summaryrefslogtreecommitdiff
path: root/app/src/debug/java/se/leap
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/debug/java/se/leap')
-rw-r--r--app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java81
1 files changed, 51 insertions, 30 deletions
diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
index dd7af633..5549252e 100644
--- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -16,12 +16,20 @@
*/
package se.leap.bitmaskclient;
+import android.app.IntentService;
+import android.content.Intent;
+import android.os.Bundle;
+import android.os.Handler;
+import android.os.ResultReceiver;
+import android.util.Base64;
+import android.util.Log;
import java.io.DataOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
+import java.net.ConnectException;
import java.net.CookieHandler;
import java.net.CookieManager;
import java.net.CookiePolicy;
@@ -41,34 +49,26 @@ import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
+import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Scanner;
-
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
-
import org.apache.http.client.ClientProtocolException;
import org.jboss.security.srp.SRPParameters;
import org.json.JSONException;
import org.json.JSONObject;
-
-import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.ProviderListContent.ProviderItem;
-import android.app.IntentService;
-import android.content.Intent;
-import android.os.Bundle;
-import android.os.Handler;
-import android.os.ResultReceiver;
-import android.util.Base64;
-import android.util.Log;
+import se.leap.bitmaskclient.R;
/**
@@ -193,7 +193,7 @@ public class ProviderAPI extends IntentService {
receiver.send(LOGOUT_FAILED, Bundle.EMPTY);
}
} else if (action.equalsIgnoreCase(DOWNLOAD_CERTIFICATE)) {
- if(getNewCert(parameters)) {
+ if(updateVpnCertificate()) {
receiver.send(CORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY);
} else {
receiver.send(INCORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY);
@@ -426,7 +426,7 @@ public class ProviderAPI extends IntentService {
parameters.put("user[password_verifier]", password_verifier);
Log.d(TAG, server_url);
Log.d(TAG, parameters.toString());
- return sendToServer(server_url + "/users", "POST", parameters);
+ return sendToServer(server_url + "/users.json", "POST", parameters);
}
/**
@@ -538,16 +538,16 @@ public class ProviderAPI extends IntentService {
CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false;
}
- if(!CA_CERT_DOWNLOADED)
- current_download = downloadCACert(last_provider_main_url, last_danger_on);
- if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) {
- broadcast_progress(progress++);
- CA_CERT_DOWNLOADED = true;
if(!PROVIDER_JSON_DOWNLOADED)
current_download = getAndSetProviderJson(last_provider_main_url, last_danger_on);
if(PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) {
+ broadcast_progress(progress++);
+ PROVIDER_JSON_DOWNLOADED = true;
+ current_download = downloadCACert(last_danger_on);
+
+ if(CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) {
broadcast_progress(progress++);
- PROVIDER_JSON_DOWNLOADED = true;
+ CA_CERT_DOWNLOADED = true;
current_download = getAndSetEipServiceJson();
if(current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) {
broadcast_progress(progress++);
@@ -559,17 +559,25 @@ public class ProviderAPI extends IntentService {
return current_download;
}
- private Bundle downloadCACert(String provider_main_url, boolean danger_on) {
+ private Bundle downloadCACert(boolean danger_on) {
Bundle result = new Bundle();
- String cert_string = downloadWithCommercialCA(provider_main_url + "/ca.crt", danger_on);
+ try {
+ JSONObject provider_json = new JSONObject(getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(Provider.KEY, ""));
+ String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI);
+ String cert_string = downloadWithCommercialCA(ca_cert_url, danger_on);
- if(validCertificate(cert_string) && setting_up_provider) {
- getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit();
+ if(validCertificate(cert_string) && setting_up_provider) {
+ getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(Provider.CA_CERT, cert_string).commit();
result.putBoolean(RESULT_KEY, true);
- } else {
+ } else {
String reason_to_fail = pickErrorMessage(cert_string);
result.putString(ERRORS, reason_to_fail);
result.putBoolean(RESULT_KEY, false);
+ }
+ } catch (JSONException e) {
+ String reason_to_fail = formatErrorMessage(R.string.malformed_url);
+ result.putString(ERRORS, reason_to_fail);
+ result.putBoolean(RESULT_KEY, false);
}
return result;
@@ -697,12 +705,16 @@ public class ProviderAPI extends IntentService {
json_file_content = formatErrorMessage(R.string.malformed_url);
} catch(SocketTimeoutException e) {
json_file_content = formatErrorMessage(R.string.server_unreachable_message);
- } catch (IOException e) {
+ } catch (SSLHandshakeException e) {
if(provider_url != null) {
- json_file_content = downloadWithProviderCA(string_url, danger_on);
+ json_file_content = downloadWithProviderCA(string_url, danger_on);
} else {
json_file_content = formatErrorMessage(R.string.certificate_error);
}
+ } catch(ConnectException e) {
+ json_file_content = formatErrorMessage(R.string.service_is_down_error);
+ } catch (FileNotFoundException e) {
+ json_file_content = formatErrorMessage(R.string.malformed_url);
} catch (Exception e) {
if(provider_url != null && danger_on) {
json_file_content = downloadWithProviderCA(string_url, danger_on);
@@ -817,7 +829,7 @@ public class ProviderAPI extends IntentService {
System.out.println("String ignoring certificate = " + string);
} catch (FileNotFoundException e) {
e.printStackTrace();
- string = formatErrorMessage(R.string.server_unreachable_message);
+ string = formatErrorMessage(R.string.malformed_url);
} catch (IOException e) {
// The downloaded certificate doesn't validate our https connection.
e.printStackTrace();
@@ -878,16 +890,24 @@ public class ProviderAPI extends IntentService {
return true;
}
+ private boolean updateVpnCertificate() {
+ getNewCert();
+
+ getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putInt(EIP.PARSED_SERIAL, 0).commit();
+ Intent updateEIP = new Intent(getApplicationContext(), EIP.class);
+ updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE);
+ startService(updateEIP);
+
+ return true;
+ }
/**
* Downloads a new OpenVPN certificate, attaching authenticated cookie for authenticated certificate.
*
- * @param task containing the type of the certificate to be downloaded
* @return true if certificate was downloaded correctly, false if provider.json or danger_on flag are not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error.
*/
- private boolean getNewCert(Bundle task) {
+ private boolean getNewCert() {
try {
- String type_of_certificate = task.getString(ConfigurationWizard.TYPE_OF_CERTIFICATE);
JSONObject provider_json = new JSONObject(getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(Provider.KEY, ""));
String provider_main_url = provider_json.getString(Provider.API_URL);
@@ -924,6 +944,7 @@ public class ProviderAPI extends IntentService {
X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString);
certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT);
getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit();
+ getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit();
return true;
} catch (CertificateException e) {