From ee49de021bab8838ed44897f1046cb7d0f8f5921 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 16 Jun 2014 22:31:50 +0200 Subject: Check if there is an active gateway selected. The active gateway cannot be null. --- app/src/main/java/se/leap/bitmaskclient/EIP.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java index 59faf93f..a7a17e5f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java @@ -234,8 +234,9 @@ public final class EIP extends IntentService { * Intent to {@link se.leap.openvpn.LaunchVPN} */ private void startEIP() { - activeGateway = selectGateway(); + activeGateway = selectGateway(); + if(activeGateway != null && activeGateway.mVpnProfile != null) { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); @@ -245,6 +246,7 @@ public final class EIP extends IntentService { intent.putExtra(RECEIVER_TAG, mReceiver); startActivity(intent); mPending = ACTION_START_EIP; + } } /** -- cgit v1.2.3 From 55c7a76f27b04db8a05400882897f88f8436bfac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 17 Jun 2014 12:24:36 +0200 Subject: Progressbar can be null if there is no EIP service This happens when you've used a eip enabled provider, and then you switch to a non eip enabled one (e.g., choosing demo.bitmask.net and then switching to cdev.bitmask.net in their current configurations). I've also disabled the build task dependency on updating ics-openvpn. It's causing problems, while not fixing anything. --- app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 446ba1d9..299d89a4 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -221,7 +221,8 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe mEipStartPending = false; } else if ( level == ConnectionStatus.LEVEL_NONETWORK || level == ConnectionStatus.LEVEL_NOTCONNECTED || level == ConnectionStatus.LEVEL_AUTH_FAILED) { statusMessage = getString(R.string.eip_state_not_connected); - getActivity().findViewById(R.id.eipProgress).setVisibility(View.GONE); + if(getActivity() != null && getActivity().findViewById(R.id.eipProgress) != null) + getActivity().findViewById(R.id.eipProgress).setVisibility(View.GONE); mEipStartPending = false; switchState = false; } else if (level == ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) { -- cgit v1.2.3 From b762eed7b3f9117ec682fc6e44125934dddc8d41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 18 Jun 2014 20:35:58 +0200 Subject: provider.json is downloaded before ca.crt We don't assume ca.crt is in /ca.crt anymore, but fetch the complete url from provider.json. We also signup against users.json file instead of simple "users", which worked for *.bitmask.net domains. --- app/src/main/java/se/leap/bitmaskclient/Provider.java | 1 + 1 file changed, 1 insertion(+) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 216f4261..5326709f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -51,6 +51,7 @@ public final class Provider implements Serializable { SERVICE = "service", KEY = "provider", CA_CERT = "ca_cert", + CA_CERT_URI = "ca_cert_uri", NAME = "name", DESCRIPTION = "description", DOMAIN = "domain", -- cgit v1.2.3 From d0383a325d3ec81be8dc354cb806f74b8d047c23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 20 Jun 2014 00:35:08 +0200 Subject: Removed isRunning from OpenVpnService. We use the broadcasted eip status from ics-openvpn to know if we're connected or not. --- app/src/main/java/se/leap/bitmaskclient/EIP.java | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java index a7a17e5f..c439d6b7 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java @@ -142,7 +142,7 @@ public final class EIP extends IntentService { return bindService(bindIntent, mVpnServiceConn, BIND_AUTO_CREATE); } - private static ServiceConnection mVpnServiceConn = new ServiceConnection() { + private ServiceConnection mVpnServiceConn = new ServiceConnection() { @Override public void onServiceConnected(ComponentName name, IBinder service) { LocalBinder binder = (LocalBinder) service; @@ -151,7 +151,7 @@ public final class EIP extends IntentService { if (mReceiver != null && mPending != null) { - boolean running = mVpnService.isRunning(); + boolean running = isConnected(); int resultCode = Activity.RESULT_CANCELED; @@ -202,7 +202,7 @@ public final class EIP extends IntentService { Bundle resultData = new Bundle(); resultData.putString(REQUEST_TAG, ACTION_IS_EIP_RUNNING); int resultCode = Activity.RESULT_CANCELED; - boolean is_connected = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(STATUS, "").equalsIgnoreCase("LEVEL_CONNECTED"); + boolean is_connected = isConnected(); if (mBound) { resultCode = (is_connected) ? Activity.RESULT_OK : Activity.RESULT_CANCELED; @@ -228,6 +228,10 @@ public final class EIP extends IntentService { } } } + + private boolean isConnected() { + return getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE).getString(STATUS, "").equalsIgnoreCase("LEVEL_CONNECTED"); + } /** * Initiates an EIP connection by selecting a gateway and preparing and sending an -- cgit v1.2.3 From 93d5f11aed48eb822f02a9fede4a2819d053ad83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 20 Jun 2014 02:42:43 +0200 Subject: Removed setDefinition from ConfigParser. We now directly use the parseConfiguration method, translating the eip-service.json openvpn options to a string containing the corresponding openvpn config file lines. --- app/src/main/java/se/leap/bitmaskclient/EIP.java | 181 ++++++++++------------- 1 file changed, 79 insertions(+), 102 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java index c439d6b7..c340467c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java @@ -16,6 +16,8 @@ */ package se.leap.bitmaskclient; +import java.io.StringReader; +import java.io.IOException; import java.util.Calendar; import java.util.Collection; import java.util.HashMap; @@ -472,7 +474,6 @@ public final class EIP extends IntentService { } } - this.parseOptions(); this.createVPNProfile(); setUniqueProfileName(vpl); @@ -508,125 +509,101 @@ public final class EIP extends IntentService { } } - /** - * FIXME This method is really the outline of the refactoring needed in se.leap.openvpn.ConfigParser - */ - private void parseOptions(){ - - // FIXME move these to a common API (& version) definition place, like ProviderAPI or ConfigHelper - String common_options = "openvpn_configuration"; - String remote = "ip_address"; - String ports = "ports"; - String protos = "protocols"; - String capabilities = "capabilities"; - String location_key = "location"; - String locations = "locations"; - - Vector arg = new Vector(); - Vector> args = new Vector>(); + /** + * Parses data from eip-service.json to a section of the openvpn config file + */ + private StringReader configFromEipServiceDotJson() { + String parsed_configuration = ""; + + String common_options = "openvpn_configuration"; + String remote = "ip_address"; + String ports = "ports"; + String protos = "protocols"; + String capabilities = "capabilities"; + String location_key = "location"; + String locations = "locations"; + + Vector arg = new Vector(); + Vector> args = new Vector>(); - try { - JSONObject def = (JSONObject) eipDefinition.get(common_options); - Iterator keys = def.keys(); - Vector> value = new Vector>(); - while ( keys.hasNext() ){ - String key = keys.next().toString(); + try { + JSONObject openvpn_configuration = eipDefinition.getJSONObject(common_options); + Iterator keys = openvpn_configuration.keys(); + Vector> value = new Vector>(); + while ( keys.hasNext() ){ + String key = keys.next().toString(); - arg.add(key); - for ( String word : def.getString(key).split(" ") ) - arg.add(word); - value.add( (Vector) arg.clone() ); - options.put(key, (Vector>) value.clone()); - value.clear(); - arg.clear(); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - // We are always client, because the ifconfig will be received by a needed command - options.put("client", null); - - try { - arg.add(remote); - arg.add(mGateway.getString(remote)); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - args.add((Vector) arg.clone()); - options.put("remote", (Vector>) args.clone() ); - arg.clear(); - args.clear(); - - + parsed_configuration += key + " "; + for ( String word : openvpn_configuration.getString(key).split(" ") ) + parsed_configuration += word + " "; + parsed_configuration += System.getProperty("line.separator"); - // try { - // arg.add(location_key); - // String locationText = ""; - // locationText = eipDefinition.getJSONObject(locations).getJSONObject(mGateway.getString(location_key)).getString("name"); - // arg.add(locationText); - // Log.d(TAG, "location = " + locationText); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } - // } catch (JSONException e) { - // // TODO Auto-generated catch block - // e.printStackTrace(); - // } - // args.add((Vector) arg.clone()); - // options.put("location", (Vector>) args.clone() ); + parsed_configuration += "client" + System.getProperty("line.separator"); - // arg.clear(); - // args.clear(); - JSONArray protocolsJSON = null; - arg.add("proto"); - try { - protocolsJSON = mGateway.getJSONObject(capabilities).getJSONArray(protos); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - Vector protocols = new Vector(); - for ( int i=0; i) arg.clone()); - options.put("proto", (Vector>) args.clone()); - arg.clear(); - args.clear(); - - - String port = null; - arg.add("port"); - try { - port = mGateway.getJSONObject(capabilities).getJSONArray(ports).optString(0); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - arg.add(port); - args.add((Vector) arg.clone()); - options.put("port", (Vector>) args.clone()); - args.clear(); - arg.clear(); + try { + JSONArray protocolsJSON = mGateway.getJSONObject(capabilities).getJSONArray(protos); + String remote_line = "remote"; + for ( int i=0; i>) args.clone() ); + + // arg.clear(); + // args.clear(); + + Log.d("EIP", "parsed configuration"); + Log.d("EIP", parsed_configuration); + return new StringReader(parsed_configuration.trim()); + } + /** * Create and attach the VpnProfile to our gateway object */ protected void createVPNProfile(){ try { ConfigParser cp = new ConfigParser(); - cp.setDefinition(options); + cp.parseConfig(configFromEipServiceDotJson()); VpnProfile vp = cp.convertProfile(); mVpnProfile = vp; Log.v(TAG,"Created VPNProfile"); } catch (ConfigParseError e) { // FIXME We didn't get a VpnProfile! Error handling! and log level - Log.v(TAG,"Error createing VPNProfile"); + Log.v(TAG,"Error creating VPNProfile"); + e.printStackTrace(); + } catch (IOException e) { + // FIXME We didn't get a VpnProfile! Error handling! and log level + Log.v(TAG,"Error creating VPNProfile"); e.printStackTrace(); } } -- cgit v1.2.3 From a7408bea88dc5eedecaba0ef430e63c6cca9ec20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 20 Jun 2014 03:34:50 +0200 Subject: Removed the authentication bits from VpnProfile. Now we embed the openvpn cert, the corresponding ca cert and the user key directly from EIP, while creating a vpn profile. We leave VpnProfile untouched. --- app/src/main/java/se/leap/bitmaskclient/EIP.java | 69 +++++++++++++++++++++--- 1 file changed, 63 insertions(+), 6 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java index c340467c..21a573fe 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java @@ -14,7 +14,7 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ - package se.leap.bitmaskclient; +package se.leap.bitmaskclient; import java.io.StringReader; import java.io.IOException; @@ -33,6 +33,9 @@ import org.json.JSONException; import org.json.JSONObject; import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.Dashboard; +import se.leap.bitmaskclient.Provider; + import de.blinkt.openvpn.activities.DisconnectVPN; import de.blinkt.openvpn.core.ConfigParser; import de.blinkt.openvpn.core.ConfigParser.ConfigParseError; @@ -42,12 +45,14 @@ import de.blinkt.openvpn.core.OpenVpnService; import de.blinkt.openvpn.core.OpenVpnService.LocalBinder; import de.blinkt.openvpn.core.ProfileManager; import de.blinkt.openvpn.VpnProfile; + import android.app.Activity; import android.app.IntentService; import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.ServiceConnection; +import android.content.SharedPreferences; import android.drm.DrmStore.Action; import android.os.Bundle; import android.os.IBinder; @@ -62,6 +67,7 @@ import android.util.Log; * gateways, and controlling {@link de.blinkt.openvpn.core.OpenVpnService} connections. * * @author Sean Leonard + * @author Parménides GV */ public final class EIP extends IntentService { @@ -512,7 +518,7 @@ public final class EIP extends IntentService { /** * Parses data from eip-service.json to a section of the openvpn config file */ - private StringReader configFromEipServiceDotJson() { + private String configFromEipServiceDotJson() { String parsed_configuration = ""; String common_options = "openvpn_configuration"; @@ -582,19 +588,70 @@ public final class EIP extends IntentService { // arg.clear(); // args.clear(); - Log.d("EIP", "parsed configuration"); - Log.d("EIP", parsed_configuration); - return new StringReader(parsed_configuration.trim()); + return parsed_configuration; } + + + private String caSecretFromSharedPreferences() { + String secret_lines = ""; + SharedPreferences preferences = context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, context.MODE_PRIVATE); + System.getProperty("line.separator"); + secret_lines += ""; + secret_lines += System.getProperty("line.separator"); + secret_lines += preferences.getString(Provider.CA_CERT, ""); + secret_lines += System.getProperty("line.separator"); + secret_lines += ""; + + return secret_lines; + } + + private String keySecretFromSharedPreferences() { + String secret_lines = ""; + SharedPreferences preferences = context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, context.MODE_PRIVATE); + + secret_lines += System.getProperty("line.separator"); + secret_lines +=""; + secret_lines += System.getProperty("line.separator"); + secret_lines += preferences.getString(EIP.PRIVATE_KEY, ""); + secret_lines += System.getProperty("line.separator"); + secret_lines += ""; + secret_lines += System.getProperty("line.separator"); + + return secret_lines; + } + + private String certSecretFromSharedPreferences() { + String secret_lines = ""; + SharedPreferences preferences = context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, context.MODE_PRIVATE); + + secret_lines += System.getProperty("line.separator"); + secret_lines +=""; + secret_lines += System.getProperty("line.separator"); + secret_lines += preferences.getString(EIP.CERTIFICATE, ""); + secret_lines += System.getProperty("line.separator"); + secret_lines += ""; + secret_lines += System.getProperty("line.separator"); + + return secret_lines; + } + /** * Create and attach the VpnProfile to our gateway object */ protected void createVPNProfile(){ try { ConfigParser cp = new ConfigParser(); - cp.parseConfig(configFromEipServiceDotJson()); + Log.d(TAG, configFromEipServiceDotJson()); + Log.d(TAG, caSecretFromSharedPreferences()); + Log.d(TAG, keySecretFromSharedPreferences()); + Log.d(TAG, certSecretFromSharedPreferences()); + cp.parseConfig(new StringReader(configFromEipServiceDotJson())); + cp.parseConfig(new StringReader(caSecretFromSharedPreferences())); + cp.parseConfig(new StringReader(keySecretFromSharedPreferences())); + cp.parseConfig(new StringReader(certSecretFromSharedPreferences())); VpnProfile vp = cp.convertProfile(); + //vp.mAuthenticationType=VpnProfile.TYPE_STATICKEYS; mVpnProfile = vp; Log.v(TAG,"Created VPNProfile"); } catch (ConfigParseError e) { -- cgit v1.2.3 From 55e9c0c60b94c09f8321dccd2971b32d92ec72a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 24 Jun 2014 10:29:09 +0200 Subject: We don't predict future certificate. --- app/src/main/java/se/leap/bitmaskclient/Dashboard.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index f2763d84..66c305e6 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -507,9 +507,9 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eipStatus.setText(R.string.succesful_authentication_message); break; case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; - case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.future_authed_secured_status); break; + case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.future_anonymous_secured_status); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: break; case ProviderAPI.LOGOUT_FAILED: eipStatus.setText(R.string.log_out_failed_message); break; } } -- cgit v1.2.3 From b5c84602ebb9bf2f593d4352dfe51029f44731b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 25 Jun 2014 19:44:14 +0200 Subject: Show "Logged out." message. --- app/src/main/java/se/leap/bitmaskclient/Dashboard.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 66c305e6..cb451b86 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -496,7 +496,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.authed_secured_status); break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.anonymous_secured_status); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eipStatus.setText(R.string.log_out_failed_message); break; } @@ -509,7 +509,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: break; + case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eipStatus.setText(R.string.log_out_failed_message); break; } } -- cgit v1.2.3