From 4b916a189f2f88425ebf5d09bb6b7ba3568836e1 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 18 Feb 2021 12:28:27 +0100 Subject: add a lot of API related error logs to log screen --- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 7 +- .../providersetup/ProviderApiManagerBase.java | 91 +++++++++++++++++----- .../providersetup/connectivity/DnsResolver.java | 3 + .../providersetup/ProviderApiManager.java | 28 ++++--- 4 files changed, 97 insertions(+), 32 deletions(-) (limited to 'app/src') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index e5cf70be..66b7c6cf 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -352,11 +352,14 @@ public final class EIP extends JobIntentService implements Observer { void setErrorResult(Bundle result, String errorId, @StringRes int errorMessageId, Object... args) { JSONObject errorJson = new JSONObject(); try { + String errorMessage; if (args != null) { - errorJson.put(ERRORS, getResources().getString(errorMessageId, args)); + errorMessage = getResources().getString(errorMessageId, args); } else { - errorJson.put(ERRORS, getResources().getString(errorMessageId)); + errorMessage = getResources().getString(errorMessageId); } + VpnStatus.logWarning("[EIP] error: " + errorMessage); + errorJson.put(ERRORS, errorMessage); errorJson.put(ERRORID, errorId); } catch (JSONException e) { e.printStackTrace(); diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java index 8a0c8f02..c5dc6572 100644 --- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java +++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java @@ -52,17 +52,29 @@ import java.util.NoSuchElementException; import javax.net.ssl.SSLHandshakeException; import javax.net.ssl.SSLPeerUnverifiedException; +import de.blinkt.openvpn.core.VpnStatus; import okhttp3.OkHttpClient; +import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.base.models.Constants.CREDENTIAL_ERRORS; import se.leap.bitmaskclient.base.models.Provider; import se.leap.bitmaskclient.base.models.ProviderObservable; -import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.base.utils.ConfigHelper; import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; import se.leap.bitmaskclient.providersetup.models.LeapSRPSession; import se.leap.bitmaskclient.providersetup.models.SrpCredentials; import se.leap.bitmaskclient.providersetup.models.SrpRegistrationData; -import se.leap.bitmaskclient.base.utils.ConfigHelper; +import static se.leap.bitmaskclient.R.string.certificate_error; +import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; +import static se.leap.bitmaskclient.R.string.error_json_exception_user_message; +import static se.leap.bitmaskclient.R.string.error_no_such_algorithm_exception_user_message; +import static se.leap.bitmaskclient.R.string.malformed_url; +import static se.leap.bitmaskclient.R.string.server_unreachable_message; +import static se.leap.bitmaskclient.R.string.service_is_down_error; +import static se.leap.bitmaskclient.R.string.vpn_certificate_is_invalid; +import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; +import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; +import static se.leap.bitmaskclient.R.string.warning_expired_provider_cert; import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_PROVIDER_API_EVENT; import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_CODE; import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_KEY; @@ -76,6 +88,11 @@ import static se.leap.bitmaskclient.base.models.Provider.CA_CERT; import static se.leap.bitmaskclient.base.models.Provider.GEOIP_URL; import static se.leap.bitmaskclient.base.models.Provider.PROVIDER_API_IP; import static se.leap.bitmaskclient.base.models.Provider.PROVIDER_IP; +import static se.leap.bitmaskclient.base.utils.ConfigHelper.getFingerprintFromCertificate; +import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormattedString; +import static se.leap.bitmaskclient.base.utils.ConfigHelper.parseRsaKeyFromString; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.deleteProviderDetailsFromPreferences; +import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getFromPersistedProvider; import static se.leap.bitmaskclient.providersetup.ProviderAPI.BACKEND_ERROR_KEY; import static se.leap.bitmaskclient.providersetup.ProviderAPI.BACKEND_ERROR_MESSAGE; import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOADED_EIP_SERVICE; @@ -111,22 +128,6 @@ import static se.leap.bitmaskclient.providersetup.ProviderAPI.USER_MESSAGE; import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING; import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON; import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_INVALID_CERTIFICATE; -import static se.leap.bitmaskclient.R.string.certificate_error; -import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; -import static se.leap.bitmaskclient.R.string.error_json_exception_user_message; -import static se.leap.bitmaskclient.R.string.error_no_such_algorithm_exception_user_message; -import static se.leap.bitmaskclient.R.string.malformed_url; -import static se.leap.bitmaskclient.R.string.server_unreachable_message; -import static se.leap.bitmaskclient.R.string.service_is_down_error; -import static se.leap.bitmaskclient.R.string.vpn_certificate_is_invalid; -import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; -import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; -import static se.leap.bitmaskclient.R.string.warning_expired_provider_cert; -import static se.leap.bitmaskclient.base.utils.ConfigHelper.getFingerprintFromCertificate; -import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormattedString; -import static se.leap.bitmaskclient.base.utils.ConfigHelper.parseRsaKeyFromString; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.deleteProviderDetailsFromPreferences; -import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getFromPersistedProvider; /** * Implements the logic of the http api calls. The methods of this class needs to be called from @@ -494,6 +495,7 @@ public abstract class ProviderApiManagerBase { } else { broadcastEvent(resultCode, resultData); } + handleEventSummaryErrorLog(resultCode); } private void broadcastEvent(int resultCode , Bundle resultData) { @@ -504,6 +506,40 @@ public abstract class ProviderApiManagerBase { serviceCallback.broadcastEvent(intentUpdate); } + private void handleEventSummaryErrorLog(int resultCode) { + String event = null; + switch (resultCode) { + case FAILED_LOGIN: + event = "login."; + break; + case FAILED_SIGNUP: + event = "signup."; + break; + case SUCCESSFUL_LOGOUT: + event = "logout."; + break; + case INCORRECTLY_DOWNLOADED_VPN_CERTIFICATE: + event = "download of vpn certificate."; + break; + case PROVIDER_NOK: + event = "setup or update provider details."; + break; + case INCORRECTLY_DOWNLOADED_EIP_SERVICE: + event = "update eip-service.json"; + break; + case INCORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE: + event = "update invalid vpn certificate."; + break; + case INCORRECTLY_DOWNLOADED_GEOIP_JSON: + event = "download menshen service json."; + break; + default: + break; + } + if (event != null) { + VpnStatus.logWarning("[API] failed provider API event: " + event); + } + } /** * Validates parameters entered by the user to log in @@ -598,6 +634,7 @@ public abstract class ProviderApiManagerBase { } catch (NullPointerException | JSONException e) { e.printStackTrace(); responseJson = getErrorMessageAsJson(error_json_exception_user_message); + VpnStatus.logWarning("[API] got null response for request: " + url); } return responseJson; @@ -612,21 +649,29 @@ public abstract class ProviderApiManagerBase { } catch (NullPointerException npe) { plainResponseBody = formatErrorMessage(error_json_exception_user_message); + VpnStatus.logWarning("[API] Null response body for request " + url + ": " + npe.getLocalizedMessage()); } catch (UnknownHostException | SocketTimeoutException e) { plainResponseBody = formatErrorMessage(server_unreachable_message); + VpnStatus.logWarning("[API] UnknownHostException or SocketTimeoutException for request " + url + ": " + e.getLocalizedMessage()); } catch (MalformedURLException e) { plainResponseBody = formatErrorMessage(malformed_url); + VpnStatus.logWarning("[API] MalformedURLException for request " + url + ": " + e.getLocalizedMessage()); } catch (SSLHandshakeException | SSLPeerUnverifiedException e) { plainResponseBody = formatErrorMessage(certificate_error); + VpnStatus.logWarning("[API] SSLHandshakeException or SSLPeerUnverifiedException for request " + url + ": " + e.getLocalizedMessage()); } catch (ConnectException e) { plainResponseBody = formatErrorMessage(service_is_down_error); + VpnStatus.logWarning("[API] ConnectException for request " + url + ": " + e.getLocalizedMessage()); } catch (IllegalArgumentException e) { plainResponseBody = formatErrorMessage(error_no_such_algorithm_exception_user_message); + VpnStatus.logWarning("[API] IllegalArgumentException for request " + url + ": " + e.getLocalizedMessage()); } catch (UnknownServiceException e) { //unable to find acceptable protocols - tlsv1.2 not enabled? plainResponseBody = formatErrorMessage(error_no_such_algorithm_exception_user_message); + VpnStatus.logWarning("[API] UnknownServiceException for request " + url + ": " + e.getLocalizedMessage()); } catch (IOException e) { plainResponseBody = formatErrorMessage(error_io_exception_user_message); + VpnStatus.logWarning("[API] IOException for request " + url + ": " + e.getLocalizedMessage()); } return plainResponseBody; @@ -647,19 +692,26 @@ public abstract class ProviderApiManagerBase { return ProviderApiConnector.canConnect(okHttpClient, providerUrl); } catch (UnknownHostException | SocketTimeoutException e) { + VpnStatus.logWarning("[API] UnknownHostException or SocketTimeoutException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, server_unreachable_message, null); } catch (MalformedURLException e) { + VpnStatus.logWarning("[API] MalformedURLException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, malformed_url, null); } catch (SSLHandshakeException e) { + VpnStatus.logWarning("[API] SSLHandshakeException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, warning_corrupted_provider_cert, ERROR_INVALID_CERTIFICATE.toString()); } catch (ConnectException e) { + VpnStatus.logWarning("[API] ConnectException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, service_is_down_error, null); } catch (IllegalArgumentException e) { + VpnStatus.logWarning("[API] IllegalArgumentException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, error_no_such_algorithm_exception_user_message, null); } catch (UnknownServiceException e) { + VpnStatus.logWarning("[API] UnknownServiceException during connection check: " + e.getLocalizedMessage()); //unable to find acceptable protocols - tlsv1.2 not enabled? setErrorResult(result, error_no_such_algorithm_exception_user_message, null); } catch (IOException e) { + VpnStatus.logWarning("[API] IOException during connection check: " + e.getLocalizedMessage()); setErrorResult(result, error_io_exception_user_message, null); } return false; @@ -768,6 +820,7 @@ public abstract class ProviderApiManagerBase { String caCert = provider.getCaCert(); if (ConfigHelper.checkErroneousDownload(caCert)) { + VpnStatus.logWarning("[API] No provider cert."); return result; } @@ -802,6 +855,7 @@ public abstract class ProviderApiManagerBase { protected Bundle setErrorResult(Bundle result, String stringJsonErrorMessage) { String reasonToFail = pickErrorMessage(stringJsonErrorMessage); + VpnStatus.logWarning("[API] error: " + reasonToFail); result.putString(ERRORS, reasonToFail); result.putBoolean(BROADCAST_RESULT_KEY, false); return result; @@ -815,6 +869,7 @@ public abstract class ProviderApiManagerBase { } else { addErrorMessageToJson(errorJson, errorMessage); } + VpnStatus.logWarning("[API] error: " + errorMessage); result.putString(ERRORS, errorJson.toString()); result.putBoolean(BROADCAST_RESULT_KEY, false); return result; diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/DnsResolver.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/DnsResolver.java index c5100a67..5655e7b7 100644 --- a/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/DnsResolver.java +++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/DnsResolver.java @@ -7,6 +7,7 @@ import java.net.UnknownHostException; import java.util.ArrayList; import java.util.List; +import de.blinkt.openvpn.core.VpnStatus; import okhttp3.Dns; import se.leap.bitmaskclient.base.models.Provider; import se.leap.bitmaskclient.base.models.ProviderObservable; @@ -28,10 +29,12 @@ class DnsResolver implements Dns { } String ip = currentProvider.getIpForHostname(hostname); if (!ip.isEmpty()) { + VpnStatus.logWarning("[API] Normal DNS resolution for " + hostname + " seems to be blocked. Circumventing."); ArrayList addresses = new ArrayList<>(); addresses.add(InetAddress.getByAddress(hostname, IPAddress.asBytes(ip))); return addresses; } else { + VpnStatus.logWarning("[API] Could not resolve DNS for " + hostname); throw new UnknownHostException("Hostname " + hostname + " not found"); } } diff --git a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java index 592db085..61105318 100644 --- a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java +++ b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java @@ -34,25 +34,25 @@ import java.util.List; import de.blinkt.openvpn.core.VpnStatus; import okhttp3.OkHttpClient; import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.base.models.Provider; -import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; import se.leap.bitmaskclient.base.utils.ConfigHelper; +import se.leap.bitmaskclient.eip.EIP; +import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; import static android.text.TextUtils.isEmpty; -import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_KEY; -import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_KEY; -import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_VPN_CERTIFICATE; -import static se.leap.bitmaskclient.providersetup.ProviderAPI.ERRORS; -import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING; -import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON; import static se.leap.bitmaskclient.R.string.downloading_vpn_certificate_failed; import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; import static se.leap.bitmaskclient.R.string.malformed_url; import static se.leap.bitmaskclient.R.string.setup_error_text; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; +import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_KEY; +import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_KEY; +import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_VPN_CERTIFICATE; import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormattedString; +import static se.leap.bitmaskclient.providersetup.ProviderAPI.ERRORS; +import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING; +import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON; /** * Implements the logic of the provider api http requests. The methods of this class need to be called from @@ -88,6 +88,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { if (isEmpty(provider.getMainUrlString()) || provider.getMainUrl().isDefault()) { currentDownload.putBoolean(BROADCAST_RESULT_KEY, false); setErrorResult(currentDownload, malformed_url, null); + VpnStatus.logWarning("[API] MainURL String is not set. Cannot setup provider."); return currentDownload; } @@ -140,7 +141,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { } if (BuildConfig.DEBUG) { - VpnStatus.logDebug("PROVIDER JSON: " + providerDotJsonString); + VpnStatus.logDebug("[API] PROVIDER JSON: " + providerDotJsonString); } try { JSONObject providerJson = new JSONObject(providerDotJsonString); @@ -170,7 +171,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { eipServiceJsonString = downloadWithProviderCA(provider.getCaCert(), eipServiceUrl); JSONObject eipServiceJson = new JSONObject(eipServiceJsonString); if (BuildConfig.DEBUG) { - VpnStatus.logDebug("EIP SERVICE JSON: " + eipServiceJsonString); + VpnStatus.logDebug("[API] EIP SERVICE JSON: " + eipServiceJsonString); } if (eipServiceJson.has(ERRORS)) { setErrorResult(result, eipServiceJsonString); @@ -198,7 +199,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { String certString = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString()); if (BuildConfig.DEBUG) { - VpnStatus.logDebug("VPN CERT: " + certString); + VpnStatus.logDebug("[API] VPN CERT: " + certString); } if (ConfigHelper.checkErroneousDownload(certString)) { if (certString == null || certString.isEmpty()) { @@ -240,6 +241,9 @@ public class ProviderApiManager extends ProviderApiManagerBase { URL geoIpUrl = provider.getGeoipUrl().getUrl(); String geoipJsonString = downloadFromUrlWithProviderCA(geoIpUrl.toString(), provider); + if (BuildConfig.DEBUG) { + VpnStatus.logDebug("[API] MENSHEN JSON: " + geoipJsonString); + } JSONObject geoipJson = new JSONObject(geoipJsonString); if (geoipJson.has(ERRORS)) { @@ -269,7 +273,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { provider.setCaCert(certString); preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply(); if (BuildConfig.DEBUG) { - VpnStatus.logDebug("CA CERT: " + certString); + VpnStatus.logDebug("[API] CA CERT: " + certString); } result.putBoolean(BROADCAST_RESULT_KEY, true); } else { -- cgit v1.2.3 From f492851c35a621c8d23a86d7c9cd17a760f50915 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 18 Feb 2021 13:31:58 +0100 Subject: add logging in ProvderApiConnector, in order to see the failing requests --- .../se/leap/bitmaskclient/providersetup/ProviderApiConnector.java | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'app/src') diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiConnector.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiConnector.java index ba902566..c863abd4 100644 --- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiConnector.java +++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiConnector.java @@ -26,6 +26,7 @@ import java.util.List; import java.util.Locale; import java.util.Scanner; +import de.blinkt.openvpn.core.VpnStatus; import okhttp3.MediaType; import okhttp3.OkHttpClient; import okhttp3.Request; @@ -68,6 +69,9 @@ public class ProviderApiConnector { Request request = requestBuilder.build(); Response response = okHttpClient.newCall(request).execute(); + if (!response.isSuccessful()) { + VpnStatus.logWarning("[API] API request failed canConnect(): " + url); + } return response.isSuccessful(); } @@ -88,6 +92,9 @@ public class ProviderApiConnector { Request request = requestBuilder.build(); Response response = okHttpClient.newCall(request).execute(); + if (!response.isSuccessful()) { + VpnStatus.logWarning("[API] API request failed: " + url); + } InputStream inputStream = response.body().byteStream(); Scanner scanner = new Scanner(inputStream).useDelimiter("\\A"); if (scanner.hasNext()) { -- cgit v1.2.3 From e5d71c8dd60f10a5fcb9dbeab3158207932905e2 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Thu, 18 Feb 2021 14:15:41 +0100 Subject: add DEBUG_MODE api response logging to insecure build flavor, too --- .../providersetup/ProviderApiManager.java | 19 +++++++++++++++++++ .../providersetup/ProviderApiManager.java | 17 ++++++++--------- 2 files changed, 27 insertions(+), 9 deletions(-) (limited to 'app/src') diff --git a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java index a13f056f..833d1e48 100644 --- a/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java +++ b/app/src/insecure/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java @@ -19,6 +19,7 @@ package se.leap.bitmaskclient.providersetup; import android.content.SharedPreferences; import android.content.res.Resources; +import static se.leap.bitmaskclient.BuildConfig.DEBUG_MODE; import android.os.Bundle; import android.util.Pair; @@ -44,6 +45,7 @@ import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; +import de.blinkt.openvpn.core.VpnStatus; import okhttp3.OkHttpClient; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.base.models.Provider; @@ -104,6 +106,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { if (isEmpty(provider.getMainUrlString()) || provider.getMainUrl().isDefault()) { setErrorResult(currentDownload, malformed_url, null); currentDownload.putParcelable(PROVIDER_KEY, provider); + VpnStatus.logWarning("[API] MainURL String is not set. Cannot setup provider."); return currentDownload; } @@ -153,6 +156,10 @@ public class ProviderApiManager extends ProviderApiManagerBase { return result; } + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] PROVIDER JSON: " + providerDotJsonString); + } + try { JSONObject providerJson = new JSONObject(providerDotJsonString); @@ -183,6 +190,9 @@ public class ProviderApiManager extends ProviderApiManagerBase { JSONObject providerDefinition = provider.getDefinition(); String eipServiceUrl = providerDefinition.getString(Provider.API_URL) + "/" + providerDefinition.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH; eipServiceJsonString = downloadWithProviderCA(provider.getCaCert(), eipServiceUrl, lastDangerOn); + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] EIP SERVICE JSON: " + eipServiceJsonString); + } JSONObject eipServiceJson = new JSONObject(eipServiceJsonString); @@ -213,6 +223,9 @@ public class ProviderApiManager extends ProviderApiManagerBase { URL newCertStringUrl = new URL(provider.getApiUrlWithVersion() + "/" + PROVIDER_VPN_CERTIFICATE); String certString = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString(), lastDangerOn); + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] VPN CERT: " + certString); + } if (ConfigHelper.checkErroneousDownload(certString)) { if (certString == null || certString.isEmpty()) { // probably 204 @@ -252,6 +265,9 @@ public class ProviderApiManager extends ProviderApiManagerBase { URL geoIpUrl = provider.getGeoipUrl().getUrl(); String geoipJsonString = downloadFromUrlWithProviderCA(geoIpUrl.toString(), provider, lastDangerOn); + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] MENSHEN JSON: " + geoipJsonString); + } JSONObject geoipJson = new JSONObject(geoipJsonString); if (geoipJson.has(ERRORS)) { @@ -281,6 +297,9 @@ public class ProviderApiManager extends ProviderApiManagerBase { if (validCertificate(provider, certString)) { provider.setCaCert(certString); + if (DEBUG_MODE) { + VpnStatus.logDebug("[API] CA CERT: " + certString); + } preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply(); result.putBoolean(BROADCAST_RESULT_KEY, true); } else { diff --git a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java index 61105318..96d8ea69 100644 --- a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java +++ b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java @@ -22,8 +22,6 @@ import android.content.res.Resources; import android.os.Bundle; import android.util.Pair; -import androidx.multidex.BuildConfig; - import org.json.JSONException; import org.json.JSONObject; @@ -40,6 +38,7 @@ import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; import static android.text.TextUtils.isEmpty; +import static se.leap.bitmaskclient.BuildConfig.DEBUG_MODE; import static se.leap.bitmaskclient.R.string.downloading_vpn_certificate_failed; import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; import static se.leap.bitmaskclient.R.string.malformed_url; @@ -140,7 +139,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { return result; } - if (BuildConfig.DEBUG) { + if (DEBUG_MODE) { VpnStatus.logDebug("[API] PROVIDER JSON: " + providerDotJsonString); } try { @@ -169,10 +168,10 @@ public class ProviderApiManager extends ProviderApiManagerBase { try { String eipServiceUrl = provider.getApiUrlWithVersion() + "/" + EIP.SERVICE_API_PATH; eipServiceJsonString = downloadWithProviderCA(provider.getCaCert(), eipServiceUrl); - JSONObject eipServiceJson = new JSONObject(eipServiceJsonString); - if (BuildConfig.DEBUG) { + if (DEBUG_MODE) { VpnStatus.logDebug("[API] EIP SERVICE JSON: " + eipServiceJsonString); } + JSONObject eipServiceJson = new JSONObject(eipServiceJsonString); if (eipServiceJson.has(ERRORS)) { setErrorResult(result, eipServiceJsonString); } else { @@ -198,7 +197,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { URL newCertStringUrl = new URL(provider.getApiUrlWithVersion() + "/" + PROVIDER_VPN_CERTIFICATE); String certString = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString()); - if (BuildConfig.DEBUG) { + if (DEBUG_MODE) { VpnStatus.logDebug("[API] VPN CERT: " + certString); } if (ConfigHelper.checkErroneousDownload(certString)) { @@ -241,7 +240,7 @@ public class ProviderApiManager extends ProviderApiManagerBase { URL geoIpUrl = provider.getGeoipUrl().getUrl(); String geoipJsonString = downloadFromUrlWithProviderCA(geoIpUrl.toString(), provider); - if (BuildConfig.DEBUG) { + if (DEBUG_MODE) { VpnStatus.logDebug("[API] MENSHEN JSON: " + geoipJsonString); } JSONObject geoipJson = new JSONObject(geoipJsonString); @@ -271,10 +270,10 @@ public class ProviderApiManager extends ProviderApiManagerBase { if (validCertificate(provider, certString)) { provider.setCaCert(certString); - preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply(); - if (BuildConfig.DEBUG) { + if (DEBUG_MODE) { VpnStatus.logDebug("[API] CA CERT: " + certString); } + preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply(); result.putBoolean(BROADCAST_RESULT_KEY, true); } else { setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString()); -- cgit v1.2.3