>
+ <string name="pauseVPN">æš«åœ VPN</string>
<string name="resumevpn">æ¢å¾© VPN</string>
<string name="state_userpause">使用者è¦æ±‚æš«åœ VPN</string>
<string name="state_screenoff">VPN æš«åœ - 螢幕關閉</string>
@@ -315,12 +312,12 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="unhandled_exception">未處ç†çš„異常:%1$s \n\n %2$s</string>
<string name="unhandled_exception_context">%3$s:%1$s \n\n %2$s</string>
<string name="faq_system_dialog_xposed">如果你的 Android è£ç½®å·²å–å¾— root 權é™ï¼Œä½ å¯ä»¥è‡ªè¡Œæ‰¿æ“”é¢¨éšªå®‰è£ &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; å’Œ &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm module&lt;/a&gt;</string>
- <string name="full_licenses">證照齊全</string>
- <string name="blocklocal_summary">直接連接到本地接å£çš„網絡將ä¸è¢«è·¯ç”±é€šéŽVPN。å–消é¸æ“‡æ­¤é¸é …將縮進é‡å®šå‘本地網絡的VPN的所有æµé‡ã€‚</string>
+ <string name="full_licenses">完整授權</string>
+ <string name="blocklocal_summary">直接連線到本機介é¢çš„網路將ä¸æœƒè¢«é€è‡³ VPN。å–消é¸æ“‡é€™å€‹é¸é …,將會把所有畚箕網路的æµé‡å°Žå‘ VPN。</string>
<string name="blocklocal_title">å°å€åŸŸç¶²è·¯ç¹žéŽ VPN</string>
<string name="userpw_file">用戶å稱/密碼</string>
<string name="imported_from_file">[從匯入:%s]</string>
- <string name="files_missing_hint">一些文件無法找到。請é¸æ“‡è¦å°Žå…¥çš„文件的é…置文件:</string>
+ <string name="files_missing_hint">無法找到一些文件。請é¸æ“‡æª”案來匯入設定:</string>
<string name="openvpn_is_no_free_vpn">è¦ä½¿ç”¨é€™å€‹ç¨‹åºï¼Œä½ éœ€è¦ä¸€å€‹VPN供應商/ VPN支æŒOpenVPN的網關(通常由雇主æ供)。查看http://community.openvpn.net/關於OpenVPN的更多信æ¯ï¼Œä»¥åŠå¦‚何設置自己的OpenVPNæœå‹™å™¨ã€‚</string>
<string name="import_log">匯入日誌:</string>
<string name="ip_looks_like_subnet">VPN拓撲“%3$sâ€è¦å®šï¼Œä½†ä½¿ç”¨ifconfig %1$s %2$s看起來更åƒæ˜¯ä¸€å€‹ç¶²çµ¡æŽ©ç¢¼çš„IP地å€ã€‚å‡è¨­â€œå­ç¶²â€çš„æ‹“æ’²çµæ§‹ã€‚</string>
@@ -330,24 +327,24 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="mssfix_checkbox">覆寫TCP è£è¼‰è³‡æ–™ (payload) çš„æœ€å¤§åˆ†æ®µå¤§å° (MSS) 值</string>
<string name="mssfix_dialogtitle">設定 TCP è£è¼‰è³‡æ–™ (payload) çš„æœ€å¤§åˆ†æ®µå¤§å° (MSS)</string>
<string name="client_behaviour">客戶端行為</string>
- <string name="clear_external_apps">清除å…許外部應用程åº</string>
+ <string name="clear_external_apps">清除å…許外部應用程å¼</string>
<string name="loading">載入中...</string>
- <string name="allowed_vpn_apps_info">å…許上傳的VPN應用程åºï¼š%1$s</string>
+ <string name="allowed_vpn_apps_info">å…許的 VPN 應用程å¼ï¼š%1$s</string>
<string name="disallowed_vpn_apps_info">ä¸å…許的 VPN 應用程å¼ï¼š%1$s</string>
<string name="app_no_longer_exists">包%sä¸å†å®‰è£ï¼Œå¾žæ‡‰ç”¨ç¨‹åºåˆªé™¤å®ƒå…許/ç¦æ­¢åˆ—表</string>
- <string name="vpn_disallow_radio">VPNé©ç”¨æ–¼æ‰€æœ‰çš„應用程åºï¼Œä½†ä¸åŒ…括所é¸</string>
- <string name="vpn_allow_radio">çš„VPN僅用於å°é¸å®šçš„應用程åº</string>
+ <string name="vpn_disallow_radio">VPN 用於全部的應用程å¼ï¼Œä½†ä¸åŒ…å«é¸æ“‡çš„</string>
+ <string name="vpn_allow_radio">VPN 僅用於é¸æ“‡çš„應用程å¼</string>
<string name="query_delete_remote">刪除é ç«¯ä¼ºæœå™¨é …目?</string>
- <string name="keep">養</string>
- <string name="delete">刪</string>
- <string name="add_remote">添加新的é ç¨‹</string>
+ <string name="keep">ä¿æŒ</string>
+ <string name="delete">刪除</string>
+ <string name="add_remote">加入新的é ç«¯ä¼ºæœå™¨</string>
<string name="remote_random">連線時,隨機é¸æ“‡é€£ç·šé …ç›®</string>
<string name="remote_no_server_selected">您需è¦å®šç¾©å’Œå•Ÿç”¨è‡³å°‘一個é ç«¯ä¼ºæœå™¨ã€‚</string>
<string name="server_list">伺æœå™¨åˆ—表</string>
<string name="vpn_allowed_apps">å…許的應用程å¼</string>
<string name="advanced_settings">進階設定</string>
<string name="payload_options">資料 (payload) é¸é …</string>
- <string name="tls_settings">TLS設定</string>
+ <string name="tls_settings">TLS 設定</string>
<string name="no_remote_defined">é ç«¯æ²’有定義</string>
<string name="duplicate_vpn">é‡è¤‡çš„ VPN 設定檔</string>
<string name="duplicate_profile_title">複製設定檔︰ %s</string>
@@ -360,8 +357,10 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="ab_kitkat_mss">早期的 KitKat 版本在 TCP é€£ç·šä¸­ï¼Œè¨­å®šéŒ¯èª¤çš„æœ€å¤§åˆ†æ®µå¤§å° (MSS) 值 (#61948)。試著開啟 mssfix é¸é …來繞開這個 bug。</string>
<string name="ab_proxy">Android 沒有 DNS 伺æœå™¨è¨­å®šæ™‚,會繼續使用你指定的行動/Wi-Fi 連線代ç†è¨­å®šã€‚OpenVPN for Android 會在日誌中記錄警告訊æ¯ã€‚<p>當 VPN 有設定 DNS 伺æœå™¨æ™‚,因為,Android API 中無法為 VPN 連線設定代ç†ï¼Œæ‰€ä»¥ï¼Œå°‡ä¸æœƒä½¿ç”¨ä»£ç†è¨­å®šã€‚</p></string>
<string name="ab_lollipop_reinstall">當解除安è£æˆ–é‡æ–°å®‰è£ï¼ŒVPN 應用程å¼ä¹Ÿæœƒåœæ­¢é‹ä½œã€‚詳細資訊起åƒé–± #80074</string>
- <string name="ab_not_route_to_vpn">å°ç£ç¹é«”中文</string>
+ <string name="ab_not_route_to_vpn">已設定的客戶端 IP åŠåœ¨æ­¤ç¶²è·¯é®ç½©çš„ IP ä¸æœƒè·¯ç”±åˆ° VPN。OpenVPN 以明確加入一æ¢å°æ‡‰åˆ°å®¢æˆ¶ç«¯ IP 與此å­ç¶²è·¯é®ç½©çš„路由,來嘗試解決這個å•é¡Œã€‚</string>
+ <string name="ab_persist_tun">Sdjddnnsmssjhfjdd</string>
<string name="ab_secondary_users">VPN ä¸æœƒå°æ¬¡ç´šä½¿ç”¨è€…作用。</string>
+ <string name="ab_kitkat_reconnect">「許多使用者回報,在使用 VPN 應用程å¼æ™‚,行動連線/行動數據連線經常被斷線。這個行為似乎åªå½±éŸ¿ä¸€äº›è¡Œå‹•ä¾›æ‡‰å•†/è£ç½®çµåˆï¼Œç›®å‰ç‚ºæ­¢ï¼Œæ²’有原因/解決å¯è¾¨åˆ¥è©²éŒ¯èª¤ã€‚ã€</string>
<string name="ab_vpn_reachability_44">Vpn是幹嗎?</string>
<string name="ab_only_cidr_title">éžç„¡é¡žåˆ¥åŸŸé–“ (CIDR) 路由</string>
<string name="ab_proxy_title">VPN 的代ç†è¡Œç‚º</string>
@@ -372,20 +371,21 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="ab_kitkat_mss_title">VPN é€£ç·šéŒ¯èª¤çš„æœ€å¤§åˆ†æ®µå¤§å° (MSS) 值</string>
<string name="ab_secondary_users_title">二级平æ¿ç”µè„‘用户</string>
<string name="custom_connection_options_warng">指定自訂連線的特定é¸é …,請å°å¿ƒä½¿ç”¨</string>
- <string name="custom_connection_options">自定義é¸é …</string>
+ <string name="custom_connection_options">自訂的é¸é …</string>
<string name="remove_connection_entry">刪除連線項目</string>
- <string name="ab_kitkat_reconnect_title">了解!</string>
+ <string name="ab_kitkat_reconnect_title">從行動網路隨機斷線</string>
<string name="ab_vpn_reachability_44_title">é ç«¯ç¶²è·¯ç„¡æ³•é€£ç·š</string>
<string name="ab_persist_tun_title">ä¿æŒ tun 模å¼</string>
<string name="version_and_later">%s åŠæ›´é«˜ç‰ˆæœ¬</string>
- <string name="tls_cipher_alert_title">連接失敗,SSL23_GET_SERVER_HELLO:sslv3 æ¡æ‰‹å¤±æ•—</string>
+ <string name="tls_cipher_alert_title">連線失敗,SSL23_GET_SERVER_HELLO:sslv3 警告交æ¡å¤±æ•—</string>
<string name="message_no_user_edit">é€™å€‹è¨­å®šæª”å·²è¢«å¾žå¤–éƒ¨æ‡‰ç”¨ç¨‹å¼ (%s) 新增,並標記為使用者無法編輯。</string>
<string name="crl_file">憑證撤銷清單</string>
- <string name="import_config_error">å°Žå…¥é…置產生錯誤,無法ä¿å­˜</string>
- <string name="Search">æœç´¢</string>
+ <string name="service_restarted">正在é‡æ–°å•Ÿå‹• OpenVPN æœå‹™ï¼ˆæ‡‰ç”¨ç¨‹å¼ç•¶æ©Ÿå¯èƒ½å› ç‚ºè¨˜æ†¶é«”壓力而當機或被終止)</string>
+ <string name="import_config_error">匯入設定發生錯誤,無法儲存</string>
+ <string name="Search">æœå°‹</string>
<string name="lastdumpdate">(最後傾å°æ˜¯ %1$d:%2$dh ä¹… (%3$s))</string>
<string name="clear_log_on_connect">清除新連線的記錄</string>
- <string name="connect_timeout">連線超時</string>
+ <string name="connect_timeout">連線逾時</string>
<string name="query_permissions_sdcard">添加新的é ç¨‹</string>
<string name="protocol">å”定</string>
<string name="enabled_connection_entry">啟用</string>
@@ -404,6 +404,7 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="novpn_selected">沒有 VPN 被é¸æ“‡</string>
<string name="defaultvpn">é è¨­ VPN</string>
<string name="defaultvpnsummary">VPN 在 VPN 需è¦é è¨­ä½¿ç”¨åœ¨çš„地方。這些å°æ–¼ç›®å‰ä¸Šå•Ÿå‹•ï¼Œç¸½æ˜¯åœ¨å’Œå¿«é€Ÿè¨­ç½®å¹³é‹ªã€‚</string>
+ <string name="vpnselected">ç›®å‰é¸æ“‡çš„ VPN:「%sã€</string>
<string name="reconnect">é‡æ–°é€£ç·š</string>
<string name="qs_title">åˆ‡æ› VPN</string>
<string name="qs_connect">連線到 %s</string>
@@ -412,4 +413,44 @@ http://crowdin.net/project/ics-openvpn/invite
<string name="state_waitconnectretry">連線é‡è©¦é–“,等待 %s 秒。</string>
<string name="change_sorting">更改排åº</string>
<string name="sort">排åº</string>
+ <string name="sorted_lru">根據最近使用來排åºè¨­å®šæª”</string>
+ <string name="sorted_az">根據å稱來排åºè¨­å®šæª”</string>
+ <string name="graph">圖表</string>
+ <string name="use_logarithmic_scale">使用å°æ•¸å°ºåº¦</string>
+ <string name="notenoughdata">沒有足夠的資料</string>
+ <string name="avghour">æ¯å°æ™‚å¹³å‡</string>
+ <string name="avgmin">æ¯åˆ†é˜å¹³å‡</string>
+ <string name="last5minutes">最後 5 分é˜</string>
+ <string name="data_in">進</string>
+ <string name="data_out">出</string>
+ <string name="bits_per_second">%.0f bit/s</string>
+ <string name="kbits_per_second">%.1f kbit/s</string>
+ <string name="mbits_per_second">%.1f Mbit/s</string>
+ <string name="gbits_per_second">%.1f Gbit/s</string>
+ <string name="weakmd">&lt;p&gt;從 OpenSSL 1.1 版本, OpenSSL 拒絕憑證中的弱簽章,如
+ MD5。&lt;/p&gt;&lt;p&gt;&lt;b&gt;MD5 簽章完全ä¸å®‰å…¨ï¼Œä¸”ä¸è©²å†ä½¿ç”¨ã€‚&lt;/b&gt; MD5
+ 碰撞 &lt;a
+ href=\"https://natmchugh.blogspot.de/2015/02/create-your-own-md5-collisions.html\"&gt;在幾å°æ™‚內以å°æˆæœ¬ç”¢ç”Ÿ&lt;/a&gt;。
+ 你應該盡快更新 VPN 憑證。&lt;/p&gt;&lt;p&gt;ä¸å¹¸çš„是,舊的 easy-rsa
+ 發行版包å«äº† \"\"default_md md5\" 的設定é¸é …。如果您正使用舊版的 easy-rsa,更新到
+ &lt;a href=\"https://github.com/OpenVPN/easy-rsa/releases\"&gt;最新版本&lt;/a&gt;) 或將 md5 æ›è‡³ sha256 åŠ
+ é‡æ–°ç”¢ç”Ÿæ‚¨çš„憑證。&lt;/p&gt;&lt;p&gt;如果你真的想使用破舊的憑證,使用自訂的
+ 設定é¸é … tls-cipher \"DEFAULT:@SECLEVEL=0\" 在進階設定中,或é¡å¤–加一行在您的
+ 已匯入的設定內&lt;/p&gt;
+ </string>
+ <string name="volume_byte">%.0f B</string>
+ <string name="volume_kbyte">%.1f kB</string>
+ <string name="volume_mbyte">%.1f MB</string>
+ <string name="volume_gbyte">%.1f GB</string>
+ <string name="channel_name_background">連線統計</string>
+ <string name="channel_description_background">正在統計已建立的 OpenVPN 連線</string>
+ <string name="channel_name_status">連線狀態改變</string>
+ <string name="channel_description_status">OpenVPN 連線狀態改變(正在連線,正在驗證...)</string>
+ <string name="weakmd_title">在憑證簽章中的弱(MD5)雜湊(SSL_CTX_use_certificate md too weak)</string>
+ <string name="title_activity_open_sslspeed">OpenSSL 速度測試</string>
+ <string name="openssl_cipher_name">OpenSSL cipher å稱</string>
+ <string name="osslspeedtest">OpenSSL 加密速度測試</string>
+ <string name="openssl_error">OpenSSL 回傳一個錯誤</string>
+ <string name="running_test">執行測試中...</string>
+ <string name="test_algoirhtms">測試已é¸æ“‡çš„演算法</string>
</resources>
diff --git a/app/src/main/res/values/strings-icsopenvpn.xml b/app/src/main/res/values/strings-icsopenvpn.xml
index 5094b909..b390ecec 100755
--- a/app/src/main/res/values/strings-icsopenvpn.xml
+++ b/app/src/main/res/values/strings-icsopenvpn.xml
@@ -181,6 +181,7 @@
<string name="show_log_window">Show log window</string>
<string name="mobile_info">%10$s %9$s running on %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
<string name="error_rsa_sign">Error signing with Android keystore key %1$s: %2$s</string>
+ <string name="error_extapp_sign">Error signing with external authenticator app (%3$s): %1$s: %2$s</string>
<string name="faq_system_dialogs">The VPN connection warning telling you that this app can intercept all traffic is imposed by the system to prevent abuse of the VPNService API.\nThe VPN connection notification (The key symbol) is also imposed by the Android system to signal an ongoing VPN connection. On some images this notification plays a sound.\nAndroid introduced these system dialogs for your own safety and made sure that they cannot be circumvented. (On some images this unfortunately includes a notification sound)</string>
<string name="faq_system_dialogs_title">Connection warning and notification sound</string>
<string name="translationby">English translation by Arne Schwabe&lt;arne@rfc2549.org&gt;</string>
@@ -199,7 +200,7 @@
<string name="setting_loadtun">Load tun module</string>
<string name="importpkcs12fromconfig">Import PKCS12 from configuration into Android Keystore</string>
<string name="getproxy_error">Error getting proxy settings: %s</string>
- <string name="using_proxy">Using proxy %1$s %2$d</string>
+ <string name="using_proxy">Using proxy %1$s %2$s</string>
<string name="use_system_proxy">Use system proxy</string>
<string name="use_system_proxy_summary">Use the system wide configuration for HTTP/HTTPS proxies to connect.</string>
<string name="onbootrestartsummary">OpenVPN will connect the specified VPN if it was active on system boot. Please read the connection warning FAQ before using this option on Android &lt; 5.0.</string>
@@ -250,6 +251,7 @@
<string name="state_tcp_connect">Connecting (TCP)</string>
<string name="state_auth_failed">Authentication failed</string>
<string name="state_nonetwork">Waiting for usable network</string>
+ <string name="state_waitorbot">Waiting for Orbot to start</string>
<string name="statusline_bytecount">↓%2$s %1$s - ↑%4$s %3$s</string>
<string name="notifcation_title_notconnect">Not connected</string>
<string name="start_vpn_title">Connecting to VPN %s</string>
@@ -465,5 +467,24 @@
<string name="all_app_prompt">An external app tries to control %s. The app requesting access cannot be determined. Allowing this app grants ALL apps access.</string>
<string name="openvpn3_nostatickeys">The OpenVPN 3 C++ implementation does not support static keys. Please change to OpenVPN 2.x under general settings.</string>
<string name="openvpn3_pkcs12">Using PKCS12 files directly with OpenVPN 3 C++ implementation is not supported. Please import the pkcs12 files into the Android keystore or change to OpenVPN 2.x under general settings.</string>
+ <string name="proxy">Proxy</string>
+ <string name="Use_no_proxy">None</string>
+ <string name="tor_orbot">Tor (Orbot)</string>
+ <string name="openvpn3_socksproxy">OpenVPN 3 C++ implementation does not support connecting via Socks proxy</string>
+ <string name="no_orbotfound">Orbot application cannot be found. Please install Orbot or use manual Socks v5 integration.</string>
+ <string name="faq_remote_api_title">Remote API</string>
+ <string name="faq_remote_api">OpenVPN for Android supports two remote APIs, a sophisticated API using AIDL (remoteEXample in the git repository) and a simple one using Intents. &lt;p>Examples using adb shell and the intents. Replace profilname with your profile name&lt;p>&lt;p> adb shell am start-activity -a android.intent.action.MAIN de.blinkt.openvpn/.api.DisconnectVPN&lt;p> adb shell am start-activity -a android.intent.action.MAIN -e de.blinkt.openvpn.api.profileName Blinkt de.blinkt.openvpn/.api.ConnectVPN</string>
+ <string name ="enableproxyauth">Enable Proxy Authentication</string>
+ <string name="error_orbot_and_proxy_options">Cannot use extra http-proxy-option statement and Orbot integration at the same timeO</string>
+ <string name="info_from_server">Info from server: \'%s\'</string>
+ <string name="channel_name_userreq">User interaction required</string>
+ <string name="channel_description_userreq">OpenVPN connection requires a user input, e.g. two factor
+ authentification
+ </string>
+ <string name="openurl_requested">Open URL to continue VPN authentication</string>
+ <string name="state_auth_pending">Authentication pending</string>
+ <string name="external_authenticator">External Authenticator</string>
+ <string name="configure">Configure</string>
+ <string name="extauth_not_configured">External Authneticator not configured</string>
</resources>
diff --git a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
index 54029628..ac49f988 100644
--- a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
+++ b/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
@@ -1,21 +1,30 @@
package de.blinkt.openvpn.core;
-import net.openvpn.ovpn3.ClientAPI_Config;
-import net.openvpn.ovpn3.ClientAPI_EvalConfig;
-import net.openvpn.ovpn3.ClientAPI_Event;
-import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest;
-import net.openvpn.ovpn3.ClientAPI_ExternalPKISignRequest;
-import net.openvpn.ovpn3.ClientAPI_LogInfo;
-import net.openvpn.ovpn3.ClientAPI_OpenVPNClient;
-import net.openvpn.ovpn3.ClientAPI_ProvideCreds;
-import net.openvpn.ovpn3.ClientAPI_Status;
-import net.openvpn.ovpn3.ClientAPI_TransportStats;
+import android.net.*;
+import android.os.Build;
+import se.leap.bitmaskclient.R;
+import net.openvpn.ovpn3.*;
import java.lang.Override;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.util.Locale;
+import java.util.Vector;
import de.blinkt.openvpn.VpnProfile;
import android.content.Context;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.*;
+import net.openvpn.ovpn3.ClientAPI_Config;
+import net.openvpn.ovpn3.ClientAPI_EvalConfig;
+import net.openvpn.ovpn3.ClientAPI_Event;
+import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest;
public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement {
@@ -164,8 +173,12 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
}
- @Override
+ final static long EmulateExcludeRoutes = (1 << 16);
+
+ @Override
public boolean tun_builder_reroute_gw(boolean ipv4, boolean ipv6, long flags) {
+ if ((flags & EmulateExcludeRoutes) != 0)
+ return true;
if (ipv4)
mService.addRoute("0.0.0.0", "0.0.0.0", "127.0.0.1", OpenVPNService.VPNSERVICE_TUN);
@@ -188,6 +201,9 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
config.setGuiVersion(mVp.getVersionEnvString(mService));
//config.setPlatformVersion(mVp.getPlatformVersionEnvString());
config.setExternalPkiAlias("extpki");
+ config.setCompressionMode("asym");
+ config.setInfo(true);
+ config.setAllowLocalLanAccess(mVp.mAllowLocalLAN);
ClientAPI_EvalConfig ec = eval_config(config);
if(ec.getExternalPki()) {
@@ -202,10 +218,11 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
}
}
+
@Override
public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) {
VpnStatus.logDebug("Got external PKI certificate request from OpenVPN core");
- String[] ks = mVp.getKeyStoreCertificates((Context) mService);
+ String[] ks = mVp.getExternalCertificates(mService);
if(ks==null) {
certreq.setError(true);
certreq.setErrorText("Error in pki cert request");
@@ -224,7 +241,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
@Override
public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) {
VpnStatus.logDebug("Got external PKI signing request from OpenVPN core");
- signreq.setSig(mVp.getSignedData(signreq.getData()));
+ signreq.setSig(mVp.getSignedData(mService, signreq.getData(),true));
}
void setUserPW() {
@@ -277,9 +294,29 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
@Override
public void event(ClientAPI_Event event) {
- VpnStatus.updateStateString(event.getName(), event.getInfo());
+ String name = event.getName();
+ String info = event.getInfo();
+ if (name.equals("INFO")) {
+ VpnStatus.logInfo(R.string.info_from_server, info);
+ if (info.startsWith("OPEN_URL:"))
+ {
+ mService.trigger_url_open(info);
+ }
+ } else{
+ VpnStatus.updateStateString(name, info);
+ }
if(event.getError())
- VpnStatus.logError(String.format("EVENT(Error): %s: %s",event.getName(),event.getInfo()));
+ VpnStatus.logError(String.format("EVENT(Error): %s: %s", name, info));
+ }
+
+ @Override
+ public net.openvpn.ovpn3.ClientAPI_StringVec tun_builder_get_local_networks(boolean ipv6)
+ {
+
+ net.openvpn.ovpn3.ClientAPI_StringVec nets = new net.openvpn.ovpn3.ClientAPI_StringVec();
+ for (String net: NetworkUtils.getLocalNetworks(mService, ipv6))
+ nets.add(net);
+ return nets;
}
diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestConfigGenerator.java b/app/src/test/java/de/blinkt/openvpn/core/TestConfigGenerator.java
new file mode 100644
index 00000000..892a5807
--- /dev/null
+++ b/app/src/test/java/de/blinkt/openvpn/core/TestConfigGenerator.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2012-2018 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.core;
+
+import android.content.Context;
+import android.content.pm.PackageManager;
+
+import junit.framework.Assert;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.RuntimeEnvironment;
+import org.robolectric.annotation.Config;
+
+import de.blinkt.openvpn.VpnProfile;
+
+import static de.blinkt.openvpn.VpnProfile.AUTH_RETRY_NOINTERACT;
+import static de.blinkt.openvpn.VpnProfile.TYPE_USERPASS;
+
+/**
+ * Created by arne on 14.03.18.
+ */
+
+@Config(manifest= Config.NONE)
+@RunWith(RobolectricTestRunner.class)
+public class TestConfigGenerator {
+ @Test
+ public void testAuthRetryGen() throws PackageManager.NameNotFoundException {
+ /*Context mc = mock(Context.class);
+ PackageManager mpm = mock(PackageManager.class);
+
+ PackageInfo mpi = new PackageInfo();
+ mpi.versionCode = 177;
+ mpi.versionName = "foo";
+
+ when(mc.getCacheDir()).thenReturn(new File("/j/unit/test/"));
+ when(mc.getPackageName()).thenReturn("de.blinkt.openvpn");
+ when(mc.getPackageManager()).thenReturn(mpm);
+ when(mpm.getPackageInfo(eq("de.blinkt.openvpn"),eq(0))).thenReturn(mpi);*/
+
+
+
+ VpnProfile vp = new VpnProfile ("test") {
+ @Override
+ public String getVersionEnvString(Context c) {
+ return "no ver";
+ }
+
+ @Override
+ public String getPlatformVersionEnvString() {
+ return "test";
+ }
+ };
+
+ vp.mAuthenticationType = TYPE_USERPASS;
+ vp.mAuthRetry = AUTH_RETRY_NOINTERACT;
+ String config = vp.getConfigFile(RuntimeEnvironment.application, false);
+ Assert.assertTrue(config.contains("\nauth-retry nointeract\n"));
+ for (Connection connection: vp.mConnections)
+ Assert.assertTrue(connection.mProxyType == Connection.ProxyType.NONE);
+
+ }
+
+
+}
diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestConfigParser.java b/app/src/test/java/de/blinkt/openvpn/core/TestConfigParser.java
index 560d4fc8..41ee2981 100644
--- a/app/src/test/java/de/blinkt/openvpn/core/TestConfigParser.java
+++ b/app/src/test/java/de/blinkt/openvpn/core/TestConfigParser.java
@@ -5,21 +5,51 @@
package de.blinkt.openvpn.core;
+import android.app.Application;
+import android.content.Context;
+import se.leap.bitmaskclient.R;
import org.junit.Assert;
import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.RuntimeEnvironment;
import java.io.IOException;
import java.io.StringReader;
+import java.util.Arrays;
import de.blinkt.openvpn.VpnProfile;
+import org.robolectric.annotation.Config;
/**
* Created by arne on 03.10.16.
*/
+@Config(manifest= "src/main/AndroidManifest.xml")
+@RunWith(RobolectricTestRunner.class)
public class TestConfigParser {
- String miniconfig = "client\nremote test.blinkt.de\n";
+ public static final String fakeCerts = "<ca>\n" +
+ "-----BEGIN CERTIFICATE-----\n" +
+ "\n" +
+ "-----END CERTIFICATE-----\n" +
+ "\n" +
+ "</ca>\n" +
+ "\n" +
+ "<cert>\n" +
+ "-----BEGIN CERTIFICATE-----\n" +
+ "\n" +
+ "-----END CERTIFICATE-----\n" +
+ "\n" +
+ "</cert>\n" +
+ "\n" +
+ "<key>\n" +
+ "-----BEGIN PRIVATE KEY-----\n" +
+ "\n" +
+ "-----END PRIVATE KEY-----\n" +
+ "\n" +
+ "</key>";
+ private final String miniconfig = "client\nremote test.blinkt.de\n";
@Test
public void testHttpProxyPass() throws IOException, ConfigParser.ConfigParseError {
@@ -31,7 +61,196 @@ public class TestConfigParser {
ConfigParser cp = new ConfigParser();
cp.parseConfig(new StringReader(miniconfig + httpproxypass));
VpnProfile p = cp.convertProfile();
- Assert.assertTrue(p.mCustomConfigOptions.contains(httpproxypass));
+ Assert.assertFalse(p.mCustomConfigOptions.contains(httpproxypass));
+
+ }
+
+ @Test
+ public void cleanReImport() throws IOException, ConfigParser.ConfigParseError {
+ ConfigParser cp = new ConfigParser();
+ cp.parseConfig(new StringReader(miniconfig + fakeCerts));
+ VpnProfile vp = cp.convertProfile();
+
+ String outConfig = vp.getConfigFile(RuntimeEnvironment.application, false);
+
+ cp = new ConfigParser();
+ cp.parseConfig(new StringReader(outConfig));
+ VpnProfile vp2 = cp.convertProfile();
+
+ String outConfig2 = vp2.getConfigFile(RuntimeEnvironment.application, false);
+
+ Assert.assertEquals(outConfig, outConfig2);
+ Assert.assertFalse(vp.mUseCustomConfig);
+ Assert.assertFalse(vp2.mUseCustomConfig);
+
+ }
+
+ @Test
+ public void testCommonOptionsImport() throws IOException, ConfigParser.ConfigParseError
+ {
+ String config = "client\n"
+ + "tun-mtu 1234\n" +
+ "<connection>\n" +
+ "remote foo.bar\n" +
+ "tun-mtu 1222\n"+
+ "</connection>\n";
+
+ ConfigParser cp = new ConfigParser();
+ cp.parseConfig(new StringReader(config));
+ VpnProfile vp = cp.convertProfile();
+
+ Assert.assertEquals(1234, vp.mTunMtu);
+ Assert.assertTrue(vp.mConnections[0].mCustomConfiguration.contains("tun-mtu 1222"));
+ Assert.assertTrue(vp.mConnections[0].mUseCustomConfig);
+ }
+
+ @Test
+ public void testSockProxyImport() throws IOException, ConfigParser.ConfigParseError {
+ String proxy =
+ "ca baz\n" +
+ "key foo\n" +
+ "cert bar\n" +
+ "client\n" +
+ "<connection>\n" +
+ "socks-proxy 13.23.3.2\n" +
+ "remote foo.bar\n" +
+ "</connection>\n" +
+ "\n" +
+ "<connection>\n" +
+ "socks-proxy 1.2.3.4 1234\n" +
+ "remote foo.bar\n" +
+ "</connection>\n" +
+ "\n" +
+ "<connection>\n" +
+ "http-proxy 1.2.3.7 8080\n" +
+ "remote foo.bar\n" +
+ "</connection>";
+
+ ConfigParser cp = new ConfigParser();
+ cp.parseConfig(new StringReader(proxy));
+ VpnProfile vp = cp.convertProfile();
+ Assert.assertEquals(3, vp.mConnections.length);
+
+ Assert.assertEquals("13.23.3.2", vp.mConnections[0].mProxyName);
+ Assert.assertEquals("1080", vp.mConnections[0].mProxyPort);
+ Assert.assertEquals(Connection.ProxyType.SOCKS5, vp.mConnections[0].mProxyType);
+
+ Assert.assertEquals("1.2.3.4", vp.mConnections[1].mProxyName);
+ Assert.assertEquals("1234", vp.mConnections[1].mProxyPort);
+ Assert.assertEquals(Connection.ProxyType.SOCKS5, vp.mConnections[0].mProxyType);
+
+ Assert.assertEquals("1.2.3.7", vp.mConnections[2].mProxyName);
+ Assert.assertEquals("8080", vp.mConnections[2].mProxyPort);
+ Assert.assertEquals(Connection.ProxyType.HTTP, vp.mConnections[2].mProxyType);
+
+ Context c = RuntimeEnvironment.application;
+ int err = vp.checkProfile(c, false);
+ Assert.assertTrue("Failed with " + c.getString(err), err == R.string.no_error_found);
}
+
+ @Test
+ public void testHttpUserPassAuth() throws IOException, ConfigParser.ConfigParseError {
+ String proxy ="client\n" +
+ "dev tun\n" +
+ "proto tcp\n" +
+ "remote 1.2.3.4 443\n" +
+ "resolv-retry infinite\n" +
+ "nobind\n" +
+ "persist-key\n" +
+ "persist-tun\n" +
+ "auth-user-pass\n" +
+ "verb 3\n" +
+ "cipher AES-128-CBC\n" +
+ "pull\n" +
+ "route-delay 2\n" +
+ "redirect-gateway\n" +
+ "remote-cert-tls server\n" +
+ "ns-cert-type server\n" +
+ "comp-lzo no\n" +
+ "http-proxy 1.2.3.4 1234\n" +
+ "<http-proxy-user-pass>\n" +
+ "username12\n" +
+ "password34\n" +
+ "</http-proxy-user-pass>\n" +
+ "<ca>\n" +
+ "foo\n" +
+ "</ca>\n" +
+ "<cert>\n" +
+ "bar\n" +
+ "</cert>\n" +
+ "<key>\n" +
+ "baz\n" +
+ "</key>\n";
+ ConfigParser cp = new ConfigParser();
+ cp.parseConfig(new StringReader(proxy));
+ VpnProfile vp = cp.convertProfile();
+ String config = vp.getConfigFile(RuntimeEnvironment.application, true);
+ Assert.assertTrue(config.contains("username12"));
+ Assert.assertTrue(config.contains("http-proxy 1.2.3.4"));
+
+ config = vp.getConfigFile(RuntimeEnvironment.application, false);
+
+ Assert.assertFalse(config.contains("username12"));
+ Assert.assertFalse(config.contains("http-proxy 1.2.3.4"));
+
+ Assert.assertTrue(vp.mConnections[0].mUseProxyAuth);
+ Assert.assertEquals(vp.mConnections[0].mProxyAuthUser, "username12");
+ Assert.assertEquals(vp.mConnections[0].mProxyAuthPassword, "password34");
+ }
+
+ @Test
+ public void testConfigWithHttpProxyOptions() throws IOException, ConfigParser.ConfigParseError {
+ String proxyconf = "pull\n" +
+ "dev tun\n" +
+ "proto tcp-client\n" +
+ "cipher AES-128-CBC\n" +
+ "auth SHA1\n" +
+ "reneg-sec 0\n" +
+ "remote-cert-tls server\n" +
+ "tls-version-min 1.2 or-highest\n" +
+ "persist-tun\n" +
+ "nobind\n" +
+ "connect-retry 2 2\n" +
+ "dhcp-option DNS 1.1.1.1\n" +
+ "dhcp-option DNS 84.200.69.80\n" +
+ "auth-user-pass\n" +
+ "\n" +
+ "remote xx.xx.xx.xx 1194\n" +
+ "http-proxy 1.2.3.4 8080\n" +
+ "http-proxy-option VERSION 1.1\n" +
+ "http-proxy-option CUSTOM-HEADER \"Connection: Upgrade\"\n" +
+ "http-proxy-option CUSTOM-HEADER \"X-Forwarded-Proto: https\"\n" +
+ "http-proxy-option CUSTOM-HEADER \"Upgrade-Insecure-Requests: 1\"\n" +
+ "http-proxy-option CUSTOM-HEADER \"DNT: 1\"\n" +
+ "http-proxy-option CUSTOM-HEADER \"Tk: N\"\n" +
+ "\n" +
+ fakeCerts;
+
+ ConfigParser cp = new ConfigParser();
+ cp.parseConfig(new StringReader(proxyconf));
+ VpnProfile vp = cp.convertProfile();
+ String config = vp.getConfigFile(RuntimeEnvironment.application, true);
+
+
+ Assert.assertEquals(vp.checkProfile(RuntimeEnvironment.application, true), R.string.no_error_found);
+ Assert.assertEquals(vp.checkProfile(RuntimeEnvironment.application, false), R.string.no_error_found);
+
+ config = vp.getConfigFile(RuntimeEnvironment.application, false);
+
+ Assert.assertTrue(config.contains("http-proxy 1.2.3.4"));
+ Assert.assertFalse(config.contains("management-query-proxy"));
+
+
+ Assert.assertTrue(config.contains("http-proxy-option CUSTOM-HEADER"));
+
+ vp.mConnections = Arrays.copyOf(vp.mConnections, vp.mConnections.length + 1);
+ vp.mConnections[vp.mConnections.length - 1] = new Connection();
+
+ vp.mConnections[vp.mConnections.length -1].mProxyType = Connection.ProxyType.ORBOT;
+
+ Assert.assertEquals(vp.checkProfile(RuntimeEnvironment.application, false), R.string.error_orbot_and_proxy_options);
+
+ }
+
}
diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestIpParser.java b/app/src/test/java/de/blinkt/openvpn/core/TestIpParser.java
index 37f9fdcd..6b330b63 100644
--- a/app/src/test/java/de/blinkt/openvpn/core/TestIpParser.java
+++ b/app/src/test/java/de/blinkt/openvpn/core/TestIpParser.java
@@ -31,7 +31,7 @@ public class TestIpParser {
void testAddress(String input, int mask, String output) throws UnknownHostException {
Inet6Address ip = (Inet6Address) InetAddress.getByName(input);
- NetworkSpace.ipAddress netIp = new NetworkSpace.ipAddress(ip, mask, true);
+ NetworkSpace.IpAddress netIp = new NetworkSpace.IpAddress(ip, mask, true);
Assert.assertEquals(output, netIp.toString());
}
diff --git a/ics-openvpn b/ics-openvpn
-Subproject 18f82db3d78c801284d4818778042eaf4d44f69
+Subproject f310bd7a0120b770dbc29a67ea0d6ffba2e136c