summaryrefslogtreecommitdiff
path: root/app/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/main/java')
-rw-r--r--app/src/main/java/de/blinkt/openvpn/LaunchVPN.java13
-rw-r--r--app/src/main/java/de/blinkt/openvpn/VpnProfile.java92
-rw-r--r--app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java4
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java14
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java45
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java2
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java19
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVpnService.java105
8 files changed, 144 insertions, 150 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
index a39e780a..3f80eef0 100644
--- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
@@ -4,8 +4,6 @@ import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.R;
-import java.io.IOException;
-
import android.app.Activity;
import android.app.AlertDialog;
import android.content.ActivityNotFoundException;
@@ -20,13 +18,17 @@ import android.text.InputType;
import android.text.TextUtils;
import android.text.method.PasswordTransformationMethod;
import android.view.View;
-import android.widget.*;
+import android.widget.CheckBox;
+import android.widget.CompoundButton;
+import android.widget.EditText;
+
+import java.io.IOException;
import de.blinkt.openvpn.activities.LogWindow;
-import de.blinkt.openvpn.core.VpnStatus;
-import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
import de.blinkt.openvpn.core.ProfileManager;
import de.blinkt.openvpn.core.VPNLaunchHelper;
+import de.blinkt.openvpn.core.VpnStatus;
+import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
/**
* This Activity actually handles two stages of a launcher shortcut's life cycle.
@@ -111,7 +113,6 @@ public class LaunchVPN extends Activity {
}
}
-
@Override
protected void onActivityResult (int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 0166eb98..d44d0f5a 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -4,6 +4,7 @@ import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.R;
+import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
import android.content.SharedPreferences;
@@ -14,6 +15,7 @@ import android.os.Build;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
+import android.text.TextUtils;
import android.util.Base64;
import org.spongycastle.util.io.pem.PemObject;
@@ -115,8 +117,8 @@ public class VpnProfile implements Serializable {
public boolean mUseDefaultRoute = true;
public boolean mUsePull = true;
public String mCustomRoutes;
- public boolean mCheckRemoteCN = false;
- public boolean mExpectTLSCert = true;
+ public boolean mCheckRemoteCN = true;
+ public boolean mExpectTLSCert = false;
public String mRemoteCN = "";
public String mPassword = "";
public String mUsername = "";
@@ -181,6 +183,7 @@ public class VpnProfile implements Serializable {
mUseDefaultRoute = false;
mUseDefaultRoutev6 = false;
mExpectTLSCert = false;
+ mCheckRemoteCN = false;
mPersistTun = false;
mAllowLocalLAN = true;
}
@@ -199,10 +202,7 @@ public class VpnProfile implements Serializable {
public void upgradeProfile(){
if(mProfileVersion< 2) {
/* default to the behaviour the OS used */
- if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT)
- mAllowLocalLAN = true;
- else
- mAllowLocalLAN = false;
+ mAllowLocalLAN = Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT;
}
mProfileVersion= CURRENT_PROFILE_VERSION;
@@ -213,7 +213,7 @@ public class VpnProfile implements Serializable {
File cacheDir = context.getCacheDir();
String cfg = "";
- // Enable managment interface
+ // Enable management interface
cfg += "# Enables connection to GUI\n";
cfg += "management ";
@@ -230,6 +230,9 @@ public class VpnProfile implements Serializable {
cfg += "machine-readable-output\n";
+ // Users are confused by warnings that are misleading...
+ cfg += "ifconfig-nowarn\n";
+
boolean useTLSClient = (mAuthenticationType != TYPE_STATICKEYS);
@@ -327,7 +330,7 @@ public class VpnProfile implements Serializable {
else
cfg += insertFileData("tls-auth", mTLSAuthFilename);
- if (nonNull(mTLSAuthDirection)) {
+ if (!TextUtils.isEmpty(mTLSAuthDirection)) {
cfg += "key-direction ";
cfg += mTLSAuthDirection;
cfg += "\n";
@@ -336,10 +339,10 @@ public class VpnProfile implements Serializable {
}
if (!mUsePull) {
- if (nonNull(mIPv4Address))
+ if (!TextUtils.isEmpty(mIPv4Address))
cfg += "ifconfig " + cidrToIPAndNetmask(mIPv4Address) + "\n";
- if (nonNull(mIPv6Address))
+ if (!TextUtils.isEmpty(mIPv6Address))
cfg += "ifconfig-ipv6 " + mIPv6Address + "\n";
}
@@ -377,11 +380,11 @@ public class VpnProfile implements Serializable {
cfg += routes;
if (mOverrideDNS || !mUsePull) {
- if (nonNull(mDNS1))
+ if (!TextUtils.isEmpty(mDNS1))
cfg += "dhcp-option DNS " + mDNS1 + "\n";
- if (nonNull(mDNS2))
+ if (!TextUtils.isEmpty(mDNS2))
cfg += "dhcp-option DNS " + mDNS2 + "\n";
- if (nonNull(mSearchDomain))
+ if (!TextUtils.isEmpty(mSearchDomain))
cfg += "dhcp-option DOMAIN " + mSearchDomain + "\n";
}
@@ -422,11 +425,11 @@ public class VpnProfile implements Serializable {
cfg += "remote-cert-tls server\n";
}
- if (nonNull(mCipher)) {
+ if (!TextUtils.isEmpty(mCipher)) {
cfg += "cipher " + mCipher + "\n";
}
- if (nonNull(mAuth)) {
+ if (!TextUtils.isEmpty(mAuth)) {
cfg += "auth " + mAuth + "\n";
}
@@ -488,13 +491,6 @@ public class VpnProfile implements Serializable {
}
}
- private boolean nonNull(String val) {
- if (val == null || val.equals(""))
- return false;
- else
- return true;
- }
-
private Collection<String> getCustomRoutes(String routes) {
Vector<String> cidrRoutes = new Vector<String>();
if (routes == null) {
@@ -636,8 +632,8 @@ public class VpnProfile implements Serializable {
synchronized String[] getKeyStoreCertificates(Context context,int tries) {
PrivateKey privateKey = null;
- X509Certificate[] cachain;
- Exception exp=null;
+ X509Certificate[] caChain;
+ Exception exp;
try {
privateKey = KeyChain.getPrivateKey(context, mAlias);
mPrivateKey = privateKey;
@@ -645,18 +641,18 @@ public class VpnProfile implements Serializable {
String keystoreChain = null;
- cachain = KeyChain.getCertificateChain(context, mAlias);
- if(cachain == null)
+ caChain = KeyChain.getCertificateChain(context, mAlias);
+ if(caChain == null)
throw new NoCertReturnedException("No certificate returned from Keystore");
- if (cachain.length <= 1 && !nonNull(mCaFilename)) {
+ if (caChain.length <= 1 && TextUtils.isEmpty(mCaFilename)) {
VpnStatus.logMessage(VpnStatus.LogLevel.ERROR, "", context.getString(R.string.keychain_nocacert));
} else {
StringWriter ksStringWriter = new StringWriter();
PemWriter pw = new PemWriter(ksStringWriter);
- for (int i = 1; i < cachain.length; i++) {
- X509Certificate cert = cachain[i];
+ for (int i = 1; i < caChain.length; i++) {
+ X509Certificate cert = caChain[i];
pw.writeObject(new PemObject("CERTIFICATE", cert.getEncoded()));
}
pw.close();
@@ -665,7 +661,7 @@ public class VpnProfile implements Serializable {
String caout = null;
- if (nonNull(mCaFilename)) {
+ if (!TextUtils.isEmpty(mCaFilename)) {
try {
Certificate cacert = X509Utils.getCertificateFromFile(mCaFilename);
StringWriter caoutWriter = new StringWriter();
@@ -684,8 +680,8 @@ public class VpnProfile implements Serializable {
StringWriter certout = new StringWriter();
- if (cachain.length >= 1) {
- X509Certificate usercert = cachain[0];
+ if (caChain.length >= 1) {
+ X509Certificate usercert = caChain[0];
PemWriter upw = new PemWriter(certout);
upw.writeObject(new PemObject("CERTIFICATE", usercert.getEncoded()));
@@ -730,15 +726,14 @@ public class VpnProfile implements Serializable {
}
return getKeyStoreCertificates(context, tries-1);
}
- if (exp != null) {
- exp.printStackTrace();
- VpnStatus.logError(R.string.keyChainAccessError, exp.getLocalizedMessage());
- VpnStatus.logError(R.string.keychain_access);
- if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
- if (!mAlias.matches("^[a-zA-Z0-9]$")) {
- VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
- }
+ exp.printStackTrace();
+ VpnStatus.logError(R.string.keyChainAccessError, exp.getLocalizedMessage());
+
+ VpnStatus.logError(R.string.keychain_access);
+ if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
+ if (!mAlias.matches("^[a-zA-Z0-9]$")) {
+ VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
}
}
return null;
@@ -801,7 +796,7 @@ public class VpnProfile implements Serializable {
}
public boolean requireTLSKeyPassword() {
- if (!nonNull(mClientKeyFilename))
+ if (TextUtils.isEmpty(mClientKeyFilename))
return false;
String data = "";
@@ -842,13 +837,13 @@ public class VpnProfile implements Serializable {
}
if (mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES) {
- if (requireTLSKeyPassword() && !nonNull(mKeyPassword))
+ if (requireTLSKeyPassword() && TextUtils.isEmpty(mKeyPassword))
if (mTransientPCKS12PW == null) {
return R.string.private_key_password;
}
}
- if (isUserPWAuth() && !(nonNull(mUsername) && (nonNull(mPassword) || mTransientPW != null))) {
+ if (isUserPWAuth() && !(!TextUtils.isEmpty(mUsername) && (!TextUtils.isEmpty(mPassword) || mTransientPW != null))) {
return R.string.password;
}
return 0;
@@ -893,12 +888,15 @@ public class VpnProfile implements Serializable {
try {
+ /* ECB is perfectly fine in this special case, since we are using it for
+ the public/private part in the TLS exchange
+ */
+ @SuppressLint("GetInstance")
+ Cipher rsaSigner = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
- Cipher rsasinger = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
-
- rsasinger.init(Cipher.ENCRYPT_MODE, privkey);
+ rsaSigner.init(Cipher.ENCRYPT_MODE, privkey);
- byte[] signed_bytes = rsasinger.doFinal(data);
+ byte[] signed_bytes = rsaSigner.doFinal(data);
return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
} catch (NoSuchAlgorithmException e) {
diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
index da011c98..8e418053 100644
--- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
@@ -43,8 +43,8 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi
}
@Override
- protected void onStop() {
- super.onStop();
+ protected void onPause() {
+ super.onPause();
unbindService(mConnection);
}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
index 378b6b92..d23b521f 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
@@ -1,7 +1,5 @@
package de.blinkt.openvpn.core;
-import de.blinkt.openvpn.VpnProfile;
-
import java.io.BufferedReader;
import java.io.IOException;
import java.io.Reader;
@@ -10,6 +8,8 @@ import java.util.HashMap;
import java.util.Locale;
import java.util.Vector;
+import de.blinkt.openvpn.VpnProfile;
+
//! Openvpn Config FIle Parser, probably not 100% accurate but close enough
// And remember, this is valid :)
@@ -31,11 +31,17 @@ public class ConfigParser {
BufferedReader br =new BufferedReader(reader);
+ int lineno=0;
while (true){
String line = br.readLine();
+ lineno++;
if(line==null)
break;
+ if (lineno==1 && (line.startsWith("PK\003\004")
+ || (line.startsWith("PK\007\008"))))
+ throw new ConfigParseError("Input looks like a ZIP Archive. Import is only possible for OpenVPN config files (.ovpn/.conf)");
+
// Check for OpenVPN Access Server Meta information
if (line.startsWith("# OVPN_ACCESS_SERVER_")) {
Vector<String> metaarg = parsemeta(line);
@@ -440,8 +446,8 @@ public class ConfigParser {
}
Vector<String> rport = getOption("rport", 1,1);
- if(port!=null){
- np.mServerPort = port.get(1);
+ if(rport!=null){
+ np.mServerPort = rport.get(1);
}
Vector<String> proto = getOption("proto", 1,1);
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
index 990e70d8..81a17ef9 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
@@ -5,6 +5,8 @@ import android.text.TextUtils;
import junit.framework.Assert;
+import org.jetbrains.annotations.NotNull;
+
import java.math.BigInteger;
import java.net.Inet6Address;
import java.util.*;
@@ -23,13 +25,18 @@ public class NetworkSpace {
private BigInteger lastAddress;
+ /**
+ * sorts the networks with following criteria:
+ * 1. compares first 1 of the network
+ * 2. smaller networks are returned as smaller
+ */
@Override
- public int compareTo(ipAddress another) {
+ public int compareTo(@NotNull ipAddress another) {
int comp = getFirstAddress().compareTo(another.getFirstAddress());
if (comp != 0)
return comp;
- // bigger mask means smaller address block
+
if (networkMask > another.networkMask)
return -1;
else if (another.networkMask == networkMask)
@@ -38,6 +45,22 @@ public class NetworkSpace {
return 1;
}
+ /**
+ * Warning ignores the included integer
+ *
+ * @param o
+ * the object to compare this instance with.
+ */
+ @Override
+ public boolean equals(Object o) {
+ if (!(o instanceof ipAddress))
+ return super.equals(o);
+
+
+ ipAddress on = (ipAddress) o;
+ return (networkMask == on.networkMask) && on.getFirstAddress().equals(getFirstAddress());
+ }
+
public ipAddress(CIDRIP ip, boolean include) {
included = include;
netAddress = BigInteger.valueOf(ip.getInt());
@@ -110,10 +133,10 @@ public class NetworkSpace {
public ipAddress[] split() {
- ipAddress firsthalf = new ipAddress(getFirstAddress(), networkMask + 1, included, isV4);
- ipAddress secondhalf = new ipAddress(firsthalf.getLastAddress().add(BigInteger.ONE), networkMask + 1, included, isV4);
- if (BuildConfig.DEBUG) Assert.assertTrue(secondhalf.getLastAddress().equals(getLastAddress()));
- return new ipAddress[]{firsthalf, secondhalf};
+ ipAddress firstHalf = new ipAddress(getFirstAddress(), networkMask + 1, included, isV4);
+ ipAddress secondHalf = new ipAddress(firstHalf.getLastAddress().add(BigInteger.ONE), networkMask + 1, included, isV4);
+ if (BuildConfig.DEBUG) Assert.assertTrue(secondHalf.getLastAddress().equals(getLastAddress()));
+ return new ipAddress[]{firstHalf, secondHalf};
}
String getIPv4Address() {
@@ -185,7 +208,7 @@ public class NetworkSpace {
return ipsDone;
while (currentNet!=null) {
- // Check if it and the next of it are compatbile
+ // Check if it and the next of it are compatible
ipAddress nextNet = networks.poll();
if (BuildConfig.DEBUG) Assert.assertNotNull(currentNet);
@@ -202,9 +225,12 @@ public class NetworkSpace {
// Simply forget our current network
currentNet=nextNet;
} else {
- // our currentnet is included in next and types differ. Need to split the next network
+ // our currentNet is included in next and types differ. Need to split the next network
ipAddress[] newNets = nextNet.split();
+
+ // TODO: The contains method of the Priority is stupid linear search
+
// First add the second half to keep the order in networks
if (!networks.contains(newNets[1]))
networks.add(newNets[1]);
@@ -226,6 +252,7 @@ public class NetworkSpace {
}
// This network is bigger than the next and last ip of current >= next
+ //noinspection StatementWithEmptyBody
if (currentNet.included == nextNet.included) {
// Next network is in included in our network with the same type,
// simply ignore the next and move on
@@ -238,7 +265,7 @@ public class NetworkSpace {
if (BuildConfig.DEBUG) {
Assert.assertTrue (newNets[1].getFirstAddress().equals(nextNet.getFirstAddress()));
Assert.assertTrue (newNets[1].getLastAddress().equals(currentNet.getLastAddress()));
- // Splitted second equal the next network, do not add it
+ // split second equal the next network, do not add it
}
networks.add(nextNet);
} else {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
index 0de54ed7..67c05e7d 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
@@ -48,8 +48,6 @@ public class OpenVPNThread implements Runnable {
public void stopProcess() {
mProcess.destroy();
}
-
-
@Override
public void run() {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
index 4cba4f5f..e6e5be25 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
@@ -9,11 +9,9 @@ import android.os.ParcelFileDescriptor;
import android.preference.PreferenceManager;
import android.util.Log;
-import org.jetbrains.annotations.NotNull;
+import junit.framework.Assert;
-import se.leap.bitmaskclient.R;
-import de.blinkt.openvpn.VpnProfile;
-import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
+import org.jetbrains.annotations.NotNull;
import java.io.FileDescriptor;
import java.io.IOException;
@@ -22,7 +20,16 @@ import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
-import java.util.*;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.Locale;
+import java.util.Vector;
+
+import se.leap.bitmaskclient.BuildConfig;
+import se.leap.bitmaskclient.R;
+import de.blinkt.openvpn.VpnProfile;
+import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
@@ -391,7 +398,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
*/
if(routeparts.length==5) {
- assert(routeparts[3].equals("dev"));
+ if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]);
mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]);
} else if (routeparts.length >= 3) {
mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null);
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnService.java
index 43b27212..9d61247a 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnService.java
@@ -72,6 +72,7 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
private OpenVPNManagement mManagement;
private String mLastTunCfg;
private String mRemoteGW;
+ private Object mProcessLock = new Object();
// From: http://stackoverflow.com/questions/3758606/how-to-convert-byte-size-into-human-readable-format-in-java
public static String humanReadableByteCount(long bytes, boolean mbit) {
@@ -110,7 +111,9 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
}
private void endVpnService() {
- mProcessThread = null;
+ synchronized (mProcessLock) {
+ mProcessThread = null;
+ }
VpnStatus.removeByteCountListener(this);
unregisterDeviceStateReceiver();
ProfileManager.setConntectedVpnProfileDisconnected(this);
@@ -124,46 +127,6 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
}
}
- private void showNotification(String msg, String tickerText, boolean lowpriority, long when, ConnectionStatus status) {
- String ns = Context.NOTIFICATION_SERVICE;
- NotificationManager mNotificationManager = (NotificationManager) getSystemService(ns);
-
-
- int icon = getIconByConnectionStatus(status);
-
- android.app.Notification.Builder nbuilder = new Notification.Builder(this);
-
- if (mProfile != null)
- nbuilder.setContentTitle(getString(R.string.notifcation_title, mProfile.mName));
- else
- nbuilder.setContentTitle(getString(R.string.notifcation_title_notconnect));
-
- nbuilder.setContentText(msg);
- nbuilder.setOnlyAlertOnce(true);
- nbuilder.setOngoing(true);
- nbuilder.setContentIntent(getLogPendingIntent());
- nbuilder.setSmallIcon(icon);
-
-
- if (when != 0)
- nbuilder.setWhen(when);
-
-
- // Try to set the priority available since API 16 (Jellybean)
- if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN)
- jbNotificationExtras(lowpriority, nbuilder);
-
- if (tickerText != null && !tickerText.equals(""))
- nbuilder.setTicker(tickerText);
-
- @SuppressWarnings("deprecation")
- Notification notification = nbuilder.getNotification();
-
-
- mNotificationManager.notify(OPENVPN_STATUS, notification);
- startForeground(OPENVPN_STATUS, notification);
- }
-
private int getIconByConnectionStatus(ConnectionStatus level) {
switch (level) {
case LEVEL_CONNECTED:
@@ -314,11 +277,6 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
mProfile = ProfileManager.get(this, profileUUID);
- String startTitle = getString(R.string.start_vpn_title, mProfile.mName);
- String startTicker = getString(R.string.start_vpn_ticker, mProfile.mName);
- showNotification(startTitle, startTicker,
- false, 0, LEVEL_CONNECTING_NO_SERVER_REPLY_YET);
-
// Set a flag that we are starting a new VPN
mStarting = true;
// Stop the previous session by interrupting the thread.
@@ -330,13 +288,14 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
//ignore
}
-
- if (mProcessThread != null) {
- mProcessThread.interrupt();
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- //ignore
+ synchronized (mProcessLock) {
+ if (mProcessThread != null) {
+ mProcessThread.interrupt();
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ //ignore
+ }
}
}
// An old running VPN should now be exited
@@ -380,9 +339,10 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
processThread = new OpenVPNThread(this, argv, env, nativelibdir);
}
- mProcessThread = new Thread(processThread, "OpenVPNProcessThread");
- mProcessThread.start();
-
+ synchronized (mProcessLock) {
+ mProcessThread = new Thread(processThread, "OpenVPNProcessThread");
+ mProcessThread.start();
+ }
if (mDeviceStateReceiver != null)
unregisterDeviceStateReceiver();
@@ -416,11 +376,12 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
@Override
public void onDestroy() {
- if (mProcessThread != null) {
- mManagement.stopVPN();
-
- mProcessThread.interrupt();
+ synchronized (mProcessLock) {
+ if (mProcessThread != null) {
+ mManagement.stopVPN();
+ }
}
+
if (mDeviceStateReceiver != null) {
this.unregisterReceiver(mDeviceStateReceiver);
}
@@ -639,10 +600,10 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
mMtu = mtu;
mRemoteGW=null;
+ long netMaskAsInt = CIDRIP.getInt(netmask);
if (mLocalIP.len == 32 && !netmask.equals("255.255.255.255")) {
// get the netmask as IP
- long netMaskAsInt = CIDRIP.getInt(netmask);
int masklen;
if ("net30".equals(mode))
@@ -655,11 +616,18 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
if ((netMaskAsInt & mask) == (mLocalIP.getInt() & mask )) {
mLocalIP.len = masklen;
} else {
+ mLocalIP.len = 32;
if (!"p2p".equals(mode))
VpnStatus.logWarning(R.string.ip_not_cidr, local, netmask, mode);
- mRemoteGW=netmask;
}
}
+ if (("p2p".equals(mode)) && mLocalIP.len < 32 || "net30".equals("net30") && mLocalIP.len < 30) {
+ VpnStatus.logWarning(R.string.ip_looks_like_subnet, local, netmask, mode);
+ }
+
+
+ // Configurations are sometimes really broken...
+ mRemoteGW=netmask;
}
public void setLocalIPv6(String ipv6addr) {
@@ -690,14 +658,6 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
mDisplayBytecount = false;
}
- // Other notifications are shown,
- // This also mean we are no longer connected, ignore bytecount messages until next
- // CONNECTED
- // Does not work :(
- String msg = getString(resid);
- String ticker = msg;
- showNotification(msg + " " + logmessage, ticker, lowpriority , 0, level);
-
}
}
@@ -717,9 +677,6 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
humanReadableByteCount(diffIn / OpenVPNManagement.mBytecountInterval, true),
humanReadableByteCount(out, false),
humanReadableByteCount(diffOut / OpenVPNManagement.mBytecountInterval, true));
-
- boolean lowpriority = !mNotificationAlwaysVisible;
- showNotification(netstat, null, lowpriority, mConnecttime, LEVEL_CONNECTED);
}
}
@@ -746,7 +703,7 @@ public class OpenVpnService extends VpnService implements StateListener, Callbac
} else {
String release = Build.VERSION.RELEASE;
if (Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT && !release.startsWith("4.4.3")
- && !release.startsWith("4.4.4") && !release.startsWith("4.4.5"))
+ && !release.startsWith("4.4.4") && !release.startsWith("4.4.5") && !release.startsWith("4.4.6"))
// There will be probably no 4.4.4 or 4.4.5 version, so don't waste effort to do parsing here
return "OPEN_AFTER_CLOSE";
else