diff options
Diffstat (limited to 'app')
24 files changed, 374 insertions, 66 deletions
diff --git a/app/build.gradle b/app/build.gradle index 5b1c0a7e..5c804d75 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -17,8 +17,9 @@ android { applicationId "se.leap.bitmaskclient" // the factor 1000 is used so that gplay users can upgrade from split apks ((current version number - 1) * 1000) + n // to extracted bundle apks, supplied by google - versionCode 161 * 1000 - versionName "1.1.3" + // however we don't calculate the versionCode here, because F-Droid doesn't like that + versionCode 162000 + versionName "1.1.4" minSdkVersion 16 targetSdkVersion 30 vectorDrawables.useSupportLibrary = true @@ -29,7 +30,7 @@ android { //This is the default donation URL and should be set to the donation page of LEAP // and this should not be set/altered anywhere else. - buildConfigField 'String', 'default_donation_url', '"https://riseup.net/vpn/donate"' + buildConfigField 'String', 'default_donation_url', '"https://riseuplabs.org/leap"' //The field to enable donations in the app. buildConfigField 'boolean', 'enable_donation', 'true' //The field to enable donation reminder popup in the app if enable_donation is set to 'false' this will be disabled. diff --git a/app/src/custom/res/values-el/strings.xml b/app/src/custom/res/values-el/strings.xml index 42ab9162..629fb9e8 100644 --- a/app/src/custom/res/values-el/strings.xml +++ b/app/src/custom/res/values-el/strings.xml @@ -1,6 +1,5 @@ <?xml version='1.0' encoding='UTF-8'?> <resources> - <string name="donate_message">Το RiseupVPN είναι μια γρήγορη, εύκολη και ασφαλής υπηρεσία VPN από το riseup.net. Δεν χρειάζεται λογαριασμός για τη χρήση του RiseupVPN, δεν κρατάει αρχεία καταγραφής και δεν σε παρακολουθεί με οποιοδήποτε τρόπο. Αυτή η υπηρεσία πληρώνεται εξ\' ολοκλήρου από δωρεές χρηστών σαν κι εσένα. Παρακαλούμε κάνε μια δωρεά στο -https://riseup.net/vpn/donate. </string> + <string name="donate_message">Το RiseupVPN είναι μια γρήγορη, εύκολη και ασφαλής υπηρεσία VPN από το riseup.net. Δεν χρειάζεται λογαριασμός για τη χρήση του RiseupVPN, δεν κρατάει αρχεία καταγραφής και δεν σε παρακολουθεί με οποιοδήποτε τρόπο. Αυτή η υπηρεσία πληρώνεται εξ\' ολοκλήρου από δωρεές χρηστών σαν κι εσένα. Παρακαλούμε κάνε μια δωρεά στο https://riseup.net/vpn/donate. </string> <string name="terms_of_service">Χρησιμοποιώντας την εφαρμογή συμφωνείς με τους Όρους Χρήσης που είναι διαθέσιμοι στο https://riseup.net/tos. Αυτή η υπηρεσία παρέχεται ως έχει, χωρίς καμία εγγύηση, και προορίζεται για ανθρώπους που προσπαθούν να κάνουν τον κόσμο καλύτερο.</string> </resources> diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index f2da0838..c010ef54 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -229,7 +229,7 @@ public class VpnProfile implements Serializable, Cloneable { //! Put inline data inline and other data as normal escaped filename public static String insertFileData(String cfgentry, String filedata) { if (filedata == null) { - return String.format("%s %s\n", cfgentry, "file missing in config profile"); + return String.format("# %s %s\n", cfgentry, "file missing in config profile"); } else if (isEmbedded(filedata)) { String dataWithOutHeader = getEmbeddedContent(filedata); return String.format(Locale.ENGLISH, "<%s>\n%s\n</%s>\n", cfgentry, dataWithOutHeader, cfgentry); diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index 4a8bcf99..10dd7033 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -561,7 +561,11 @@ public class ConfigParser { } } else if (!TextUtils.isEmpty(np.mCipher) && !np.mCipher.equals("AES-128-GCM") && !np.mCipher.equals("AES-256")) { - np.mDataCiphers += "AES-256-GCM:AES-128-GCM:" + np.mCipher; + if (np.mCipher.contains("AES-256-GCM")) { + np.mDataCiphers += np.mCipher; + } else { + np.mDataCiphers += "AES-256-GCM:AES-128-GCM:" + np.mCipher; + } } Vector<String> auth = getOption("auth", 1, 1); diff --git a/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java b/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java index be2fe4f4..f4531ff8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/fragments/SettingsFragment.java @@ -1,12 +1,35 @@ package se.leap.bitmaskclient.base.fragments; +import static android.content.Context.MODE_PRIVATE; +import static android.view.View.GONE; +import static android.view.View.VISIBLE; +import static se.leap.bitmaskclient.R.string.advanced_settings; +import static se.leap.bitmaskclient.base.models.Constants.GATEWAY_PINNING; +import static se.leap.bitmaskclient.base.models.Constants.PREFER_UDP; +import static se.leap.bitmaskclient.base.models.Constants.SHARED_PREFERENCES; +import static se.leap.bitmaskclient.base.models.Constants.USE_BRIDGES; +import static se.leap.bitmaskclient.base.models.Constants.USE_IPv6_FIREWALL; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getPreferUDP; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getShowAlwaysOnDialog; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getUseBridges; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getUseSnowflake; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.hasSnowflakePrefs; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.preferUDP; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.useBridges; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.useSnowflake; +import static se.leap.bitmaskclient.base.utils.ViewHelper.setActionBarTitle; + +import android.app.AlertDialog; +import android.content.Context; import android.content.Intent; import android.content.SharedPreferences; import android.os.Build; import android.os.Bundle; +import android.text.TextUtils; import android.view.LayoutInflater; import android.view.View; import android.view.ViewGroup; +import android.widget.EditText; import android.widget.Toast; import androidx.annotation.NonNull; @@ -18,6 +41,7 @@ import androidx.fragment.app.FragmentTransaction; import java.util.Set; import de.blinkt.openvpn.core.VpnStatus; +import se.leap.bitmaskclient.BuildConfig; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.base.FragmentManagerEnhanced; import se.leap.bitmaskclient.base.MainActivity; @@ -28,24 +52,6 @@ import se.leap.bitmaskclient.base.views.IconTextEntry; import se.leap.bitmaskclient.eip.EipCommand; import se.leap.bitmaskclient.firewall.FirewallManager; -import static android.content.Context.MODE_PRIVATE; -import static android.view.View.GONE; -import static android.view.View.VISIBLE; -import static se.leap.bitmaskclient.R.string.advanced_settings; -import static se.leap.bitmaskclient.base.models.Constants.PREFER_UDP; -import static se.leap.bitmaskclient.base.models.Constants.SHARED_PREFERENCES; -import static se.leap.bitmaskclient.base.models.Constants.USE_BRIDGES; -import static se.leap.bitmaskclient.base.models.Constants.USE_IPv6_FIREWALL; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getPreferUDP; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getShowAlwaysOnDialog; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getUseBridges; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getUseSnowflake; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.hasSnowflakePrefs; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.preferUDP; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.useBridges; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.useSnowflake; -import static se.leap.bitmaskclient.base.utils.ViewHelper.setActionBarTitle; - public class SettingsFragment extends Fragment implements SharedPreferences.OnSharedPreferenceChangeListener { private FirewallManager firewallManager; @@ -74,6 +80,7 @@ public class SettingsFragment extends Fragment implements SharedPreferences.OnSh initUseSnowflakeEntry(view); initFirewallEntry(view); initTetheringEntry(view); + initGatewayPinningEntry(view); setActionBarTitle(this, advanced_settings); return view; } @@ -207,6 +214,41 @@ public class SettingsFragment extends Fragment implements SharedPreferences.OnSh }); } + private void initGatewayPinningEntry(View rootView) { + if (!BuildConfig.BUILD_TYPE.equals("debug")) { + return; + } + Context context = this.getContext(); + if (context == null) { + return; + } + IconTextEntry gatewayPinning = rootView.findViewById(R.id.gateway_pinning); + String pinnedGateway = PreferenceHelper.getPinnedGateway(rootView.getContext()); + gatewayPinning.setSubtitle(pinnedGateway != null ? pinnedGateway : "Connect to a specific Gateway for debugging purposes"); + + gatewayPinning.setOnClickListener(v -> { + EditText gatewayPinningEditText = new EditText(rootView.getContext()); + gatewayPinningEditText.setText(pinnedGateway); + new AlertDialog.Builder(context) + .setTitle("Gateway Pinning") + .setMessage("Enter the domain name of the gateway") + .setView(gatewayPinningEditText) + .setPositiveButton(android.R.string.ok, (dialogInterface, i) -> { + if (gatewayPinningEditText.getText() != null) { + String editTextInput = gatewayPinningEditText.getText().toString(); + if (!TextUtils.isEmpty(editTextInput)) { + PreferenceHelper.setPreferredCity(context, null); + PreferenceHelper.pinGateway(context, editTextInput); + } else { + PreferenceHelper.pinGateway(context, null); + } + } + }) + .setNegativeButton(android.R.string.cancel, null) + .create().show(); + }); + } + public void showTetheringAlert() { try { @@ -245,6 +287,8 @@ public class SettingsFragment extends Fragment implements SharedPreferences.OnSh initPreferUDPEntry(rootView); } else if (key.equals(USE_IPv6_FIREWALL)) { initFirewallEntry(getView()); + } if (key.equals(GATEWAY_PINNING)) { + initGatewayPinningEntry(rootView); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java b/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java index 86b438f8..bde909ba 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/models/Constants.java @@ -43,6 +43,7 @@ public interface Constants { String PREFERRED_CITY = "preferred_city"; String USE_SNOWFLAKE = "use_snowflake"; String PREFER_UDP = "prefer_UDP"; + String GATEWAY_PINNING = "gateway_pinning"; ////////////////////////////////////////////// diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java index 27943022..ca1261a8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java @@ -16,6 +16,8 @@ */ package se.leap.bitmaskclient.base.utils; +import static se.leap.bitmaskclient.base.models.Constants.DEFAULT_BITMASK; + import android.content.Context; import android.content.res.Resources; import android.os.Build; @@ -37,7 +39,6 @@ import java.security.KeyFactory; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -47,7 +48,6 @@ import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.util.ArrayList; import java.util.Calendar; -import java.util.Collection; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -55,20 +55,20 @@ import se.leap.bitmaskclient.BuildConfig; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.providersetup.ProviderAPI; -import static se.leap.bitmaskclient.base.models.Constants.DEFAULT_BITMASK; - /** * Stores constants, and implements auxiliary methods used across all Bitmask Android classes. * Wraps BuildConfigFields for to support easier unit testing * * @author parmegv * @author MeanderingCode + * @author cyberta */ public class ConfigHelper { final public static String NG_1024 = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; final public static BigInteger G = new BigInteger("2"); final public static Pattern IPv4_PATTERN = Pattern.compile("^(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])$"); + final public static Pattern PEM_CERTIFICATE_PATTERN = Pattern.compile("((-----BEGIN CERTIFICATE-----)([A-Za-z0-9+/=\\n]+)(-----END CERTIFICATE-----)+)"); public static boolean checkErroneousDownload(String downloadedString) { try { @@ -103,23 +103,26 @@ public class ConfigHelper { } public static ArrayList<X509Certificate> parseX509CertificatesFromString(String certificateString) { - Collection<? extends Certificate> certificates; + ArrayList<X509Certificate> certificates = new ArrayList<>(); CertificateFactory cf; try { cf = CertificateFactory.getInstance("X.509"); - certificateString = certificateString.replaceAll("-----BEGIN CERTIFICATE-----", "").trim().replaceAll("-----END CERTIFICATE-----", "").trim(); - byte[] certBytes = Base64.decode(certificateString); - try (InputStream caInput = new ByteArrayInputStream(certBytes)) { - certificates = cf.generateCertificates(caInput); - if (certificates != null) { - for (Certificate cert : certificates) { - System.out.println("ca=" + ((X509Certificate) cert).getSubjectDN()); - } - return (ArrayList<X509Certificate>) certificates; + Matcher matcher = PEM_CERTIFICATE_PATTERN.matcher(certificateString); + while (matcher.find()) { + String certificate = matcher.group(3); + if (certificate == null) continue; + byte[] certBytes = Base64.decode(certificate.trim()); + try (InputStream caInput = new ByteArrayInputStream(certBytes)) { + X509Certificate x509certificate = (X509Certificate) cf.generateCertificate(caInput); + certificates.add(x509certificate); + System.out.println("ca=" + x509certificate.getSubjectDN() + ", SAN= " + x509certificate.getSubjectAlternativeNames()); + } catch (IOException | CertificateException | NullPointerException | IllegalArgumentException | ClassCastException e) { + e.printStackTrace(); } } - } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException | ClassCastException e) { + return certificates; + } catch (CertificateException e) { e.printStackTrace(); } diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/PreferenceHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/PreferenceHelper.java index fe9100cb..08bfbdc3 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/utils/PreferenceHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/PreferenceHelper.java @@ -26,6 +26,7 @@ import static se.leap.bitmaskclient.base.models.Constants.ALLOW_TETHERING_WIFI; import static se.leap.bitmaskclient.base.models.Constants.ALWAYS_ON_SHOW_DIALOG; import static se.leap.bitmaskclient.base.models.Constants.DEFAULT_SHARED_PREFS_BATTERY_SAVER; import static se.leap.bitmaskclient.base.models.Constants.EXCLUDED_APPS; +import static se.leap.bitmaskclient.base.models.Constants.GATEWAY_PINNING; import static se.leap.bitmaskclient.base.models.Constants.LAST_UPDATE_CHECK; import static se.leap.bitmaskclient.base.models.Constants.LAST_USED_PROFILE; import static se.leap.bitmaskclient.base.models.Constants.PREFERRED_CITY; @@ -154,6 +155,14 @@ public class PreferenceHelper { putBoolean(context, PREFER_UDP, prefer); } + public static String getPinnedGateway(Context context) { + return getString(context, GATEWAY_PINNING, null); + } + + public static void pinGateway(Context context, String value) { + putString(context, GATEWAY_PINNING, value); + } + public static boolean getUseBridges(SharedPreferences preferences) { return preferences.getBoolean(USE_BRIDGES, false); } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java index 76ec9650..a11c7e34 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaysManager.java @@ -41,6 +41,7 @@ import de.blinkt.openvpn.core.ConfigParser; import de.blinkt.openvpn.core.VpnStatus; import de.blinkt.openvpn.core.connection.Connection; import de.blinkt.openvpn.core.connection.Connection.TransportType; +import se.leap.bitmaskclient.BuildConfig; import se.leap.bitmaskclient.base.models.Location; import se.leap.bitmaskclient.base.models.Provider; import se.leap.bitmaskclient.base.models.ProviderObservable; @@ -338,9 +339,11 @@ public class GatewaysManager { if (gateways.get(aux.getHost()) == null) { addGateway(aux); } - } catch (JSONException | ConfigParser.ConfigParseError | IOException e) { + } catch (JSONException | IOException e) { e.printStackTrace(); VpnStatus.logError("Unable to parse gateway config!"); + } catch (ConfigParser.ConfigParseError e) { + VpnStatus.logError("Unable to parse gateway config: " + e.getLocalizedMessage()); } } } catch (NullPointerException npe) { @@ -419,6 +422,9 @@ public class GatewaysManager { private void configureFromCurrentProvider() { Provider provider = ProviderObservable.getInstance().getCurrentProvider(); parseDefaultGateways(provider); + if (BuildConfig.BUILD_TYPE.equals("debug") && handleGatewayPinning()) { + return; + } if (hasSortedGatewaysWithLoad(provider)) { parseGatewaysWithLoad(provider); } else { @@ -427,5 +433,17 @@ public class GatewaysManager { } + private boolean handleGatewayPinning() { + String host = PreferenceHelper.getPinnedGateway(this.context); + if (host == null) { + return false; + } + Gateway gateway = gateways.get(host); + gateways.clear(); + if (gateway != null) { + gateways.put(host, gateway); + } + return true; + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java index d2603533..a869210e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnNotificationManager.java @@ -196,7 +196,8 @@ public class VpnNotificationManager { } public void cancelAll() { - compatNotificationManager.cancelAll(); + compatNotificationManager.cancel(OpenVPNService.NOTIFICATION_CHANNEL_NEWSTATUS_ID.hashCode()); + compatNotificationManager.cancel(VoidVpnService.NOTIFICATION_CHANNEL_NEWSTATUS_ID.hashCode()); } diff --git a/app/src/main/res/layout/f_settings.xml b/app/src/main/res/layout/f_settings.xml index 398d2c86..7b8733cd 100644 --- a/app/src/main/res/layout/f_settings.xml +++ b/app/src/main/res/layout/f_settings.xml @@ -105,5 +105,14 @@ app:icon="@drawable/ic_access_point_36" /> + <se.leap.bitmaskclient.base.views.IconTextEntry + android:id="@+id/gateway_pinning" + android:layout_width="match_parent" + android:layout_height="wrap_content" + app:text="Gateway pinning" + app:singleLine="false" + app:subtitle="Connect to a specific Gateway for debugging purposes" + /> + </LinearLayout> </ScrollView>
\ No newline at end of file diff --git a/app/src/main/res/values-ar/strings.xml b/app/src/main/res/values-ar/strings.xml index b1a5ace2..763e2f99 100644 --- a/app/src/main/res/values-ar/strings.xml +++ b/app/src/main/res/values-ar/strings.xml @@ -2,8 +2,10 @@ <resources> <string name="retry">حاول مجدداً</string> <string name="repository_url_text">كود المصدر متواجد هنا https://0xacab.org/leap/bitmask_android</string> - <string name="leap_tracker">متتبع الأعطال متوافر هنا https://0xacab.org/leap/bitmask_android/issues</string> - <string name="translation_project_text">يمكنك الترجمة؟ اطلع على مشروع الترجمة الخاص بنا عبر هذا الرابط https://www.transifex.com/projects/p/bitmask/</string> + <string name="leap_tracker">متتبع الأعطال متوافر هنا +https://0xacab.org/leap/bitmask_android/issues</string> + <string name="translation_project_text">يمكنك الترجمة؟ اطلع على مشروع الترجمة الخاص بنا عبر هذا الرابط +https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">بدّل مزود الخدمة</string> <string name="info">معلومات</string> <string name="show_connection_details">عرض تفاصيل الاتصال</string> diff --git a/app/src/main/res/values-de/strings.xml b/app/src/main/res/values-de/strings.xml index 070ad2ec..007cebdc 100644 --- a/app/src/main/res/values-de/strings.xml +++ b/app/src/main/res/values-de/strings.xml @@ -139,7 +139,7 @@ <string name="warning_no_more_gateways_use_pt">%s konnte sich nicht verbinden. Es kann sein, dass VPN Verkehr geblockt wird. Möchtest du versuchen, eine verschleierte Verbindung herzustellen?</string> <string name="warning_no_more_gateways_no_pt">%s konnte sich nicht verbinden. Möchtest du es noch einmal versuchen?</string> <string name="warning_no_more_gateways_use_ovpn">%s konnte keine verschleierte Verbindung herstellen. Möchtest du versuchen, eine normale VPN Verbindung herzustellen?</string> - <string name="warning_no_more_gateways_manual_gw_selection">%1$skonnte sich nicht mit %2$s verbinden. Möchtest du versuchen, dich automatisch mit dem besten Standort zu verbinden?</string> + <string name="warning_no_more_gateways_manual_gw_selection">%1$s konnte sich nicht mit %2$s verbinden. Möchtest du versuchen, dich automatisch mit dem besten Standort zu verbinden?</string> <string name="warning_option_try_best">Versuche besten Standort</string> <string name="warning_option_try_pt">Teste verschleierte Verbindung</string> <string name="warning_option_try_ovpn">Teste normale Verbindung</string> diff --git a/app/src/main/res/values-el/strings.xml b/app/src/main/res/values-el/strings.xml index e5d2e8da..0072c2e2 100644 --- a/app/src/main/res/values-el/strings.xml +++ b/app/src/main/res/values-el/strings.xml @@ -139,7 +139,7 @@ <string name="warning_no_more_gateways_use_pt">Το %s δεν μπόρεσε να συνδεθεί. Ίσως οι συνδέσεις VPN να μπλοκάρονται. Θέλετε να προσπαθήσετε να συνδεθείτε χρησιμοποιώντας καμουφλαρισμένες συνδέσεις;</string> <string name="warning_no_more_gateways_no_pt">Το %s δεν μπόρεσε να συνδεθεί. Θέλετε να προσπαθήσετε ξανά;</string> <string name="warning_no_more_gateways_use_ovpn">Το %s δεν μπόρεσε να συνδεθεί χρησιμοποιώντας καμουφλαρισμένες συνδέσεις VPN. Θέλετε να προσπαθήσετε να συνδεθείτε χρησιμοποιώντας ένα κανονικό VPN;</string> - <string name="warning_no_more_gateways_manual_gw_selection">Το %1$s δεν μπόρεσε να συνδεθεί στο %2$s. Θέλετε να προσπαθήσετε να συνδεθείτε αυτόματα με την καλύτερη τοποθεσία;</string> + <string name="warning_no_more_gateways_manual_gw_selection">Το %1$s δεν μπόρεσε να συνδεθεί στο %2$s. Θέλετε να δοκιμάσετε να συνδεθείτε αυτόματα με την καλύτερη τοποθεσία;</string> <string name="warning_option_try_best">Δοκιμή καλύτερης τοποθεσίας</string> <string name="warning_option_try_pt">Δοκιμή καμουφλαρισμένης σύνδεσης</string> <string name="warning_option_try_ovpn">Δοκιμή κανονικής σύνδεσης</string> diff --git a/app/src/main/res/values-es-rAR/strings.xml b/app/src/main/res/values-es-rAR/strings.xml index fbfbae6c..91391338 100644 --- a/app/src/main/res/values-es-rAR/strings.xml +++ b/app/src/main/res/values-es-rAR/strings.xml @@ -3,8 +3,7 @@ <string name="retry">Reintentar</string> <string name="repository_url_text">Código fuente disponible en https://0xacab.org/leap/bitmask_android</string> <string name="leap_tracker">Rastreador de dificultades disponible en https://0xacab.org/leap/bitmask_android/issues</string> - <string name="translation_project_text">Traducciones son bienvenidas y apreciadas. Mirá nuestro proyecto en Transifex en https://www.transifex.com/projects/p/bitmask/ -</string> + <string name="translation_project_text">Traducciones son bienvenidas y apreciadas. Mirá nuestro proyecto en Transifex en https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">Intercambiar proveedor</string> <string name="info">información</string> <string name="show_connection_details">Mostrar detalles de conexión</string> @@ -140,7 +139,7 @@ <string name="warning_no_more_gateways_use_pt">%s no se pudo conectar. Puede ser que las conexiones al VPN estén bloqueadas. ¿Querés intentar conectar usando conexiones ofuscadas?</string> <string name="warning_no_more_gateways_no_pt">%s no se pudo conectar. ¿Querés intentarlo de nuevo?</string> <string name="warning_no_more_gateways_use_ovpn">%s no se pudo conectar al VPN usando conexiones ofuscadas. ¿Querés intentar conectar usando VPN estándar? </string> - <string name="warning_no_more_gateways_manual_gw_selection">%1$s no pudo conectarse a %2$s. ¿Querés intentar conectarte automáticamente con la mejor ubicación?</string> + <string name="warning_no_more_gateways_manual_gw_selection">%1$s no pudo conectarse a %2$s. ¿Quieres intentar conectarte automáticamente con la mejor ubicación?</string> <string name="warning_option_try_best">Intentar la mejor ubicación</string> <string name="warning_option_try_pt">Probar conexión ofuscada</string> <string name="warning_option_try_ovpn">Probar conexión estándar</string> diff --git a/app/src/main/res/values-es/strings.xml b/app/src/main/res/values-es/strings.xml index 6757c302..6325635c 100644 --- a/app/src/main/res/values-es/strings.xml +++ b/app/src/main/res/values-es/strings.xml @@ -3,8 +3,7 @@ <string name="retry">Reintentar</string> <string name="repository_url_text">El código fuente está disponible en https://0xacab.org/leap/bitmask_android</string> <string name="leap_tracker">Rastreador de problemas disponible en https://0xacab.org/leap/bitmask_android/issues</string> - <string name="translation_project_text">Las traducciones son bienvenidas y apreciadas. Mira nuestro proyecto de Transifex en https://www.transifex.com/projects/p/bitmask/ -</string> + <string name="translation_project_text">Las traducciones son bienvenidas y apreciadas. Mira nuestro proyecto de Transifex en https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">Cambiar de proveedor</string> <string name="info">información</string> <string name="show_connection_details">Mostrar detalles de la conexión</string> diff --git a/app/src/main/res/values-fa-rIR/strings.xml b/app/src/main/res/values-fa-rIR/strings.xml index 53aeebaa..11fb272e 100644 --- a/app/src/main/res/values-fa-rIR/strings.xml +++ b/app/src/main/res/values-fa-rIR/strings.xml @@ -3,7 +3,8 @@ <string name="retry">تلاش دوباره</string> <string name="repository_url_text">منبع کد قابل دسترس در https://0xacab.org/leap/bitmask_android </string> <string name="leap_tracker">سامانهٔ پیگیری اشکالات قابل دسترس در https://0xacab.org/leap/bitmask_android/issues</string> - <string name="translation_project_text">از همکاری شما برای ترجمه استقبال میکنیم. پروژهٔ Transifex ما را در اینجا ببینید: https://www.transifex.com/projects/p/bitmask/</string> + <string name="translation_project_text">از همکاری شما برای ترجمه استقبال میکنیم. پروژهٔ Transifex ما را در اینجا ببینید: +https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">تعویض ارائهدهنده</string> <string name="info">اطلاعات</string> <string name="show_connection_details">نمایش جزئیات اتصال</string> diff --git a/app/src/main/res/values-fr/strings.xml b/app/src/main/res/values-fr/strings.xml index 51be1cda..e3bf6443 100644 --- a/app/src/main/res/values-fr/strings.xml +++ b/app/src/main/res/values-fr/strings.xml @@ -139,7 +139,7 @@ <string name="warning_no_more_gateways_use_pt">%s n’a pas pu se connecter. Les connexions RPV sont peut-être bloquées. Voulez-vous tenter de vous connecter en essayant des connexions brouillées ?</string> <string name="warning_no_more_gateways_no_pt">%s n’a pas pu se connecter. Voulez-vous réessayer ?</string> <string name="warning_no_more_gateways_use_ovpn">%s n’a pas pu se connecter en utilisant des connexions RPV brouillées. Voulez-vous tenter de vous connecter en essayant un RPV normal ?</string> - <string name="warning_no_more_gateways_manual_gw_selection">%1$s n’a pas réussi à se connecter à %2$s. Voulez-vous essayer de vous connecter automatiquement avec le meilleur emplacement ?</string> + <string name="warning_no_more_gateways_manual_gw_selection">%1$s n’a pas réussi à se connecter à %2$s. Voulez-vous essayer de vous connecter automatiquement au meilleur emplacement ?</string> <string name="warning_option_try_best">Essayer le meilleur emplacement</string> <string name="warning_option_try_pt">Essayer une connexion brouillée.</string> <string name="warning_option_try_ovpn">Essayer une connexion normal.</string> diff --git a/app/src/main/res/values-he/strings.xml b/app/src/main/res/values-he/strings.xml index 29661d5c..50c32b49 100644 --- a/app/src/main/res/values-he/strings.xml +++ b/app/src/main/res/values-he/strings.xml @@ -2,7 +2,8 @@ <resources> <string name="retry">נסה שוב</string> <string name="repository_url_text">קוד מקור זמין בכתובת https://0xacab.org/leap/bitmask_android</string> - <string name="leap_tracker">גשש סוגיות זמין בכתובת https://0xacab.org/leap/bitmask_android/issues</string> + <string name="leap_tracker">גשש סוגיות זמין בכתובת +https://0xacab.org/leap/bitmask_android/issues</string> <string name="translation_project_text">תרגומים מבורכים ומוערכים. ראה את מיזם Transifex שלנו בכתובת https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">החלף ספק</string> <string name="info">מידע</string> diff --git a/app/src/main/res/values-ja/strings.xml b/app/src/main/res/values-ja/strings.xml index 70d68878..015772ed 100644 --- a/app/src/main/res/values-ja/strings.xml +++ b/app/src/main/res/values-ja/strings.xml @@ -138,7 +138,7 @@ <string name="warning_no_more_gateways_use_pt">%sは接続できませんでした。 VPN接続がブロックされている可能性があります。難読化された接続を使用して接続を試みますか?</string> <string name="warning_no_more_gateways_no_pt">%s は接続できませんでした。 再試行しますか?</string> <string name="warning_no_more_gateways_use_ovpn">%s は難読化されたVPN接続を使用して接続できませんでした。標準VPNを使用して接続を試みますか?</string> - <string name="warning_no_more_gateways_manual_gw_selection">%1$sは%2$sへ接続できませんでした。最適な場所と自動的な接続を試みますか?</string> + <string name="warning_no_more_gateways_manual_gw_selection">%1$sは%2$sへ接続できませんでした。最適な場所へ自動的な接続を試みますか?</string> <string name="warning_option_try_best">最適な場所を試みる</string> <string name="warning_option_try_pt">難読化された接続を試みる</string> <string name="warning_option_try_ovpn">標準接続を試みる</string> @@ -155,6 +155,7 @@ <string name="version_update_error_permissions">アプリをインストールする権限がありません。</string> <string name="gateway_selection_title">場所を選択</string> <string name="gateway_selection_recommended_location">推奨の場所</string> + <string name="gateway_selection_recommended">推奨</string> <string name="gateway_selection_manually">手動で選択</string> <string name="gateway_selection_automatic_location">自動的に最適な接続を使用</string> <string name="gateway_selection_automatic">自動</string> @@ -162,19 +163,32 @@ <string name="tor_starting">検閲を回避するためにブリッジを起動中…</string> <string name="tor_stopping">ブリッジを停止</string> <string name="tor_started">検閲を回避するためにブリッジを使用</string> + <string name="log_conn_done_pt">pluggable transportへ接続しました</string> + <string name="log_conn_pt">pluggable transportへ接続中です</string> + <string name="log_conn_done">中継へ接続しました</string> + <string name="log_handshake">中継と接続をネゴシエート中です</string> + <string name="log_handshake_done">中継と接続をネゴシエートしました</string> <string name="log_onehop_create">暗号化されたディレクトリとの接続を確立中</string> <string name="log_loading_keys">認証局の署名を読込中</string> + <string name="log_requesting_descriptors">中継の記述子を尋ねています</string> + <string name="log_loading_descriptors">中継の記述子を読み込み中です</string> + <string name="log_ap_handshake_done">中継で回路を構築するネゴシエーションが終了しました</string> <string name="log_circuit_create">Tor サーキットを設置しています</string> <string name="log_done">実行中</string> <string name="hide">隠す</string> + <string name="error_network_connection">%sはインターネット接続がありません。WiFiとセルラーデータの設定を確認してください。</string> <string name="censorship_circumvention">検閲を回避</string> <string name="use_snowflake">Snowflake を使用</string> + <string name="snowflake_description">検閲から設定処理を保護する。</string> <string name="vpn_settings">VPN設定</string> <string name="prefer_udp">利用可能であればUDPを使用</string> <string name="prefer_udp_subtitle">UDPは高速になり、ストリーミングに好ましいですが、ネットワークのすべてには動作しません。</string> <string name="disabled_while_bridges_on">ブリッジ使用中に無効化されます。</string> + <string name="hint_bridges">現在選択できるのは、ブリッジをサポートしている場所のみです。</string> + <string name="option_disable_bridges">ブリッジを無効化</string> <string name="eip_state_insecure">接続は安全ではありません</string> <string name="connection_not_connected">あなたのインターネットプロバイダまたはローカルネットワークに情報が漏洩するかもしれません。</string> + <string name="eip_state_no_network">インターネットに接続できない状態です。インターネット接続が戻れば、自動的に接続します</string> <string name="eip_state_blocking">%1$sはすべてのインターネット転送をプロックしています。</string> <string name="disabled_while_udp_on">UDPがオンの間は無効化されます。</string> <string name="advanced_settings">詳細な設定</string> diff --git a/app/src/main/res/values-tr/strings.xml b/app/src/main/res/values-tr/strings.xml index 76750ae5..a918e666 100644 --- a/app/src/main/res/values-tr/strings.xml +++ b/app/src/main/res/values-tr/strings.xml @@ -139,7 +139,7 @@ <string name="warning_no_more_gateways_use_pt">%s bağlantı kuramadı. VPN bağlantıları engelleniyor olabilir. Karartılmış bağlantıları kullanarak bağlantı kurmayı denemek ister misiniz?</string> <string name="warning_no_more_gateways_no_pt">%s bağlantı kuramadı. Yeniden denemek ister misiniz?</string> <string name="warning_no_more_gateways_use_ovpn">%s karartılmış VPN bağlantılarını kullanarak bağlantı kuramadı. Standart VPN bağlantıları kullanarak bağlantı kurmayı denemek ister misiniz?</string> - <string name="warning_no_more_gateways_manual_gw_selection">%1$s ile %2$s bağlantısı kurulamadı. Bağlantı en iyi konumdan kurulmaya çalışılsın mı?</string> + <string name="warning_no_more_gateways_manual_gw_selection">%1$s ile %2$s bağlantısı kurulamadı. En iyi konum ile bağlantı kurulmaya çalışılsın mı?</string> <string name="warning_option_try_best">En iyi konum denensin</string> <string name="warning_option_try_pt">Karartılmış bağlantıyı dene</string> <string name="warning_option_try_ovpn">Standart bağlantıyı dene</string> diff --git a/app/src/main/res/values-ug/strings.xml b/app/src/main/res/values-ug/strings.xml index c4fddc77..746978f8 100644 --- a/app/src/main/res/values-ug/strings.xml +++ b/app/src/main/res/values-ug/strings.xml @@ -4,7 +4,7 @@ <string name="repository_url_text">ئەسلى كودى بۇ يەردە https://0xacab.org/leap/bitmask_android</string> <string name="leap_tracker">مەسىلە ئىز قوغلىغۇچى بۇ يەردە https://0xacab.org/leap/bitmask_android/issues</string> <string name="translation_project_text">تەرجىمىلەرنى قارشى ئالىمىز ۋە رەھمەت ئېيتىمىز. بىزنىڭ Transifex تۈرىمىزنى كۆرۈش ئۈچۈن بۇ يەرگە قاراڭ -https://www.transifex.com/projects/p/bitmask</string> +https://www.transifex.com/projects/p/bitmask/</string> <string name="switch_provider_menu_option">تەمىنلىگۈچىنى ئالماشتۇرۇش</string> <string name="info">ئۇچۇر</string> <string name="show_connection_details">باغلانمىنىڭ تەپسىلاتىنى كۆرسەت</string> diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java index 4bacd81a..0fd07858 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java @@ -156,7 +156,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "remote-cert-tls server\n" + "data-ciphers AES-128-CBC\n" + "cipher AES-128-CBC\n" + @@ -275,7 +275,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "remote-cert-tls server\n" + "data-ciphers AES-128-CBC\n" + "cipher AES-128-CBC\n" + @@ -393,7 +393,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "route 37.218.247.60 255.255.255.255 net_gateway\n"+ "remote-cert-tls server\n" + "data-ciphers AES-128-CBC\n" + @@ -513,7 +513,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "remote-cert-tls server\n" + "data-ciphers AES-128-CBC\n" + "cipher AES-128-CBC\n" + @@ -632,7 +632,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "remote-cert-tls server\n" + "data-ciphers AES-128-CBC\n" + "cipher AES-128-CBC\n" + @@ -751,7 +751,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "remote-cert-tls server\n" + "data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC\n" + "cipher AES-128-CBC\n" + @@ -872,7 +872,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "comp-lzo\n" + "nobind\n"+ "remote-cert-tls server\n" + @@ -997,7 +997,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "comp-lzo\n" + "nobind\n"+ "remote-cert-tls server\n" + @@ -1130,7 +1130,7 @@ public class VpnConfigGeneratorTest { "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + "-----END CERTIFICATE-----\n" + "</cert>\n" + - "crl-verify file missing in config profile\n" + + "# crl-verify file missing in config profile\n" + "comp-lzo\n" + "nobind\n"+ "remote-cert-tls server\n" + @@ -1149,6 +1149,133 @@ public class VpnConfigGeneratorTest { "rcvbuf 0 \n"; + String expectedVPNConfig_v4_ovpn_tcp_udp_new_ciphers = "# Config for OpenVPN 2.x\n" + + "# Enables connection to GUI\n" + + "management /data/data/se.leap.bitmask/mgmtsocket unix\n" + + "management-client\n" + + "management-query-passwords\n" + + "management-hold\n" + + "\n" + + "setenv IV_GUI_VER \"se.leap.bitmaskclient 0.9.10\" \n" + + "setenv IV_PLAT_VER \"0 null JUNIT null null null\"\n" + + "machine-readable-output\n" + + "allow-recursive-routing\n" + + "ifconfig-nowarn\n" + + "client\n" + + "verb 4\n" + + "connect-retry 2 300\n" + + "resolv-retry 60\n" + + "dev tun\n" + + "remote 2001:db8:123::1056 1195 tcp-client\n" + + "remote 37.218.247.60 1195 tcp-client\n" + + "remote 2001:db8:123::1056 1195 udp\n" + + "remote 37.218.247.60 1195 udp\n" + + "<ca>\n" + + "-----BEGIN CERTIFICATE-----\n" + + "MIIFbzCCA1egAwIBAgIBATANBgkqhkiG9w0BAQ0FADBKMRgwFgYDVQQDDA9CaXRt\n" + + "YXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAaBgNVBAsME2h0dHBzOi8v\n" + + "Yml0bWFzay5uZXQwHhcNMTIxMTA2MDAwMDAwWhcNMjIxMTA2MDAwMDAwWjBKMRgw\n" + + "FgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAaBgNV\n" + + "BAsME2h0dHBzOi8vYml0bWFzay5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\n" + + "ggIKAoICAQC1eV4YvayaU+maJbWrD4OHo3d7S1BtDlcvkIRS1Fw3iYDjsyDkZxai\n" + + "dHp4EUasfNQ+EVtXUvtk6170EmLco6Elg8SJBQ27trE6nielPRPCfX3fQzETRfvB\n" + + "7tNvGw4Jn2YKiYoMD79kkjgyZjkJ2r/bEHUSevmR09BRp86syHZerdNGpXYhcQ84\n" + + "CA1+V+603GFIHnrP+uQDdssW93rgDNYu+exT+Wj6STfnUkugyjmPRPjL7wh0tzy+\n" + + "znCeLl4xiV3g9sjPnc7r2EQKd5uaTe3j71sDPF92KRk0SSUndREz+B1+Dbe/RGk4\n" + + "MEqGFuOzrtsgEhPIX0hplhb0Tgz/rtug+yTT7oJjBa3u20AAOQ38/M99EfdeJvc4\n" + + "lPFF1XBBLh6X9UKF72an2NuANiX6XPySnJgZ7nZ09RiYZqVwu/qt3DfvLfhboq+0\n" + + "bQvLUPXrVDr70onv5UDjpmEA/cLmaIqqrduuTkFZOym65/PfAPvpGnt7crQj/Ibl\n" + + "DEDYZQmP7AS+6zBjoOzNjUGE5r40zWAR1RSi7zliXTu+yfsjXUIhUAWmYR6J3KxB\n" + + "lfsiHBQ+8dn9kC3YrUexWoOqBiqJOAJzZh5Y1tqgzfh+2nmHSB2dsQRs7rDRRlyy\n" + + "YMbkpzL9ZsOUO2eTP1mmar6YjCN+rggYjRrX71K2SpBG6b1zZxOG+wIDAQABo2Aw\n" + + "XjAdBgNVHQ4EFgQUuYGDLL2sswnYpHHvProt1JU+D48wDgYDVR0PAQH/BAQDAgIE\n" + + "MAwGA1UdEwQFMAMBAf8wHwYDVR0jBBgwFoAUuYGDLL2sswnYpHHvProt1JU+D48w\n" + + "DQYJKoZIhvcNAQENBQADggIBADeG67vaFcbITGpi51264kHPYPEWaXUa5XYbtmBl\n" + + "cXYyB6hY5hv/YNuVGJ1gWsDmdeXEyj0j2icGQjYdHRfwhrbEri+h1EZOm1cSBDuY\n" + + "k/P5+ctHyOXx8IE79DBsZ6IL61UKIaKhqZBfLGYcWu17DVV6+LT+AKtHhOrv3TSj\n" + + "RnAcKnCbKqXLhUPXpK0eTjPYS2zQGQGIhIy9sQXVXJJJsGrPgMxna1Xw2JikBOCG\n" + + "htD/JKwt6xBmNwktH0GI/LVtVgSp82Clbn9C4eZN9E5YbVYjLkIEDhpByeC71QhX\n" + + "EIQ0ZR56bFuJA/CwValBqV/G9gscTPQqd+iETp8yrFpAVHOW+YzSFbxjTEkBte1J\n" + + "aF0vmbqdMAWLk+LEFPQRptZh0B88igtx6tV5oVd+p5IVRM49poLhuPNJGPvMj99l\n" + + "mlZ4+AeRUnbOOeAEuvpLJbel4rhwFzmUiGoeTVoPZyMevWcVFq6BMkS+jRR2w0jK\n" + + "G6b0v5XDHlcFYPOgUrtsOBFJVwbutLvxdk6q37kIFnWCd8L3kmES5q4wjyFK47Co\n" + + "Ja8zlx64jmMZPg/t3wWqkZgXZ14qnbyG5/lGsj5CwVtfDljrhN0oCWK1FZaUmW3d\n" + + "69db12/g4f6phldhxiWuGC/W6fCW5kre7nmhshcltqAJJuU47iX+DarBFiIj816e\n" + + "yV8e\n" + + "-----END CERTIFICATE-----\n" + + "\n" + + "</ca>\n" + + "<key>\n" + + "-----BEGIN RSA PRIVATE KEY-----\n" + + "MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDUTYWeGgsHS+fjijmziniNqw6h\n" + + "MBpyK4S/cM6PxV28C33VuOWPTMcIYesctjZANWFCggfFTQSjV5Qaxq9UK4i27tayLbCdlVS6hpbl\n" + + "Vf4DuI3Gj1Pv1rtITBShtvCf3T7yBnjW4wVpOpsUAAOViKUSvUU3kPPMFWhiGQw8yHYr82ts6XMo\n" + + "jwMoonW5Ml4e7C7Cr22QesC63q7emNcpUd0pZGT9C33RgDAHZDMrlyjo4HEp1JbUfB0gbmXElJbE\n" + + "1TNdZ62HhgmMjzTUN1GGrQ1t91AEoEQwaK65o4YSj+yFv6KXZZz5OWaz94tKiN9v26EXtBFmRlyb\n" + + "6+D9ynSd9LghAgMBAAECggEBANPHLRXkhsHVj1EkzqBx7gXr8CEMmiTvknFh9zvltrZhhDoRQjWr\n" + + "chPDkcRHY2Cznvy4N0YyqQDD2ULIlZdSAgPxxothFoBruWSD47yMBmLx08ORsDpcqt/YvPAATJI8\n" + + "IpFNsXcyaXBp/M57oRemgnxp/8UJPJmFdWX99H4hvffh/jdj7POgYiWUaAl37XTYZKZ4nzKU2wpL\n" + + "EDLj9RKPz9gG7CYp2zrLC9LaAsrXVrKwPBw6g+XwbClaqFj97db3mrY4lr6mTo89qmus1AU+fBDH\n" + + "3Xlpmc8JwB+30TvhRNKrpLx9cEjuEj7K1gm8Y4dWCjPi+lNbtAyUBcgPJFa/81ECgYEA7pLoBU/Y\n" + + "ZYjyHFca8FvDBcBh6haHfqJr9doXWtgjDrbi3o2n5wHqfKhFWOH6vPEQozkOVeX1ze6HOiRmGBpW\n" + + "r+r7x8TD25L7I6HJw3M351RWOAfkF0w/RTVdetcTgduQtfN1u6BDhYSVceXMjyQYx7MhfETWI8Gh\n" + + "KSYm8OEDYiUCgYEA489fmbrCcUnXzpTsbswJ5NmSoEXbcX8cLxnQuzE0z9GHhQdrMjOpXR76reTW\n" + + "6jcuudarNcwRUYSWWhjCDKHhpx4HhasWPaHgr7jIzcRw8yZSJRSxKr8sl1qh6g7s47JcmfXOMWLt\n" + + "yuyE933XrT19Th4ODZHY40Uv35mPjMi9d00CgYEAyRNAQtndBRa7GG/B4Ls2T+6pl+aNJIo4e+no\n" + + "rURlp800wWabEPRocdBRQmyULBLxduBr2LIMzhgwGSz8b2wji/l9ZA3PFY135bxClVzSzUIjuO3N\n" + + "rGUzHl2wAAyuAFDSUshzfkPBJRNt8aVBF5PQ3t93ZYmPAmv8LPZe875yX5ECgYEAsUEcwK/ZNW7g\n" + + "dQPZR4iJNkC4Xu6cBZ6Cnn92swBheEYvLSoNlX0vDZ7aLE3/jzQqrjzC8NP8sbH5jtbuvgeDXZX3\n" + + "AmGRp5j6C6A61ihAPmEVz3ZfN8SSfJ3vl//PAIg6lyz0J+cy4Q7RkwSeuVQ72Hl4M8TEvmmKC3Af\n" + + "ispy6Y0CgYEAgl1o2lo+ACyk+oVQPaaPqK3d7WOBFp4eR2nXFor/vsx9igQOlZUgzRDQsR8jo1o9\n" + + "efOSBf87igrZGgssys89pWa2dnXnz5PMmzkKr6bw4D9Ez6u6Puc9UZhGw/8wDYg6fSosdB9utspm\n" + + "M698ycef7jBNMDgmhpSvfw5GctoNQ4s=\n" + + "-----END RSA PRIVATE KEY-----\n" + + "</key>\n" + + "<cert>\n" + + "-----BEGIN CERTIFICATE-----\n" + + "MIIEjDCCAnSgAwIBAgIQG6MBp/cd9DlY+7cdvp3R3jANBgkqhkiG9w0BAQsFADBmMRAwDgYDVQQK\n" + + "DAdCaXRtYXNrMRwwGgYDVQQLDBNodHRwczovL2JpdG1hc2submV0MTQwMgYDVQQDDCtCaXRtYXNr\n" + + "IFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTE0MTIwNTAwMDAwMFoXDTE1\n" + + "MDMwNTAwMDAwMFowLTErMCkGA1UEAwwiVU5MSU1JVEVEZDBwZDdkMzE4eTNtOHNkeXllaTFqYmZl\n" + + "eDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANRNhZ4aCwdL5+OKObOKeI2rDqEwGnIr\n" + + "hL9wzo/FXbwLfdW45Y9Mxwhh6xy2NkA1YUKCB8VNBKNXlBrGr1QriLbu1rItsJ2VVLqGluVV/gO4\n" + + "jcaPU+/Wu0hMFKG28J/dPvIGeNbjBWk6mxQAA5WIpRK9RTeQ88wVaGIZDDzIdivza2zpcyiPAyii\n" + + "dbkyXh7sLsKvbZB6wLrert6Y1ylR3SlkZP0LfdGAMAdkMyuXKOjgcSnUltR8HSBuZcSUlsTVM11n\n" + + "rYeGCYyPNNQ3UYatDW33UASgRDBorrmjhhKP7IW/opdlnPk5ZrP3i0qI32/boRe0EWZGXJvr4P3K\n" + + "dJ30uCECAwEAAaNvMG0wHQYDVR0OBBYEFK8bMVAM4GBB5sHptoIOAaIvlYueMAsGA1UdDwQEAwIH\n" + + "gDATBgNVHSUEDDAKBggrBgEFBQcDAjAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFId+E7bsWFsUWah9\n" + + "vZuPvZ7O+aJsMA0GCSqGSIb3DQEBCwUAA4ICAQAQOX81csVhvP422NKkZH7+g3npBpl+sEHedaGR\n" + + "xYPOu4HrA4TVF9h44sljRoRJyenGNdBZCXcLKHg889eePTf8Z5K3lTojp6hvwyA6tgxOMHT1kESW\n" + + "PfqnRw8mHfHJuE3g+4YNUMwggzwc/VZATdV/7M33sarVN9AUOHou9n9BizgCC+UnYlS+F2POumE3\n" + + "FbOhKo5uubI02MwBYlN2JVO2TBt1Q20w8wc6cU07Xi5Epp+1mkgFiOShkNtPcJmEyBWJhxDtSDOW\n" + + "2doqWYNqH2kq7B5R/kyyfcpFJqAnBTV7xs+C5rTS1mW7LpxfdCUMbYuLCpyxpO3A/DhAm8n47tUH\n" + + "lBtmo8Avdb8VdFpYiGBpB0o9kTFcsWFb2GkWFBduGfSEB8jUI7QtqhgZqocAKK/cweSRV8FwyUcn\n" + + "R0prRm3QEi9fbXqEddzjSY9y/lqWYzT7u+IOAQpKroeZ4wzgYperDNOUFuYk1rP7yuvjP2pV5rcN\n" + + "yPoBP60TPVWMRM4WJm6nTogAz2qBrFsf/XwT/ajzbsjT6HNB7QbRE+wkFkqspoXG5Agp7KQ8lW3L\n" + + "SKCDGOQJz7VIE85pD0tg7QEXBEw8oaRZtMjQ0Gvs25mxXAKka4wGasaWfYH6d0E+iKYcWn86V1rH\n" + + "K2ZoknT+Nno5jgjFuUR3fZseNizEfx7BteooKQ==\n" + + "-----END CERTIFICATE-----\n" + + "</cert>\n" + + "# crl-verify file missing in config profile\n" + + "nobind\n"+ + "remote-cert-tls server\n" + + "data-ciphers AES-256-GCM:AES-128-CBC\n" + + "cipher AES-256-GCM:AES-128-CBC\n" + + "auth SHA1\n" + + "float\n"+ + "persist-tun\n" + + "# persist-tun also enables pre resolving to avoid DNS resolve problem\n" + + "preresolve\n" + + "# Custom configuration options\n" + + "# You are on your on own here :)\n" + + "# These options found in the config file do not map to config settings:\n" + + "keepalive 10 30 \n" + + "tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:DHE-RSA-AES128-SHA \n" + + "sndbuf 0 \n" + + "rcvbuf 0 \n" + + "tls-version-min 1.2 \n"; + + @Before public void setUp() throws Exception { generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("general_configuration.json"))); @@ -1342,4 +1469,14 @@ public class VpnConfigGeneratorTest { assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v4_ovpn_multiport_tcpudp.trim())); } + @Test + public void testGenerateVpnProfile_testNewCiphers() throws Exception { + gateway = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/ptdemo_pt_tcp_udp_new_ciphers.eip-service.json"))).getJSONArray("gateways").getJSONObject(0); + generalConfig = new JSONObject(TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("v4/ptdemo_pt_tcp_udp_new_ciphers.eip-service.json"))).getJSONObject(OPENVPN_CONFIGURATION); + vpnConfigGenerator = new VpnConfigGenerator(generalConfig, secrets, gateway, 4, false); + HashMap<Connection.TransportType, VpnProfile> vpnProfiles = vpnConfigGenerator.generateVpnProfiles(); + System.out.println(vpnProfiles.get(OPENVPN).getConfigFile(context, false)); + assertTrue(vpnProfiles.get(OPENVPN).getConfigFile(context, false).trim().equals(expectedVPNConfig_v4_ovpn_tcp_udp_new_ciphers.trim())); + } + }
\ No newline at end of file diff --git a/app/src/test/resources/v4/ptdemo_pt_tcp_udp_new_ciphers.eip-service.json b/app/src/test/resources/v4/ptdemo_pt_tcp_udp_new_ciphers.eip-service.json new file mode 100644 index 00000000..10f5b4d3 --- /dev/null +++ b/app/src/test/resources/v4/ptdemo_pt_tcp_udp_new_ciphers.eip-service.json @@ -0,0 +1,66 @@ +{ + "gateways":[ + { + "capabilities":{ + "adblock":false, + "filter_dns":false, + "limited":false, + "transport":[ + { + "type":"obfs4", + "protocols":[ + "tcp" + ], + "ports":[ + "23049" + ], + "options": { + "cert": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "iatMode": "0" + } + }, + { + "type":"openvpn", + "protocols":[ + "tcp", + "udp" + ], + "ports":[ + "1195" + ] + } + ], + "user_ips":false + }, + "host":"pt.demo.bitmask.net", + "ip_address":"37.218.247.60", + "ip_address6":"2001:db8:123::1056", + "location":"Amsterdam" + } + ], + "locations":{ + "Amsterdam":{ + "country_code":"NL", + "hemisphere":"N", + "name":"Amsterdam", + "timezone":"-1" + } + }, + "openvpn_configuration":{ + "auth": "SHA1", + "cipher": "AES-256-GCM:AES-128-CBC", + "dev": "tun", + "float": "", + "keepalive": "10 30", + "key-direction": "1", + "nobind": true, + "persist-key": true, + "rcvbuf": "0", + "sndbuf": "0", + "tls-cipher": "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:DHE-RSA-AES128-SHA", + "tls-version-min": "1.2", + "verb": "3" + }, + "serial":4, + "version":4 +}
\ No newline at end of file |