diff options
Diffstat (limited to 'app/src/main/java')
11 files changed, 50 insertions, 210 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 7dd75432..83cde85e 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -473,9 +473,6 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append("management-external-key nopadding\n"); } else { cfg.append(context.getString(R.string.keychain_access)).append("\n"); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) - if (!mAlias.matches("^[a-zA-Z0-9]$")) - cfg.append(context.getString(R.string.jelly_keystore_alphanumeric_bug)).append("\n"); } } break; @@ -932,11 +929,6 @@ public class VpnProfile implements Serializable, Cloneable { VpnStatus.logError(R.string.keyChainAccessError, e.getLocalizedMessage()); VpnStatus.logError(R.string.keychain_access); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { - if (!mAlias.matches("^[a-zA-Z0-9]$")) { - VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug); - } - } return null; } catch (AssertionError e) { @@ -1196,12 +1188,6 @@ public class VpnProfile implements Serializable, Cloneable { private byte[] getKeyChainSignedData(byte[] data, boolean pkcs1padding) { PrivateKey privkey = getKeystoreKey(); - // The Jelly Bean *evil* Hack - // 4.2 implements the RSA/ECB/PKCS1PADDING in the OpenSSLprovider - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { - return processSignJellyBeans(privkey, data); - } - try { @SuppressLint("GetInstance") @@ -1238,32 +1224,6 @@ public class VpnProfile implements Serializable, Cloneable { } } - private byte[] processSignJellyBeans(PrivateKey privkey, byte[] data) { - try { - Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey"); - getKey.setAccessible(true); - - // Real object type is OpenSSLKey - Object opensslkey = getKey.invoke(privkey); - - getKey.setAccessible(false); - - Method getPkeyContext = opensslkey.getClass().getDeclaredMethod("getPkeyContext"); - - // integer pointer to EVP_pkey - getPkeyContext.setAccessible(true); - int pkey = (Integer) getPkeyContext.invoke(opensslkey); - getPkeyContext.setAccessible(false); - - // 112 with TLS 1.2 (172 back with 4.3), 36 with TLS 1.0 - return NativeUtils.rsasign(data, pkey); - - } catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) { - VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage()); - return null; - } - } - private boolean usesExtraProxyOptions() { if (mUseCustomConfig && mCustomConfigOptions != null && mCustomConfigOptions.contains("http-proxy-option ")) return true; diff --git a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java index 5a1757ac..f769b38e 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java @@ -38,8 +38,6 @@ public class NativeUtils { static { if (!isRoboUnitTest() && !isUnitTest()) { System.loadLibrary("ovpnutil"); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) - System.loadLibrary("jbcrypto"); } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java index 860897db..457ae971 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java @@ -336,35 +336,6 @@ public class NetworkSpace { ips.add(ia); } - if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) { - // Include postive routes from the original set under < 4.4 since these might overrule the local - // network but only if no smaller negative route exists - for (IpAddress origIp : mIpAddresses) { - if (!origIp.included) - continue; - - // The netspace exists - if (ipsSorted.contains(origIp)) - continue; - - boolean skipIp = false; - // If there is any smaller net that is excluded we may not add the positive route back - - for (IpAddress calculatedIp : ipsSorted) { - if (!calculatedIp.included && origIp.containsNet(calculatedIp)) { - skipIp = true; - break; - } - } - if (skipIp) - continue; - - // It is safe to include the IP - ips.add(origIp); - } - - } - return ips; } diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java index 5b11c0a0..25af6121 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java @@ -24,63 +24,35 @@ public class NetworkUtils { public static Vector<String> getLocalNetworks(Context c, boolean ipv6) { Vector<String> nets = new Vector<>(); ConnectivityManager conn = (ConnectivityManager) c.getSystemService(Context.CONNECTIVITY_SERVICE); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - Network[] networks = conn.getAllNetworks(); - for (Network network : networks) { - try { - NetworkInfo ni = conn.getNetworkInfo(network); - LinkProperties li = conn.getLinkProperties(network); + Network[] networks = conn.getAllNetworks(); + for (Network network : networks) { + try { + NetworkInfo ni = conn.getNetworkInfo(network); + LinkProperties li = conn.getLinkProperties(network); - NetworkCapabilities nc = conn.getNetworkCapabilities(network); + NetworkCapabilities nc = conn.getNetworkCapabilities(network); - if (nc == null) { - continue; - } - - // Skip VPN networks like ourselves - if (nc.hasTransport(NetworkCapabilities.TRANSPORT_VPN)) - continue; - - // Also skip mobile networks - if (nc.hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR)) - continue; - - - for (LinkAddress la : li.getLinkAddresses()) { - if ((la.getAddress() instanceof Inet4Address && !ipv6) || - (la.getAddress() instanceof Inet6Address && ipv6)) - nets.add(la.toString()); - } - } catch (SecurityException se) { - se.printStackTrace(); + if (nc == null) { + continue; } - } - } else { - // Old Android Version, use native utils via ifconfig instead - // Add local network interfaces - if (ipv6) - return nets; - String[] localRoutes = NativeUtils.getIfconfig(); - - // The format of mLocalRoutes is kind of broken because I don't really like JNI - for (int i = 0; i < localRoutes.length; i += 3) { - String intf = localRoutes[i]; - String ipAddr = localRoutes[i + 1]; - String netMask = localRoutes[i + 2]; - - if (intf == null || intf.equals("lo") || - intf.startsWith("tun") || intf.startsWith("rmnet")) + // Skip VPN networks like ourselves + if (nc.hasTransport(NetworkCapabilities.TRANSPORT_VPN)) continue; - if (ipAddr == null || netMask == null) { - VpnStatus.logError("Local routes are broken?! (Report to author) " + TextUtils.join("|", localRoutes)); + // Also skip mobile networks + if (nc.hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR)) continue; - } - nets.add(ipAddr + "/" + CIDRIP.calculateLenFromMask(netMask)); - } + for (LinkAddress la : li.getLinkAddresses()) { + if ((la.getAddress() instanceof Inet4Address && !ipv6) || + (la.getAddress() instanceof Inet6Address && ipv6)) + nets.add(la.toString()); + } + } catch (SecurityException se) { + se.printStackTrace(); + } } return nets; } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 88a85de3..0ae7639e 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -589,7 +589,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logInfo(R.string.last_openvpn_tun_config); - boolean allowUnsetAF = Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && !mProfile.mBlockUnusedAddressFamilies; + boolean allowUnsetAF = !mProfile.mBlockUnusedAddressFamilies; if (allowUnsetAF) { allowAllAFFamilies(builder); } @@ -631,20 +631,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } } - String release = Build.VERSION.RELEASE; - if ((Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT && !release.startsWith("4.4.3") - && !release.startsWith("4.4.4") && !release.startsWith("4.4.5") && !release.startsWith("4.4.6")) - && mMtu < 1280) { - VpnStatus.logInfo(String.format(Locale.US, "Forcing MTU to 1280 instead of %d to workaround Android Bug #70916", mMtu)); - builder.setMtu(1280); - } else { - builder.setMtu(mMtu); - } + builder.setMtu(mMtu); Collection<IpAddress> positiveIPv4Routes = mRoutes.getPositiveIPList(); Collection<IpAddress> positiveIPv6Routes = mRoutesv6.getPositiveIPList(); - if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) { + if ("samsung".equals(Build.BRAND) && mDnslist.size() >= 1) { // Check if the first DNS Server is in the VPN range try { IpAddress dnsServer = new IpAddress(new CIDRIP(mDnslist.get(0), 32), true); @@ -725,9 +717,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logInfo(R.string.routes_info_incl, TextUtils.join(", ", mRoutes.getNetworks(true)), TextUtils.join(", ", mRoutesv6.getNetworks(true))); VpnStatus.logInfo(R.string.routes_info_excl, TextUtils.join(", ", mRoutes.getNetworks(false)), TextUtils.join(", ", mRoutesv6.getNetworks(false))); VpnStatus.logDebug(R.string.routes_debug, TextUtils.join(", ", positiveIPv4Routes), TextUtils.join(", ", positiveIPv6Routes)); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - setAllowedVpnPackages(builder); - } + + setAllowedVpnPackages(builder); if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP_MR1) { // VPN always uses the default network builder.setUnderlyingNetworks(null); @@ -773,9 +764,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } catch (Exception e) { VpnStatus.logError(R.string.tun_open_error); VpnStatus.logError(getString(R.string.error) + e.getLocalizedMessage()); - if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.JELLY_BEAN_MR1) { - VpnStatus.logError(R.string.tun_error_helpful); - } return null; } @@ -790,7 +778,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } } - @TargetApi(Build.VERSION_CODES.LOLLIPOP) private void allowAllAFFamilies(Builder builder) { builder.allowFamily(OsConstants.AF_INET); builder.allowFamily(OsConstants.AF_INET6); @@ -805,11 +792,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (ipAddr.equals(mLocalIP.mIp)) continue; - if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT && !mProfile.mAllowLocalLAN) { - mRoutes.addIPSplit(new CIDRIP(ipAddr, netMask), true); - - } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && mProfile.mAllowLocalLAN) + if (mProfile.mAllowLocalLAN) { mRoutes.addIP(new CIDRIP(ipAddr, netMask), false); + } } // IPv6 is Lollipop+ only so we can skip the lower than KITKAT case @@ -823,7 +808,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } - @TargetApi(Build.VERSION_CODES.LOLLIPOP) private void setAllowedVpnPackages(Builder builder) { boolean profileUsesOrBot = false; @@ -1094,13 +1078,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (currentConfiguration.equals(mLastTunCfg)) { return "NOACTION"; } else { - String release = Build.VERSION.RELEASE; - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT && !release.startsWith("4.4.3") - && !release.startsWith("4.4.4") && !release.startsWith("4.4.5") && !release.startsWith("4.4.6")) - // There will be probably no 4.4.4 or 4.4.5 version, so don't waste effort to do parsing here - return "OPEN_AFTER_CLOSE"; - else - return "OPEN_BEFORE_CLOSE"; + return "OPEN_BEFORE_CLOSE"; } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java index 0edfeaeb..a02e7e27 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java @@ -242,12 +242,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { VpnStatus.logWarning("Could not protect VPN socket"); - //ParcelFileDescriptor pfd = ParcelFileDescriptor.fromFd(fdint); - //pfd.close(); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - fdCloseLollipop(fd); - } else { - NativeUtils.jniclose(fdint); + try { + Os.close(fd); + } catch (Exception e) { + VpnStatus.logException("Failed to close fd (" + fd + ")", e); } return; } catch ( NoSuchMethodException | IllegalArgumentException | InvocationTargetException | IllegalAccessException | NullPointerException e) { @@ -258,15 +256,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { } - @RequiresApi(api = Build.VERSION_CODES.LOLLIPOP) - private void fdCloseLollipop(FileDescriptor fd) { - try { - Os.close(fd); - } catch (Exception e) { - VpnStatus.logException("Failed to close fd (" + fd + ")", e); - } - } - private String processInput(String pendingInput) { diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java index 540ca043..03908ecd 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java @@ -30,11 +30,7 @@ public class VPNLaunchHelper { if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) return new File(context.getApplicationInfo().nativeLibraryDir, "libovpnexec.so").getPath(); String[] abis; - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) - abis = getSupportedABIsLollipop(); - else - //noinspection deprecation - abis = new String[]{Build.CPU_ABI, Build.CPU_ABI2}; + abis = getSupportedABIsLollipop(); if (!nativeAPI.equals(abis[0])) { VpnStatus.logWarning(R.string.abi_mismatch, Arrays.toString(abis), nativeAPI); @@ -58,13 +54,9 @@ public class VPNLaunchHelper { } private static String getMiniVPNExecutableName() { - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) - return MINIPIEVPN; - else - return MININONPIEVPN; + return MININONPIEVPN; } - public static String[] replacePieWithNoPie(String[] mArgv) { mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); return mArgv; diff --git a/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java b/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java index d5bbd2c5..d57d725e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java @@ -174,19 +174,17 @@ public class SettingsFragment extends Fragment implements SharedPreferences.OnSh } private void initExcludeAppsEntry(View rootView) { - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - IconTextEntry excludeApps = rootView.findViewById(R.id.exclude_apps); - excludeApps.setVisibility(VISIBLE); - Set<String> apps = PreferenceHelper.getExcludedApps(this.getContext()); - if (apps != null) { - updateExcludeAppsSubtitle(excludeApps, apps.size()); - } - FragmentManagerEnhanced fragmentManager = new FragmentManagerEnhanced(getActivity().getSupportFragmentManager()); - excludeApps.setOnClickListener((buttonView) -> { - Fragment fragment = new ExcludeAppsFragment(); - fragmentManager.replace(R.id.main_container, fragment, MainActivity.TAG); - }); + IconTextEntry excludeApps = rootView.findViewById(R.id.exclude_apps); + excludeApps.setVisibility(VISIBLE); + Set<String> apps = PreferenceHelper.getExcludedApps(this.getContext()); + if (apps != null) { + updateExcludeAppsSubtitle(excludeApps, apps.size()); } + FragmentManagerEnhanced fragmentManager = new FragmentManagerEnhanced(getActivity().getSupportFragmentManager()); + excludeApps.setOnClickListener((buttonView) -> { + Fragment fragment = new ExcludeAppsFragment(); + fragmentManager.replace(R.id.main_container, fragment, MainActivity.TAG); + }); } private void updateExcludeAppsSubtitle(IconTextEntry excludeApps, int number) { diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ViewHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ViewHelper.java index 8f4d7862..51bcb2b1 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ViewHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ViewHelper.java @@ -96,12 +96,10 @@ public class ViewHelper { } int color = ContextCompat.getColor(activity, secondaryColor); bar.setBackgroundDrawable(new ColorDrawable(color)); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - Window window = activity.getWindow(); - window.clearFlags(WindowManager.LayoutParams.FLAG_TRANSLUCENT_STATUS); - window.addFlags(WindowManager.LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS); - window.setStatusBarColor(ContextCompat.getColor(activity, primaryColor)); - } + Window window = activity.getWindow(); + window.clearFlags(WindowManager.LayoutParams.FLAG_TRANSLUCENT_STATUS); + window.addFlags(WindowManager.LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS); + window.setStatusBarColor(ContextCompat.getColor(activity, primaryColor)); int actionBarTextColor; if (textColor == 0) { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java index 645d7b26..b5d4a353 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -154,15 +154,12 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat builder.addRoute("::",0); builder.addAddress("fc00::", 7); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - allowAllAFFamilies(builder); - } + allowAllAFFamilies(builder); return builder; } - @TargetApi(Build.VERSION_CODES.LOLLIPOP) private void allowAllAFFamilies(Builder builder) { builder.allowFamily(OsConstants.AF_INET); builder.allowFamily(OsConstants.AF_INET6); @@ -174,9 +171,7 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat VpnStatus.updateStateString(STATE_ESTABLISH, "", R.string.void_vpn_establish, ConnectionStatus.LEVEL_BLOCKING); Builder builder = prepareBlockingVpnProfile(); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - builder.addDisallowedApplication(getPackageName()); - } + builder.addDisallowedApplication(getPackageName()); fd = builder.establish(); } catch (Exception e) { diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/ConfigWizardBaseActivity.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/ConfigWizardBaseActivity.java index aaf20647..5cfefb2e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/ConfigWizardBaseActivity.java +++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/ConfigWizardBaseActivity.java @@ -161,7 +161,6 @@ public abstract class ConfigWizardBaseActivity extends ButterKnifeActivity imple if (provider != null) { setProviderHeaderText(provider.getName()); } - setProgressbarColorForPreLollipop(); setDefaultGuidelineValues(); setGlobalLayoutChangeListener(); } @@ -173,16 +172,6 @@ public abstract class ConfigWizardBaseActivity extends ButterKnifeActivity imple } } - private void setProgressbarColorForPreLollipop() { - if (progressBar == null || Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - return; - } - progressBar.getIndeterminateDrawable().setColorFilter( - ContextCompat.getColor(this, R.color.colorPrimary), - PorterDuff.Mode.SRC_IN); - } - - @Override public void onSaveInstanceState(Bundle outState) { super.onSaveInstanceState(outState); |