From 1d5f1c320ee67cfadd62aeef056a043bee75096d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 5 Feb 2013 20:46:33 +0100 Subject: Simplified certificates and urls: only 1 certificate, and no :443 port in eip. Downloads certificate and eip from web, and loads provider from assets. KeyStore not created with latest version of BouncyCastle. Looking forward to file a bug and look for a solution. --- .classpath | 17 ++++----- AndroidManifest.xml | 3 ++ assets/providers/bitmask.net_eip-service.json | 42 ----------------------- assets/urls/bitmask.url | 5 +-- res/raw/leapkeystore.bks | Bin 2866 -> 1487 bytes src/se/leap/leapclient/ConfigHelper.java | 11 +++--- src/se/leap/leapclient/Dashboard.java | 5 +-- src/se/leap/leapclient/LeapHttpClient.java | 2 +- src/se/leap/leapclient/ProviderAPI.java | 21 ++++++++---- src/se/leap/leapclient/ProviderListActivity.java | 25 ++++++++++++-- src/se/leap/leapclient/ProviderListContent.java | 7 +++- 11 files changed, 68 insertions(+), 70 deletions(-) delete mode 100644 assets/providers/bitmask.net_eip-service.json diff --git a/.classpath b/.classpath index 3f9691c5..a5824471 100644 --- a/.classpath +++ b/.classpath @@ -1,8 +1,9 @@ - - - - - - - - + + + + + + + + + diff --git a/AndroidManifest.xml b/AndroidManifest.xml index 854a2972..48ccbda4 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -156,6 +156,9 @@ + + + diff --git a/assets/providers/bitmask.net_eip-service.json b/assets/providers/bitmask.net_eip-service.json deleted file mode 100644 index 6ac2fed6..00000000 --- a/assets/providers/bitmask.net_eip-service.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "clusters": [ - { - "label": { - "en": "Location Unknown" - }, - "name": "location_unknown" - } - ], - "gateways": [ - { - "capabilities": { - "adblock": false, - "filter_dns": true, - "ports": [ - "1194", - "443", - "53", - "80" - ], - "protocols": [ - "tcp", - "udp" - ], - "transport": [ - "openvpn" - ], - "user_ips": false - }, - "cluster": "location_unknown", - "host": "aligator.bitmask.net", - "ip_address": "176.53.69.121" - } - ], - "openvpn_configuration": { - "auth": "SHA1", - "cipher": "AES-128-CBC", - "tls-cipher": "DHE-RSA-AES128-SHA" - }, - "serial": 1, - "version": 1 -} \ No newline at end of file diff --git a/assets/urls/bitmask.url b/assets/urls/bitmask.url index 132e295d..f83ead86 100644 --- a/assets/urls/bitmask.url +++ b/assets/urls/bitmask.url @@ -1,6 +1,7 @@ { "name" : "bitmask", + "assets_json_provider" : "providers/bitmask.net_provider.json", "json_provider" : "https://bitmask.net/provider.json", - "cert" : "https://bitmask.net/1/cert", - "json_eip_service" : "https://api.bitmask.net:4430/1/config/eip-service.json" + "cert" : "https://bitmask.net/ca.crt", + "json_eip_service" : "https://api.bitmask.net/1/config/eip-service.json" } \ No newline at end of file diff --git a/res/raw/leapkeystore.bks b/res/raw/leapkeystore.bks index 56f6758b..2e853ac4 100644 Binary files a/res/raw/leapkeystore.bks and b/res/raw/leapkeystore.bks differ diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 9b857b0d..be848db0 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -10,20 +10,21 @@ public class ConfigHelper { final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String provider_key = "provider"; + final static String cert_key = "cert"; final static String eip_service_key = "eip"; - static void saveSharedPref(String shared_preferences_key, - JSONObject content) { - + static void saveSharedPref(String shared_preferences_key, JSONObject content) { + SharedPreferences.Editor shared_preferences_editor = ProviderListActivity.shared_preferences .edit(); shared_preferences_editor.putString(shared_preferences_key, content.toString()); shared_preferences_editor.commit(); - System.out.println("Shared preferences updated: " + System.out.println("Shared preferences updated: key = " + + shared_preferences_key + + " Content = " + ProviderListActivity.shared_preferences.getString( shared_preferences_key, "Default")); - } static void rescueJSONException(JSONException e) { diff --git a/src/se/leap/leapclient/Dashboard.java b/src/se/leap/leapclient/Dashboard.java index 7bb71c1e..02bc704c 100644 --- a/src/se/leap/leapclient/Dashboard.java +++ b/src/se/leap/leapclient/Dashboard.java @@ -37,9 +37,10 @@ public class Dashboard extends Activity { preferences = getPreferences(MODE_PRIVATE); // FIXME We need to StartActivityForResult and move the rest to buildDashboard (called in "else" and onActivityResult) - if ( !preferences.contains("provider") ) + if ( !preferences.contains("provider") ) { startActivity(new Intent(this, ProviderListActivity.class)); - + } + // Get our provider provider = Provider.getInstance(preferences); diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 41cb7879..9e1a541b 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -49,7 +49,7 @@ public class LeapHttpClient extends DefaultHttpClient { SSLSocketFactory sf = new SSLSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 - sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); + sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index d487ebe3..33f7fd74 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -5,6 +5,7 @@ import java.util.Scanner; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; +import org.apache.http.client.ClientProtocolException; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.DefaultHttpClient; import org.json.JSONException; @@ -28,35 +29,41 @@ public class ProviderAPI extends IntentService { Bundle task; System.out.println("onHandleIntent called"); if (!(task = task_for.getBundleExtra(ConfigHelper.downloadJsonFilesBundleExtra)).isEmpty()) { - String provider_json_url = (String) task.get(ConfigHelper.provider_key); + String cert_url = (String) task.get(ConfigHelper.cert_key); String eip_service_json_url = (String) task.get(ConfigHelper.eip_service_key); try { - JSONObject provider_json = getFromProvider(provider_json_url); - ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); - JSONObject eip_service_json = getFromProvider(eip_service_json_url); + String cert_string = getStringFromProvider(cert_url); + JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); + ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); + JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (JSONException e) { ConfigHelper.rescueJSONException(e); + } catch(Exception e) { + e.printStackTrace(); } } } - private JSONObject getFromProvider(String json_url) throws IOException, JSONException { + private String getStringFromProvider(String string_url) throws IOException { String json_file_content = ""; DefaultHttpClient client = new LeapHttpClient(getApplicationContext()); - HttpGet get = new HttpGet(json_url); + HttpGet get = new HttpGet(string_url); // Execute the GET call and obtain the response HttpResponse getResponse = client.execute(get); HttpEntity responseEntity = getResponse.getEntity(); json_file_content = new Scanner(responseEntity.getContent()).useDelimiter("\\A").next(); - + return json_file_content; + } + private JSONObject getJSONFromProvider(String json_url) throws IOException, JSONException { + String json_file_content = getStringFromProvider(json_url); return new JSONObject(json_file_content); } diff --git a/src/se/leap/leapclient/ProviderListActivity.java b/src/se/leap/leapclient/ProviderListActivity.java index 088b464d..808c12ce 100644 --- a/src/se/leap/leapclient/ProviderListActivity.java +++ b/src/se/leap/leapclient/ProviderListActivity.java @@ -1,9 +1,11 @@ package se.leap.leapclient; import java.io.BufferedInputStream; +import java.io.BufferedReader; import java.io.File; import java.io.IOException; import java.io.InputStream; +import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.MalformedURLException; import java.net.URL; @@ -11,6 +13,9 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.Scanner; +import org.json.JSONException; +import org.json.JSONObject; + import se.leap.leapclient.ProviderListContent; import se.leap.leapclient.ProviderListContent.ProviderItem; import android.app.DownloadManager; @@ -103,6 +108,7 @@ public class ProviderListActivity extends FragmentActivity if(current_provider_item.id.equalsIgnoreCase(id)) { try { + processAssetsFiles(current_provider_item); downloadJSONFiles(current_provider_item); } catch (IOException e) { // TODO Auto-generated catch block @@ -116,12 +122,27 @@ public class ProviderListActivity extends FragmentActivity } } + private void processAssetsFiles(ProviderItem current_provider_item) { + AssetManager assets_manager = getAssets(); + JSONObject provider_json = new JSONObject(); + try { + String provider_contents = new Scanner(new InputStreamReader(assets_manager.open(current_provider_item.provider_json_assets))).useDelimiter("\\A").next(); + provider_json = new JSONObject(provider_contents); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (JSONException e) { + ConfigHelper.rescueJSONException(e); + } + ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); + } + private void downloadJSONFiles(ProviderItem current_provider_item) throws IOException { Intent provider_API_command = new Intent(this, ProviderAPI.class); Bundle method_and_parameters = new Bundle(); - method_and_parameters.putString("provider", current_provider_item.provider_json_url); - method_and_parameters.putString("eip", current_provider_item.eip_service_json_url); + method_and_parameters.putString(ConfigHelper.cert_key, current_provider_item.cert_json_url); + method_and_parameters.putString(ConfigHelper.eip_service_key, current_provider_item.eip_service_json_url); provider_API_command.putExtra(ConfigHelper.downloadJsonFilesBundleExtra, method_and_parameters); diff --git a/src/se/leap/leapclient/ProviderListContent.java b/src/se/leap/leapclient/ProviderListContent.java index 1fe60159..bf8bfa87 100644 --- a/src/se/leap/leapclient/ProviderListContent.java +++ b/src/se/leap/leapclient/ProviderListContent.java @@ -39,14 +39,17 @@ public class ProviderListContent { public String id; public String name; public String provider_json_url; + public String provider_json_assets; public String eip_service_json_url; + public String cert_json_url; - public ProviderItem(String id, String name, String provider_json_url, String eip_service_json_url) { + public ProviderItem(String id, String name, String provider_json_url, String eip_service_json_url, String cert_json_url) { this.id = id; this.name = name; this.provider_json_url = provider_json_url; this.eip_service_json_url = eip_service_json_url; + this.cert_json_url = cert_json_url; } public ProviderItem(String name, InputStream urls_file_input_stream) { @@ -59,7 +62,9 @@ public class ProviderListContent { id = name; this.name = name; provider_json_url = (String) file_contents.get("json_provider"); + provider_json_assets = (String) file_contents.get("assets_json_provider"); eip_service_json_url = (String) file_contents.get("json_eip_service"); + cert_json_url = (String) file_contents.get("cert"); } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit v1.2.3