summaryrefslogtreecommitdiff
path: root/app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java')
-rw-r--r--app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java214
1 files changed, 214 insertions, 0 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java b/app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java
new file mode 100644
index 00000000..6ce9c915
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/fragments/Settings_Authentication.java
@@ -0,0 +1,214 @@
+package de.blinkt.openvpn.fragments;
+
+import android.app.Activity;
+import android.content.Intent;
+import android.os.Build;
+import android.os.Bundle;
+import android.preference.CheckBoxPreference;
+import android.preference.EditTextPreference;
+import android.preference.ListPreference;
+import android.preference.Preference;
+import android.preference.Preference.OnPreferenceChangeListener;
+import android.preference.Preference.OnPreferenceClickListener;
+import android.preference.SwitchPreference;
+import android.util.Pair;
+import de.blinkt.openvpn.activities.FileSelect;
+import de.blinkt.openvpn.R;
+import de.blinkt.openvpn.core.VpnStatus;
+import de.blinkt.openvpn.views.RemoteCNPreference;
+import de.blinkt.openvpn.VpnProfile;
+
+import java.io.IOException;
+
+
+public class Settings_Authentication extends OpenVpnPreferencesFragment implements OnPreferenceChangeListener, OnPreferenceClickListener {
+ private static final int SELECT_TLS_FILE = 23223232;
+ private static final int SELECT_TLS_FILE_KITKAT = SELECT_TLS_FILE +1;
+ private CheckBoxPreference mExpectTLSCert;
+ private CheckBoxPreference mCheckRemoteCN;
+ private RemoteCNPreference mRemoteCN;
+ private ListPreference mTLSAuthDirection;
+ private Preference mTLSAuthFile;
+ private SwitchPreference mUseTLSAuth;
+ private EditTextPreference mCipher;
+ private String mTlsAuthFileData;
+ private EditTextPreference mAuth;
+
+ @Override
+ public void onCreate(Bundle savedInstanceState) {
+ super.onCreate(savedInstanceState);
+
+ // Load the preferences from an XML resource
+ addPreferencesFromResource(R.xml.vpn_authentification);
+
+ mExpectTLSCert = (CheckBoxPreference) findPreference("remoteServerTLS");
+ mCheckRemoteCN = (CheckBoxPreference) findPreference("checkRemoteCN");
+ mRemoteCN = (RemoteCNPreference) findPreference("remotecn");
+ mRemoteCN.setOnPreferenceChangeListener(this);
+
+ mUseTLSAuth = (SwitchPreference) findPreference("useTLSAuth" );
+ mTLSAuthFile = findPreference("tlsAuthFile");
+ mTLSAuthDirection = (ListPreference) findPreference("tls_direction");
+
+
+ mTLSAuthFile.setOnPreferenceClickListener(this);
+
+ mCipher =(EditTextPreference) findPreference("cipher");
+ mCipher.setOnPreferenceChangeListener(this);
+
+ mAuth =(EditTextPreference) findPreference("auth");
+ mAuth.setOnPreferenceChangeListener(this);
+
+ loadSettings();
+
+ }
+
+ @Override
+ protected void loadSettings() {
+
+ mExpectTLSCert.setChecked(mProfile.mExpectTLSCert);
+ mCheckRemoteCN.setChecked(mProfile.mCheckRemoteCN);
+ mRemoteCN.setDN(mProfile.mRemoteCN);
+ mRemoteCN.setAuthType(mProfile.mX509AuthType);
+ onPreferenceChange(mRemoteCN,
+ new Pair<Integer, String>(mProfile.mX509AuthType, mProfile.mRemoteCN));
+
+ mUseTLSAuth.setChecked(mProfile.mUseTLSAuth);
+ mTlsAuthFileData= mProfile.mTLSAuthFilename;
+ setTlsAuthSummary(mTlsAuthFileData);
+ mTLSAuthDirection.setValue(mProfile.mTLSAuthDirection);
+ mCipher.setText(mProfile.mCipher);
+ onPreferenceChange(mCipher, mProfile.mCipher);
+ mAuth.setText(mProfile.mAuth);
+ onPreferenceChange(mAuth, mProfile.mAuth);
+
+ if (mProfile.mAuthenticationType == VpnProfile.TYPE_STATICKEYS) {
+ mExpectTLSCert.setEnabled(false);
+ mCheckRemoteCN.setEnabled(false);
+ mUseTLSAuth.setChecked(true);
+ } else {
+ mExpectTLSCert.setEnabled(true);
+ mCheckRemoteCN.setEnabled(true);
+
+ }
+ }
+
+ @Override
+ protected void saveSettings() {
+ mProfile.mExpectTLSCert=mExpectTLSCert.isChecked();
+ mProfile.mCheckRemoteCN=mCheckRemoteCN.isChecked();
+ mProfile.mRemoteCN=mRemoteCN.getCNText();
+ mProfile.mX509AuthType=mRemoteCN.getAuthtype();
+
+ mProfile.mUseTLSAuth = mUseTLSAuth.isChecked();
+ mProfile.mTLSAuthFilename = mTlsAuthFileData;
+
+ if(mTLSAuthDirection.getValue()==null)
+ mProfile.mTLSAuthDirection=null;
+ else
+ mProfile.mTLSAuthDirection = mTLSAuthDirection.getValue();
+
+ if(mCipher.getText()==null)
+ mProfile.mCipher=null;
+ else
+ mProfile.mCipher = mCipher.getText();
+
+ if(mAuth.getText()==null)
+ mProfile.mAuth = null;
+ else
+ mProfile.mAuth = mAuth.getText();
+
+ }
+
+
+
+ @Override
+ public boolean onPreferenceChange(Preference preference, Object newValue) {
+ if(preference==mRemoteCN) {
+ @SuppressWarnings("unchecked")
+ int authtype = ((Pair<Integer, String>) newValue).first;
+ @SuppressWarnings("unchecked")
+ String dn = ((Pair<Integer, String>) newValue).second;
+
+ if ("".equals(dn))
+ preference.setSummary(getX509String(VpnProfile.X509_VERIFY_TLSREMOTE_RDN, mProfile.mServerName));
+ else
+ preference.setSummary(getX509String(authtype,dn));
+
+ } else if (preference == mCipher || preference == mAuth) {
+ preference.setSummary((CharSequence) newValue);
+ }
+ return true;
+ }
+ private CharSequence getX509String(int authtype, String dn) {
+ String ret ="";
+ switch (authtype) {
+ case VpnProfile.X509_VERIFY_TLSREMOTE:
+ case VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING:
+ ret+="tls-remote ";
+ break;
+
+ case VpnProfile.X509_VERIFY_TLSREMOTE_DN:
+ ret="dn: ";
+ break;
+
+ case VpnProfile.X509_VERIFY_TLSREMOTE_RDN:
+ ret="rdn: ";
+ break;
+
+ case VpnProfile.X509_VERIFY_TLSREMOTE_RDN_PREFIX:
+ ret="rdn prefix: ";
+ break;
+ }
+ return ret + dn;
+ }
+
+ void startFileDialog() {
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
+ Intent startFC = Utils.getFilePickerIntent (getActivity(), Utils.FileType.TLS_AUTH_FILE);
+ startActivityForResult(startFC, SELECT_TLS_FILE_KITKAT);
+ } else {
+ Intent startFC = new Intent(getActivity(), FileSelect.class);
+ startFC.putExtra(FileSelect.START_DATA, mTlsAuthFileData);
+ startFC.putExtra(FileSelect.WINDOW_TITLE, R.string.tls_auth_file);
+ startActivityForResult(startFC, SELECT_TLS_FILE);
+ }
+ }
+
+ @Override
+ public boolean onPreferenceClick(Preference preference) {
+ startFileDialog();
+ return true;
+
+ }
+
+ @Override
+ public void onActivityResult(int requestCode, int resultCode, Intent data) {
+ super.onActivityResult(requestCode, resultCode, data);
+ if(requestCode==SELECT_TLS_FILE && resultCode == Activity.RESULT_OK){
+ String result = data.getStringExtra(FileSelect.RESULT_DATA);
+ mTlsAuthFileData=result;
+ setTlsAuthSummary(result);
+ } else if (requestCode == SELECT_TLS_FILE_KITKAT && resultCode == Activity.RESULT_OK) {
+ try {
+ mTlsAuthFileData= Utils.getFilePickerResult(Utils.FileType.TLS_AUTH_FILE,data,getActivity());
+ setTlsAuthSummary(mTlsAuthFileData);
+ } catch (IOException e) {
+ VpnStatus.logException(e);
+ } catch (SecurityException se) {
+ VpnStatus.logException(se);
+ }
+ }
+ }
+
+ private void setTlsAuthSummary(String result) {
+ if(result==null)
+ result = getString(R.string.no_certificate);
+ if(result.startsWith(VpnProfile.INLINE_TAG))
+ mTLSAuthFile.setSummary(R.string.inline_file_data);
+ else if (result.startsWith(VpnProfile.DISPLAYNAME_TAG))
+ mExpectTLSCert.setSummary(getString(R.string.imported_from_file, VpnProfile.getDisplayName(result)));
+ else
+ mTLSAuthFile.setSummary(result);
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 16:10:16 +0000