Age | Commit message (Collapse) | Author |
|
|
|
|
|
If the user presses the back button and returns to leap_android, the app
will show login or logout button remembering if s/he was authenticated
or not.
This fixes bug #3467.
|
|
Copied again from http://android-developers.blogspot.de/2013/08/some-securerandom-thoughts.html
|
|
Solution copied from
http://android-developers.blogspot.de/2013/08/some-securerandom-thoughts.html
|
|
|
|
The dialog shows only an "OK" button to dismiss it, and the reason why
the download failed.
Right now, this dialog appears if a download is not successful. If it's
too intrusive, I can remove some cases. Let's try how it feels.
|
|
I still let one method to bypass hostname verifier, otherwise dev.bm
will not work.
I've reduced downloading functions to 3: download without CA, download
with commercial CA and download with provider CA.
I only download CA cert once, when the user selects the corresponding
provider. Each time a user switch provider, the cert is downloaded
(along with other json files).
|
|
|
|
|
|
We cannot add routes to an existing openvpn session because it makes openvpn reconnect.
|
|
|
|
The log shows all state commands, and notifies when bytecount values have not changed more than 3 times in a row.
|
|
The content of this commit should be removed from the final fix.
|
|
I do not change the company (se.leap).
All references within strings.xml point to "bitmask" instead of to "leap".
|
|
|
|
New provider button has been converted to an action item, shown at the
bottom of the screen.
|
|
I've also changed the way we notify that the password should have 8
characters at least, to make it consistent to the way we notify username
is required.
|
|
Logging in, it was returning a "Bad response from server" due to the malinterpretation of the received JSON. It was looking for a field named "m2", but it was "M2".
|
|
|
|
If there is an error while downloading CA cert on downloadJsonFiles, false is returned and progress dialog is dismissed.
|
|
They have been relocated to the corresponding classes.
|
|
|
|
|
|
I do not manually manage cookies anymore, letting HttpURLConnection
manage them via default CookieHandler (using
CookiePolicy.ACCEPT_ORIGINAL_SERVER).
|
|
SRP parameter A tries to be sent via HttpsURLConnection. Right now, we
have a problem with certificates because I'm not using provider CA cert
to get the response. I'm going to merge the branch with better method
names to download response using already existing code.
|
|
I send session_id cookie in the request for 1/cert, getting it from
LeapHttpClient directly.
|
|
|
|
I still let one method to bypass hostname verifier, otherwise dev.bm
will not work.
I've reduced downloading functions to 3: download without CA, download
with commercial CA and download with provider CA.
I only download CA cert once, when the user selects the corresponding
provider. Each time a user switch provider, the cert is downloaded
(along with other json files).
|
|
|
|
|
|
|
|
develop
|
|
into develop
|
|
|
|
|
|
We were checking if eip existed before adding it again, but that check
can be removed if we make a replace instead of an add.
|
|
Added a new catch block in all downloads methods.
|
|
|
|
We no longer use BundleExtras named as the action ProviderAPI is
intended to perform, but we standardise this name
(ProviderAPI.PARAMETERS), and use setAction to pass that action string.
|
|
New login dialog shows the original username, so that if the user failed
writing his/her password, s/he does not have to write again the
username.
|
|
Pressing back after entering Dashboard from notification bar, the user
goes back to home.
|
|
This fixes #3287
|
|
|
|
Clean erroneous copyright text (Consulted Arne)
ics-openvpn uses GPLv2+
|
|
If login is successful, dialog is dismissed and toast is showed.
If login is not successful and the user cancels the new login dialog
presented to him/her, then Dashboard is showed.
|
|
If the CA cert was correctly downloaded, we assume it can be used to
validate the string download.
If CA cert cannot validate that connection, then if the trust completely
checkbox was checked it will try with the other methods. If it was not
checked, a certificate error is shown (telling the user the
provider is not trusted).
|
|
Only if all downloading methods fail and the last one throws an
IOException, the certificate error message toast is shown.
|
|
I've also rearranged how we handle SSL errors. In first place, if the
user checked the "Trust completely" checkbox, leap_android tries to use
the CA cert pointed out by provider.json.
If that does not succeed, it uses an always-returning-true hostname
verifier (this was previously done before using CA cert).
|
|
|