From 686efe7b8e53569102c05763209262d89e4689ca Mon Sep 17 00:00:00 2001 From: Colin Mahns Date: Sun, 2 Nov 2014 14:02:00 -0500 Subject: Typo fix --- app/src/main/res/values/strings.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 8c815786..350401d3 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -60,7 +60,7 @@ Signing up Logging out from this session. Logged out. - Didn\'t logged out. + Didn\'t log out. Authentication succeeded. Authentication failed. Your own cert has been correctly downloaded. -- cgit v1.2.3 From 261dc90595e583914161e5e9011f5f5dd4a9740c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 12 Nov 2014 01:30:09 +0100 Subject: eip package, EIP constants to interface. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 50 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 79 +--- .../leap/bitmaskclient/ProviderDetailFragment.java | 37 +- .../main/java/se/leap/bitmaskclient/Dashboard.java | 81 ++-- app/src/main/java/se/leap/bitmaskclient/EIP.java | 524 --------------------- .../se/leap/bitmaskclient/EipServiceFragment.java | 92 ++-- .../java/se/leap/bitmaskclient/OnBootReceiver.java | 7 +- .../se/leap/bitmaskclient/VoidVpnLauncher.java | 37 -- .../java/se/leap/bitmaskclient/VoidVpnService.java | 36 -- .../se/leap/bitmaskclient/VpnConfigGenerator.java | 146 ------ .../java/se/leap/bitmaskclient/eip/Constants.java | 50 ++ .../main/java/se/leap/bitmaskclient/eip/EIP.java | 486 +++++++++++++++++++ .../se/leap/bitmaskclient/eip/VoidVpnLauncher.java | 37 ++ .../se/leap/bitmaskclient/eip/VoidVpnService.java | 37 ++ .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 145 ++++++ .../se/leap/bitmaskclient/ConfigurationWizard.java | 50 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 77 +-- .../leap/bitmaskclient/ProviderDetailFragment.java | 37 +- 18 files changed, 929 insertions(+), 1079 deletions(-) delete mode 100644 app/src/main/java/se/leap/bitmaskclient/EIP.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/VoidVpnLauncher.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/VpnConfigGenerator.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/Constants.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/EIP.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 78fcda56..38084493 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -16,39 +16,17 @@ */ package se.leap.bitmaskclient; -import android.app.Activity; -import android.app.DialogFragment; -import android.app.Fragment; -import android.app.FragmentTransaction; -import android.content.BroadcastReceiver; -import android.content.Context; -import android.content.Intent; -import android.content.IntentFilter; -import android.content.SharedPreferences; +import android.app.*; +import android.content.*; import android.content.res.AssetManager; -import android.os.Bundle; -import android.os.Handler; +import android.os.*; import android.util.Log; -import android.view.Display; -import android.view.Menu; -import android.view.MenuItem; -import android.view.View.MeasureSpec; -import android.view.View; -import android.view.ViewGroup; -import android.view.WindowManager; -import android.widget.ListAdapter; -import android.widget.ListView; -import android.widget.ProgressBar; -import android.widget.ProgressBar; -import android.widget.RelativeLayout; -import android.widget.TextView; -import java.io.IOException; -import java.io.InputStream; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.Iterator; -import org.json.JSONException; -import org.json.JSONObject; +import android.view.*; +import android.widget.*; +import java.io.*; +import java.net.*; +import java.util.*; +import org.json.*; import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; @@ -56,7 +34,7 @@ import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import se.leap.bitmaskclient.FragmentManagerEnhanced; - +import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.R; /** @@ -166,7 +144,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(resultCode == ProviderAPI.PROVIDER_OK) { mConfigState.setAction(PROVIDER_SET); - if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){ + if (preferences.getBoolean(Constants.ALLOWED_ANON, false)){ mConfigState.putExtra(SERVICES_RETRIEVED, true); downloadAnonCert(); @@ -315,8 +293,8 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD int screenWidth = display.getWidth(); // deprecated int listViewWidth = screenWidth - 10 - 10; - int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth, - MeasureSpec.AT_MOST); + int widthSpec = View.MeasureSpec.makeMeasureSpec(listViewWidth, + View.MeasureSpec.AT_MOST); listItem.measure(widthSpec, 0); return listItem.getMeasuredHeight(); @@ -551,7 +529,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(provider_list_fragment != null && preferences.contains(ProviderItem.DANGER_ON)) { provider_list_fragment.removeLastItem(); } - preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); } @Override diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index 52645631..ddd36d7c 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -17,60 +17,23 @@ package se.leap.bitmaskclient; import android.app.IntentService; -import android.content.Intent; -import android.content.SharedPreferences; -import android.os.Bundle; -import android.os.ResultReceiver; -import android.util.Base64; -import android.util.Log; -import java.io.DataOutputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; +import android.content.*; +import android.os.*; +import android.util.*; +import java.io.*; import java.math.BigInteger; -import java.net.ConnectException; -import java.net.CookieHandler; -import java.net.CookieManager; -import java.net.CookiePolicy; -import java.net.MalformedURLException; -import java.net.SocketTimeoutException; -import java.net.URISyntaxException; -import java.net.URL; -import java.net.URLConnection; -import java.net.URLEncoder; -import java.net.UnknownHostException; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; +import java.net.*; +import java.security.*; +import java.security.cert.*; import java.security.interfaces.RSAPrivateKey; -import java.util.Calendar; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; -import java.util.Scanner; -import java.util.NoSuchElementException; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLHandshakeException; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; +import java.util.*; +import javax.net.ssl.*; import org.apache.http.client.ClientProtocolException; -import org.json.JSONException; -import org.json.JSONObject; +import org.json.*; + import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import se.leap.bitmaskclient.R; - +import se.leap.bitmaskclient.eip.*; /** * Implements HTTP api methods used to manage communications with the provider server. @@ -629,8 +592,8 @@ public class ProviderAPI extends IntentService { //TODO setProviderName(name); preferences.edit().putString(Provider.KEY, provider_json.toString()).commit(); - preferences.edit().putBoolean(EIP.ALLOWED_ANON, provider_json.getJSONObject(Provider.SERVICE).getBoolean(EIP.ALLOWED_ANON)).commit(); - preferences.edit().putBoolean(EIP.ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(EIP.ALLOWED_REGISTERED)).commit(); + preferences.edit().putBoolean(Constants.ALLOWED_ANON, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_ANON)).commit(); + preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_REGISTERED)).commit(); result.putBoolean(RESULT_KEY, true); } catch (JSONException e) { @@ -654,7 +617,7 @@ public class ProviderAPI extends IntentService { JSONObject eip_service_json = new JSONObject(eip_service_json_string); eip_service_json.getInt(Provider.API_RETURN_SERIAL); - preferences.edit().putString(EIP.KEY, eip_service_json.toString()).commit(); + preferences.edit().putString(Constants.KEY, eip_service_json.toString()).commit(); result.putBoolean(RESULT_KEY, true); } catch (JSONException e) { @@ -903,7 +866,7 @@ public class ProviderAPI extends IntentService { getNewCert(); Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); + updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); return true; @@ -919,7 +882,7 @@ public class ProviderAPI extends IntentService { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); String provider_main_url = provider_json.getString(Provider.API_URL); - URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE); + URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + Constants.CERTIFICATE); boolean danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); @@ -956,12 +919,14 @@ public class ProviderAPI extends IntentService { } RSAPrivateKey keyCert = ConfigHelper.parseRsaKeyFromString(keyString); keyString = Base64.encodeToString( keyCert.getEncoded(), Base64.DEFAULT ); - preferences.edit().putString(EIP.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); + preferences.edit().putString(Constants.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString); certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT); - preferences.edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); - preferences.edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); + + preferences.edit().putString(Constants.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); + preferences.edit().putString(Constants.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); + return true; } catch (CertificateException e) { // TODO Auto-generated catch block diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java index 3ca003a0..d6f482ca 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java @@ -1,22 +1,17 @@ -package se.leap.bitmaskclient; - -import org.json.JSONException; -import org.json.JSONObject; - -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; - -import android.app.Activity; -import android.app.AlertDialog; -import android.app.Dialog; -import android.app.DialogFragment; -import android.content.DialogInterface; -import android.content.SharedPreferences; -import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.widget.TextView; - +package se.leap.bitmaskclient; + +import org.json.*; + +import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.eip.Constants; +import se.leap.bitmaskclient.ProviderListContent.ProviderItem; + +import android.app.*; +import android.content.*; +import android.os.Bundle; +import android.view.*; +import android.widget.TextView; + public class ProviderDetailFragment extends DialogFragment { final public static String TAG = "providerDetailFragment"; @@ -66,7 +61,7 @@ public class ProviderDetailFragment extends DialogFragment { private boolean anon_allowed(JSONObject provider_json) { try { JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); - return service_description.has(EIP.ALLOWED_ANON) && service_description.getBoolean(EIP.ALLOWED_ANON); + return service_description.has(Constants.ALLOWED_ANON) && service_description.getBoolean(Constants.ALLOWED_ANON); } catch (JSONException e) { return false; } @@ -85,7 +80,7 @@ public class ProviderDetailFragment extends DialogFragment { public void onCancel(DialogInterface dialog) { super.onCancel(dialog); SharedPreferences.Editor editor = getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).edit(); - editor.remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + editor.remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); interface_with_configuration_wizard.showAllProviders(); } diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 364a79af..473cd5ec 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -14,38 +14,21 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ - package se.leap.bitmaskclient; +package se.leap.bitmaskclient; -import org.json.JSONException; -import org.json.JSONObject; - -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; -import se.leap.bitmaskclient.FragmentManagerEnhanced; -import se.leap.bitmaskclient.SignUpDialog; +import se.leap.bitmaskclient.*; +import se.leap.bitmaskclient.eip.*; import de.blinkt.openvpn.activities.LogWindow; -import android.app.Activity; -import android.app.AlertDialog; -import android.app.DialogFragment; -import android.app.FragmentTransaction; -import android.content.Context; -import android.content.DialogInterface; -import android.content.Intent; -import android.content.SharedPreferences; +import android.app.*; +import android.content.*; import android.content.pm.PackageManager.NameNotFoundException; -import android.os.Bundle; -import android.os.Handler; -import android.os.ResultReceiver; +import android.os.*; import android.util.Log; -import android.view.Menu; -import android.view.MenuItem; -import android.view.View; -import android.view.ViewGroup; -import android.widget.ProgressBar; -import android.widget.TextView; -import android.widget.Toast; +import android.view.*; +import android.widget.*; +import org.json.*; /** * The main user facing Activity of LEAP Android, consisting of status, controls, @@ -54,7 +37,7 @@ import android.widget.Toast; * @author Sean Leonard * @author parmegv */ -public class Dashboard extends Activity implements LogInDialog.LogInDialogInterface, SignUpDialog.SignUpDialogInterface, Receiver { +public class Dashboard extends Activity implements LogInDialog.LogInDialogInterface, SignUpDialog.SignUpDialogInterface, ProviderAPIResultReceiver.Receiver { protected static final int CONFIGURE_LEAP = 0; protected static final int SWITCH_PROVIDER = 1; @@ -95,7 +78,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - authed_eip = preferences.getBoolean(EIP.AUTHED_EIP, false); + authed_eip = preferences.getBoolean(Constants.AUTHED_EIP, false); if (preferences.getString(Provider.KEY, "").isEmpty()) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else @@ -113,9 +96,9 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf switch(versionCode) { case 91: // 0.6.0 without Bug #5999 case 101: // 0.8.0 - if(!preferences.getString(EIP.KEY, "").isEmpty()) { + if(!preferences.getString(Constants.KEY, "").isEmpty()) { Intent rebuildVpnProfiles = new Intent(getApplicationContext(), EIP.class); - rebuildVpnProfiles.setAction(EIP.ACTION_REBUILD_PROFILES); + rebuildVpnProfiles.setAction(Constants.ACTION_REBUILD_PROFILES); startService(rebuildVpnProfiles); } break; @@ -139,23 +122,21 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { if ( resultCode == RESULT_OK ){ - preferences.edit().putInt(EIP.PARSED_SERIAL, 0).commit(); - preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); - + preferences.edit().putInt(Constants.PARSED_SERIAL, 0).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); + updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); - buildDashboard(false); invalidateOptionsMenu(); if(data != null && data.hasExtra(LogInDialog.TAG)) { View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); logInDialog(Bundle.EMPTY); } - } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { - finish(); - } else - configErrorDialog(); + } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { + finish(); + } else + configErrorDialog(); } } @@ -227,7 +208,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); boolean authed_eip = !LeapSRPSession.getToken().isEmpty(); boolean allow_registered_eip = service_description.getBoolean(Provider.ALLOW_REGISTRATION); - preferences.edit().putBoolean(EIP.ALLOWED_REGISTERED, allow_registered_eip); + preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, allow_registered_eip); if(allow_registered_eip) { if(authed_eip) { @@ -268,7 +249,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf return true; case R.id.switch_provider: if (Provider.getInstance().hasEIP()){ - if (preferences.getBoolean(EIP.AUTHED_EIP, false)){ + if (preferences.getBoolean(Constants.AUTHED_EIP, false)){ logOut(); } eipStop(); @@ -426,7 +407,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf invalidateOptionsMenu(); authed_eip = true; - preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); downloadAuthedUserCertificate(); } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { @@ -441,7 +422,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf invalidateOptionsMenu(); authed_eip = false; - preferences.edit().putBoolean(EIP.AUTHED_EIP, authed_eip).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); } else if(resultCode == ProviderAPI.LOGOUT_FAILED) { changeStatusMessage(resultCode); @@ -457,7 +438,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf ResultReceiver eip_receiver = new ResultReceiver(new Handler()){ protected void onReceiveResult(int resultCode, Bundle resultData){ super.onReceiveResult(resultCode, resultData); - String request = resultData.getString(EIP.REQUEST_TAG); + String request = resultData.getString(Constants.REQUEST_TAG); if (resultCode == Activity.RESULT_OK){ if(authed_eip) eipStart(); @@ -466,8 +447,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } } }; - updateEIP.putExtra(EIP.RECEIVER_TAG, eip_receiver); - updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); + updateEIP.putExtra(Constants.RECEIVER_TAG, eip_receiver); + updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { changeStatusMessage(resultCode); @@ -481,9 +462,9 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf ResultReceiver eip_status_receiver = new ResultReceiver(new Handler()){ protected void onReceiveResult(int resultCode, Bundle resultData){ super.onReceiveResult(resultCode, resultData); - String request = resultData.getString(EIP.REQUEST_TAG); + String request = resultData.getString(Constants.REQUEST_TAG); if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); - if (request.equalsIgnoreCase(EIP.ACTION_IS_EIP_RUNNING)){ + if (request.equalsIgnoreCase(Constants.ACTION_IS_EIP_RUNNING)){ if (resultCode == Activity.RESULT_OK){ switch(previous_result_code){ @@ -544,8 +525,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private void eipIsRunning(ResultReceiver eip_receiver){ // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? Intent eip_intent = new Intent(this, EIP.class); - eip_intent.setAction(EIP.ACTION_IS_EIP_RUNNING); - eip_intent.putExtra(EIP.RECEIVER_TAG, eip_receiver); + eip_intent.setAction(Constants.ACTION_IS_EIP_RUNNING); + eip_intent.putExtra(Constants.RECEIVER_TAG, eip_receiver); startService(eip_intent); } diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java deleted file mode 100644 index 2f06def3..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/EIP.java +++ /dev/null @@ -1,524 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.IntentService; -import android.content.Context; -import android.content.Intent; -import android.content.SharedPreferences; -import android.os.Bundle; -import android.os.ResultReceiver; -import android.util.Log; -import de.blinkt.openvpn.LaunchVPN; -import de.blinkt.openvpn.VpnProfile; -import de.blinkt.openvpn.activities.DisconnectVPN; -import de.blinkt.openvpn.core.ConfigParser; -import de.blinkt.openvpn.core.ConfigParser.ConfigParseError; -import de.blinkt.openvpn.core.ProfileManager; -import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus; -import java.io.IOException; -import java.io.StringReader; -import java.security.cert.CertificateExpiredException; -import java.security.cert.CertificateNotYetValidException; -import java.security.cert.X509Certificate; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.Calendar; -import java.util.Collection; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Locale; -import java.util.NoSuchElementException; -import java.util.Set; -import java.util.TreeMap; -import java.util.Vector; -import org.json.JSONArray; -import org.json.JSONException; -import org.json.JSONObject; -import se.leap.bitmaskclient.Dashboard; -import se.leap.bitmaskclient.Provider; -import se.leap.bitmaskclient.R; - -/** - * EIP is the abstract base class for interacting with and managing the Encrypted - * Internet Proxy connection. Connections are started, stopped, and queried through - * this IntentService. - * Contains logic for parsing eip-service.json from the provider, configuring and selecting - * gateways, and controlling {@link de.blinkt.openvpn.core.OpenVPNService} connections. - * - * @author Sean Leonard - * @author Parménides GV - */ -public final class EIP extends IntentService { - - public final static String AUTHED_EIP = "authed eip"; - public final static String ACTION_CHECK_CERT_VALIDITY = "se.leap.bitmaskclient.CHECK_CERT_VALIDITY"; - public final static String ACTION_START_EIP = "se.leap.bitmaskclient.START_EIP"; - public final static String ACTION_STOP_EIP = "se.leap.bitmaskclient.STOP_EIP"; - public final static String ACTION_UPDATE_EIP_SERVICE = "se.leap.bitmaskclient.UPDATE_EIP_SERVICE"; - public final static String ACTION_IS_EIP_RUNNING = "se.leap.bitmaskclient.IS_RUNNING"; - public final static String ACTION_REBUILD_PROFILES = "se.leap.bitmaskclient.REBUILD_PROFILES"; - public final static String EIP_NOTIFICATION = "EIP_NOTIFICATION"; - public final static String STATUS = "eip status"; - public final static String DATE_FROM_CERTIFICATE = "date from certificate"; - public final static String ALLOWED_ANON = "allow_anonymous"; - public final static String ALLOWED_REGISTERED = "allow_registration"; - public final static String CERTIFICATE = "cert"; - public final static String PRIVATE_KEY = "private_key"; - public final static String KEY = "eip"; - public final static String PARSED_SERIAL = "eip_parsed_serial"; - public final static String SERVICE_API_PATH = "config/eip-service.json"; - public final static String RECEIVER_TAG = "receiverTag"; - public final static String REQUEST_TAG = "requestTag"; - public final static String TAG = EIP.class.getSimpleName(); - private static SharedPreferences preferences; - - private static Context context; - private static ResultReceiver mReceiver; - private static boolean mBound = false; - - private static JSONObject eipDefinition = null; - - private static OVPNGateway activeGateway = null; - - protected static ConnectionStatus lastConnectionStatusLevel; - protected static boolean mIsDisconnecting = false; - protected static boolean mIsStarting = false; - - public static SimpleDateFormat certificate_date_format = new SimpleDateFormat("yyyy-MM-dd HH:mm", Locale.US); - public EIP(){ - super("LEAPEIP"); - } - - @Override - public void onCreate() { - super.onCreate(); - - context = getApplicationContext(); - - preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); - } - - @Override - public void onDestroy() { - - mBound = false; - - super.onDestroy(); - } - - - @Override - protected void onHandleIntent(Intent intent) { - String action = intent.getAction(); - mReceiver = intent.getParcelableExtra(RECEIVER_TAG); - - if ( action == ACTION_START_EIP ) - startEIP(); - else if ( action == ACTION_STOP_EIP ) - stopEIP(); - else if ( action == ACTION_IS_EIP_RUNNING ) - isRunning(); - else if ( action == ACTION_UPDATE_EIP_SERVICE ) - updateEIPService(); - else if ( action == ACTION_CHECK_CERT_VALIDITY ) - checkCertValidity(); - else if ( action == ACTION_REBUILD_PROFILES ) - updateGateways(); - } - - /** - * Initiates an EIP connection by selecting a gateway and preparing and sending an - * Intent to {@link se.leap.openvpn.LaunchVPN}. - * It also sets up early routes. - */ - private void startEIP() { - earlyRoutes(); - activeGateway = selectGateway(); - - if(activeGateway != null && activeGateway.mVpnProfile != null) { - mReceiver = EipServiceFragment.getReceiver(); - launchActiveGateway(); - } - } - - /** - * Early routes are routes that block traffic until a new - * VpnService is started properly. - */ - private void earlyRoutes() { - Intent void_vpn_launcher = new Intent(context, VoidVpnLauncher.class); - void_vpn_launcher.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - startActivity(void_vpn_launcher); - } - - /** - * Choose a gateway to connect to based on timezone from system locale data - * - * @return The gateway to connect to - */ - private OVPNGateway selectGateway() { - String closest_location = closestGateway(); - String chosen_host = chooseHost(closest_location); - - return new OVPNGateway(chosen_host); - } - - private String closestGateway() { - TreeMap> offsets = calculateOffsets(); - return offsets.isEmpty() ? "" : offsets.firstEntry().getValue().iterator().next(); - } - - private TreeMap> calculateOffsets() { - TreeMap> offsets = new TreeMap>(); - - int localOffset = Calendar.getInstance().get(Calendar.ZONE_OFFSET) / 3600000; - - JSONObject locations = availableLocations(); - Iterator locations_names = locations.keys(); - while(locations_names.hasNext()) { - try { - String location_name = locations_names.next(); - JSONObject location = locations.getJSONObject(location_name); - - int dist = timezoneDistance(localOffset, location.optInt("timezone")); - - Set set = (offsets.get(dist) != null) ? - offsets.get(dist) : new HashSet(); - - set.add(location_name); - offsets.put(dist, set); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return offsets; - } - - private JSONObject availableLocations() { - JSONObject locations = null; - try { - if(eipDefinition == null) updateEIPService(); - locations = eipDefinition.getJSONObject("locations"); - } catch (JSONException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } - - return locations; - } - - private int timezoneDistance(int local_timezone, int remote_timezone) { - // Distance along the numberline of Prime Meridian centric, assumes UTC-11 through UTC+12 - int dist = Math.abs(local_timezone - remote_timezone); - - // Farther than 12 timezones and it's shorter around the "back" - if (dist > 12) - dist = 12 - (dist -12); // Well i'll be. Absolute values make equations do funny things. - - return dist; - } - - private String chooseHost(String location) { - String chosen_host = ""; - try { - JSONArray gateways = eipDefinition.getJSONArray("gateways"); - for (int i = 0; i < gateways.length(); i++) { - JSONObject gw = gateways.getJSONObject(i); - if ( gw.getString("location").equalsIgnoreCase(location) || location.isEmpty()){ - chosen_host = eipDefinition.getJSONObject("locations").getJSONObject(gw.getString("location")).getString("name"); - break; - } - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return chosen_host; - } - - private void launchActiveGateway() { - Intent intent = new Intent(this,LaunchVPN.class); - intent.setAction(Intent.ACTION_MAIN); - intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - intent.putExtra(LaunchVPN.EXTRA_KEY, activeGateway.mVpnProfile.getUUID().toString() ); - intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.mVpnProfile.getName() ); - intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); - intent.putExtra(RECEIVER_TAG, mReceiver); - startActivity(intent); - } - - /** - * Disconnects the EIP connection gracefully through the bound service or forcefully - * if there is no bound service. Sends a message to the requesting ResultReceiver. - */ - private void stopEIP() { - if(isConnected()) { - Intent disconnect_vpn = new Intent(this, DisconnectVPN.class); - disconnect_vpn.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - startActivity(disconnect_vpn); - mIsDisconnecting = true; - lastConnectionStatusLevel = ConnectionStatus.UNKNOWN_LEVEL; // Wait for the decision of the user - Log.d(TAG, "mIsDisconnecting = true"); - } - - tellToReceiver(ACTION_STOP_EIP, Activity.RESULT_OK); - } - - private void tellToReceiver(String action, int resultCode) { - if (mReceiver != null){ - Bundle resultData = new Bundle(); - resultData.putString(REQUEST_TAG, action); - mReceiver.send(resultCode, resultData); - } - } - - /** - * Checks the last stored status notified by ics-openvpn - * Sends Activity.RESULT_CANCELED to the ResultReceiver that made the - * request if it's not connected, Activity.RESULT_OK otherwise. - */ - - private void isRunning() { - int resultCode = Activity.RESULT_CANCELED; - boolean is_connected = isConnected(); - - resultCode = (is_connected) ? Activity.RESULT_OK : Activity.RESULT_CANCELED; - - tellToReceiver(ACTION_IS_EIP_RUNNING, resultCode); - } - - protected static boolean isConnected() { - return lastConnectionStatusLevel != null && lastConnectionStatusLevel.equals(ConnectionStatus.LEVEL_CONNECTED) && !mIsDisconnecting; - } - - /** - * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} - * to parse gateway definitions. - * TODO Implement API call to refresh eip-service.json from the provider - */ - private void updateEIPService() { - try { - String eip_definition_string = preferences.getString(KEY, ""); - if(eip_definition_string.isEmpty() == false) { - eipDefinition = new JSONObject(eip_definition_string); - } - deleteAllVpnProfiles(); - updateGateways(); - if(mReceiver != null) mReceiver.send(Activity.RESULT_OK, Bundle.EMPTY); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - private void deleteAllVpnProfiles() { - ProfileManager vpl = ProfileManager.getInstance(context); - Collection profiles = vpl.getProfiles(); - profiles.removeAll(profiles); - } - - /** - * Walk the list of gateways defined in eip-service.json and parse them into - * OVPNGateway objects. - * TODO Store the OVPNGateways (as Serializable) in SharedPreferences - */ - private void updateGateways(){ - JSONArray gatewaysDefined = null; - try { - if(eipDefinition == null) updateEIPService(); - gatewaysDefined = eipDefinition.getJSONArray("gateways"); - for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ - JSONObject gw = null; - gw = gatewaysDefined.getJSONObject(i); - - if ( gw.getJSONObject("capabilities").getJSONArray("transport").toString().contains("openvpn") ) - new OVPNGateway(gw); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - preferences.edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit(); - } - - private void checkCertValidity() { - String certificate = preferences.getString(CERTIFICATE, ""); - checkCertValidity(certificate); - } - - private void checkCertValidity(String certificate_string) { - if(!certificate_string.isEmpty()) { - X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificate_string); - - Calendar offset_date = calculateOffsetCertificateValidity(certificate); - Bundle result = new Bundle(); - result.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY); - try { - Log.d(TAG, "offset_date = " + offset_date.getTime().toString()); - certificate.checkValidity(offset_date.getTime()); - mReceiver.send(Activity.RESULT_OK, result); - Log.d(TAG, "Valid certificate"); - } catch(CertificateExpiredException e) { - mReceiver.send(Activity.RESULT_CANCELED, result); - Log.d(TAG, "Updating certificate"); - } catch(CertificateNotYetValidException e) { - mReceiver.send(Activity.RESULT_CANCELED, result); - } - } - } - - private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) { - String current_date = certificate_date_format.format(Calendar.getInstance().getTime()).toString(); - - String date_string = preferences.getString(DATE_FROM_CERTIFICATE, current_date); - - Calendar offset_date = Calendar.getInstance(); - try { - Date date = certificate_date_format.parse(date_string); - long difference = Math.abs(date.getTime() - certificate.getNotAfter().getTime())/2; - long current_date_millis = offset_date.getTimeInMillis(); - offset_date.setTimeInMillis(current_date_millis + difference); - Log.d(TAG, "certificate not after = " + certificate.getNotAfter()); - } catch(ParseException e) { - e.printStackTrace(); - } - - return offset_date; - } - - /** - * OVPNGateway provides objects defining gateways and their options and metadata. - * Each instance contains a VpnProfile for OpenVPN specific data and member - * variables describing capabilities and location - * - * @author Sean Leonard - */ - private class OVPNGateway { - - private String TAG = "OVPNGateway"; - - private String mName; - private VpnProfile mVpnProfile; - private JSONObject mGateway; - private HashMap>> options = new HashMap>>(); - - - /** - * Attempts to retrieve a VpnProfile by name and build an OVPNGateway around it. - * FIXME This needs to become a findGatewayByName() method - * - * @param name The hostname of the gateway to inflate - */ - private OVPNGateway(String name){ - mName = name; - - this.loadVpnProfile(); - } - - private void loadVpnProfile() { - ProfileManager vpl = ProfileManager.getInstance(context); - try { - if ( mName == null ) - mVpnProfile = vpl.getProfiles().iterator().next(); - else - mVpnProfile = vpl.getProfileByName(mName); - } catch (NoSuchElementException e) { - updateEIPService(); - this.loadVpnProfile(); // FIXME catch infinite loops - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /** - * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json - * and create a VpnProfile belonging to it. - * - * @param gateway The JSON OpenVPN gateway definition to parse - */ - protected OVPNGateway(JSONObject gateway){ - - mGateway = gateway; - - // Currently deletes VpnProfile for host, if there already is one, and builds new - ProfileManager vpl = ProfileManager.getInstance(context); - Collection profiles = vpl.getProfiles(); - for (Iterator it = profiles.iterator(); it.hasNext(); ){ - VpnProfile p = it.next(); - - if ( p.mName.equalsIgnoreCase( mName ) ) { - it.remove(); - vpl.removeProfile(context, p); - } - } - - this.createVPNProfile(); - - vpl.addProfile(mVpnProfile); - vpl.saveProfile(context, mVpnProfile); - vpl.saveProfileList(context); - } - - /** - * Create and attach the VpnProfile to our gateway object - */ - protected void createVPNProfile(){ - try { - ConfigParser cp = new ConfigParser(); - - JSONObject openvpn_configuration = eipDefinition.getJSONObject("openvpn_configuration"); - VpnConfigGenerator vpn_configuration_generator = new VpnConfigGenerator(preferences, openvpn_configuration, mGateway); - String configuration = vpn_configuration_generator.generate(); - - cp.parseConfig(new StringReader(configuration)); - mVpnProfile = cp.convertProfile(); - mVpnProfile.mName = mName = locationAsName(); - Log.v(TAG,"Created VPNProfile"); - - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (ConfigParseError e) { - // FIXME We didn't get a VpnProfile! Error handling! and log level - Log.v(TAG,"Error creating VPNProfile"); - e.printStackTrace(); - } catch (IOException e) { - // FIXME We didn't get a VpnProfile! Error handling! and log level - Log.v(TAG,"Error creating VPNProfile"); - e.printStackTrace(); - } - } - - - public String locationAsName() { - try { - return eipDefinition.getJSONObject("locations").getJSONObject(mGateway.getString("location")).getString("name"); - } catch (JSONException e) { - Log.v(TAG,"Couldn't read gateway name for profile creation! Returning original name = " + mName); - e.printStackTrace(); - return (mName != null) ? mName : ""; - } - } - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 6d223dd6..f35a3cfa 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -3,34 +3,18 @@ package se.leap.bitmaskclient; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.ProviderAPIResultReceiver; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; -import se.leap.bitmaskclient.Dashboard; - -import de.blinkt.openvpn.activities.LogWindow; -import de.blinkt.openvpn.core.VpnStatus; -import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus; -import de.blinkt.openvpn.core.VpnStatus.StateListener; -import android.app.Activity; -import android.app.AlertDialog; -import android.app.Fragment; -import android.content.DialogInterface; -import android.content.Intent; -import android.os.Bundle; -import android.os.Handler; -import android.os.ResultReceiver; +import se.leap.bitmaskclient.eip.*; + +import de.blinkt.openvpn.activities.*; +import de.blinkt.openvpn.core.*; +import android.app.*; +import android.content.*; +import android.os.*; import android.util.Log; -import android.view.LayoutInflater; -import android.view.MotionEvent; -import android.view.View; -import android.view.View.OnClickListener; -import android.view.ViewGroup; -import android.widget.CompoundButton.OnCheckedChangeListener; -import android.widget.CompoundButton; -import android.widget.ProgressBar; -import android.widget.RelativeLayout; -import android.widget.Switch; -import android.widget.TextView; - -public class EipServiceFragment extends Fragment implements StateListener, OnCheckedChangeListener { +import android.view.*; +import android.widget.*; + +public class EipServiceFragment extends Fragment implements VpnStatus.StateListener, CompoundButton.OnCheckedChangeListener { protected static final String IS_EIP_PENDING = "is_eip_pending"; public static final String START_ON_BOOT = "start on boot"; @@ -85,8 +69,8 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe super.onResume(); VpnStatus.addStateListener(this); - - eipCommand(EIP.ACTION_CHECK_CERT_VALIDITY); + + eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); } @Override @@ -139,13 +123,13 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe } private boolean canStartEIP() { - boolean certificateExists = !Dashboard.preferences.getString(EIP.CERTIFICATE, "").isEmpty(); - boolean isAllowedAnon = Dashboard.preferences.getBoolean(EIP.ALLOWED_ANON, false); + boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); + boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); return (isAllowedAnon || certificateExists) && !EIP.mIsStarting && !EIP.isConnected(); } private boolean canLogInToStartEIP() { - boolean isAllowedRegistered = Dashboard.preferences.getBoolean(EIP.ALLOWED_REGISTERED, false); + boolean isAllowedRegistered = Dashboard.preferences.getBoolean(Constants.ALLOWED_REGISTERED, false); boolean isLoggedIn = !LeapSRPSession.getToken().isEmpty(); Log.d(TAG, "Allow registered? " + isAllowedRegistered); Log.d(TAG, "Is logged in? " + isLoggedIn); @@ -192,7 +176,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe eipSwitch.setChecked(true); saveEipStatus(); } - eipCommand(EIP.ACTION_START_EIP); + eipCommand(Constants.ACTION_START_EIP); } protected void stopEIP() { @@ -203,7 +187,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe String status = getResources().getString(R.string.eip_state_not_connected); setEipStatus(status); - eipCommand(EIP.ACTION_STOP_EIP); + eipCommand(Constants.ACTION_STOP_EIP); } /** @@ -216,16 +200,16 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? Intent vpn_intent = new Intent(getActivity().getApplicationContext(), EIP.class); vpn_intent.setAction(action); - vpn_intent.putExtra(EIP.RECEIVER_TAG, mEIPReceiver); + vpn_intent.putExtra(Constants.RECEIVER_TAG, mEIPReceiver); getActivity().startService(vpn_intent); } @Override - public void updateState(final String state, final String logmessage, final int localizedResId, final ConnectionStatus level) { + public void updateState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { boolean isNewLevel = EIP.lastConnectionStatusLevel != level; - boolean justDecidedOnDisconnect = EIP.lastConnectionStatusLevel == ConnectionStatus.UNKNOWN_LEVEL; + boolean justDecidedOnDisconnect = EIP.lastConnectionStatusLevel == VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; Log.d(TAG, "update state with level " + level); - if(!justDecidedOnDisconnect && (isNewLevel || level == ConnectionStatus.LEVEL_CONNECTED)) { + if(!justDecidedOnDisconnect && (isNewLevel || level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED)) { getActivity().runOnUiThread(new Runnable() { @Override public void run() { @@ -233,28 +217,28 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe handleNewState(state, logmessage, localizedResId, level); } }); - } else if(justDecidedOnDisconnect && level == ConnectionStatus.LEVEL_CONNECTED) { - EIP.lastConnectionStatusLevel = ConnectionStatus.LEVEL_NOTCONNECTED; + } else if(justDecidedOnDisconnect && level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED) { + EIP.lastConnectionStatusLevel = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; updateState(state, logmessage, localizedResId, level); } // else if(isNewLevel || level == ConnectionStatus.LEVEL_AUTH_FAILED) // handleNewState(state, logmessage, localizedResId, level); } - private void handleNewState(final String state, final String logmessage, final int localizedResId, final ConnectionStatus level) { - if (level == ConnectionStatus.LEVEL_CONNECTED) + private void handleNewState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { + if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED) setConnectedUI(); else if (isDisconnectedLevel(level) && !EIP.mIsStarting) setDisconnectedUI(); - else if (level == ConnectionStatus.LEVEL_CONNECTING_NO_SERVER_REPLY_YET) + else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_NO_SERVER_REPLY_YET) setNoServerReplyUI(localizedResId, logmessage); - else if (level == ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) + else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) setServerReplyUI(state, localizedResId, logmessage); - // else if (level == ConnectionStatus.LEVEL_AUTH_FAILED) + // else if (level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED) // handleSwitchOn(); } - private boolean isDisconnectedLevel(final ConnectionStatus level) { - return level == ConnectionStatus.LEVEL_NOTCONNECTED || level == ConnectionStatus.LEVEL_AUTH_FAILED; + private boolean isDisconnectedLevel(final VpnStatus.ConnectionStatus level) { + return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED || level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED; } private void setConnectedUI() { @@ -331,10 +315,10 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe protected void onReceiveResult(int resultCode, Bundle resultData) { super.onReceiveResult(resultCode, resultData); - String request = resultData.getString(EIP.REQUEST_TAG); + String request = resultData.getString(Constants.REQUEST_TAG); boolean checked = false; - if (request == EIP.ACTION_IS_EIP_RUNNING) { + if (request == Constants.ACTION_IS_EIP_RUNNING) { switch (resultCode){ case Activity.RESULT_OK: checked = true; @@ -343,7 +327,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe checked = false; break; } - } else if (request == EIP.ACTION_START_EIP) { + } else if (request == Constants.ACTION_START_EIP) { switch (resultCode){ case Activity.RESULT_OK: Log.d(TAG, "Action start eip = Result OK"); @@ -356,7 +340,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe eipFragment.findViewById(R.id.eipProgress).setVisibility(View.GONE); break; } - } else if (request == EIP.ACTION_STOP_EIP) { + } else if (request == Constants.ACTION_STOP_EIP) { switch (resultCode){ case Activity.RESULT_OK: checked = false; @@ -365,7 +349,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe checked = true; break; } - } else if (request == EIP.EIP_NOTIFICATION) { + } else if (request == Constants.EIP_NOTIFICATION) { switch (resultCode){ case Activity.RESULT_OK: checked = true; @@ -374,7 +358,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe checked = false; break; } - } else if (request == EIP.ACTION_CHECK_CERT_VALIDITY) { + } else if (request == Constants.ACTION_CHECK_CERT_VALIDITY) { checked = eipSwitch.isChecked(); switch (resultCode) { @@ -387,7 +371,7 @@ public class EipServiceFragment extends Fragment implements StateListener, OnChe String status = getResources().getString(R.string.updating_certificate_message); setEipStatus(status); - if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(EIP.ALLOWED_ANON, false)) { + if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { dashboard.logInDialog(Bundle.EMPTY); } else { diff --git a/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java b/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java index eb196d46..74f89ab8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java +++ b/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java @@ -1,10 +1,9 @@ package se.leap.bitmaskclient; -import android.content.BroadcastReceiver; -import android.content.Context; -import android.content.Intent; +import android.content.*; import android.util.Log; +import se.leap.bitmaskclient.eip.Constants; public class OnBootReceiver extends BroadcastReceiver { @@ -14,7 +13,7 @@ public class OnBootReceiver extends BroadcastReceiver { if (Intent.ACTION_BOOT_COMPLETED.equals(intent.getAction())) { if (!context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, Context.MODE_PRIVATE).getString(Provider.KEY, "").isEmpty() && context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, Context.MODE_PRIVATE).getBoolean(Dashboard.START_ON_BOOT, false)) { Intent dashboard_intent = new Intent(context, Dashboard.class); - dashboard_intent.setAction(EIP.ACTION_START_EIP); + dashboard_intent.setAction(Constants.ACTION_START_EIP); dashboard_intent.putExtra(Dashboard.ON_BOOT, true); dashboard_intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); context.startActivity(dashboard_intent); diff --git a/app/src/main/java/se/leap/bitmaskclient/VoidVpnLauncher.java b/app/src/main/java/se/leap/bitmaskclient/VoidVpnLauncher.java deleted file mode 100644 index 3b286fbf..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/VoidVpnLauncher.java +++ /dev/null @@ -1,37 +0,0 @@ -package se.leap.bitmaskclient; - -import android.app.Activity; -import android.content.Intent; -import android.net.VpnService; -import android.os.Bundle; - -public class VoidVpnLauncher extends Activity { - - private static final int VPN_USER_PERMISSION = 71; - - @Override - protected void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - setUp(); - } - - public void setUp() { - Intent blocking_intent = VpnService.prepare(getApplicationContext()); // stops the VPN connection created by another application. - if(blocking_intent != null) - startActivityForResult(blocking_intent, VPN_USER_PERMISSION); - else { - onActivityResult(VPN_USER_PERMISSION, RESULT_OK, null); - } - } - - protected void onActivityResult(int requestCode, int resultCode, Intent data){ - if(requestCode == VPN_USER_PERMISSION) { - if(resultCode == RESULT_OK) { - Intent void_vpn_service = new Intent(getApplicationContext(), VoidVpnService.class); - void_vpn_service.setAction(VoidVpnService.START_BLOCKING_VPN_PROFILE); - startService(void_vpn_service); - } - } - finish(); - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java deleted file mode 100644 index 7b597554..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java +++ /dev/null @@ -1,36 +0,0 @@ -package se.leap.bitmaskclient; - -import android.content.Intent; -import android.os.Process; -import android.net.VpnService; -import android.util.Log; - -public class VoidVpnService extends VpnService { - - static final String START_BLOCKING_VPN_PROFILE = "se.leap.bitmaskclient.START_BLOCKING_VPN_PROFILE"; - static final String TAG = VoidVpnService.class.getSimpleName(); - - @Override - public int onStartCommand(Intent intent, int flags, int startId) { - String action = intent.getAction(); - if (action == START_BLOCKING_VPN_PROFILE) { - new Thread(new Runnable() { - public void run() { - Builder builder = new Builder(); - builder.setSession("Blocking until running"); - builder.addAddress("10.42.0.8",16); - builder.addRoute("0.0.0.0", 1); - builder.addRoute("192.168.1.0", 24); - builder.addDnsServer("10.42.0.1"); - try { - builder.establish(); - } catch (Exception e) { - e.printStackTrace(); - } - android.util.Log.d(TAG, "VoidVpnService set up"); - } - }).run(); - } - return 0; - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/VpnConfigGenerator.java deleted file mode 100644 index ef049a3c..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/VpnConfigGenerator.java +++ /dev/null @@ -1,146 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -package se.leap.bitmaskclient; - -import android.content.SharedPreferences; -import android.util.Log; -import java.util.Iterator; -import java.util.Vector; -import org.json.JSONArray; -import org.json.JSONObject; -import org.json.JSONException; - -import se.leap.bitmaskclient.Provider; -import se.leap.bitmaskclient.EIP; - -public class VpnConfigGenerator { - - private JSONObject general_configuration; - private JSONObject gateway; - - private static SharedPreferences preferences; - public final static String TAG = VpnConfigGenerator.class.getSimpleName(); - private final String new_line = System.getProperty("line.separator"); // Platform new line - - public VpnConfigGenerator(SharedPreferences preferences, JSONObject general_configuration, JSONObject gateway) { - this.general_configuration = general_configuration; - this.gateway = gateway; - this.preferences = preferences; - } - - public String generate() { - return - generalConfiguration() - + new_line - + gatewayConfiguration() - + new_line - + secretsConfiguration() - + new_line - + androidCustomizations(); - } - - private String generalConfiguration() { - String common_options = ""; - try { - Iterator keys = general_configuration.keys(); - Vector> value = new Vector>(); - while ( keys.hasNext() ){ - String key = keys.next().toString(); - - common_options += key + " "; - for ( String word : general_configuration.getString(key).split(" ") ) - common_options += word + " "; - common_options += new_line; - - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - common_options += "client"; - - return common_options; - } - - private String gatewayConfiguration() { - String remotes = ""; - - String remote = "ip_address"; - String remote_openvpn_keyword = "remote"; - String ports = "ports"; - String protos = "protocols"; - String capabilities = "capabilities"; - String udp = "udp"; - - try { - JSONArray protocolsJSON = gateway.getJSONObject(capabilities).getJSONArray(protos); - for ( int i=0; i" - + new_line - + preferences.getString(Provider.CA_CERT, "") - + new_line - + ""; - - String key = - "" - + new_line - + preferences.getString(EIP.PRIVATE_KEY, "") - + new_line - + ""; - - String openvpn_cert = - "" - + new_line - + preferences.getString(EIP.CERTIFICATE, "") - + new_line - + ""; - - return ca + new_line + key + new_line + openvpn_cert; - } - - private String androidCustomizations() { - return - "remote-cert-tls server" - + new_line - + "persist-tun" - + new_line - + "auth-retry nointeract"; - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java new file mode 100644 index 00000000..719fff6d --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -0,0 +1,50 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +/** + * + * Constants for intent passing, shared preferences + * + * @author Parménides GV + * + */ +public interface Constants { + + public final static String TAG = Constants.class.getSimpleName(); + + public final static String AUTHED_EIP = TAG + ".AUTHED_EIP"; + public final static String ACTION_CHECK_CERT_VALIDITY = TAG + ".CHECK_CERT_VALIDITY"; + public final static String ACTION_START_EIP = TAG + ".START_EIP"; + public final static String ACTION_STOP_EIP = TAG + ".STOP_EIP"; + public final static String ACTION_UPDATE_EIP_SERVICE = TAG + ".UPDATE_EIP_SERVICE"; + public final static String ACTION_IS_EIP_RUNNING = TAG + ".IS_RUNNING"; + public final static String ACTION_REBUILD_PROFILES = TAG + ".REBUILD_PROFILES"; + public final static String EIP_NOTIFICATION = TAG + ".EIP_NOTIFICATION"; + public final static String STATUS = TAG + ".STATUS"; + public final static String DATE_FROM_CERTIFICATE = TAG + ".DATE_FROM_CERTIFICATE"; + public final static String ALLOWED_ANON = TAG + ".ALLOW_ANONYMOUS"; + public final static String ALLOWED_REGISTERED = TAG + ".ALLOW_REGISTRATION"; + public final static String CERTIFICATE = TAG + ".CERTIFICATE"; + public final static String PRIVATE_KEY = TAG + ".PRIVATE_KEY"; + public final static String KEY = TAG + ".KEY"; + public final static String PARSED_SERIAL = TAG + ".PARSED_SERIAL"; + public final static String RECEIVER_TAG = TAG + ".RECEIVER_TAG"; + public final static String REQUEST_TAG = TAG + ".REQUEST_TAG"; + public final static String START_BLOCKING_VPN_PROFILE = TAG + ".START_BLOCKING_VPN_PROFILE"; + +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java new file mode 100644 index 00000000..b668ce64 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -0,0 +1,486 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +import android.app.*; +import android.content.*; +import android.os.*; +import android.util.Log; +import java.io.*; +import java.security.cert.*; +import java.text.*; +import java.util.*; +import org.json.*; + +import de.blinkt.openvpn.*; +import de.blinkt.openvpn.activities.*; +import de.blinkt.openvpn.core.*; +import se.leap.bitmaskclient.*; + +import static se.leap.bitmaskclient.eip.Constants.*; + +/** + * EIP is the abstract base class for interacting with and managing the Encrypted + * Internet Proxy connection. Connections are started, stopped, and queried through + * this IntentService. + * Contains logic for parsing eip-service.json from the provider, configuring and selecting + * gateways, and controlling {@link de.blinkt.openvpn.core.OpenVPNService} connections. + * + * @author Sean Leonard + * @author Parménides GV + */ +public final class EIP extends IntentService { + + public final static String TAG = EIP.class.getSimpleName(); + + public final static String SERVICE_API_PATH = "config/eip-service.json"; + + private static SharedPreferences preferences; + + private static Context context; + private static ResultReceiver mReceiver; + private static boolean mBound = false; + + private static JSONObject eipDefinition = null; + + private static OVPNGateway activeGateway = null; + + public static VpnStatus.ConnectionStatus lastConnectionStatusLevel; + public static boolean mIsDisconnecting = false; + public static boolean mIsStarting = false; + + public static SimpleDateFormat certificate_date_format = new SimpleDateFormat("yyyy-MM-dd HH:mm", Locale.US); + + public EIP(){ + super("LEAPEIP"); + } + + @Override + public void onCreate() { + super.onCreate(); + + context = getApplicationContext(); + + preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); + } + + @Override + public void onDestroy() { + + mBound = false; + + super.onDestroy(); + } + + + @Override + protected void onHandleIntent(Intent intent) { + String action = intent.getAction(); + mReceiver = intent.getParcelableExtra(RECEIVER_TAG); + + if ( action == ACTION_START_EIP ) + startEIP(); + else if ( action == ACTION_STOP_EIP ) + stopEIP(); + else if ( action == ACTION_IS_EIP_RUNNING ) + isRunning(); + else if ( action == ACTION_UPDATE_EIP_SERVICE ) + updateEIPService(); + else if ( action == ACTION_CHECK_CERT_VALIDITY ) + checkCertValidity(); + else if ( action == ACTION_REBUILD_PROFILES ) + updateGateways(); + } + + /** + * Initiates an EIP connection by selecting a gateway and preparing and sending an + * Intent to {@link se.leap.openvpn.LaunchVPN}. + * It also sets up early routes. + */ + private void startEIP() { + earlyRoutes(); + activeGateway = selectGateway(); + + if(activeGateway != null && activeGateway.mVpnProfile != null) { + mReceiver = EipServiceFragment.getReceiver(); + launchActiveGateway(); + } + } + + /** + * Early routes are routes that block traffic until a new + * VpnService is started properly. + */ + private void earlyRoutes() { + Intent void_vpn_launcher = new Intent(context, VoidVpnLauncher.class); + void_vpn_launcher.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + startActivity(void_vpn_launcher); + } + + /** + * Choose a gateway to connect to based on timezone from system locale data + * + * @return The gateway to connect to + */ + private OVPNGateway selectGateway() { + String closest_location = closestGateway(); + String chosen_host = chooseHost(closest_location); + + return new OVPNGateway(chosen_host); + } + + private String closestGateway() { + TreeMap> offsets = calculateOffsets(); + return offsets.isEmpty() ? "" : offsets.firstEntry().getValue().iterator().next(); + } + + private TreeMap> calculateOffsets() { + TreeMap> offsets = new TreeMap>(); + + int localOffset = Calendar.getInstance().get(Calendar.ZONE_OFFSET) / 3600000; + + JSONObject locations = availableLocations(); + Iterator locations_names = locations.keys(); + while(locations_names.hasNext()) { + try { + String location_name = locations_names.next(); + JSONObject location = locations.getJSONObject(location_name); + + int dist = timezoneDistance(localOffset, location.optInt("timezone")); + + Set set = (offsets.get(dist) != null) ? + offsets.get(dist) : new HashSet(); + + set.add(location_name); + offsets.put(dist, set); + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + return offsets; + } + + private JSONObject availableLocations() { + JSONObject locations = null; + try { + if(eipDefinition == null) updateEIPService(); + locations = eipDefinition.getJSONObject("locations"); + } catch (JSONException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + + return locations; + } + + private int timezoneDistance(int local_timezone, int remote_timezone) { + // Distance along the numberline of Prime Meridian centric, assumes UTC-11 through UTC+12 + int dist = Math.abs(local_timezone - remote_timezone); + + // Farther than 12 timezones and it's shorter around the "back" + if (dist > 12) + dist = 12 - (dist -12); // Well i'll be. Absolute values make equations do funny things. + + return dist; + } + + private String chooseHost(String location) { + String chosen_host = ""; + try { + JSONArray gateways = eipDefinition.getJSONArray("gateways"); + for (int i = 0; i < gateways.length(); i++) { + JSONObject gw = gateways.getJSONObject(i); + if ( gw.getString("location").equalsIgnoreCase(location) || location.isEmpty()){ + chosen_host = eipDefinition.getJSONObject("locations").getJSONObject(gw.getString("location")).getString("name"); + break; + } + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return chosen_host; + } + + private void launchActiveGateway() { + Intent intent = new Intent(this,LaunchVPN.class); + intent.setAction(Intent.ACTION_MAIN); + intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + intent.putExtra(LaunchVPN.EXTRA_KEY, activeGateway.mVpnProfile.getUUID().toString() ); + intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.mVpnProfile.getName() ); + intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); + intent.putExtra(RECEIVER_TAG, mReceiver); + startActivity(intent); + } + + /** + * Disconnects the EIP connection gracefully through the bound service or forcefully + * if there is no bound service. Sends a message to the requesting ResultReceiver. + */ + private void stopEIP() { + if(isConnected()) { + Intent disconnect_vpn = new Intent(this, DisconnectVPN.class); + disconnect_vpn.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + startActivity(disconnect_vpn); + mIsDisconnecting = true; + lastConnectionStatusLevel = VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; // Wait for the decision of the user + Log.d(TAG, "mIsDisconnecting = true"); + } + + tellToReceiver(ACTION_STOP_EIP, Activity.RESULT_OK); + } + + private void tellToReceiver(String action, int resultCode) { + if (mReceiver != null){ + Bundle resultData = new Bundle(); + resultData.putString(REQUEST_TAG, action); + mReceiver.send(resultCode, resultData); + } + } + + /** + * Checks the last stored status notified by ics-openvpn + * Sends Activity.RESULT_CANCELED to the ResultReceiver that made the + * request if it's not connected, Activity.RESULT_OK otherwise. + */ + + private void isRunning() { + int resultCode = Activity.RESULT_CANCELED; + boolean is_connected = isConnected(); + + resultCode = (is_connected) ? Activity.RESULT_OK : Activity.RESULT_CANCELED; + + tellToReceiver(ACTION_IS_EIP_RUNNING, resultCode); + } + + public static boolean isConnected() { + return lastConnectionStatusLevel != null && lastConnectionStatusLevel.equals(VpnStatus.ConnectionStatus.LEVEL_CONNECTED) && !mIsDisconnecting; + } + + /** + * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} + * to parse gateway definitions. + * TODO Implement API call to refresh eip-service.json from the provider + */ + private void updateEIPService() { + try { + String eip_definition_string = preferences.getString(KEY, ""); + if(eip_definition_string.isEmpty() == false) { + eipDefinition = new JSONObject(eip_definition_string); + } + deleteAllVpnProfiles(); + updateGateways(); + if(mReceiver != null) mReceiver.send(Activity.RESULT_OK, Bundle.EMPTY); + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + private void deleteAllVpnProfiles() { + ProfileManager vpl = ProfileManager.getInstance(context); + Collection profiles = vpl.getProfiles(); + profiles.removeAll(profiles); + } + + /** + * Walk the list of gateways defined in eip-service.json and parse them into + * OVPNGateway objects. + * TODO Store the OVPNGateways (as Serializable) in SharedPreferences + */ + private void updateGateways(){ + JSONArray gatewaysDefined = null; + try { + if(eipDefinition == null) updateEIPService(); + gatewaysDefined = eipDefinition.getJSONArray("gateways"); + for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ + JSONObject gw = null; + gw = gatewaysDefined.getJSONObject(i); + + if ( gw.getJSONObject("capabilities").getJSONArray("transport").toString().contains("openvpn") ) + new OVPNGateway(gw); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + preferences.edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit(); + } + + private void checkCertValidity() { + String certificate = preferences.getString(CERTIFICATE, ""); + checkCertValidity(certificate); + } + + private void checkCertValidity(String certificate_string) { + if(!certificate_string.isEmpty()) { + X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificate_string); + + Calendar offset_date = calculateOffsetCertificateValidity(certificate); + Bundle result = new Bundle(); + result.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY); + try { + Log.d(TAG, "offset_date = " + offset_date.getTime().toString()); + certificate.checkValidity(offset_date.getTime()); + mReceiver.send(Activity.RESULT_OK, result); + Log.d(TAG, "Valid certificate"); + } catch(CertificateExpiredException e) { + mReceiver.send(Activity.RESULT_CANCELED, result); + Log.d(TAG, "Updating certificate"); + } catch(CertificateNotYetValidException e) { + mReceiver.send(Activity.RESULT_CANCELED, result); + } + } + } + + private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) { + String current_date = certificate_date_format.format(Calendar.getInstance().getTime()).toString(); + + String date_string = preferences.getString(DATE_FROM_CERTIFICATE, current_date); + + Calendar offset_date = Calendar.getInstance(); + try { + Date date = certificate_date_format.parse(date_string); + long difference = Math.abs(date.getTime() - certificate.getNotAfter().getTime())/2; + long current_date_millis = offset_date.getTimeInMillis(); + offset_date.setTimeInMillis(current_date_millis + difference); + Log.d(TAG, "certificate not after = " + certificate.getNotAfter()); + } catch(ParseException e) { + e.printStackTrace(); + } + + return offset_date; + } + + /** + * OVPNGateway provides objects defining gateways and their options and metadata. + * Each instance contains a VpnProfile for OpenVPN specific data and member + * variables describing capabilities and location + * + * @author Sean Leonard + */ + private class OVPNGateway { + + private String TAG = "OVPNGateway"; + + private String mName; + private VpnProfile mVpnProfile; + private JSONObject mGateway; + private HashMap>> options = new HashMap>>(); + + + /** + * Attempts to retrieve a VpnProfile by name and build an OVPNGateway around it. + * FIXME This needs to become a findGatewayByName() method + * + * @param name The hostname of the gateway to inflate + */ + private OVPNGateway(String name){ + mName = name; + + this.loadVpnProfile(); + } + + private void loadVpnProfile() { + ProfileManager vpl = ProfileManager.getInstance(context); + try { + if ( mName == null ) + mVpnProfile = vpl.getProfiles().iterator().next(); + else + mVpnProfile = vpl.getProfileByName(mName); + } catch (NoSuchElementException e) { + updateEIPService(); + this.loadVpnProfile(); // FIXME catch infinite loops + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + /** + * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json + * and create a VpnProfile belonging to it. + * + * @param gateway The JSON OpenVPN gateway definition to parse + */ + protected OVPNGateway(JSONObject gateway){ + + mGateway = gateway; + + // Currently deletes VpnProfile for host, if there already is one, and builds new + ProfileManager vpl = ProfileManager.getInstance(context); + Collection profiles = vpl.getProfiles(); + for (Iterator it = profiles.iterator(); it.hasNext(); ){ + VpnProfile p = it.next(); + + if ( p.mName.equalsIgnoreCase( mName ) ) { + it.remove(); + vpl.removeProfile(context, p); + } + } + + this.createVPNProfile(); + + vpl.addProfile(mVpnProfile); + vpl.saveProfile(context, mVpnProfile); + vpl.saveProfileList(context); + } + + /** + * Create and attach the VpnProfile to our gateway object + */ + protected void createVPNProfile(){ + try { + ConfigParser cp = new ConfigParser(); + + JSONObject openvpn_configuration = eipDefinition.getJSONObject("openvpn_configuration"); + VpnConfigGenerator vpn_configuration_generator = new VpnConfigGenerator(preferences, openvpn_configuration, mGateway); + String configuration = vpn_configuration_generator.generate(); + + cp.parseConfig(new StringReader(configuration)); + mVpnProfile = cp.convertProfile(); + mVpnProfile.mName = mName = locationAsName(); + Log.v(TAG,"Created VPNProfile"); + + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (ConfigParser.ConfigParseError e) { + // FIXME We didn't get a VpnProfile! Error handling! and log level + Log.v(TAG,"Error creating VPNProfile"); + e.printStackTrace(); + } catch (IOException e) { + // FIXME We didn't get a VpnProfile! Error handling! and log level + Log.v(TAG,"Error creating VPNProfile"); + e.printStackTrace(); + } + } + + + public String locationAsName() { + try { + return eipDefinition.getJSONObject("locations").getJSONObject(mGateway.getString("location")).getString("name"); + } catch (JSONException e) { + Log.v(TAG,"Couldn't read gateway name for profile creation! Returning original name = " + mName); + e.printStackTrace(); + return (mName != null) ? mName : ""; + } + } + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java new file mode 100644 index 00000000..9814c167 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java @@ -0,0 +1,37 @@ +package se.leap.bitmaskclient.eip; + +import android.app.Activity; +import android.content.Intent; +import android.net.VpnService; +import android.os.Bundle; + +public class VoidVpnLauncher extends Activity { + + private static final int VPN_USER_PERMISSION = 71; + + @Override + protected void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + setUp(); + } + + public void setUp() { + Intent blocking_intent = VpnService.prepare(getApplicationContext()); // stops the VPN connection created by another application. + if(blocking_intent != null) + startActivityForResult(blocking_intent, VPN_USER_PERMISSION); + else { + onActivityResult(VPN_USER_PERMISSION, RESULT_OK, null); + } + } + + protected void onActivityResult(int requestCode, int resultCode, Intent data){ + if(requestCode == VPN_USER_PERMISSION) { + if(resultCode == RESULT_OK) { + Intent void_vpn_service = new Intent(getApplicationContext(), VoidVpnService.class); + void_vpn_service.setAction(Constants.START_BLOCKING_VPN_PROFILE); + startService(void_vpn_service); + } + } + finish(); + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java new file mode 100644 index 00000000..224e3bd4 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -0,0 +1,37 @@ +package se.leap.bitmaskclient.eip; + +import android.content.Intent; +import android.os.Process; +import android.net.VpnService; +import android.util.Log; + +import static se.leap.bitmaskclient.eip.Constants.*; + +public class VoidVpnService extends VpnService { + + static final String TAG = VoidVpnService.class.getSimpleName(); + + @Override + public int onStartCommand(Intent intent, int flags, int startId) { + String action = intent.getAction(); + if (action == Constants.START_BLOCKING_VPN_PROFILE) { + new Thread(new Runnable() { + public void run() { + Builder builder = new Builder(); + builder.setSession("Blocking until running"); + builder.addAddress("10.42.0.8",16); + builder.addRoute("0.0.0.0", 1); + builder.addRoute("192.168.1.0", 24); + builder.addDnsServer("10.42.0.1"); + try { + builder.establish(); + } catch (Exception e) { + e.printStackTrace(); + } + android.util.Log.d(TAG, "VoidVpnService set up"); + } + }).run(); + } + return 0; + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java new file mode 100644 index 00000000..8e36f53c --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java @@ -0,0 +1,145 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +import android.content.SharedPreferences; +import android.util.Log; +import java.util.Iterator; +import java.util.Vector; +import org.json.JSONArray; +import org.json.JSONObject; +import org.json.JSONException; + +import se.leap.bitmaskclient.*; + +public class VpnConfigGenerator { + + private JSONObject general_configuration; + private JSONObject gateway; + + private static SharedPreferences preferences; + public final static String TAG = VpnConfigGenerator.class.getSimpleName(); + private final String new_line = System.getProperty("line.separator"); // Platform new line + + public VpnConfigGenerator(SharedPreferences preferences, JSONObject general_configuration, JSONObject gateway) { + this.general_configuration = general_configuration; + this.gateway = gateway; + this.preferences = preferences; + } + + public String generate() { + return + generalConfiguration() + + new_line + + gatewayConfiguration() + + new_line + + secretsConfiguration() + + new_line + + androidCustomizations(); + } + + private String generalConfiguration() { + String common_options = ""; + try { + Iterator keys = general_configuration.keys(); + Vector> value = new Vector>(); + while ( keys.hasNext() ){ + String key = keys.next().toString(); + + common_options += key + " "; + for ( String word : general_configuration.getString(key).split(" ") ) + common_options += word + " "; + common_options += new_line; + + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + common_options += "client"; + + return common_options; + } + + private String gatewayConfiguration() { + String remotes = ""; + + String remote = "ip_address"; + String remote_openvpn_keyword = "remote"; + String ports = "ports"; + String protos = "protocols"; + String capabilities = "capabilities"; + String udp = "udp"; + + try { + JSONArray protocolsJSON = gateway.getJSONObject(capabilities).getJSONArray(protos); + for ( int i=0; i" + + new_line + + preferences.getString(Provider.CA_CERT, "") + + new_line + + ""; + + String key = + "" + + new_line + + preferences.getString(Constants.PRIVATE_KEY, "") + + new_line + + ""; + + String openvpn_cert = + "" + + new_line + + preferences.getString(Constants.CERTIFICATE, "") + + new_line + + ""; + + return ca + new_line + key + new_line + openvpn_cert; + } + + private String androidCustomizations() { + return + "remote-cert-tls server" + + new_line + + "persist-tun" + + new_line + + "auth-retry nointeract"; + } +} diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index 03930c61..d3203ab3 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -16,39 +16,17 @@ */ package se.leap.bitmaskclient; -import android.app.Activity; -import android.app.DialogFragment; -import android.app.Fragment; -import android.app.FragmentTransaction; -import android.content.BroadcastReceiver; -import android.content.Context; -import android.content.Intent; -import android.content.IntentFilter; -import android.content.SharedPreferences; +import android.app.*; +import android.content.*; import android.content.res.AssetManager; -import android.os.Bundle; -import android.os.Handler; +import android.os.*; import android.util.Log; -import android.view.Display; -import android.view.Menu; -import android.view.MenuItem; -import android.view.View.MeasureSpec; -import android.view.View; -import android.view.ViewGroup; -import android.view.WindowManager; -import android.widget.ListAdapter; -import android.widget.ListView; -import android.widget.ProgressBar; -import android.widget.ProgressBar; -import android.widget.RelativeLayout; -import android.widget.TextView; -import java.io.IOException; -import java.io.InputStream; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.Iterator; -import org.json.JSONException; -import org.json.JSONObject; +import android.view.*; +import android.widget.*; +import java.io.*; +import java.net.*; +import java.util.*; +import org.json.*; import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; @@ -56,7 +34,7 @@ import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import se.leap.bitmaskclient.FragmentManagerEnhanced; - +import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.R; /** @@ -165,7 +143,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(resultCode == ProviderAPI.PROVIDER_OK) { mConfigState.setAction(PROVIDER_SET); - if (preferences.getBoolean(EIP.ALLOWED_ANON, false)){ + if (preferences.getBoolean(Constants.ALLOWED_ANON, false)){ mConfigState.putExtra(SERVICES_RETRIEVED, true); downloadAnonCert(); @@ -311,8 +289,8 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD int screenWidth = display.getWidth(); // deprecated int listViewWidth = screenWidth - 10 - 10; - int widthSpec = MeasureSpec.makeMeasureSpec(listViewWidth, - MeasureSpec.AT_MOST); + int widthSpec = View.MeasureSpec.makeMeasureSpec(listViewWidth, + View.MeasureSpec.AT_MOST); listItem.measure(widthSpec, 0); return listItem.getMeasuredHeight(); @@ -544,7 +522,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(provider_list_fragment != null) { provider_list_fragment.removeLastItem(); } - preferences.edit().remove(Provider.KEY).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + preferences.edit().remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); } @Override diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index f419afaf..e2da588c 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -17,59 +17,22 @@ package se.leap.bitmaskclient; import android.app.IntentService; -import android.content.Intent; -import android.content.SharedPreferences; -import android.os.Bundle; -import android.os.ResultReceiver; -import android.util.Base64; -import android.util.Log; -import java.io.DataOutputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; +import android.content.*; +import android.os.*; +import android.util.*; +import java.io.*; import java.math.BigInteger; -import java.net.ConnectException; -import java.net.CookieHandler; -import java.net.CookieManager; -import java.net.CookiePolicy; -import java.net.MalformedURLException; -import java.net.SocketTimeoutException; -import java.net.URISyntaxException; -import java.net.URL; -import java.net.URLConnection; -import java.net.URLEncoder; -import java.net.UnknownHostException; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; +import java.net.*; +import java.security.*; +import java.security.cert.*; import java.security.interfaces.RSAPrivateKey; -import java.util.Calendar; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; -import java.util.NoSuchElementException; -import java.util.Scanner; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLHandshakeException; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; +import java.util.*; +import javax.net.ssl.*; import org.apache.http.client.ClientProtocolException; -import org.json.JSONException; -import org.json.JSONObject; -import se.leap.bitmaskclient.R; +import org.json.*; +import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.eip.*; /** * Implements HTTP api methods used to manage communications with the provider server. @@ -619,8 +582,8 @@ public class ProviderAPI extends IntentService { //TODO setProviderName(name); preferences.edit().putString(Provider.KEY, provider_json.toString()).commit(); - preferences.edit().putBoolean(EIP.ALLOWED_ANON, provider_json.getJSONObject(Provider.SERVICE).getBoolean(EIP.ALLOWED_ANON)).commit(); - preferences.edit().putBoolean(EIP.ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(EIP.ALLOWED_REGISTERED)).commit(); + preferences.edit().putBoolean(Constants.ALLOWED_ANON, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_ANON)).commit(); + preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_REGISTERED)).commit(); result.putBoolean(RESULT_KEY, true); } catch (JSONException e) { @@ -644,7 +607,7 @@ public class ProviderAPI extends IntentService { JSONObject eip_service_json = new JSONObject(eip_service_json_string); eip_service_json.getInt(Provider.API_RETURN_SERIAL); - preferences.edit().putString(EIP.KEY, eip_service_json.toString()).commit(); + preferences.edit().putString(Constants.KEY, eip_service_json.toString()).commit(); result.putBoolean(RESULT_KEY, true); } catch (JSONException e) { @@ -887,7 +850,7 @@ public class ProviderAPI extends IntentService { getNewCert(); Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(EIP.ACTION_UPDATE_EIP_SERVICE); + updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); startService(updateEIP); return true; @@ -903,7 +866,7 @@ public class ProviderAPI extends IntentService { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); String provider_main_url = provider_json.getString(Provider.API_URL); - URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE); + URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + Constants.CERTIFICATE); String cert_string = downloadWithProviderCA(new_cert_string_url.toString()); @@ -937,12 +900,12 @@ public class ProviderAPI extends IntentService { } RSAPrivateKey key = ConfigHelper.parseRsaKeyFromString(keyString); keyString = Base64.encodeToString(key.getEncoded(), Base64.DEFAULT); - preferences.edit().putString(EIP.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); + preferences.edit().putString(Constants.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificateString); certificateString = Base64.encodeToString(certificate.getEncoded(), Base64.DEFAULT); - preferences.edit().putString(EIP.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); - preferences.edit().putString(EIP.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); + preferences.edit().putString(Constants.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); + preferences.edit().putString(Constants.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); return true; } catch (CertificateException e) { // TODO Auto-generated catch block diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderDetailFragment.java b/app/src/release/java/se/leap/bitmaskclient/ProviderDetailFragment.java index 9252b8fa..97ce5245 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderDetailFragment.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderDetailFragment.java @@ -1,22 +1,17 @@ -package se.leap.bitmaskclient; - -import org.json.JSONException; -import org.json.JSONObject; - -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; - -import android.app.Activity; -import android.app.AlertDialog; -import android.app.Dialog; -import android.app.DialogFragment; -import android.content.DialogInterface; -import android.content.SharedPreferences; -import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.widget.TextView; - +package se.leap.bitmaskclient; + +import org.json.*; + +import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.eip.Constants; +import se.leap.bitmaskclient.ProviderListContent.ProviderItem; + +import android.app.*; +import android.content.*; +import android.os.Bundle; +import android.view.*; +import android.widget.TextView; + public class ProviderDetailFragment extends DialogFragment { final public static String TAG = "providerDetailFragment"; @@ -66,7 +61,7 @@ public class ProviderDetailFragment extends DialogFragment { private boolean anon_allowed(JSONObject provider_json) { try { JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); - return service_description.has(EIP.ALLOWED_ANON) && service_description.getBoolean(EIP.ALLOWED_ANON); + return service_description.has(Constants.ALLOWED_ANON) && service_description.getBoolean(Constants.ALLOWED_ANON); } catch (JSONException e) { return false; } @@ -85,7 +80,7 @@ public class ProviderDetailFragment extends DialogFragment { public void onCancel(DialogInterface dialog) { super.onCancel(dialog); SharedPreferences.Editor editor = getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).edit(); - editor.remove(Provider.KEY).remove(EIP.ALLOWED_ANON).remove(EIP.KEY).commit(); + editor.remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); interface_with_configuration_wizard.showAllProviders(); } -- cgit v1.2.3 From b8087831f7db9fbc7806c58e632bda448b3b9e3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 12 Nov 2014 03:44:14 +0100 Subject: More refactoring, fixed problems from previous commit. --- .../bitmaskclient/test/testLeapSRPSession.java | 52 ++---- .../java/se/leap/bitmaskclient/ProviderAPI.java | 1 - app/src/main/AndroidManifest.xml | 12 +- .../main/java/se/leap/bitmaskclient/Dashboard.java | 31 ++-- .../java/se/leap/bitmaskclient/eip/Constants.java | 6 +- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 182 +++++---------------- .../bitmaskclient/eip/VpnCertificateValidator.java | 59 +++++++ 7 files changed, 139 insertions(+), 204 deletions(-) create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java (limited to 'app') diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testLeapSRPSession.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testLeapSRPSession.java index 2821373a..d7f4bfb3 100644 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testLeapSRPSession.java +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testLeapSRPSession.java @@ -33,7 +33,6 @@ public class testLeapSRPSession extends TestCase { public void testExponential() { byte[] expected_A; byte[] a_byte; - SRPParameters params; LeapSRPSession client; /* Test 1: abytes = 4 */ @@ -43,8 +42,7 @@ public class testLeapSRPSession extends TestCase { salt = "64c3289d04a6ecad", a = "3565fdc2"; a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); byte[] A = client.exponential(); @@ -55,8 +53,7 @@ public class testLeapSRPSession extends TestCase { expected_A = new BigInteger("11acfacc08178d48f95c0e69adb11f6d144dd0980ee6e44b391347592e3bd5e9cb841d243b3d9ac2adb25b367a2558e8829b22dcef96c0934378412383ccf95141c3cb5f17ada20f53a0225f56a07f2b0c0469ed6bbad3646f7b71bdd4bedf5cc6fac244b26d3195d8f55877ff94a925b0c0c8f7273eca733c0355b38360442e", 16).toByteArray(); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); A = client.exponential(); @@ -73,8 +70,7 @@ public class testLeapSRPSession extends TestCase { salt = "64c3289d04a6ecad", a = "8c911355"; byte[] a_byte = new BigInteger(a, 16).toByteArray(); - SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - LeapSRPSession client = new LeapSRPSession(username, password, params, a_byte); + LeapSRPSession client = new LeapSRPSession(username, password, a_byte); byte[] x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); assertTrue(Arrays.equals(x, expected_x)); @@ -93,8 +89,7 @@ public class testLeapSRPSession extends TestCase { a = "38d5b211"; a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); A = client.exponential(); @@ -110,8 +105,7 @@ public class testLeapSRPSession extends TestCase { a = "36ee80ec"; a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); A = client.exponential(); @@ -321,8 +315,7 @@ public class testLeapSRPSession extends TestCase { salt = "64c3289d04a6ecad", a = "8c911355"; byte[] a_byte = new BigInteger(a, 16).toByteArray(); - SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - LeapSRPSession client = new LeapSRPSession(username, password, params, a_byte); + LeapSRPSession client = new LeapSRPSession(username, password, a_byte); byte[] x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); assertTrue(Arrays.equals(x, expected_x)); @@ -345,8 +338,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("517278a03a0320a52dcb391caf5264d76149d7d9b71ed2b65536233344c550cf", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); A = client.exponential(); @@ -365,8 +357,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("3bfb91c7d04b6da6381fe3d2648d992cdc6bc67b8ee16d1cfa733f786d492261", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, new BigInteger(salt, 16).toByteArray()); A = client.exponential(); @@ -390,8 +381,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("8f4552b1021a4de621d8f50f0921c4d20651e702d9d71276f8f6c15b838de018", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -418,8 +408,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("04cf3ab3b75dbc4b116ca2fec949bf3deca1e360e016d7ab2b8a49904c534a27", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -448,8 +437,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("082cf49ad5a34cc5ca571e3d063aec4bd96e7b96a6d951295180631650a84587", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -479,8 +467,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("5cc3d7f0077e978c83acdef14a725af01488c1728f0cf32cd7013d24faf5d901", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -510,8 +497,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("d78da7e0a23c9b87a2f09cdee05c510c105b4a8d471b47402c38f4cdfa49fe6d", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -541,8 +527,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("a382025452bad8a6ccd0f703253fda90e7ea7bd0c2d466a389455080a4bd015d", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -572,8 +557,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("9e99f9adfbfaa7add3626ed6e6aea94c9fa60dab6b8d56ad0cc950548f577d32", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -603,8 +587,7 @@ public class testLeapSRPSession extends TestCase { expected_M2 = trim(new BigInteger("ffccafa0febc1771a428082b30b7ce409856de4581c7d7d986f5b80015aba0d3", 16).toByteArray()); a_byte = new BigInteger(a, 16).toByteArray(); - params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256"); - client = new LeapSRPSession(username, password, params, a_byte); + client = new LeapSRPSession(username, password, a_byte); x = client.calculatePasswordHash(username, password, trim(new BigInteger(salt, 16).toByteArray())); assertTrue(Arrays.equals(x, expected_x)); @@ -626,8 +609,7 @@ public class testLeapSRPSession extends TestCase { String password = "holahola2"; byte[] salt = new BigInteger("67e8348d1500d26c", 16).toByteArray(); - SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), salt, "SHA-256"); - LeapSRPSession client = new LeapSRPSession(username, password, params); + LeapSRPSession client = new LeapSRPSession(username, password); String expected_v = "12bea84e588ffa2f8fc5ae47cb5e751a8f2d9e8125268ad9ab483eff83f98cb08484350eb478bee582b8b72363ff8e7b12e9f332e86f7a0bd77689927c609d275471c6ad2cff8b1e7bbfc3664169c3b7bccb0b974154c1f1656b64274568015ca1b849c9d9890ae4437ed686341b432340809b81c30727ed2aadea8bdec6d101"; diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index ddd36d7c..03cbda0c 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -925,7 +925,6 @@ public class ProviderAPI extends IntentService { certificateString = Base64.encodeToString( certCert.getEncoded(), Base64.DEFAULT); preferences.edit().putString(Constants.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); - preferences.edit().putString(Constants.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); return true; } catch (CertificateException e) { diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index d5081b8d..61f2a63b 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -36,7 +36,7 @@ android:label="@string/app" > @@ -62,7 +62,7 @@ + android:name="se.leap.bitmaskclient.eip.VoidVpnLauncher" /> @@ -99,11 +99,11 @@ android:label="@string/title_about_activity" > - + - - - + + + diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 473cd5ec..e4e575e4 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -42,6 +42,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected static final int CONFIGURE_LEAP = 0; protected static final int SWITCH_PROVIDER = 1; + final public static String TAG = Dashboard.class.getSimpleName(); final public static String SHARED_PREFERENCES = "LEAPPreferences"; final public static String ACTION_QUIT = "quit"; public static final String REQUEST_CODE = "request_code"; @@ -49,21 +50,19 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf public static final String START_ON_BOOT = "dashboard start on boot"; final public static String ON_BOOT = "dashboard on boot"; public static final String APP_VERSION = "bitmask version"; - final public static String TAG = Dashboard.class.getSimpleName(); - + private static Context app; + protected static SharedPreferences preferences; + private FragmentManagerEnhanced fragment_manager; + private EipServiceFragment eipFragment; - private ProgressBar mProgressBar; - private TextView eipStatus; - private static Context app; - protected static SharedPreferences preferences; - private static Provider provider; - - private boolean authed_eip = false; - + private ProgressBar mProgressBar; + private TextView eipStatus; public ProviderAPIResultReceiver providerAPI_result_receiver; - private FragmentManagerEnhanced fragment_manager; + private static Provider provider; + private static boolean authed_eip; + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); @@ -78,11 +77,11 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - authed_eip = preferences.getBoolean(Constants.AUTHED_EIP, false); - if (preferences.getString(Provider.KEY, "").isEmpty()) - startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); - else - buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); + boolean provider_configured = preferences.getString(Constants.KEY, "").isEmpty(); + if (provider_configured) + startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); + else + buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); } private void handleVersion() { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index 719fff6d..3b43282b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -37,9 +37,9 @@ public interface Constants { public final static String EIP_NOTIFICATION = TAG + ".EIP_NOTIFICATION"; public final static String STATUS = TAG + ".STATUS"; public final static String DATE_FROM_CERTIFICATE = TAG + ".DATE_FROM_CERTIFICATE"; - public final static String ALLOWED_ANON = TAG + ".ALLOW_ANONYMOUS"; - public final static String ALLOWED_REGISTERED = TAG + ".ALLOW_REGISTRATION"; - public final static String CERTIFICATE = TAG + ".CERTIFICATE"; + public final static String ALLOWED_ANON = "allow_anonymous"; + public final static String ALLOWED_REGISTERED = "allow_registration"; + public final static String CERTIFICATE = "cert"; public final static String PRIVATE_KEY = TAG + ".PRIVATE_KEY"; public final static String KEY = TAG + ".KEY"; public final static String PARSED_SERIAL = TAG + ".PARSED_SERIAL"; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index b668ce64..92eba23c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -51,20 +51,19 @@ public final class EIP extends IntentService { private static SharedPreferences preferences; - private static Context context; - private static ResultReceiver mReceiver; - private static boolean mBound = false; + private static Context context; + private static ResultReceiver mReceiver; + private static boolean mBound = false; - private static JSONObject eipDefinition = null; + private static int parsedEipSerial; + private static JSONObject eip_definition = null; - private static OVPNGateway activeGateway = null; + private static OVPNGateway activeGateway = null; public static VpnStatus.ConnectionStatus lastConnectionStatusLevel; public static boolean mIsDisconnecting = false; public static boolean mIsStarting = false; - public static SimpleDateFormat certificate_date_format = new SimpleDateFormat("yyyy-MM-dd HH:mm", Locale.US); - public EIP(){ super("LEAPEIP"); } @@ -76,6 +75,7 @@ public final class EIP extends IntentService { context = getApplicationContext(); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); + refreshEipDefinition(); } @Override @@ -113,8 +113,10 @@ public final class EIP extends IntentService { */ private void startEIP() { earlyRoutes(); - activeGateway = selectGateway(); - + GatewaySelector gateway_selector = new GatewaySelector(eip_definition); + String selected_gateway = gateway_selector.select(); + + activeGateway = new OVPNGateway(selected_gateway); if(activeGateway != null && activeGateway.mVpnProfile != null) { mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); @@ -131,93 +133,6 @@ public final class EIP extends IntentService { startActivity(void_vpn_launcher); } - /** - * Choose a gateway to connect to based on timezone from system locale data - * - * @return The gateway to connect to - */ - private OVPNGateway selectGateway() { - String closest_location = closestGateway(); - String chosen_host = chooseHost(closest_location); - - return new OVPNGateway(chosen_host); - } - - private String closestGateway() { - TreeMap> offsets = calculateOffsets(); - return offsets.isEmpty() ? "" : offsets.firstEntry().getValue().iterator().next(); - } - - private TreeMap> calculateOffsets() { - TreeMap> offsets = new TreeMap>(); - - int localOffset = Calendar.getInstance().get(Calendar.ZONE_OFFSET) / 3600000; - - JSONObject locations = availableLocations(); - Iterator locations_names = locations.keys(); - while(locations_names.hasNext()) { - try { - String location_name = locations_names.next(); - JSONObject location = locations.getJSONObject(location_name); - - int dist = timezoneDistance(localOffset, location.optInt("timezone")); - - Set set = (offsets.get(dist) != null) ? - offsets.get(dist) : new HashSet(); - - set.add(location_name); - offsets.put(dist, set); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return offsets; - } - - private JSONObject availableLocations() { - JSONObject locations = null; - try { - if(eipDefinition == null) updateEIPService(); - locations = eipDefinition.getJSONObject("locations"); - } catch (JSONException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } - - return locations; - } - - private int timezoneDistance(int local_timezone, int remote_timezone) { - // Distance along the numberline of Prime Meridian centric, assumes UTC-11 through UTC+12 - int dist = Math.abs(local_timezone - remote_timezone); - - // Farther than 12 timezones and it's shorter around the "back" - if (dist > 12) - dist = 12 - (dist -12); // Well i'll be. Absolute values make equations do funny things. - - return dist; - } - - private String chooseHost(String location) { - String chosen_host = ""; - try { - JSONArray gateways = eipDefinition.getJSONArray("gateways"); - for (int i = 0; i < gateways.length(); i++) { - JSONObject gw = gateways.getJSONObject(i); - if ( gw.getString("location").equalsIgnoreCase(location) || location.isEmpty()){ - chosen_host = eipDefinition.getJSONObject("locations").getJSONObject(gw.getString("location")).getString("name"); - break; - } - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return chosen_host; - } - private void launchActiveGateway() { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); @@ -292,7 +207,22 @@ public final class EIP extends IntentService { e.printStackTrace(); } } + if (eip_definition != null && eip_definition.optInt("serial") >= parsedEipSerial) + updateGateways(); + } + private void refreshEipDefinition() { + try { + String eip_definition_string = preferences.getString(KEY, ""); + if(!eip_definition_string.isEmpty()) { + eip_definition = new JSONObject(eip_definition_string); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + private void deleteAllVpnProfiles() { ProfileManager vpl = ProfileManager.getInstance(context); Collection profiles = vpl.getProfiles(); @@ -307,8 +237,8 @@ public final class EIP extends IntentService { private void updateGateways(){ JSONArray gatewaysDefined = null; try { - if(eipDefinition == null) updateEIPService(); - gatewaysDefined = eipDefinition.getJSONArray("gateways"); + if(eip_definition == null) updateEIPService(); + gatewaysDefined = eip_definition.getJSONArray("gateways"); for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ JSONObject gw = null; gw = gatewaysDefined.getJSONObject(i); @@ -320,52 +250,18 @@ public final class EIP extends IntentService { // TODO Auto-generated catch block e.printStackTrace(); } - preferences.edit().putInt(PARSED_SERIAL, eipDefinition.optInt(Provider.API_RETURN_SERIAL)).commit(); + preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).commit(); } private void checkCertValidity() { - String certificate = preferences.getString(CERTIFICATE, ""); - checkCertValidity(certificate); - } - - private void checkCertValidity(String certificate_string) { - if(!certificate_string.isEmpty()) { - X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificate_string); - - Calendar offset_date = calculateOffsetCertificateValidity(certificate); - Bundle result = new Bundle(); - result.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY); - try { - Log.d(TAG, "offset_date = " + offset_date.getTime().toString()); - certificate.checkValidity(offset_date.getTime()); - mReceiver.send(Activity.RESULT_OK, result); - Log.d(TAG, "Valid certificate"); - } catch(CertificateExpiredException e) { - mReceiver.send(Activity.RESULT_CANCELED, result); - Log.d(TAG, "Updating certificate"); - } catch(CertificateNotYetValidException e) { - mReceiver.send(Activity.RESULT_CANCELED, result); - } - } - } - - private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) { - String current_date = certificate_date_format.format(Calendar.getInstance().getTime()).toString(); - - String date_string = preferences.getString(DATE_FROM_CERTIFICATE, current_date); - - Calendar offset_date = Calendar.getInstance(); - try { - Date date = certificate_date_format.parse(date_string); - long difference = Math.abs(date.getTime() - certificate.getNotAfter().getTime())/2; - long current_date_millis = offset_date.getTimeInMillis(); - offset_date.setTimeInMillis(current_date_millis + difference); - Log.d(TAG, "certificate not after = " + certificate.getNotAfter()); - } catch(ParseException e) { - e.printStackTrace(); - } - - return offset_date; + Bundle result = new Bundle(); + result.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY); + + VpnCertificateValidator validator = new VpnCertificateValidator(); + if(validator.isValid(preferences.getString(CERTIFICATE, ""))) + mReceiver.send(Activity.RESULT_OK, result); + else + mReceiver.send(Activity.RESULT_CANCELED, result); } /** @@ -449,7 +345,7 @@ public final class EIP extends IntentService { try { ConfigParser cp = new ConfigParser(); - JSONObject openvpn_configuration = eipDefinition.getJSONObject("openvpn_configuration"); + JSONObject openvpn_configuration = eip_definition.getJSONObject("openvpn_configuration"); VpnConfigGenerator vpn_configuration_generator = new VpnConfigGenerator(preferences, openvpn_configuration, mGateway); String configuration = vpn_configuration_generator.generate(); @@ -475,7 +371,7 @@ public final class EIP extends IntentService { public String locationAsName() { try { - return eipDefinition.getJSONObject("locations").getJSONObject(mGateway.getString("location")).getString("name"); + return eip_definition.getJSONObject("locations").getJSONObject(mGateway.getString("location")).getString("name"); } catch (JSONException e) { Log.v(TAG,"Couldn't read gateway name for profile creation! Returning original name = " + mName); e.printStackTrace(); diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java new file mode 100644 index 00000000..a5f04368 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java @@ -0,0 +1,59 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +import android.util.Log; +import java.util.*; +import java.security.cert.*; +import java.text.*; + +import se.leap.bitmaskclient.ConfigHelper; +import static se.leap.bitmaskclient.eip.Constants.*; + +public class VpnCertificateValidator { + public final static String TAG = VpnCertificateValidator.class.getSimpleName(); + + public boolean isValid(String certificate) { + if(!certificate.isEmpty()) { + X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate); + return isValid(certificate_x509); + } else return false; + } + + private boolean isValid(X509Certificate certificate) { + Calendar offset_date = calculateOffsetCertificateValidity(certificate); + try { + Log.d(TAG, "offset_date = " + offset_date.getTime().toString()); + certificate.checkValidity(offset_date.getTime()); + return true; + } catch(CertificateExpiredException e) { + return false; + } catch(CertificateNotYetValidException e) { + return false; + } + } + + private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) { + Log.d(TAG, "certificate not after = " + certificate.getNotAfter()); + long preventive_time = Math.abs(certificate.getNotBefore().getTime() - certificate.getNotAfter().getTime())/2; + long current_date_millis = Calendar.getInstance().getTimeInMillis(); + + Calendar limit_date = Calendar.getInstance(); + limit_date.setTimeInMillis(current_date_millis + preventive_time); + return limit_date; + } +} -- cgit v1.2.3 From 1fcf003abf27b58047d59a3f8ac4787987de2ecd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 12 Nov 2014 03:58:03 +0100 Subject: Smaller method. --- app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 92eba23c..94027491 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -73,7 +73,6 @@ public final class EIP extends IntentService { super.onCreate(); context = getApplicationContext(); - preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); refreshEipDefinition(); } @@ -254,14 +253,9 @@ public final class EIP extends IntentService { } private void checkCertValidity() { - Bundle result = new Bundle(); - result.putString(REQUEST_TAG, ACTION_CHECK_CERT_VALIDITY); - VpnCertificateValidator validator = new VpnCertificateValidator(); - if(validator.isValid(preferences.getString(CERTIFICATE, ""))) - mReceiver.send(Activity.RESULT_OK, result); - else - mReceiver.send(Activity.RESULT_CANCELED, result); + boolean is_valid = validator.isValid(preferences.getString(CERTIFICATE, "")); + tellToReceiver(ACTION_CHECK_CERT_VALIDITY, is_valid); } /** -- cgit v1.2.3 From ba3362c6779e3b89533b1a132d67b4916a9976d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 13 Nov 2014 19:22:35 +0100 Subject: GatewaySelector is back. Had to rewrite the class, forgot to add the java file to git. --- .../main/java/se/leap/bitmaskclient/Dashboard.java | 2 +- .../java/se/leap/bitmaskclient/eip/Constants.java | 1 - .../main/java/se/leap/bitmaskclient/eip/EIP.java | 82 +++++++++------------- 3 files changed, 36 insertions(+), 49 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index e4e575e4..395e9987 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -97,7 +97,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf case 101: // 0.8.0 if(!preferences.getString(Constants.KEY, "").isEmpty()) { Intent rebuildVpnProfiles = new Intent(getApplicationContext(), EIP.class); - rebuildVpnProfiles.setAction(Constants.ACTION_REBUILD_PROFILES); + rebuildVpnProfiles.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); startService(rebuildVpnProfiles); } break; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index 3b43282b..b710d780 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -33,7 +33,6 @@ public interface Constants { public final static String ACTION_STOP_EIP = TAG + ".STOP_EIP"; public final static String ACTION_UPDATE_EIP_SERVICE = TAG + ".UPDATE_EIP_SERVICE"; public final static String ACTION_IS_EIP_RUNNING = TAG + ".IS_RUNNING"; - public final static String ACTION_REBUILD_PROFILES = TAG + ".REBUILD_PROFILES"; public final static String EIP_NOTIFICATION = TAG + ".EIP_NOTIFICATION"; public final static String STATUS = TAG + ".STATUS"; public final static String DATE_FROM_CERTIFICATE = TAG + ".DATE_FROM_CERTIFICATE"; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 94027491..2b9f120d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -101,8 +101,6 @@ public final class EIP extends IntentService { updateEIPService(); else if ( action == ACTION_CHECK_CERT_VALIDITY ) checkCertValidity(); - else if ( action == ACTION_REBUILD_PROFILES ) - updateGateways(); } /** @@ -175,39 +173,28 @@ public final class EIP extends IntentService { */ private void isRunning() { - int resultCode = Activity.RESULT_CANCELED; - boolean is_connected = isConnected(); - - resultCode = (is_connected) ? Activity.RESULT_OK : Activity.RESULT_CANCELED; - + int resultCode = (isConnected()) ? + Activity.RESULT_OK : + Activity.RESULT_CANCELED; tellToReceiver(ACTION_IS_EIP_RUNNING, resultCode); } public static boolean isConnected() { - return lastConnectionStatusLevel != null && lastConnectionStatusLevel.equals(VpnStatus.ConnectionStatus.LEVEL_CONNECTED) && !mIsDisconnecting; + return lastConnectionStatusLevel != null + && lastConnectionStatusLevel.equals(VpnStatus.ConnectionStatus.LEVEL_CONNECTED) + && !mIsDisconnecting; } - /** - * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} - * to parse gateway definitions. - * TODO Implement API call to refresh eip-service.json from the provider - */ - private void updateEIPService() { - try { - String eip_definition_string = preferences.getString(KEY, ""); - if(eip_definition_string.isEmpty() == false) { - eipDefinition = new JSONObject(eip_definition_string); - } - deleteAllVpnProfiles(); - updateGateways(); - if(mReceiver != null) mReceiver.send(Activity.RESULT_OK, Bundle.EMPTY); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - if (eip_definition != null && eip_definition.optInt("serial") >= parsedEipSerial) - updateGateways(); + /** + * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} + * to parse gateway definitions. + * TODO Implement API call to refresh eip-service.json from the provider + */ + private void updateEIPService() { + refreshEipDefinition(); + deleteAllVpnProfiles(); + updateGateways(); + if(mReceiver != null) mReceiver.send(Activity.RESULT_OK, Bundle.EMPTY); } private void refreshEipDefinition() { @@ -233,29 +220,30 @@ public final class EIP extends IntentService { * OVPNGateway objects. * TODO Store the OVPNGateways (as Serializable) in SharedPreferences */ - private void updateGateways(){ - JSONArray gatewaysDefined = null; - try { - if(eip_definition == null) updateEIPService(); - gatewaysDefined = eip_definition.getJSONArray("gateways"); - for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ - JSONObject gw = null; - gw = gatewaysDefined.getJSONObject(i); + private void updateGateways(){ + JSONArray gatewaysDefined = null; + try { + gatewaysDefined = eip_definition.getJSONArray("gateways"); + for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ + JSONObject gw = null; + gw = gatewaysDefined.getJSONObject(i); - if ( gw.getJSONObject("capabilities").getJSONArray("transport").toString().contains("openvpn") ) - new OVPNGateway(gw); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).commit(); + if ( gw.getJSONObject("capabilities").getJSONArray("transport").toString().contains("openvpn") ) + new OVPNGateway(gw); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } + preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).commit(); + } private void checkCertValidity() { VpnCertificateValidator validator = new VpnCertificateValidator(); - boolean is_valid = validator.isValid(preferences.getString(CERTIFICATE, "")); - tellToReceiver(ACTION_CHECK_CERT_VALIDITY, is_valid); + int resultCode = validator.isValid(preferences.getString(CERTIFICATE, "")) ? + Activity.RESULT_OK : + Activity.RESULT_CANCELED; + tellToReceiver(ACTION_CHECK_CERT_VALIDITY, resultCode); } /** -- cgit v1.2.3 From 301adeab4b1630645e53baa982b35cba394e52b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 17 Nov 2014 18:44:36 +0100 Subject: Update vpn certificate and store it correctly. One more onReceiveResult for Dashboard, that method needs a rethink: a statemachine class, and a simple "next()" method? The reality is that the onReceiveResult specifies a linked process, and that should have a better model than a series of if/else cases with strings comparisons hehehe --- .../java/se/leap/bitmaskclient/ProviderAPI.java | 12 +------- .../main/java/se/leap/bitmaskclient/Dashboard.java | 36 ++++++++++++---------- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 2 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 14 ++------- 4 files changed, 24 insertions(+), 40 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index 03cbda0c..a89ef357 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -861,23 +861,13 @@ public class ProviderAPI extends IntentService { } return true; } - - private boolean updateVpnCertificate() { - getNewCert(); - - Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); - startService(updateEIP); - - return true; - } /** * Downloads a new OpenVPN certificate, attaching authenticated cookie for authenticated certificate. * * @return true if certificate was downloaded correctly, false if provider.json or danger_on flag are not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error. */ - private boolean getNewCert() { + private boolean updateVpnCertificate() { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 395e9987..b139f73f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -433,22 +433,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf hideProgressBar(); setResult(RESULT_OK); - Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - ResultReceiver eip_receiver = new ResultReceiver(new Handler()){ - protected void onReceiveResult(int resultCode, Bundle resultData){ - super.onReceiveResult(resultCode, resultData); - String request = resultData.getString(Constants.REQUEST_TAG); - if (resultCode == Activity.RESULT_OK){ - if(authed_eip) - eipStart(); - else - eipStatus.setText("Certificate updated"); - } - } - }; - updateEIP.putExtra(Constants.RECEIVER_TAG, eip_receiver); - updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); - startService(updateEIP); + + updateEipService(); } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { changeStatusMessage(resultCode); hideProgressBar(); @@ -456,6 +442,24 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } } + private void updateEipService() { + Intent updateEIP = new Intent(getApplicationContext(), EIP.class); + updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); + ResultReceiver receiver = new ResultReceiver(new Handler()) { + protected void onReceiveResult(int resultCode, Bundle resultData) { + String request = resultData.getString(Constants.REQUEST_TAG); + if(request.equalsIgnoreCase(Constants.ACTION_UPDATE_EIP_SERVICE)) { + if(resultCode == Activity.RESULT_OK) { + if(authed_eip) + eipStart(); + } + } + } + }; + updateEIP.putExtra(Constants.RECEIVER_TAG, receiver); + startService(updateEIP); + } + private void changeStatusMessage(final int previous_result_code) { // TODO Auto-generated method stub ResultReceiver eip_status_receiver = new ResultReceiver(new Handler()){ diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 2b9f120d..9f81f263 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -194,7 +194,7 @@ public final class EIP extends IntentService { refreshEipDefinition(); deleteAllVpnProfiles(); updateGateways(); - if(mReceiver != null) mReceiver.send(Activity.RESULT_OK, Bundle.EMPTY); + tellToReceiver(ACTION_UPDATE_EIP_SERVICE, Activity.RESULT_OK); } private void refreshEipDefinition() { diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index e2da588c..0fa60550 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -845,23 +845,13 @@ public class ProviderAPI extends IntentService { } return true; } - - private boolean updateVpnCertificate() { - getNewCert(); - - Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); - startService(updateEIP); - - return true; - } /** * Downloads a new OpenVPN certificate, attaching authenticated cookie for authenticated certificate. * * @return true if certificate was downloaded correctly, false if provider.json is not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error. */ - private boolean getNewCert() { + private boolean updateVpnCertificate() { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); @@ -898,6 +888,7 @@ public class ProviderAPI extends IntentService { certificateString = certAndKey[i++] + certAndKey[i]; } } + RSAPrivateKey key = ConfigHelper.parseRsaKeyFromString(keyString); keyString = Base64.encodeToString(key.getEncoded(), Base64.DEFAULT); preferences.edit().putString(Constants.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n"+keyString+"-----END RSA PRIVATE KEY-----").commit(); @@ -905,7 +896,6 @@ public class ProviderAPI extends IntentService { X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(certificateString); certificateString = Base64.encodeToString(certificate.getEncoded(), Base64.DEFAULT); preferences.edit().putString(Constants.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n"+certificateString+"-----END CERTIFICATE-----").commit(); - preferences.edit().putString(Constants.DATE_FROM_CERTIFICATE, EIP.certificate_date_format.format(Calendar.getInstance().getTime())).commit(); return true; } catch (CertificateException e) { // TODO Auto-generated catch block -- cgit v1.2.3 From 5d28fc6602a214da51931e428112825117b2509f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 17 Nov 2014 19:54:51 +0100 Subject: An empty certificate is valid. If there is no certificate, there is no need to fix it. Right now, we use this class just to know if we need to update the certificate or redownload it. In case the certificate is corrupted, then it won't be empty but will contain an error message. If there is no certificate (e.g., because the user hasn't logged in and the provider doesn't provide anon vpn), then the "certificate" is ok but an upper layer of the code will have to handle the situation (in this case, eip will detect that there is no certificate and that the user needs to log in, prompting it to do so). --- .../main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java index a5f04368..16ae6a85 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java @@ -31,7 +31,7 @@ public class VpnCertificateValidator { if(!certificate.isEmpty()) { X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate); return isValid(certificate_x509); - } else return false; + } else return true; } private boolean isValid(X509Certificate certificate) { -- cgit v1.2.3 From 06bc3b1898e1a419693c7fc3d6a48322ad6881e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 17 Nov 2014 22:17:01 +0100 Subject: OVPNGateway extracted from EIP. Fixed a silly typo on .gitignore which was ignoring "G*"!. --- .../openvpn/core/GetRestrictionReceiver.java | 47 ++++++ .../main/java/se/leap/bitmaskclient/eip/EIP.java | 172 +++++---------------- .../java/se/leap/bitmaskclient/eip/Gateway.java | 151 ++++++++++++++++++ .../se/leap/bitmaskclient/eip/GatewaySelector.java | 44 ++++++ 4 files changed, 277 insertions(+), 137 deletions(-) create mode 100644 app/src/main/java/de/blinkt/openvpn/core/GetRestrictionReceiver.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java (limited to 'app') diff --git a/app/src/main/java/de/blinkt/openvpn/core/GetRestrictionReceiver.java b/app/src/main/java/de/blinkt/openvpn/core/GetRestrictionReceiver.java new file mode 100644 index 00000000..5b1dda58 --- /dev/null +++ b/app/src/main/java/de/blinkt/openvpn/core/GetRestrictionReceiver.java @@ -0,0 +1,47 @@ +package de.blinkt.openvpn.core; + +import android.annotation.TargetApi; +import android.app.Activity; +import android.content.BroadcastReceiver; +import android.content.Context; +import android.content.Intent; +import android.content.RestrictionEntry; +import android.os.Build; +import android.os.Bundle; + +import java.util.ArrayList; + +import se.leap.bitmaskclient.R; + +/** + * Created by arne on 25.07.13. + */ +@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2) +public class GetRestrictionReceiver extends BroadcastReceiver { + @Override + public void onReceive(final Context context, Intent intent) { + final PendingResult result = goAsync(); + + new Thread() { + @Override + public void run() { + final Bundle extras = new Bundle(); + + ArrayList restrictionEntries = initRestrictions(context); + + extras.putParcelableArrayList(Intent.EXTRA_RESTRICTIONS_LIST, restrictionEntries); + result.setResult(Activity.RESULT_OK,null,extras); + result.finish(); + } + }.run(); + } + + private ArrayList initRestrictions(Context context) { + ArrayList restrictions = new ArrayList(); + RestrictionEntry allowChanges = new RestrictionEntry("allow_changes",false); + allowChanges.setTitle(context.getString(R.string.allow_vpn_changes)); + restrictions.add(allowChanges); + + return restrictions; + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 9f81f263..876ad172 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -58,7 +58,9 @@ public final class EIP extends IntentService { private static int parsedEipSerial; private static JSONObject eip_definition = null; - private static OVPNGateway activeGateway = null; + private static Gateway activeGateway = null; + private static List gateways = new ArrayList(); + ProfileManager profile_manager; public static VpnStatus.ConnectionStatus lastConnectionStatusLevel; public static boolean mIsDisconnecting = false; @@ -73,6 +75,8 @@ public final class EIP extends IntentService { super.onCreate(); context = getApplicationContext(); + profile_manager = ProfileManager.getInstance(context); + preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); refreshEipDefinition(); } @@ -110,11 +114,10 @@ public final class EIP extends IntentService { */ private void startEIP() { earlyRoutes(); - GatewaySelector gateway_selector = new GatewaySelector(eip_definition); - String selected_gateway = gateway_selector.select(); + GatewaySelector gateway_selector = new GatewaySelector(gateways); - activeGateway = new OVPNGateway(selected_gateway); - if(activeGateway != null && activeGateway.mVpnProfile != null) { + activeGateway = gateway_selector.select(); + if(activeGateway != null && activeGateway.getProfile() != null) { mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); } @@ -134,8 +137,8 @@ public final class EIP extends IntentService { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - intent.putExtra(LaunchVPN.EXTRA_KEY, activeGateway.mVpnProfile.getUUID().toString() ); - intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.mVpnProfile.getName() ); + intent.putExtra(LaunchVPN.EXTRA_KEY, activeGateway.getProfile().getUUID().toString() ); + intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.getProfile().getName() ); intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); intent.putExtra(RECEIVER_TAG, mReceiver); startActivity(intent); @@ -210,26 +213,23 @@ public final class EIP extends IntentService { } private void deleteAllVpnProfiles() { - ProfileManager vpl = ProfileManager.getInstance(context); - Collection profiles = vpl.getProfiles(); + Collection profiles = profile_manager.getProfiles(); profiles.removeAll(profiles); } - /** - * Walk the list of gateways defined in eip-service.json and parse them into - * OVPNGateway objects. - * TODO Store the OVPNGateways (as Serializable) in SharedPreferences - */ + /** + * Walk the list of gateways defined in eip-service.json and parse them into + * Gateway objects. + * TODO Store the Gateways (as Serializable) in SharedPreferences + */ private void updateGateways(){ - JSONArray gatewaysDefined = null; try { - gatewaysDefined = eip_definition.getJSONArray("gateways"); + JSONArray gatewaysDefined = eip_definition.getJSONArray("gateways"); for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ - JSONObject gw = null; - gw = gatewaysDefined.getJSONObject(i); - - if ( gw.getJSONObject("capabilities").getJSONArray("transport").toString().contains("openvpn") ) - new OVPNGateway(gw); + JSONObject gw = gatewaysDefined.getJSONObject(i); + if(isOpenVpnGateway(gw)) { + addGateway(new Gateway(eip_definition, context, gw)); + } } } catch (JSONException e) { // TODO Auto-generated catch block @@ -238,6 +238,20 @@ public final class EIP extends IntentService { preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).commit(); } + private boolean isOpenVpnGateway(JSONObject gateway) { + try { + String transport = gateway.getJSONObject("capabilities").getJSONArray("transport").toString(); + return transport.contains("openvpn"); + } catch (JSONException e) { + return false; + } + } + + private void addGateway(Gateway gateway) { + profile_manager.addProfile(gateway.getProfile()); + gateways.add(gateway); + } + private void checkCertValidity() { VpnCertificateValidator validator = new VpnCertificateValidator(); int resultCode = validator.isValid(preferences.getString(CERTIFICATE, "")) ? @@ -245,120 +259,4 @@ public final class EIP extends IntentService { Activity.RESULT_CANCELED; tellToReceiver(ACTION_CHECK_CERT_VALIDITY, resultCode); } - - /** - * OVPNGateway provides objects defining gateways and their options and metadata. - * Each instance contains a VpnProfile for OpenVPN specific data and member - * variables describing capabilities and location - * - * @author Sean Leonard - */ - private class OVPNGateway { - - private String TAG = "OVPNGateway"; - - private String mName; - private VpnProfile mVpnProfile; - private JSONObject mGateway; - private HashMap>> options = new HashMap>>(); - - - /** - * Attempts to retrieve a VpnProfile by name and build an OVPNGateway around it. - * FIXME This needs to become a findGatewayByName() method - * - * @param name The hostname of the gateway to inflate - */ - private OVPNGateway(String name){ - mName = name; - - this.loadVpnProfile(); - } - - private void loadVpnProfile() { - ProfileManager vpl = ProfileManager.getInstance(context); - try { - if ( mName == null ) - mVpnProfile = vpl.getProfiles().iterator().next(); - else - mVpnProfile = vpl.getProfileByName(mName); - } catch (NoSuchElementException e) { - updateEIPService(); - this.loadVpnProfile(); // FIXME catch infinite loops - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /** - * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json - * and create a VpnProfile belonging to it. - * - * @param gateway The JSON OpenVPN gateway definition to parse - */ - protected OVPNGateway(JSONObject gateway){ - - mGateway = gateway; - - // Currently deletes VpnProfile for host, if there already is one, and builds new - ProfileManager vpl = ProfileManager.getInstance(context); - Collection profiles = vpl.getProfiles(); - for (Iterator it = profiles.iterator(); it.hasNext(); ){ - VpnProfile p = it.next(); - - if ( p.mName.equalsIgnoreCase( mName ) ) { - it.remove(); - vpl.removeProfile(context, p); - } - } - - this.createVPNProfile(); - - vpl.addProfile(mVpnProfile); - vpl.saveProfile(context, mVpnProfile); - vpl.saveProfileList(context); - } - - /** - * Create and attach the VpnProfile to our gateway object - */ - protected void createVPNProfile(){ - try { - ConfigParser cp = new ConfigParser(); - - JSONObject openvpn_configuration = eip_definition.getJSONObject("openvpn_configuration"); - VpnConfigGenerator vpn_configuration_generator = new VpnConfigGenerator(preferences, openvpn_configuration, mGateway); - String configuration = vpn_configuration_generator.generate(); - - cp.parseConfig(new StringReader(configuration)); - mVpnProfile = cp.convertProfile(); - mVpnProfile.mName = mName = locationAsName(); - Log.v(TAG,"Created VPNProfile"); - - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (ConfigParser.ConfigParseError e) { - // FIXME We didn't get a VpnProfile! Error handling! and log level - Log.v(TAG,"Error creating VPNProfile"); - e.printStackTrace(); - } catch (IOException e) { - // FIXME We didn't get a VpnProfile! Error handling! and log level - Log.v(TAG,"Error creating VPNProfile"); - e.printStackTrace(); - } - } - - - public String locationAsName() { - try { - return eip_definition.getJSONObject("locations").getJSONObject(mGateway.getString("location")).getString("name"); - } catch (JSONException e) { - Log.v(TAG,"Couldn't read gateway name for profile creation! Returning original name = " + mName); - e.printStackTrace(); - return (mName != null) ? mName : ""; - } - } - } } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java new file mode 100644 index 00000000..6aa66ac0 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java @@ -0,0 +1,151 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +import android.app.Activity; +import android.content.*; +import android.util.Log; +import java.io.*; +import java.util.*; +import org.json.*; + +import de.blinkt.openvpn.*; +import de.blinkt.openvpn.activities.*; +import de.blinkt.openvpn.core.*; +import se.leap.bitmaskclient.*; + +/** + * Gateway provides objects defining gateways and their metadata. + * Each instance contains a VpnProfile for OpenVPN specific data and member + * variables describing capabilities and location (name) + * + * @author Sean Leonard + * @author Parménides GV + */ +public class Gateway { + + private String TAG = Gateway.class.getSimpleName(); + + private String mName; + private int timezone; + private JSONObject general_configuration; + private Context context; + private VpnProfile mVpnProfile; + private JSONObject mGateway; + + /** + * Build a gateway object from a JSON OpenVPN gateway definition in eip-service.json + * and create a VpnProfile belonging to it. + * + * @param gateway The JSON OpenVPN gateway definition to parse + */ + protected Gateway(JSONObject eip_definition, Context context, JSONObject gateway){ + + mGateway = gateway; + + this.context = context; + general_configuration = getGeneralConfiguration(eip_definition); + timezone = getTimezone(eip_definition); + mName = locationAsName(eip_definition); + + // Currently deletes VpnProfile for host, if there already is one, and builds new + ProfileManager vpl = ProfileManager.getInstance(context); + Collection profiles = vpl.getProfiles(); + for (Iterator it = profiles.iterator(); it.hasNext(); ){ + VpnProfile p = it.next(); + + if ( p.mName.equalsIgnoreCase( mName ) ) { + it.remove(); + vpl.removeProfile(context, p); + } + } + + mVpnProfile = createVPNProfile(); + mVpnProfile.mName = mName; + + vpl.addProfile(mVpnProfile); + vpl.saveProfile(context, mVpnProfile); + vpl.saveProfileList(context); + } + + private JSONObject getGeneralConfiguration(JSONObject eip_definition) { + try { + return eip_definition.getJSONObject("openvpn_configuration"); + } catch (JSONException e) { + return new JSONObject(); + } + } + + private int getTimezone(JSONObject eip_definition) { + JSONObject location = getLocationInfo(eip_definition); + return location.optInt("timezone"); + } + + private String locationAsName(JSONObject eip_definition) { + JSONObject location = getLocationInfo(eip_definition); + return location.optString("name"); + } + + private JSONObject getLocationInfo(JSONObject eip_definition) { + try { + JSONObject locations = eip_definition.getJSONObject("locations"); + JSONObject location = locations.getJSONObject(mGateway.getString("location")); + + return location; + } catch (JSONException e) { + return new JSONObject(); + } + } + + /** + * Create and attach the VpnProfile to our gateway object + */ + private VpnProfile createVPNProfile(){ + try { + ConfigParser cp = new ConfigParser(); + + SharedPreferences preferences = context.getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE); + VpnConfigGenerator vpn_configuration_generator = new VpnConfigGenerator(preferences, general_configuration, mGateway); + String configuration = vpn_configuration_generator.generate(); + + cp.parseConfig(new StringReader(configuration)); + return cp.convertProfile(); + } catch (ConfigParser.ConfigParseError e) { + // FIXME We didn't get a VpnProfile! Error handling! and log level + Log.v(TAG,"Error creating VPNProfile"); + e.printStackTrace(); + return null; + } catch (IOException e) { + // FIXME We didn't get a VpnProfile! Error handling! and log level + Log.v(TAG,"Error creating VPNProfile"); + e.printStackTrace(); + return null; + } + } + + public String getName() { + return mName; + } + + public VpnProfile getProfile() { + return mVpnProfile; + } + + public int getTimezone() { + return timezone; + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java new file mode 100644 index 00000000..36b5fb41 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java @@ -0,0 +1,44 @@ +package se.leap.bitmaskclient.eip; + +import java.security.cert.*; +import java.util.*; +import org.json.*; + +public class GatewaySelector { + List gateways; + + public GatewaySelector(List gateways) { + this.gateways = gateways; + } + + public Gateway select() { + return closestGateway(); + } + + private Gateway closestGateway() { + TreeMap> offsets = calculateOffsets(); + return offsets.isEmpty() ? null : offsets.firstEntry().getValue().iterator().next(); + } + + private TreeMap> calculateOffsets() { + TreeMap> offsets = new TreeMap>(); + int localOffset = Calendar.getInstance().get(Calendar.ZONE_OFFSET) / 3600000; + for(Gateway gateway : gateways) { + int dist = timezoneDistance(localOffset, gateway.getTimezone()); + Set set = (offsets.get(dist) != null) ? + offsets.get(dist) : new HashSet(); + set.add(gateway); + offsets.put(dist, set); + } + return offsets; + } + + private int timezoneDistance(int local_timezone, int remote_timezone) { + // Distance along the numberline of Prime Meridian centric, assumes UTC-11 through UTC+12 + int dist = Math.abs(local_timezone - remote_timezone); + // Farther than 12 timezones and it's shorter around the "back" + if (dist > 12) + dist = 12 - (dist -12); // Well i'll be. Absolute values make equations do funny things. + return dist; + } +} -- cgit v1.2.3 From bc3af9b45a962721002e249806e0e9edd01e3e8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 18 Nov 2014 18:38:06 +0100 Subject: Extracted EipStatus, centralizing new state notifications. Observer pattern. The only notification is being received properly on EipServiceFragment is the connected one. I need to fix the other UI methods. --- .../se/leap/bitmaskclient/EipServiceFragment.java | 80 +++++-------- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 22 +--- .../java/se/leap/bitmaskclient/eip/EipStatus.java | 133 +++++++++++++++++++++ 3 files changed, 169 insertions(+), 66 deletions(-) create mode 100644 app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index f35a3cfa..675619ca 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -13,8 +13,9 @@ import android.os.*; import android.util.Log; import android.view.*; import android.widget.*; +import java.util.*; -public class EipServiceFragment extends Fragment implements VpnStatus.StateListener, CompoundButton.OnCheckedChangeListener { +public class EipServiceFragment extends Fragment implements Observer, CompoundButton.OnCheckedChangeListener { protected static final String IS_EIP_PENDING = "is_eip_pending"; public static final String START_ON_BOOT = "start on boot"; @@ -23,6 +24,7 @@ public class EipServiceFragment extends Fragment implements VpnStatus.StateListe private static Switch eipSwitch; private View eipDetail; private TextView eipStatus; + private EipStatus eip_status; private static EIPReceiver mEIPReceiver; @@ -57,7 +59,7 @@ public class EipServiceFragment extends Fragment implements VpnStatus.StateListe @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); - + EipStatus.getInstance().addObserver(this); mEIPReceiver = new EIPReceiver(new Handler()); if (savedInstanceState != null) @@ -66,18 +68,8 @@ public class EipServiceFragment extends Fragment implements VpnStatus.StateListe @Override public void onResume() { - super.onResume(); - - VpnStatus.addStateListener(this); - - eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); - } - - @Override - public void onPause() { - super.onPause(); - - VpnStatus.removeStateListener(this); + super.onResume(); + eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); } @Override @@ -205,47 +197,43 @@ public class EipServiceFragment extends Fragment implements VpnStatus.StateListe } @Override - public void updateState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { - boolean isNewLevel = EIP.lastConnectionStatusLevel != level; - boolean justDecidedOnDisconnect = EIP.lastConnectionStatusLevel == VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; - Log.d(TAG, "update state with level " + level); - if(!justDecidedOnDisconnect && (isNewLevel || level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED)) { - getActivity().runOnUiThread(new Runnable() { - @Override - public void run() { - EIP.lastConnectionStatusLevel = level; - handleNewState(state, logmessage, localizedResId, level); - } - }); - } else if(justDecidedOnDisconnect && level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED) { - EIP.lastConnectionStatusLevel = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; - updateState(state, logmessage, localizedResId, level); - } // else if(isNewLevel || level == ConnectionStatus.LEVEL_AUTH_FAILED) - // handleNewState(state, logmessage, localizedResId, level); + public void update (Observable observable, Object data) { + if(observable instanceof EipStatus) { + final EipStatus eip_status = (EipStatus) observable; + EipStatus previous_status = eip_status.getPreviousStatus(); + boolean isNewLevel = eip_status.getLevel() != previous_status.getLevel(); + if(!eip_status.wantsToDisconnect() && (isNewLevel || eip_status.isConnected())) { + getActivity().runOnUiThread(new Runnable() { + @Override + public void run() { + handleNewState(eip_status); + } + }); + } else if(eip_status.wantsToDisconnect() && eip_status.isConnected()) { + setDisconnectedUI(); + // EIP.lastConnectionStatusLevel = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; + // updateState(state, logmessage, localizedResId, level); + } + } } - private void handleNewState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { + private void handleNewState(EipStatus eip_status) { + final String state = eip_status.getState(); + final String logmessage = eip_status.getLogMessage(); + final int localizedResId = eip_status.getLocalizedResId(); + final VpnStatus.ConnectionStatus level = eip_status.getLevel(); if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED) setConnectedUI(); - else if (isDisconnectedLevel(level) && !EIP.mIsStarting) + else if (eip_status.isDisconnected() && !eip_status.isConnecting()) setDisconnectedUI(); else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_NO_SERVER_REPLY_YET) setNoServerReplyUI(localizedResId, logmessage); else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) setServerReplyUI(state, localizedResId, logmessage); - // else if (level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED) - // handleSwitchOn(); - } - - private boolean isDisconnectedLevel(final VpnStatus.ConnectionStatus level) { - return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED || level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED; } private void setConnectedUI() { hideProgressBar(); - Log.d(TAG, "mIsDisconnecting = false in setConnectedUI"); - EIP.mIsStarting = false; //TODO This should be done in the onReceiveResult from START_EIP command, but right now LaunchVPN isn't notifying anybody the resultcode of the request so we need to listen the states with this listener. - EIP.mIsDisconnecting = false; //TODO See comment above String status = getString(R.string.eip_state_connected); setEipStatus(status); adjustSwitch(); @@ -253,17 +241,15 @@ public class EipServiceFragment extends Fragment implements VpnStatus.StateListe private void setDisconnectedUI(){ hideProgressBar(); - EIP.mIsStarting = false; //TODO See comment in setConnectedUI() - Log.d(TAG, "mIsDisconnecting = false in setDisconnectedUI"); - EIP.mIsDisconnecting = false; //TODO See comment in setConnectedUI() String status = getString(R.string.eip_state_not_connected); setEipStatus(status); adjustSwitch(); } - private void adjustSwitch() { - if(EIP.isConnected()) { + private void adjustSwitch() { + EipStatus eip_status = EipStatus.getInstance(); + if(eip_status.isConnected()) { if(!eipSwitch.isChecked()) { eipSwitch.setChecked(true); } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 876ad172..97ef485a 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -46,21 +46,16 @@ import static se.leap.bitmaskclient.eip.Constants.*; public final class EIP extends IntentService { public final static String TAG = EIP.class.getSimpleName(); - public final static String SERVICE_API_PATH = "config/eip-service.json"; - private static SharedPreferences preferences; - private static Context context; private static ResultReceiver mReceiver; - private static boolean mBound = false; + private static SharedPreferences preferences; - private static int parsedEipSerial; private static JSONObject eip_definition = null; - - private static Gateway activeGateway = null; private static List gateways = new ArrayList(); - ProfileManager profile_manager; + private static ProfileManager profile_manager; + private static Gateway activeGateway = null; public static VpnStatus.ConnectionStatus lastConnectionStatusLevel; public static boolean mIsDisconnecting = false; @@ -81,15 +76,6 @@ public final class EIP extends IntentService { refreshEipDefinition(); } - @Override - public void onDestroy() { - - mBound = false; - - super.onDestroy(); - } - - @Override protected void onHandleIntent(Intent intent) { String action = intent.getAction(); @@ -115,7 +101,6 @@ public final class EIP extends IntentService { private void startEIP() { earlyRoutes(); GatewaySelector gateway_selector = new GatewaySelector(gateways); - activeGateway = gateway_selector.select(); if(activeGateway != null && activeGateway.getProfile() != null) { mReceiver = EipServiceFragment.getReceiver(); @@ -137,7 +122,6 @@ public final class EIP extends IntentService { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - intent.putExtra(LaunchVPN.EXTRA_KEY, activeGateway.getProfile().getUUID().toString() ); intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.getProfile().getName() ); intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); intent.putExtra(RECEIVER_TAG, mReceiver); diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java new file mode 100644 index 00000000..c58650ba --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java @@ -0,0 +1,133 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.eip; + +import android.util.Log; +import java.util.*; + +import de.blinkt.openvpn.core.*; + +public class EipStatus extends Observable implements VpnStatus.StateListener { + public static String TAG = EipStatus.class.getSimpleName(); + private static EipStatus current_status; + + private static EipStatus previous_status; + private static VpnStatus.ConnectionStatus level = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; + private static boolean wants_to_disconnect = false; + private static boolean is_disconnecting = false; + private static boolean is_connecting = false; + + private String state, log_message; + private int localized_res_id; + + public static EipStatus getInstance() { + if(current_status == null) { + current_status = new EipStatus(); + VpnStatus.addStateListener(current_status); + } + return current_status; + } + + private EipStatus() { } + + @Override + public void updateState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { + current_status = getInstance(); + previous_status = current_status; + current_status.setState(state); + current_status.setLogMessage(logmessage); + current_status.setLocalizedResId(localizedResId); + current_status.setLevel(level); + current_status.setChanged(); + Log.d(TAG, "update state with level " + level); + current_status.notifyObservers(); + } + + public boolean isDisconnecting() { + return is_disconnecting; + } + + public boolean isConnecting() { + return is_connecting; + } + + public boolean wantsToDisconnect() { + return wants_to_disconnect; + } + + public boolean isConnected() { + return level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED; + } + + public boolean isDisconnected() { + return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED || level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED; + } + + public void setConnecting() { + is_connecting = true; + is_disconnecting = false; + wants_to_disconnect = false; + } + + public void setDisconnecting() { + is_disconnecting = true; + is_connecting = false; + wants_to_disconnect = false; + level = VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; // Wait for the decision of the user + } + + public void setWantsToDisconnect() { + wants_to_disconnect = true; + } + + public String getState() { + return state; + } + + public String getLogMessage() { + return log_message; + } + + public int getLocalizedResId() { + return localized_res_id; + } + + public VpnStatus.ConnectionStatus getLevel() { + return level; + } + + public EipStatus getPreviousStatus() { + return previous_status; + } + + private void setState(String state) { + this.state = state; + } + + private void setLogMessage(String log_message) { + this.log_message = log_message; + } + + private void setLocalizedResId(int localized_res_id) { + this.localized_res_id = localized_res_id; + } + + private void setLevel(VpnStatus.ConnectionStatus level) { + this.level = level; + } + +} -- cgit v1.2.3 From 50949530a8453e1aa62c0ff277849d6f83fe0f76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 19 Nov 2014 20:20:31 +0100 Subject: Eip status messages refactored. --- .../main/java/se/leap/bitmaskclient/Dashboard.java | 80 ++++----- .../se/leap/bitmaskclient/EipServiceFragment.java | 181 +++++++++------------ .../main/java/se/leap/bitmaskclient/eip/EIP.java | 28 +--- .../java/se/leap/bitmaskclient/eip/EipStatus.java | 13 +- .../res/layout-xlarge/eip_service_fragment.xml | 2 +- app/src/main/res/layout/eip_service_fragment.xml | 2 +- 6 files changed, 140 insertions(+), 166 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index b139f73f..fe3c3f23 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -57,7 +57,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private EipServiceFragment eipFragment; private ProgressBar mProgressBar; - private TextView eipStatus; + private TextView status_message; public ProviderAPIResultReceiver providerAPI_result_receiver; private static Provider provider; @@ -116,28 +116,29 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf super.onPause(); } - @Override - protected void onActivityResult(int requestCode, int resultCode, final Intent data){ - if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { - // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { - if ( resultCode == RESULT_OK ){ - preferences.edit().putInt(Constants.PARSED_SERIAL, 0).commit(); - preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); - Intent updateEIP = new Intent(getApplicationContext(), EIP.class); - updateEIP.setAction(Constants.ACTION_UPDATE_EIP_SERVICE); - startService(updateEIP); - buildDashboard(false); - invalidateOptionsMenu(); - if(data != null && data.hasExtra(LogInDialog.TAG)) { - View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); - logInDialog(Bundle.EMPTY); - } - } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { - finish(); - } else - configErrorDialog(); + @Override + protected void onActivityResult(int requestCode, int resultCode, Intent data){ + Log.d(TAG, "onActivityResult: requestCode = " + requestCode); + if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { + // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { + if ( resultCode == RESULT_OK ){ + preferences.edit().putInt(Constants.PARSED_SERIAL, 0).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); + updateEipService(); + buildDashboard(false); + invalidateOptionsMenu(); + if(data != null && data.hasExtra(LogInDialog.TAG)) { + View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); + logInDialog(Bundle.EMPTY); } + } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { + finish(); + } else + configErrorDialog(); + } else if(requestCode == 33) { + EipStatus.getInstance().setConnectedOrDisconnected(); } + } /** * Dialog shown when encountering a configuration error. Such errors require @@ -273,7 +274,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private Intent prepareProviderAPICommand() { mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - eipStatus = (TextView) findViewById(R.id.eipStatus); + status_message = (TextView) findViewById(R.id.status_message); providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); providerAPI_result_receiver.setReceiver(this); @@ -307,7 +308,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf parameters.putString(SessionDialogInterface.PASSWORD, password); mProgressBar.setVisibility(ProgressBar.VISIBLE); - eipStatus.setText(R.string.authenticating_message); + status_message.setText(R.string.authenticating_message); provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.setAction(ProviderAPI.SRP_AUTH); @@ -331,8 +332,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); mProgressBar.setVisibility(ProgressBar.VISIBLE); - if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); - eipStatus.setText(R.string.logout_message); + if(status_message == null) status_message = (TextView) findViewById(R.id.status_message); + status_message.setText(R.string.logout_message); provider_API_command.setAction(ProviderAPI.LOG_OUT); startService(provider_API_command); @@ -362,7 +363,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf parameters.putString(SessionDialogInterface.PASSWORD, password); mProgressBar.setVisibility(ProgressBar.VISIBLE); - eipStatus.setText(R.string.signingup_message); + status_message.setText(R.string.signingup_message); provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.setAction(ProviderAPI.SRP_REGISTER); @@ -390,6 +391,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf @Override public void onReceiveResult(int resultCode, Bundle resultData) { + Log.d(TAG, "onReceiveResult"); if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL) { String username = resultData.getString(SessionDialogInterface.USERNAME); String password = resultData.getString(SessionDialogInterface.PASSWORD); @@ -466,17 +468,17 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected void onReceiveResult(int resultCode, Bundle resultData){ super.onReceiveResult(resultCode, resultData); String request = resultData.getString(Constants.REQUEST_TAG); - if(eipStatus == null) eipStatus = (TextView) findViewById(R.id.eipStatus); + if(status_message == null) status_message = (TextView) findViewById(R.id.status_message); if (request.equalsIgnoreCase(Constants.ACTION_IS_EIP_RUNNING)){ if (resultCode == Activity.RESULT_OK){ switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eipStatus.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; - case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.authed_secured_status); break; - case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.logged_out_message); break; - case ProviderAPI.LOGOUT_FAILED: eipStatus.setText(R.string.log_out_failed_message); break; + case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.SRP_AUTHENTICATION_FAILED: status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.authed_secured_status); break; + case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.LOGOUT_FAILED: status_message.setText(R.string.log_out_failed_message); break; } } @@ -484,13 +486,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eipStatus.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eipStatus.setText(R.string.authentication_failed_message); break; - case ProviderAPI.SRP_REGISTRATION_FAILED: eipStatus.setText(R.string.registration_failed_message); break; + case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.SRP_AUTHENTICATION_FAILED: status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.SRP_REGISTRATION_FAILED: status_message.setText(R.string.registration_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; - case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eipStatus.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eipStatus.setText(R.string.logged_out_message); break; - case ProviderAPI.LOGOUT_FAILED: eipStatus.setText(R.string.log_out_failed_message); break; + case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.LOGOUT_FAILED: status_message.setText(R.string.log_out_failed_message); break; } } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 675619ca..7dfb628d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -17,70 +17,70 @@ import java.util.*; public class EipServiceFragment extends Fragment implements Observer, CompoundButton.OnCheckedChangeListener { - protected static final String IS_EIP_PENDING = "is_eip_pending"; + protected static final String IS_EIP_PENDING = "is_eip_pending"; public static final String START_ON_BOOT = "start on boot"; - private View eipFragment; - private static Switch eipSwitch; - private View eipDetail; - private TextView eipStatus; - private EipStatus eip_status; + private View eipFragment; + private static Switch eipSwitch; + private View eipDetail; + private TextView status_message; private static EIPReceiver mEIPReceiver; - + private static EipStatus eip_status; public static String TAG = "se.leap.bitmask.EipServiceFragment"; - @Override - public View onCreateView(LayoutInflater inflater, ViewGroup container, - Bundle savedInstanceState) { + @Override + public void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + eip_status = EipStatus.getInstance(); + eip_status.addObserver(this); + mEIPReceiver = new EIPReceiver(new Handler()); + + if (savedInstanceState != null && savedInstanceState.getBoolean(IS_EIP_PENDING)) + eip_status.setConnecting(); + } + + @Override + public View onCreateView(LayoutInflater inflater, ViewGroup container, + Bundle savedInstanceState) { - eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); - eipDetail = ((RelativeLayout) eipFragment.findViewById(R.id.eipDetail)); - eipDetail.setVisibility(View.VISIBLE); + eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); + eipDetail = ((RelativeLayout) eipFragment.findViewById(R.id.eipDetail)); + eipDetail.setVisibility(View.VISIBLE); - View eipSettings = eipFragment.findViewById(R.id.eipSettings); - eipSettings.setVisibility(View.GONE); // FIXME too! + View eipSettings = eipFragment.findViewById(R.id.eipSettings); + eipSettings.setVisibility(View.GONE); // FIXME too! - if (EIP.mIsStarting) - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); + if (eip_status.isConnecting()) + eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); - eipStatus = (TextView) eipFragment.findViewById(R.id.eipStatus); + status_message = (TextView) eipFragment.findViewById(R.id.status_message); - eipSwitch = (Switch) eipFragment.findViewById(R.id.eipSwitch); - eipSwitch.setOnCheckedChangeListener(this); + eipSwitch = (Switch) eipFragment.findViewById(R.id.eipSwitch); + eipSwitch.setOnCheckedChangeListener(this); - if(getArguments() != null && getArguments().containsKey(START_ON_BOOT) && getArguments().getBoolean(START_ON_BOOT)) - startEipFromScratch(); + if(getArguments() != null && getArguments().containsKey(START_ON_BOOT) && getArguments().getBoolean(START_ON_BOOT)) + startEipFromScratch(); - return eipFragment; - } - - @Override - public void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - EipStatus.getInstance().addObserver(this); - mEIPReceiver = new EIPReceiver(new Handler()); - - if (savedInstanceState != null) - EIP.mIsStarting = savedInstanceState.getBoolean(IS_EIP_PENDING); - } + return eipFragment; + } - @Override - public void onResume() { - super.onResume(); - eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); - } + @Override + public void onResume() { + super.onResume(); + eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); + } - @Override - public void onSaveInstanceState(Bundle outState) { - super.onSaveInstanceState(outState); - outState.putBoolean(IS_EIP_PENDING, EIP.mIsStarting); - } + @Override + public void onSaveInstanceState(Bundle outState) { + super.onSaveInstanceState(outState); + outState.putBoolean(IS_EIP_PENDING, eip_status.isConnecting()); + } protected void saveEipStatus() { boolean eip_is_on = false; - Log.d("bitmask", "saveEipStatus"); + Log.d(TAG, "saveEipStatus"); if(eipSwitch.isChecked()) { eip_is_on = true; } @@ -88,6 +88,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu if(getActivity() != null) Dashboard.preferences.edit().putBoolean(Dashboard.START_ON_BOOT, eip_is_on).commit(); } + @Override public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) { if (buttonView.equals(eipSwitch)){ @@ -117,7 +118,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu private boolean canStartEIP() { boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); - return (isAllowedAnon || certificateExists) && !EIP.mIsStarting && !EIP.isConnected(); + return (isAllowedAnon || certificateExists) && !eip_status.isConnected(); } private boolean canLogInToStartEIP() { @@ -125,14 +126,13 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu boolean isLoggedIn = !LeapSRPSession.getToken().isEmpty(); Log.d(TAG, "Allow registered? " + isAllowedRegistered); Log.d(TAG, "Is logged in? " + isLoggedIn); - return isAllowedRegistered && !isLoggedIn && !EIP.mIsStarting && !EIP.isConnected(); + return isAllowedRegistered && !isLoggedIn && !eip_status.isConnecting() && !eip_status.isConnected(); } private void handleSwitchOff() { - if(EIP.mIsStarting) { + if(eip_status.isConnecting()) { askPendingStartCancellation(); - } else if(EIP.isConnected()) { - Log.d(TAG, "Stopping EIP"); + } else if(eip_status.isConnected()) { stopEIP(); } } @@ -150,7 +150,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu .setNegativeButton(getResources().getString(R.string.no), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - Log.d(TAG, "askPendingStartCancellation checks the switch to true"); eipSwitch.setChecked(true); } }) @@ -158,13 +157,12 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } public void startEipFromScratch() { - EIP.mIsStarting = true; + eip_status.setConnecting(); eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); String status = getResources().getString(R.string.eip_status_start_pending); setEipStatus(status); if(!eipSwitch.isChecked()) { - Log.d(TAG, "startEipFromScratch checks the switch to true"); eipSwitch.setChecked(true); saveEipStatus(); } @@ -172,7 +170,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } protected void stopEIP() { - EIP.mIsStarting = false; View eipProgressBar = getActivity().findViewById(R.id.eipProgress); if(eipProgressBar != null) eipProgressBar.setVisibility(View.GONE); @@ -199,56 +196,42 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public void update (Observable observable, Object data) { if(observable instanceof EipStatus) { + this.eip_status = (EipStatus) observable; final EipStatus eip_status = (EipStatus) observable; - EipStatus previous_status = eip_status.getPreviousStatus(); - boolean isNewLevel = eip_status.getLevel() != previous_status.getLevel(); - if(!eip_status.wantsToDisconnect() && (isNewLevel || eip_status.isConnected())) { - getActivity().runOnUiThread(new Runnable() { - @Override - public void run() { - handleNewState(eip_status); - } - }); - } else if(eip_status.wantsToDisconnect() && eip_status.isConnected()) { - setDisconnectedUI(); - // EIP.lastConnectionStatusLevel = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; - // updateState(state, logmessage, localizedResId, level); - } + getActivity().runOnUiThread(new Runnable() { + @Override + public void run() { + handleNewState(eip_status); + } + }); } } private void handleNewState(EipStatus eip_status) { final String state = eip_status.getState(); - final String logmessage = eip_status.getLogMessage(); - final int localizedResId = eip_status.getLocalizedResId(); - final VpnStatus.ConnectionStatus level = eip_status.getLevel(); - if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED) + if(eip_status.wantsToDisconnect()) + setDisconnectedUI(); + else if (eip_status.isConnected()) setConnectedUI(); else if (eip_status.isDisconnected() && !eip_status.isConnecting()) setDisconnectedUI(); - else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_NO_SERVER_REPLY_YET) - setNoServerReplyUI(localizedResId, logmessage); - else if (level == VpnStatus.ConnectionStatus.LEVEL_CONNECTING_SERVER_REPLIED) - setServerReplyUI(state, localizedResId, logmessage); + else + setInProgressUI(eip_status); } private void setConnectedUI() { hideProgressBar(); - String status = getString(R.string.eip_state_connected); - setEipStatus(status); adjustSwitch(); + setEipStatus(getString(R.string.eip_state_connected)); } private void setDisconnectedUI(){ hideProgressBar(); - - String status = getString(R.string.eip_state_not_connected); - setEipStatus(status); adjustSwitch(); + setEipStatus(getString(R.string.eip_state_not_connected)); } private void adjustSwitch() { - EipStatus eip_status = EipStatus.getInstance(); if(eip_status.isConnected()) { if(!eipSwitch.isChecked()) { eipSwitch.setChecked(true); @@ -260,25 +243,18 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } } - private void setNoServerReplyUI(int localizedResId, String logmessage) { - if(eipStatus != null) { - String prefix = getString(localizedResId); - setEipStatus(prefix + " " + logmessage); - } - } - - private void setServerReplyUI(String state, int localizedResId, String logmessage) { - if(eipStatus != null) - if(state.equals("AUTH") || state.equals("GET_CONFIG")) { - String prefix = getString(localizedResId); - setEipStatus(prefix + " " + logmessage); - } + private void setInProgressUI(EipStatus eip_status) { + int localizedResId = eip_status.getLocalizedResId(); + String logmessage = eip_status.getLogMessage(); + String prefix = getString(localizedResId); + + setEipStatus(prefix + " " + logmessage); } protected void setEipStatus(String status) { - if(eipStatus == null) - eipStatus = (TextView) getActivity().findViewById(R.id.eipStatus); - eipStatus.setText(status); + if(status_message == null) + status_message = (TextView) getActivity().findViewById(R.id.status_message); + status_message.setText(status); } private void hideProgressBar() { @@ -319,7 +295,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu Log.d(TAG, "Action start eip = Result OK"); checked = true; eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); - EIP.mIsStarting = false; break; case Activity.RESULT_CANCELED: checked = false; @@ -329,8 +304,10 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } else if (request == Constants.ACTION_STOP_EIP) { switch (resultCode){ case Activity.RESULT_OK: - checked = false; - break; + Intent disconnect_vpn = new Intent(getActivity(), DisconnectVPN.class); + getActivity().startActivityForResult(disconnect_vpn, 33); + eip_status.setDisconnecting(); + break; case Activity.RESULT_CANCELED: checked = true; break; @@ -388,7 +365,5 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu public void checkEipSwitch(boolean checked) { eipSwitch.setChecked(checked); - // Log.d(TAG, "checkEipSwitch"); - // onCheckedChanged(eipSwitch, checked); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 97ef485a..577f42a3 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -57,10 +57,6 @@ public final class EIP extends IntentService { private static ProfileManager profile_manager; private static Gateway activeGateway = null; - public static VpnStatus.ConnectionStatus lastConnectionStatusLevel; - public static boolean mIsDisconnecting = false; - public static boolean mIsStarting = false; - public EIP(){ super("LEAPEIP"); } @@ -133,16 +129,13 @@ public final class EIP extends IntentService { * if there is no bound service. Sends a message to the requesting ResultReceiver. */ private void stopEIP() { - if(isConnected()) { - Intent disconnect_vpn = new Intent(this, DisconnectVPN.class); - disconnect_vpn.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - startActivity(disconnect_vpn); - mIsDisconnecting = true; - lastConnectionStatusLevel = VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; // Wait for the decision of the user - Log.d(TAG, "mIsDisconnecting = true"); - } + EipStatus eip_status = EipStatus.getInstance(); + Log.d(TAG, "stopEip(): eip is connected? " + eip_status.isConnected()); + int result_code = Activity.RESULT_CANCELED; + if(eip_status.isConnected()) + result_code = Activity.RESULT_OK; - tellToReceiver(ACTION_STOP_EIP, Activity.RESULT_OK); + tellToReceiver(ACTION_STOP_EIP, result_code); } private void tellToReceiver(String action, int resultCode) { @@ -160,17 +153,12 @@ public final class EIP extends IntentService { */ private void isRunning() { - int resultCode = (isConnected()) ? + EipStatus eip_status = EipStatus.getInstance(); + int resultCode = (eip_status.isConnected()) ? Activity.RESULT_OK : Activity.RESULT_CANCELED; tellToReceiver(ACTION_IS_EIP_RUNNING, resultCode); } - - public static boolean isConnected() { - return lastConnectionStatusLevel != null - && lastConnectionStatusLevel.equals(VpnStatus.ConnectionStatus.LEVEL_CONNECTED) - && !mIsDisconnecting; - } /** * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java index c58650ba..ee14f2db 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java @@ -53,6 +53,8 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { current_status.setLocalizedResId(localizedResId); current_status.setLevel(level); current_status.setChanged(); + if(isConnected() || isDisconnected()) + setConnectedOrDisconnected(); Log.d(TAG, "update state with level " + level); current_status.notifyObservers(); } @@ -74,7 +76,7 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { } public boolean isDisconnected() { - return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED || level == VpnStatus.ConnectionStatus.LEVEL_AUTH_FAILED; + return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; } public void setConnecting() { @@ -83,11 +85,18 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { wants_to_disconnect = false; } + public void setConnectedOrDisconnected() { + is_connecting = false; + is_disconnecting = false; + wants_to_disconnect = false; + current_status.setChanged(); + current_status.notifyObservers(); + } + public void setDisconnecting() { is_disconnecting = true; is_connecting = false; wants_to_disconnect = false; - level = VpnStatus.ConnectionStatus.UNKNOWN_LEVEL; // Wait for the decision of the user } public void setWantsToDisconnect() { diff --git a/app/src/main/res/layout-xlarge/eip_service_fragment.xml b/app/src/main/res/layout-xlarge/eip_service_fragment.xml index e5c7f23d..c6ac96a9 100644 --- a/app/src/main/res/layout-xlarge/eip_service_fragment.xml +++ b/app/src/main/res/layout-xlarge/eip_service_fragment.xml @@ -61,7 +61,7 @@ android:src="@drawable/ic_sysbar_quicksettings" /> Date: Thu, 20 Nov 2014 12:45:12 +0100 Subject: Changing orientation, fixing... --- .../main/java/se/leap/bitmaskclient/Dashboard.java | 30 +-- .../se/leap/bitmaskclient/EipServiceFragment.java | 266 +++++++++++---------- .../java/se/leap/bitmaskclient/LogInDialog.java | 36 ++- .../java/se/leap/bitmaskclient/SignUpDialog.java | 35 ++- 4 files changed, 183 insertions(+), 184 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index fe3c3f23..4bebf14a 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -54,8 +54,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private static Context app; protected static SharedPreferences preferences; private FragmentManagerEnhanced fragment_manager; - - private EipServiceFragment eipFragment; + private ProgressBar mProgressBar; private TextView status_message; public ProviderAPIResultReceiver providerAPI_result_receiver; @@ -180,21 +179,24 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf providerNameTV.setText(provider.getDomain()); providerNameTV.setTextSize(28); - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); + mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); if ( provider.hasEIP()){ - eipFragment = new EipServiceFragment(); - if (hide_and_turn_on_eip) { - preferences.edit().remove(Dashboard.START_ON_BOOT).commit(); - Bundle arguments = new Bundle(); - arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); - eipFragment.setArguments(arguments); - } - fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); - if (hide_and_turn_on_eip) { - onBackPressed(); - } + EipServiceFragment previous_eip_fragment = (EipServiceFragment)fragment_manager.findFragmentByTag(EipServiceFragment.TAG); + EipServiceFragment eipFragment = previous_eip_fragment == null ? + new EipServiceFragment() : previous_eip_fragment; + if (hide_and_turn_on_eip) { + preferences.edit().remove(Dashboard.START_ON_BOOT).commit(); + Bundle arguments = new Bundle(); + arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); + eipFragment.setArguments(arguments); + } + fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); + + if (hide_and_turn_on_eip) { + onBackPressed(); + } } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 7dfb628d..3650079a 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -17,7 +17,11 @@ import java.util.*; public class EipServiceFragment extends Fragment implements Observer, CompoundButton.OnCheckedChangeListener { - protected static final String IS_EIP_PENDING = "is_eip_pending"; + public static String TAG = "se.leap.bitmask.EipServiceFragment"; + + protected static final String IS_PENDING = TAG + ".is_pending"; + protected static final String IS_CONNECTED = TAG + ".is_connected"; + protected static final String STATUS_MESSAGE = TAG + ".status_message"; public static final String START_ON_BOOT = "start on boot"; private View eipFragment; @@ -25,25 +29,26 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu private View eipDetail; private TextView status_message; + private static Activity parent_activity; private static EIPReceiver mEIPReceiver; private static EipStatus eip_status; - - public static String TAG = "se.leap.bitmask.EipServiceFragment"; + @Override + public void onAttach(Activity activity) { + super.onAttach(activity); + parent_activity = activity; + } + @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); eip_status = EipStatus.getInstance(); eip_status.addObserver(this); mEIPReceiver = new EIPReceiver(new Handler()); - - if (savedInstanceState != null && savedInstanceState.getBoolean(IS_EIP_PENDING)) - eip_status.setConnecting(); } @Override - public View onCreateView(LayoutInflater inflater, ViewGroup container, - Bundle savedInstanceState) { + public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); eipDetail = ((RelativeLayout) eipFragment.findViewById(R.id.eipDetail)); @@ -58,14 +63,27 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu status_message = (TextView) eipFragment.findViewById(R.id.status_message); eipSwitch = (Switch) eipFragment.findViewById(R.id.eipSwitch); + Log.d(TAG, "onCreateView, eipSwitch is checked? " + eipSwitch.isChecked()); eipSwitch.setOnCheckedChangeListener(this); if(getArguments() != null && getArguments().containsKey(START_ON_BOOT) && getArguments().getBoolean(START_ON_BOOT)) startEipFromScratch(); - + return eipFragment; } + public void onViewStateRestored (Bundle savedInstanceState) { + super.onViewStateRestored(savedInstanceState); + if (savedInstanceState != null) { + setStatusMessage(savedInstanceState.getString(STATUS_MESSAGE)); + if(savedInstanceState.getBoolean(IS_PENDING)) + eip_status.setConnecting(); + else if(savedInstanceState.getBoolean(IS_CONNECTED)) { + eip_status.setConnectedOrDisconnected(); + } + } + } + @Override public void onResume() { super.onResume(); @@ -74,8 +92,11 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public void onSaveInstanceState(Bundle outState) { + outState.putBoolean(IS_PENDING, eip_status.isConnecting()); + outState.putBoolean(IS_CONNECTED, eip_status.isConnected()); + Log.d(TAG, "status message onSaveInstanceState = " + status_message.getText().toString()); + outState.putString(STATUS_MESSAGE, status_message.getText().toString()); super.onSaveInstanceState(outState); - outState.putBoolean(IS_EIP_PENDING, eip_status.isConnecting()); } protected void saveEipStatus() { @@ -85,7 +106,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu eip_is_on = true; } - if(getActivity() != null) + if(parent_activity != null) Dashboard.preferences.edit().putBoolean(Dashboard.START_ON_BOOT, eip_is_on).commit(); } @@ -110,7 +131,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu startEipFromScratch(); else if(canLogInToStartEIP()) { Log.d(TAG, "Can Log In to start EIP"); - Dashboard dashboard = (Dashboard) getActivity(); + Dashboard dashboard = (Dashboard) parent_activity; dashboard.logInDialog(Bundle.EMPTY); } } @@ -138,16 +159,16 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } private void askPendingStartCancellation() { - AlertDialog.Builder alertBuilder = new AlertDialog.Builder(getActivity()); - alertBuilder.setTitle(getResources().getString(R.string.eip_cancel_connect_title)) - .setMessage(getResources().getString(R.string.eip_cancel_connect_text)) + AlertDialog.Builder alertBuilder = new AlertDialog.Builder(parent_activity); + alertBuilder.setTitle(parent_activity.getString(R.string.eip_cancel_connect_title)) + .setMessage(parent_activity.getString(R.string.eip_cancel_connect_text)) .setPositiveButton((R.string.yes), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { stopEIP(); } }) - .setNegativeButton(getResources().getString(R.string.no), new DialogInterface.OnClickListener() { + .setNegativeButton(parent_activity.getString(R.string.no), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { eipSwitch.setChecked(true); @@ -159,8 +180,8 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu public void startEipFromScratch() { eip_status.setConnecting(); eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); - String status = getResources().getString(R.string.eip_status_start_pending); - setEipStatus(status); + String status = parent_activity.getString(R.string.eip_status_start_pending); + setStatusMessage(status); if(!eipSwitch.isChecked()) { eipSwitch.setChecked(true); @@ -170,37 +191,37 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } protected void stopEIP() { - View eipProgressBar = getActivity().findViewById(R.id.eipProgress); + View eipProgressBar = parent_activity.findViewById(R.id.eipProgress); if(eipProgressBar != null) eipProgressBar.setVisibility(View.GONE); - String status = getResources().getString(R.string.eip_state_not_connected); - setEipStatus(status); + String status = parent_activity.getString(R.string.eip_state_not_connected); + setStatusMessage(status); eipCommand(Constants.ACTION_STOP_EIP); } - /** - * Send a command to EIP - * - * @param action A valid String constant from EIP class representing an Intent - * filter for the EIP class - */ - private void eipCommand(String action){ - // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? - Intent vpn_intent = new Intent(getActivity().getApplicationContext(), EIP.class); - vpn_intent.setAction(action); - vpn_intent.putExtra(Constants.RECEIVER_TAG, mEIPReceiver); - getActivity().startService(vpn_intent); - } + /** + * Send a command to EIP + * + * @param action A valid String constant from EIP class representing an Intent + * filter for the EIP class + */ + private void eipCommand(String action){ + // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? + Intent vpn_intent = new Intent(parent_activity.getApplicationContext(), EIP.class); + vpn_intent.setAction(action); + vpn_intent.putExtra(Constants.RECEIVER_TAG, mEIPReceiver); + parent_activity.startService(vpn_intent); + } @Override public void update (Observable observable, Object data) { if(observable instanceof EipStatus) { this.eip_status = (EipStatus) observable; final EipStatus eip_status = (EipStatus) observable; - getActivity().runOnUiThread(new Runnable() { - @Override - public void run() { + parent_activity.runOnUiThread(new Runnable() { + @Override + public void run() { handleNewState(eip_status); } }); @@ -208,7 +229,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } private void handleNewState(EipStatus eip_status) { - final String state = eip_status.getState(); if(eip_status.wantsToDisconnect()) setDisconnectedUI(); else if (eip_status.isConnected()) @@ -221,18 +241,20 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu private void setConnectedUI() { hideProgressBar(); + Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); adjustSwitch(); - setEipStatus(getString(R.string.eip_state_connected)); + setStatusMessage(parent_activity.getString(R.string.eip_state_connected)); } private void setDisconnectedUI(){ hideProgressBar(); adjustSwitch(); - setEipStatus(getString(R.string.eip_state_not_connected)); + setStatusMessage(parent_activity.getString(R.string.eip_state_not_connected)); } private void adjustSwitch() { if(eip_status.isConnected()) { + Log.d(TAG, "adjustSwitch, isConnected, is checked? " + eipSwitch.isChecked()); if(!eipSwitch.isChecked()) { eipSwitch.setChecked(true); } @@ -246,113 +268,96 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu private void setInProgressUI(EipStatus eip_status) { int localizedResId = eip_status.getLocalizedResId(); String logmessage = eip_status.getLogMessage(); - String prefix = getString(localizedResId); + String prefix = parent_activity.getString(localizedResId); - setEipStatus(prefix + " " + logmessage); + setStatusMessage(prefix + " " + logmessage); } - protected void setEipStatus(String status) { + protected void setStatusMessage(String status) { if(status_message == null) - status_message = (TextView) getActivity().findViewById(R.id.status_message); + status_message = (TextView) parent_activity.findViewById(R.id.status_message); status_message.setText(status); } private void hideProgressBar() { - if(getActivity() != null && getActivity().findViewById(R.id.eipProgress) != null) - getActivity().findViewById(R.id.eipProgress).setVisibility(View.GONE); + if(parent_activity != null && parent_activity.findViewById(R.id.eipProgress) != null) + parent_activity.findViewById(R.id.eipProgress).setVisibility(View.GONE); } - /** - * Inner class for handling messages related to EIP status and control requests - * - * @author Sean Leonard - */ - protected class EIPReceiver extends ResultReceiver { + protected class EIPReceiver extends ResultReceiver { - protected EIPReceiver(Handler handler){ - super(handler); - } + protected EIPReceiver(Handler handler){ + super(handler); + } - @Override - protected void onReceiveResult(int resultCode, Bundle resultData) { - super.onReceiveResult(resultCode, resultData); + @Override + protected void onReceiveResult(int resultCode, Bundle resultData) { + super.onReceiveResult(resultCode, resultData); - String request = resultData.getString(Constants.REQUEST_TAG); - boolean checked = false; + String request = resultData.getString(Constants.REQUEST_TAG); + boolean checked = false; - if (request == Constants.ACTION_IS_EIP_RUNNING) { - switch (resultCode){ - case Activity.RESULT_OK: - checked = true; - break; - case Activity.RESULT_CANCELED: - checked = false; - break; - } - } else if (request == Constants.ACTION_START_EIP) { - switch (resultCode){ - case Activity.RESULT_OK: - Log.d(TAG, "Action start eip = Result OK"); - checked = true; - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); - break; - case Activity.RESULT_CANCELED: - checked = false; - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.GONE); - break; - } - } else if (request == Constants.ACTION_STOP_EIP) { - switch (resultCode){ - case Activity.RESULT_OK: - Intent disconnect_vpn = new Intent(getActivity(), DisconnectVPN.class); - getActivity().startActivityForResult(disconnect_vpn, 33); - eip_status.setDisconnecting(); - break; - case Activity.RESULT_CANCELED: - checked = true; - break; - } - } else if (request == Constants.EIP_NOTIFICATION) { - switch (resultCode){ - case Activity.RESULT_OK: - checked = true; - break; - case Activity.RESULT_CANCELED: - checked = false; - break; - } - } else if (request == Constants.ACTION_CHECK_CERT_VALIDITY) { - checked = eipSwitch.isChecked(); - - switch (resultCode) { - case Activity.RESULT_OK: - break; - case Activity.RESULT_CANCELED: - Dashboard dashboard = (Dashboard) getActivity(); - - dashboard.showProgressBar(); - String status = getResources().getString(R.string.updating_certificate_message); - setEipStatus(status); - - if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { - dashboard.logInDialog(Bundle.EMPTY); - } else { - - Intent provider_API_command = new Intent(getActivity(), ProviderAPI.class); - if (dashboard.providerAPI_result_receiver == null) { - dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); - dashboard.providerAPI_result_receiver.setReceiver(dashboard); - } - - provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver); - getActivity().startService(provider_API_command); - } - break; - } + if (request == Constants.ACTION_START_EIP) { + switch (resultCode){ + case Activity.RESULT_OK: + Log.d(TAG, "Action start eip = Result OK"); + checked = true; + eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); + break; + case Activity.RESULT_CANCELED: + checked = false; + eipFragment.findViewById(R.id.eipProgress).setVisibility(View.GONE); + break; + } + } else if (request == Constants.ACTION_STOP_EIP) { + switch (resultCode){ + case Activity.RESULT_OK: + Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); + parent_activity.startActivityForResult(disconnect_vpn, 33); + eip_status.setDisconnecting(); + break; + case Activity.RESULT_CANCELED: + checked = true; + break; + } + } else if (request == Constants.EIP_NOTIFICATION) { + switch (resultCode){ + case Activity.RESULT_OK: + checked = true; + break; + case Activity.RESULT_CANCELED: + checked = false; + break; + } + } else if (request == Constants.ACTION_CHECK_CERT_VALIDITY) { + checked = eipSwitch.isChecked(); + switch (resultCode) { + case Activity.RESULT_OK: + break; + case Activity.RESULT_CANCELED: + Dashboard dashboard = (Dashboard) parent_activity; + + dashboard.showProgressBar(); + String status = parent_activity.getString(R.string.updating_certificate_message); + setStatusMessage(status); + if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { + dashboard.logInDialog(Bundle.EMPTY); + } else { + Intent provider_API_command = new Intent(parent_activity, ProviderAPI.class); + if(dashboard.providerAPI_result_receiver == null) { + dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); + dashboard.providerAPI_result_receiver.setReceiver(dashboard); } + + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); + provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver); + parent_activity.startService(provider_API_command); + } + break; } + } } + } public static EIPReceiver getReceiver() { @@ -366,4 +371,5 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu public void checkEipSwitch(boolean checked) { eipSwitch.setChecked(checked); } + } diff --git a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java index 5a0c9a6d..cede9bfb 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java @@ -55,32 +55,28 @@ public class LogInDialog extends SessionDialogInterface { View log_in_dialog_view = inflater.inflate(R.layout.log_in_dialog, null); final TextView user_message = (TextView)log_in_dialog_view.findViewById(R.id.user_message); - if(getArguments() != null && getArguments().containsKey(getResources().getString(R.string.user_message))) { - user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); - } else { - user_message.setVisibility(View.GONE); - } - final EditText username_field = (EditText)log_in_dialog_view.findViewById(R.id.username_entered); - if(getArguments() != null && getArguments().containsKey(USERNAME)) { - String username = getArguments().getString(USERNAME); - username_field.setText(username); - } - if (getArguments() != null && getArguments().containsKey(USERNAME_MISSING)) { - username_field.setError(getResources().getString(R.string.username_ask)); - } - final EditText password_field = (EditText)log_in_dialog_view.findViewById(R.id.password_entered); + if(!username_field.getText().toString().isEmpty() && password_field.isFocusable()) { password_field.requestFocus(); } - if (getArguments() != null && getArguments().containsKey(PASSWORD_INVALID_LENGTH)) { - password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); - } - if(getArguments() != null && getArguments().getBoolean(EipServiceFragment.IS_EIP_PENDING, false)) { - is_eip_pending = true; + if (getArguments() != null) { + is_eip_pending = getArguments().getBoolean(EipServiceFragment.IS_PENDING, false); + if (getArguments().containsKey(PASSWORD_INVALID_LENGTH)) + password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); + if (getArguments().containsKey(USERNAME)) { + String username = getArguments().getString(USERNAME); + username_field.setText(username); } - + if (getArguments().containsKey(USERNAME_MISSING)) { + username_field.setError(getResources().getString(R.string.username_ask)); + } + if(getArguments().containsKey(getResources().getString(R.string.user_message))) + user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); + else + user_message.setVisibility(View.GONE); + } builder.setView(log_in_dialog_view) .setPositiveButton(R.string.login_button, new DialogInterface.OnClickListener() { diff --git a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java index 3cb41f4f..16ad2d19 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java @@ -54,32 +54,27 @@ public class SignUpDialog extends SessionDialogInterface { View log_in_dialog_view = inflater.inflate(R.layout.log_in_dialog, null); final TextView user_message = (TextView)log_in_dialog_view.findViewById(R.id.user_message); - if(getArguments() != null && getArguments().containsKey(getResources().getString(R.string.user_message))) { - user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); - } else { - user_message.setVisibility(View.GONE); - } - final EditText username_field = (EditText)log_in_dialog_view.findViewById(R.id.username_entered); - if(getArguments() != null && getArguments().containsKey(USERNAME)) { - String username = getArguments().getString(USERNAME); - username_field.setText(username); - } - if (getArguments() != null && getArguments().containsKey(USERNAME_MISSING)) { - username_field.setError(getResources().getString(R.string.username_ask)); - } - final EditText password_field = (EditText)log_in_dialog_view.findViewById(R.id.password_entered); + if(!username_field.getText().toString().isEmpty() && password_field.isFocusable()) { password_field.requestFocus(); } - if (getArguments() != null && getArguments().containsKey(PASSWORD_INVALID_LENGTH)) { - password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); - } - if(getArguments() != null && getArguments().getBoolean(EipServiceFragment.IS_EIP_PENDING, false)) { - is_eip_pending = true; + if (getArguments() != null) { + is_eip_pending = getArguments().getBoolean(EipServiceFragment.IS_PENDING, false); + if (getArguments().containsKey(PASSWORD_INVALID_LENGTH)) + password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); + if(getArguments().containsKey(USERNAME_MISSING)) + username_field.setError(getResources().getString(R.string.username_ask)); + if(getArguments().containsKey(USERNAME)) { + String username = getArguments().getString(USERNAME); + username_field.setText(username); } - + if(getArguments().containsKey(getResources().getString(R.string.user_message))) + user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); + else + user_message.setVisibility(View.GONE); + } builder.setView(log_in_dialog_view) .setPositiveButton(R.string.signup_button, new DialogInterface.OnClickListener() { -- cgit v1.2.3 From 2681e877c6c2e871247cf5e42269d1b867422f1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 20 Nov 2014 12:55:22 +0100 Subject: OnViewStateRestore is available just from api 17. We support from api 14. --- .../se/leap/bitmaskclient/EipServiceFragment.java | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 3650079a..0cdc8c75 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -69,21 +69,17 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu if(getArguments() != null && getArguments().containsKey(START_ON_BOOT) && getArguments().getBoolean(START_ON_BOOT)) startEipFromScratch(); + if (savedInstanceState != null) { + setStatusMessage(savedInstanceState.getString(STATUS_MESSAGE)); + if(savedInstanceState.getBoolean(IS_PENDING)) + eip_status.setConnecting(); + else if(savedInstanceState.getBoolean(IS_CONNECTED)) { + eip_status.setConnectedOrDisconnected(); + } + } return eipFragment; } - public void onViewStateRestored (Bundle savedInstanceState) { - super.onViewStateRestored(savedInstanceState); - if (savedInstanceState != null) { - setStatusMessage(savedInstanceState.getString(STATUS_MESSAGE)); - if(savedInstanceState.getBoolean(IS_PENDING)) - eip_status.setConnecting(); - else if(savedInstanceState.getBoolean(IS_CONNECTED)) { - eip_status.setConnectedOrDisconnected(); - } - } - } - @Override public void onResume() { super.onResume(); -- cgit v1.2.3 From e4d4c07be386f809a8ac028df8146916fc0f7597 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Sat, 22 Nov 2014 00:10:46 +0100 Subject: EipStatus detects and notifies changes by itself. Initial status message is "not connected", rather than "unknown". --- app/src/main/AndroidManifest.xml | 4 ++- .../main/java/se/leap/bitmaskclient/Dashboard.java | 9 ++----- .../se/leap/bitmaskclient/EipServiceFragment.java | 31 ++++++++++++---------- .../java/se/leap/bitmaskclient/LogInDialog.java | 3 +-- .../java/se/leap/bitmaskclient/SignUpDialog.java | 3 +-- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 5 +++- .../java/se/leap/bitmaskclient/eip/EipStatus.java | 29 ++++++++++++++------ .../se/leap/bitmaskclient/eip/VoidVpnLauncher.java | 2 +- .../res/layout-xlarge/eip_service_fragment.xml | 2 +- app/src/main/res/layout/eip_service_fragment.xml | 2 +- 10 files changed, 52 insertions(+), 38 deletions(-) (limited to 'app') diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index 61f2a63b..7d1063ef 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -62,7 +62,9 @@ + android:name="se.leap.bitmaskclient.eip.VoidVpnLauncher" + android:theme="@android:style/Theme.NoDisplay" /> + diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 4bebf14a..4f6c6285 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -134,7 +134,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf finish(); } else configErrorDialog(); - } else if(requestCode == 33) { + } else if(requestCode == EIP.DISCONNECT) { EipStatus.getInstance().setConnectedOrDisconnected(); } } @@ -317,13 +317,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf startService(provider_API_command); } - public void cancelAuthedEipOn() { - EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); - eipFragment.checkEipSwitch(false); - } - public void cancelLoginOrSignup() { - hideProgressBar(); + EipStatus.getInstance().setConnectedOrDisconnected(); } /** diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 0cdc8c75..f29d1338 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -23,7 +23,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu protected static final String IS_CONNECTED = TAG + ".is_connected"; protected static final String STATUS_MESSAGE = TAG + ".status_message"; public static final String START_ON_BOOT = "start on boot"; - + private View eipFragment; private static Switch eipSwitch; private View eipDetail; @@ -174,7 +174,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } public void startEipFromScratch() { - eip_status.setConnecting(); eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); String status = parent_activity.getString(R.string.eip_status_start_pending); setStatusMessage(status); @@ -212,6 +211,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public void update (Observable observable, Object data) { + Log.d(TAG, "handleNewState?"); if(observable instanceof EipStatus) { this.eip_status = (EipStatus) observable; final EipStatus eip_status = (EipStatus) observable; @@ -225,6 +225,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } private void handleNewState(EipStatus eip_status) { + Log.d(TAG, "handleNewState: " + eip_status.toString()); if(eip_status.wantsToDisconnect()) setDisconnectedUI(); else if (eip_status.isConnected()) @@ -249,12 +250,14 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } private void adjustSwitch() { - if(eip_status.isConnected()) { - Log.d(TAG, "adjustSwitch, isConnected, is checked? " + eipSwitch.isChecked()); + if(eip_status.isConnected() || eip_status.isConnecting()) { + Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked? " + eipSwitch.isChecked()); if(!eipSwitch.isChecked()) { eipSwitch.setChecked(true); } } else { + Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); + if(eipSwitch.isChecked()) { eipSwitch.setChecked(false); } @@ -267,6 +270,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu String prefix = parent_activity.getString(localizedResId); setStatusMessage(prefix + " " + logmessage); + adjustSwitch(); } protected void setStatusMessage(String status) { @@ -280,6 +284,14 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu parent_activity.findViewById(R.id.eipProgress).setVisibility(View.GONE); } + public static EipStatus getEipStatus() { + return eip_status; + } + + public void checkEipSwitch(boolean activated) { + eipSwitch.setChecked(activated); + } + protected class EIPReceiver extends ResultReceiver { protected EIPReceiver(Handler handler){ @@ -309,7 +321,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu switch (resultCode){ case Activity.RESULT_OK: Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); - parent_activity.startActivityForResult(disconnect_vpn, 33); + parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); eip_status.setDisconnecting(); break; case Activity.RESULT_CANCELED: @@ -359,13 +371,4 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu public static EIPReceiver getReceiver() { return mEIPReceiver; } - - public static boolean isEipSwitchChecked() { - return eipSwitch.isChecked(); - } - - public void checkEipSwitch(boolean checked) { - eipSwitch.setChecked(checked); - } - } diff --git a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java index cede9bfb..97a9aecc 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java @@ -112,7 +112,6 @@ public class LogInDialog extends SessionDialogInterface { */ public interface LogInDialogInterface { public void logIn(String username, String password); - public void cancelAuthedEipOn(); public void signUp(String username, String password); public void cancelLoginOrSignup(); } @@ -142,6 +141,6 @@ public class LogInDialog extends SessionDialogInterface { public void onCancel(DialogInterface dialog) { super.onCancel(dialog); if(is_eip_pending) - interface_with_Dashboard.cancelAuthedEipOn(); + interface_with_Dashboard.cancelLoginOrSignup(); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java index 16ad2d19..d197e589 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java @@ -103,7 +103,6 @@ public class SignUpDialog extends SessionDialogInterface { */ public interface SignUpDialogInterface { public void signUp(String username, String password); - public void cancelAuthedEipOn(); public void cancelLoginOrSignup(); } @@ -131,7 +130,7 @@ public class SignUpDialog extends SessionDialogInterface { @Override public void onCancel(DialogInterface dialog) { if(is_eip_pending) - interface_with_Dashboard.cancelAuthedEipOn(); + interface_with_Dashboard.cancelLoginOrSignup(); super.onCancel(dialog); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 577f42a3..379fb246 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -47,6 +47,9 @@ public final class EIP extends IntentService { public final static String TAG = EIP.class.getSimpleName(); public final static String SERVICE_API_PATH = "config/eip-service.json"; + + + public static final int DISCONNECT = 15; private static Context context; private static ResultReceiver mReceiver; @@ -95,13 +98,13 @@ public final class EIP extends IntentService { * It also sets up early routes. */ private void startEIP() { - earlyRoutes(); GatewaySelector gateway_selector = new GatewaySelector(gateways); activeGateway = gateway_selector.select(); if(activeGateway != null && activeGateway.getProfile() != null) { mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); } + earlyRoutes(); } /** diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java index ee14f2db..82c3ceb8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java @@ -29,7 +29,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { private static VpnStatus.ConnectionStatus level = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; private static boolean wants_to_disconnect = false; private static boolean is_disconnecting = false; - private static boolean is_connecting = false; private String state, log_message; private int localized_res_id; @@ -55,6 +54,8 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { current_status.setChanged(); if(isConnected() || isDisconnected()) setConnectedOrDisconnected(); + else if(isConnecting()) + setConnecting(); Log.d(TAG, "update state with level " + level); current_status.notifyObservers(); } @@ -63,14 +64,17 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { return is_disconnecting; } - public boolean isConnecting() { - return is_connecting; - } - public boolean wantsToDisconnect() { return wants_to_disconnect; } + public boolean isConnecting() { + return + !isConnected() && + !isDisconnected() && + !isPaused(); + } + public boolean isConnected() { return level == VpnStatus.ConnectionStatus.LEVEL_CONNECTED; } @@ -79,14 +83,19 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { return level == VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; } + public boolean isPaused() { + return level == VpnStatus.ConnectionStatus.LEVEL_VPNPAUSED; + } + public void setConnecting() { - is_connecting = true; is_disconnecting = false; wants_to_disconnect = false; + current_status.setChanged(); + current_status.notifyObservers(); } public void setConnectedOrDisconnected() { - is_connecting = false; + Log.d(TAG, "setConnectedOrDisconnected()"); is_disconnecting = false; wants_to_disconnect = false; current_status.setChanged(); @@ -95,7 +104,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { public void setDisconnecting() { is_disconnecting = true; - is_connecting = false; wants_to_disconnect = false; } @@ -139,4 +147,9 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { this.level = level; } + @Override + public String toString() { + return "State: " + state + " Level: " + level.toString(); + } + } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java index 9814c167..d79d8003 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnLauncher.java @@ -8,7 +8,7 @@ import android.os.Bundle; public class VoidVpnLauncher extends Activity { private static final int VPN_USER_PERMISSION = 71; - + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); diff --git a/app/src/main/res/layout-xlarge/eip_service_fragment.xml b/app/src/main/res/layout-xlarge/eip_service_fragment.xml index c6ac96a9..d217e1a1 100644 --- a/app/src/main/res/layout-xlarge/eip_service_fragment.xml +++ b/app/src/main/res/layout-xlarge/eip_service_fragment.xml @@ -67,7 +67,7 @@ android:layout_alignParentLeft="true" android:layout_centerVertical="true" android:clickable="true" - android:text="@string/status_unknown" + android:text="@string/eip_state_not_connected" android:textSize="16sp" /> diff --git a/app/src/main/res/layout/eip_service_fragment.xml b/app/src/main/res/layout/eip_service_fragment.xml index 65aa4aa8..be2aa791 100644 --- a/app/src/main/res/layout/eip_service_fragment.xml +++ b/app/src/main/res/layout/eip_service_fragment.xml @@ -64,7 +64,7 @@ android:layout_alignParentLeft="true" android:layout_centerVertical="true" android:clickable="true" - android:text="@string/status_unknown" /> + android:text="@string/eip_state_not_connected" /> -- cgit v1.2.3 From 2fc73d6bfe8d86464571258f008d8bcf6db0cc2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 27 Nov 2014 20:09:05 +0100 Subject: Removed unused imports and unused .eip variables --- .../java/se/leap/bitmaskclient/AboutActivity.java | 5 -- .../java/se/leap/bitmaskclient/ConfigHelper.java | 13 ++--- .../main/java/se/leap/bitmaskclient/Dashboard.java | 68 +++++++++++++--------- .../leap/bitmaskclient/DownloadFailedDialog.java | 3 - .../se/leap/bitmaskclient/EipServiceFragment.java | 67 ++++++++++----------- .../java/se/leap/bitmaskclient/LeapSRPSession.java | 3 +- .../java/se/leap/bitmaskclient/LogInDialog.java | 14 ++--- .../java/se/leap/bitmaskclient/OnBootReceiver.java | 5 +- .../main/java/se/leap/bitmaskclient/Provider.java | 12 ++-- .../se/leap/bitmaskclient/ProviderListAdapter.java | 4 +- .../leap/bitmaskclient/ProviderListFragment.java | 11 ++-- .../leap/bitmaskclient/SessionDialogInterface.java | 2 - .../java/se/leap/bitmaskclient/SignUpDialog.java | 12 ++-- .../java/se/leap/bitmaskclient/eip/Constants.java | 2 - .../main/java/se/leap/bitmaskclient/eip/EIP.java | 61 ++++++++++++------- .../java/se/leap/bitmaskclient/eip/EipStatus.java | 25 ++------ .../java/se/leap/bitmaskclient/eip/Gateway.java | 25 ++++---- .../se/leap/bitmaskclient/eip/GatewaySelector.java | 8 ++- .../se/leap/bitmaskclient/eip/VoidVpnService.java | 4 -- .../bitmaskclient/eip/VpnCertificateValidator.java | 9 +-- .../leap/bitmaskclient/eip/VpnConfigGenerator.java | 12 ++-- 21 files changed, 177 insertions(+), 188 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/AboutActivity.java b/app/src/main/java/se/leap/bitmaskclient/AboutActivity.java index 6d025422..6c4e517b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/AboutActivity.java +++ b/app/src/main/java/se/leap/bitmaskclient/AboutActivity.java @@ -1,15 +1,10 @@ package se.leap.bitmaskclient; import android.app.Activity; -import android.app.Fragment; import android.content.pm.PackageInfo; import android.content.pm.PackageManager.NameNotFoundException; import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.view.ViewGroup; import android.widget.TextView; -import se.leap.bitmaskclient.R; public class AboutActivity extends Activity { diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java index c95d0c8b..c0f0b0c3 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java @@ -16,11 +16,15 @@ */ package se.leap.bitmaskclient; +import android.util.Base64; + +import org.json.JSONException; +import org.json.JSONObject; + import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.math.BigInteger; -import java.lang.IllegalArgumentException; import java.security.KeyFactory; import java.security.KeyStore; import java.security.KeyStoreException; @@ -33,13 +37,6 @@ import java.security.interfaces.RSAPrivateKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; -import org.json.JSONException; -import org.json.JSONObject; - -import android.content.Context; -import android.content.SharedPreferences; -import android.util.Base64; - /** * Stores constants, and implements auxiliary methods used across all LEAP Android classes. * diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 4f6c6285..6288fd1f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -16,19 +16,31 @@ */ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.*; -import se.leap.bitmaskclient.eip.*; - -import de.blinkt.openvpn.activities.LogWindow; - -import android.app.*; -import android.content.*; +import android.app.Activity; +import android.app.AlertDialog; +import android.app.DialogFragment; +import android.app.FragmentTransaction; +import android.content.Context; +import android.content.DialogInterface; +import android.content.Intent; +import android.content.SharedPreferences; import android.content.pm.PackageManager.NameNotFoundException; -import android.os.*; +import android.os.Bundle; +import android.os.Handler; +import android.os.ResultReceiver; import android.util.Log; -import android.view.*; -import android.widget.*; -import org.json.*; +import android.view.Menu; +import android.view.MenuItem; +import android.widget.ProgressBar; +import android.widget.TextView; + +import org.json.JSONException; +import org.json.JSONObject; + +import de.blinkt.openvpn.activities.LogWindow; +import se.leap.bitmaskclient.eip.Constants; +import se.leap.bitmaskclient.eip.EIP; +import se.leap.bitmaskclient.eip.EipStatus; /** * The main user facing Activity of LEAP Android, consisting of status, controls, @@ -59,7 +71,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private TextView status_message; public ProviderAPIResultReceiver providerAPI_result_receiver; - private static Provider provider; private static boolean authed_eip; @Override @@ -87,7 +98,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf try { int versionCode = getPackageManager().getPackageInfo(getPackageName(), 0).versionCode; int lastDetectedVersion = preferences.getInt(APP_VERSION, 0); - preferences.edit().putInt(APP_VERSION, versionCode); + preferences.edit().putInt(APP_VERSION, versionCode).apply(); Log.d("Dashboard", "detected version code: " + versionCode); Log.d("Dashboard", "last detected version code: " + lastDetectedVersion); @@ -102,6 +113,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf break; } } catch (NameNotFoundException e) { + Log.d(TAG, "Handle version didn't find any " + getPackageName() + " package"); } } @@ -121,13 +133,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { if ( resultCode == RESULT_OK ){ - preferences.edit().putInt(Constants.PARSED_SERIAL, 0).commit(); - preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); + preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); buildDashboard(false); invalidateOptionsMenu(); if(data != null && data.hasExtra(LogInDialog.TAG)) { - View view = ((ViewGroup)findViewById(android.R.id.content)).getChildAt(0); logInDialog(Bundle.EMPTY); } } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { @@ -158,7 +169,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf .setNegativeButton(getResources().getString(R.string.setup_error_close_button), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - preferences.edit().remove(Provider.KEY).commit(); + preferences.edit().remove(Provider.KEY).apply(); finish(); } }) @@ -170,7 +181,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * service dependent UI elements to include. */ private void buildDashboard(boolean hide_and_turn_on_eip) { - provider = Provider.getInstance(); + Provider provider = Provider.getInstance(); provider.init( this ); setContentView(R.layout.client_dashboard); @@ -183,16 +194,17 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if ( provider.hasEIP()){ - EipServiceFragment previous_eip_fragment = (EipServiceFragment)fragment_manager.findFragmentByTag(EipServiceFragment.TAG); - EipServiceFragment eipFragment = previous_eip_fragment == null ? - new EipServiceFragment() : previous_eip_fragment; + EipServiceFragment eipFragment = new EipServiceFragment(); + if (hide_and_turn_on_eip) { - preferences.edit().remove(Dashboard.START_ON_BOOT).commit(); + preferences.edit().remove(Dashboard.START_ON_BOOT).apply(); Bundle arguments = new Bundle(); arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); eipFragment.setArguments(arguments); } - fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); + + fragment_manager.removePreviousFragment(EipServiceFragment.TAG); + fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); if (hide_and_turn_on_eip) { onBackPressed(); @@ -205,12 +217,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf JSONObject provider_json; try { String provider_json_string = preferences.getString(Provider.KEY, ""); - if(provider_json_string.isEmpty() == false) { + if(!provider_json_string.isEmpty()) { provider_json = new JSONObject(provider_json_string); JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE); boolean authed_eip = !LeapSRPSession.getToken().isEmpty(); boolean allow_registered_eip = service_description.getBoolean(Provider.ALLOW_REGISTRATION); - preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, allow_registered_eip); + preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, allow_registered_eip).apply(); if(allow_registered_eip) { if(authed_eip) { @@ -256,7 +268,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } eipStop(); } - preferences.edit().clear().commit(); + preferences.edit().clear().apply(); startActivityForResult(new Intent(this,ConfigurationWizard.class), SWITCH_PROVIDER); return true; case R.id.login_button: @@ -405,7 +417,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf invalidateOptionsMenu(); authed_eip = true; - preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); downloadAuthedUserCertificate(); } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { @@ -420,7 +432,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf invalidateOptionsMenu(); authed_eip = false; - preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).commit(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); } else if(resultCode == ProviderAPI.LOGOUT_FAILED) { changeStatusMessage(resultCode); diff --git a/app/src/main/java/se/leap/bitmaskclient/DownloadFailedDialog.java b/app/src/main/java/se/leap/bitmaskclient/DownloadFailedDialog.java index f78002b0..a44253c6 100644 --- a/app/src/main/java/se/leap/bitmaskclient/DownloadFailedDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/DownloadFailedDialog.java @@ -16,9 +16,6 @@ */ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import android.app.Activity; import android.app.AlertDialog; import android.app.Dialog; diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index f29d1338..b896c00f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -1,19 +1,28 @@ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.ProviderAPIResultReceiver; -import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; -import se.leap.bitmaskclient.eip.*; - -import de.blinkt.openvpn.activities.*; -import de.blinkt.openvpn.core.*; -import android.app.*; -import android.content.*; -import android.os.*; +import android.app.Activity; +import android.app.AlertDialog; +import android.app.Fragment; +import android.content.DialogInterface; +import android.content.Intent; +import android.os.Bundle; +import android.os.Handler; +import android.os.ResultReceiver; import android.util.Log; -import android.view.*; -import android.widget.*; -import java.util.*; +import android.view.LayoutInflater; +import android.view.View; +import android.view.ViewGroup; +import android.widget.CompoundButton; +import android.widget.Switch; +import android.widget.TextView; + +import java.util.Observable; +import java.util.Observer; + +import de.blinkt.openvpn.activities.DisconnectVPN; +import se.leap.bitmaskclient.eip.Constants; +import se.leap.bitmaskclient.eip.EIP; +import se.leap.bitmaskclient.eip.EipStatus; public class EipServiceFragment extends Fragment implements Observer, CompoundButton.OnCheckedChangeListener { @@ -26,7 +35,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu private View eipFragment; private static Switch eipSwitch; - private View eipDetail; private TextView status_message; private static Activity parent_activity; @@ -50,8 +58,8 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { - eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); - eipDetail = ((RelativeLayout) eipFragment.findViewById(R.id.eipDetail)); + eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); + View eipDetail = eipFragment.findViewById(R.id.eipDetail); eipDetail.setVisibility(View.VISIBLE); View eipSettings = eipFragment.findViewById(R.id.eipSettings); @@ -213,7 +221,7 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu public void update (Observable observable, Object data) { Log.d(TAG, "handleNewState?"); if(observable instanceof EipStatus) { - this.eip_status = (EipStatus) observable; + eip_status = (EipStatus) observable; final EipStatus eip_status = (EipStatus) observable; parent_activity.runOnUiThread(new Runnable() { @Override @@ -284,14 +292,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu parent_activity.findViewById(R.id.eipProgress).setVisibility(View.GONE); } - public static EipStatus getEipStatus() { - return eip_status; - } - - public void checkEipSwitch(boolean activated) { - eipSwitch.setChecked(activated); - } - protected class EIPReceiver extends ResultReceiver { protected EIPReceiver(Handler handler){ @@ -303,21 +303,18 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu super.onReceiveResult(resultCode, resultData); String request = resultData.getString(Constants.REQUEST_TAG); - boolean checked = false; - - if (request == Constants.ACTION_START_EIP) { + + if (request.equals(Constants.ACTION_START_EIP)) { switch (resultCode){ case Activity.RESULT_OK: Log.d(TAG, "Action start eip = Result OK"); - checked = true; eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); break; case Activity.RESULT_CANCELED: - checked = false; eipFragment.findViewById(R.id.eipProgress).setVisibility(View.GONE); break; } - } else if (request == Constants.ACTION_STOP_EIP) { + } else if (request.equals(Constants.ACTION_STOP_EIP)) { switch (resultCode){ case Activity.RESULT_OK: Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); @@ -325,20 +322,16 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu eip_status.setDisconnecting(); break; case Activity.RESULT_CANCELED: - checked = true; break; } - } else if (request == Constants.EIP_NOTIFICATION) { + } else if (request.equals(Constants.EIP_NOTIFICATION)) { switch (resultCode){ case Activity.RESULT_OK: - checked = true; break; case Activity.RESULT_CANCELED: - checked = false; break; } - } else if (request == Constants.ACTION_CHECK_CERT_VALIDITY) { - checked = eipSwitch.isChecked(); + } else if (request.equals(Constants.ACTION_CHECK_CERT_VALIDITY)) { switch (resultCode) { case Activity.RESULT_OK: break; diff --git a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java index a953a710..989dc395 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java +++ b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java @@ -17,13 +17,14 @@ package se.leap.bitmaskclient; +import org.jboss.security.srp.SRPParameters; + import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Arrays; -import org.jboss.security.srp.SRPParameters; /** * Implements all SRP algorithm logic. diff --git a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java index 97a9aecc..5263392e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java @@ -16,19 +16,13 @@ */ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.R; -import android.R.color; import android.app.Activity; import android.app.AlertDialog; import android.app.DialogFragment; import android.content.DialogInterface; -import android.content.res.ColorStateList; import android.os.Bundle; -import android.provider.CalendarContract.Colors; import android.view.LayoutInflater; import android.view.View; -import android.view.animation.AlphaAnimation; -import android.view.animation.BounceInterpolator; import android.widget.EditText; import android.widget.TextView; @@ -47,6 +41,8 @@ public class LogInDialog extends SessionDialogInterface { final public static String TAG = LogInDialog.class.getSimpleName(); + private static LogInDialog dialog; + private static boolean is_eip_pending = false; public AlertDialog onCreateDialog(Bundle savedInstanceState) { @@ -122,8 +118,10 @@ public class LogInDialog extends SessionDialogInterface { * @return a new instance of this DialogFragment. */ public static DialogFragment newInstance() { - LogInDialog dialog_fragment = new LogInDialog(); - return dialog_fragment; + if(dialog == null) + dialog = new LogInDialog(); + + return dialog; } @Override diff --git a/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java b/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java index 74f89ab8..07ed6c8f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java +++ b/app/src/main/java/se/leap/bitmaskclient/OnBootReceiver.java @@ -1,7 +1,8 @@ package se.leap.bitmaskclient; -import android.content.*; -import android.util.Log; +import android.content.BroadcastReceiver; +import android.content.Context; +import android.content.Intent; import se.leap.bitmaskclient.eip.Constants; diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 8d6385e0..fa1a4fb5 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -16,17 +16,17 @@ */ package se.leap.bitmaskclient; -import java.io.Serializable; -import java.util.Arrays; -import java.util.Locale; +import android.app.Activity; +import android.content.Context; +import android.content.SharedPreferences; import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; -import android.content.Context; -import android.app.Activity; -import android.content.SharedPreferences; +import java.io.Serializable; +import java.util.Arrays; +import java.util.Locale; /** * @author Sean Leonard diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 43bba085..1148e65e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -1,7 +1,5 @@ package se.leap.bitmaskclient; -import java.util.List; - import android.content.Context; import android.view.LayoutInflater; import android.view.View; @@ -9,6 +7,8 @@ import android.view.ViewGroup; import android.widget.ArrayAdapter; import android.widget.TwoLineListItem; +import java.util.List; + public class ProviderListAdapter extends ArrayAdapter { private static boolean[] hidden = null; diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java index db414d87..e5baebc0 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java @@ -16,8 +16,6 @@ */ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import android.app.Activity; import android.app.ListFragment; import android.os.Bundle; @@ -26,11 +24,12 @@ import android.view.View; import android.view.ViewGroup; import android.widget.ListView; +import se.leap.bitmaskclient.ProviderListContent.ProviderItem; + /** * A list fragment representing a list of Providers. This fragment * also supports tablet devices by allowing list items to be given an - * 'activated' state upon selection. This helps indicate which item is - * currently being viewed in a {@link DashboardFragment}. + * 'activated' state upon selection. *

* Activities containing this fragment MUST implement the {@link Callbacks} * interface. @@ -123,7 +122,7 @@ public class ProviderListFragment extends ListFragment { if(getArguments() != null && getArguments().containsKey(TOP_PADDING)) { int topPadding = getArguments().getInt(TOP_PADDING); View current_view = getView(); - getView().setPadding(current_view.getPaddingLeft(), topPadding, current_view.getPaddingRight(), current_view.getPaddingBottom()); + current_view.setPadding(current_view.getPaddingLeft(), topPadding, current_view.getPaddingRight(), current_view.getPaddingBottom()); } } @@ -215,7 +214,7 @@ public class ProviderListFragment extends ListFragment { real_count--; } else { i++; - } + } } public void unhideAll() { diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java index 7b08a4d1..66b86ccd 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java +++ b/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java @@ -17,10 +17,8 @@ package se.leap.bitmaskclient; import android.app.Activity; -import android.app.AlertDialog; import android.app.DialogFragment; import android.content.DialogInterface; -import android.os.Bundle; /** * @author parmegv diff --git a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java index d197e589..f6d6cc3f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java @@ -16,19 +16,13 @@ */ package se.leap.bitmaskclient; -import se.leap.bitmaskclient.R; -import android.R.color; import android.app.Activity; import android.app.AlertDialog; import android.app.DialogFragment; import android.content.DialogInterface; -import android.content.res.ColorStateList; import android.os.Bundle; -import android.provider.CalendarContract.Colors; import android.view.LayoutInflater; import android.view.View; -import android.view.animation.AlphaAnimation; -import android.view.animation.BounceInterpolator; import android.widget.EditText; import android.widget.TextView; @@ -46,6 +40,7 @@ public class SignUpDialog extends SessionDialogInterface { final public static String TAG = SignUpDialog.class.getSimpleName(); + private static SignUpDialog dialog; private static boolean is_eip_pending = false; public AlertDialog onCreateDialog(Bundle savedInstanceState) { @@ -112,8 +107,9 @@ public class SignUpDialog extends SessionDialogInterface { * @return a new instance of this DialogFragment. */ public static DialogFragment newInstance() { - SignUpDialog dialog_fragment = new SignUpDialog(); - return dialog_fragment; + if(dialog == null) + dialog = new SignUpDialog(); + return dialog; } @Override diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index b710d780..e1a7e616 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -34,8 +34,6 @@ public interface Constants { public final static String ACTION_UPDATE_EIP_SERVICE = TAG + ".UPDATE_EIP_SERVICE"; public final static String ACTION_IS_EIP_RUNNING = TAG + ".IS_RUNNING"; public final static String EIP_NOTIFICATION = TAG + ".EIP_NOTIFICATION"; - public final static String STATUS = TAG + ".STATUS"; - public final static String DATE_FROM_CERTIFICATE = TAG + ".DATE_FROM_CERTIFICATE"; public final static String ALLOWED_ANON = "allow_anonymous"; public final static String ALLOWED_REGISTERED = "allow_registration"; public final static String CERTIFICATE = "cert"; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 379fb246..5169ef62 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -16,22 +16,40 @@ */ package se.leap.bitmaskclient.eip; -import android.app.*; -import android.content.*; -import android.os.*; +import android.app.Activity; +import android.app.IntentService; +import android.content.Context; +import android.content.Intent; +import android.content.SharedPreferences; +import android.os.Bundle; +import android.os.ResultReceiver; import android.util.Log; -import java.io.*; -import java.security.cert.*; -import java.text.*; -import java.util.*; -import org.json.*; -import de.blinkt.openvpn.*; -import de.blinkt.openvpn.activities.*; -import de.blinkt.openvpn.core.*; -import se.leap.bitmaskclient.*; +import org.json.JSONArray; +import org.json.JSONException; +import org.json.JSONObject; -import static se.leap.bitmaskclient.eip.Constants.*; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import de.blinkt.openvpn.LaunchVPN; +import de.blinkt.openvpn.VpnProfile; +import de.blinkt.openvpn.core.ProfileManager; +import se.leap.bitmaskclient.Dashboard; +import se.leap.bitmaskclient.EipServiceFragment; +import se.leap.bitmaskclient.Provider; + +import static se.leap.bitmaskclient.eip.Constants.ACTION_CHECK_CERT_VALIDITY; +import static se.leap.bitmaskclient.eip.Constants.ACTION_IS_EIP_RUNNING; +import static se.leap.bitmaskclient.eip.Constants.ACTION_START_EIP; +import static se.leap.bitmaskclient.eip.Constants.ACTION_STOP_EIP; +import static se.leap.bitmaskclient.eip.Constants.ACTION_UPDATE_EIP_SERVICE; +import static se.leap.bitmaskclient.eip.Constants.CERTIFICATE; +import static se.leap.bitmaskclient.eip.Constants.KEY; +import static se.leap.bitmaskclient.eip.Constants.PARSED_SERIAL; +import static se.leap.bitmaskclient.eip.Constants.RECEIVER_TAG; +import static se.leap.bitmaskclient.eip.Constants.REQUEST_TAG; /** * EIP is the abstract base class for interacting with and managing the Encrypted @@ -80,21 +98,21 @@ public final class EIP extends IntentService { String action = intent.getAction(); mReceiver = intent.getParcelableExtra(RECEIVER_TAG); - if ( action == ACTION_START_EIP ) + if ( action.equals(ACTION_START_EIP)) startEIP(); - else if ( action == ACTION_STOP_EIP ) + else if (action.equals(ACTION_STOP_EIP)) stopEIP(); - else if ( action == ACTION_IS_EIP_RUNNING ) + else if (action.equals(ACTION_IS_EIP_RUNNING)) isRunning(); - else if ( action == ACTION_UPDATE_EIP_SERVICE ) + else if (action.equals(ACTION_UPDATE_EIP_SERVICE)) updateEIPService(); - else if ( action == ACTION_CHECK_CERT_VALIDITY ) + else if (action.equals(ACTION_CHECK_CERT_VALIDITY)) checkCertValidity(); } /** * Initiates an EIP connection by selecting a gateway and preparing and sending an - * Intent to {@link se.leap.openvpn.LaunchVPN}. + * Intent to {@link de.blinkt.openvpn.LaunchVPN}. * It also sets up early routes. */ private void startEIP() { @@ -164,8 +182,7 @@ public final class EIP extends IntentService { } /** - * Loads eip-service.json from SharedPreferences and calls {@link updateGateways()} - * to parse gateway definitions. + * Loads eip-service.json from SharedPreferences, delete previous vpn profiles and add new gateways. * TODO Implement API call to refresh eip-service.json from the provider */ private void updateEIPService() { @@ -210,7 +227,7 @@ public final class EIP extends IntentService { // TODO Auto-generated catch block e.printStackTrace(); } - preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).commit(); + preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).apply(); } private boolean isOpenVpnGateway(JSONObject gateway) { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java index 82c3ceb8..4ac3bd6a 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipStatus.java @@ -17,18 +17,17 @@ package se.leap.bitmaskclient.eip; import android.util.Log; -import java.util.*; -import de.blinkt.openvpn.core.*; +import java.util.Observable; + +import de.blinkt.openvpn.core.VpnStatus; public class EipStatus extends Observable implements VpnStatus.StateListener { public static String TAG = EipStatus.class.getSimpleName(); private static EipStatus current_status; - private static EipStatus previous_status; private static VpnStatus.ConnectionStatus level = VpnStatus.ConnectionStatus.LEVEL_NOTCONNECTED; private static boolean wants_to_disconnect = false; - private static boolean is_disconnecting = false; private String state, log_message; private int localized_res_id; @@ -46,7 +45,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { @Override public void updateState(final String state, final String logmessage, final int localizedResId, final VpnStatus.ConnectionStatus level) { current_status = getInstance(); - previous_status = current_status; current_status.setState(state); current_status.setLogMessage(logmessage); current_status.setLocalizedResId(localizedResId); @@ -60,10 +58,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { current_status.notifyObservers(); } - public boolean isDisconnecting() { - return is_disconnecting; - } - public boolean wantsToDisconnect() { return wants_to_disconnect; } @@ -88,7 +82,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { } public void setConnecting() { - is_disconnecting = false; wants_to_disconnect = false; current_status.setChanged(); current_status.notifyObservers(); @@ -96,21 +89,15 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { public void setConnectedOrDisconnected() { Log.d(TAG, "setConnectedOrDisconnected()"); - is_disconnecting = false; wants_to_disconnect = false; current_status.setChanged(); current_status.notifyObservers(); } public void setDisconnecting() { - is_disconnecting = true; wants_to_disconnect = false; } - public void setWantsToDisconnect() { - wants_to_disconnect = true; - } - public String getState() { return state; } @@ -127,10 +114,6 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { return level; } - public EipStatus getPreviousStatus() { - return previous_status; - } - private void setState(String state) { this.state = state; } @@ -144,7 +127,7 @@ public class EipStatus extends Observable implements VpnStatus.StateListener { } private void setLevel(VpnStatus.ConnectionStatus level) { - this.level = level; + EipStatus.level = level; } @Override diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java index 6aa66ac0..3ee9443c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Gateway.java @@ -17,16 +17,22 @@ package se.leap.bitmaskclient.eip; import android.app.Activity; -import android.content.*; +import android.content.Context; +import android.content.SharedPreferences; import android.util.Log; -import java.io.*; -import java.util.*; -import org.json.*; -import de.blinkt.openvpn.*; -import de.blinkt.openvpn.activities.*; -import de.blinkt.openvpn.core.*; -import se.leap.bitmaskclient.*; +import org.json.JSONException; +import org.json.JSONObject; + +import java.io.IOException; +import java.io.StringReader; +import java.util.Collection; +import java.util.Iterator; + +import de.blinkt.openvpn.VpnProfile; +import de.blinkt.openvpn.core.ConfigParser; +import de.blinkt.openvpn.core.ProfileManager; +import se.leap.bitmaskclient.Dashboard; /** * Gateway provides objects defining gateways and their metadata. @@ -103,9 +109,8 @@ public class Gateway { private JSONObject getLocationInfo(JSONObject eip_definition) { try { JSONObject locations = eip_definition.getJSONObject("locations"); - JSONObject location = locations.getJSONObject(mGateway.getString("location")); - return location; + return locations.getJSONObject(mGateway.getString("location")); } catch (JSONException e) { return new JSONObject(); } diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java index 36b5fb41..39ae7ca6 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/GatewaySelector.java @@ -1,8 +1,10 @@ package se.leap.bitmaskclient.eip; -import java.security.cert.*; -import java.util.*; -import org.json.*; +import java.util.Calendar; +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.TreeMap; public class GatewaySelector { List gateways; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java index 224e3bd4..a6f9fe76 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -1,11 +1,7 @@ package se.leap.bitmaskclient.eip; import android.content.Intent; -import android.os.Process; import android.net.VpnService; -import android.util.Log; - -import static se.leap.bitmaskclient.eip.Constants.*; public class VoidVpnService extends VpnService { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java index 16ae6a85..6487f6c1 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java @@ -17,12 +17,13 @@ package se.leap.bitmaskclient.eip; import android.util.Log; -import java.util.*; -import java.security.cert.*; -import java.text.*; + +import java.security.cert.CertificateExpiredException; +import java.security.cert.CertificateNotYetValidException; +import java.security.cert.X509Certificate; +import java.util.Calendar; import se.leap.bitmaskclient.ConfigHelper; -import static se.leap.bitmaskclient.eip.Constants.*; public class VpnCertificateValidator { public final static String TAG = VpnCertificateValidator.class.getSimpleName(); diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java index 8e36f53c..0c8e9a04 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnConfigGenerator.java @@ -18,13 +18,14 @@ package se.leap.bitmaskclient.eip; import android.content.SharedPreferences; import android.util.Log; -import java.util.Iterator; -import java.util.Vector; + import org.json.JSONArray; -import org.json.JSONObject; import org.json.JSONException; +import org.json.JSONObject; + +import java.util.Iterator; -import se.leap.bitmaskclient.*; +import se.leap.bitmaskclient.Provider; public class VpnConfigGenerator { @@ -38,7 +39,7 @@ public class VpnConfigGenerator { public VpnConfigGenerator(SharedPreferences preferences, JSONObject general_configuration, JSONObject gateway) { this.general_configuration = general_configuration; this.gateway = gateway; - this.preferences = preferences; + VpnConfigGenerator.preferences = preferences; } public String generate() { @@ -56,7 +57,6 @@ public class VpnConfigGenerator { String common_options = ""; try { Iterator keys = general_configuration.keys(); - Vector> value = new Vector>(); while ( keys.hasNext() ){ String key = keys.next().toString(); -- cgit v1.2.3 From ba682a453c4f188d57562d764635f1db7e2e1cab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 1 Dec 2014 17:13:26 +0100 Subject: Refresh gateways if the list is empty while starting eip. --- app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java | 1 - app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index b896c00f..592a9552 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -219,7 +219,6 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public void update (Observable observable, Object data) { - Log.d(TAG, "handleNewState?"); if(observable instanceof EipStatus) { eip_status = (EipStatus) observable; final EipStatus eip_status = (EipStatus) observable; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 5169ef62..a67eaccd 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -116,6 +116,8 @@ public final class EIP extends IntentService { * It also sets up early routes. */ private void startEIP() { + if(gateways.isEmpty()) + updateEIPService(); GatewaySelector gateway_selector = new GatewaySelector(gateways); activeGateway = gateway_selector.select(); if(activeGateway != null && activeGateway.getProfile() != null) { -- cgit v1.2.3 From b32fdf11b0ef473d489f9fb23f136fecf7051354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 1 Dec 2014 17:45:24 +0100 Subject: Restore eip fragment on screen orientation. --- app/src/main/java/se/leap/bitmaskclient/Dashboard.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 6288fd1f..8143d8d6 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -194,17 +194,19 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if ( provider.hasEIP()){ - EipServiceFragment eipFragment = new EipServiceFragment(); + EipServiceFragment eip_fragment = (EipServiceFragment) fragment_manager.findFragmentByTag(EipServiceFragment.TAG); + if(eip_fragment == null) + eip_fragment = new EipServiceFragment(); if (hide_and_turn_on_eip) { preferences.edit().remove(Dashboard.START_ON_BOOT).apply(); Bundle arguments = new Bundle(); arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); - eipFragment.setArguments(arguments); + eip_fragment.setArguments(arguments); } fragment_manager.removePreviousFragment(EipServiceFragment.TAG); - fragment_manager.replace(R.id.servicesCollection, eipFragment, EipServiceFragment.TAG); + fragment_manager.replace(R.id.servicesCollection, eip_fragment, EipServiceFragment.TAG); if (hide_and_turn_on_eip) { onBackPressed(); -- cgit v1.2.3 From a59f2e0083b05fd94e2d0d2c1fcfeaa42b851531 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 1 Dec 2014 19:52:54 +0100 Subject: Reordered EIP methods. Written basic skeleton for testEIP, renamed testDashboard to start, in the future, unit tests. --- .../se/leap/bitmaskclient/test/testDashboard.java | 153 --------------------- .../test/testDashboardIntegration.java | 153 +++++++++++++++++++++ .../java/se/leap/bitmaskclient/test/testEIP.java | 32 +++++ .../main/java/se/leap/bitmaskclient/eip/EIP.java | 17 ++- 4 files changed, 193 insertions(+), 162 deletions(-) delete mode 100644 app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboard.java create mode 100644 app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java create mode 100644 app/src/androidTest/java/se/leap/bitmaskclient/test/testEIP.java (limited to 'app') diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboard.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboard.java deleted file mode 100644 index 1af17fe6..00000000 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboard.java +++ /dev/null @@ -1,153 +0,0 @@ -package se.leap.bitmaskclient.test; - -import android.content.BroadcastReceiver; -import android.content.Context; -import android.content.Intent; -import android.content.IntentFilter; -import android.provider.Settings; -import android.test.ActivityInstrumentationTestCase2; -import android.util.Log; -import com.robotium.solo.Solo; - -import de.blinkt.openvpn.activities.DisconnectVPN; -import se.leap.bitmaskclient.ConfigurationWizard; -import se.leap.bitmaskclient.Dashboard; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.test.ConnectionManager; - -public class testDashboard extends ActivityInstrumentationTestCase2 { - - private Solo solo; - - public testDashboard() { - super(Dashboard.class); - } - - @Override - protected void setUp() throws Exception { - super.setUp(); - solo = new Solo(getInstrumentation(), getActivity()); - ConnectionManager.setMobileDataEnabled(true, solo.getCurrentActivity().getApplicationContext()); - } - - @Override - protected void tearDown() throws Exception { - solo.finishOpenedActivities(); - } - - /** - * This test will fail if Android does not trust VPN connection. - * I cannot automate that dialog. - */ - public void testOnOffOpenVpn() { - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOn(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOff(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOn(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOff(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOn(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOff(); - - solo.clickOnView(solo.getView(R.id.eipSwitch)); - testEipTurningOn(); - - testEipIsOnNoNetwork(); - - } - - private void testEipTurningOn() { - if(!solo.waitForText(getActivity().getString(R.string.state_auth))) - fail(); - if(!solo.waitForText(getActivity().getString(R.string.eip_state_connected), 1, 30*1000)) - fail(); - solo.sleep(2*1000); - } - - private void testEipTurningOff() { - sayOkToDisconnect(); - if(!solo.waitForText(getActivity().getString(R.string.eip_state_not_connected))) - fail(); - solo.sleep(2*1000); - } - - private void sayOkToDisconnect() { - if(!solo.waitForActivity(DisconnectVPN.class)) - fail(); - solo.clickOnText(getActivity().getString(android.R.string.yes)); - } - - private void testEipIsOnNoNetwork() { - ConnectionManager.setMobileDataEnabled(false, solo.getCurrentActivity().getApplicationContext()); - if(!solo.waitForText(getActivity().getString(R.string.eip_state_not_connected), 1, 15*1000)) - fail(); - } - - public void testLogInAndOut() { - long miliseconds_to_log_in = 40 * 1000; - solo.clickOnActionBarItem(R.id.login_button); - solo.enterText(0, "parmegvtest1"); - solo.enterText(1, " S_Zw3'-"); - solo.clickOnText("Log In"); - solo.waitForDialogToClose(); - solo.waitForDialogToClose(miliseconds_to_log_in); - if(!solo.waitForText(getActivity().getString(R.string.succesful_authentication_message))) - fail(); - - solo.clickOnActionBarItem(R.string.logout_button); - if(!solo.waitForDialogToClose()) - fail(); - } - - public void testShowAbout() { - solo.clickOnMenuItem(getActivity().getString(R.string.about)); - solo.waitForText(getActivity().getString(R.string.repository_url_text)); - solo.goBack(); - - solo.clickOnMenuItem(getActivity().getString(R.string.about)); - solo.waitForText(getActivity().getString(R.string.repository_url_text)); - solo.goBack(); - } - - public void testSwitchProvider() { - solo.clickOnMenuItem(getActivity().getString(R.string.switch_provider_menu_option)); - solo.waitForActivity(ConfigurationWizard.class); - solo.goBack(); - } - - public void testUpdateExpiredCertificate() { - String certificate = "-----BEGIN CERTIFICATE-----" + - "MIIEnDCCAoSgAwIBAgIRAOBkcbMKR0Jlw+xNalHn7aIwDQYJKoZIhvcNAQELBQAwdTEYMBYGA1UE" + - "CgwPUmlzZXVwIE5ldHdvcmtzMRswGQYDVQQLDBJodHRwczovL3Jpc2V1cC5uZXQxPDA6BgNVBAMM" + - "M1Jpc2V1cCBOZXR3b3JrcyBSb290IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTAeFw0x" + - "NDA5MTkwMDAwMDBaFw0xNDExMTkwMDAwMDBaMC0xKzApBgNVBAMMIlVOTElNSVRFRDcwZWhxZG9l" + - "ZXQ2Z243bmc3eWx3ZWNxeGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdaKQHSwg2" + - "Q2Uz9t5mae9BfV9Jkk+WSU6jXixsTbtLAr8gvuNcVuI0lKm2zXVqoS8aRCSsCt12vhjU/WBTSv0t" + - "vwTaT2HQYFQ1GlVUBKssJEUpaVyQKL6LN9BA5ZODBpbhefRIX8z+02afxmNWdnOQfDtLU6nHSQLL" + - "IUBSmgu+Y2Q3SdIBojIl9Kj0Zt6uZkhtOXZqkwLBiMr+/ukSidpcmNgbAN0eXSfVouaduzsDPQ6M" + - "eCJTz2lhUvC0/57h5mlkNLzEjyb/pAVTtnK4zdiH6XAuCxU/AkF0yzhaiQWMG0RQb4vEx/UHjkDU" + - "+K0GDy/qx1BmBB7C4vHLauqSXOs1AgMBAAGjbzBtMB0GA1UdDgQWBBQioBn7DdhjmtBKgQKpx/aW" + - "XHYkGjALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCQYDVR0TBAIwADAfBgNVHSME" + - "GDAWgBQX9BvV5SoBAU1rol02CikJlmWARjANBgkqhkiG9w0BAQsFAAOCAgEAV7q102FQ62IOX84o" + - "pPvUL3hJkGtZ5chgQwZhfl2fGtEdeqpU27Hx1jLP9o3n1z9XYaZg/d8xYhpY6Mm4rFl6hA4gk81Z" + - "yg/A3QeUgIjOsA0Xp+RNB5ACaLjCPUtWNk5brfuelDdFHjl1noC2P3vQ9ErhUna6TKVsxxrueimO" + - "nc3sV7YMGiVfPC7wEmhERuyhQxftIUHUy2kDCY5QgXtru6IZmc3SP4FcM8LUSC49kqmU9if2GTLo" + - "wQZmz6T7+N5PIJWIOiDh9PyoojRo7ep9szeIZpzgxcsoE/9ed84tg36JLOWi0GOyrdzVExv0rQQt" + - "q/NpqAe1mX5XQVbY8nwgaJ8eWIWIXIn+5RB7b+fm5ZFeM4eFyWeDk99bvS8jdH6uQP5WusL55+ft" + - "ADtESsmBvzUEGqxk5GL4lmmeqE+vsR5TesqGjZ+yH67rR+1+Uy2mhbqJBP0E0LHwWCCPYEVfngHj" + - "aZkDF1UVQdfc9Amc5u5J5YliWrEG80BNeJF7740Gwx69DHEIhElN+BBeeqLLYIZTKmt28/9iWbKL" + - "vhCrz/29wLYksL1bXmyHzvzyAcDHPpO9sQrKYiP1mGRDmXJmZU3i3cgeqQFZ8+lr55wcYdMGJOcx" + - "bz+jL0VkHdnoZdzGzelrAhZtgMtsJ/kgWYRgtFmhpYF1Xtj2MYrpBDxgQck=" + - "-----END CERTIFICATE-----"; - - } -} diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java new file mode 100644 index 00000000..94cb67a3 --- /dev/null +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java @@ -0,0 +1,153 @@ +package se.leap.bitmaskclient.test; + +import android.content.BroadcastReceiver; +import android.content.Context; +import android.content.Intent; +import android.content.IntentFilter; +import android.provider.Settings; +import android.test.ActivityInstrumentationTestCase2; +import android.util.Log; +import com.robotium.solo.Solo; + +import de.blinkt.openvpn.activities.DisconnectVPN; +import se.leap.bitmaskclient.ConfigurationWizard; +import se.leap.bitmaskclient.Dashboard; +import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.test.ConnectionManager; + +public class testDashboardIntegration extends ActivityInstrumentationTestCase2 { + + private Solo solo; + + public testDashboardIntegration() { + super(Dashboard.class); + } + + @Override + protected void setUp() throws Exception { + super.setUp(); + solo = new Solo(getInstrumentation(), getActivity()); + ConnectionManager.setMobileDataEnabled(true, solo.getCurrentActivity().getApplicationContext()); + } + + @Override + protected void tearDown() throws Exception { + solo.finishOpenedActivities(); + } + + /** + * This test will fail if Android does not trust VPN connection. + * I cannot automate that dialog. + */ + public void testOnOffOpenVpn() { + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOn(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOff(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOn(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOff(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOn(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOff(); + + solo.clickOnView(solo.getView(R.id.eipSwitch)); + testEipTurningOn(); + + testEipIsOnNoNetwork(); + + } + + private void testEipTurningOn() { + if(!solo.waitForText(getActivity().getString(R.string.state_auth))) + fail(); + if(!solo.waitForText(getActivity().getString(R.string.eip_state_connected), 1, 30*1000)) + fail(); + solo.sleep(2*1000); + } + + private void testEipTurningOff() { + sayOkToDisconnect(); + if(!solo.waitForText(getActivity().getString(R.string.eip_state_not_connected))) + fail(); + solo.sleep(2*1000); + } + + private void sayOkToDisconnect() { + if(!solo.waitForActivity(DisconnectVPN.class)) + fail(); + solo.clickOnText(getActivity().getString(android.R.string.yes)); + } + + private void testEipIsOnNoNetwork() { + ConnectionManager.setMobileDataEnabled(false, solo.getCurrentActivity().getApplicationContext()); + if(!solo.waitForText(getActivity().getString(R.string.eip_state_not_connected), 1, 15*1000)) + fail(); + } + + public void testLogInAndOut() { + long miliseconds_to_log_in = 40 * 1000; + solo.clickOnActionBarItem(R.id.login_button); + solo.enterText(0, "parmegvtest1"); + solo.enterText(1, " S_Zw3'-"); + solo.clickOnText("Log In"); + solo.waitForDialogToClose(); + solo.waitForDialogToClose(miliseconds_to_log_in); + if(!solo.waitForText(getActivity().getString(R.string.succesful_authentication_message))) + fail(); + + solo.clickOnActionBarItem(R.string.logout_button); + if(!solo.waitForDialogToClose()) + fail(); + } + + public void testShowAbout() { + solo.clickOnMenuItem(getActivity().getString(R.string.about)); + solo.waitForText(getActivity().getString(R.string.repository_url_text)); + solo.goBack(); + + solo.clickOnMenuItem(getActivity().getString(R.string.about)); + solo.waitForText(getActivity().getString(R.string.repository_url_text)); + solo.goBack(); + } + + public void testSwitchProvider() { + solo.clickOnMenuItem(getActivity().getString(R.string.switch_provider_menu_option)); + solo.waitForActivity(ConfigurationWizard.class); + solo.goBack(); + } + + public void testUpdateExpiredCertificate() { + String certificate = "-----BEGIN CERTIFICATE-----" + + "MIIEnDCCAoSgAwIBAgIRAOBkcbMKR0Jlw+xNalHn7aIwDQYJKoZIhvcNAQELBQAwdTEYMBYGA1UE" + + "CgwPUmlzZXVwIE5ldHdvcmtzMRswGQYDVQQLDBJodHRwczovL3Jpc2V1cC5uZXQxPDA6BgNVBAMM" + + "M1Jpc2V1cCBOZXR3b3JrcyBSb290IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTAeFw0x" + + "NDA5MTkwMDAwMDBaFw0xNDExMTkwMDAwMDBaMC0xKzApBgNVBAMMIlVOTElNSVRFRDcwZWhxZG9l" + + "ZXQ2Z243bmc3eWx3ZWNxeGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdaKQHSwg2" + + "Q2Uz9t5mae9BfV9Jkk+WSU6jXixsTbtLAr8gvuNcVuI0lKm2zXVqoS8aRCSsCt12vhjU/WBTSv0t" + + "vwTaT2HQYFQ1GlVUBKssJEUpaVyQKL6LN9BA5ZODBpbhefRIX8z+02afxmNWdnOQfDtLU6nHSQLL" + + "IUBSmgu+Y2Q3SdIBojIl9Kj0Zt6uZkhtOXZqkwLBiMr+/ukSidpcmNgbAN0eXSfVouaduzsDPQ6M" + + "eCJTz2lhUvC0/57h5mlkNLzEjyb/pAVTtnK4zdiH6XAuCxU/AkF0yzhaiQWMG0RQb4vEx/UHjkDU" + + "+K0GDy/qx1BmBB7C4vHLauqSXOs1AgMBAAGjbzBtMB0GA1UdDgQWBBQioBn7DdhjmtBKgQKpx/aW" + + "XHYkGjALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCQYDVR0TBAIwADAfBgNVHSME" + + "GDAWgBQX9BvV5SoBAU1rol02CikJlmWARjANBgkqhkiG9w0BAQsFAAOCAgEAV7q102FQ62IOX84o" + + "pPvUL3hJkGtZ5chgQwZhfl2fGtEdeqpU27Hx1jLP9o3n1z9XYaZg/d8xYhpY6Mm4rFl6hA4gk81Z" + + "yg/A3QeUgIjOsA0Xp+RNB5ACaLjCPUtWNk5brfuelDdFHjl1noC2P3vQ9ErhUna6TKVsxxrueimO" + + "nc3sV7YMGiVfPC7wEmhERuyhQxftIUHUy2kDCY5QgXtru6IZmc3SP4FcM8LUSC49kqmU9if2GTLo" + + "wQZmz6T7+N5PIJWIOiDh9PyoojRo7ep9szeIZpzgxcsoE/9ed84tg36JLOWi0GOyrdzVExv0rQQt" + + "q/NpqAe1mX5XQVbY8nwgaJ8eWIWIXIn+5RB7b+fm5ZFeM4eFyWeDk99bvS8jdH6uQP5WusL55+ft" + + "ADtESsmBvzUEGqxk5GL4lmmeqE+vsR5TesqGjZ+yH67rR+1+Uy2mhbqJBP0E0LHwWCCPYEVfngHj" + + "aZkDF1UVQdfc9Amc5u5J5YliWrEG80BNeJF7740Gwx69DHEIhElN+BBeeqLLYIZTKmt28/9iWbKL" + + "vhCrz/29wLYksL1bXmyHzvzyAcDHPpO9sQrKYiP1mGRDmXJmZU3i3cgeqQFZ8+lr55wcYdMGJOcx" + + "bz+jL0VkHdnoZdzGzelrAhZtgMtsJ/kgWYRgtFmhpYF1Xtj2MYrpBDxgQck=" + + "-----END CERTIFICATE-----"; + + } +} diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testEIP.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testEIP.java new file mode 100644 index 00000000..4e1819d0 --- /dev/null +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testEIP.java @@ -0,0 +1,32 @@ +package se.leap.bitmaskclient.test; + +import android.content.Context; +import android.content.Intent; +import android.test.ActivityUnitTestCase; +import android.test.ServiceTestCase; + +import se.leap.bitmaskclient.Dashboard; +import se.leap.bitmaskclient.eip.EIP; + +public class testEIP extends ServiceTestCase { + + private Context context; + private Intent intent; + private EIP activity; + + public testEIP(Class activityClass) { + super(activityClass); + } + + @Override + protected void setUp() throws Exception { + super.setUp(); + } + + @Override + protected void tearDown() throws Exception { + super.tearDown(); + } + + +} diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index a67eaccd..b4208556 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -160,21 +160,12 @@ public final class EIP extends IntentService { tellToReceiver(ACTION_STOP_EIP, result_code); } - - private void tellToReceiver(String action, int resultCode) { - if (mReceiver != null){ - Bundle resultData = new Bundle(); - resultData.putString(REQUEST_TAG, action); - mReceiver.send(resultCode, resultData); - } - } /** * Checks the last stored status notified by ics-openvpn * Sends Activity.RESULT_CANCELED to the ResultReceiver that made the * request if it's not connected, Activity.RESULT_OK otherwise. */ - private void isRunning() { EipStatus eip_status = EipStatus.getInstance(); int resultCode = (eip_status.isConnected()) ? @@ -253,4 +244,12 @@ public final class EIP extends IntentService { Activity.RESULT_CANCELED; tellToReceiver(ACTION_CHECK_CERT_VALIDITY, resultCode); } + + private void tellToReceiver(String action, int resultCode) { + if (mReceiver != null){ + Bundle resultData = new Bundle(); + resultData.putString(REQUEST_TAG, action); + mReceiver.send(resultCode, resultData); + } + } } -- cgit v1.2.3 From 63a16b8c4e6d67910000b78c7f4a2a5709d498ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 3 Dec 2014 17:46:02 +0100 Subject: First orientation change doesn't crash. Update gradle to 2.2.1. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 139 +++++++++++++-------- .../main/java/se/leap/bitmaskclient/Dashboard.java | 3 - .../bitmaskclient/FragmentManagerEnhanced.java | 4 + .../se/leap/bitmaskclient/ConfigurationWizard.java | 106 ++++++++++------ 4 files changed, 157 insertions(+), 95 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 38084493..e28f758d 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -18,9 +18,7 @@ package se.leap.bitmaskclient; import android.app.*; import android.content.*; -import android.content.res.AssetManager; import android.os.*; -import android.util.Log; import android.view.*; import android.widget.*; import java.io.*; @@ -33,9 +31,7 @@ import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.FragmentManagerEnhanced; import se.leap.bitmaskclient.eip.Constants; -import se.leap.bitmaskclient.R; /** * Activity that builds and shows the list of known available providers. @@ -52,6 +48,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private TextView progressbar_description; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); + private ProviderItem selected_provider; final public static String TAG = ConfigurationWizard.class.getSimpleName(); final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; @@ -61,6 +58,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD final protected static String PROVIDER_SET = "PROVIDER SET"; final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; final protected static String ASSETS_URL_FOLDER = "urls"; + + final private static String PROGRESSBAR_TEXT = TAG + "PROGRESSBAR_TEXT"; + final private static String PROGRESSBAR_NUMBER = TAG + "PROGRESSBAR_NUMBER"; public ProviderAPIResultReceiver providerAPI_result_receiver; private ProviderAPIBroadcastReceiver_Update providerAPI_broadcast_receiver_update; @@ -68,32 +68,61 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private static SharedPreferences preferences; FragmentManagerEnhanced fragment_manager; private static boolean setting_up_provider = false; - + private String progressbar_text = ""; + private String provider_name = ""; + private int progress = -1; + + @Override + protected void onSaveInstanceState(Bundle outState) { + if(mProgressBar != null) + outState.putInt(PROGRESSBAR_NUMBER, mProgressBar.getProgress()); + if(progressbar_description != null) + outState.putString(PROGRESSBAR_TEXT, progressbar_description.getText().toString()); + if(selected_provider != null) + outState.putString(Provider.NAME, selected_provider.name()); + outState.putParcelable(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + super.onSaveInstanceState(outState); + } + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); - preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); - fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); + fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + + setUpInitialUI(); - setUpInitialUI(); + loadPreseededProviders(); - loadPreseededProviders(); + setUpProviderAPIResultReceiver(); - setUpProviderAPIResultReceiver(); - - // Only create our fragments if we're not restoring a saved instance - if ( savedInstanceState == null ){ - // TODO Some welcome screen? - // We will need better flow control when we have more Fragments (e.g. user auth) - setUpProviderList(); + setUpProviderList(); + + if(savedInstanceState != null) { + progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); + provider_name = savedInstanceState.getString(Provider.NAME, ""); + progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); + providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); + providerAPI_result_receiver.setReceiver(this); } + } - // TODO: If exposing deep links into your app, handle intents here. + @Override + protected void onPostResume() { + super.onPostResume(); + if(!progressbar_text.isEmpty() && !provider_name.isEmpty() && progress != -1) { + progressbar_description.setText(progressbar_text); + onItemSelectedUi(getProvider(provider_name)); + mProgressBar.setProgress(progress); + + progressbar_text = ""; + provider_name = ""; + progress = -1; + } } private void setUpInitialUI() { - setContentView(R.layout.configuration_wizard_activity); - + setContentView(R.layout.configuration_wizard_activity); hideProgressBar(); } @@ -119,15 +148,15 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private void putProviderListFragment(ProviderListFragment fragment) { - fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); } - @Override - protected void onDestroy() { - super.onDestroy(); - unregisterReceiver(providerAPI_broadcast_receiver_update); - } + @Override + protected void onDestroy() { + super.onDestroy(); + if(providerAPI_broadcast_receiver_update != null) + unregisterReceiver(providerAPI_broadcast_receiver_update); + } private void setUpProviderAPIResultReceiver() { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); @@ -153,12 +182,12 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD hideProgressBar(); setResult(RESULT_OK); - + showProviderDetails(); } } else if(resultCode == ProviderAPI.PROVIDER_NOK) { hideProgressBar(); - preferences.edit().remove(Provider.KEY).commit(); + preferences.edit().remove(Provider.KEY).apply(); setting_up_provider = false; setResult(RESULT_CANCELED, mConfigState); @@ -169,10 +198,10 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { mProgressBar.incrementProgressBy(1); hideProgressBar(); - - setResult(RESULT_OK); - + showProviderDetails(); + + setResult(RESULT_OK); } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { hideProgressBar(); @@ -190,17 +219,20 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD @Override public void onItemSelected(String id) { //TODO Code 2 pane view - ProviderItem selected_provider = getProvider(id); - int provider_index = getProviderIndex(id); - - startProgressBar(provider_index+1); - provider_list_fragment.hideAllBut(provider_index); + selected_provider = getProvider(id); + onItemSelectedUi(selected_provider); boolean danger_on = true; if(preferences.contains(ProviderItem.DANGER_ON)) danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); setUpProvider(selected_provider.providerMainUrl(), danger_on); } + + private void onItemSelectedUi(ProviderItem provider) { + startProgressBar(); + int provider_index = getProviderIndex(provider.name()); + provider_list_fragment.hideAllBut(provider_index); + } @Override public void onBackPressed() { @@ -216,7 +248,8 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD mProgressBar.setVisibility(ProgressBar.GONE); mProgressBar.setProgress(0); progressbar_description.setVisibility(TextView.GONE); - preferences.edit().remove(Provider.KEY).commit(); + + preferences.edit().remove(Provider.KEY).apply(); setting_up_provider = false; showAllProviders(); } @@ -254,19 +287,16 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD return null; } - private void startProgressBar() { - mProgressBar.setVisibility(ProgressBar.VISIBLE); - progressbar_description.setVisibility(TextView.VISIBLE); - mProgressBar.setProgress(0); - mProgressBar.setMax(3); - } - - private void startProgressBar(int list_item_index) { - startProgressBar(); - int measured_height = listItemHeight(list_item_index); - mProgressBar.setTranslationY(measured_height); - progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); - } + private void startProgressBar() { + mProgressBar.setVisibility(ProgressBar.VISIBLE); + progressbar_description.setVisibility(TextView.VISIBLE); + mProgressBar.setProgress(0); + mProgressBar.setMax(3); + + int measured_height = listItemHeight(); + mProgressBar.setTranslationY(measured_height); + progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); + } private int getProviderIndex(String id) { int index = 0; @@ -280,7 +310,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD return index; } - private int listItemHeight(int list_item_index) { + private int listItemHeight() { ListView provider_list_view = (ListView)findViewById(android.R.id.list); ListAdapter provider_list_adapter = provider_list_view.getAdapter(); View listItem = provider_list_adapter.getView(0, null, provider_list_view); @@ -433,7 +463,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); newFragment.show(fragment_transaction, DownloadFailedDialog.TAG); } - + /** * Once selected a provider, this fragment offers the user to log in, * use it anonymously (if possible) @@ -450,11 +480,11 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD public void showAndSelectProvider(String provider_main_url, boolean danger_on) { if(getId(provider_main_url).isEmpty()) - showProvider(provider_main_url, danger_on); + showProvider(provider_main_url); autoSelectProvider(provider_main_url, danger_on); } - private void showProvider(final String provider_main_url, final boolean danger_on) { + private void showProvider(final String provider_main_url) { String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url); provider_list_fragment.addItem(added_provider); @@ -467,8 +497,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD /** * Asks ProviderAPI to download a new provider.json file - * @param provider_name - * @param provider_main_url +n * @param provider_main_url * @param danger_on tells if HTTPS client should bypass certificate errors */ public void setUpProvider(String provider_main_url, boolean danger_on) { diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 8143d8d6..94de2fe8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -86,7 +86,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - boolean provider_configured = preferences.getString(Constants.KEY, "").isEmpty(); if (provider_configured) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); @@ -136,7 +135,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); - buildDashboard(false); invalidateOptionsMenu(); if(data != null && data.hasExtra(LogInDialog.TAG)) { logInDialog(Bundle.EMPTY); @@ -205,7 +203,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf eip_fragment.setArguments(arguments); } - fragment_manager.removePreviousFragment(EipServiceFragment.TAG); fragment_manager.replace(R.id.servicesCollection, eip_fragment, EipServiceFragment.TAG); if (hide_and_turn_on_eip) { diff --git a/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java b/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java index c4844be9..49af9274 100644 --- a/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java +++ b/app/src/main/java/se/leap/bitmaskclient/FragmentManagerEnhanced.java @@ -45,6 +45,10 @@ public class FragmentManagerEnhanced { transaction.replace(containerViewId, fragment, tag).commit(); } + public FragmentTransaction beginTransaction() { + return generic_fragment_manager.beginTransaction(); + } + public Fragment findFragmentByTag(String tag) { return generic_fragment_manager.findFragmentByTag(tag); } diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index d3203ab3..a25f49f1 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -18,9 +18,7 @@ package se.leap.bitmaskclient; import android.app.*; import android.content.*; -import android.content.res.AssetManager; import android.os.*; -import android.util.Log; import android.view.*; import android.widget.*; import java.io.*; @@ -52,6 +50,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private TextView progressbar_description; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); + private ProviderItem selected_provider; final public static String TAG = ConfigurationWizard.class.getSimpleName(); final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; @@ -61,6 +60,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD final protected static String PROVIDER_SET = "PROVIDER SET"; final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; final protected static String ASSETS_URL_FOLDER = "urls"; + + final private static String PROGRESSBAR_TEXT = TAG + "PROGRESSBAR_TEXT"; + final private static String PROGRESSBAR_NUMBER = TAG + "PROGRESSBAR_NUMBER"; public ProviderAPIResultReceiver providerAPI_result_receiver; private ProviderAPIBroadcastReceiver_Update providerAPI_broadcast_receiver_update; @@ -68,6 +70,21 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private static SharedPreferences preferences; FragmentManagerEnhanced fragment_manager; private static boolean setting_up_provider = false; + private String progressbar_text = ""; + private String provider_name = ""; + private int progress = -1; + + @Override + protected void onSaveInstanceState(Bundle outState) { + if(mProgressBar != null) + outState.putInt(PROGRESSBAR_NUMBER, mProgressBar.getProgress()); + if(progressbar_description != null) + outState.putString(PROGRESSBAR_TEXT, progressbar_description.getText().toString()); + if(selected_provider != null) + outState.putString(Provider.NAME, selected_provider.name()); + outState.putParcelable(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); + super.onSaveInstanceState(outState); + } @Override protected void onCreate(Bundle savedInstanceState) { @@ -80,16 +97,31 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD loadPreseededProviders(); setUpProviderAPIResultReceiver(); - - // Only create our fragments if we're not restoring a saved instance - if ( savedInstanceState == null ) { - // TODO Some welcome screen? - // We will need better flow control when we have more Fragments (e.g. user auth) - setUpProviderList(); + + setUpProviderList(); + + if ( savedInstanceState != null ) { + progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); + provider_name = savedInstanceState.getString(Provider.NAME, ""); + progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); + providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); + providerAPI_result_receiver.setReceiver(this); } + } - // TODO: If exposing deep links into your app, handle intents here. - } + @Override + protected void onPostResume() { + super.onPostResume(); + if(!progressbar_text.isEmpty() && !provider_name.isEmpty() && progress != -1) { + progressbar_description.setText(progressbar_text); + onItemSelectedUi(getProvider(provider_name)); + mProgressBar.setProgress(progress); + + progressbar_text = ""; + provider_name = ""; + progress = -1; + } + } private void setUpInitialUI() { setContentView(R.layout.configuration_wizard_activity); @@ -122,11 +154,11 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); } - @Override - protected void onDestroy() { - super.onDestroy(); - unregisterReceiver(providerAPI_broadcast_receiver_update); - } + @Override + protected void onDestroy() { + super.onDestroy(); + unregisterReceiver(providerAPI_broadcast_receiver_update); + } private void setUpProviderAPIResultReceiver() { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); @@ -169,9 +201,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD mProgressBar.incrementProgressBy(1); hideProgressBar(); - setResult(RESULT_OK); - showProviderDetails(); + + setResult(RESULT_OK); } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { hideProgressBar(); @@ -189,14 +221,16 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD @Override public void onItemSelected(String id) { //TODO Code 2 pane view - ProviderItem selected_provider = getProvider(id); - int provider_index = getProviderIndex(id); - - startProgressBar(provider_index+1); - provider_list_fragment.hideAllBut(provider_index); - + selected_provider = getProvider(id); + onItemSelectedUi(selected_provider); setUpProvider(selected_provider.providerMainUrl()); } + + private void onItemSelectedUi(ProviderItem provider) { + startProgressBar(); + int provider_index = getProviderIndex(provider.name()); + provider_list_fragment.hideAllBut(provider_index); + } @Override public void onBackPressed() { @@ -212,6 +246,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD mProgressBar.setVisibility(ProgressBar.GONE); mProgressBar.setProgress(0); progressbar_description.setVisibility(TextView.GONE); + preferences.edit().remove(Provider.KEY).commit(); setting_up_provider = false; showAllProviders(); @@ -250,19 +285,16 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD return null; } - private void startProgressBar() { - mProgressBar.setVisibility(ProgressBar.VISIBLE); - progressbar_description.setVisibility(TextView.VISIBLE); - mProgressBar.setProgress(0); - mProgressBar.setMax(3); - } - - private void startProgressBar(int list_item_index) { - startProgressBar(); - int measured_height = listItemHeight(list_item_index); - mProgressBar.setTranslationY(measured_height); - progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); - } + private void startProgressBar() { + mProgressBar.setVisibility(ProgressBar.VISIBLE); + progressbar_description.setVisibility(TextView.VISIBLE); + mProgressBar.setProgress(0); + mProgressBar.setMax(3); + + int measured_height = listItemHeight(); + mProgressBar.setTranslationY(measured_height); + progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); + } private int getProviderIndex(String id) { int index = 0; @@ -276,7 +308,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD return index; } - private int listItemHeight(int list_item_index) { + private int listItemHeight() { ListView provider_list_view = (ListView)findViewById(android.R.id.list); ListAdapter provider_list_adapter = provider_list_view.getAdapter(); View listItem = provider_list_adapter.getView(0, null, provider_list_view); -- cgit v1.2.3 From 64c08c28dbd1b22451d990559b3f345cfcae05ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 3 Dec 2014 20:49:41 +0100 Subject: Orientation changes always work. --- app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java | 1 + app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java | 1 + 2 files changed, 2 insertions(+) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index e28f758d..7c79c7c7 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -101,6 +101,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(savedInstanceState != null) { progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); provider_name = savedInstanceState.getString(Provider.NAME, ""); + selected_provider = getProvider(provider_name); progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); providerAPI_result_receiver.setReceiver(this); diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index a25f49f1..9afcf8a1 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -103,6 +103,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if ( savedInstanceState != null ) { progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); provider_name = savedInstanceState.getString(Provider.NAME, ""); + selected_provider = getProvider(provider_name); progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); providerAPI_result_receiver.setReceiver(this); -- cgit v1.2.3 From 6c79290b1783a303fad5ea8be3c3583cc79dad84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 4 Dec 2014 00:46:25 +0100 Subject: Learning to use Butterknife, refactoring small things. --- app/build.gradle | 1 + .../se/leap/bitmaskclient/ConfigurationWizard.java | 140 +++++++++------------ .../main/java/se/leap/bitmaskclient/Dashboard.java | 5 +- .../main/java/se/leap/bitmaskclient/Provider.java | 66 +++------- .../se/leap/bitmaskclient/ConfigurationWizard.java | 90 ++++++------- 5 files changed, 122 insertions(+), 180 deletions(-) (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 9c1d5b4e..6cf06281 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -47,6 +47,7 @@ android { dependencies { androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.2.1' + compile 'com.jakewharton:butterknife:6.0.0+' compile 'com.intellij:annotations:12.0' } diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 7c79c7c7..65cab91e 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * Copyright (c) 2013 LEAP Encryption Access Project and contributors * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -23,9 +23,13 @@ import android.view.*; import android.widget.*; import java.io.*; import java.net.*; -import java.util.*; + +import butterknife.ButterKnife; +import butterknife.InjectView; +import org.jetbrains.annotations.NotNull; import org.json.*; +import butterknife.OnItemSelected; import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; @@ -41,11 +45,14 @@ import se.leap.bitmaskclient.eip.Constants; * @author parmegv * */ -public class ConfigurationWizard extends Activity +public class ConfigurationWizard extends ListActivity implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { - private ProgressBar mProgressBar; - private TextView progressbar_description; + @InjectView(R.id.progressbar_configuration_wizard) + ProgressBar mProgressBar; + @InjectView(R.id.progressbar_description) + TextView progressbar_description; + private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); private ProviderItem selected_provider; @@ -73,7 +80,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private int progress = -1; @Override - protected void onSaveInstanceState(Bundle outState) { + protected void onSaveInstanceState(@NotNull Bundle outState) { if(mProgressBar != null) outState.putInt(PROGRESSBAR_NUMBER, mProgressBar.getProgress()); if(progressbar_description != null) @@ -89,6 +96,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + ButterKnife.inject(this); setUpInitialUI(); @@ -99,15 +107,19 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD setUpProviderList(); if(savedInstanceState != null) { - progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); - provider_name = savedInstanceState.getString(Provider.NAME, ""); - selected_provider = getProvider(provider_name); - progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); - providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); - providerAPI_result_receiver.setReceiver(this); + restoreState(savedInstanceState); } } + private void restoreState(Bundle savedInstanceState) { + progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); + provider_name = savedInstanceState.getString(Provider.NAME, ""); + selected_provider = getProvider(provider_name); + progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); + providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); + providerAPI_result_receiver.setReceiver(this); + } + @Override protected void onPostResume() { super.onPostResume(); @@ -128,10 +140,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private void hideProgressBar() { - mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard); mProgressBar.setVisibility(ProgressBar.INVISIBLE); - - progressbar_description = (TextView) findViewById(R.id.progressbar_description); progressbar_description.setVisibility(TextView.INVISIBLE); } @@ -145,11 +154,6 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD provider_list_fragment.setArguments(arguments); - putProviderListFragment(provider_list_fragment); - } - - private void putProviderListFragment(ProviderListFragment fragment) { - fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); } @Override @@ -194,7 +198,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD setResult(RESULT_CANCELED, mConfigState); String reason_to_fail = resultData.getString(ProviderAPI.ERRORS); - showDownloadFailedDialog(getCurrentFocus(), reason_to_fail); + showDownloadFailedDialog(reason_to_fail); } else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { mProgressBar.incrementProgressBy(1); @@ -256,21 +260,14 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private void usualBackButton() { - try { - boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false; - boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false; - if(!is_provider_set_up || !is_provider_set_up_truly) { - askDashboardToQuitApp(); - } else { - setResult(RESULT_OK); - } - } catch (JSONException e) { - askDashboardToQuitApp(); - super.onBackPressed(); - e.printStackTrace(); - } - super.onBackPressed(); + if(preferences.getString(Provider.KEY, "").isEmpty()) { + askDashboardToQuitApp(); + } else { + setResult(RESULT_OK); + } + super.onBackPressed(); } + private void askDashboardToQuitApp() { Intent ask_quit = new Intent(); ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT); @@ -278,13 +275,11 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private ProviderItem getProvider(String name) { - Iterator providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - if(provider.name().equalsIgnoreCase(name)) { - return provider; - } - } + for (ProviderItem provider : ProviderListContent.ITEMS) { + if (provider.name().equalsIgnoreCase(name)) { + return provider; + } + } return null; } @@ -301,13 +296,11 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private int getProviderIndex(String id) { int index = 0; - Iterator providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - if(provider.name().equalsIgnoreCase(id)) { - break; - } else index++; - } + for (ProviderItem provider : ProviderListContent.ITEMS) { + if (provider.name().equalsIgnoreCase(id)) { + break; + } else index++; + } return index; } @@ -358,15 +351,16 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } } - private String extractProviderMainUrlFromAssetsFile(String filepath) { + private String extractProviderMainUrlFromAssetsFile(String file_path) { String provider_main_url = ""; try { - InputStream input_stream_file_contents = getAssets().open(filepath); + InputStream input_stream_file_contents = getAssets().open(file_path); byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - input_stream_file_contents.read(urls_file_bytes); - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); + if(input_stream_file_contents.read(urls_file_bytes) > 0) { + String urls_file_content = new String(urls_file_bytes); + JSONObject file_contents = new JSONObject(urls_file_content); + provider_main_url = file_contents.getString(Provider.MAIN_URL); + } } catch (JSONException e) { } catch (IOException e) { } @@ -376,14 +370,12 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private String getId(String provider_main_url) { try { URL provider_url = new URL(provider_main_url); - Iterator providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - URL aux_provider_url = new URL(provider.providerMainUrl()); - if(isSameURL(provider_url, aux_provider_url)) { - return provider.name(); - } - } + for (ProviderItem provider : ProviderListContent.ITEMS) { + URL aux_provider_url = new URL(provider.providerMainUrl()); + if (isSameURL(provider_url, aux_provider_url)) { + return provider.name(); + } + } } catch (MalformedURLException e) { e.printStackTrace(); } @@ -399,16 +391,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD * same protocol, false otherwise. */ private boolean isSameURL(final URL url, final URL baseUrl) { - if (!url.getProtocol().equals(baseUrl.getProtocol())) { - return false; - } - if (!url.getHost().equals(baseUrl.getHost())) { - return false; - } - if (url.getPort() != baseUrl.getPort()) { - return false; - } - return true; + return url.getProtocol().equals(baseUrl.getProtocol()) && + url.getHost().equals(baseUrl.getHost()) && + url.getPort() == baseUrl.getPort(); } /** @@ -455,10 +440,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD * Once selected a provider, this fragment offers the user to log in, * use it anonymously (if possible) * or cancel his/her election pressing the back button. - * @param view - * @param reason_to_fail + * @param reason_to_fail */ - public void showDownloadFailedDialog(View view, String reason_to_fail) { + public void showDownloadFailedDialog(String reason_to_fail) { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(DownloadFailedDialog.TAG); DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); @@ -492,7 +476,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private void autoSelectProvider(String provider_main_url, boolean danger_on) { - preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).commit(); + preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); onItemSelected(getId(provider_main_url)); } @@ -559,7 +543,7 @@ n * @param provider_main_url if(provider_list_fragment != null && preferences.contains(ProviderItem.DANGER_ON)) { provider_list_fragment.removeLastItem(); } - preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); + preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); } @Override diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 94de2fe8..c4f845b8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -86,8 +86,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - boolean provider_configured = preferences.getString(Constants.KEY, "").isEmpty(); - if (provider_configured) + boolean no_provider_configured = preferences.getString(Constants.KEY, "").isEmpty(); + if (no_provider_configured) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); @@ -135,6 +135,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); + buildDashboard(false); invalidateOptionsMenu(); if(data != null && data.hasExtra(LogInDialog.TAG)) { logInDialog(Bundle.EMPTY); diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index fa1a4fb5..bb30905c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -110,11 +110,10 @@ public final class Provider implements Serializable { } protected String getDomain(){ - String domain = "Null"; + String domain = ""; try { domain = definition.getString(API_TERM_DOMAIN); } catch (JSONException e) { - domain = "Null"; e.printStackTrace(); } return domain; @@ -157,58 +156,25 @@ public final class Provider implements Serializable { } protected boolean hasEIP() { - JSONArray services = null; try { - services = definition.getJSONArray(API_TERM_SERVICES); // returns ["openvpn"] + JSONArray services = definition.getJSONArray(API_TERM_SERVICES); // returns ["openvpn"] + for (int i=0;i providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - if(provider.name().equalsIgnoreCase(name)) { - return provider; - } + for (ProviderItem provider : ProviderListContent.ITEMS) { + if(provider.name().equalsIgnoreCase(name)) { + return provider; } - return null; + } + return null; } private void startProgressBar() { @@ -299,14 +300,12 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private int getProviderIndex(String id) { int index = 0; - Iterator providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - if(provider.name().equalsIgnoreCase(id)) { - break; - } else index++; - } - return index; + for (ProviderItem provider : ProviderListContent.ITEMS) { + if(provider.name().equalsIgnoreCase(id)) { + break; + } else index++; + } + return index; } private int listItemHeight() { @@ -314,8 +313,8 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD ListAdapter provider_list_adapter = provider_list_view.getAdapter(); View listItem = provider_list_adapter.getView(0, null, provider_list_view); listItem.setLayoutParams(new RelativeLayout.LayoutParams( - RelativeLayout.LayoutParams.WRAP_CONTENT, - RelativeLayout.LayoutParams.WRAP_CONTENT)); + RelativeLayout.LayoutParams.WRAP_CONTENT, + RelativeLayout.LayoutParams.WRAP_CONTENT)); WindowManager wm = (WindowManager) getApplicationContext() .getSystemService(Context.WINDOW_SERVICE); Display display = wm.getDefaultDisplay(); @@ -361,10 +360,11 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD try { InputStream input_stream_file_contents = getAssets().open(filepath); byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - input_stream_file_contents.read(urls_file_bytes); - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); + if(input_stream_file_contents.read(urls_file_bytes) > 0) { + String urls_file_content = new String(urls_file_bytes); + JSONObject file_contents = new JSONObject(urls_file_content); + provider_main_url = file_contents.getString(Provider.MAIN_URL); + } } catch (JSONException e) { } catch (IOException e) { } @@ -373,15 +373,13 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private String getId(String provider_main_url) { try { - URL provider_url = new URL(provider_main_url); - Iterator providers_iterator = ProviderListContent.ITEMS.iterator(); - while(providers_iterator.hasNext()) { - ProviderItem provider = providers_iterator.next(); - URL aux_provider_url = new URL(provider.providerMainUrl()); - if(isSameURL(provider_url, aux_provider_url)) { - return provider.name(); + URL provider_url = new URL(provider_main_url); + for (ProviderItem provider : ProviderListContent.ITEMS) { + URL aux_provider_url = new URL(provider.providerMainUrl()); + if(isSameURL(provider_url, aux_provider_url)) { + return provider.name(); + } } - } } catch (MalformedURLException e) { e.printStackTrace(); } @@ -397,16 +395,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD * same protocol, false otherwise. */ private boolean isSameURL(final URL url, final URL baseUrl) { - if (!url.getProtocol().equals(baseUrl.getProtocol())) { - return false; - } - if (!url.getHost().equals(baseUrl.getHost())) { - return false; - } - if (url.getPort() != baseUrl.getPort()) { - return false; - } - return true; + return url.getProtocol().equals(baseUrl.getProtocol()) && + url.getHost().equals(baseUrl.getHost()) && + url.getPort() == baseUrl.getPort(); } /** @@ -452,10 +443,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD * Once selected a provider, this fragment offers the user to log in, * use it anonymously (if possible) * or cancel his/her election pressing the back button. - * @param view * @param reason_to_fail */ - public void showDownloadFailedDialog(View view, String reason_to_fail) { + public void showDownloadFailedDialog(String reason_to_fail) { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(DownloadFailedDialog.TAG); DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); @@ -555,7 +545,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(provider_list_fragment != null) { provider_list_fragment.removeLastItem(); } - preferences.edit().remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); + preferences.edit().remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); } @Override -- cgit v1.2.3 From 568e5b77e7e34e10e5585614f5587df29f45cfd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 4 Dec 2014 01:14:03 +0100 Subject: CW loads, but no provider list appears. --- app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java | 7 ++++--- app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java | 5 ++++- app/src/main/res/layout/configuration_wizard_activity.xml | 1 - 3 files changed, 8 insertions(+), 5 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 65cab91e..55bb43a2 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -45,7 +45,7 @@ import se.leap.bitmaskclient.eip.Constants; * @author parmegv * */ -public class ConfigurationWizard extends ListActivity +public class ConfigurationWizard extends Activity implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { @InjectView(R.id.progressbar_configuration_wizard) @@ -96,7 +96,6 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - ButterKnife.inject(this); setUpInitialUI(); @@ -136,7 +135,9 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private void setUpInitialUI() { setContentView(R.layout.configuration_wizard_activity); - hideProgressBar(); + ButterKnife.inject(this); + + hideProgressBar(); } private void hideProgressBar() { diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java index e5baebc0..6d40bf9f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java @@ -24,6 +24,7 @@ import android.view.View; import android.view.ViewGroup; import android.widget.ListView; +import butterknife.ButterKnife; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; /** @@ -107,7 +108,9 @@ public class ProviderListFragment extends ListFragment { @Override public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle bundle) { - return inflater.inflate(R.layout.provider_list_fragment, container, false); + View view = inflater.inflate(R.layout.provider_list_fragment, container, false); + ButterKnife.inject(this, view); + return view; } @Override diff --git a/app/src/main/res/layout/configuration_wizard_activity.xml b/app/src/main/res/layout/configuration_wizard_activity.xml index f3d0e48b..49c4b2b9 100644 --- a/app/src/main/res/layout/configuration_wizard_activity.xml +++ b/app/src/main/res/layout/configuration_wizard_activity.xml @@ -22,5 +22,4 @@ android:textAppearance="?android:attr/textAppearanceMedium" android:layout_centerHorizontal="true" android:textColor="@android:color/holo_blue_bright" /> - \ No newline at end of file -- cgit v1.2.3 From f9a200a7004b74cb2d64e37129e6234427c84c7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 4 Dec 2014 16:38:21 +0100 Subject: Renderers and dagger, refactoring CW. --- app/build.gradle | 2 + .../se/leap/bitmaskclient/ConfigurationWizard.java | 103 +++++++----------- .../main/java/se/leap/bitmaskclient/Dashboard.java | 15 +-- .../main/java/se/leap/bitmaskclient/Provider.java | 116 ++++++++++---------- .../se/leap/bitmaskclient/ProviderManager.java | 120 +++++++++++++++++++++ .../se/leap/bitmaskclient/ProviderRenderer.java | 55 ++++++++++ .../bitmaskclient/ProviderRendererBuilder.java | 25 +++++ .../res/layout/configuration_wizard_activity.xml | 6 ++ app/src/main/res/layout/provider_list_item.xml | 8 +- .../se/leap/bitmaskclient/ConfigurationWizard.java | 100 +++++++---------- 10 files changed, 352 insertions(+), 198 deletions(-) create mode 100644 app/src/main/java/se/leap/bitmaskclient/ProviderManager.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/ProviderRendererBuilder.java (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 6cf06281..4211e379 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -48,6 +48,8 @@ android { dependencies { androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.2.1' compile 'com.jakewharton:butterknife:6.0.0+' + provided 'com.squareup.dagger:dagger-compiler:1.2.2+' + compile 'com.github.pedrovgs:renderers:1.3+' compile 'com.intellij:annotations:12.0' } diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 55bb43a2..f178b754 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -21,15 +21,21 @@ import android.content.*; import android.os.*; import android.view.*; import android.widget.*; + +import com.pedrogomez.renderers.Renderer; +import com.pedrogomez.renderers.RendererAdapter; + import java.io.*; import java.net.*; +import java.util.*; import butterknife.ButterKnife; import butterknife.InjectView; import org.jetbrains.annotations.NotNull; import org.json.*; -import butterknife.OnItemSelected; +import javax.inject.Inject; + import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; @@ -48,11 +54,13 @@ import se.leap.bitmaskclient.eip.Constants; public class ConfigurationWizard extends Activity implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { - @InjectView(R.id.progressbar_configuration_wizard) - ProgressBar mProgressBar; - @InjectView(R.id.progressbar_description) - TextView progressbar_description; + @InjectView(R.id.progressbar_configuration_wizard) ProgressBar mProgressBar; + @InjectView(R.id.progressbar_description) TextView progressbar_description; + + @InjectView(R.id.provider_list) ListView provider_list_view; + @Inject RendererAdapter adapter; + private ProviderManager provider_manager; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); private ProviderItem selected_provider; @@ -64,7 +72,6 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD final protected static String PROVIDER_SET = "PROVIDER SET"; final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; - final protected static String ASSETS_URL_FOLDER = "urls"; final private static String PROGRESSBAR_TEXT = TAG + "PROGRESSBAR_TEXT"; final private static String PROGRESSBAR_NUMBER = TAG + "PROGRESSBAR_NUMBER"; @@ -79,6 +86,14 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private String provider_name = ""; private int progress = -1; + private void initProviderList() { + List> prototypes = new ArrayList>(); + prototypes.add(new ProviderRenderer(this)); + ProviderRendererBuilder providerRendererBuilder = new ProviderRendererBuilder(prototypes); + adapter = new RendererAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); + provider_list_view.setAdapter(adapter); + } + @Override protected void onSaveInstanceState(@NotNull Bundle outState) { if(mProgressBar != null) @@ -96,11 +111,10 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); + provider_manager = new ProviderManager(getAssets()); setUpInitialUI(); - loadPreseededProviders(); - setUpProviderAPIResultReceiver(); setUpProviderList(); @@ -146,14 +160,15 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } private void setUpProviderList() { - provider_list_fragment = ProviderListFragment.newInstance(); - - Bundle arguments = new Bundle(); - int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); - if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) - arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); - - provider_list_fragment.setArguments(arguments); + initProviderList(); + // provider_list_fragment = ProviderListFragment.newInstance(); + + // Bundle arguments = new Bundle(); + // int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); + // if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) + // arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); + + // provider_list_fragment.setArguments(arguments); } @@ -325,49 +340,6 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD return listItem.getMeasuredHeight(); } - /** - * Loads providers data from url files contained in the assets folder - * @return true if the files were correctly read - */ - private boolean loadPreseededProviders() { - boolean loaded_preseeded_providers = true; - try { - //TODO Put that folder in a better place (also inside the "for") - String[] urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); - for(String url_filepath : urls_filepaths) { - addNewProviderToList(url_filepath); - } - } catch (IOException e) { - loaded_preseeded_providers = false; - } - - return loaded_preseeded_providers; - } - - private void addNewProviderToList(String url_filepath) { - String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); - if(getId(provider_main_url).isEmpty()) { - String provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); - ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); - } - } - - private String extractProviderMainUrlFromAssetsFile(String file_path) { - String provider_main_url = ""; - try { - InputStream input_stream_file_contents = getAssets().open(file_path); - byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - if(input_stream_file_contents.read(urls_file_bytes) > 0) { - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); - } - } catch (JSONException e) { - } catch (IOException e) { - } - return provider_main_url; - } - private String getId(String provider_main_url) { try { URL provider_url = new URL(provider_main_url); @@ -465,17 +437,14 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } public void showAndSelectProvider(String provider_main_url, boolean danger_on) { - if(getId(provider_main_url).isEmpty()) - showProvider(provider_main_url); + try { + provider_manager.add(new Provider(new URL((provider_main_url)))); + } catch (MalformedURLException e) { + e.printStackTrace(); + } autoSelectProvider(provider_main_url, danger_on); } - private void showProvider(final String provider_main_url) { - String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); - ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url); - provider_list_fragment.addItem(added_provider); - } - private void autoSelectProvider(String provider_main_url, boolean danger_on) { preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); onItemSelected(getId(provider_main_url)); diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index c4f845b8..e1d08d08 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -71,9 +71,10 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private TextView status_message; public ProviderAPIResultReceiver providerAPI_result_receiver; + private Provider provider; private static boolean authed_eip; - - @Override + + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); @@ -137,9 +138,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf updateEipService(); buildDashboard(false); invalidateOptionsMenu(); - if(data != null && data.hasExtra(LogInDialog.TAG)) { + if(data != null) + if(data.hasExtra(LogInDialog.TAG)) { logInDialog(Bundle.EMPTY); } + if(data.hasExtra(Provider.KEY)) + provider = data.getParcelableExtra(Provider.KEY); } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { finish(); } else @@ -180,9 +184,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * service dependent UI elements to include. */ private void buildDashboard(boolean hide_and_turn_on_eip) { - Provider provider = Provider.getInstance(); - provider.init( this ); - setContentView(R.layout.client_dashboard); TextView providerNameTV = (TextView) findViewById(R.id.providerName); @@ -262,7 +263,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf startActivity(startLW); return true; case R.id.switch_provider: - if (Provider.getInstance().hasEIP()){ + if (provider.hasEIP()){ if (preferences.getBoolean(Constants.AUTHED_EIP, false)){ logOut(); } diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index bb30905c..5dd54175 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -19,12 +19,16 @@ package se.leap.bitmaskclient; import android.app.Activity; import android.content.Context; import android.content.SharedPreferences; +import android.os.Parcel; +import android.os.Parcelable; import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; import java.io.Serializable; +import java.net.MalformedURLException; +import java.net.URL; import java.util.Arrays; import java.util.Locale; @@ -32,16 +36,11 @@ import java.util.Locale; * @author Sean Leonard * */ -public final class Provider implements Serializable { +public final class Provider implements Parcelable { - private static final long serialVersionUID = 6003835972151761353L; - - private static Provider instance = null; - - // We'll access our preferences here - private static SharedPreferences preferences = null; - // Represents our Provider's provider.json - private static JSONObject definition = null; + private JSONObject definition; // Represents our Provider's provider.json + private URL main_url; + private boolean is_custom = false; final public static String API_URL = "api_uri", @@ -69,54 +68,39 @@ public final class Provider implements Serializable { private static final String API_TERM_DEFAULT_LANGUAGE = "default_language"; protected static final String[] API_EIP_TYPES = {"openvpn"}; - private static final String PREFS_EIP_NAME = null; + public Provider(URL main_url) { + this.main_url = main_url; + } + public static final Parcelable.Creator CREATOR + = new Parcelable.Creator() { + public Provider createFromParcel(Parcel in) { + return new Provider(in); + } - - // What, no individual fields?! We're going to gamble on org.json.JSONObject and JSONArray - // Supporting multiple API versions will probably break this paradigm, - // Forcing me to write a real constructor and rewrite getters/setters - // Also will refactor if i'm instantiating the same local variables all the time - - /** - * - */ - private Provider() {} - - protected static Provider getInstance(){ - if(instance==null){ - instance = new Provider(); - } - return instance; - } + public Provider[] newArray(int size) { + return new Provider[size]; + } + }; - protected void init(Activity activity) { - - // Load our preferences from SharedPreferences - // If there's nothing there, we will end up returning a rather empty object - // to whoever called getInstance() and they can run the First Run Wizard - //preferences = context.getgetPreferences(0); // 0 == MODE_PRIVATE, but we don't extend Android's classes... - - // Load SharedPreferences - preferences = activity.getSharedPreferences(Dashboard.SHARED_PREFERENCES,Context.MODE_PRIVATE); - // Inflate our provider.json data - try { - definition = new JSONObject( preferences.getString(Provider.KEY, "") ); - } catch (JSONException e) { - // TODO: handle exception - - // FIXME!! We want "real" data!! - } - } + private Provider(Parcel in) { + try { + main_url = new URL(in.readString()); + definition = new JSONObject((in.readString())); + } catch (MalformedURLException e) { + e.printStackTrace(); + } catch (JSONException e) { + e.printStackTrace(); + } + } + + + protected void define(JSONObject provider_json) { + definition = provider_json; + } protected String getDomain(){ - String domain = ""; - try { - domain = definition.getString(API_TERM_DOMAIN); - } catch (JSONException e) { - e.printStackTrace(); - } - return domain; + return main_url.getHost(); } protected String getName(){ @@ -124,15 +108,12 @@ public final class Provider implements Serializable { String lang = Locale.getDefault().getLanguage(); String name = "Null"; // Should it actually /be/ null, for error conditions? try { - name = definition.getJSONObject(API_TERM_NAME).getString(lang); + if(definition != null) + name = definition.getJSONObject(API_TERM_NAME).getString(lang); + else throw new JSONException("Provider not defined"); } catch (JSONException e) { - // TODO: Nesting try/catch blocks? Crazy - // Maybe you should actually handle exception? - try { - name = definition.getJSONObject(API_TERM_NAME).getString( definition.getString(API_TERM_DEFAULT_LANGUAGE) ); - } catch (JSONException e2) { - // TODO: Will you handle the exception already? - } + String host = main_url.getHost(); + name = host.substring(0, host.indexOf(".")); } return name; @@ -177,4 +158,19 @@ public final class Provider implements Serializable { } return false; } + + protected boolean isCustom() { + return is_custom; + } + + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel parcel, int i) { + parcel.writeString(main_url.toString()); + parcel.writeString(definition.toString()); + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java new file mode 100644 index 00000000..59507d9c --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java @@ -0,0 +1,120 @@ +package se.leap.bitmaskclient; + +import android.content.res.AssetManager; + +import com.pedrogomez.renderers.AdapteeCollection; + +import org.json.JSONException; +import org.json.JSONObject; + +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Collection; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + * Created by parmegv on 4/12/14. + */ +public class ProviderManager implements AdapteeCollection { + + private AssetManager assets_manager; + private Set default_providers; + private Set custom_providers; + + final protected static String URLS = "urls"; + + public ProviderManager(AssetManager assets_manager) { + this.assets_manager = assets_manager; + default_providers = default_providers(); + custom_providers = new HashSet(); + } + + /** + * Loads providers data from url files contained in the assets folder + * @return true if the files were correctly read + */ + private Set default_providers() { + Set providers = new HashSet(); + try { + for(String file : assets_manager.list(URLS)) { + String main_url = extractProviderMainUrlFromAssetsFile(URLS + "/" + file); + providers.add(new Provider(new URL(main_url))); + } + } catch (MalformedURLException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } + + return providers; + } + + private String extractProviderMainUrlFromAssetsFile(String file_path) { + String provider_main_url = ""; + try { + InputStream input_stream_file_contents = assets_manager.open(file_path); + byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; + if(input_stream_file_contents.read(urls_file_bytes) > 0) { + String urls_file_content = new String(urls_file_bytes); + JSONObject file_contents = new JSONObject(urls_file_content); + provider_main_url = file_contents.getString(Provider.MAIN_URL); + } + } catch (JSONException e) { + } catch (IOException e) { + } + return provider_main_url; + } + + public Set providers() { + Set all_providers = new HashSet(); + all_providers.addAll(default_providers); + all_providers.addAll(custom_providers); + return all_providers; + } + + @Override + public int size() { + return providers().size(); + } + + @Override + public Provider get(int index) { + Iterator iterator = providers().iterator(); + while(iterator.hasNext() && index > 0) { + iterator.next(); + index--; + } + return iterator.next(); + } + + @Override + public void add(Provider element) { + custom_providers.add(element); + } + + @Override + public void remove(Provider element) { + custom_providers.remove(element); + } + + @Override + public void addAll(Collection elements) { + custom_providers.addAll(elements); + } + + @Override + public void removeAll(Collection elements) { + custom_providers.removeAll(elements); + default_providers.removeAll(elements); + } + + @Override + public void clear() { + default_providers.clear(); + custom_providers.clear(); + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java b/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java new file mode 100644 index 00000000..2e376dee --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java @@ -0,0 +1,55 @@ +package se.leap.bitmaskclient; + +import android.content.Context; +import android.view.LayoutInflater; +import android.view.View; +import android.view.ViewGroup; +import android.widget.ImageView; +import android.widget.TextView; + +import com.pedrogomez.renderers.Renderer; + +import butterknife.ButterKnife; +import butterknife.InjectView; + +/** + * Created by parmegv on 4/12/14. + */ +public class ProviderRenderer extends Renderer { + private final Context context; + + @InjectView(R.id.provider_name) + TextView name; + @InjectView(R.id.provider_domain) + TextView domain; + + public ProviderRenderer(Context context) { + this.context = context; + } + + @Override + protected View inflate(LayoutInflater inflater, ViewGroup parent) { + View view = inflater.inflate(R.layout.provider_list_item, parent, false); + ButterKnife.inject(this, view); + return view; + } + + @Override + protected void setUpView(View rootView) { + /* + * Empty implementation substituted with the usage of ButterKnife library by Jake Wharton. + */ + } + + @Override + protected void hookListeners(View rootView) { + //Empty + } + + @Override + public void render() { + Provider provider = getContent(); + name.setText(provider.getName()); + domain.setText(provider.getDomain()); + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderRendererBuilder.java b/app/src/main/java/se/leap/bitmaskclient/ProviderRendererBuilder.java new file mode 100644 index 00000000..7366e68e --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderRendererBuilder.java @@ -0,0 +1,25 @@ +package se.leap.bitmaskclient; + +import android.content.Context; + +import com.pedrogomez.renderers.Renderer; +import com.pedrogomez.renderers.RendererBuilder; + +import java.util.Collection; +import java.util.LinkedList; +import java.util.List; + +import javax.inject.Inject; + +/** + * Created by parmegv on 4/12/14. + */ + public class ProviderRendererBuilder extends RendererBuilder { + public ProviderRendererBuilder(Collection> prototypes) { + super(prototypes); + } + @Override + protected Class getPrototypeClass(Provider content) { + return ProviderRenderer.class; + } +} diff --git a/app/src/main/res/layout/configuration_wizard_activity.xml b/app/src/main/res/layout/configuration_wizard_activity.xml index 49c4b2b9..a5bca1e9 100644 --- a/app/src/main/res/layout/configuration_wizard_activity.xml +++ b/app/src/main/res/layout/configuration_wizard_activity.xml @@ -5,6 +5,12 @@ android:layout_height="match_parent" tools:context=".ConfigurationWizard" > + + - - diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index cb9f42fb..c47f68b9 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -21,10 +21,21 @@ import android.content.*; import android.os.*; import android.view.*; import android.widget.*; + +import com.pedrogomez.renderers.Renderer; +import com.pedrogomez.renderers.RendererAdapter; + import java.io.*; import java.net.*; +import java.util.*; + +import butterknife.ButterKnife; +import butterknife.InjectView; +import org.jetbrains.annotations.NotNull; import org.json.*; +import javax.inject.Inject; + import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; @@ -32,7 +43,6 @@ import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterf import se.leap.bitmaskclient.ProviderListContent.ProviderItem; import se.leap.bitmaskclient.FragmentManagerEnhanced; import se.leap.bitmaskclient.eip.Constants; -import se.leap.bitmaskclient.R; /** * Activity that builds and shows the list of known available providers. @@ -46,11 +56,13 @@ public class ConfigurationWizard extends Activity implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { - @InjectView(R.id.progressbar_configuration_wizard) - private ProgressBar mProgressBar; - @InjectView(R.id.progressbar_description) - private TextView progressbar_description; + @InjectView(R.id.progressbar_configuration_wizard) ProgressBar mProgressBar; + @InjectView(R.id.progressbar_description) TextView progressbar_description; + @InjectView(R.id.provider_list) ListView provider_list_view; + @Inject RendererAdapter adapter; + + private ProviderManager provider_manager; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); private ProviderItem selected_provider; @@ -77,6 +89,14 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private String provider_name = ""; private int progress = -1; + private void initProviderList() { + List> prototypes = new ArrayList>(); + prototypes.add(new ProviderRenderer(this)); + ProviderRendererBuilder providerRendererBuilder = new ProviderRendererBuilder(prototypes); + adapter = new RendererAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); + provider_list_view.setAdapter(adapter); + } + @Override protected void onSaveInstanceState(Bundle outState) { if(mProgressBar != null) @@ -94,25 +114,28 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - + provider_manager = new ProviderManager(getAssets()); + setUpInitialUI(); - loadPreseededProviders(); - setUpProviderAPIResultReceiver(); setUpProviderList(); if ( savedInstanceState != null ) { - progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); - provider_name = savedInstanceState.getString(Provider.NAME, ""); - selected_provider = getProvider(provider_name); - progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); - providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); - providerAPI_result_receiver.setReceiver(this); + restoreState(savedInstanceState); } } + private void restoreState(Bundle savedInstanceState) { + progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); + provider_name = savedInstanceState.getString(Provider.NAME, ""); + selected_provider = getProvider(provider_name); + progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); + providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); + providerAPI_result_receiver.setReceiver(this); + } + @Override protected void onPostResume() { super.onPostResume(); @@ -129,19 +152,19 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private void setUpInitialUI() { setContentView(R.layout.configuration_wizard_activity); - + ButterKnife.inject(this); + hideProgressBar(); } private void hideProgressBar() { - mProgressBar = (ProgressBar) findViewById(R.id.progressbar_configuration_wizard); mProgressBar.setVisibility(ProgressBar.INVISIBLE); - progressbar_description = (TextView) findViewById(R.id.progressbar_description); progressbar_description.setVisibility(TextView.INVISIBLE); } private void setUpProviderList() { + initProviderList(); provider_list_fragment = ProviderListFragment.newInstance(); Bundle arguments = new Bundle(); @@ -326,49 +349,6 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD listItem.measure(widthSpec, 0); return listItem.getMeasuredHeight(); -} - - /** - * Loads providers data from url files contained in the assets folder - * @return true if the files were correctly read - */ - private boolean loadPreseededProviders() { - boolean loaded_preseeded_providers = true; - try { - //TODO Put that folder in a better place (also inside the "for") - String[] urls_filepaths = getAssets().list(ASSETS_URL_FOLDER); - for(String url_filepath : urls_filepaths) { - addNewProviderToList(url_filepath); - } - } catch (IOException e) { - loaded_preseeded_providers = false; - } - - return loaded_preseeded_providers; - } - - private void addNewProviderToList(String url_filepath) { - String provider_main_url = extractProviderMainUrlFromAssetsFile(ASSETS_URL_FOLDER + "/" + url_filepath); - if(getId(provider_main_url).isEmpty()) { - String provider_name = url_filepath.subSequence(0, url_filepath.lastIndexOf(".")).toString(); - ProviderListContent.addItem(new ProviderItem(provider_name, provider_main_url)); - } - } - - private String extractProviderMainUrlFromAssetsFile(String filepath) { - String provider_main_url = ""; - try { - InputStream input_stream_file_contents = getAssets().open(filepath); - byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - if(input_stream_file_contents.read(urls_file_bytes) > 0) { - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); - } - } catch (JSONException e) { - } catch (IOException e) { - } - return provider_main_url; } private String getId(String provider_main_url) { -- cgit v1.2.3 From 202036aa6befcb1c74a76803f22e020404d4ba34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 4 Dec 2014 18:42:06 +0100 Subject: Click on an item, no UI but functional. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 52 +++++++++---------- .../main/java/se/leap/bitmaskclient/Provider.java | 4 ++ .../se/leap/bitmaskclient/ProviderRenderer.java | 2 + .../se/leap/bitmaskclient/ConfigurationWizard.java | 60 +++++++++++----------- 4 files changed, 63 insertions(+), 55 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index f178b754..53a7eb46 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -19,6 +19,7 @@ package se.leap.bitmaskclient; import android.app.*; import android.content.*; import android.os.*; +import android.util.Log; import android.view.*; import android.widget.*; @@ -31,6 +32,7 @@ import java.util.*; import butterknife.ButterKnife; import butterknife.InjectView; +import butterknife.OnItemClick; import org.jetbrains.annotations.NotNull; import org.json.*; @@ -52,7 +54,7 @@ import se.leap.bitmaskclient.eip.Constants; * */ public class ConfigurationWizard extends Activity -implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { +implements NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { @InjectView(R.id.progressbar_configuration_wizard) ProgressBar mProgressBar; @InjectView(R.id.progressbar_description) TextView progressbar_description; @@ -63,7 +65,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private ProviderManager provider_manager; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); - private ProviderItem selected_provider; + private Provider selected_provider; final public static String TAG = ConfigurationWizard.class.getSimpleName(); final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; @@ -101,7 +103,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(progressbar_description != null) outState.putString(PROGRESSBAR_TEXT, progressbar_description.getText().toString()); if(selected_provider != null) - outState.putString(Provider.NAME, selected_provider.name()); + outState.putParcelable(Provider.KEY, selected_provider); outState.putParcelable(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); super.onSaveInstanceState(outState); } @@ -127,7 +129,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private void restoreState(Bundle savedInstanceState) { progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); provider_name = savedInstanceState.getString(Provider.NAME, ""); - selected_provider = getProvider(provider_name); + selected_provider = savedInstanceState.getParcelable(Provider.KEY); progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); providerAPI_result_receiver.setReceiver(this); @@ -232,21 +234,17 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD // I need this for CW to wait for the About activity to end before going back to Dashboard. } } - - /** - * Callback method from {@link ProviderListFragment.Callbacks} - * indicating that the item with the given ID was selected. - */ - @Override - public void onItemSelected(String id) { - //TODO Code 2 pane view - selected_provider = getProvider(id); - onItemSelectedUi(selected_provider); + + @OnItemClick(R.id.provider_list) + void onItemSelected(int position) { + //TODO Code 2 pane view + selected_provider = adapter.getItem(position); + //onItemSelectedUi(selected_provider); boolean danger_on = true; if(preferences.contains(ProviderItem.DANGER_ON)) danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); - setUpProvider(selected_provider.providerMainUrl(), danger_on); + setUpProvider(selected_provider.mainUrl(), danger_on); } private void onItemSelectedUi(ProviderItem provider) { @@ -436,29 +434,31 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } } - public void showAndSelectProvider(String provider_main_url, boolean danger_on) { + public void showAndSelectProvider(String provider_main_url, boolean danger_on) { try { - provider_manager.add(new Provider(new URL((provider_main_url)))); + selected_provider = new Provider(new URL((provider_main_url))); + provider_manager.add(selected_provider); + autoSelectProvider(selected_provider, danger_on); } catch (MalformedURLException e) { e.printStackTrace(); } - autoSelectProvider(provider_main_url, danger_on); - } - - private void autoSelectProvider(String provider_main_url, boolean danger_on) { - preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); - onItemSelected(getId(provider_main_url)); - } + } + + private void autoSelectProvider(Provider provider, boolean danger_on) { + preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); + selected_provider = provider; + //onItemSelectedUi(selected_provider); + } /** * Asks ProviderAPI to download a new provider.json file n * @param provider_main_url * @param danger_on tells if HTTPS client should bypass certificate errors */ - public void setUpProvider(String provider_main_url, boolean danger_on) { + public void setUpProvider(URL provider_main_url, boolean danger_on) { Intent provider_API_command = new Intent(this, ProviderAPI.class); Bundle parameters = new Bundle(); - parameters.putString(Provider.MAIN_URL, provider_main_url); + parameters.putString(Provider.MAIN_URL, provider_main_url.toString()); parameters.putBoolean(ProviderItem.DANGER_ON, danger_on); provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 5dd54175..0d584310 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -102,6 +102,10 @@ public final class Provider implements Parcelable { protected String getDomain(){ return main_url.getHost(); } + + protected URL mainUrl() { + return main_url; + } protected String getName(){ // Should we pass the locale in, or query the system here? diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java b/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java index 2e376dee..6e194e84 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderRenderer.java @@ -11,6 +11,8 @@ import com.pedrogomez.renderers.Renderer; import butterknife.ButterKnife; import butterknife.InjectView; +import butterknife.OnItemClick; +import butterknife.OnItemSelected; /** * Created by parmegv on 4/12/14. diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index c47f68b9..beab12cc 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -31,6 +31,7 @@ import java.util.*; import butterknife.ButterKnife; import butterknife.InjectView; +import butterknife.OnItemClick; import org.jetbrains.annotations.NotNull; import org.json.*; @@ -53,7 +54,7 @@ import se.leap.bitmaskclient.eip.Constants; * */ public class ConfigurationWizard extends Activity -implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { +implements NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { @InjectView(R.id.progressbar_configuration_wizard) ProgressBar mProgressBar; @@ -65,7 +66,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private ProviderManager provider_manager; private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); - private ProviderItem selected_provider; + private Provider selected_provider; final public static String TAG = ConfigurationWizard.class.getSimpleName(); final public static String TYPE_OF_CERTIFICATE = "type_of_certificate"; @@ -104,7 +105,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD if(progressbar_description != null) outState.putString(PROGRESSBAR_TEXT, progressbar_description.getText().toString()); if(selected_provider != null) - outState.putString(Provider.NAME, selected_provider.name()); + outState.putParcelable(Provider.KEY, selected_provider); outState.putParcelable(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); super.onSaveInstanceState(outState); } @@ -130,7 +131,7 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private void restoreState(Bundle savedInstanceState) { progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); provider_name = savedInstanceState.getString(Provider.NAME, ""); - selected_provider = getProvider(provider_name); + selected_provider = savedInstanceState.getParcelable(Provider.KEY); progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); providerAPI_result_receiver = savedInstanceState.getParcelable(ProviderAPI.RECEIVER_KEY); providerAPI_result_receiver.setReceiver(this); @@ -165,16 +166,16 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD private void setUpProviderList() { initProviderList(); - provider_list_fragment = ProviderListFragment.newInstance(); + // provider_list_fragment = ProviderListFragment.newInstance(); - Bundle arguments = new Bundle(); - int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); - if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) - arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); + // Bundle arguments = new Bundle(); + // int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); + // if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) + // arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); - provider_list_fragment.setArguments(arguments); + // provider_list_fragment.setArguments(arguments); - putProviderListFragment(); + // putProviderListFragment(); } private void putProviderListFragment() { @@ -241,16 +242,12 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } } - /** - * Callback method from {@link ProviderListFragment.Callbacks} - * indicating that the item with the given ID was selected. - */ - @Override - public void onItemSelected(String id) { + @OnItemClick(R.id.provider_list) + void onItemSelected(int position) { //TODO Code 2 pane view - selected_provider = getProvider(id); - onItemSelectedUi(selected_provider); - setUpProvider(selected_provider.providerMainUrl()); + selected_provider = adapter.getItem(position); + //onItemSelectedUi(selected_provider); + setUpProvider(selected_provider.mainUrl()); } private void onItemSelectedUi(ProviderItem provider) { @@ -447,11 +444,15 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD } } - public void showAndSelectProvider(String provider_main_url) { - if(getId(provider_main_url).isEmpty()) - showProvider(provider_main_url); - autoSelectProvider(provider_main_url); + public void showAndSelectProvider(String provider_main_url) { + try { + selected_provider = new Provider(new URL((provider_main_url))); + provider_manager.add(selected_provider); + autoSelectProvider(selected_provider); + } catch (MalformedURLException e) { + e.printStackTrace(); } + } private void showProvider(final String provider_main_url) { String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); @@ -459,19 +460,20 @@ implements ProviderListFragment.Callbacks, NewProviderDialogInterface, ProviderD provider_list_fragment.addItem(added_provider); } - private void autoSelectProvider(String provider_main_url) { - onItemSelected(getId(provider_main_url)); - } + private void autoSelectProvider(Provider provider) { + selected_provider = provider; + //onItemSelected(provider); + } /** * Asks ProviderAPI to download a new provider.json file * @param provider_name * @param provider_main_url */ - public void setUpProvider(String provider_main_url) { + public void setUpProvider(URL provider_main_url) { Intent provider_API_command = new Intent(this, ProviderAPI.class); Bundle parameters = new Bundle(); - parameters.putString(Provider.MAIN_URL, provider_main_url); + parameters.putString(Provider.MAIN_URL, provider_main_url.toString()); provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); -- cgit v1.2.3 From 84f71ca604abb2b4aeb410dcec2c3cc5dff9bc39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 11:20:31 +0100 Subject: Switching provider doesn't refresh provider list. It shows just one provider, and it's not the one that gets configured if selected. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 100 ++++++--------------- .../main/java/se/leap/bitmaskclient/Dashboard.java | 32 +++---- .../main/java/se/leap/bitmaskclient/Provider.java | 16 +++- .../se/leap/bitmaskclient/ProviderListAdapter.java | 79 ++++++++++------ .../leap/bitmaskclient/ProviderListFragment.java | 26 +----- 5 files changed, 107 insertions(+), 146 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 53a7eb46..dfca91ba 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -19,22 +19,18 @@ package se.leap.bitmaskclient; import android.app.*; import android.content.*; import android.os.*; -import android.util.Log; import android.view.*; import android.widget.*; -import com.pedrogomez.renderers.Renderer; -import com.pedrogomez.renderers.RendererAdapter; +import com.pedrogomez.renderers.*; -import java.io.*; import java.net.*; import java.util.*; -import butterknife.ButterKnife; -import butterknife.InjectView; -import butterknife.OnItemClick; +import butterknife.*; import org.jetbrains.annotations.NotNull; -import org.json.*; +import org.json.JSONException; +import org.json.JSONObject; import javax.inject.Inject; @@ -60,10 +56,9 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download @InjectView(R.id.progressbar_description) TextView progressbar_description; @InjectView(R.id.provider_list) ListView provider_list_view; - @Inject RendererAdapter adapter; + @Inject ProviderListAdapter adapter; private ProviderManager provider_manager; - private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); private Provider selected_provider; @@ -92,7 +87,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download List> prototypes = new ArrayList>(); prototypes.add(new ProviderRenderer(this)); ProviderRendererBuilder providerRendererBuilder = new ProviderRendererBuilder(prototypes); - adapter = new RendererAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); + adapter = new ProviderListAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); provider_list_view.setAdapter(adapter); } @@ -140,7 +135,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download super.onPostResume(); if(!progressbar_text.isEmpty() && !provider_name.isEmpty() && progress != -1) { progressbar_description.setText(progressbar_text); - onItemSelectedUi(getProvider(provider_name)); + //onItemSelectedUi(getProvider(provider_name)); mProgressBar.setProgress(progress); progressbar_text = ""; @@ -196,6 +191,14 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download if(resultCode == ProviderAPI.PROVIDER_OK) { mConfigState.setAction(PROVIDER_SET); + try { + String provider_json_string = preferences.getString(Provider.KEY, ""); + if(!provider_json_string.isEmpty()) + selected_provider.define(new JSONObject(provider_json_string)); + } catch (JSONException e) { + e.printStackTrace(); + } + if (preferences.getBoolean(Constants.ALLOWED_ANON, false)){ mConfigState.putExtra(SERVICES_RETRIEVED, true); @@ -239,7 +242,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download void onItemSelected(int position) { //TODO Code 2 pane view selected_provider = adapter.getItem(position); - //onItemSelectedUi(selected_provider); + onItemSelectedUi(selected_provider); boolean danger_on = true; if(preferences.contains(ProviderItem.DANGER_ON)) @@ -247,10 +250,9 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download setUpProvider(selected_provider.mainUrl(), danger_on); } - private void onItemSelectedUi(ProviderItem provider) { + private void onItemSelectedUi(Provider provider) { startProgressBar(); - int provider_index = getProviderIndex(provider.name()); - provider_list_fragment.hideAllBut(provider_index); + adapter.hideAllBut(adapter.indexOf(provider)); } @Override @@ -288,15 +290,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download setResult(RESULT_CANCELED, ask_quit); } - private ProviderItem getProvider(String name) { - for (ProviderItem provider : ProviderListContent.ITEMS) { - if (provider.name().equalsIgnoreCase(name)) { - return provider; - } - } - return null; - } - private void startProgressBar() { mProgressBar.setVisibility(ProgressBar.VISIBLE); progressbar_description.setVisibility(TextView.VISIBLE); @@ -307,21 +300,9 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download mProgressBar.setTranslationY(measured_height); progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); } - - private int getProviderIndex(String id) { - int index = 0; - for (ProviderItem provider : ProviderListContent.ITEMS) { - if (provider.name().equalsIgnoreCase(id)) { - break; - } else index++; - } - return index; - } private int listItemHeight() { - ListView provider_list_view = (ListView)findViewById(android.R.id.list); - ListAdapter provider_list_adapter = provider_list_view.getAdapter(); - View listItem = provider_list_adapter.getView(0, null, provider_list_view); + View listItem = adapter.getView(0, null, provider_list_view); listItem.setLayoutParams(new RelativeLayout.LayoutParams( RelativeLayout.LayoutParams.WRAP_CONTENT, RelativeLayout.LayoutParams.WRAP_CONTENT)); @@ -338,35 +319,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download return listItem.getMeasuredHeight(); } - private String getId(String provider_main_url) { - try { - URL provider_url = new URL(provider_main_url); - for (ProviderItem provider : ProviderListContent.ITEMS) { - URL aux_provider_url = new URL(provider.providerMainUrl()); - if (isSameURL(provider_url, aux_provider_url)) { - return provider.name(); - } - } - } catch (MalformedURLException e) { - e.printStackTrace(); - } - return ""; - } - - /** - * Checks, whether 2 urls are pointing to the same location. - * - * @param url a url - * @param baseUrl an other url, that should be compared. - * @return true, if the urls point to the same host and port and use the - * same protocol, false otherwise. - */ - private boolean isSameURL(final URL url, final URL baseUrl) { - return url.getProtocol().equals(baseUrl.getProtocol()) && - url.getHost().equals(baseUrl.getHost()) && - url.getPort() == baseUrl.getPort(); - } - /** * Asks ProviderAPI to download an anonymous (anon) VPN certificate. */ @@ -503,16 +455,11 @@ n * @param provider_main_url } public void showAllProviders() { - provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); - if(provider_list_fragment != null) - provider_list_fragment.unhideAll(); + adapter.showAllProviders(); } public void cancelSettingUpProvider() { - provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); - if(provider_list_fragment != null && preferences.contains(ProviderItem.DANGER_ON)) { - provider_list_fragment.removeLastItem(); - } + showAllProviders(); preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); } @@ -520,6 +467,7 @@ n * @param provider_main_url public void login() { Intent ask_login = new Intent(); ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); + ask_login.putExtra(Provider.KEY, selected_provider); setResult(RESULT_OK, ask_login); setting_up_provider = false; finish(); @@ -527,7 +475,9 @@ n * @param provider_main_url @Override public void use_anonymously() { - setResult(RESULT_OK); + Intent pass_provider = new Intent(); + pass_provider.putExtra(Provider.KEY, selected_provider); + setResult(RESULT_OK, pass_provider); setting_up_provider = false; finish(); } diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index e1d08d08..e277221b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -87,8 +87,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - boolean no_provider_configured = preferences.getString(Constants.KEY, "").isEmpty(); - if (no_provider_configured) + + if (provider == null) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); @@ -132,21 +132,21 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf Log.d(TAG, "onActivityResult: requestCode = " + requestCode); if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { - if ( resultCode == RESULT_OK ){ - preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); - preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); - updateEipService(); - buildDashboard(false); - invalidateOptionsMenu(); - if(data != null) - if(data.hasExtra(LogInDialog.TAG)) { - logInDialog(Bundle.EMPTY); - } - if(data.hasExtra(Provider.KEY)) + if ( resultCode == RESULT_OK ) { + preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); + preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); + updateEipService(); + + if (data.hasExtra(Provider.KEY)) provider = data.getParcelableExtra(Provider.KEY); - } else if(resultCode == RESULT_CANCELED && (data == null || data.hasExtra(ACTION_QUIT))) { - finish(); - } else + buildDashboard(false); + invalidateOptionsMenu(); + if (data.hasExtra(LogInDialog.TAG)) { + logInDialog(Bundle.EMPTY); + } else if (resultCode == RESULT_CANCELED && data.hasExtra(ACTION_QUIT)) { + finish(); + } + } else configErrorDialog(); } else if(requestCode == EIP.DISCONNECT) { EipStatus.getInstance().setConnectedOrDisconnected(); diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 0d584310..dd679bb2 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -86,7 +86,9 @@ public final class Provider implements Parcelable { private Provider(Parcel in) { try { main_url = new URL(in.readString()); - definition = new JSONObject((in.readString())); + String definition_string = in.readString(); + if(definition_string != null) + definition = new JSONObject((definition_string)); } catch (MalformedURLException e) { e.printStackTrace(); } catch (JSONException e) { @@ -94,7 +96,6 @@ public final class Provider implements Parcelable { } } - protected void define(JSONObject provider_json) { definition = provider_json; } @@ -175,6 +176,15 @@ public final class Provider implements Parcelable { @Override public void writeToParcel(Parcel parcel, int i) { parcel.writeString(main_url.toString()); - parcel.writeString(definition.toString()); + if(definition != null) + parcel.writeString(definition.toString()); + } + + @Override + public boolean equals(Object o) { + if(o instanceof Provider) { + Provider p = (Provider) o; + return p.mainUrl().equals(mainUrl()); + } else return false; } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 1148e65e..92b2ae2e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -7,9 +7,15 @@ import android.view.ViewGroup; import android.widget.ArrayAdapter; import android.widget.TwoLineListItem; +import com.pedrogomez.renderers.AdapteeCollection; +import com.pedrogomez.renderers.RendererAdapter; +import com.pedrogomez.renderers.RendererBuilder; + +import java.util.Collection; import java.util.List; +import java.util.Set; -public class ProviderListAdapter extends ArrayAdapter { +public class ProviderListAdapter extends RendererAdapter { private static boolean[] hidden = null; public void hide(int position) { @@ -23,10 +29,23 @@ public class ProviderListAdapter extends ArrayAdapter { notifyDataSetChanged(); notifyDataSetInvalidated(); } + + public void showAllProviders() { + for(int i = 0; i < hidden.length; i++) + hidden[i] = false; + notifyDataSetChanged(); + notifyDataSetInvalidated(); + } - public void unHideAll() { - for (int provider_index = 0; provider_index < hidden.length; provider_index++) - hidden[provider_index] = false; + public void hideAllBut(int position) { + for (int i = 0; i < hidden.length; i++) { + if (i != position) + hidden[i] = true; + else + hidden[i] = false; + } + notifyDataSetChanged(); + notifyDataSetInvalidated(); } private int getRealPosition(int position) { @@ -60,26 +79,28 @@ public class ProviderListAdapter extends ArrayAdapter { return (hidden.length - getHiddenCount()); } - public ProviderListAdapter(Context mContext, int layout, List objects) { - super(mContext, layout, objects); + public ProviderListAdapter(LayoutInflater layoutInflater, RendererBuilder rendererBuilder, + AdapteeCollection collection) { + super(layoutInflater, rendererBuilder, collection); if(hidden == null) { - hidden = new boolean[objects.size()]; - for (int i = 0; i < objects.size(); i++) + hidden = new boolean[collection.size()]; + for (int i = 0; i < collection.size(); i++) hidden[i] = false; } } - public ProviderListAdapter(Context mContext, int layout, List objects, boolean show_all_providers) { - super(mContext, layout, objects); + public ProviderListAdapter(LayoutInflater layoutInflater, RendererBuilder rendererBuilder, + AdapteeCollection collection, boolean show_all_providers) { + super(layoutInflater, rendererBuilder, collection); if(show_all_providers) { - hidden = new boolean[objects.size()]; - for (int i = 0; i < objects.size(); i++) + hidden = new boolean[collection.size()]; + for (int i = 0; i < collection.size(); i++) hidden[i] = false; } } @Override - public void add(T item) { + public void add(Provider item) { super.add(item); boolean[] new_hidden = new boolean[hidden.length+1]; System.arraycopy(hidden, 0, new_hidden, 0, hidden.length); @@ -88,27 +109,27 @@ public class ProviderListAdapter extends ArrayAdapter { } @Override - public void remove(T item) { + public void remove(Provider item) { super.remove(item); boolean[] new_hidden = new boolean[hidden.length-1]; System.arraycopy(hidden, 0, new_hidden, 0, hidden.length-1); hidden = new_hidden; } - @Override - public View getView(int index, View convertView, ViewGroup parent) { - TwoLineListItem row; - int position = getRealPosition(index); - if (convertView == null) { - LayoutInflater inflater = (LayoutInflater) getContext().getSystemService(Context.LAYOUT_INFLATER_SERVICE); - row = (TwoLineListItem)inflater.inflate(R.layout.provider_list_item, null); - } else { - row = (TwoLineListItem)convertView; - } - ProviderListContent.ProviderItem data = ProviderListContent.ITEMS.get(position); - row.getText1().setText(data.domain()); - row.getText2().setText(data.name()); + protected int indexOf(Provider item) { + int index = 0; + ProviderManager provider_manager = (ProviderManager) getCollection(); + Set providers = provider_manager.providers(); + for (Provider provider : providers) { + if (provider.equals(item)) { + break; + } else index++; + } + return index; + } - return row; - } + @Override + public View getView(int position, View convertView, ViewGroup parent) { + return super.getView(getRealPosition(position), convertView, parent); + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java index 6d40bf9f..875b76d7 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java @@ -40,7 +40,7 @@ public class ProviderListFragment extends ListFragment { public static String TAG = "provider_list_fragment"; public static String SHOW_ALL_PROVIDERS = "show_all_providers"; public static String TOP_PADDING = "top padding from providerlistfragment"; - private ProviderListAdapter content_adapter; + private ProviderListAdapter content_adapter; /** * The serialization (saved instance state) Bundle key representing the @@ -91,19 +91,7 @@ public class ProviderListFragment extends ListFragment { @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); - if(getArguments().containsKey(SHOW_ALL_PROVIDERS)) - content_adapter = new ProviderListAdapter( - getActivity(), - R.layout.provider_list_item, - ProviderListContent.ITEMS, getArguments().getBoolean(SHOW_ALL_PROVIDERS)); - else - content_adapter = new ProviderListAdapter( - getActivity(), - R.layout.provider_list_item, - ProviderListContent.ITEMS); - - - setListAdapter(content_adapter); + } @Override @@ -198,12 +186,11 @@ public class ProviderListFragment extends ListFragment { } public void removeLastItem() { - unhideAll(); content_adapter.remove(content_adapter.getItem(content_adapter.getCount()-1)); content_adapter.notifyDataSetChanged(); } - public void addItem(ProviderItem provider) { + public void addItem(Provider provider) { content_adapter.add(provider); content_adapter.notifyDataSetChanged(); } @@ -219,13 +206,6 @@ public class ProviderListFragment extends ListFragment { i++; } } - - public void unhideAll() { - if(content_adapter != null) { - content_adapter.unHideAll(); - content_adapter.notifyDataSetChanged(); - } - } /** * @return a new instance of this ListFragment. -- cgit v1.2.3 From 7da04dc635505c0bcfdcc2c86d186a7a6f0535f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 12:08:40 +0100 Subject: Release flavor updated, back button works. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 27 ++-- .../main/java/se/leap/bitmaskclient/Dashboard.java | 4 +- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 18 +-- .../se/leap/bitmaskclient/ConfigurationWizard.java | 148 ++++++--------------- 4 files changed, 63 insertions(+), 134 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index dfca91ba..20545473 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -258,9 +258,10 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download @Override public void onBackPressed() { if(setting_up_provider) { - stopSettingUpProvider(); + stopSettingUpProvider(); } else { - usualBackButton(); + askDashboardToQuitApp(); + super.onBackPressed(); } } @@ -270,18 +271,13 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download mProgressBar.setProgress(0); progressbar_description.setVisibility(TextView.GONE); - preferences.edit().remove(Provider.KEY).apply(); - setting_up_provider = false; - showAllProviders(); + cancelSettingUpProvider(); } - - private void usualBackButton() { - if(preferences.getString(Provider.KEY, "").isEmpty()) { - askDashboardToQuitApp(); - } else { - setResult(RESULT_OK); - } - super.onBackPressed(); + + public void cancelSettingUpProvider() { + showAllProviders(); + setting_up_provider = false; + preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); } private void askDashboardToQuitApp() { @@ -457,11 +453,6 @@ n * @param provider_main_url public void showAllProviders() { adapter.showAllProviders(); } - - public void cancelSettingUpProvider() { - showAllProviders(); - preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); - } @Override public void login() { diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index e277221b..e3bd9b7d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -143,9 +143,9 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf invalidateOptionsMenu(); if (data.hasExtra(LogInDialog.TAG)) { logInDialog(Bundle.EMPTY); - } else if (resultCode == RESULT_CANCELED && data.hasExtra(ACTION_QUIT)) { - finish(); } + } else if (resultCode == RESULT_CANCELED && data.hasExtra(ACTION_QUIT)) { + finish(); } else configErrorDialog(); } else if(requestCode == EIP.DISCONNECT) { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index b4208556..4363dd13 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -47,7 +47,6 @@ import static se.leap.bitmaskclient.eip.Constants.ACTION_STOP_EIP; import static se.leap.bitmaskclient.eip.Constants.ACTION_UPDATE_EIP_SERVICE; import static se.leap.bitmaskclient.eip.Constants.CERTIFICATE; import static se.leap.bitmaskclient.eip.Constants.KEY; -import static se.leap.bitmaskclient.eip.Constants.PARSED_SERIAL; import static se.leap.bitmaskclient.eip.Constants.RECEIVER_TAG; import static se.leap.bitmaskclient.eip.Constants.REQUEST_TAG; @@ -209,18 +208,19 @@ public final class EIP extends IntentService { */ private void updateGateways(){ try { - JSONArray gatewaysDefined = eip_definition.getJSONArray("gateways"); - for ( int i=0 ; i < gatewaysDefined.length(); i++ ){ - JSONObject gw = gatewaysDefined.getJSONObject(i); - if(isOpenVpnGateway(gw)) { - addGateway(new Gateway(eip_definition, context, gw)); - } - } + if(eip_definition != null) { + JSONArray gatewaysDefined = eip_definition.getJSONArray("gateways"); + for (int i = 0; i < gatewaysDefined.length(); i++) { + JSONObject gw = gatewaysDefined.getJSONObject(i); + if (isOpenVpnGateway(gw)) { + addGateway(new Gateway(eip_definition, context, gw)); + } + } + } } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); } - preferences.edit().putInt(PARSED_SERIAL, eip_definition.optInt(Provider.API_RETURN_SERIAL)).apply(); } private boolean isOpenVpnGateway(JSONObject gateway) { diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index beab12cc..d54b9a30 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -22,16 +22,13 @@ import android.os.*; import android.view.*; import android.widget.*; -import com.pedrogomez.renderers.Renderer; -import com.pedrogomez.renderers.RendererAdapter; +import com.pedrogomez.renderers.*; import java.io.*; import java.net.*; import java.util.*; -import butterknife.ButterKnife; -import butterknife.InjectView; -import butterknife.OnItemClick; +import butterknife.*; import org.jetbrains.annotations.NotNull; import org.json.*; @@ -61,7 +58,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download @InjectView(R.id.progressbar_description) TextView progressbar_description; @InjectView(R.id.provider_list) ListView provider_list_view; - @Inject RendererAdapter adapter; + @Inject ProviderListAdapter adapter; private ProviderManager provider_manager; private ProviderListFragment provider_list_fragment; @@ -94,7 +91,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download List> prototypes = new ArrayList>(); prototypes.add(new ProviderRenderer(this)); ProviderRendererBuilder providerRendererBuilder = new ProviderRendererBuilder(prototypes); - adapter = new RendererAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); + adapter = new ProviderListAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); provider_list_view.setAdapter(adapter); } @@ -142,7 +139,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download super.onPostResume(); if(!progressbar_text.isEmpty() && !provider_name.isEmpty() && progress != -1) { progressbar_description.setText(progressbar_text); - onItemSelectedUi(getProvider(provider_name)); + //onItemSelectedUi(getProvider(provider_name)); mProgressBar.setProgress(progress); progressbar_text = ""; @@ -202,6 +199,13 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void onReceiveResult(int resultCode, Bundle resultData) { if(resultCode == ProviderAPI.PROVIDER_OK) { mConfigState.setAction(PROVIDER_SET); + try { + String provider_json_string = preferences.getString(Provider.KEY, ""); + if(!provider_json_string.isEmpty()) + selected_provider.define(new JSONObject(provider_json_string)); + } catch (JSONException e) { + e.printStackTrace(); + } if (preferences.getBoolean(Constants.ALLOWED_ANON, false)){ mConfigState.putExtra(SERVICES_RETRIEVED, true); @@ -246,22 +250,22 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download void onItemSelected(int position) { //TODO Code 2 pane view selected_provider = adapter.getItem(position); - //onItemSelectedUi(selected_provider); + onItemSelectedUi(selected_provider); setUpProvider(selected_provider.mainUrl()); } - private void onItemSelectedUi(ProviderItem provider) { + private void onItemSelectedUi(Provider provider) { startProgressBar(); - int provider_index = getProviderIndex(provider.name()); - provider_list_fragment.hideAllBut(provider_index); + adapter.hideAllBut(adapter.indexOf(provider)); } @Override public void onBackPressed() { - if(setting_up_provider) { - stopSettingUpProvider(); + if(setting_up_provider) { + stopSettingUpProvider(); } else { - usualBackButton(); + askDashboardToQuitApp(); + super.onBackPressed(); } } @@ -277,35 +281,18 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download } private void usualBackButton() { - try { - boolean is_provider_set_up = new JSONObject(preferences.getString(Provider.KEY, "no provider")) != null ? true : false; - boolean is_provider_set_up_truly = new JSONObject(preferences.getString(Provider.KEY, "no provider")).length() != 0 ? true : false; - if(!is_provider_set_up || !is_provider_set_up_truly) { - askDashboardToQuitApp(); - } else { - setResult(RESULT_OK); - } - } catch (JSONException e) { - askDashboardToQuitApp(); - super.onBackPressed(); - e.printStackTrace(); - } - super.onBackPressed(); + if(preferences.getString(Provider.KEY, "").isEmpty()) { + askDashboardToQuitApp(); + } else { + setResult(RESULT_OK); + } + super.onBackPressed(); } private void askDashboardToQuitApp() { Intent ask_quit = new Intent(); ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT); setResult(RESULT_CANCELED, ask_quit); } - - private ProviderItem getProvider(String name) { - for (ProviderItem provider : ProviderListContent.ITEMS) { - if(provider.name().equalsIgnoreCase(name)) { - return provider; - } - } - return null; - } private void startProgressBar() { mProgressBar.setVisibility(ProgressBar.VISIBLE); @@ -317,21 +304,9 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download mProgressBar.setTranslationY(measured_height); progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); } - - private int getProviderIndex(String id) { - int index = 0; - for (ProviderItem provider : ProviderListContent.ITEMS) { - if(provider.name().equalsIgnoreCase(id)) { - break; - } else index++; - } - return index; - } private int listItemHeight() { - ListView provider_list_view = (ListView)findViewById(android.R.id.list); - ListAdapter provider_list_adapter = provider_list_view.getAdapter(); - View listItem = provider_list_adapter.getView(0, null, provider_list_view); + View listItem = adapter.getView(0, null, provider_list_view); listItem.setLayoutParams(new RelativeLayout.LayoutParams( RelativeLayout.LayoutParams.WRAP_CONTENT, RelativeLayout.LayoutParams.WRAP_CONTENT)); @@ -348,35 +323,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download return listItem.getMeasuredHeight(); } - private String getId(String provider_main_url) { - try { - URL provider_url = new URL(provider_main_url); - for (ProviderItem provider : ProviderListContent.ITEMS) { - URL aux_provider_url = new URL(provider.providerMainUrl()); - if(isSameURL(provider_url, aux_provider_url)) { - return provider.name(); - } - } - } catch (MalformedURLException e) { - e.printStackTrace(); - } - return ""; - } - - /** - * Checks, whether 2 urls are pointing to the same location. - * - * @param url a url - * @param baseUrl an other url, that should be compared. - * @return true, if the urls point to the same host and port and use the - * same protocol, false otherwise. - */ - private boolean isSameURL(final URL url, final URL baseUrl) { - return url.getProtocol().equals(baseUrl.getProtocol()) && - url.getHost().equals(baseUrl.getHost()) && - url.getPort() == baseUrl.getPort(); - } - /** * Asks ProviderAPI to download an anonymous (anon) VPN certificate. */ @@ -453,13 +399,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download e.printStackTrace(); } } - - private void showProvider(final String provider_main_url) { - String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); - ProviderItem added_provider = new ProviderItem(provider_name, provider_main_url); - provider_list_fragment.addItem(added_provider); - } - + private void autoSelectProvider(Provider provider) { selected_provider = provider; //onItemSelected(provider); @@ -516,19 +456,15 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download } } - public void showAllProviders() { - provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); - if(provider_list_fragment != null) - provider_list_fragment.unhideAll(); - } + public void showAllProviders() { + adapter.showAllProviders(); + } - public void cancelSettingUpProvider() { - provider_list_fragment = (ProviderListFragment) fragment_manager.findFragmentByTag(ProviderListFragment.TAG); - if(provider_list_fragment != null) { - provider_list_fragment.removeLastItem(); - } - preferences.edit().remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); - } + public void cancelSettingUpProvider() { + adapter.showAllProviders(); + setting_up_provider = false; + preferences.edit().remove(Provider.KEY).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).apply(); + } @Override public void login() { @@ -539,12 +475,14 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download finish(); } - @Override - public void use_anonymously() { - setResult(RESULT_OK); - setting_up_provider = false; - finish(); - } + @Override + public void use_anonymously() { + Intent pass_provider = new Intent(); + pass_provider.putExtra(Provider.KEY, selected_provider); + setResult(RESULT_OK, pass_provider); + setting_up_provider = false; + finish(); + } public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver { -- cgit v1.2.3 From afc9998ebefb19fcb2f9e3c46c6430fd69262e47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 12:14:58 +0100 Subject: Show all providers onCreate CW. --- .../se/leap/bitmaskclient/ProviderListAdapter.java | 24 ++++++---------------- 1 file changed, 6 insertions(+), 18 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 92b2ae2e..8360954b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -79,25 +79,13 @@ public class ProviderListAdapter extends RendererAdapter { return (hidden.length - getHiddenCount()); } - public ProviderListAdapter(LayoutInflater layoutInflater, RendererBuilder rendererBuilder, + public ProviderListAdapter(LayoutInflater layoutInflater, RendererBuilder rendererBuilder, AdapteeCollection collection) { - super(layoutInflater, rendererBuilder, collection); - if(hidden == null) { - hidden = new boolean[collection.size()]; - for (int i = 0; i < collection.size(); i++) - hidden[i] = false; - } - } - - public ProviderListAdapter(LayoutInflater layoutInflater, RendererBuilder rendererBuilder, - AdapteeCollection collection, boolean show_all_providers) { - super(layoutInflater, rendererBuilder, collection); - if(show_all_providers) { - hidden = new boolean[collection.size()]; - for (int i = 0; i < collection.size(); i++) - hidden[i] = false; - } - } + super(layoutInflater, rendererBuilder, collection); + hidden = new boolean[collection.size()]; + for (int i = 0; i < collection.size(); i++) + hidden[i] = false; + } @Override public void add(Provider item) { -- cgit v1.2.3 From 5978db9bf758b7b229616d0575e327c58ad8cf94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 14:08:17 +0100 Subject: EIP fragment shown correctly. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 16 +++++--- .../java/se/leap/bitmaskclient/ProviderAPI.java | 18 ++++----- .../main/java/se/leap/bitmaskclient/Dashboard.java | 47 ++++++++++++++-------- .../main/java/se/leap/bitmaskclient/Provider.java | 10 +++-- .../java/se/leap/bitmaskclient/eip/Constants.java | 1 + .../se/leap/bitmaskclient/ConfigurationWizard.java | 10 ++++- .../java/se/leap/bitmaskclient/ProviderAPI.java | 29 +++++++------ 7 files changed, 81 insertions(+), 50 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 20545473..9af31fd8 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -242,12 +242,15 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download void onItemSelected(int position) { //TODO Code 2 pane view selected_provider = adapter.getItem(position); + onItemSelectedLogic(selected_provider); onItemSelectedUi(selected_provider); + } - boolean danger_on = true; - if(preferences.contains(ProviderItem.DANGER_ON)) - danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); - setUpProvider(selected_provider.mainUrl(), danger_on); + private void onItemSelectedLogic(Provider selected_provider) { + boolean danger_on = true; + if(preferences.contains(ProviderItem.DANGER_ON)) + danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); + setUpProvider(selected_provider.mainUrl(), danger_on); } private void onItemSelectedUi(Provider provider) { @@ -255,6 +258,8 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download adapter.hideAllBut(adapter.indexOf(provider)); } + + @Override public void onBackPressed() { if(setting_up_provider) { @@ -395,7 +400,8 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download private void autoSelectProvider(Provider provider, boolean danger_on) { preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); selected_provider = provider; - //onItemSelectedUi(selected_provider); + onItemSelectedLogic(selected_provider); + onItemSelectedUi(selected_provider); } /** diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index a89ef357..52a424f4 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -32,7 +32,6 @@ import org.apache.http.client.ClientProtocolException; import org.json.*; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.eip.*; /** @@ -59,11 +58,10 @@ public class ProviderAPI extends IntentService { ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = ProviderAPI.class.getSimpleName(); + TAG = ProviderAPI.class.getSimpleName() ; final public static int - CUSTOM_PROVIDER_ADDED = 0, SRP_AUTHENTICATION_SUCCESSFUL = 3, SRP_AUTHENTICATION_FAILED = 4, SRP_REGISTRATION_SUCCESSFUL = 5, @@ -73,9 +71,7 @@ public class ProviderAPI extends IntentService { CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, PROVIDER_OK = 11, - PROVIDER_NOK = 12, - CORRECTLY_DOWNLOADED_ANON_CERTIFICATE = 13, - INCORRECTLY_DOWNLOADED_ANON_CERTIFICATE = 14 + PROVIDER_NOK = 12 ; private static boolean @@ -128,11 +124,11 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "no provider")); provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); + setting_up_provider = true; } catch (JSONException e) { + setting_up_provider = false; } } - - setting_up_provider = true; if(action.equalsIgnoreCase(SET_UP_PROVIDER)) { Bundle result = setUpProvider(parameters); @@ -370,7 +366,7 @@ public class ProviderAPI extends IntentService { * Sends an HTTP POST request to the api server to register a new user. * @param server_url * @param username - * @param salted_password + * @param salt * @param password_verifier * @return response from authentication server */ @@ -491,6 +487,7 @@ public class ProviderAPI extends IntentService { last_danger_on = task.getBoolean(ProviderItem.DANGER_ON); last_provider_main_url = task.getString(Provider.MAIN_URL); CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; + setting_up_provider = true; } if(!PROVIDER_JSON_DOWNLOADED) @@ -694,7 +691,7 @@ public class ProviderAPI extends IntentService { /** * Tries to download the contents of the provided url using not commercially validated CA certificate from chosen provider. - * @param url as a string + * @param url_string as a string * @param danger_on true to download CA certificate in case it has not been downloaded. * @return an empty string if it fails, the url content if not. */ @@ -818,7 +815,6 @@ public class ProviderAPI extends IntentService { /** * Logs out from the api url retrieved from the task. - * @param task containing api url from which the user will log out * @return true if there were no exceptions */ private boolean logOut() { diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index e3bd9b7d..b84b834c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -37,6 +37,9 @@ import android.widget.TextView; import org.json.JSONException; import org.json.JSONObject; +import java.net.MalformedURLException; +import java.net.URL; + import de.blinkt.openvpn.activities.LogWindow; import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.eip.EIP; @@ -74,6 +77,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf private Provider provider; private static boolean authed_eip; + @Override + protected void onSaveInstanceState(Bundle outState) { + if(provider != null) + outState.putParcelable(Provider.KEY, provider); + super.onSaveInstanceState(outState); + } + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); @@ -88,7 +98,19 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - if (provider == null) + if(savedInstanceState != null) + provider = savedInstanceState.getParcelable(Provider.KEY); + if(provider == null && preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) + try { + provider = new Provider(new URL(preferences.getString(Provider.MAIN_URL, ""))); + provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); + } catch (MalformedURLException e) { + e.printStackTrace(); + } catch (JSONException e) { + e.printStackTrace(); + } + + if (provider == null || provider.getName().isEmpty()) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); @@ -116,16 +138,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf Log.d(TAG, "Handle version didn't find any " + getPackageName() + " package"); } } - - @Override - protected void onDestroy() { - - super.onDestroy(); - } - - protected void onPause() { - super.onPause(); - } @Override protected void onActivityResult(int requestCode, int resultCode, Intent data){ @@ -137,8 +149,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); - if (data.hasExtra(Provider.KEY)) + if (data.hasExtra(Provider.KEY)) { provider = data.getParcelableExtra(Provider.KEY); + preferences.edit().putBoolean(Constants.PROVIDER_CONFIGURED, true).commit(); + preferences.edit().putString(Provider.MAIN_URL, provider.mainUrl().toString()).apply(); + preferences.edit().putString(Provider.KEY, provider.definition().toString()).apply(); + } buildDashboard(false); invalidateOptionsMenu(); if (data.hasExtra(LogInDialog.TAG)) { @@ -172,7 +188,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf .setNegativeButton(getResources().getString(R.string.setup_error_close_button), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - preferences.edit().remove(Provider.KEY).apply(); + preferences.edit().remove(Provider.KEY).remove(Constants.PROVIDER_CONFIGURED).apply(); finish(); } }) @@ -194,9 +210,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if ( provider.hasEIP()){ - EipServiceFragment eip_fragment = (EipServiceFragment) fragment_manager.findFragmentByTag(EipServiceFragment.TAG); - if(eip_fragment == null) - eip_fragment = new EipServiceFragment(); + fragment_manager.removePreviousFragment(EipServiceFragment.TAG); + EipServiceFragment eip_fragment = new EipServiceFragment(); if (hide_and_turn_on_eip) { preferences.edit().remove(Dashboard.START_ON_BOOT).apply(); diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index dd679bb2..0b021b84 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -100,6 +100,8 @@ public final class Provider implements Parcelable { definition = provider_json; } + protected JSONObject definition() { return definition; } + protected String getDomain(){ return main_url.getHost(); } @@ -111,14 +113,16 @@ public final class Provider implements Parcelable { protected String getName(){ // Should we pass the locale in, or query the system here? String lang = Locale.getDefault().getLanguage(); - String name = "Null"; // Should it actually /be/ null, for error conditions? + String name = ""; try { if(definition != null) name = definition.getJSONObject(API_TERM_NAME).getString(lang); else throw new JSONException("Provider not defined"); } catch (JSONException e) { - String host = main_url.getHost(); - name = host.substring(0, host.indexOf(".")); + if(main_url != null) { + String host = main_url.getHost(); + name = host.substring(0, host.indexOf(".")); + } } return name; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index e1a7e616..01a83d5f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -43,5 +43,6 @@ public interface Constants { public final static String RECEIVER_TAG = TAG + ".RECEIVER_TAG"; public final static String REQUEST_TAG = TAG + ".REQUEST_TAG"; public final static String START_BLOCKING_VPN_PROFILE = TAG + ".START_BLOCKING_VPN_PROFILE"; + public final static String PROVIDER_CONFIGURED = TAG + ".PROVIDER_CONFIGURED"; } diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index d54b9a30..ef7986f1 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -251,7 +251,11 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download //TODO Code 2 pane view selected_provider = adapter.getItem(position); onItemSelectedUi(selected_provider); - setUpProvider(selected_provider.mainUrl()); + onItemSelectedLogic(selected_provider); + } + + private void onItemSelectedLogic(Provider selected_provider) { + setUpProvider(selected_provider.mainUrl()); } private void onItemSelectedUi(Provider provider) { @@ -402,7 +406,8 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download private void autoSelectProvider(Provider provider) { selected_provider = provider; - //onItemSelected(provider); + onItemSelectedUi(selected_provider); + onItemSelectedLogic(selected_provider); } /** @@ -469,6 +474,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download @Override public void login() { Intent ask_login = new Intent(); + ask_login.putExtra(Provider.KEY, selected_provider); ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); setResult(RESULT_OK, ask_login); setting_up_provider = false; diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index 0fa60550..fc74b702 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -58,7 +58,7 @@ public class ProviderAPI extends IntentService { ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = ProviderAPI.class.getSimpleName(); + TAG = ProviderAPI.class.getSimpleName() ; final public static int @@ -72,9 +72,7 @@ public class ProviderAPI extends IntentService { CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, PROVIDER_OK = 11, - PROVIDER_NOK = 12, - CORRECTLY_DOWNLOADED_ANON_CERTIFICATE = 13, - INCORRECTLY_DOWNLOADED_ANON_CERTIFICATE = 14 + PROVIDER_NOK = 12 ; private static boolean @@ -100,14 +98,9 @@ public class ProviderAPI extends IntentService { @Override public void onCreate() { super.onCreate(); + preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ORIGINAL_SERVER)); - if(provider_api_url == null && preferences.contains(Provider.KEY)) { - try { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); - } catch (JSONException e) {} - } } public static String lastProviderMainUrl() { @@ -123,7 +116,16 @@ public class ProviderAPI extends IntentService { final ResultReceiver receiver = command.getParcelableExtra(RECEIVER_KEY); String action = command.getAction(); Bundle parameters = command.getBundleExtra(PARAMETERS); - setting_up_provider = true; + + if(provider_api_url == null && preferences.contains(Provider.KEY)) { + try { + JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); + provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); + setting_up_provider = true; + } catch (JSONException e) { + setting_up_provider = false; + } + } if(action.equalsIgnoreCase(SET_UP_PROVIDER)) { Bundle result = setUpProvider(parameters); @@ -360,7 +362,7 @@ public class ProviderAPI extends IntentService { * Sends an HTTP POST request to the api server to register a new user. * @param server_url * @param username - * @param salted_password + * @param salt * @param password_verifier * @return response from authentication server */ @@ -477,6 +479,7 @@ public class ProviderAPI extends IntentService { if(task != null && task.containsKey(Provider.MAIN_URL)) { last_provider_main_url = task.getString(Provider.MAIN_URL); CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; + setting_up_provider = true; } if(!PROVIDER_JSON_DOWNLOADED) @@ -684,7 +687,7 @@ public class ProviderAPI extends IntentService { /** * Tries to download the contents of the provided url using not commercially validated CA certificate from chosen provider. - * @param url as a string + * @param url_string as a string * @return an empty string if it fails, the url content if not. */ private String downloadWithProviderCA(String url_string) { -- cgit v1.2.3 From 7bbb5b69717393d87869ae6f16d6aff0578a81bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 15:58:09 +0100 Subject: Save custom providers to sdcard. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 14 +--- .../main/java/se/leap/bitmaskclient/Provider.java | 19 +++-- .../se/leap/bitmaskclient/ProviderListAdapter.java | 5 ++ .../se/leap/bitmaskclient/ProviderManager.java | 98 +++++++++++++++++----- .../se/leap/bitmaskclient/ConfigurationWizard.java | 20 +---- 5 files changed, 104 insertions(+), 52 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 9af31fd8..2e3fb8f1 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -108,7 +108,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - provider_manager = new ProviderManager(getAssets()); + provider_manager = ProviderManager.getInstance(getAssets(), getExternalFilesDir(null)); setUpInitialUI(); @@ -158,15 +158,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download private void setUpProviderList() { initProviderList(); - // provider_list_fragment = ProviderListFragment.newInstance(); - - // Bundle arguments = new Bundle(); - // int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); - // if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) - // arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); - - // provider_list_fragment.setArguments(arguments); - } @Override @@ -390,7 +381,8 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void showAndSelectProvider(String provider_main_url, boolean danger_on) { try { selected_provider = new Provider(new URL((provider_main_url))); - provider_manager.add(selected_provider); + adapter.add(selected_provider); + adapter.saveProviders(); autoSelectProvider(selected_provider, danger_on); } catch (MalformedURLException e) { e.printStackTrace(); diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 0b021b84..a7ede2d1 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -26,6 +26,7 @@ import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; +import java.io.File; import java.io.Serializable; import java.net.MalformedURLException; import java.net.URL; @@ -40,7 +41,6 @@ public final class Provider implements Parcelable { private JSONObject definition; // Represents our Provider's provider.json private URL main_url; - private boolean is_custom = false; final public static String API_URL = "api_uri", @@ -72,6 +72,9 @@ public final class Provider implements Parcelable { this.main_url = main_url; } + public Provider(File provider_file) { + + } public static final Parcelable.Creator CREATOR = new Parcelable.Creator() { public Provider createFromParcel(Parcel in) { @@ -168,10 +171,6 @@ public final class Provider implements Parcelable { return false; } - protected boolean isCustom() { - return is_custom; - } - @Override public int describeContents() { return 0; @@ -191,4 +190,14 @@ public final class Provider implements Parcelable { return p.mainUrl().equals(mainUrl()); } else return false; } + + public JSONObject toJson() { + JSONObject json = new JSONObject(); + try { + json.put(Provider.MAIN_URL, main_url); + } catch (JSONException e) { + e.printStackTrace(); + } + return json; + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 8360954b..72ca15c7 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -120,4 +120,9 @@ public class ProviderListAdapter extends RendererAdapter { public View getView(int position, View convertView, ViewGroup parent) { return super.getView(getRealPosition(position), convertView, parent); } + + public void saveProviders() { + ProviderManager provider_manager = (ProviderManager) getCollection(); + provider_manager.saveCustomProvidersToFile(); + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java index 59507d9c..911144f7 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java @@ -7,6 +7,11 @@ import com.pedrogomez.renderers.AdapteeCollection; import org.json.JSONException; import org.json.JSONObject; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileReader; +import java.io.FileWriter; import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; @@ -22,51 +27,89 @@ import java.util.Set; public class ProviderManager implements AdapteeCollection { private AssetManager assets_manager; + private File external_files_dir; private Set default_providers; private Set custom_providers; + private static ProviderManager instance; + final protected static String URLS = "urls"; + public static ProviderManager getInstance(AssetManager assets_manager, File external_files_dir) { + if(instance == null) + instance = new ProviderManager(assets_manager); + + instance.addCustomProviders(external_files_dir); + return instance; + } + public ProviderManager(AssetManager assets_manager) { this.assets_manager = assets_manager; - default_providers = default_providers(); - custom_providers = new HashSet(); + addDefaultProviders(assets_manager); } - /** - * Loads providers data from url files contained in the assets folder - * @return true if the files were correctly read - */ - private Set default_providers() { + private void addDefaultProviders(AssetManager assets_manager) { + try { + default_providers = providersFromAssets(URLS, assets_manager.list(URLS)); + } catch (IOException e) { + e.printStackTrace(); + } + } + + private Set providersFromAssets(String directory, String[] relative_file_paths) { Set providers = new HashSet(); try { - for(String file : assets_manager.list(URLS)) { - String main_url = extractProviderMainUrlFromAssetsFile(URLS + "/" + file); + for(String file : relative_file_paths) { + String main_url = extractMainUrlFromInputStream(assets_manager.open(directory + "/" + file)); providers.add(new Provider(new URL(main_url))); - } + } } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } + return providers; + } + + + private void addCustomProviders(File external_files_dir) { + this.external_files_dir = external_files_dir; + custom_providers = external_files_dir.isDirectory() ? + providersFromFiles(external_files_dir.list()) : + new HashSet(); + } + + private Set providersFromFiles(String[] files) { + Set providers = new HashSet(); + try { + for(String file : files) { + String main_url = extractMainUrlFromInputStream(new FileInputStream(external_files_dir.getAbsolutePath() + "/" + file)); + providers.add(new Provider(new URL(main_url))); + } + } catch (MalformedURLException e) { + e.printStackTrace(); + } catch (FileNotFoundException e) { + e.printStackTrace(); + } return providers; } - private String extractProviderMainUrlFromAssetsFile(String file_path) { - String provider_main_url = ""; + private String extractMainUrlFromInputStream(InputStream input_stream_file_contents) { + String main_url = ""; + byte[] bytes = new byte[0]; try { - InputStream input_stream_file_contents = assets_manager.open(file_path); - byte[] urls_file_bytes = new byte[input_stream_file_contents.available()]; - if(input_stream_file_contents.read(urls_file_bytes) > 0) { - String urls_file_content = new String(urls_file_bytes); - JSONObject file_contents = new JSONObject(urls_file_content); - provider_main_url = file_contents.getString(Provider.MAIN_URL); + bytes = new byte[input_stream_file_contents.available()]; + if(input_stream_file_contents.read(bytes) > 0) { + JSONObject file_contents = new JSONObject(new String(bytes)); + main_url = file_contents.getString(Provider.MAIN_URL); } - } catch (JSONException e) { } catch (IOException e) { + e.printStackTrace(); + } catch (JSONException e) { + e.printStackTrace(); } - return provider_main_url; + return main_url; } public Set providers() { @@ -117,4 +160,19 @@ public class ProviderManager implements AdapteeCollection { default_providers.clear(); custom_providers.clear(); } + + protected void saveCustomProvidersToFile() { + try { + for (Provider provider : custom_providers) { + File provider_file = new File(external_files_dir, provider.getName() + ".json"); + if(!provider_file.exists()) { + FileWriter writer = new FileWriter(provider_file); + writer.write(provider.toJson().toString()); + writer.close(); + } + } + } catch (IOException e) { + e.printStackTrace(); + } + } } diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index ef7986f1..42736444 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -24,12 +24,11 @@ import android.widget.*; import com.pedrogomez.renderers.*; -import java.io.*; import java.net.*; import java.util.*; import butterknife.*; -import org.jetbrains.annotations.NotNull; + import org.json.*; import javax.inject.Inject; @@ -38,8 +37,6 @@ import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.FragmentManagerEnhanced; import se.leap.bitmaskclient.eip.Constants; /** @@ -112,7 +109,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download super.onCreate(savedInstanceState); preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - provider_manager = new ProviderManager(getAssets()); + provider_manager = ProviderManager.getInstance(getAssets(), getExternalFilesDir(null)); setUpInitialUI(); @@ -163,16 +160,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download private void setUpProviderList() { initProviderList(); - // provider_list_fragment = ProviderListFragment.newInstance(); - - // Bundle arguments = new Bundle(); - // int configuration_wizard_request_code = getIntent().getIntExtra(Dashboard.REQUEST_CODE, -1); - // if(configuration_wizard_request_code == Dashboard.SWITCH_PROVIDER) - // arguments.putBoolean(ProviderListFragment.SHOW_ALL_PROVIDERS, true); - - // provider_list_fragment.setArguments(arguments); - - // putProviderListFragment(); } private void putProviderListFragment() { @@ -397,7 +384,8 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void showAndSelectProvider(String provider_main_url) { try { selected_provider = new Provider(new URL((provider_main_url))); - provider_manager.add(selected_provider); + adapter.add(selected_provider); + adapter.saveProviders(); autoSelectProvider(selected_provider); } catch (MalformedURLException e) { e.printStackTrace(); -- cgit v1.2.3 From e980e1f888f29806ab0933495fdb0dd383c944e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 16:22:28 +0100 Subject: No duplicated providers. --- app/src/main/java/se/leap/bitmaskclient/Provider.java | 5 +++++ .../main/java/se/leap/bitmaskclient/ProviderListAdapter.java | 10 ++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index a7ede2d1..f22a4bfb 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -200,4 +200,9 @@ public final class Provider implements Parcelable { } return json; } + + @Override + public int hashCode() { + return main_url.hashCode(); + } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 72ca15c7..19a9a089 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -90,10 +90,12 @@ public class ProviderListAdapter extends RendererAdapter { @Override public void add(Provider item) { super.add(item); - boolean[] new_hidden = new boolean[hidden.length+1]; - System.arraycopy(hidden, 0, new_hidden, 0, hidden.length); - new_hidden[hidden.length] = false; - hidden = new_hidden; + if(getCollection().size() < hidden.length) { + boolean[] new_hidden = new boolean[hidden.length + 1]; + System.arraycopy(hidden, 0, new_hidden, 0, hidden.length); + new_hidden[hidden.length] = false; + hidden = new_hidden; + } } @Override -- cgit v1.2.3 From 062e4c4597f947816282b1c9c5e63c034549f057 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 18:57:35 +0100 Subject: Final refactoring for this bug. Removed the sign up dialog, log in one is enough with the third button I added some time ago to sign up. Removed classes we don't need due to the libraries I have recently introduced. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 2 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 28 +-- .../main/java/se/leap/bitmaskclient/Dashboard.java | 148 ++++++-------- .../se/leap/bitmaskclient/EipServiceFragment.java | 107 +++++----- .../java/se/leap/bitmaskclient/LogInDialog.java | 144 -------------- .../leap/bitmaskclient/ProviderListFragment.java | 216 --------------------- .../java/se/leap/bitmaskclient/SessionDialog.java | 159 +++++++++++++++ .../leap/bitmaskclient/SessionDialogInterface.java | 37 ---- .../java/se/leap/bitmaskclient/SignUpDialog.java | 132 ------------- .../main/res/layout-xlarge/client_dashboard.xml | 69 ------- app/src/main/res/layout-xlarge/dashboard.xml | 69 +++++++ .../res/layout-xlarge/eip_service_fragment.xml | 35 +--- app/src/main/res/layout-xlarge/log_in_dialog.xml | 39 ---- .../res/layout-xlarge/provider_list_fragment.xml | 16 -- app/src/main/res/layout-xlarge/session_dialog.xml | 39 ++++ app/src/main/res/layout/client_dashboard.xml | 51 ----- app/src/main/res/layout/dashboard.xml | 52 +++++ app/src/main/res/layout/eip_service_fragment.xml | 40 +--- app/src/main/res/layout/log_in_dialog.xml | 41 ---- app/src/main/res/layout/provider_list_fragment.xml | 15 -- app/src/main/res/layout/session_dialog.xml | 42 ++++ .../se/leap/bitmaskclient/ConfigurationWizard.java | 7 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 29 +-- 23 files changed, 521 insertions(+), 996 deletions(-) delete mode 100644 app/src/main/java/se/leap/bitmaskclient/LogInDialog.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java create mode 100644 app/src/main/java/se/leap/bitmaskclient/SessionDialog.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java delete mode 100644 app/src/main/res/layout-xlarge/client_dashboard.xml create mode 100644 app/src/main/res/layout-xlarge/dashboard.xml delete mode 100644 app/src/main/res/layout-xlarge/log_in_dialog.xml delete mode 100644 app/src/main/res/layout-xlarge/provider_list_fragment.xml create mode 100644 app/src/main/res/layout-xlarge/session_dialog.xml delete mode 100644 app/src/main/res/layout/client_dashboard.xml create mode 100644 app/src/main/res/layout/dashboard.xml delete mode 100644 app/src/main/res/layout/log_in_dialog.xml delete mode 100644 app/src/main/res/layout/provider_list_fragment.xml create mode 100644 app/src/main/res/layout/session_dialog.xml (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 2e3fb8f1..63185d12 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -455,7 +455,7 @@ n * @param provider_main_url @Override public void login() { Intent ask_login = new Intent(); - ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); + ask_login.putExtra(SessionDialog.TAG, SessionDialog.TAG); ask_login.putExtra(Provider.KEY, selected_provider); setResult(RESULT_OK, ask_login); setting_up_provider = false; diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index 52a424f4..9ac5ff66 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -172,8 +172,8 @@ public class ProviderAPI extends IntentService { Bundle session_id_bundle = new Bundle(); int progress = 0; - String username = (String) task.get(SessionDialogInterface.USERNAME); - String password = (String) task.get(SessionDialogInterface.PASSWORD); + String username = (String) task.get(SessionDialog.USERNAME); + String password = (String) task.get(SessionDialog.PASSWORD); if(validUserLoginData(username, password)) { session_id_bundle = register(username, password); @@ -181,12 +181,12 @@ public class ProviderAPI extends IntentService { } else { if(!wellFormedPassword(password)) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putString(SessionDialogInterface.USERNAME, username); - session_id_bundle.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); + session_id_bundle.putString(SessionDialog.USERNAME, username); + session_id_bundle.putBoolean(SessionDialog.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); + session_id_bundle.putBoolean(SessionDialog.USERNAME_MISSING, true); } } @@ -205,8 +205,8 @@ public class ProviderAPI extends IntentService { if(api_result.has(ERRORS)) result = authFailedNotification(api_result, username); else { - result.putString(SessionDialogInterface.USERNAME, username); - result.putString(SessionDialogInterface.PASSWORD, password); + result.putString(SessionDialog.USERNAME, username); + result.putString(SessionDialog.PASSWORD, password); result.putBoolean(RESULT_KEY, true); } @@ -222,20 +222,20 @@ public class ProviderAPI extends IntentService { Bundle result = new Bundle(); int progress = 0; - String username = (String) task.get(SessionDialogInterface.USERNAME); - String password = (String) task.get(SessionDialogInterface.PASSWORD); + String username = (String) task.get(SessionDialog.USERNAME); + String password = (String) task.get(SessionDialog.PASSWORD); if(validUserLoginData(username, password)) { result = authenticate(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialogInterface.USERNAME, username); - result.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); + result.putString(SessionDialog.USERNAME, username); + result.putBoolean(SessionDialog.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { result.putBoolean(RESULT_KEY, false); - result.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); + result.putBoolean(SessionDialog.USERNAME_MISSING, true); } } @@ -265,7 +265,7 @@ public class ProviderAPI extends IntentService { } } else { result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialogInterface.USERNAME, username); + result.putString(SessionDialog.USERNAME, username); result.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_srp_math_error_user_message)); } } catch (JSONException e) { @@ -296,7 +296,7 @@ public class ProviderAPI extends IntentService { } catch(JSONException e) {} if(!username.isEmpty()) - user_notification_bundle.putString(SessionDialogInterface.USERNAME, username); + user_notification_bundle.putString(SessionDialog.USERNAME, username); user_notification_bundle.putBoolean(RESULT_KEY, false); return user_notification_bundle; diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index b84b834c..c7691ed4 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -40,6 +40,8 @@ import org.json.JSONObject; import java.net.MalformedURLException; import java.net.URL; +import butterknife.ButterKnife; +import butterknife.InjectView; import de.blinkt.openvpn.activities.LogWindow; import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.eip.EIP; @@ -52,7 +54,7 @@ import se.leap.bitmaskclient.eip.EipStatus; * @author Sean Leonard * @author parmegv */ -public class Dashboard extends Activity implements LogInDialog.LogInDialogInterface, SignUpDialog.SignUpDialogInterface, ProviderAPIResultReceiver.Receiver { +public class Dashboard extends Activity implements SessionDialog.LogInDialogInterface, ProviderAPIResultReceiver.Receiver { protected static final int CONFIGURE_LEAP = 0; protected static final int SWITCH_PROVIDER = 1; @@ -70,12 +72,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected static SharedPreferences preferences; private FragmentManagerEnhanced fragment_manager; - private ProgressBar mProgressBar; - private TextView status_message; - public ProviderAPIResultReceiver providerAPI_result_receiver; + @InjectView(R.id.providerName) + TextView provider_name; + EipServiceFragment eip_fragment; private Provider provider; private static boolean authed_eip; + public ProviderAPIResultReceiver providerAPI_result_receiver; @Override protected void onSaveInstanceState(Bundle outState) { @@ -91,8 +94,6 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf app = this; PRNGFixes.apply(); - - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); @@ -157,7 +158,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } buildDashboard(false); invalidateOptionsMenu(); - if (data.hasExtra(LogInDialog.TAG)) { + if (data.hasExtra(SessionDialog.TAG)) { logInDialog(Bundle.EMPTY); } } else if (resultCode == RESULT_CANCELED && data.hasExtra(ACTION_QUIT)) { @@ -200,24 +201,21 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * service dependent UI elements to include. */ private void buildDashboard(boolean hide_and_turn_on_eip) { - setContentView(R.layout.client_dashboard); - - TextView providerNameTV = (TextView) findViewById(R.id.providerName); - providerNameTV.setText(provider.getDomain()); - providerNameTV.setTextSize(28); - - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); + setContentView(R.layout.dashboard); + ButterKnife.inject(this); + + provider_name.setText(provider.getDomain()); if ( provider.hasEIP()){ fragment_manager.removePreviousFragment(EipServiceFragment.TAG); - EipServiceFragment eip_fragment = new EipServiceFragment(); + eip_fragment = new EipServiceFragment(); if (hide_and_turn_on_eip) { preferences.edit().remove(Dashboard.START_ON_BOOT).apply(); Bundle arguments = new Bundle(); arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); - eip_fragment.setArguments(arguments); + if(eip_fragment != null) eip_fragment.setArguments(arguments); } fragment_manager.replace(R.id.servicesCollection, eip_fragment, EipServiceFragment.TAG); @@ -279,10 +277,10 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf return true; case R.id.switch_provider: if (provider.hasEIP()){ - if (preferences.getBoolean(Constants.AUTHED_EIP, false)){ - logOut(); - } - eipStop(); + if (preferences.getBoolean(Constants.AUTHED_EIP, false)) { + logOut(); + } + eip_fragment.stopEIP(); } preferences.edit().clear().apply(); startActivityForResult(new Intent(this,ConfigurationWizard.class), SWITCH_PROVIDER); @@ -302,10 +300,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } - private Intent prepareProviderAPICommand() { - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - status_message = (TextView) findViewById(R.id.status_message); - + private Intent prepareProviderAPICommand() { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); providerAPI_result_receiver.setReceiver(this); @@ -319,12 +314,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * Shows the log in dialog. */ public void logInDialog(Bundle resultData) { - FragmentTransaction transaction = fragment_manager.removePreviousFragment(LogInDialog.TAG); + FragmentTransaction transaction = fragment_manager.removePreviousFragment(SessionDialog.TAG); - DialogFragment newFragment = LogInDialog.newInstance(); + DialogFragment newFragment = SessionDialog.newInstance(); if(resultData != null && !resultData.isEmpty()) newFragment.setArguments(resultData); - newFragment.show(transaction, LogInDialog.TAG); + newFragment.show(transaction, SessionDialog.TAG); } @Override @@ -334,12 +329,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if(parameters == null) parameters = new Bundle(); - parameters.putString(SessionDialogInterface.USERNAME, username); - parameters.putString(SessionDialogInterface.PASSWORD, password); - - mProgressBar.setVisibility(ProgressBar.VISIBLE); - status_message.setText(R.string.authenticating_message); + parameters.putString(SessionDialog.USERNAME, username); + parameters.putString(SessionDialog.PASSWORD, password); + if(eip_fragment != null) { + eip_fragment.progress_bar.setVisibility(ProgressBar.VISIBLE); + eip_fragment.status_message.setText(R.string.authenticating_message); + } provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.setAction(ProviderAPI.SRP_AUTH); startService(provider_API_command); @@ -354,12 +350,11 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf */ public void logOut() { Intent provider_API_command = prepareProviderAPICommand(); - - if(mProgressBar == null) mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - mProgressBar.setVisibility(ProgressBar.VISIBLE); - if(status_message == null) status_message = (TextView) findViewById(R.id.status_message); - status_message.setText(R.string.logout_message); - + if(eip_fragment != null) { + + eip_fragment.progress_bar.setVisibility(ProgressBar.VISIBLE); + eip_fragment.status_message.setText(R.string.logout_message); + } provider_API_command.setAction(ProviderAPI.LOG_OUT); startService(provider_API_command); } @@ -368,13 +363,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * Shows the sign up dialog. */ public void signUpDialog(Bundle resultData) { - FragmentTransaction transaction = fragment_manager.removePreviousFragment(SignUpDialog.TAG); + FragmentTransaction transaction = fragment_manager.removePreviousFragment(SessionDialog.TAG); - DialogFragment newFragment = SignUpDialog.newInstance(); + DialogFragment newFragment = SessionDialog.newInstance(); if(resultData != null && !resultData.isEmpty()) { newFragment.setArguments(resultData); } - newFragment.show(transaction, SignUpDialog.TAG); + newFragment.show(transaction, SessionDialog.TAG); } @Override @@ -384,12 +379,12 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf if(parameters == null) parameters = new Bundle(); - parameters.putString(SessionDialogInterface.USERNAME, username); - parameters.putString(SessionDialogInterface.PASSWORD, password); - - mProgressBar.setVisibility(ProgressBar.VISIBLE); - status_message.setText(R.string.signingup_message); - + parameters.putString(SessionDialog.USERNAME, username); + parameters.putString(SessionDialog.PASSWORD, password); + if(eip_fragment != null) { + eip_fragment.progress_bar.setVisibility(ProgressBar.VISIBLE); + eip_fragment.status_message.setText(R.string.signingup_message); + } provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); provider_API_command.setAction(ProviderAPI.SRP_REGISTER); startService(provider_API_command); @@ -418,8 +413,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf public void onReceiveResult(int resultCode, Bundle resultData) { Log.d(TAG, "onReceiveResult"); if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL) { - String username = resultData.getString(SessionDialogInterface.USERNAME); - String password = resultData.getString(SessionDialogInterface.PASSWORD); + String username = resultData.getString(SessionDialog.USERNAME); + String password = resultData.getString(SessionDialog.PASSWORD); logIn(username, password); } else if(resultCode == ProviderAPI.SRP_REGISTRATION_FAILED) { changeStatusMessage(resultCode); @@ -477,8 +472,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf String request = resultData.getString(Constants.REQUEST_TAG); if(request.equalsIgnoreCase(Constants.ACTION_UPDATE_EIP_SERVICE)) { if(resultCode == Activity.RESULT_OK) { - if(authed_eip) - eipStart(); + if(authed_eip && eip_fragment != null) eip_fragment.startEipFromScratch(); } } } @@ -493,17 +487,16 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf protected void onReceiveResult(int resultCode, Bundle resultData){ super.onReceiveResult(resultCode, resultData); String request = resultData.getString(Constants.REQUEST_TAG); - if(status_message == null) status_message = (TextView) findViewById(R.id.status_message); - if (request.equalsIgnoreCase(Constants.ACTION_IS_EIP_RUNNING)){ + if (request.equalsIgnoreCase(Constants.ACTION_IS_EIP_RUNNING)){ if (resultCode == Activity.RESULT_OK){ switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: status_message.setText(R.string.authentication_failed_message); break; - case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.authed_secured_status); break; - case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: status_message.setText(R.string.logged_out_message); break; - case ProviderAPI.LOGOUT_FAILED: status_message.setText(R.string.log_out_failed_message); break; + case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.authed_secured_status); break; + case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } } @@ -511,13 +504,13 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: status_message.setText(R.string.authentication_failed_message); break; - case ProviderAPI.SRP_REGISTRATION_FAILED: status_message.setText(R.string.registration_failed_message); break; + case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.SRP_REGISTRATION_FAILED: eip_fragment.status_message.setText(R.string.registration_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; - case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: status_message.setText(R.string.logged_out_message); break; - case ProviderAPI.LOGOUT_FAILED: status_message.setText(R.string.log_out_failed_message); break; + case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; + case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } } } @@ -528,11 +521,10 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf } private void hideProgressBar() { - if(mProgressBar == null) - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - - mProgressBar.setProgress(0); - mProgressBar.setVisibility(ProgressBar.GONE); + if(eip_fragment != null) { + eip_fragment.progress_bar.setProgress(0); + eip_fragment.progress_bar.setVisibility(ProgressBar.GONE); + } } /** @@ -559,20 +551,4 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf eip_intent.putExtra(Constants.RECEIVER_TAG, eip_receiver); startService(eip_intent); } - - private void eipStop(){ - EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); - eipFragment.stopEIP(); - } - - private void eipStart() { - EipServiceFragment eipFragment = (EipServiceFragment) getFragmentManager().findFragmentByTag(EipServiceFragment.TAG); - eipFragment.startEipFromScratch(); - } - - protected void showProgressBar() { - if(mProgressBar == null) - mProgressBar = (ProgressBar) findViewById(R.id.eipProgress); - mProgressBar.setVisibility(ProgressBar.VISIBLE); - } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 592a9552..a8ffda72 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -12,19 +12,22 @@ import android.util.Log; import android.view.LayoutInflater; import android.view.View; import android.view.ViewGroup; -import android.widget.CompoundButton; +import android.widget.ProgressBar; import android.widget.Switch; import android.widget.TextView; import java.util.Observable; import java.util.Observer; +import butterknife.ButterKnife; +import butterknife.InjectView; +import butterknife.OnCheckedChanged; import de.blinkt.openvpn.activities.DisconnectVPN; import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.eip.EipStatus; -public class EipServiceFragment extends Fragment implements Observer, CompoundButton.OnCheckedChangeListener { +public class EipServiceFragment extends Fragment implements Observer { public static String TAG = "se.leap.bitmask.EipServiceFragment"; @@ -33,9 +36,13 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu protected static final String STATUS_MESSAGE = TAG + ".status_message"; public static final String START_ON_BOOT = "start on boot"; - private View eipFragment; - private static Switch eipSwitch; - private TextView status_message; + private View view; + @InjectView(R.id.eipSwitch) + Switch eip_switch; + @InjectView(R.id.status_message) + TextView status_message; + @InjectView(R.id.eipProgress) + ProgressBar progress_bar; private static Activity parent_activity; private static EIPReceiver mEIPReceiver; @@ -57,35 +64,27 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu @Override public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { - - eipFragment = inflater.inflate(R.layout.eip_service_fragment, container, false); - View eipDetail = eipFragment.findViewById(R.id.eipDetail); - eipDetail.setVisibility(View.VISIBLE); - - View eipSettings = eipFragment.findViewById(R.id.eipSettings); - eipSettings.setVisibility(View.GONE); // FIXME too! + view = inflater.inflate(R.layout.eip_service_fragment, container, false); + ButterKnife.inject(this, view); if (eip_status.isConnecting()) - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); - - status_message = (TextView) eipFragment.findViewById(R.id.status_message); + eip_switch.setVisibility(View.VISIBLE); - eipSwitch = (Switch) eipFragment.findViewById(R.id.eipSwitch); - Log.d(TAG, "onCreateView, eipSwitch is checked? " + eipSwitch.isChecked()); - eipSwitch.setOnCheckedChangeListener(this); - - if(getArguments() != null && getArguments().containsKey(START_ON_BOOT) && getArguments().getBoolean(START_ON_BOOT)) + Log.d(TAG, "onCreateView, eip_switch is checked? " + eip_switch.isChecked()); + + Bundle arguments = getArguments(); + if(arguments != null && arguments.containsKey(START_ON_BOOT) && arguments.getBoolean(START_ON_BOOT)) startEipFromScratch(); if (savedInstanceState != null) { - setStatusMessage(savedInstanceState.getString(STATUS_MESSAGE)); + status_message.setText(savedInstanceState.getString(STATUS_MESSAGE)); if(savedInstanceState.getBoolean(IS_PENDING)) eip_status.setConnecting(); else if(savedInstanceState.getBoolean(IS_CONNECTED)) { eip_status.setConnectedOrDisconnected(); } } - return eipFragment; + return view; } @Override @@ -106,22 +105,16 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu protected void saveEipStatus() { boolean eip_is_on = false; Log.d(TAG, "saveEipStatus"); - if(eipSwitch.isChecked()) { + if(eip_switch.isChecked()) { eip_is_on = true; } if(parent_activity != null) Dashboard.preferences.edit().putBoolean(Dashboard.START_ON_BOOT, eip_is_on).commit(); } - - @Override - public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) { - if (buttonView.equals(eipSwitch)){ - handleSwitch(isChecked); - } - } - - private void handleSwitch(boolean isChecked) { + + @OnCheckedChanged(R.id.eipSwitch) + void handleSwitch(boolean isChecked) { if(isChecked) handleSwitchOn(); else @@ -175,31 +168,30 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu .setNegativeButton(parent_activity.getString(R.string.no), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - eipSwitch.setChecked(true); + eip_switch.setChecked(true); } }) .show(); } public void startEipFromScratch() { - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); + progress_bar.setVisibility(View.VISIBLE); + eip_switch.setVisibility(View.VISIBLE); String status = parent_activity.getString(R.string.eip_status_start_pending); - setStatusMessage(status); + status_message.setText(status); - if(!eipSwitch.isChecked()) { - eipSwitch.setChecked(true); + if(!eip_switch.isChecked()) { + eip_switch.setChecked(true); saveEipStatus(); } eipCommand(Constants.ACTION_START_EIP); } protected void stopEIP() { - View eipProgressBar = parent_activity.findViewById(R.id.eipProgress); - if(eipProgressBar != null) - eipProgressBar.setVisibility(View.GONE); - + hideProgressBar(); + String status = parent_activity.getString(R.string.eip_state_not_connected); - setStatusMessage(status); + status_message.setText(status); eipCommand(Constants.ACTION_STOP_EIP); } @@ -247,26 +239,26 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu hideProgressBar(); Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); adjustSwitch(); - setStatusMessage(parent_activity.getString(R.string.eip_state_connected)); + status_message.setText(parent_activity.getString(R.string.eip_state_connected)); } private void setDisconnectedUI(){ hideProgressBar(); adjustSwitch(); - setStatusMessage(parent_activity.getString(R.string.eip_state_not_connected)); + status_message.setText(parent_activity.getString(R.string.eip_state_not_connected)); } private void adjustSwitch() { if(eip_status.isConnected() || eip_status.isConnecting()) { - Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked? " + eipSwitch.isChecked()); - if(!eipSwitch.isChecked()) { - eipSwitch.setChecked(true); + Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked? " + eip_switch.isChecked()); + if(!eip_switch.isChecked()) { + eip_switch.setChecked(true); } } else { Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); - if(eipSwitch.isChecked()) { - eipSwitch.setChecked(false); + if(eip_switch.isChecked()) { + eip_switch.setChecked(false); } } } @@ -275,8 +267,8 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu int localizedResId = eip_status.getLocalizedResId(); String logmessage = eip_status.getLogMessage(); String prefix = parent_activity.getString(localizedResId); - - setStatusMessage(prefix + " " + logmessage); + + status_message.setText(prefix + " " + logmessage); adjustSwitch(); } @@ -287,8 +279,8 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu } private void hideProgressBar() { - if(parent_activity != null && parent_activity.findViewById(R.id.eipProgress) != null) - parent_activity.findViewById(R.id.eipProgress).setVisibility(View.GONE); + if(progress_bar != null) + progress_bar.setVisibility(View.GONE); } protected class EIPReceiver extends ResultReceiver { @@ -307,10 +299,10 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu switch (resultCode){ case Activity.RESULT_OK: Log.d(TAG, "Action start eip = Result OK"); - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.VISIBLE); + progress_bar.setVisibility(View.VISIBLE); break; case Activity.RESULT_CANCELED: - eipFragment.findViewById(R.id.eipProgress).setVisibility(View.GONE); + progress_bar.setVisibility(View.GONE); break; } } else if (request.equals(Constants.ACTION_STOP_EIP)) { @@ -337,9 +329,8 @@ public class EipServiceFragment extends Fragment implements Observer, CompoundBu case Activity.RESULT_CANCELED: Dashboard dashboard = (Dashboard) parent_activity; - dashboard.showProgressBar(); - String status = parent_activity.getString(R.string.updating_certificate_message); - setStatusMessage(status); + progress_bar.setVisibility(View.VISIBLE); + status_message.setText(getString(R.string.updating_certificate_message)); if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { dashboard.logInDialog(Bundle.EMPTY); } else { diff --git a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java b/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java deleted file mode 100644 index 5263392e..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/LogInDialog.java +++ /dev/null @@ -1,144 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.AlertDialog; -import android.app.DialogFragment; -import android.content.DialogInterface; -import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.widget.EditText; -import android.widget.TextView; - -/** - * Implements the log in dialog, currently without progress dialog. - * - * It returns to the previous fragment when finished, and sends username and password to the authenticate method. - * - * It also notifies the user if the password is not valid. - * - * @author parmegv - * - */ -public class LogInDialog extends SessionDialogInterface { - - - final public static String TAG = LogInDialog.class.getSimpleName(); - - private static LogInDialog dialog; - - private static boolean is_eip_pending = false; - - public AlertDialog onCreateDialog(Bundle savedInstanceState) { - AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); - LayoutInflater inflater = getActivity().getLayoutInflater(); - View log_in_dialog_view = inflater.inflate(R.layout.log_in_dialog, null); - - final TextView user_message = (TextView)log_in_dialog_view.findViewById(R.id.user_message); - final EditText username_field = (EditText)log_in_dialog_view.findViewById(R.id.username_entered); - final EditText password_field = (EditText)log_in_dialog_view.findViewById(R.id.password_entered); - - if(!username_field.getText().toString().isEmpty() && password_field.isFocusable()) { - password_field.requestFocus(); - } - if (getArguments() != null) { - is_eip_pending = getArguments().getBoolean(EipServiceFragment.IS_PENDING, false); - if (getArguments().containsKey(PASSWORD_INVALID_LENGTH)) - password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); - if (getArguments().containsKey(USERNAME)) { - String username = getArguments().getString(USERNAME); - username_field.setText(username); - } - if (getArguments().containsKey(USERNAME_MISSING)) { - username_field.setError(getResources().getString(R.string.username_ask)); - } - if(getArguments().containsKey(getResources().getString(R.string.user_message))) - user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); - else - user_message.setVisibility(View.GONE); - } - - builder.setView(log_in_dialog_view) - .setPositiveButton(R.string.login_button, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - String username = username_field.getText().toString(); - String password = password_field.getText().toString(); - dialog.dismiss(); - interface_with_Dashboard.logIn(username, password); - } - }) - .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - dialog.cancel(); - interface_with_Dashboard.cancelLoginOrSignup(); - } - }) - .setNeutralButton(R.string.signup_button, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - String username = username_field.getText().toString(); - String password = password_field.getText().toString(); - interface_with_Dashboard.signUp(username, password); - } - }); - - return builder.create(); - } - - /** - * Interface used to communicate LogInDialog with Dashboard. - * - * @author parmegv - * - */ - public interface LogInDialogInterface { - public void logIn(String username, String password); - public void signUp(String username, String password); - public void cancelLoginOrSignup(); - } - - LogInDialogInterface interface_with_Dashboard; - - /** - * @return a new instance of this DialogFragment. - */ - public static DialogFragment newInstance() { - if(dialog == null) - dialog = new LogInDialog(); - - return dialog; - } - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - try { - interface_with_Dashboard = (LogInDialogInterface) activity; - } catch (ClassCastException e) { - throw new ClassCastException(activity.toString() - + " must implement LogInDialogListener"); - } - } - - @Override - public void onCancel(DialogInterface dialog) { - super.onCancel(dialog); - if(is_eip_pending) - interface_with_Dashboard.cancelLoginOrSignup(); - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java deleted file mode 100644 index 875b76d7..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListFragment.java +++ /dev/null @@ -1,216 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.ListFragment; -import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.view.ViewGroup; -import android.widget.ListView; - -import butterknife.ButterKnife; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; - -/** - * A list fragment representing a list of Providers. This fragment - * also supports tablet devices by allowing list items to be given an - * 'activated' state upon selection. - *

- * Activities containing this fragment MUST implement the {@link Callbacks} - * interface. - */ -public class ProviderListFragment extends ListFragment { - - public static String TAG = "provider_list_fragment"; - public static String SHOW_ALL_PROVIDERS = "show_all_providers"; - public static String TOP_PADDING = "top padding from providerlistfragment"; - private ProviderListAdapter content_adapter; - - /** - * The serialization (saved instance state) Bundle key representing the - * activated item position. Only used on tablets. - */ - private static final String STATE_ACTIVATED_POSITION = "activated_position"; - - /** - * The fragment's current callback object, which is notified of list item - * clicks. - */ - private Callbacks mCallbacks = sDummyCallbacks; - - /** - * The current activated item position. Only used on tablets. - */ - private int mActivatedPosition = ListView.INVALID_POSITION; - - /** - * A callback interface that all activities containing this fragment must - * implement. This mechanism allows activities to be notified of item - * selections. - */ - public interface Callbacks { - /** - * Callback for when an item has been selected. - */ - public void onItemSelected(String id); - } - - /** - * A dummy implementation of the {@link Callbacks} interface that does - * nothing. Used only when this fragment is not attached to an activity. - */ - private static Callbacks sDummyCallbacks = new Callbacks() { - @Override - public void onItemSelected(String id) { - } - }; - - /** - * Mandatory empty constructor for the fragment manager to instantiate the - * fragment (e.g. upon screen orientation changes). - */ - public ProviderListFragment() { - } - - @Override - public void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - - } - - @Override - public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle bundle) { - View view = inflater.inflate(R.layout.provider_list_fragment, container, false); - ButterKnife.inject(this, view); - return view; - } - - @Override - public void onViewCreated(View view, Bundle savedInstanceState) { - super.onViewCreated(view, savedInstanceState); - - // Restore the previously serialized activated item position. - if (savedInstanceState != null - && savedInstanceState.containsKey(STATE_ACTIVATED_POSITION)) { - setActivatedPosition(savedInstanceState.getInt(STATE_ACTIVATED_POSITION)); - } - if(getArguments() != null && getArguments().containsKey(TOP_PADDING)) { - int topPadding = getArguments().getInt(TOP_PADDING); - View current_view = getView(); - current_view.setPadding(current_view.getPaddingLeft(), topPadding, current_view.getPaddingRight(), current_view.getPaddingBottom()); - } - } - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - - // Activities containing this fragment must implement its callbacks. - if (!(activity instanceof Callbacks)) { - throw new IllegalStateException("Activity must implement fragment's callbacks."); - } - - mCallbacks = (Callbacks) activity; - } - - @Override - public void onDetach() { - super.onDetach(); - - // Reset the active callbacks interface to the dummy implementation. - mCallbacks = sDummyCallbacks; - } - - @Override - public void onListItemClick(ListView listView, View view, int position, long id) { - super.onListItemClick(listView, view, position, id); - - // Notify the active callbacks interface (the activity, if the - // fragment is attached to one) that an item has been selected. - mCallbacks.onItemSelected(ProviderListContent.ITEMS.get(position).name()); - - for(int item_position = 0; item_position < listView.getCount(); item_position++) { - if(item_position != position) - content_adapter.hide(item_position); - } - } - - @Override - public void onSaveInstanceState(Bundle outState) { - super.onSaveInstanceState(outState); - if (mActivatedPosition != ListView.INVALID_POSITION) { - // Serialize and persist the activated item position. - outState.putInt(STATE_ACTIVATED_POSITION, mActivatedPosition); - } - } - - public void notifyAdapter() { - content_adapter.notifyDataSetChanged(); - } - /** - * Turns on activate-on-click mode. When this mode is on, list items will be - * given the 'activated' state when touched. - */ - public void setActivateOnItemClick(boolean activateOnItemClick) { - // When setting CHOICE_MODE_SINGLE, ListView will automatically - // give items the 'activated' state when touched. - getListView().setChoiceMode(activateOnItemClick - ? ListView.CHOICE_MODE_SINGLE - : ListView.CHOICE_MODE_NONE); - } - - private void setActivatedPosition(int position) { - if (position == ListView.INVALID_POSITION) { - getListView().setItemChecked(mActivatedPosition, false); - } else { - getListView().setItemChecked(position, true); - } - - mActivatedPosition = position; - } - - public void removeLastItem() { - content_adapter.remove(content_adapter.getItem(content_adapter.getCount()-1)); - content_adapter.notifyDataSetChanged(); - } - - public void addItem(Provider provider) { - content_adapter.add(provider); - content_adapter.notifyDataSetChanged(); - } - - public void hideAllBut(int position) { - int real_count = content_adapter.getCount(); - for(int i = 0; i < real_count;) - if(i != position) { - content_adapter.hide(i); - position--; - real_count--; - } else { - i++; - } - } - - /** - * @return a new instance of this ListFragment. - */ - public static ProviderListFragment newInstance() { - return new ProviderListFragment(); - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java new file mode 100644 index 00000000..9676faa8 --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java @@ -0,0 +1,159 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package se.leap.bitmaskclient; + +import android.app.Activity; +import android.app.AlertDialog; +import android.app.DialogFragment; +import android.content.DialogInterface; +import android.os.Bundle; +import android.view.LayoutInflater; +import android.view.View; +import android.widget.EditText; +import android.widget.TextView; + +import butterknife.ButterKnife; +import butterknife.InjectView; + +/** + * Implements the log in dialog, currently without progress dialog. + * + * It returns to the previous fragment when finished, and sends username and password to the authenticate method. + * + * It also notifies the user if the password is not valid. + * + * @author parmegv + * + */ +public class SessionDialog extends DialogFragment{ + + + final public static String TAG = SessionDialog.class.getSimpleName(); + + final public static String USERNAME = "username"; + final public static String PASSWORD = "password"; + final public static String USERNAME_MISSING = "username missing"; + final public static String PASSWORD_INVALID_LENGTH = "password_invalid_length"; + + @InjectView(R.id.user_message) + TextView user_message; + @InjectView(R.id.username_entered) + EditText username_field; + @InjectView(R.id.password_entered) + EditText password_field; + + private static SessionDialog dialog; + + private static boolean is_eip_pending = false; + + public AlertDialog onCreateDialog(Bundle savedInstanceState) { + AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); + LayoutInflater inflater = getActivity().getLayoutInflater(); + View view = inflater.inflate(R.layout.session_dialog, null); + ButterKnife.inject(this, view); + + if(!username_field.getText().toString().isEmpty() && password_field.isFocusable()) { + password_field.requestFocus(); + } + + Bundle arguments = getArguments(); + if (arguments != null) { + is_eip_pending = arguments.getBoolean(EipServiceFragment.IS_PENDING, false); + if (arguments.containsKey(PASSWORD_INVALID_LENGTH)) + password_field.setError(getString(R.string.error_not_valid_password_user_message)); + if (arguments.containsKey(USERNAME)) { + String username = arguments.getString(USERNAME); + username_field.setText(username); + } + if (arguments.containsKey(USERNAME_MISSING)) { + username_field.setError(getString(R.string.username_ask)); + } + if(arguments.containsKey(getString(R.string.user_message))) + user_message.setText(arguments.getString(getString(R.string.user_message))); + else + user_message.setVisibility(View.GONE); + } + + builder.setView(view) + .setPositiveButton(R.string.login_button, new DialogInterface.OnClickListener() { + public void onClick(DialogInterface dialog, int id) { + String username = username_field.getText().toString(); + String password = password_field.getText().toString(); + dialog.dismiss(); + interface_with_Dashboard.logIn(username, password); + } + }) + .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { + public void onClick(DialogInterface dialog, int id) { + dialog.cancel(); + interface_with_Dashboard.cancelLoginOrSignup(); + } + }) + .setNeutralButton(R.string.signup_button, new DialogInterface.OnClickListener() { + public void onClick(DialogInterface dialog, int id) { + String username = username_field.getText().toString(); + String password = password_field.getText().toString(); + interface_with_Dashboard.signUp(username, password); + } + }); + + return builder.create(); + } + + + /** + * Interface used to communicate SessionDialog with Dashboard. + * + * @author parmegv + * + */ + public interface LogInDialogInterface { + public void logIn(String username, String password); + public void signUp(String username, String password); + public void cancelLoginOrSignup(); + } + + LogInDialogInterface interface_with_Dashboard; + + /** + * @return a new instance of this DialogFragment. + */ + public static DialogFragment newInstance() { + if(dialog == null) + dialog = new SessionDialog(); + + return dialog; + } + + @Override + public void onAttach(Activity activity) { + super.onAttach(activity); + try { + interface_with_Dashboard = (LogInDialogInterface) activity; + } catch (ClassCastException e) { + throw new ClassCastException(activity.toString() + + " must implement LogInDialogListener"); + } + } + + @Override + public void onCancel(DialogInterface dialog) { + super.onCancel(dialog); + if(is_eip_pending) + interface_with_Dashboard.cancelLoginOrSignup(); + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java deleted file mode 100644 index 66b86ccd..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/SessionDialogInterface.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.DialogFragment; -import android.content.DialogInterface; - -/** - * @author parmegv - */ -public abstract class SessionDialogInterface extends DialogFragment { - final public static String USERNAME = "username"; - final public static String PASSWORD = "password"; - final public static String USERNAME_MISSING = "username missing"; - final public static String PASSWORD_INVALID_LENGTH = "password_invalid_length"; - - @Override - public void onAttach(Activity activity) { super.onAttach(activity); } - - @Override - public void onCancel(DialogInterface dialog) { super.onCancel(dialog); } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java b/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java deleted file mode 100644 index f6d6cc3f..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/SignUpDialog.java +++ /dev/null @@ -1,132 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.AlertDialog; -import android.app.DialogFragment; -import android.content.DialogInterface; -import android.os.Bundle; -import android.view.LayoutInflater; -import android.view.View; -import android.widget.EditText; -import android.widget.TextView; - -/** - * Implements the sign up dialog, currently without progress dialog. - * - * It returns to the previous fragment when finished, and sends username and password to the registration method. - * - * It also notifies the user if the password is not valid. - * - * @author parmegv - * - */ -public class SignUpDialog extends SessionDialogInterface { - - final public static String TAG = SignUpDialog.class.getSimpleName(); - - private static SignUpDialog dialog; - private static boolean is_eip_pending = false; - - public AlertDialog onCreateDialog(Bundle savedInstanceState) { - AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); - LayoutInflater inflater = getActivity().getLayoutInflater(); - View log_in_dialog_view = inflater.inflate(R.layout.log_in_dialog, null); - - final TextView user_message = (TextView)log_in_dialog_view.findViewById(R.id.user_message); - final EditText username_field = (EditText)log_in_dialog_view.findViewById(R.id.username_entered); - final EditText password_field = (EditText)log_in_dialog_view.findViewById(R.id.password_entered); - - if(!username_field.getText().toString().isEmpty() && password_field.isFocusable()) { - password_field.requestFocus(); - } - if (getArguments() != null) { - is_eip_pending = getArguments().getBoolean(EipServiceFragment.IS_PENDING, false); - if (getArguments().containsKey(PASSWORD_INVALID_LENGTH)) - password_field.setError(getResources().getString(R.string.error_not_valid_password_user_message)); - if(getArguments().containsKey(USERNAME_MISSING)) - username_field.setError(getResources().getString(R.string.username_ask)); - if(getArguments().containsKey(USERNAME)) { - String username = getArguments().getString(USERNAME); - username_field.setText(username); - } - if(getArguments().containsKey(getResources().getString(R.string.user_message))) - user_message.setText(getArguments().getString(getResources().getString(R.string.user_message))); - else - user_message.setVisibility(View.GONE); - } - - builder.setView(log_in_dialog_view) - .setPositiveButton(R.string.signup_button, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - String username = username_field.getText().toString(); - String password = password_field.getText().toString(); - dialog.dismiss(); - interface_with_Dashboard.signUp(username, password); - } - }) - .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - dialog.cancel(); - interface_with_Dashboard.cancelLoginOrSignup(); - } - }); - - return builder.create(); - } - - /** - * Interface used to communicate SignUpDialog with Dashboard. - * - * @author parmegv - * - */ - public interface SignUpDialogInterface { - public void signUp(String username, String password); - public void cancelLoginOrSignup(); - } - - SignUpDialogInterface interface_with_Dashboard; - - /** - * @return a new instance of this DialogFragment. - */ - public static DialogFragment newInstance() { - if(dialog == null) - dialog = new SignUpDialog(); - return dialog; - } - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - try { - interface_with_Dashboard = (SignUpDialogInterface) activity; - } catch (ClassCastException e) { - throw new ClassCastException(activity.toString() - + " must implement SignUpDialogListener"); - } - } - - @Override - public void onCancel(DialogInterface dialog) { - if(is_eip_pending) - interface_with_Dashboard.cancelLoginOrSignup(); - super.onCancel(dialog); - } -} diff --git a/app/src/main/res/layout-xlarge/client_dashboard.xml b/app/src/main/res/layout-xlarge/client_dashboard.xml deleted file mode 100644 index bd644e1e..00000000 --- a/app/src/main/res/layout-xlarge/client_dashboard.xml +++ /dev/null @@ -1,69 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - diff --git a/app/src/main/res/layout-xlarge/dashboard.xml b/app/src/main/res/layout-xlarge/dashboard.xml new file mode 100644 index 00000000..bd644e1e --- /dev/null +++ b/app/src/main/res/layout-xlarge/dashboard.xml @@ -0,0 +1,69 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/app/src/main/res/layout-xlarge/eip_service_fragment.xml b/app/src/main/res/layout-xlarge/eip_service_fragment.xml index d217e1a1..38b6aca3 100644 --- a/app/src/main/res/layout-xlarge/eip_service_fragment.xml +++ b/app/src/main/res/layout-xlarge/eip_service_fragment.xml @@ -37,39 +37,20 @@ android:layout_marginLeft="15dp" android:layout_marginRight="15dp" /> - - - - - + android:layout_alignParentLeft="true" + android:layout_centerVertical="true" + android:clickable="true" + android:text="@string/eip_state_not_connected" + android:textSize="16sp" /> - diff --git a/app/src/main/res/layout-xlarge/log_in_dialog.xml b/app/src/main/res/layout-xlarge/log_in_dialog.xml deleted file mode 100644 index 3a9eebb8..00000000 --- a/app/src/main/res/layout-xlarge/log_in_dialog.xml +++ /dev/null @@ -1,39 +0,0 @@ - - - - - - - - - - - - - \ No newline at end of file diff --git a/app/src/main/res/layout-xlarge/provider_list_fragment.xml b/app/src/main/res/layout-xlarge/provider_list_fragment.xml deleted file mode 100644 index 59dd37d1..00000000 --- a/app/src/main/res/layout-xlarge/provider_list_fragment.xml +++ /dev/null @@ -1,16 +0,0 @@ - - - - - diff --git a/app/src/main/res/layout-xlarge/session_dialog.xml b/app/src/main/res/layout-xlarge/session_dialog.xml new file mode 100644 index 00000000..3a9eebb8 --- /dev/null +++ b/app/src/main/res/layout-xlarge/session_dialog.xml @@ -0,0 +1,39 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/app/src/main/res/layout/client_dashboard.xml b/app/src/main/res/layout/client_dashboard.xml deleted file mode 100644 index f33ac285..00000000 --- a/app/src/main/res/layout/client_dashboard.xml +++ /dev/null @@ -1,51 +0,0 @@ - - - - - - - - - - - - - - - - diff --git a/app/src/main/res/layout/dashboard.xml b/app/src/main/res/layout/dashboard.xml new file mode 100644 index 00000000..67a1122f --- /dev/null +++ b/app/src/main/res/layout/dashboard.xml @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + diff --git a/app/src/main/res/layout/eip_service_fragment.xml b/app/src/main/res/layout/eip_service_fragment.xml index be2aa791..64d22147 100644 --- a/app/src/main/res/layout/eip_service_fragment.xml +++ b/app/src/main/res/layout/eip_service_fragment.xml @@ -22,8 +22,8 @@ android:layout_alignParentRight="true" android:layout_alignParentTop="true" android:layout_marginRight="10dp" /> - - - - - - - - - + android:clickable="true" + android:text="@string/eip_state_not_connected" /> diff --git a/app/src/main/res/layout/log_in_dialog.xml b/app/src/main/res/layout/log_in_dialog.xml deleted file mode 100644 index c8a2f0a8..00000000 --- a/app/src/main/res/layout/log_in_dialog.xml +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - - - - - - - - \ No newline at end of file diff --git a/app/src/main/res/layout/provider_list_fragment.xml b/app/src/main/res/layout/provider_list_fragment.xml deleted file mode 100644 index 70dbae0d..00000000 --- a/app/src/main/res/layout/provider_list_fragment.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - - - diff --git a/app/src/main/res/layout/session_dialog.xml b/app/src/main/res/layout/session_dialog.xml new file mode 100644 index 00000000..62215ae8 --- /dev/null +++ b/app/src/main/res/layout/session_dialog.xml @@ -0,0 +1,42 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index 42736444..c90ce481 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -58,7 +58,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download @Inject ProviderListAdapter adapter; private ProviderManager provider_manager; - private ProviderListFragment provider_list_fragment; private Intent mConfigState = new Intent(); private Provider selected_provider; @@ -162,10 +161,6 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download initProviderList(); } - private void putProviderListFragment() { - fragment_manager.replace(R.id.configuration_wizard_layout, provider_list_fragment, ProviderListFragment.TAG); - } - @Override protected void onDestroy() { super.onDestroy(); @@ -463,7 +458,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void login() { Intent ask_login = new Intent(); ask_login.putExtra(Provider.KEY, selected_provider); - ask_login.putExtra(LogInDialog.TAG, LogInDialog.TAG); + ask_login.putExtra(SessionDialog.TAG, SessionDialog.TAG); setResult(RESULT_OK, ask_login); setting_up_provider = false; finish(); diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index fc74b702..f5f27247 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -32,6 +32,7 @@ import org.apache.http.client.ClientProtocolException; import org.json.*; import se.leap.bitmaskclient.R; +import se.leap.bitmaskclient.SessionDialog; import se.leap.bitmaskclient.eip.*; /** @@ -169,8 +170,8 @@ public class ProviderAPI extends IntentService { Bundle session_id_bundle = new Bundle(); int progress = 0; - String username = (String) task.get(SessionDialogInterface.USERNAME); - String password = (String) task.get(SessionDialogInterface.PASSWORD); + String username = (String) task.get(SessionDialog.USERNAME); + String password = (String) task.get(SessionDialog.PASSWORD); if(validUserLoginData(username, password)) { session_id_bundle = register(username, password); @@ -178,12 +179,12 @@ public class ProviderAPI extends IntentService { } else { if(!wellFormedPassword(password)) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putString(SessionDialogInterface.USERNAME, username); - session_id_bundle.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); + session_id_bundle.putString(SessionDialog.USERNAME, username); + session_id_bundle.putBoolean(SessionDialog.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { session_id_bundle.putBoolean(RESULT_KEY, false); - session_id_bundle.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); + session_id_bundle.putBoolean(SessionDialog.USERNAME_MISSING, true); } } @@ -202,8 +203,8 @@ public class ProviderAPI extends IntentService { if(api_result.has(ERRORS)) result = authFailedNotification(api_result, username); else { - result.putString(SessionDialogInterface.USERNAME, username); - result.putString(SessionDialogInterface.PASSWORD, password); + result.putString(SessionDialog.USERNAME, username); + result.putString(SessionDialog.PASSWORD, password); result.putBoolean(RESULT_KEY, true); } @@ -220,20 +221,20 @@ public class ProviderAPI extends IntentService { Bundle result = new Bundle(); int progress = 0; - String username = (String) task.get(SessionDialogInterface.USERNAME); - String password = (String) task.get(SessionDialogInterface.PASSWORD); + String username = (String) task.get(SessionDialog.USERNAME); + String password = (String) task.get(SessionDialog.PASSWORD); if(validUserLoginData(username, password)) { result = authenticate(username, password); broadcast_progress(progress++); } else { if(!wellFormedPassword(password)) { result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialogInterface.USERNAME, username); - result.putBoolean(SessionDialogInterface.PASSWORD_INVALID_LENGTH, true); + result.putString(SessionDialog.USERNAME, username); + result.putBoolean(SessionDialog.PASSWORD_INVALID_LENGTH, true); } if(username.isEmpty()) { result.putBoolean(RESULT_KEY, false); - result.putBoolean(SessionDialogInterface.USERNAME_MISSING, true); + result.putBoolean(SessionDialog.USERNAME_MISSING, true); } } @@ -262,7 +263,7 @@ public class ProviderAPI extends IntentService { } } else { result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialogInterface.USERNAME, username); + result.putString(SessionDialog.USERNAME, username); result.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_srp_math_error_user_message)); } } catch (JSONException e) { @@ -293,7 +294,7 @@ public class ProviderAPI extends IntentService { } catch(JSONException e) {} if(!username.isEmpty()) - user_notification_bundle.putString(SessionDialogInterface.USERNAME, username); + user_notification_bundle.putString(SessionDialog.USERNAME, username); user_notification_bundle.putBoolean(RESULT_KEY, false); return user_notification_bundle; -- cgit v1.2.3 From 2d764ff0261e902e3b41f7f5e1d79df52e51a1ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 21:01:50 +0100 Subject: Bug in the add provider to the adapter fixed. Refactored the new provider dialog too. --- .../se/leap/bitmaskclient/ConfigurationWizard.java | 5 +- .../se/leap/bitmaskclient/NewProviderDialog.java | 73 +++++++------ .../se/leap/bitmaskclient/ProviderListAdapter.java | 2 +- .../se/leap/bitmaskclient/ConfigurationWizard.java | 5 +- .../se/leap/bitmaskclient/NewProviderDialog.java | 117 +++++++++++---------- 5 files changed, 100 insertions(+), 102 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java index 63185d12..ac2e00b8 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -333,8 +333,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download */ public void addAndSelectNewProvider() { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - DialogFragment newFragment = NewProviderDialog.newInstance(); - newFragment.show(fragment_transaction, NewProviderDialog.TAG); + new NewProviderDialog().show(fragment_transaction, NewProviderDialog.TAG); } /** @@ -343,7 +342,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void addAndSelectNewProvider(String main_url, boolean danger_on) { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - DialogFragment newFragment = NewProviderDialog.newInstance(); + DialogFragment newFragment = new NewProviderDialog(); Bundle data = new Bundle(); data.putString(Provider.MAIN_URL, main_url); data.putBoolean(ProviderItem.DANGER_ON, danger_on); diff --git a/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java b/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java index cf09c64b..8fe1c3eb 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java +++ b/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java @@ -16,14 +16,14 @@ */ package se.leap.bitmaskclient; +import butterknife.ButterKnife; +import butterknife.InjectView; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.R; import android.app.Activity; import android.app.AlertDialog; import android.app.Dialog; import android.app.DialogFragment; import android.content.DialogInterface; -import android.content.Intent; import android.os.Bundle; import android.view.LayoutInflater; import android.view.View; @@ -40,20 +40,17 @@ import android.widget.Toast; public class NewProviderDialog extends DialogFragment { final public static String TAG = "newProviderDialog"; - + + @InjectView(R.id.new_provider_url) + EditText url_input_field; + @InjectView(R.id.danger_checkbox) + CheckBox danger_checkbox; + public interface NewProviderDialogInterface { public void showAndSelectProvider(String url_provider, boolean danger_on); } NewProviderDialogInterface interface_with_ConfigurationWizard; - - /** - * @return a new instance of this DialogFragment. - */ - public static DialogFragment newInstance() { - NewProviderDialog dialog_fragment = new NewProviderDialog(); - return dialog_fragment; - } @Override public void onAttach(Activity activity) { @@ -70,36 +67,19 @@ public class NewProviderDialog extends DialogFragment { public Dialog onCreateDialog(Bundle savedInstanceState) { AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); LayoutInflater inflater = getActivity().getLayoutInflater(); - View new_provider_dialog_view = inflater.inflate(R.layout.new_provider_dialog, null); - final EditText url_input_field = (EditText)new_provider_dialog_view.findViewById(R.id.new_provider_url); - if(getArguments() != null && getArguments().containsKey(Provider.MAIN_URL)) { - url_input_field.setText(getArguments().getString(Provider.MAIN_URL)); - } - final CheckBox danger_checkbox = (CheckBox)new_provider_dialog_view.findViewById(R.id.danger_checkbox); - if(getArguments() != null && getArguments().containsKey(ProviderItem.DANGER_ON)) { - danger_checkbox.setActivated(getArguments().getBoolean(ProviderItem.DANGER_ON)); - } + View view = inflater.inflate(R.layout.new_provider_dialog, null); + ButterKnife.inject(this, view); + Bundle arguments = getArguments(); + if(arguments != null) { + url_input_field.setText(arguments.getString(Provider.MAIN_URL, "")); + danger_checkbox.setActivated(arguments.getBoolean(ProviderItem.DANGER_ON, false)); + } - builder.setView(new_provider_dialog_view) + builder.setView(view) .setMessage(R.string.introduce_new_provider) .setPositiveButton(R.string.save, new DialogInterface.OnClickListener() { public void onClick(DialogInterface dialog, int id) { - String entered_url = url_input_field.getText().toString().trim(); - if(!entered_url.startsWith("https://")) { - if (entered_url.startsWith("http://")){ - entered_url = entered_url.substring("http://".length()); - } - entered_url = "https://".concat(entered_url); - } - boolean danger_on = danger_checkbox.isChecked(); - if(validURL(entered_url)) { - interface_with_ConfigurationWizard.showAndSelectProvider(entered_url, danger_on); - Toast.makeText(getActivity().getApplicationContext(), R.string.valid_url_entered, Toast.LENGTH_LONG).show(); - } else { - url_input_field.setText(""); - danger_checkbox.setChecked(false); - Toast.makeText(getActivity().getApplicationContext(), R.string.not_valid_url_entered, Toast.LENGTH_LONG).show();; - } + saveProvider(); } }) .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { @@ -111,6 +91,25 @@ public class NewProviderDialog extends DialogFragment { return builder.create(); } + private void saveProvider() { + String entered_url = url_input_field.getText().toString().trim(); + if(!entered_url.startsWith("https://")) { + if (entered_url.startsWith("http://")){ + entered_url = entered_url.substring("http://".length()); + } + entered_url = "https://".concat(entered_url); + } + boolean danger_on = danger_checkbox.isChecked(); + if(validURL(entered_url)) { + interface_with_ConfigurationWizard.showAndSelectProvider(entered_url, danger_on); + Toast.makeText(getActivity().getApplicationContext(), R.string.valid_url_entered, Toast.LENGTH_LONG).show(); + } else { + url_input_field.setText(""); + danger_checkbox.setChecked(false); + Toast.makeText(getActivity().getApplicationContext(), R.string.not_valid_url_entered, Toast.LENGTH_LONG).show();; + } + } + /** * Checks if the entered url is valid or not. * @param entered_url diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java index 19a9a089..c63e2edb 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderListAdapter.java @@ -90,7 +90,7 @@ public class ProviderListAdapter extends RendererAdapter { @Override public void add(Provider item) { super.add(item); - if(getCollection().size() < hidden.length) { + if(getCollection().size() > hidden.length) { boolean[] new_hidden = new boolean[hidden.length + 1]; System.arraycopy(hidden, 0, new_hidden, 0, hidden.length); new_hidden[hidden.length] = false; diff --git a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java index c90ce481..73de29bc 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ b/app/src/release/java/se/leap/bitmaskclient/ConfigurationWizard.java @@ -331,8 +331,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download */ public void addAndSelectNewProvider() { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - DialogFragment newFragment = NewProviderDialog.newInstance(); - newFragment.show(fragment_transaction, NewProviderDialog.TAG); + new NewProviderDialog().show(fragment_transaction, NewProviderDialog.TAG); } /** @@ -341,7 +340,7 @@ implements NewProviderDialogInterface, ProviderDetailFragmentInterface, Download public void addAndSelectNewProvider(String main_url) { FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - DialogFragment newFragment = NewProviderDialog.newInstance(); + DialogFragment newFragment = new NewProviderDialog(); Bundle data = new Bundle(); data.putString(Provider.MAIN_URL, main_url); newFragment.setArguments(data); diff --git a/app/src/release/java/se/leap/bitmaskclient/NewProviderDialog.java b/app/src/release/java/se/leap/bitmaskclient/NewProviderDialog.java index 7ed1940e..f6709c22 100644 --- a/app/src/release/java/se/leap/bitmaskclient/NewProviderDialog.java +++ b/app/src/release/java/se/leap/bitmaskclient/NewProviderDialog.java @@ -1,6 +1,6 @@ /** * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * + * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or @@ -14,16 +14,16 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ - package se.leap.bitmaskclient; +package se.leap.bitmaskclient; +import butterknife.ButterKnife; +import butterknife.InjectView; import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.R; import android.app.Activity; import android.app.AlertDialog; import android.app.Dialog; import android.app.DialogFragment; import android.content.DialogInterface; -import android.content.Intent; import android.os.Bundle; import android.view.LayoutInflater; import android.view.View; @@ -33,33 +33,28 @@ import android.widget.Toast; /** * Implements the new custom provider dialog. - * + * * @author parmegv * */ public class NewProviderDialog extends DialogFragment { final public static String TAG = "newProviderDialog"; - - public interface NewProviderDialogInterface { + + @InjectView(R.id.new_provider_url) + EditText url_input_field; + + public interface NewProviderDialogInterface { public void showAndSelectProvider(String url_provider); } - NewProviderDialogInterface interface_with_ConfigurationWizard; + NewProviderDialogInterface interface_with_ConfigurationWizard; - /** - * @return a new instance of this DialogFragment. - */ - public static DialogFragment newInstance() { - NewProviderDialog dialog_fragment = new NewProviderDialog(); - return dialog_fragment; - } - @Override public void onAttach(Activity activity) { super.onAttach(activity); try { - interface_with_ConfigurationWizard = (NewProviderDialogInterface) activity; + interface_with_ConfigurationWizard = (NewProviderDialogInterface) activity; } catch (ClassCastException e) { throw new ClassCastException(activity.toString() + " must implement NoticeDialogListener"); @@ -67,51 +62,57 @@ public class NewProviderDialog extends DialogFragment { } @Override - public Dialog onCreateDialog(Bundle savedInstanceState) { - AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); - LayoutInflater inflater = getActivity().getLayoutInflater(); - View new_provider_dialog_view = inflater.inflate(R.layout.new_provider_dialog, null); - final EditText url_input_field = (EditText)new_provider_dialog_view.findViewById(R.id.new_provider_url); - if(getArguments() != null && getArguments().containsKey(Provider.MAIN_URL)) { - url_input_field.setText(getArguments().getString(Provider.MAIN_URL)); - } - - builder.setView(new_provider_dialog_view) - .setMessage(R.string.introduce_new_provider) - .setPositiveButton(R.string.save, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - String entered_url = url_input_field.getText().toString().trim(); - if(!entered_url.startsWith("https://")) { - if (entered_url.startsWith("http://")){ - entered_url = entered_url.substring("http://".length()); - } - entered_url = "https://".concat(entered_url); - } - if(validURL(entered_url)) { - interface_with_ConfigurationWizard.showAndSelectProvider(entered_url); - Toast.makeText(getActivity().getApplicationContext(), R.string.valid_url_entered, Toast.LENGTH_LONG).show(); - } else { - url_input_field.setText(""); - Toast.makeText(getActivity().getApplicationContext(), R.string.not_valid_url_entered, Toast.LENGTH_LONG).show();; - } - } - }) - .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - dialog.cancel(); - } - }); - // Create the AlertDialog object and return it - return builder.create(); - } + public Dialog onCreateDialog(Bundle savedInstanceState) { + AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); + LayoutInflater inflater = getActivity().getLayoutInflater(); + View view = inflater.inflate(R.layout.new_provider_dialog, null); + ButterKnife.inject(this, view); + Bundle arguments = getArguments(); + if(arguments != null) { + url_input_field.setText(arguments.getString(Provider.MAIN_URL, "")); + } + + builder.setView(view) + .setMessage(R.string.introduce_new_provider) + .setPositiveButton(R.string.save, new DialogInterface.OnClickListener() { + public void onClick(DialogInterface dialog, int id) { + saveProvider(); + } + }) + .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { + public void onClick(DialogInterface dialog, int id) { + dialog.cancel(); + } + }); + // Create the AlertDialog object and return it + return builder.create(); + } + + private void saveProvider() { + String entered_url = url_input_field.getText().toString().trim(); + if(!entered_url.startsWith("https://")) { + if (entered_url.startsWith("http://")){ + entered_url = entered_url.substring("http://".length()); + } + entered_url = "https://".concat(entered_url); + } + + if(validURL(entered_url)) { + interface_with_ConfigurationWizard.showAndSelectProvider(entered_url); + Toast.makeText(getActivity().getApplicationContext(), R.string.valid_url_entered, Toast.LENGTH_LONG).show(); + } else { + url_input_field.setText(""); + Toast.makeText(getActivity().getApplicationContext(), R.string.not_valid_url_entered, Toast.LENGTH_LONG).show();; + } + } /** * Checks if the entered url is valid or not. * @param entered_url * @return true if it's not empty nor contains only the protocol. */ - boolean validURL(String entered_url) { - //return !entered_url.isEmpty() && entered_url.matches("http[s]?://.+") && !entered_url.replaceFirst("http[s]?://", "").isEmpty(); - return android.util.Patterns.WEB_URL.matcher(entered_url).matches(); - } + boolean validURL(String entered_url) { + //return !entered_url.isEmpty() && entered_url.matches("http[s]?://.+") && !entered_url.replaceFirst("http[s]?://", "").isEmpty(); + return android.util.Patterns.WEB_URL.matcher(entered_url).matches(); + } } -- cgit v1.2.3 From 56a998deef38a635e2a2e61dd1f516b78d24c9c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 21:30:25 +0100 Subject: SessionDialog restores eip switch if necessary. --- app/src/main/java/se/leap/bitmaskclient/Dashboard.java | 2 +- app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java | 4 +++- app/src/main/java/se/leap/bitmaskclient/SessionDialog.java | 6 +++--- 3 files changed, 7 insertions(+), 5 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index c7691ed4..3ecf5e52 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -54,7 +54,7 @@ import se.leap.bitmaskclient.eip.EipStatus; * @author Sean Leonard * @author parmegv */ -public class Dashboard extends Activity implements SessionDialog.LogInDialogInterface, ProviderAPIResultReceiver.Receiver { +public class Dashboard extends Activity implements SessionDialog.SessionDialogInterface, ProviderAPIResultReceiver.Receiver { protected static final int CONFIGURE_LEAP = 0; protected static final int SWITCH_PROVIDER = 1; diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index a8ffda72..507cfe74 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -129,7 +129,9 @@ public class EipServiceFragment extends Fragment implements Observer { else if(canLogInToStartEIP()) { Log.d(TAG, "Can Log In to start EIP"); Dashboard dashboard = (Dashboard) parent_activity; - dashboard.logInDialog(Bundle.EMPTY); + Bundle bundle = new Bundle(); + bundle.putBoolean(IS_PENDING, true); + dashboard.logInDialog(bundle); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java index 9676faa8..60382cf0 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java @@ -121,13 +121,13 @@ public class SessionDialog extends DialogFragment{ * @author parmegv * */ - public interface LogInDialogInterface { + public interface SessionDialogInterface { public void logIn(String username, String password); public void signUp(String username, String password); public void cancelLoginOrSignup(); } - LogInDialogInterface interface_with_Dashboard; + SessionDialogInterface interface_with_Dashboard; /** * @return a new instance of this DialogFragment. @@ -143,7 +143,7 @@ public class SessionDialog extends DialogFragment{ public void onAttach(Activity activity) { super.onAttach(activity); try { - interface_with_Dashboard = (LogInDialogInterface) activity; + interface_with_Dashboard = (SessionDialogInterface) activity; } catch (ClassCastException e) { throw new ClassCastException(activity.toString() + " must implement LogInDialogListener"); -- cgit v1.2.3 From 60adae615458f42fe7a36fe9c4faf90e3e463f95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 9 Dec 2014 21:46:26 +0100 Subject: Restore eip service UI onResume. --- app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java | 1 + 1 file changed, 1 insertion(+) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 507cfe74..904aa31d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -91,6 +91,7 @@ public class EipServiceFragment extends Fragment implements Observer { public void onResume() { super.onResume(); eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); + handleNewState(eip_status); } @Override -- cgit v1.2.3 From 0e7e4005460964cf8dac080e3d99e1df2a1bdc4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 12 Dec 2014 11:49:24 +0100 Subject: Updated ics-openvpn to rev924. --- app/openvpn/config-version.h | 2 +- app/openvpn/src/openvpn/crypto_backend.h | 6 +- app/openvpn/src/openvpn/crypto_openssl.c | 4 +- app/openvpn/src/openvpn/crypto_polarssl.c | 4 +- app/openvpn/src/openvpn/ssl.c | 12 +- .../main/java/de/blinkt/openvpn/VpnProfile.java | 38 +----- .../blinkt/openvpn/activities/DisconnectVPN.java | 8 +- .../de/blinkt/openvpn/core/OpenVPNService.java | 1 + .../java/de/blinkt/openvpn/core/OpenVPNThread.java | 7 +- .../de/blinkt/openvpn/core/VPNLaunchHelper.java | 151 ++++++++++++++------- app/src/main/res/menu/logmenu.xml | 10 +- app/src/main/res/values-v21/styles.xml | 15 ++ app/src/main/res/values/styles.xml | 6 +- app/src/main/res/values/untranslatable.xml | 20 +++ 14 files changed, 185 insertions(+), 99 deletions(-) create mode 100644 app/src/main/res/values-v21/styles.xml (limited to 'app') diff --git a/app/openvpn/config-version.h b/app/openvpn/config-version.h index 6e78aeaf..1fca2b7a 100644 --- a/app/openvpn/config-version.h +++ b/app/openvpn/config-version.h @@ -1,2 +1,2 @@ -#define CONFIGURE_GIT_REVISION "icsopenvpn_620-df00abd6979b7376" +#define CONFIGURE_GIT_REVISION "icsopenvpn_621-b603913ee5d54ab8" #define CONFIGURE_GIT_FLAGS "" diff --git a/app/openvpn/src/openvpn/crypto_backend.h b/app/openvpn/src/openvpn/crypto_backend.h index bc067a7d..87498785 100644 --- a/app/openvpn/src/openvpn/crypto_backend.h +++ b/app/openvpn/src/openvpn/crypto_backend.h @@ -223,7 +223,7 @@ int cipher_kt_block_size (const cipher_kt_t *cipher_kt); /** * Returns the mode that the cipher runs in. * - * @param cipher_kt Static cipher parameters + * @param cipher_kt Static cipher parameters. May not be NULL. * * @return Cipher mode, either \c OPENVPN_MODE_CBC, \c * OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB @@ -233,7 +233,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt); /** * Check if the supplied cipher is a supported CBC mode cipher. * - * @param cipher Static cipher parameters. May not be NULL. + * @param cipher Static cipher parameters. * * @return true iff the cipher is a CBC mode cipher. */ @@ -243,7 +243,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) /** * Check if the supplied cipher is a supported OFB or CFB mode cipher. * - * @param cipher Static cipher parameters. May not be NULL. + * @param cipher Static cipher parameters. * * @return true iff the cipher is a OFB or CFB mode cipher. */ diff --git a/app/openvpn/src/openvpn/crypto_openssl.c b/app/openvpn/src/openvpn/crypto_openssl.c index 0ac89a19..f7a491d6 100644 --- a/app/openvpn/src/openvpn/crypto_openssl.c +++ b/app/openvpn/src/openvpn/crypto_openssl.c @@ -492,7 +492,7 @@ cipher_kt_mode (const EVP_CIPHER *cipher_kt) bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) { - return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC + return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC #ifdef EVP_CIPH_FLAG_AEAD_CIPHER /* Exclude AEAD cipher modes, they require a different API */ && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) @@ -503,7 +503,7 @@ cipher_kt_mode_cbc(const cipher_kt_t *cipher) bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) { - return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || + return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || cipher_kt_mode(cipher) == OPENVPN_MODE_CFB) #ifdef EVP_CIPH_FLAG_AEAD_CIPHER /* Exclude AEAD cipher modes, they require a different API */ diff --git a/app/openvpn/src/openvpn/crypto_polarssl.c b/app/openvpn/src/openvpn/crypto_polarssl.c index 1a986dbd..e083398f 100644 --- a/app/openvpn/src/openvpn/crypto_polarssl.c +++ b/app/openvpn/src/openvpn/crypto_polarssl.c @@ -419,13 +419,13 @@ cipher_kt_mode (const cipher_info_t *cipher_kt) bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) { - return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; + return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; } bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) { - return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || + return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || cipher_kt_mode(cipher) == OPENVPN_MODE_CFB); } diff --git a/app/openvpn/src/openvpn/ssl.c b/app/openvpn/src/openvpn/ssl.c index 94b7b6d9..f79f42d9 100644 --- a/app/openvpn/src/openvpn/ssl.c +++ b/app/openvpn/src/openvpn/ssl.c @@ -2826,7 +2826,17 @@ tls_pre_decrypt (struct tls_multi *multi, opt->flags &= multi->opt.crypto_flags_and; opt->flags |= multi->opt.crypto_flags_or; - ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1)); + ASSERT (buf_advance (buf, 1)); + if (op == P_DATA_V2) + { + if (buf->len < 4) + { + msg (D_TLS_ERRORS, "Protocol error: received P_DATA_V2 from %s but length is < 4", + print_link_socket_actual (from, &gc)); + goto error; + } + ASSERT (buf_advance (buf, 3)); + } ++ks->n_packets; ks->n_bytes += buf->len; diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 65214c4f..fb2ba90d 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -45,7 +45,6 @@ import java.util.Collection; import java.util.Locale; import java.util.UUID; import java.util.Vector; -import java.util.concurrent.Future; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; @@ -54,6 +53,7 @@ import javax.crypto.NoSuchPaddingException; import de.blinkt.openvpn.core.NativeUtils; import de.blinkt.openvpn.core.OpenVPNService; +import de.blinkt.openvpn.core.VPNLaunchHelper; import de.blinkt.openvpn.core.VpnStatus; import de.blinkt.openvpn.core.X509Utils; @@ -68,11 +68,8 @@ public class VpnProfile implements Serializable { public static final String EXTRA_PROFILEUUID = "de.blinkt.openvpn.profileUUID"; public static final String INLINE_TAG = "[[INLINE]]"; public static final String DISPLAYNAME_TAG = "[[NAME]]"; - private static final String MININONPIEVPN = "nopievpn"; - private static final String MINIPIEVPN = "pievpn"; private static final long serialVersionUID = 7085688938959334563L; - private static final String OVPNCONFIGFILE = "android.conf"; public static final int MAXLOGLEVEL = 4; public static final int CURRENT_PROFILE_VERSION = 2; public static final int DEFAULT_MSSFIX_SIZE = 1450; @@ -164,20 +161,6 @@ public class VpnProfile implements Serializable { mProfileVersion = CURRENT_PROFILE_VERSION; } - public static String getMiniVPNExecutableName() - { - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) - return VpnProfile.MINIPIEVPN; - else - return VpnProfile.MININONPIEVPN; - } - - public static String[] replacePieWithNoPie(String[] mArgv) - { - mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); - return mArgv; - } - public static String openVpnEscape(String unescaped) { if (unescaped == null) return null; @@ -576,19 +559,6 @@ public class VpnProfile implements Serializable { return parts[0] + " " + netmask; } - private String[] buildOpenvpnArgv(File cacheDir) { - Vector args = new Vector(); - - // Add fixed paramenters - //args.add("/data/data/de.blinkt.openvpn/lib/openvpn"); - args.add(cacheDir.getAbsolutePath() + "/" + getMiniVPNExecutableName()); - - args.add("--config"); - args.add(cacheDir.getAbsolutePath() + "/" + OVPNCONFIGFILE); - - - return args.toArray(new String[args.size()]); - } @@ -603,7 +573,7 @@ public class VpnProfile implements Serializable { try { - FileWriter cfg = new FileWriter(context.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE); + FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context)); cfg.write(getConfigFile(context, false)); cfg.flush(); cfg.close(); @@ -618,7 +588,7 @@ public class VpnProfile implements Serializable { String prefix = context.getPackageName(); Intent intent = new Intent(context, OpenVPNService.class); - intent.putExtra(prefix + ".ARGV", buildOpenvpnArgv(context.getCacheDir())); + intent.putExtra(prefix + ".ARGV", VPNLaunchHelper.buildOpenvpnArgv(context)); intent.putExtra(prefix + ".profileUUID", mUuid.toString()); ApplicationInfo info = context.getApplicationInfo(); @@ -648,7 +618,7 @@ public class VpnProfile implements Serializable { public static boolean isEmbedded(String data) { if (data==null) return false; - if(data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG)) + if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG)) return true; else return false; diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java index e6b73a48..4940d5d6 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java @@ -17,7 +17,7 @@ import de.blinkt.openvpn.core.ProfileManager; /** * Created by arne on 13.10.13. */ -public class DisconnectVPN extends Activity implements DialogInterface.OnClickListener{ +public class DisconnectVPN extends Activity implements DialogInterface.OnClickListener, DialogInterface.OnCancelListener { protected OpenVPNService mService; private ServiceConnection mConnection = new ServiceConnection() { @@ -71,6 +71,7 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi builder.setMessage(R.string.cancel_connection_query); builder.setNegativeButton(android.R.string.no, this); builder.setPositiveButton(android.R.string.yes,this); + builder.setOnCancelListener(this); builder.show(); } @@ -84,4 +85,9 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi } finish(); } + + @Override + public void onCancel(DialogInterface dialog) { + finish(); + } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index ada065ba..d9830955 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -719,6 +719,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac public void updateState(String state, String logmessage, int resid, ConnectionStatus level) { // If the process is not running, ignore any state, // Notification should be invisible in this state + doSendBroadcast(state, level); if (mProcessThread == null && !mNotificationAlwaysVisible) return; diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java index e3c60854..e36a5b8a 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java @@ -5,6 +5,7 @@ package de.blinkt.openvpn.core; +import android.annotation.SuppressLint; import android.util.Log; import java.io.BufferedReader; @@ -30,6 +31,7 @@ import de.blinkt.openvpn.core.VpnStatus.LogItem; public class OpenVPNThread implements Runnable { private static final String DUMP_PATH_STRING = "Dump path: "; + @SuppressLint("SdCardPath") private static final String BROKEN_PIE_SUPPORT = "/data/data/de.blinkt.openvpn/cache/pievpn[1]: syntax error:"; private static final String TAG = "OpenVPN"; public static final int M_FATAL = (1 << 4); @@ -78,7 +80,8 @@ public class OpenVPNThread implements Runnable { if( exitvalue != 0) { VpnStatus.logError("Process exited with exit value " + exitvalue); if (mBrokenPie) { - String[] noPieArgv = VpnProfile.replacePieWithNoPie(mArgv); + /* This will probably fail since the NoPIE binary is probably not written */ + String[] noPieArgv = VPNLaunchHelper.replacePieWithNoPie(mArgv); // We are already noPIE, nothing to gain if (!noPieArgv.equals(mArgv)) { @@ -190,7 +193,7 @@ public class OpenVPNThread implements Runnable { private String genLibraryPath(String[] argv, ProcessBuilder pb) { // Hack until I find a good way to get the real library path - String applibpath = argv[0].replace("/cache/" + VpnProfile.getMiniVPNExecutableName() , "/lib"); + String applibpath = argv[0].replaceFirst("/cache/.*$" , "/lib"); String lbpath = pb.environment().get("LD_LIBRARY_PATH"); if(lbpath==null) diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java index 40f9742b..208aa359 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java @@ -5,70 +5,122 @@ package de.blinkt.openvpn.core; +import android.annotation.TargetApi; import android.content.Context; import android.content.Intent; +import android.content.pm.ApplicationInfo; import android.os.Build; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.util.Vector; import se.leap.bitmaskclient.R; import de.blinkt.openvpn.VpnProfile; public class VPNLaunchHelper { - static private boolean writeMiniVPN(Context context) { - File mvpnout = new File(context.getCacheDir(),VpnProfile.getMiniVPNExecutableName()); - if (mvpnout.exists() && mvpnout.canExecute()) - return true; - - IOException e2 = null; - - try { - InputStream mvpn; - - try { - mvpn = context.getAssets().open(VpnProfile.getMiniVPNExecutableName() + "." + Build.CPU_ABI); - } - catch (IOException errabi) { - VpnStatus.logInfo("Failed getting assets for archicture " + Build.CPU_ABI); - e2=errabi; - mvpn = context.getAssets().open(VpnProfile.getMiniVPNExecutableName() + "." + Build.CPU_ABI2); - - } - - - FileOutputStream fout = new FileOutputStream(mvpnout); - - byte buf[]= new byte[4096]; - - int lenread = mvpn.read(buf); - while(lenread> 0) { - fout.write(buf, 0, lenread); - lenread = mvpn.read(buf); - } - fout.close(); - - if(!mvpnout.setExecutable(true)) { - VpnStatus.logError("Failed to make OpenVPN executable"); - return false; - } - - - return true; - } catch (IOException e) { - if(e2!=null) - VpnStatus.logException(e2); - VpnStatus.logException(e); - - return false; - } + private static final String MININONPIEVPN = "nopievpn"; + private static final String MINIPIEVPN = "pievpn"; + private static final String OVPNCONFIGFILE = "android.conf"; + + + + static private String writeMiniVPN(Context context) { + String[] abis; + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) + abis = getSupportedAbisLollipop(); + else + abis = new String[]{Build.CPU_ABI, Build.CPU_ABI2}; + + for (String abi: abis) { + + File mvpnout = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi); + if ((mvpnout.exists() && mvpnout.canExecute()) || writeMiniVPNBinary(context, abi, mvpnout)) { + return mvpnout.getPath(); + } + } + + return null; } + + @TargetApi(Build.VERSION_CODES.LOLLIPOP) + private static String[] getSupportedAbisLollipop() { + return Build.SUPPORTED_ABIS; + } + + private static String getMiniVPNExecutableName() + { + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) + return MINIPIEVPN; + else + return MININONPIEVPN; + } + + + public static String[] replacePieWithNoPie(String[] mArgv) + { + mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); + return mArgv; + } + + + public static String[] buildOpenvpnArgv(Context c) { + Vector args = new Vector(); + + // Add fixed paramenters + //args.add("/data/data/de.blinkt.openvpn/lib/openvpn"); + args.add(writeMiniVPN(c)); + + args.add("--config"); + args.add(c.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE); + + + return args.toArray(new String[args.size()]); + } + + private static boolean writeMiniVPNBinary(Context context, String abi, File mvpnout) { + try { + InputStream mvpn; + + try { + mvpn = context.getAssets().open(getMiniVPNExecutableName() + "." + abi); + } + catch (IOException errabi) { + VpnStatus.logInfo("Failed getting assets for archicture " + abi); + return false; + } + + + FileOutputStream fout = new FileOutputStream(mvpnout); + + byte buf[]= new byte[4096]; + + int lenread = mvpn.read(buf); + while(lenread> 0) { + fout.write(buf, 0, lenread); + lenread = mvpn.read(buf); + } + fout.close(); + + if(!mvpnout.setExecutable(true)) { + VpnStatus.logError("Failed to make OpenVPN executable"); + return false; + } + + + return true; + } catch (IOException e) { + VpnStatus.logException(e); + return false; + } + + } public static void startOpenVpn(VpnProfile startprofile, Context context) { - if(!writeMiniVPN(context)) { + if(writeMiniVPN(context)==null) { VpnStatus.logError("Error writing minivpn binary"); return; } @@ -80,4 +132,9 @@ public class VPNLaunchHelper { context.startService(startVPN); } + + public static String getConfigFilePath(Context context) { + return context.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE; + } + } diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml index a1d2a7b5..52ba4b7d 100644 --- a/app/src/main/res/menu/logmenu.xml +++ b/app/src/main/res/menu/logmenu.xml @@ -10,33 +10,33 @@ diff --git a/app/src/main/res/values-v21/styles.xml b/app/src/main/res/values-v21/styles.xml new file mode 100644 index 00000000..892b6cb0 --- /dev/null +++ b/app/src/main/res/values-v21/styles.xml @@ -0,0 +1,15 @@ + + + + + + + + diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml index 7b26a4a7..a60e29b8 100644 --- a/app/src/main/res/values/styles.xml +++ b/app/src/main/res/values/styles.xml @@ -5,6 +5,10 @@ --> + + diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 619a550f..7257bf3a 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -2449,6 +2449,26 @@ + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From 97aded26654ede8204a313dd6967b678a72a2a10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 12 Dec 2014 18:02:40 +0100 Subject: Updated ics-openvpn to last rev 14 Nov 2014. Material design! It still doesn't run properly on my tablet, openvpn keeps getting down and exiting. --- app/build.gradle | 57 +- app/openssl/Apps-config-host.mk | 12 +- app/openssl/Apps-config-target.mk | 17 +- app/openssl/Crypto-config-host.mk | 15 +- app/openssl/Crypto-config-target.mk | 20 +- app/openssl/Crypto-config-trusty.mk | 17 +- app/openssl/Ssl-config-host.mk | 12 +- app/openssl/Ssl-config-target.mk | 17 +- app/openssl/Ssl.mk | 2 + app/openssl/android-config.mk | 2 + app/openssl/android.testssl/testssl | 6 + app/openssl/apps/apps.c | 4 + app/openssl/apps/ca.c | 5 + app/openssl/apps/ciphers.c | 6 - app/openssl/apps/crl2p7.c | 8 +- app/openssl/apps/enc.c | 8 + app/openssl/apps/md4.c | 128 +- app/openssl/apps/ocsp.c | 2 +- app/openssl/apps/progs.h | 8 +- app/openssl/apps/progs.pl | 2 +- app/openssl/apps/s_client.c | 12 + app/openssl/apps/s_server.c | 16 +- app/openssl/build-config-32.mk | 4 +- app/openssl/build-config-64.mk | 4 +- app/openssl/build-config-trusty.mk | 4 +- app/openssl/crypto/LPdir_win.c | 48 +- app/openssl/crypto/aes/asm/aesni-x86_64.pl | 52 +- app/openssl/crypto/asn1/a_object.c | 30 +- app/openssl/crypto/asn1/a_strex.c | 1 + app/openssl/crypto/asn1/a_utctm.c | 24 +- app/openssl/crypto/asn1/ameth_lib.c | 7 +- app/openssl/crypto/asn1/asn1_lib.c | 3 + app/openssl/crypto/asn1/asn_mime.c | 2 + app/openssl/crypto/asn1/asn_pack.c | 12 +- app/openssl/crypto/asn1/bio_asn1.c | 3 + app/openssl/crypto/asn1/charmap.pl | 3 + app/openssl/crypto/asn1/evp_asn1.c | 6 +- app/openssl/crypto/asn1/t_x509.c | 2 + app/openssl/crypto/asn1/tasn_enc.c | 7 +- app/openssl/crypto/asn1/x_crl.c | 1 + app/openssl/crypto/bio/bio_lib.c | 4 +- app/openssl/crypto/bn/asm/x86_64-gcc.c | 8 +- app/openssl/crypto/bn/bn_exp.c | 11 +- app/openssl/crypto/bn/bn_lib.c | 9 + app/openssl/crypto/bn/bn_nist.c | 6 +- app/openssl/crypto/bn/bn_sqr.c | 1 + app/openssl/crypto/bn/exptest.c | 45 +- app/openssl/crypto/cms/cms_pwri.c | 3 +- app/openssl/crypto/conf/conf_def.c | 2 +- app/openssl/crypto/constant_time_locl.h | 216 ++ app/openssl/crypto/dsa/dsa_ameth.c | 7 +- app/openssl/crypto/ebcdic.h | 7 + app/openssl/crypto/ec/ec.h | 2 +- app/openssl/crypto/ec/ec2_smpl.c | 9 +- app/openssl/crypto/ec/ec_ameth.c | 14 +- app/openssl/crypto/ec/ec_asn1.c | 40 +- app/openssl/crypto/ec/ec_lib.c | 2 +- app/openssl/crypto/ec/ecp_mont.c | 9 +- app/openssl/crypto/ec/ecp_nist.c | 9 +- app/openssl/crypto/ec/ecp_smpl.c | 183 +- app/openssl/crypto/ec/ectest.c | 64 +- app/openssl/crypto/err/openssl.ec | 1 + app/openssl/crypto/evp/e_aes.c | 63 +- app/openssl/crypto/evp/evp_enc.c | 56 +- app/openssl/crypto/evp/evp_pbe.c | 2 +- app/openssl/crypto/md5/asm/md5-x86_64.pl | 2 +- app/openssl/crypto/objects/obj_dat.c | 16 +- app/openssl/crypto/objects/obj_dat.h | 3429 ++++++++++---------- app/openssl/crypto/objects/obj_dat.pl | 2 +- app/openssl/crypto/ocsp/ocsp_ht.c | 16 +- app/openssl/crypto/ocsp/ocsp_lib.c | 13 +- app/openssl/crypto/ocsp/ocsp_vfy.c | 7 +- app/openssl/crypto/opensslconf-32.h | 12 + app/openssl/crypto/opensslconf-64.h | 12 + app/openssl/crypto/opensslconf-static-32.h | 12 + app/openssl/crypto/opensslconf-static-64.h | 12 + app/openssl/crypto/opensslconf-static-trusty.h | 12 + app/openssl/crypto/opensslconf-trusty.h | 12 + app/openssl/crypto/opensslv.h | 13 +- app/openssl/crypto/ossl_typ.h | 7 + app/openssl/crypto/pem/pvkfmt.c | 5 + app/openssl/crypto/pkcs7/bio_ber.c | 466 --- app/openssl/crypto/pkcs7/dec.c | 248 -- app/openssl/crypto/pkcs7/des.pem | 15 - app/openssl/crypto/pkcs7/doc | 24 - app/openssl/crypto/pkcs7/enc.c | 174 - app/openssl/crypto/pkcs7/es1.pem | 66 - app/openssl/crypto/pkcs7/example.c | 329 -- app/openssl/crypto/pkcs7/example.h | 57 - app/openssl/crypto/pkcs7/info.pem | 57 - app/openssl/crypto/pkcs7/infokey.pem | 9 - app/openssl/crypto/pkcs7/p7/a1 | 2 - app/openssl/crypto/pkcs7/p7/a2 | 1 - app/openssl/crypto/pkcs7/p7/cert.p7c | Bin 1728 -> 0 bytes app/openssl/crypto/pkcs7/p7/smime.p7m | Bin 4894 -> 0 bytes app/openssl/crypto/pkcs7/p7/smime.p7s | Bin 2625 -> 0 bytes app/openssl/crypto/pkcs7/pkcs7.h | 4 - app/openssl/crypto/pkcs7/server.pem | 24 - app/openssl/crypto/pkcs7/sign.c | 154 - app/openssl/crypto/pkcs7/t/3des.pem | 16 - app/openssl/crypto/pkcs7/t/3dess.pem | 32 - app/openssl/crypto/pkcs7/t/c.pem | 48 - app/openssl/crypto/pkcs7/t/ff | 32 - app/openssl/crypto/pkcs7/t/msie-e | 20 - app/openssl/crypto/pkcs7/t/msie-e.pem | 22 - app/openssl/crypto/pkcs7/t/msie-enc-01 | 62 - app/openssl/crypto/pkcs7/t/msie-enc-01.pem | 66 - app/openssl/crypto/pkcs7/t/msie-enc-02 | 90 - app/openssl/crypto/pkcs7/t/msie-enc-02.pem | 106 - app/openssl/crypto/pkcs7/t/msie-s-a-e | 91 - app/openssl/crypto/pkcs7/t/msie-s-a-e.pem | 106 - app/openssl/crypto/pkcs7/t/nav-smime | 157 - app/openssl/crypto/pkcs7/t/s.pem | 57 - app/openssl/crypto/pkcs7/t/server.pem | 57 - app/openssl/crypto/pkcs7/verify.c | 263 -- app/openssl/crypto/pqueue/pqueue.h | 6 + app/openssl/crypto/rand/md_rand.c | 24 +- app/openssl/crypto/rand/rand_lcl.h | 1 + app/openssl/crypto/rand/rand_lib.c | 3 +- app/openssl/crypto/rand/randfile.c | 1 + app/openssl/crypto/rsa/rsa.h | 1 + app/openssl/crypto/rsa/rsa_eay.c | 2 +- app/openssl/crypto/rsa/rsa_err.c | 1 + app/openssl/crypto/rsa/rsa_oaep.c | 150 +- app/openssl/crypto/rsa/rsa_pk1.c | 103 +- app/openssl/crypto/rsa/rsa_sign.c | 21 +- app/openssl/crypto/srp/srp_lib.c | 6 + app/openssl/crypto/stack/safestack.h | 8 + app/openssl/crypto/ui/ui_lib.c | 2 +- app/openssl/e_os.h | 12 +- app/openssl/flavor.mk | 4 + app/openssl/import_openssl.sh | 6 +- app/openssl/include/openssl/dtls1.h | 3 +- app/openssl/include/openssl/ebcdic.h | 7 + app/openssl/include/openssl/ec.h | 2 +- app/openssl/include/openssl/modes.h | 6 + app/openssl/include/openssl/opensslconf-32.h | 12 + app/openssl/include/openssl/opensslconf-64.h | 12 + .../include/openssl/opensslconf-static-32.h | 12 + .../include/openssl/opensslconf-static-64.h | 12 + .../include/openssl/opensslconf-static-trusty.h | 12 + app/openssl/include/openssl/opensslconf-trusty.h | 12 + app/openssl/include/openssl/opensslv.h | 13 +- app/openssl/include/openssl/ossl_typ.h | 7 + app/openssl/include/openssl/pkcs7.h | 4 - app/openssl/include/openssl/pqueue.h | 6 + app/openssl/include/openssl/rsa.h | 1 + app/openssl/include/openssl/safestack.h | 8 + app/openssl/include/openssl/srtp.h | 4 + app/openssl/include/openssl/ssl.h | 17 +- app/openssl/include/openssl/ssl3.h | 7 +- app/openssl/include/openssl/tls1.h | 15 +- app/openssl/openssl.config | 11 + app/openssl/openssl.version | 2 +- app/openssl/patches/README | 5 + app/openssl/rules.mk | 2 + app/openssl/ssl/d1_both.c | 85 +- app/openssl/ssl/d1_clnt.c | 31 +- app/openssl/ssl/d1_lib.c | 10 + app/openssl/ssl/d1_srtp.c | 93 +- app/openssl/ssl/d1_srvr.c | 14 +- app/openssl/ssl/dtls1.h | 3 +- app/openssl/ssl/s23_clnt.c | 12 +- app/openssl/ssl/s23_lib.c | 7 + app/openssl/ssl/s23_srvr.c | 51 +- app/openssl/ssl/s2_lib.c | 6 +- app/openssl/ssl/s3_cbc.c | 65 +- app/openssl/ssl/s3_clnt.c | 266 +- app/openssl/ssl/s3_enc.c | 14 +- app/openssl/ssl/s3_lib.c | 80 +- app/openssl/ssl/s3_pkt.c | 21 +- app/openssl/ssl/s3_srvr.c | 123 +- app/openssl/ssl/srtp.h | 4 + app/openssl/ssl/ssl.h | 17 +- app/openssl/ssl/ssl3.h | 7 +- app/openssl/ssl/ssl_ciph.c | 44 +- app/openssl/ssl/ssl_err.c | 3 + app/openssl/ssl/ssl_lib.c | 65 +- app/openssl/ssl/ssl_locl.h | 25 +- app/openssl/ssl/ssl_stat.c | 5 +- app/openssl/ssl/t1_enc.c | 3 +- app/openssl/ssl/t1_lib.c | 85 +- app/openssl/ssl/tls1.h | 15 +- app/openssl/ssl/tls_srp.c | 48 +- app/openvpn/.gitignore | 59 - app/openvpn/distro/rpm/openvpn.spec | 248 ++ app/openvpn/src/plugins/Makefile.in | 546 ++++ app/openvpn/src/plugins/auth-pam/Makefile.in | 570 ++++ app/openvpn/src/plugins/down-root/Makefile.in | 563 ++++ .../de/blinkt/openvpn/core/OpenVPNThreadv3.java | 275 ++ app/src/main/AndroidManifest.xml | 6 +- .../main/res/drawable-hdpi/ic_close_white_24dp.png | Bin 0 -> 324 bytes .../res/drawable-hdpi/ic_delete_white_24dp.png | Bin 0 -> 246 bytes .../res/drawable-hdpi/ic_edit_grey600_24dp.png | Bin 0 -> 341 bytes .../main/res/drawable-hdpi/ic_edit_white_24dp.png | Bin 0 -> 339 bytes .../drawable-hdpi/ic_filter_list_white_24dp.png | Bin 0 -> 206 bytes .../main/res/drawable-hdpi/ic_share_white_24dp.png | Bin 0 -> 506 bytes .../main/res/drawable-mdpi/ic_close_white_24dp.png | Bin 0 -> 279 bytes .../res/drawable-mdpi/ic_delete_white_24dp.png | Bin 0 -> 197 bytes .../res/drawable-mdpi/ic_edit_grey600_24dp.png | Bin 0 -> 276 bytes .../main/res/drawable-mdpi/ic_edit_white_24dp.png | Bin 0 -> 272 bytes .../drawable-mdpi/ic_filter_list_white_24dp.png | Bin 0 -> 181 bytes .../main/res/drawable-mdpi/ic_share_white_24dp.png | Bin 0 -> 361 bytes .../res/drawable-xhdpi/ic_close_white_24dp.png | Bin 0 -> 402 bytes .../res/drawable-xhdpi/ic_delete_white_24dp.png | Bin 0 -> 270 bytes .../res/drawable-xhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 379 bytes .../main/res/drawable-xhdpi/ic_edit_white_24dp.png | Bin 0 -> 378 bytes .../drawable-xhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 200 bytes .../res/drawable-xhdpi/ic_share_white_24dp.png | Bin 0 -> 625 bytes .../res/drawable-xxhdpi/ic_close_white_24dp.png | Bin 0 -> 492 bytes .../res/drawable-xxhdpi/ic_delete_white_24dp.png | Bin 0 -> 338 bytes .../res/drawable-xxhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 493 bytes .../res/drawable-xxhdpi/ic_edit_white_24dp.png | Bin 0 -> 490 bytes .../drawable-xxhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 223 bytes .../res/drawable-xxhdpi/ic_share_white_24dp.png | Bin 0 -> 857 bytes .../res/drawable-xxxhdpi/ic_close_white_24dp.png | Bin 0 -> 662 bytes .../res/drawable-xxxhdpi/ic_delete_white_24dp.png | Bin 0 -> 397 bytes .../res/drawable-xxxhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 639 bytes .../res/drawable-xxxhdpi/ic_edit_white_24dp.png | Bin 0 -> 632 bytes .../drawable-xxxhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 254 bytes .../res/drawable-xxxhdpi/ic_share_white_24dp.png | Bin 0 -> 1115 bytes app/src/main/res/values-v21/refs.xml | 13 + app/src/main/res/values/colours.xml | 13 + app/src/main/res/values/refs.xml | 15 + app/src/main/res/values/untranslatable.xml | 660 ++++ app/src/ovpn3/Android.mk | 40 + app/src/ovpn3/boostsrc/error_code.cpp | 430 +++ .../src/main/res/values/strings-icsopenvpn.xml | 8 - 228 files changed, 7500 insertions(+), 5490 deletions(-) mode change 120000 => 100644 app/openssl/apps/md4.c create mode 100644 app/openssl/crypto/constant_time_locl.h delete mode 100644 app/openssl/crypto/pkcs7/bio_ber.c delete mode 100644 app/openssl/crypto/pkcs7/dec.c delete mode 100644 app/openssl/crypto/pkcs7/des.pem delete mode 100644 app/openssl/crypto/pkcs7/doc delete mode 100644 app/openssl/crypto/pkcs7/enc.c delete mode 100644 app/openssl/crypto/pkcs7/es1.pem delete mode 100644 app/openssl/crypto/pkcs7/example.c delete mode 100644 app/openssl/crypto/pkcs7/example.h delete mode 100644 app/openssl/crypto/pkcs7/info.pem delete mode 100644 app/openssl/crypto/pkcs7/infokey.pem delete mode 100644 app/openssl/crypto/pkcs7/p7/a1 delete mode 100644 app/openssl/crypto/pkcs7/p7/a2 delete mode 100644 app/openssl/crypto/pkcs7/p7/cert.p7c delete mode 100644 app/openssl/crypto/pkcs7/p7/smime.p7m delete mode 100644 app/openssl/crypto/pkcs7/p7/smime.p7s delete mode 100644 app/openssl/crypto/pkcs7/server.pem delete mode 100644 app/openssl/crypto/pkcs7/sign.c delete mode 100644 app/openssl/crypto/pkcs7/t/3des.pem delete mode 100644 app/openssl/crypto/pkcs7/t/3dess.pem delete mode 100644 app/openssl/crypto/pkcs7/t/c.pem delete mode 100644 app/openssl/crypto/pkcs7/t/ff delete mode 100644 app/openssl/crypto/pkcs7/t/msie-e delete mode 100644 app/openssl/crypto/pkcs7/t/msie-e.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-01 delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-01.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-02 delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-02.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-s-a-e delete mode 100644 app/openssl/crypto/pkcs7/t/msie-s-a-e.pem delete mode 100644 app/openssl/crypto/pkcs7/t/nav-smime delete mode 100644 app/openssl/crypto/pkcs7/t/s.pem delete mode 100644 app/openssl/crypto/pkcs7/t/server.pem delete mode 100644 app/openssl/crypto/pkcs7/verify.c create mode 100644 app/openssl/flavor.mk delete mode 100644 app/openvpn/.gitignore create mode 100644 app/openvpn/distro/rpm/openvpn.spec create mode 100644 app/openvpn/src/plugins/Makefile.in create mode 100644 app/openvpn/src/plugins/auth-pam/Makefile.in create mode 100644 app/openvpn/src/plugins/down-root/Makefile.in create mode 100644 app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java create mode 100644 app/src/main/res/drawable-hdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/values-v21/refs.xml create mode 100644 app/src/main/res/values/colours.xml create mode 100644 app/src/main/res/values/refs.xml create mode 100644 app/src/ovpn3/Android.mk create mode 100644 app/src/ovpn3/boostsrc/error_code.cpp delete mode 100644 app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 4211e379..5f739419 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -2,15 +2,8 @@ apply plugin: 'android' //import org.ajoberstar.grgit.* android { - compileSdkVersion 19 - buildToolsVersion "20" - - defaultConfig { - minSdkVersion 14 - targetSdkVersion 19 - - testInstrumentationRunner "android.test.InstrumentationTestRunner" - } + compileSdkVersion 21 + buildToolsVersion "21.1.2" signingConfigs { release { @@ -67,18 +60,10 @@ task checkoutStrippedIcsOpenVPN ( type: Copy ) { into '../ics-openvpn-stripped' } -task copyIcsOpenVPNClasses( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' ) { +task copyIcsOpenVPNClasses( type: Copy ) { from ('../ics-openvpn-stripped/main/') { include '**/*.java' include '**/*.aidl' - include '**/strings.xml' - include '**/log_*.xml' - include '**/vpnstatus.xml' - include '**/styles.xml' - include '**/dimens.xml' - include '**/logmenu.xml' - - rename 'strings.xml', 'strings-icsopenvpn.xml' filter { line -> line.replaceAll('de.blinkt.openvpn.R', 'se.leap.bitmaskclient.R') } @@ -91,14 +76,45 @@ task copyIcsOpenVPNClasses( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' filter { line -> line.replace('package de.blinkt.openvpn.fragments;', 'package de.blinkt.openvpn.fragments;\n\nimport se.leap.bitmaskclient.R;') } + } into '.' +} + +task copyIcsOpenVPNXml( type: Copy ) { + from ('../ics-openvpn-stripped/main/') { + include '**/strings.xml' + include '**/log_*.xml' + include '**/vpnstatus.xml' + include '**/styles.xml' + include '**/dimens.xml' + include '**/refs.xml' + include '**/colours.xml' + include '**/logmenu.xml' + + rename 'strings.xml', 'strings-icsopenvpn.xml' filter { line -> line.replaceAll('.*name="app".*', '') } } into '.' } +task copyIcsOpenVPNImages( type: Copy ) { + from ('../ics-openvpn-stripped/main/') { + include '**/ic_filter*.png' + include '**/ic_delete*.png' + include '**/ic_share*.png' + include '**/ic_close*.png' + include '**/ic_edit*.png' + } into '.' +} + +task copyIcsOpenVPNFiles( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' ) { + copyIcsOpenVPNClasses.execute() + copyIcsOpenVPNXml.execute() + copyIcsOpenVPNImages.execute() +} + // thanks to http://pleac.sourceforge.net/pleac_groovy/fileaccess.html -task removeDuplicatedStrings( dependsOn: 'copyIcsOpenVPNClasses' ) << { +task removeDuplicatedStrings( dependsOn: 'copyIcsOpenVPNFiles' ) << { new File('app').eachFileRecurse { if(it.name.equals('strings.xml')) { def ics_openvpn_file = file(it.absolutePath.replace('strings.xml', 'strings-icsopenvpn.xml')) @@ -149,8 +165,9 @@ task mergeUntranslatable( type: Copy, dependsOn: 'removeDuplicatedStrings') { } task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { - from('../ics-openvpn-stripped/main') { + from('../ics-openvpn-stripped/main/src/') { include 'openvpn/**' + include 'openssl/**' include 'lzo/**' include 'jni/**' include 'misc/**' diff --git a/app/openssl/Apps-config-host.mk b/app/openssl/Apps-config-host.mk index 5c1604e0..c6ebf817 100644 --- a/app/openssl/Apps-config-host.mk +++ b/app/openssl/Apps-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -74,30 +74,40 @@ common_c_includes := \ external/openssl/. \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := diff --git a/app/openssl/Apps-config-target.mk b/app/openssl/Apps-config-target.mk index 0c567d4d..fe600c0a 100644 --- a/app/openssl/Apps-config-target.mk +++ b/app/openssl/Apps-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -74,30 +74,40 @@ common_c_includes := \ external/openssl/. \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -110,15 +120,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Crypto-config-host.mk b/app/openssl/Crypto-config-host.mk index 5b643792..1e94f10b 100644 --- a/app/openssl/Crypto-config-host.mk +++ b/app/openssl/Crypto-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -184,6 +184,7 @@ common_src_files := \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ + crypto/constant_time_locl.h \ crypto/cpt_err.c \ crypto/cryptlib.c \ crypto/cversion.c \ @@ -540,6 +541,9 @@ common_c_includes := \ external/openssl/include \ external/openssl/include/openssl \ +arm_clang_asflags := \ + -no-integrated-as \ + arm_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -570,6 +574,9 @@ arm_exclude_files := \ crypto/aes/aes_core.c \ crypto/mem_clr.c \ +arm64_clang_asflags := \ + -no-integrated-as \ + arm64_cflags := \ -DDES_UNROLL \ -DOPENSSL_CPUID_OBJ \ @@ -588,6 +595,8 @@ arm64_src_files := \ arm64_exclude_files := +x86_clang_asflags := + x86_cflags := \ -DAES_ASM \ -DDES_PTR \ @@ -634,6 +643,8 @@ x86_exclude_files := \ crypto/des/fcrypt_b.c \ crypto/mem_clr.c \ +x86_64_clang_asflags := + x86_64_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -678,6 +689,8 @@ x86_64_exclude_files := \ crypto/rc4/rc4_enc.c \ crypto/rc4/rc4_skey.c \ +mips_clang_asflags := + mips_cflags := \ -DAES_ASM \ -DOPENSSL_BN_ASM_MONT \ diff --git a/app/openssl/Crypto-config-target.mk b/app/openssl/Crypto-config-target.mk index bd29dfe5..43de9567 100644 --- a/app/openssl/Crypto-config-target.mk +++ b/app/openssl/Crypto-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -184,6 +184,7 @@ common_src_files := \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ + crypto/constant_time_locl.h \ crypto/cpt_err.c \ crypto/cryptlib.c \ crypto/cversion.c \ @@ -540,6 +541,9 @@ common_c_includes := \ openssl/include \ openssl/include/openssl \ +arm_clang_asflags := \ + -no-integrated-as \ + arm_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -570,6 +574,9 @@ arm_exclude_files := \ crypto/aes/aes_core.c \ crypto/mem_clr.c \ +arm64_clang_asflags := \ + -no-integrated-as \ + arm64_cflags := \ -DDES_UNROLL \ -DOPENSSL_CPUID_OBJ \ @@ -588,6 +595,8 @@ arm64_src_files := \ arm64_exclude_files := +x86_clang_asflags := + x86_cflags := \ -DAES_ASM \ -DDES_PTR \ @@ -634,6 +643,8 @@ x86_exclude_files := \ crypto/des/fcrypt_b.c \ crypto/mem_clr.c \ +x86_64_clang_asflags := + x86_64_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -678,6 +689,8 @@ x86_64_exclude_files := \ crypto/rc4/rc4_enc.c \ crypto/rc4/rc4_skey.c \ +mips_clang_asflags := + mips_cflags := \ -DAES_ASM \ -DOPENSSL_BN_ASM_MONT \ @@ -701,15 +714,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Crypto-config-trusty.mk b/app/openssl/Crypto-config-trusty.mk index 59915986..c1b01d50 100644 --- a/app/openssl/Crypto-config-trusty.mk +++ b/app/openssl/Crypto-config-trusty.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -199,6 +199,8 @@ common_c_includes := \ external/openssl/include \ external/openssl/include/openssl \ +arm_clang_asflags := + arm_cflags := \ -DAES_ASM \ -DGHASH_ASM \ @@ -218,24 +220,32 @@ arm_src_files := \ arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -248,15 +258,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Ssl-config-host.mk b/app/openssl/Ssl-config-host.mk index 57ea3775..83c60267 100644 --- a/app/openssl/Ssl-config-host.mk +++ b/app/openssl/Ssl-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -68,30 +68,40 @@ common_c_includes := \ external/openssl/crypto \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := diff --git a/app/openssl/Ssl-config-target.mk b/app/openssl/Ssl-config-target.mk index c08a971d..bf1671f0 100644 --- a/app/openssl/Ssl-config-target.mk +++ b/app/openssl/Ssl-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -68,30 +68,40 @@ common_c_includes := \ openssl/crypto \ openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -104,15 +114,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Ssl.mk b/app/openssl/Ssl.mk index 0cb93eac..f3263ff0 100644 --- a/app/openssl/Ssl.mk +++ b/app/openssl/Ssl.mk @@ -1,5 +1,6 @@ ####################################### # target static library + include $(CLEAR_VARS) include $(LOCAL_PATH)/ndk-build-clear.mk @@ -25,6 +26,7 @@ include $(BUILD_STATIC_LIBRARY) # target shared library include $(CLEAR_VARS) include $(LOCAL_PATH)/ndk-build-clear.mk + LOCAL_SHARED_LIBRARIES := $(log_shared_libraries) LOCAL_C_INCLUDES := $(log_c_includes) diff --git a/app/openssl/android-config.mk b/app/openssl/android-config.mk index 2a091130..675a65b3 100644 --- a/app/openssl/android-config.mk +++ b/app/openssl/android-config.mk @@ -41,6 +41,8 @@ LOCAL_CFLAGS_32 := $(filter-out -DDSO_DLFCN -DHAVE_DLFCN_H,$(LOCAL_CFLAGS_32)) LOCAL_CFLAGS_64 := $(filter-out -DDSO_DLFCN -DHAVE_DLFCN_H,$(LOCAL_CFLAGS_64)) endif +LOCAL_CFLAGS += -Wno-missing-field-initializers -Wno-unused-parameter + # Debug # LOCAL_CFLAGS += -DCIPHER_DEBUG diff --git a/app/openssl/android.testssl/testssl b/app/openssl/android.testssl/testssl index 5ff48604..66b87361 100755 --- a/app/openssl/android.testssl/testssl +++ b/app/openssl/android.testssl/testssl @@ -176,6 +176,12 @@ else echo test tls1 with SRP via BIO pair $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 + + echo test tls1 with SRP auth + $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 + + echo test tls1 with SRP auth via BIO pair + $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 fi exit 0 diff --git a/app/openssl/apps/apps.c b/app/openssl/apps/apps.c index b76db10a..3e18289a 100644 --- a/app/openssl/apps/apps.c +++ b/app/openssl/apps/apps.c @@ -390,6 +390,8 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { arg->count=20; arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); + if (arg->data == NULL) + return 0; } for (i=0; icount; i++) arg->data[i]=NULL; @@ -1542,6 +1544,8 @@ char *make_config_name() len=strlen(t)+strlen(OPENSSL_CONF)+2; p=OPENSSL_malloc(len); + if (p == NULL) + return NULL; BUF_strlcpy(p,t,len); #ifndef OPENSSL_SYS_VMS BUF_strlcat(p,"/",len); diff --git a/app/openssl/apps/ca.c b/app/openssl/apps/ca.c index 1cf50e00..9c25026a 100644 --- a/app/openssl/apps/ca.c +++ b/app/openssl/apps/ca.c @@ -1620,12 +1620,14 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, { ok=0; BIO_printf(bio_err,"Signature verification problems....\n"); + ERR_print_errors(bio_err); goto err; } if (i == 0) { ok=0; BIO_printf(bio_err,"Signature did not match the certificate request\n"); + ERR_print_errors(bio_err); goto err; } else @@ -2777,6 +2779,9 @@ char *make_revocation_str(int rev_type, char *rev_arg) revtm = X509_gmtime_adj(NULL, 0); + if (!revtm) + return NULL; + i = revtm->length + 1; if (reason) i += strlen(reason) + 1; diff --git a/app/openssl/apps/ciphers.c b/app/openssl/apps/ciphers.c index 5f2b7397..93dce1c4 100644 --- a/app/openssl/apps/ciphers.c +++ b/app/openssl/apps/ciphers.c @@ -96,13 +96,7 @@ int MAIN(int argc, char **argv) char buf[512]; BIO *STDout=NULL; -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); -#elif !defined(OPENSSL_NO_SSL3) - meth=SSLv3_server_method(); -#elif !defined(OPENSSL_NO_SSL2) - meth=SSLv2_server_method(); -#endif apps_startup(); diff --git a/app/openssl/apps/crl2p7.c b/app/openssl/apps/crl2p7.c index bbc83774..42c6886b 100644 --- a/app/openssl/apps/crl2p7.c +++ b/app/openssl/apps/crl2p7.c @@ -141,7 +141,13 @@ int MAIN(int argc, char **argv) { if (--argc < 1) goto bad; if(!certflst) certflst = sk_OPENSSL_STRING_new_null(); - sk_OPENSSL_STRING_push(certflst,*(++argv)); + if (!certflst) + goto end; + if (!sk_OPENSSL_STRING_push(certflst,*(++argv))) + { + sk_OPENSSL_STRING_free(certflst); + goto end; + } } else { diff --git a/app/openssl/apps/enc.c b/app/openssl/apps/enc.c index 19ea3df9..c8cb0212 100644 --- a/app/openssl/apps/enc.c +++ b/app/openssl/apps/enc.c @@ -67,7 +67,9 @@ #include #include #include +#ifndef OPENSSL_NO_COMP #include +#endif #include int set_hex(char *in,unsigned char *out,int size); @@ -337,6 +339,12 @@ bad: goto end; } + if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) + { + BIO_printf(bio_err, "Ciphers in XTS mode are not supported by the enc utility\n"); + goto end; + } + if (md && (dgst=EVP_get_digestbyname(md)) == NULL) { BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); diff --git a/app/openssl/apps/md4.c b/app/openssl/apps/md4.c deleted file mode 120000 index 7f457b2a..00000000 --- a/app/openssl/apps/md4.c +++ /dev/null @@ -1 +0,0 @@ -../crypto/md4/md4.c \ No newline at end of file diff --git a/app/openssl/apps/md4.c b/app/openssl/apps/md4.c new file mode 100644 index 00000000..141415ad --- /dev/null +++ b/app/openssl/apps/md4.c @@ -0,0 +1,127 @@ +/* crypto/md4/md4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include + +#define BUFSIZE 1024*16 + +void do_fp(FILE *f); +void pt(unsigned char *md); +#if !defined(_OSD_POSIX) && !defined(__DJGPP__) +int read(int, void *, unsigned int); +#endif + +int main(int argc, char **argv) + { + int i,err=0; + FILE *IN; + + if (argc == 1) + { + do_fp(stdin); + } + else + { + for (i=1; i HTTP/1.0' with file ./\n"); BIO_printf(bio_err," -HTTP - Respond to a 'GET / HTTP/1.0' with file ./\n"); @@ -562,6 +564,10 @@ static void sv_usage(void) #endif BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); + BIO_printf(bio_err," -status - respond to certificate status requests\n"); + BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); + BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); + BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); } static int local_argc=0; @@ -739,7 +745,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) if (servername) { - if (strcmp(servername,p->servername)) + if (strcasecmp(servername,p->servername)) return p->extension_error; if (ctx2) { @@ -1356,6 +1362,14 @@ bad: sv_usage(); goto end; } +#ifndef OPENSSL_NO_DTLS1 + if (www && socket_type == SOCK_DGRAM) + { + BIO_printf(bio_err, + "Can't use -HTTP, -www or -WWW with DTLS\n"); + goto end; + } +#endif #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) diff --git a/app/openssl/build-config-32.mk b/app/openssl/build-config-32.mk index d035f1e4..9f1380b9 100644 --- a/app/openssl/build-config-32.mk +++ b/app/openssl/build-config-32.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_32 := \ -DOPENSSL_THREADS \ @@ -31,6 +31,7 @@ openssl_cflags_32 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_32 := \ @@ -60,5 +61,6 @@ openssl_cflags_static_32 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/build-config-64.mk b/app/openssl/build-config-64.mk index 45a8141d..2475c2ed 100644 --- a/app/openssl/build-config-64.mk +++ b/app/openssl/build-config-64.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_64 := \ -DOPENSSL_THREADS \ @@ -31,6 +31,7 @@ openssl_cflags_64 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_64 := \ @@ -60,5 +61,6 @@ openssl_cflags_static_64 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/build-config-trusty.mk b/app/openssl/build-config-trusty.mk index 4d6fb58c..34574f34 100644 --- a/app/openssl/build-config-trusty.mk +++ b/app/openssl/build-config-trusty.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_trusty := \ -DL_ENDIAN \ @@ -48,6 +48,7 @@ openssl_cflags_trusty := \ -DOPENSSL_NO_TS \ -DOPENSSL_NO_TXT_DB \ -DOPENSSL_NO_UI \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_trusty := \ @@ -96,5 +97,6 @@ openssl_cflags_static_trusty := \ -DOPENSSL_NO_TS \ -DOPENSSL_NO_TXT_DB \ -DOPENSSL_NO_UI \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/crypto/LPdir_win.c b/app/openssl/crypto/LPdir_win.c index 702dbc73..d5b5e2c9 100644 --- a/app/openssl/crypto/LPdir_win.c +++ b/app/openssl/crypto/LPdir_win.c @@ -1,4 +1,3 @@ -/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */ /* * Copyright (c) 2004, Richard Levitte * All rights reserved. @@ -63,6 +62,16 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) errno = 0; if (*ctx == NULL) { + const char *extdir = directory; + char *extdirbuf = NULL; + size_t dirlen = strlen (directory); + + if (dirlen == 0) + { + errno = ENOENT; + return 0; + } + *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX)); if (*ctx == NULL) { @@ -71,15 +80,35 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) } memset(*ctx, '\0', sizeof(LP_DIR_CTX)); + if (directory[dirlen-1] != '*') + { + extdirbuf = (char *)malloc(dirlen + 3); + if (extdirbuf == NULL) + { + free(*ctx); + *ctx = NULL; + errno = ENOMEM; + return 0; + } + if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\') + extdir = strcat(strcpy (extdirbuf,directory),"/*"); + else + extdir = strcat(strcpy (extdirbuf,directory),"*"); + } + if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = NULL; /* len_0 denotes string length *with* trailing 0 */ - size_t index = 0,len_0 = strlen(directory) + 1; + size_t index = 0,len_0 = strlen(extdir) + 1; - wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR)); + wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR)); if (wdir == NULL) { + if (extdirbuf != NULL) + { + free (extdirbuf); + } free(*ctx); *ctx = NULL; errno = ENOMEM; @@ -87,17 +116,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) } #ifdef LP_MULTIBYTE_AVAILABLE - if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0)) + if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0)) #endif for (index = 0; index < len_0; index++) - wdir[index] = (TCHAR)directory[index]; + wdir[index] = (TCHAR)extdir[index]; (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx); free(wdir); } else - (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx); + { + (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx); + } + if (extdirbuf != NULL) + { + free (extdirbuf); + } if ((*ctx)->handle == INVALID_HANDLE_VALUE) { @@ -114,7 +149,6 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) return 0; } } - if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = (*ctx)->ctx.cFileName; diff --git a/app/openssl/crypto/aes/asm/aesni-x86_64.pl b/app/openssl/crypto/aes/asm/aesni-x86_64.pl index 0dbb194b..c9270dfd 100644 --- a/app/openssl/crypto/aes/asm/aesni-x86_64.pl +++ b/app/openssl/crypto/aes/asm/aesni-x86_64.pl @@ -525,6 +525,16 @@ $code.=<<___; .type aesni_ecb_encrypt,\@function,5 .align 16 aesni_ecb_encrypt: +___ +$code.=<<___ if ($win64); + lea -0x58(%rsp),%rsp + movaps %xmm6,(%rsp) + movaps %xmm7,0x10(%rsp) + movaps %xmm8,0x20(%rsp) + movaps %xmm9,0x30(%rsp) +.Lecb_enc_body: +___ +$code.=<<___; and \$-16,$len jz .Lecb_ret @@ -805,6 +815,16 @@ $code.=<<___; movups $inout5,0x50($out) .Lecb_ret: +___ +$code.=<<___ if ($win64); + movaps (%rsp),%xmm6 + movaps 0x10(%rsp),%xmm7 + movaps 0x20(%rsp),%xmm8 + movaps 0x30(%rsp),%xmm9 + lea 0x58(%rsp),%rsp +.Lecb_enc_ret: +___ +$code.=<<___; ret .size aesni_ecb_encrypt,.-aesni_ecb_encrypt ___ @@ -2730,28 +2750,9 @@ $code.=<<___; .extern __imp_RtlVirtualUnwind ___ $code.=<<___ if ($PREFIX eq "aesni"); -.type ecb_se_handler,\@abi-omnipotent -.align 16 -ecb_se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 152($context),%rax # pull context->Rsp - - jmp .Lcommon_seh_tail -.size ecb_se_handler,.-ecb_se_handler - -.type ccm64_se_handler,\@abi-omnipotent +.type ecb_ccm64_se_handler,\@abi-omnipotent .align 16 -ccm64_se_handler: +ecb_ccm64_se_handler: push %rsi push %rdi push %rbx @@ -2788,7 +2789,7 @@ ccm64_se_handler: lea 0x58(%rax),%rax # adjust stack pointer jmp .Lcommon_seh_tail -.size ccm64_se_handler,.-ccm64_se_handler +.size ecb_ccm64_se_handler,.-ecb_ccm64_se_handler .type ctr32_se_handler,\@abi-omnipotent .align 16 @@ -2993,14 +2994,15 @@ ___ $code.=<<___ if ($PREFIX eq "aesni"); .LSEH_info_ecb: .byte 9,0,0,0 - .rva ecb_se_handler + .rva ecb_ccm64_se_handler + .rva .Lecb_enc_body,.Lecb_enc_ret # HandlerData[] .LSEH_info_ccm64_enc: .byte 9,0,0,0 - .rva ccm64_se_handler + .rva ecb_ccm64_se_handler .rva .Lccm64_enc_body,.Lccm64_enc_ret # HandlerData[] .LSEH_info_ccm64_dec: .byte 9,0,0,0 - .rva ccm64_se_handler + .rva ecb_ccm64_se_handler .rva .Lccm64_dec_body,.Lccm64_dec_ret # HandlerData[] .LSEH_info_ctr32: .byte 9,0,0,0 diff --git a/app/openssl/crypto/asn1/a_object.c b/app/openssl/crypto/asn1/a_object.c index 3978c915..77b27689 100644 --- a/app/openssl/crypto/asn1/a_object.c +++ b/app/openssl/crypto/asn1/a_object.c @@ -283,17 +283,29 @@ err: ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); return(NULL); } + ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { ASN1_OBJECT *ret=NULL; const unsigned char *p; unsigned char *data; - int i; - /* Sanity check OID encoding: can't have leading 0x80 in - * subidentifiers, see: X.690 8.19.2 + int i, length; + + /* Sanity check OID encoding. + * Need at least one content octet. + * MSB must be clear in the last octet. + * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2 */ - for (i = 0, p = *pp; i < len; i++, p++) + if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || + p[len - 1] & 0x80) + { + ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); + return NULL; + } + /* Now 0 < len <= INT_MAX, so the cast is safe. */ + length = (int)len; + for (i = 0; i < length; i++, p++) { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { @@ -316,23 +328,23 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, data = (unsigned char *)ret->data; ret->data = NULL; /* once detached we can change it */ - if ((data == NULL) || (ret->length < len)) + if ((data == NULL) || (ret->length < length)) { ret->length=0; if (data != NULL) OPENSSL_free(data); - data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); + data=(unsigned char *)OPENSSL_malloc(length); if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; } - memcpy(data,p,(int)len); + memcpy(data,p,length); /* reattach data to object, after which it remains const */ ret->data =data; - ret->length=(int)len; + ret->length=length; ret->sn=NULL; ret->ln=NULL; /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ - p+=len; + p+=length; if (a != NULL) (*a)=ret; *pp=p; diff --git a/app/openssl/crypto/asn1/a_strex.c b/app/openssl/crypto/asn1/a_strex.c index ead37ac3..8fb4193b 100644 --- a/app/openssl/crypto/asn1/a_strex.c +++ b/app/openssl/crypto/asn1/a_strex.c @@ -568,6 +568,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) mbflag |= MBSTRING_FLAG; stmp.data = NULL; stmp.length = 0; + stmp.flags = 0; ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); if(ret < 0) return ret; *out = stmp.data; diff --git a/app/openssl/crypto/asn1/a_utctm.c b/app/openssl/crypto/asn1/a_utctm.c index 072e2365..bbdc9b32 100644 --- a/app/openssl/crypto/asn1/a_utctm.c +++ b/app/openssl/crypto/asn1/a_utctm.c @@ -196,24 +196,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, struct tm *ts; struct tm data; size_t len = 20; + int free_s = 0; if (s == NULL) + { + free_s = 1; s=M_ASN1_UTCTIME_new(); + } if (s == NULL) - return(NULL); + goto err; + ts=OPENSSL_gmtime(&t, &data); if (ts == NULL) - return(NULL); + goto err; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) - return NULL; + goto err; } if((ts->tm_year < 50) || (ts->tm_year >= 150)) - return NULL; + goto err; p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) @@ -222,7 +227,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, if (p == NULL) { ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); - return(NULL); + goto err; } if (s->data != NULL) OPENSSL_free(s->data); @@ -237,6 +242,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, ebcdic2ascii(s->data, s->data, s->length); #endif return(s); + err: + if (free_s && s) + M_ASN1_UTCTIME_free(s); + return NULL; } @@ -261,6 +270,11 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) t -= offset*60; /* FIXME: may overflow in extreme cases */ tm = OPENSSL_gmtime(&t, &data); + /* NB: -1, 0, 1 already valid return values so use -2 to + * indicate error. + */ + if (tm == NULL) + return -2; #define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 year = g2(s->data); diff --git a/app/openssl/crypto/asn1/ameth_lib.c b/app/openssl/crypto/asn1/ameth_lib.c index a19e058f..ef153d46 100644 --- a/app/openssl/crypto/asn1/ameth_lib.c +++ b/app/openssl/crypto/asn1/ameth_lib.c @@ -258,7 +258,12 @@ int EVP_PKEY_asn1_add_alias(int to, int from) if (!ameth) return 0; ameth->pkey_base_id = to; - return EVP_PKEY_asn1_add0(ameth); + if (!EVP_PKEY_asn1_add0(ameth)) + { + EVP_PKEY_asn1_free(ameth); + return 0; + } + return 1; } int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, diff --git a/app/openssl/crypto/asn1/asn1_lib.c b/app/openssl/crypto/asn1/asn1_lib.c index 1bcb44ae..fa04b08e 100644 --- a/app/openssl/crypto/asn1/asn1_lib.c +++ b/app/openssl/crypto/asn1/asn1_lib.c @@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pclass=xclass; if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; + if (inf && !(ret & V_ASN1_CONSTRUCTED)) + goto err; + #if 0 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), diff --git a/app/openssl/crypto/asn1/asn_mime.c b/app/openssl/crypto/asn1/asn_mime.c index 54a704a9..13d003bc 100644 --- a/app/openssl/crypto/asn1/asn_mime.c +++ b/app/openssl/crypto/asn1/asn_mime.c @@ -667,6 +667,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); + if (!headers) + return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; diff --git a/app/openssl/crypto/asn1/asn_pack.c b/app/openssl/crypto/asn1/asn_pack.c index ad738217..00dbf5ad 100644 --- a/app/openssl/crypto/asn1/asn_pack.c +++ b/app/openssl/crypto/asn1/asn_pack.c @@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) if (!(octmp->length = i2d(obj, NULL))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } octmp->data = p; i2d (obj, &p); return octmp; + err: + if (!oct || !*oct) + { + ASN1_STRING_free(octmp); + if (oct) + *oct = NULL; + } + return NULL; } #endif diff --git a/app/openssl/crypto/asn1/bio_asn1.c b/app/openssl/crypto/asn1/bio_asn1.c index dc7efd55..bca4eebf 100644 --- a/app/openssl/crypto/asn1/bio_asn1.c +++ b/app/openssl/crypto/asn1/bio_asn1.c @@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b) if (!ctx) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) + { + OPENSSL_free(ctx); return 0; + } b->init = 1; b->ptr = (char *)ctx; b->flags = 0; diff --git a/app/openssl/crypto/asn1/charmap.pl b/app/openssl/crypto/asn1/charmap.pl index 2875c598..25ebf2c2 100644 --- a/app/openssl/crypto/asn1/charmap.pl +++ b/app/openssl/crypto/asn1/charmap.pl @@ -1,5 +1,8 @@ #!/usr/local/bin/perl -w +# Written by Dr Stephen N Henson (steve@openssl.org). +# Licensed under the terms of the OpenSSL license. + use strict; my ($i, @arr); diff --git a/app/openssl/crypto/asn1/evp_asn1.c b/app/openssl/crypto/asn1/evp_asn1.c index f3d98048..1b944597 100644 --- a/app/openssl/crypto/asn1/evp_asn1.c +++ b/app/openssl/crypto/asn1/evp_asn1.c @@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) ASN1_STRING *os; if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); + if (!M_ASN1_OCTET_STRING_set(os,data,len)) + { + M_ASN1_OCTET_STRING_free(os); + return 0; + } ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); return(1); } diff --git a/app/openssl/crypto/asn1/t_x509.c b/app/openssl/crypto/asn1/t_x509.c index edbb39a0..8e961f5e 100644 --- a/app/openssl/crypto/asn1/t_x509.c +++ b/app/openssl/crypto/asn1/t_x509.c @@ -475,6 +475,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) l=80-2-obase; b=X509_NAME_oneline(name,NULL,0); + if (!b) + return 0; if (!*b) { OPENSSL_free(b); diff --git a/app/openssl/crypto/asn1/tasn_enc.c b/app/openssl/crypto/asn1/tasn_enc.c index 936ad1f7..1390e5e6 100644 --- a/app/openssl/crypto/asn1/tasn_enc.c +++ b/app/openssl/crypto/asn1/tasn_enc.c @@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (!derlst) + return 0; tmpdat = OPENSSL_malloc(skcontlen); - if (!derlst || !tmpdat) + if (!tmpdat) + { + OPENSSL_free(derlst); return 0; + } } } /* If not sorting just output each item */ diff --git a/app/openssl/crypto/asn1/x_crl.c b/app/openssl/crypto/asn1/x_crl.c index c51c690b..3f03efbe 100644 --- a/app/openssl/crypto/asn1/x_crl.c +++ b/app/openssl/crypto/asn1/x_crl.c @@ -270,6 +270,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, { /* We handle IDP and deltas */ if ((nid == NID_issuing_distribution_point) + || (nid == NID_authority_key_identifier) || (nid == NID_delta_crl)) break;; crl->flags |= EXFLAG_CRITICAL; diff --git a/app/openssl/crypto/bio/bio_lib.c b/app/openssl/crypto/bio/bio_lib.c index 9c9646af..4793a453 100644 --- a/app/openssl/crypto/bio/bio_lib.c +++ b/app/openssl/crypto/bio/bio_lib.c @@ -132,8 +132,8 @@ int BIO_free(BIO *a) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data); - if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); - a->method->destroy(a); + if ((a->method != NULL) && (a->method->destroy != NULL)) + a->method->destroy(a); OPENSSL_free(a); return(1); } diff --git a/app/openssl/crypto/bn/asm/x86_64-gcc.c b/app/openssl/crypto/bn/asm/x86_64-gcc.c index 329946e5..6bcf32f6 100644 --- a/app/openssl/crypto/bn/asm/x86_64-gcc.c +++ b/app/openssl/crypto/bn/asm/x86_64-gcc.c @@ -189,7 +189,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".p2align 4 \n" "1: movq (%4,%2,8),%0 \n" @@ -200,7 +200,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; @@ -212,7 +212,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".p2align 4 \n" "1: movq (%4,%2,8),%0 \n" @@ -223,7 +223,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; diff --git a/app/openssl/crypto/bn/bn_exp.c b/app/openssl/crypto/bn/bn_exp.c index 2abf6fd6..611fa326 100644 --- a/app/openssl/crypto/bn/bn_exp.c +++ b/app/openssl/crypto/bn/bn_exp.c @@ -680,7 +680,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as * 512-bit RSA is hardly relevant, we omit it to spare size... */ - if (window==5) + if (window==5 && top>1) { void bn_mul_mont_gather5(BN_ULONG *rp,const BN_ULONG *ap, const void *table,const BN_ULONG *np, @@ -874,7 +874,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, bits = BN_num_bits(p); if (bits == 0) { - ret = BN_one(rr); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) + { + ret = 1; + BN_zero(rr); + } + else + ret = BN_one(rr); return ret; } if (a == 0) diff --git a/app/openssl/crypto/bn/bn_lib.c b/app/openssl/crypto/bn/bn_lib.c index 5461e6ee..d5a211e2 100644 --- a/app/openssl/crypto/bn/bn_lib.c +++ b/app/openssl/crypto/bn/bn_lib.c @@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); return(NULL); } +#ifdef PURIFY + /* Valgrind complains in BN_consttime_swap because we process the whole + * array even if it's not initialised yet. This doesn't matter in that + * function - what's important is constant time operation (we're not + * actually going to use the data) + */ + memset(a, 0, sizeof(BN_ULONG)*words); +#endif + #if 1 B=b->d; /* Check if the previous number needs to be copied */ diff --git a/app/openssl/crypto/bn/bn_nist.c b/app/openssl/crypto/bn/bn_nist.c index e22968d4..abb15708 100644 --- a/app/openssl/crypto/bn/bn_nist.c +++ b/app/openssl/crypto/bn/bn_nist.c @@ -1088,9 +1088,9 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, /* ... and right shift */ for (val=t_d[0],i=0; i>BN_NIST_521_RSHIFT; - val = t_d[i+1]; - t_d[i] = (tmp | val<>BN_NIST_521_RSHIFT | + (tmp=t_d[i+1])<>BN_NIST_521_RSHIFT; /* lower 521 bits */ diff --git a/app/openssl/crypto/bn/bn_sqr.c b/app/openssl/crypto/bn/bn_sqr.c index 270d0cd3..65bbf165 100644 --- a/app/openssl/crypto/bn/bn_sqr.c +++ b/app/openssl/crypto/bn/bn_sqr.c @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; + r->neg = 0; return 1; } diff --git a/app/openssl/crypto/bn/exptest.c b/app/openssl/crypto/bn/exptest.c index 074a8e88..5fa02a12 100644 --- a/app/openssl/crypto/bn/exptest.c +++ b/app/openssl/crypto/bn/exptest.c @@ -71,6 +71,43 @@ static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +/* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ +static int test_exp_mod_zero() { + BIGNUM a, p, m; + BIGNUM r; + BN_CTX *ctx = BN_CTX_new(); + int ret = 1; + + BN_init(&m); + BN_one(&m); + + BN_init(&a); + BN_one(&a); + + BN_init(&p); + BN_zero(&p); + + BN_init(&r); + BN_mod_exp(&r, &a, &p, &m, ctx); + BN_CTX_free(ctx); + + if (BN_is_zero(&r)) + ret = 0; + else + { + printf("1**0 mod 1 = "); + BN_print_fp(stdout, &r); + printf(", should be 0\n"); + } + + BN_free(&r); + BN_free(&a); + BN_free(&p); + BN_free(&m); + + return ret; +} + int main(int argc, char *argv[]) { BN_CTX *ctx; @@ -190,7 +227,13 @@ int main(int argc, char *argv[]) ERR_remove_thread_state(NULL); CRYPTO_mem_leaks(out); BIO_free(out); - printf(" done\n"); + printf("\n"); + + if (test_exp_mod_zero() != 0) + goto err; + + printf("done\n"); + EXIT(0); err: ERR_load_crypto_strings(); diff --git a/app/openssl/crypto/cms/cms_pwri.c b/app/openssl/crypto/cms/cms_pwri.c index b79612a1..71f2ddb4 100644 --- a/app/openssl/crypto/cms/cms_pwri.c +++ b/app/openssl/crypto/cms/cms_pwri.c @@ -93,9 +93,10 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, X509_ALGOR *encalg = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; int ivlen; + env = cms_get0_enveloped(cms); if (!env) - goto err; + return NULL; if (wrap_nid <= 0) wrap_nid = NID_id_alg_PWRI_KEK; diff --git a/app/openssl/crypto/conf/conf_def.c b/app/openssl/crypto/conf/conf_def.c index cf951320..f0b27687 100644 --- a/app/openssl/crypto/conf/conf_def.c +++ b/app/openssl/crypto/conf/conf_def.c @@ -321,7 +321,7 @@ again: p=eat_ws(conf, end); if (*p != ']') { - if (*p != '\0') + if (*p != '\0' && ss != p) { ss=p; goto again; diff --git a/app/openssl/crypto/constant_time_locl.h b/app/openssl/crypto/constant_time_locl.h new file mode 100644 index 00000000..c0483939 --- /dev/null +++ b/app/openssl/crypto/constant_time_locl.h @@ -0,0 +1,216 @@ +/* crypto/constant_time_locl.h */ +/* + * Utilities for constant-time cryptography. + * + * Author: Emilia Kasper (emilia@openssl.org) + * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley + * (Google). + * ==================================================================== + * Copyright (c) 2014 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CONSTANT_TIME_LOCL_H +#define HEADER_CONSTANT_TIME_LOCL_H + +#include "e_os.h" /* For 'inline' */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * The boolean methods return a bitmask of all ones (0xff...f) for true + * and 0 for false. This is useful for choosing a value based on the result + * of a conditional in constant time. For example, + * + * if (a < b) { + * c = a; + * } else { + * c = b; + * } + * + * can be written as + * + * unsigned int lt = constant_time_lt(a, b); + * c = constant_time_select(lt, a, b); + */ + +/* + * Returns the given value with the MSB copied to all the other + * bits. Uses the fact that arithmetic shift shifts-in the sign bit. + * However, this is not ensured by the C standard so you may need to + * replace this with something else on odd CPUs. + */ +static inline unsigned int constant_time_msb(unsigned int a); + +/* + * Returns 0xff..f if a < b and 0 otherwise. + */ +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a >= b and 0 otherwise. + */ +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a == 0 and 0 otherwise. + */ +static inline unsigned int constant_time_is_zero(unsigned int a); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_is_zero_8(unsigned int a); + + +/* + * Returns 0xff..f if a == b and 0 otherwise. + */ +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b); +/* Signed integers. */ +static inline unsigned int constant_time_eq_int(int a, int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_int_8(int a, int b); + + +/* + * Returns (mask & a) | (~mask & b). + * + * When |mask| is all 1s or all 0s (as returned by the methods above), + * the select methods return either |a| (if |mask| is nonzero) or |b| + * (if |mask| is zero). + */ +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b); +/* Convenience method for unsigned chars. */ +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b); +/* Convenience method for signed integers. */ +static inline int constant_time_select_int(unsigned int mask, int a, int b); + +static inline unsigned int constant_time_msb(unsigned int a) + { + return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1)); + } + +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) + { + unsigned int lt; + /* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/ + lt = ~(a ^ b) & (a - b); + /* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */ + lt |= ~a & b; + return constant_time_msb(lt); + } + +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_lt(a, b)); + } + +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) + { + unsigned int ge; + /* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/ + ge = ~((a ^ b) | (a - b)); + /* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */ + ge |= a & ~b; + return constant_time_msb(ge); + } + +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_ge(a, b)); + } + +static inline unsigned int constant_time_is_zero(unsigned int a) + { + return constant_time_msb(~a & (a - 1)); + } + +static inline unsigned char constant_time_is_zero_8(unsigned int a) + { + return (unsigned char)(constant_time_is_zero(a)); + } + +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) + { + return constant_time_is_zero(a ^ b); + } + +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_eq(a, b)); + } + +static inline unsigned int constant_time_eq_int(int a, int b) + { + return constant_time_eq((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned char constant_time_eq_int_8(int a, int b) + { + return constant_time_eq_8((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b) + { + return (mask & a) | (~mask & b); + } + +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b) + { + return (unsigned char)(constant_time_select(mask, a, b)); + } + +inline int constant_time_select_int(unsigned int mask, int a, int b) + { + return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); + } + +#ifdef __cplusplus +} +#endif + +#endif /* HEADER_CONSTANT_TIME_LOCL_H */ diff --git a/app/openssl/crypto/dsa/dsa_ameth.c b/app/openssl/crypto/dsa/dsa_ameth.c index 376156ec..5af76ead 100644 --- a/app/openssl/crypto/dsa/dsa_ameth.c +++ b/app/openssl/crypto/dsa/dsa_ameth.c @@ -307,6 +307,12 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) unsigned char *dp = NULL; int dplen; + if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) + { + DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_MISSING_PARAMETERS); + goto err; + } + params = ASN1_STRING_new(); if (!params) @@ -701,4 +707,3 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = old_dsa_priv_encode } }; - diff --git a/app/openssl/crypto/ebcdic.h b/app/openssl/crypto/ebcdic.h index 6d65afcf..85f3cf7f 100644 --- a/app/openssl/crypto/ebcdic.h +++ b/app/openssl/crypto/ebcdic.h @@ -5,6 +5,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + /* Avoid name clashes with other applications */ #define os_toascii _openssl_os_toascii #define os_toebcdic _openssl_os_toebcdic @@ -16,4 +20,7 @@ extern const unsigned char os_toebcdic[256]; void *ebcdic2ascii(void *dest, const void *srce, size_t count); void *ascii2ebcdic(void *dest, const void *srce, size_t count); +#ifdef __cplusplus +} +#endif #endif diff --git a/app/openssl/crypto/ec/ec.h b/app/openssl/crypto/ec/ec.h index d008a0da..b6e745b8 100644 --- a/app/openssl/crypto/ec/ec.h +++ b/app/openssl/crypto/ec/ec.h @@ -629,7 +629,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx); -/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] +/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i] * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) diff --git a/app/openssl/crypto/ec/ec2_smpl.c b/app/openssl/crypto/ec/ec2_smpl.c index e0e59c7d..62223cbb 100644 --- a/app/openssl/crypto/ec/ec2_smpl.c +++ b/app/openssl/crypto/ec/ec2_smpl.c @@ -80,9 +80,6 @@ const EC_METHOD *EC_GF2m_simple_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gf2m_simple_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_characteristic_two_field, @@ -125,8 +122,12 @@ const EC_METHOD *EC_GF2m_simple_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gf2m_simple_method(); #endif + + return &ret; } diff --git a/app/openssl/crypto/ec/ec_ameth.c b/app/openssl/crypto/ec/ec_ameth.c index f715a238..11283769 100644 --- a/app/openssl/crypto/ec/ec_ameth.c +++ b/app/openssl/crypto/ec/ec_ameth.c @@ -453,14 +453,16 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) if (ktype > 0) { public_key = EC_KEY_get0_public_key(x); - if ((pub_key = EC_POINT_point2bn(group, public_key, - EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) + if (public_key != NULL) { - reason = ERR_R_EC_LIB; - goto err; - } - if (pub_key) + if ((pub_key = EC_POINT_point2bn(group, public_key, + EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) + { + reason = ERR_R_EC_LIB; + goto err; + } buf_len = (size_t)BN_num_bytes(pub_key); + } } if (ktype == 2) diff --git a/app/openssl/crypto/ec/ec_asn1.c b/app/openssl/crypto/ec/ec_asn1.c index e94f34e1..52d31c2f 100644 --- a/app/openssl/crypto/ec/ec_asn1.c +++ b/app/openssl/crypto/ec/ec_asn1.c @@ -1183,29 +1183,46 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) goto err; } + if (ret->pub_key) + EC_POINT_clear_free(ret->pub_key); + ret->pub_key = EC_POINT_new(ret->group); + if (ret->pub_key == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + if (priv_key->publicKey) { const unsigned char *pub_oct; - size_t pub_oct_len; + int pub_oct_len; - if (ret->pub_key) - EC_POINT_clear_free(ret->pub_key); - ret->pub_key = EC_POINT_new(ret->group); - if (ret->pub_key == NULL) + pub_oct = M_ASN1_STRING_data(priv_key->publicKey); + pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); + /* The first byte - point conversion form - must be present. */ + if (pub_oct_len <= 0) { - ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL); goto err; } - pub_oct = M_ASN1_STRING_data(priv_key->publicKey); - pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); - /* save the point conversion form */ + /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, - pub_oct, pub_oct_len, NULL)) + pub_oct, (size_t)(pub_oct_len), NULL)) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + } + else + { + if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); goto err; } + /* Remember the original private-key-only encoding. */ + ret->enc_flag |= EC_PKEY_NO_PUBKEY; } ok = 1; @@ -1230,7 +1247,8 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) size_t buf_len=0, tmp_len; EC_PRIVATEKEY *priv_key=NULL; - if (a == NULL || a->group == NULL || a->priv_key == NULL) + if (a == NULL || a->group == NULL || a->priv_key == NULL || + (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) { ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); diff --git a/app/openssl/crypto/ec/ec_lib.c b/app/openssl/crypto/ec/ec_lib.c index de9a0cc2..e2c4741b 100644 --- a/app/openssl/crypto/ec/ec_lib.c +++ b/app/openssl/crypto/ec/ec_lib.c @@ -942,7 +942,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX * int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { - if (group->meth->dbl == 0) + if (group->meth->invert == 0) { ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; diff --git a/app/openssl/crypto/ec/ecp_mont.c b/app/openssl/crypto/ec/ecp_mont.c index f04f132c..3c5ec196 100644 --- a/app/openssl/crypto/ec/ecp_mont.c +++ b/app/openssl/crypto/ec/ecp_mont.c @@ -72,9 +72,6 @@ const EC_METHOD *EC_GFp_mont_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_mont_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -114,8 +111,12 @@ const EC_METHOD *EC_GFp_mont_method(void) ec_GFp_mont_field_decode, ec_GFp_mont_field_set_to_one }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_mont_method(); #endif + + return &ret; } diff --git a/app/openssl/crypto/ec/ecp_nist.c b/app/openssl/crypto/ec/ecp_nist.c index aad2d5f4..db3b99e0 100644 --- a/app/openssl/crypto/ec/ecp_nist.c +++ b/app/openssl/crypto/ec/ecp_nist.c @@ -73,9 +73,6 @@ const EC_METHOD *EC_GFp_nist_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_nist_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -115,8 +112,12 @@ const EC_METHOD *EC_GFp_nist_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_nist_method(); #endif + + return &ret; } int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) diff --git a/app/openssl/crypto/ec/ecp_smpl.c b/app/openssl/crypto/ec/ecp_smpl.c index 7cbb321f..2d1f3576 100644 --- a/app/openssl/crypto/ec/ecp_smpl.c +++ b/app/openssl/crypto/ec/ecp_smpl.c @@ -73,9 +73,6 @@ const EC_METHOD *EC_GFp_simple_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_simple_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -115,8 +112,12 @@ const EC_METHOD *EC_GFp_simple_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_simple_method(); #endif + + return &ret; } @@ -1181,9 +1182,8 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ct int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - BIGNUM *tmp0, *tmp1; - size_t pow2 = 0; - BIGNUM **heap = NULL; + BIGNUM *tmp, *tmp_Z; + BIGNUM **prod_Z = NULL; size_t i; int ret = 0; @@ -1198,124 +1198,104 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) goto err; + tmp = BN_CTX_get(ctx); + tmp_Z = BN_CTX_get(ctx); + if (tmp == NULL || tmp_Z == NULL) goto err; - /* Before converting the individual points, compute inverses of all Z values. - * Modular inversion is rather slow, but luckily we can do with a single - * explicit inversion, plus about 3 multiplications per input value. - */ + prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]); + if (prod_Z == NULL) goto err; + for (i = 0; i < num; i++) + { + prod_Z[i] = BN_new(); + if (prod_Z[i] == NULL) goto err; + } - pow2 = 1; - while (num > pow2) - pow2 <<= 1; - /* Now pow2 is the smallest power of 2 satifsying pow2 >= num. - * We need twice that. */ - pow2 <<= 1; + /* Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z, + * skipping any zero-valued inputs (pretend that they're 1). */ - heap = OPENSSL_malloc(pow2 * sizeof heap[0]); - if (heap == NULL) goto err; - - /* The array is used as a binary tree, exactly as in heapsort: - * - * heap[1] - * heap[2] heap[3] - * heap[4] heap[5] heap[6] heap[7] - * heap[8]heap[9] heap[10]heap[11] heap[12]heap[13] heap[14] heap[15] - * - * We put the Z's in the last line; - * then we set each other node to the product of its two child-nodes (where - * empty or 0 entries are treated as ones); - * then we invert heap[1]; - * then we invert each other node by replacing it by the product of its - * parent (after inversion) and its sibling (before inversion). - */ - heap[0] = NULL; - for (i = pow2/2 - 1; i > 0; i--) - heap[i] = NULL; - for (i = 0; i < num; i++) - heap[pow2/2 + i] = &points[i]->Z; - for (i = pow2/2 + num; i < pow2; i++) - heap[i] = NULL; - - /* set each node to the product of its children */ - for (i = pow2/2 - 1; i > 0; i--) + if (!BN_is_zero(&points[0]->Z)) { - heap[i] = BN_new(); - if (heap[i] == NULL) goto err; - - if (heap[2*i] != NULL) + if (!BN_copy(prod_Z[0], &points[0]->Z)) goto err; + } + else + { + if (group->meth->field_set_to_one != 0) { - if ((heap[2*i + 1] == NULL) || BN_is_zero(heap[2*i + 1])) - { - if (!BN_copy(heap[i], heap[2*i])) goto err; - } - else - { - if (BN_is_zero(heap[2*i])) - { - if (!BN_copy(heap[i], heap[2*i + 1])) goto err; - } - else - { - if (!group->meth->field_mul(group, heap[i], - heap[2*i], heap[2*i + 1], ctx)) goto err; - } - } + if (!group->meth->field_set_to_one(group, prod_Z[0], ctx)) goto err; + } + else + { + if (!BN_one(prod_Z[0])) goto err; } } - /* invert heap[1] */ - if (!BN_is_zero(heap[1])) + for (i = 1; i < num; i++) { - if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx)) + if (!BN_is_zero(&points[i]->Z)) { - ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); - goto err; + if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], &points[i]->Z, ctx)) goto err; + } + else + { + if (!BN_copy(prod_Z[i], prod_Z[i - 1])) goto err; } } + + /* Now use a single explicit inversion to replace every + * non-zero points[i]->Z by its inverse. */ + + if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) + { + ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); + goto err; + } if (group->meth->field_encode != 0) { - /* in the Montgomery case, we just turned R*H (representing H) + /* In the Montgomery case, we just turned R*H (representing H) * into 1/(R*H), but we need R*(1/H) (representing 1/H); - * i.e. we have need to multiply by the Montgomery factor twice */ - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; + * i.e. we need to multiply by the Montgomery factor twice. */ + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; } - /* set other heap[i]'s to their inverses */ - for (i = 2; i < pow2/2 + num; i += 2) + for (i = num - 1; i > 0; --i) { - /* i is even */ - if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1])) - { - if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err; - if (!BN_copy(heap[i], tmp0)) goto err; - if (!BN_copy(heap[i + 1], tmp1)) goto err; - } - else + /* Loop invariant: tmp is the product of the inverses of + * points[0]->Z .. points[i]->Z (zero-valued inputs skipped). */ + if (!BN_is_zero(&points[i]->Z)) { - if (!BN_copy(heap[i], heap[i/2])) goto err; + /* Set tmp_Z to the inverse of points[i]->Z (as product + * of Z inverses 0 .. i, Z values 0 .. i - 1). */ + if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) goto err; + /* Update tmp to satisfy the loop invariant for i - 1. */ + if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx)) goto err; + /* Replace points[i]->Z by its inverse. */ + if (!BN_copy(&points[i]->Z, tmp_Z)) goto err; } } - /* we have replaced all non-zero Z's by their inverses, now fix up all the points */ + if (!BN_is_zero(&points[0]->Z)) + { + /* Replace points[0]->Z by its inverse. */ + if (!BN_copy(&points[0]->Z, tmp)) goto err; + } + + /* Finally, fix up the X and Y coordinates for all points. */ + for (i = 0; i < num; i++) { EC_POINT *p = points[i]; - + if (!BN_is_zero(&p->Z)) { /* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */ - if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err; + if (!group->meth->field_sqr(group, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx)) goto err; + + if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err; - if (group->meth->field_set_to_one != 0) { if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err; @@ -1329,20 +1309,19 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT } ret = 1; - + err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (heap != NULL) + if (prod_Z != NULL) { - /* heap[pow2/2] .. heap[pow2-1] have not been allocated locally! */ - for (i = pow2/2 - 1; i > 0; i--) + for (i = 0; i < num; i++) { - if (heap[i] != NULL) - BN_clear_free(heap[i]); + if (prod_Z[i] == NULL) break; + BN_clear_free(prod_Z[i]); } - OPENSSL_free(heap); + OPENSSL_free(prod_Z); } return ret; } diff --git a/app/openssl/crypto/ec/ectest.c b/app/openssl/crypto/ec/ectest.c index 102eaa9b..d1bf9805 100644 --- a/app/openssl/crypto/ec/ectest.c +++ b/app/openssl/crypto/ec/ectest.c @@ -199,6 +199,7 @@ static void group_order_tests(EC_GROUP *group) EC_POINT *P = EC_POINT_new(group); EC_POINT *Q = EC_POINT_new(group); BN_CTX *ctx = BN_CTX_new(); + int i; n1 = BN_new(); n2 = BN_new(); order = BN_new(); fprintf(stdout, "verify group order ..."); @@ -212,21 +213,56 @@ static void group_order_tests(EC_GROUP *group) if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); - fprintf(stdout, "long/negative scalar tests ... "); - if (!BN_one(n1)) ABORT; - /* n1 = 1 - order */ - if (!BN_sub(n1, n1, order)) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; - /* n2 = 1 + order */ - if (!BN_add(n2, order, BN_value_one())) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; - /* n2 = (1 - order) * (1 + order) */ - if (!BN_mul(n2, n1, n2, ctx)) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + fprintf(stdout, "long/negative scalar tests "); + for (i = 1; i <= 2; i++) + { + const BIGNUM *scalars[6]; + const EC_POINT *points[6]; + + fprintf(stdout, i == 1 ? + "allowing precomputation ... " : + "without precomputation ... "); + if (!BN_set_word(n1, i)) ABORT; + /* If i == 1, P will be the predefined generator for which + * EC_GROUP_precompute_mult has set up precomputation. */ + if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) ABORT; + + if (!BN_one(n1)) ABORT; + /* n1 = 1 - order */ + if (!BN_sub(n1, n1, order)) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = 1 + order */ + if (!BN_add(n2, order, BN_value_one())) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ + if (!BN_mul(n2, n1, n2, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = order^2 - 1 */ + BN_set_negative(n2, 0); + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + /* Add P to verify the result. */ + if (!EC_POINT_add(group, Q, Q, P, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + + /* Exercise EC_POINTs_mul, including corner cases. */ + if (EC_POINT_is_at_infinity(group, P)) ABORT; + scalars[0] = n1; points[0] = Q; /* => infinity */ + scalars[1] = n2; points[1] = P; /* => -P */ + scalars[2] = n1; points[2] = Q; /* => infinity */ + scalars[3] = n2; points[3] = Q; /* => infinity */ + scalars[4] = n1; points[4] = P; /* => P */ + scalars[5] = n2; points[5] = Q; /* => infinity */ + if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + } fprintf(stdout, "ok\n"); + EC_POINT_free(P); EC_POINT_free(Q); BN_free(n1); diff --git a/app/openssl/crypto/err/openssl.ec b/app/openssl/crypto/err/openssl.ec index e0554b43..bafbc35d 100644 --- a/app/openssl/crypto/err/openssl.ec +++ b/app/openssl/crypto/err/openssl.ec @@ -71,6 +71,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 diff --git a/app/openssl/crypto/evp/e_aes.c b/app/openssl/crypto/evp/e_aes.c index ad0f7a4a..85d5aaa4 100644 --- a/app/openssl/crypto/evp/e_aes.c +++ b/app/openssl/crypto/evp/e_aes.c @@ -166,7 +166,7 @@ extern unsigned int OPENSSL_ia32cap_P[]; #define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) #endif #ifdef BSAES_ASM -#define BSAES_CAPABLE VPAES_CAPABLE +#define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) #endif /* * AES-NI section @@ -873,6 +873,28 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) /* Extra padding: tag appended to record */ return EVP_GCM_TLS_TAG_LEN; + case EVP_CTRL_COPY: + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_GCM_CTX *gctx_out = out->cipher_data; + if (gctx->gcm.key) + { + if (gctx->gcm.key != &gctx->ks) + return 0; + gctx_out->gcm.key = &gctx_out->ks; + } + if (gctx->iv == c->iv) + gctx_out->iv = out->iv; + else + { + gctx_out->iv = OPENSSL_malloc(gctx->ivlen); + if (!gctx_out->iv) + return 0; + memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); + } + return 1; + } + default: return -1; @@ -1112,7 +1134,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT) + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes,128,1,12,gcm,GCM, EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS) @@ -1124,7 +1147,25 @@ BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM, static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_XTS_CTX *xctx = c->cipher_data; - if (type != EVP_CTRL_INIT) + if (type == EVP_CTRL_COPY) + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_XTS_CTX *xctx_out = out->cipher_data; + if (xctx->xts.key1) + { + if (xctx->xts.key1 != &xctx->ks1) + return 0; + xctx_out->xts.key1 = &xctx_out->ks1; + } + if (xctx->xts.key2) + { + if (xctx->xts.key2 != &xctx->ks2) + return 0; + xctx_out->xts.key2 = &xctx_out->ks2; + } + return 1; + } + else if (type != EVP_CTRL_INIT) return -1; /* key1 and key2 are used as an indicator both key and IV are set */ xctx->xts.key1 = NULL; @@ -1256,7 +1297,8 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define aes_xts_cleanup NULL #define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT) + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS) BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS) @@ -1306,6 +1348,19 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; return 1; + case EVP_CTRL_COPY: + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_CCM_CTX *cctx_out = out->cipher_data; + if (cctx->ccm.key) + { + if (cctx->ccm.key != &cctx->ks) + return 0; + cctx_out->ccm.key = &cctx_out->ks; + } + return 1; + } + default: return -1; diff --git a/app/openssl/crypto/evp/evp_enc.c b/app/openssl/crypto/evp/evp_enc.c index 0c54f05e..7b1842a5 100644 --- a/app/openssl/crypto/evp/evp_enc.c +++ b/app/openssl/crypto/evp/evp_enc.c @@ -67,6 +67,7 @@ #ifdef OPENSSL_FIPS #include #endif +#include "constant_time_locl.h" #include "evp_locl.h" #ifdef OPENSSL_FIPS @@ -500,21 +501,21 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { - int i,n; - unsigned int b; + unsigned int i, b; + unsigned char pad, padding_good; *outl=0; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - i = M_do_cipher(ctx, out, NULL, 0); - if (i < 0) + int ret = M_do_cipher(ctx, out, NULL, 0); + if (ret < 0) return 0; else - *outl = i; + *outl = ret; return 1; } - b=ctx->cipher->block_size; + b=(unsigned int)(ctx->cipher->block_size); if (ctx->flags & EVP_CIPH_NO_PADDING) { if(ctx->buf_len) @@ -533,28 +534,34 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return(0); } OPENSSL_assert(b <= sizeof ctx->final); - n=ctx->final[b-1]; - if (n == 0 || n > (int)b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } - for (i=0; ifinal[b-1]; + + padding_good = (unsigned char)(~constant_time_is_zero_8(pad)); + padding_good &= constant_time_ge_8(b, pad); + + for (i = 1; i < b; ++i) { - if (ctx->final[--b] != n) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } + unsigned char is_pad_index = constant_time_lt_8(i, pad); + unsigned char pad_byte_good = constant_time_eq_8(ctx->final[b-i-1], pad); + padding_good &= constant_time_select_8(is_pad_index, pad_byte_good, 0xff); } - n=ctx->cipher->block_size-n; - for (i=0; ifinal[i]; - *outl=n; + + /* + * At least 1 byte is always padding, so we always write b - 1 + * bytes to avoid a timing leak. The caller is required to have |b| + * bytes space in |out| by the API contract. + */ + for (i = 0; i < b - 1; ++i) + out[i] = ctx->final[i] & padding_good; + /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */ + *outl = padding_good & ((unsigned char)(b - pad)); + return padding_good & 1; } else - *outl=0; - return(1); + { + *outl = 0; + return 1; + } } void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) @@ -678,4 +685,3 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); return 1; } - diff --git a/app/openssl/crypto/evp/evp_pbe.c b/app/openssl/crypto/evp/evp_pbe.c index f8c32d82..59696959 100644 --- a/app/openssl/crypto/evp/evp_pbe.c +++ b/app/openssl/crypto/evp/evp_pbe.c @@ -259,7 +259,7 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, { int cipher_nid, md_nid; if (cipher) - cipher_nid = EVP_CIPHER_type(cipher); + cipher_nid = EVP_CIPHER_nid(cipher); else cipher_nid = -1; if (md) diff --git a/app/openssl/crypto/md5/asm/md5-x86_64.pl b/app/openssl/crypto/md5/asm/md5-x86_64.pl index f11224d1..381bf77e 100755 --- a/app/openssl/crypto/md5/asm/md5-x86_64.pl +++ b/app/openssl/crypto/md5/asm/md5-x86_64.pl @@ -108,6 +108,7 @@ sub round4_step EOF } +no warnings qw(uninitialized); my $flavour = shift; my $output = shift; if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } @@ -119,7 +120,6 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate; ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or die "can't locate x86_64-xlate.pl"; -no warnings qw(uninitialized); open OUT,"| \"$^X\" $xlate $flavour $output"; *STDOUT=*OUT; diff --git a/app/openssl/crypto/objects/obj_dat.c b/app/openssl/crypto/objects/obj_dat.c index 8a342ba3..0b2f4424 100644 --- a/app/openssl/crypto/objects/obj_dat.c +++ b/app/openssl/crypto/objects/obj_dat.c @@ -471,11 +471,12 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) const unsigned char *p; char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; - if ((a == NULL) || (a->data == NULL)) { - buf[0]='\0'; - return(0); - } + /* Ensure that, at every state, |buf| is NUL-terminated. */ + if (buf && buf_len > 0) + buf[0] = '\0'; + if ((a == NULL) || (a->data == NULL)) + return(0); if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef) { @@ -554,9 +555,10 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) i=(int)(l/40); l-=(long)(i*40); } - if (buf && (buf_len > 0)) + if (buf && (buf_len > 1)) { *buf++ = i + '0'; + *buf = '\0'; buf_len--; } n++; @@ -571,9 +573,10 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) i = strlen(bndec); if (buf) { - if (buf_len > 0) + if (buf_len > 1) { *buf++ = '.'; + *buf = '\0'; buf_len--; } BUF_strlcpy(buf,bndec,buf_len); @@ -807,4 +810,3 @@ err: OPENSSL_free(buf); return(ok); } - diff --git a/app/openssl/crypto/objects/obj_dat.h b/app/openssl/crypto/objects/obj_dat.h index d404ad07..bc69665b 100644 --- a/app/openssl/crypto/objects/obj_dat.h +++ b/app/openssl/crypto/objects/obj_dat.h @@ -67,1908 +67,1901 @@ #define NUM_LN 913 #define NUM_OBJ 857 -static const unsigned char lvalues[5980]={ -0x00, /* [ 0] OBJ_undef */ -0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */ -0x55, /* [ 83] OBJ_X500 */ -0x55,0x04, /* [ 84] OBJ_X509 */ -0x55,0x04,0x03, /* [ 86] OBJ_commonName */ -0x55,0x04,0x06, /* [ 89] OBJ_countryName */ -0x55,0x04,0x07, /* [ 92] OBJ_localityName */ -0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */ -0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */ -0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */ -0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */ -0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */ -0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */ -0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */ -0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede_ecb */ -0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */ -0x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */ -0x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */ -0x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */ -0x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */ -0x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */ -0x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */ -0x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */ -0x55,0x1D, /* [489] OBJ_id_ce */ -0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */ -0x55,0x1D,0x0F, /* [494] OBJ_key_usage */ -0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */ -0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */ -0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */ -0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */ -0x55,0x1D,0x14, /* [509] OBJ_crl_number */ -0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */ -0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */ -0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */ -0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */ -0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */ -0x55,0x04,0x2A, /* [535] OBJ_givenName */ -0x55,0x04,0x04, /* [538] OBJ_surname */ -0x55,0x04,0x2B, /* [541] OBJ_initials */ -0x55,0x1D,0x1F, /* [544] OBJ_crl_distribution_points */ -0x2B,0x0E,0x03,0x02,0x03, /* [547] OBJ_md5WithRSA */ -0x55,0x04,0x05, /* [552] OBJ_serialNumber */ -0x55,0x04,0x0C, /* [555] OBJ_title */ -0x55,0x04,0x0D, /* [558] OBJ_description */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [579] OBJ_dsaWithSHA1 */ -0x2B,0x0E,0x03,0x02,0x1D, /* [586] OBJ_sha1WithRSA */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [591] OBJ_dsa */ -0x2B,0x24,0x03,0x02,0x01, /* [598] OBJ_ripemd160 */ -0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */ -0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */ -0x55,0x1D,0x25, /* [634] OBJ_ext_key_usage */ -0x2B,0x06,0x01,0x05,0x05,0x07, /* [637] OBJ_id_pkix */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [643] OBJ_id_kp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [650] OBJ_server_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [658] OBJ_client_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */ -0x55,0x1D,0x1B, /* [749] OBJ_delta_crl */ -0x55,0x1D,0x15, /* [752] OBJ_crl_reason */ -0x55,0x1D,0x18, /* [755] OBJ_invalidity_date */ -0x2B,0x65,0x01,0x04,0x01, /* [758] OBJ_sxnet */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [955] OBJ_hmacWithSHA1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [963] OBJ_id_qt_cps */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [971] OBJ_id_qt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */ -0x55,0x04,0x29, /* [1034] OBJ_name */ -0x55,0x04,0x2E, /* [1037] OBJ_dnQualifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1040] OBJ_id_pe */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1047] OBJ_id_ad */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1054] OBJ_info_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1062] OBJ_ad_OCSP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1070] OBJ_ad_ca_issuers */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1078] OBJ_OCSP_sign */ -0x28, /* [1086] OBJ_iso */ -0x2A, /* [1087] OBJ_member_body */ -0x2A,0x86,0x48, /* [1088] OBJ_ISO_US */ -0x2A,0x86,0x48,0xCE,0x38, /* [1091] OBJ_X9_57 */ -0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1096] OBJ_X9cm */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1102] OBJ_pkcs1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1110] OBJ_pkcs5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1868] OBJ_md4 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1876] OBJ_id_pkix_mod */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1883] OBJ_id_qt */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1890] OBJ_id_it */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1897] OBJ_id_pkip */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1904] OBJ_id_alg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1911] OBJ_id_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1918] OBJ_id_on */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1925] OBJ_id_pda */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1932] OBJ_id_aca */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1939] OBJ_id_qcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1946] OBJ_id_cct */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1953] OBJ_id_pkix1_explicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1961] OBJ_id_pkix1_implicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1969] OBJ_id_pkix1_explicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1977] OBJ_id_pkix1_implicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1985] OBJ_id_mod_crmf */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1993] OBJ_id_mod_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [2001] OBJ_id_mod_kea_profile_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2009] OBJ_id_mod_kea_profile_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2017] OBJ_id_mod_cmp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2025] OBJ_id_mod_qualified_cert_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2033] OBJ_id_mod_qualified_cert_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2041] OBJ_id_mod_attribute_cert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2049] OBJ_id_mod_timestamp_protocol */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2057] OBJ_id_mod_ocsp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2065] OBJ_id_mod_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2073] OBJ_id_mod_cmp2000 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2081] OBJ_biometricInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2089] OBJ_qcStatements */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2097] OBJ_ac_auditEntity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2105] OBJ_ac_targeting */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2113] OBJ_aaControls */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2121] OBJ_sbgp_ipAddrBlock */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2201] OBJ_id_it_encKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2209] OBJ_id_it_preferredSymmAlg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2217] OBJ_id_it_caKeyUpdateInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2225] OBJ_id_it_currentCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2233] OBJ_id_it_unsupportedOIDs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2241] OBJ_id_it_subscriptionRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2249] OBJ_id_it_subscriptionResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2257] OBJ_id_it_keyPairParamReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2265] OBJ_id_it_keyPairParamRep */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2273] OBJ_id_it_revPassphrase */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2281] OBJ_id_it_implicitConfirm */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2289] OBJ_id_it_confirmWaitTime */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2297] OBJ_id_it_origPKIMessage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2305] OBJ_id_regCtrl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2313] OBJ_id_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2393] OBJ_id_alg_des40 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2401] OBJ_id_alg_noSignature */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2417] OBJ_id_alg_dh_pop */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2425] OBJ_id_cmc_statusInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2433] OBJ_id_cmc_identification */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2441] OBJ_id_cmc_identityProof */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2449] OBJ_id_cmc_dataReturn */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2457] OBJ_id_cmc_transactionId */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2465] OBJ_id_cmc_senderNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2473] OBJ_id_cmc_recipientNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2481] OBJ_id_cmc_addExtensions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2489] OBJ_id_cmc_encryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2497] OBJ_id_cmc_decryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2505] OBJ_id_cmc_lraPOPWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2513] OBJ_id_cmc_getCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2521] OBJ_id_cmc_getCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2529] OBJ_id_cmc_revokeRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2537] OBJ_id_cmc_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2545] OBJ_id_cmc_responseInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2553] OBJ_id_cmc_queryPending */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2561] OBJ_id_cmc_popLinkRandom */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2569] OBJ_id_cmc_popLinkWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2577] OBJ_id_cmc_confirmCertAcceptance */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2585] OBJ_id_on_personalData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2593] OBJ_id_pda_dateOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2601] OBJ_id_pda_placeOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2609] OBJ_id_pda_gender */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2617] OBJ_id_pda_countryOfCitizenship */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2625] OBJ_id_pda_countryOfResidence */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2633] OBJ_id_aca_authenticationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2641] OBJ_id_aca_accessIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2649] OBJ_id_aca_chargingIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2657] OBJ_id_aca_group */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2665] OBJ_id_aca_role */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2681] OBJ_id_cct_crs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2689] OBJ_id_cct_PKIData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2697] OBJ_id_cct_PKIResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2705] OBJ_ad_timeStamping */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2713] OBJ_ad_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */ -0x2B,0x0E,0x03,0x02, /* [2820] OBJ_algorithm */ -0x2B,0x0E,0x03,0x02,0x0B, /* [2824] OBJ_rsaSignature */ -0x55,0x08, /* [2829] OBJ_X500algorithms */ -0x2B, /* [2831] OBJ_org */ -0x2B,0x06, /* [2832] OBJ_dod */ -0x2B,0x06,0x01, /* [2834] OBJ_iana */ -0x2B,0x06,0x01,0x01, /* [2837] OBJ_Directory */ -0x2B,0x06,0x01,0x02, /* [2841] OBJ_Management */ -0x2B,0x06,0x01,0x03, /* [2845] OBJ_Experimental */ -0x2B,0x06,0x01,0x04, /* [2849] OBJ_Private */ -0x2B,0x06,0x01,0x05, /* [2853] OBJ_Security */ -0x2B,0x06,0x01,0x06, /* [2857] OBJ_SNMPv2 */ -0x2B,0x06,0x01,0x07, /* [2861] OBJ_Mail */ -0x2B,0x06,0x01,0x04,0x01, /* [2865] OBJ_Enterprises */ -0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */ -0x00, /* [2899] OBJ_joint_iso_ccitt */ -0x55,0x01,0x05, /* [2900] OBJ_selected_attribute_types */ -0x55,0x01,0x05,0x37, /* [2903] OBJ_clearance */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2916] OBJ_ac_proxying */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2924] OBJ_sinfo_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2932] OBJ_id_aca_encAttrs */ -0x55,0x04,0x48, /* [2940] OBJ_role */ -0x55,0x1D,0x24, /* [2943] OBJ_policy_constraints */ -0x55,0x1D,0x37, /* [2946] OBJ_target_information */ -0x55,0x1D,0x38, /* [2949] OBJ_no_rev_avail */ -0x00, /* [2952] OBJ_ccitt */ -0x2A,0x86,0x48,0xCE,0x3D, /* [2953] OBJ_ansi_X9_62 */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2958] OBJ_X9_62_prime_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2965] OBJ_X9_62_characteristic_two_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2972] OBJ_X9_62_id_ecPublicKey */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2979] OBJ_X9_62_prime192v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2987] OBJ_X9_62_prime192v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2995] OBJ_X9_62_prime192v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [3003] OBJ_X9_62_prime239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3011] OBJ_X9_62_prime239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3019] OBJ_X9_62_prime239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3027] OBJ_X9_62_prime256v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3035] OBJ_ecdsa_with_SHA1 */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */ -0x55,0x1D,0x17, /* [3159] OBJ_hold_instruction_code */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3162] OBJ_hold_instruction_none */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3169] OBJ_hold_instruction_call_issuer */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3176] OBJ_hold_instruction_reject */ -0x09, /* [3183] OBJ_data */ -0x09,0x92,0x26, /* [3184] OBJ_pss */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3187] OBJ_ucl */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3194] OBJ_pilot */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */ -0x55,0x04,0x2D, /* [3848] OBJ_x500UniqueIdentifier */ -0x2B,0x06,0x01,0x07,0x01, /* [3851] OBJ_mime_mhs */ -0x2B,0x06,0x01,0x07,0x01,0x01, /* [3856] OBJ_mime_mhs_headings */ -0x2B,0x06,0x01,0x07,0x01,0x02, /* [3862] OBJ_mime_mhs_bodies */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3868] OBJ_id_hex_partial_message */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3875] OBJ_id_hex_multipart_message */ -0x55,0x04,0x2C, /* [3882] OBJ_generationQualifier */ -0x55,0x04,0x41, /* [3885] OBJ_pseudonym */ -0x67,0x2A, /* [3888] OBJ_id_set */ -0x67,0x2A,0x00, /* [3890] OBJ_set_ctype */ -0x67,0x2A,0x01, /* [3893] OBJ_set_msgExt */ -0x67,0x2A,0x03, /* [3896] OBJ_set_attr */ -0x67,0x2A,0x05, /* [3899] OBJ_set_policy */ -0x67,0x2A,0x07, /* [3902] OBJ_set_certExt */ -0x67,0x2A,0x08, /* [3905] OBJ_set_brand */ -0x67,0x2A,0x00,0x00, /* [3908] OBJ_setct_PANData */ -0x67,0x2A,0x00,0x01, /* [3912] OBJ_setct_PANToken */ -0x67,0x2A,0x00,0x02, /* [3916] OBJ_setct_PANOnly */ -0x67,0x2A,0x00,0x03, /* [3920] OBJ_setct_OIData */ -0x67,0x2A,0x00,0x04, /* [3924] OBJ_setct_PI */ -0x67,0x2A,0x00,0x05, /* [3928] OBJ_setct_PIData */ -0x67,0x2A,0x00,0x06, /* [3932] OBJ_setct_PIDataUnsigned */ -0x67,0x2A,0x00,0x07, /* [3936] OBJ_setct_HODInput */ -0x67,0x2A,0x00,0x08, /* [3940] OBJ_setct_AuthResBaggage */ -0x67,0x2A,0x00,0x09, /* [3944] OBJ_setct_AuthRevReqBaggage */ -0x67,0x2A,0x00,0x0A, /* [3948] OBJ_setct_AuthRevResBaggage */ -0x67,0x2A,0x00,0x0B, /* [3952] OBJ_setct_CapTokenSeq */ -0x67,0x2A,0x00,0x0C, /* [3956] OBJ_setct_PInitResData */ -0x67,0x2A,0x00,0x0D, /* [3960] OBJ_setct_PI_TBS */ -0x67,0x2A,0x00,0x0E, /* [3964] OBJ_setct_PResData */ -0x67,0x2A,0x00,0x10, /* [3968] OBJ_setct_AuthReqTBS */ -0x67,0x2A,0x00,0x11, /* [3972] OBJ_setct_AuthResTBS */ -0x67,0x2A,0x00,0x12, /* [3976] OBJ_setct_AuthResTBSX */ -0x67,0x2A,0x00,0x13, /* [3980] OBJ_setct_AuthTokenTBS */ -0x67,0x2A,0x00,0x14, /* [3984] OBJ_setct_CapTokenData */ -0x67,0x2A,0x00,0x15, /* [3988] OBJ_setct_CapTokenTBS */ -0x67,0x2A,0x00,0x16, /* [3992] OBJ_setct_AcqCardCodeMsg */ -0x67,0x2A,0x00,0x17, /* [3996] OBJ_setct_AuthRevReqTBS */ -0x67,0x2A,0x00,0x18, /* [4000] OBJ_setct_AuthRevResData */ -0x67,0x2A,0x00,0x19, /* [4004] OBJ_setct_AuthRevResTBS */ -0x67,0x2A,0x00,0x1A, /* [4008] OBJ_setct_CapReqTBS */ -0x67,0x2A,0x00,0x1B, /* [4012] OBJ_setct_CapReqTBSX */ -0x67,0x2A,0x00,0x1C, /* [4016] OBJ_setct_CapResData */ -0x67,0x2A,0x00,0x1D, /* [4020] OBJ_setct_CapRevReqTBS */ -0x67,0x2A,0x00,0x1E, /* [4024] OBJ_setct_CapRevReqTBSX */ -0x67,0x2A,0x00,0x1F, /* [4028] OBJ_setct_CapRevResData */ -0x67,0x2A,0x00,0x20, /* [4032] OBJ_setct_CredReqTBS */ -0x67,0x2A,0x00,0x21, /* [4036] OBJ_setct_CredReqTBSX */ -0x67,0x2A,0x00,0x22, /* [4040] OBJ_setct_CredResData */ -0x67,0x2A,0x00,0x23, /* [4044] OBJ_setct_CredRevReqTBS */ -0x67,0x2A,0x00,0x24, /* [4048] OBJ_setct_CredRevReqTBSX */ -0x67,0x2A,0x00,0x25, /* [4052] OBJ_setct_CredRevResData */ -0x67,0x2A,0x00,0x26, /* [4056] OBJ_setct_PCertReqData */ -0x67,0x2A,0x00,0x27, /* [4060] OBJ_setct_PCertResTBS */ -0x67,0x2A,0x00,0x28, /* [4064] OBJ_setct_BatchAdminReqData */ -0x67,0x2A,0x00,0x29, /* [4068] OBJ_setct_BatchAdminResData */ -0x67,0x2A,0x00,0x2A, /* [4072] OBJ_setct_CardCInitResTBS */ -0x67,0x2A,0x00,0x2B, /* [4076] OBJ_setct_MeAqCInitResTBS */ -0x67,0x2A,0x00,0x2C, /* [4080] OBJ_setct_RegFormResTBS */ -0x67,0x2A,0x00,0x2D, /* [4084] OBJ_setct_CertReqData */ -0x67,0x2A,0x00,0x2E, /* [4088] OBJ_setct_CertReqTBS */ -0x67,0x2A,0x00,0x2F, /* [4092] OBJ_setct_CertResData */ -0x67,0x2A,0x00,0x30, /* [4096] OBJ_setct_CertInqReqTBS */ -0x67,0x2A,0x00,0x31, /* [4100] OBJ_setct_ErrorTBS */ -0x67,0x2A,0x00,0x32, /* [4104] OBJ_setct_PIDualSignedTBE */ -0x67,0x2A,0x00,0x33, /* [4108] OBJ_setct_PIUnsignedTBE */ -0x67,0x2A,0x00,0x34, /* [4112] OBJ_setct_AuthReqTBE */ -0x67,0x2A,0x00,0x35, /* [4116] OBJ_setct_AuthResTBE */ -0x67,0x2A,0x00,0x36, /* [4120] OBJ_setct_AuthResTBEX */ -0x67,0x2A,0x00,0x37, /* [4124] OBJ_setct_AuthTokenTBE */ -0x67,0x2A,0x00,0x38, /* [4128] OBJ_setct_CapTokenTBE */ -0x67,0x2A,0x00,0x39, /* [4132] OBJ_setct_CapTokenTBEX */ -0x67,0x2A,0x00,0x3A, /* [4136] OBJ_setct_AcqCardCodeMsgTBE */ -0x67,0x2A,0x00,0x3B, /* [4140] OBJ_setct_AuthRevReqTBE */ -0x67,0x2A,0x00,0x3C, /* [4144] OBJ_setct_AuthRevResTBE */ -0x67,0x2A,0x00,0x3D, /* [4148] OBJ_setct_AuthRevResTBEB */ -0x67,0x2A,0x00,0x3E, /* [4152] OBJ_setct_CapReqTBE */ -0x67,0x2A,0x00,0x3F, /* [4156] OBJ_setct_CapReqTBEX */ -0x67,0x2A,0x00,0x40, /* [4160] OBJ_setct_CapResTBE */ -0x67,0x2A,0x00,0x41, /* [4164] OBJ_setct_CapRevReqTBE */ -0x67,0x2A,0x00,0x42, /* [4168] OBJ_setct_CapRevReqTBEX */ -0x67,0x2A,0x00,0x43, /* [4172] OBJ_setct_CapRevResTBE */ -0x67,0x2A,0x00,0x44, /* [4176] OBJ_setct_CredReqTBE */ -0x67,0x2A,0x00,0x45, /* [4180] OBJ_setct_CredReqTBEX */ -0x67,0x2A,0x00,0x46, /* [4184] OBJ_setct_CredResTBE */ -0x67,0x2A,0x00,0x47, /* [4188] OBJ_setct_CredRevReqTBE */ -0x67,0x2A,0x00,0x48, /* [4192] OBJ_setct_CredRevReqTBEX */ -0x67,0x2A,0x00,0x49, /* [4196] OBJ_setct_CredRevResTBE */ -0x67,0x2A,0x00,0x4A, /* [4200] OBJ_setct_BatchAdminReqTBE */ -0x67,0x2A,0x00,0x4B, /* [4204] OBJ_setct_BatchAdminResTBE */ -0x67,0x2A,0x00,0x4C, /* [4208] OBJ_setct_RegFormReqTBE */ -0x67,0x2A,0x00,0x4D, /* [4212] OBJ_setct_CertReqTBE */ -0x67,0x2A,0x00,0x4E, /* [4216] OBJ_setct_CertReqTBEX */ -0x67,0x2A,0x00,0x4F, /* [4220] OBJ_setct_CertResTBE */ -0x67,0x2A,0x00,0x50, /* [4224] OBJ_setct_CRLNotificationTBS */ -0x67,0x2A,0x00,0x51, /* [4228] OBJ_setct_CRLNotificationResTBS */ -0x67,0x2A,0x00,0x52, /* [4232] OBJ_setct_BCIDistributionTBS */ -0x67,0x2A,0x01,0x01, /* [4236] OBJ_setext_genCrypt */ -0x67,0x2A,0x01,0x03, /* [4240] OBJ_setext_miAuth */ -0x67,0x2A,0x01,0x04, /* [4244] OBJ_setext_pinSecure */ -0x67,0x2A,0x01,0x05, /* [4248] OBJ_setext_pinAny */ -0x67,0x2A,0x01,0x07, /* [4252] OBJ_setext_track2 */ -0x67,0x2A,0x01,0x08, /* [4256] OBJ_setext_cv */ -0x67,0x2A,0x05,0x00, /* [4260] OBJ_set_policy_root */ -0x67,0x2A,0x07,0x00, /* [4264] OBJ_setCext_hashedRoot */ -0x67,0x2A,0x07,0x01, /* [4268] OBJ_setCext_certType */ -0x67,0x2A,0x07,0x02, /* [4272] OBJ_setCext_merchData */ -0x67,0x2A,0x07,0x03, /* [4276] OBJ_setCext_cCertRequired */ -0x67,0x2A,0x07,0x04, /* [4280] OBJ_setCext_tunneling */ -0x67,0x2A,0x07,0x05, /* [4284] OBJ_setCext_setExt */ -0x67,0x2A,0x07,0x06, /* [4288] OBJ_setCext_setQualf */ -0x67,0x2A,0x07,0x07, /* [4292] OBJ_setCext_PGWYcapabilities */ -0x67,0x2A,0x07,0x08, /* [4296] OBJ_setCext_TokenIdentifier */ -0x67,0x2A,0x07,0x09, /* [4300] OBJ_setCext_Track2Data */ -0x67,0x2A,0x07,0x0A, /* [4304] OBJ_setCext_TokenType */ -0x67,0x2A,0x07,0x0B, /* [4308] OBJ_setCext_IssuerCapabilities */ -0x67,0x2A,0x03,0x00, /* [4312] OBJ_setAttr_Cert */ -0x67,0x2A,0x03,0x01, /* [4316] OBJ_setAttr_PGWYcap */ -0x67,0x2A,0x03,0x02, /* [4320] OBJ_setAttr_TokenType */ -0x67,0x2A,0x03,0x03, /* [4324] OBJ_setAttr_IssCap */ -0x67,0x2A,0x03,0x00,0x00, /* [4328] OBJ_set_rootKeyThumb */ -0x67,0x2A,0x03,0x00,0x01, /* [4333] OBJ_set_addPolicy */ -0x67,0x2A,0x03,0x02,0x01, /* [4338] OBJ_setAttr_Token_EMV */ -0x67,0x2A,0x03,0x02,0x02, /* [4343] OBJ_setAttr_Token_B0Prime */ -0x67,0x2A,0x03,0x03,0x03, /* [4348] OBJ_setAttr_IssCap_CVM */ -0x67,0x2A,0x03,0x03,0x04, /* [4353] OBJ_setAttr_IssCap_T2 */ -0x67,0x2A,0x03,0x03,0x05, /* [4358] OBJ_setAttr_IssCap_Sig */ -0x67,0x2A,0x03,0x03,0x03,0x01, /* [4363] OBJ_setAttr_GenCryptgrm */ -0x67,0x2A,0x03,0x03,0x04,0x01, /* [4369] OBJ_setAttr_T2Enc */ -0x67,0x2A,0x03,0x03,0x04,0x02, /* [4375] OBJ_setAttr_T2cleartxt */ -0x67,0x2A,0x03,0x03,0x05,0x01, /* [4381] OBJ_setAttr_TokICCsig */ -0x67,0x2A,0x03,0x03,0x05,0x02, /* [4387] OBJ_setAttr_SecDevSig */ -0x67,0x2A,0x08,0x01, /* [4393] OBJ_set_brand_IATA_ATA */ -0x67,0x2A,0x08,0x1E, /* [4397] OBJ_set_brand_Diners */ -0x67,0x2A,0x08,0x22, /* [4401] OBJ_set_brand_AmericanExpress */ -0x67,0x2A,0x08,0x23, /* [4405] OBJ_set_brand_JCB */ -0x67,0x2A,0x08,0x04, /* [4409] OBJ_set_brand_Visa */ -0x67,0x2A,0x08,0x05, /* [4413] OBJ_set_brand_MasterCard */ -0x67,0x2A,0x08,0xAE,0x7B, /* [4417] OBJ_set_brand_Novus */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4422] OBJ_des_cdmf */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */ -0x00, /* [4439] OBJ_itu_t */ -0x50, /* [4440] OBJ_joint_iso_itu_t */ -0x67, /* [4441] OBJ_international_organizations */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */ -0x55,0x04,0x09, /* [4462] OBJ_streetAddress */ -0x55,0x04,0x11, /* [4465] OBJ_postalCode */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4468] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4475] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4483] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4491] OBJ_id_ppl_inheritAll */ -0x55,0x1D,0x1E, /* [4499] OBJ_name_constraints */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4502] OBJ_Independent */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */ -0x2B, /* [4582] OBJ_identified_organization */ -0x2B,0x81,0x04, /* [4583] OBJ_certicom_arc */ -0x67,0x2B, /* [4586] OBJ_wap */ -0x67,0x2B,0x01, /* [4588] OBJ_wap_wsg */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4591] OBJ_X9_62_id_characteristic_two_basis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4626] OBJ_X9_62_c2pnb163v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4634] OBJ_X9_62_c2pnb163v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4642] OBJ_X9_62_c2pnb163v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4650] OBJ_X9_62_c2pnb176v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4658] OBJ_X9_62_c2tnb191v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4666] OBJ_X9_62_c2tnb191v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4674] OBJ_X9_62_c2tnb191v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4682] OBJ_X9_62_c2onb191v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4690] OBJ_X9_62_c2onb191v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4698] OBJ_X9_62_c2pnb208w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4706] OBJ_X9_62_c2tnb239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4714] OBJ_X9_62_c2tnb239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4722] OBJ_X9_62_c2tnb239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4730] OBJ_X9_62_c2onb239v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4738] OBJ_X9_62_c2onb239v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4746] OBJ_X9_62_c2pnb272w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4754] OBJ_X9_62_c2pnb304w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4762] OBJ_X9_62_c2tnb359v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4770] OBJ_X9_62_c2pnb368w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4778] OBJ_X9_62_c2tnb431r1 */ -0x2B,0x81,0x04,0x00,0x06, /* [4786] OBJ_secp112r1 */ -0x2B,0x81,0x04,0x00,0x07, /* [4791] OBJ_secp112r2 */ -0x2B,0x81,0x04,0x00,0x1C, /* [4796] OBJ_secp128r1 */ -0x2B,0x81,0x04,0x00,0x1D, /* [4801] OBJ_secp128r2 */ -0x2B,0x81,0x04,0x00,0x09, /* [4806] OBJ_secp160k1 */ -0x2B,0x81,0x04,0x00,0x08, /* [4811] OBJ_secp160r1 */ -0x2B,0x81,0x04,0x00,0x1E, /* [4816] OBJ_secp160r2 */ -0x2B,0x81,0x04,0x00,0x1F, /* [4821] OBJ_secp192k1 */ -0x2B,0x81,0x04,0x00,0x20, /* [4826] OBJ_secp224k1 */ -0x2B,0x81,0x04,0x00,0x21, /* [4831] OBJ_secp224r1 */ -0x2B,0x81,0x04,0x00,0x0A, /* [4836] OBJ_secp256k1 */ -0x2B,0x81,0x04,0x00,0x22, /* [4841] OBJ_secp384r1 */ -0x2B,0x81,0x04,0x00,0x23, /* [4846] OBJ_secp521r1 */ -0x2B,0x81,0x04,0x00,0x04, /* [4851] OBJ_sect113r1 */ -0x2B,0x81,0x04,0x00,0x05, /* [4856] OBJ_sect113r2 */ -0x2B,0x81,0x04,0x00,0x16, /* [4861] OBJ_sect131r1 */ -0x2B,0x81,0x04,0x00,0x17, /* [4866] OBJ_sect131r2 */ -0x2B,0x81,0x04,0x00,0x01, /* [4871] OBJ_sect163k1 */ -0x2B,0x81,0x04,0x00,0x02, /* [4876] OBJ_sect163r1 */ -0x2B,0x81,0x04,0x00,0x0F, /* [4881] OBJ_sect163r2 */ -0x2B,0x81,0x04,0x00,0x18, /* [4886] OBJ_sect193r1 */ -0x2B,0x81,0x04,0x00,0x19, /* [4891] OBJ_sect193r2 */ -0x2B,0x81,0x04,0x00,0x1A, /* [4896] OBJ_sect233k1 */ -0x2B,0x81,0x04,0x00,0x1B, /* [4901] OBJ_sect233r1 */ -0x2B,0x81,0x04,0x00,0x03, /* [4906] OBJ_sect239k1 */ -0x2B,0x81,0x04,0x00,0x10, /* [4911] OBJ_sect283k1 */ -0x2B,0x81,0x04,0x00,0x11, /* [4916] OBJ_sect283r1 */ -0x2B,0x81,0x04,0x00,0x24, /* [4921] OBJ_sect409k1 */ -0x2B,0x81,0x04,0x00,0x25, /* [4926] OBJ_sect409r1 */ -0x2B,0x81,0x04,0x00,0x26, /* [4931] OBJ_sect571k1 */ -0x2B,0x81,0x04,0x00,0x27, /* [4936] OBJ_sect571r1 */ -0x67,0x2B,0x01,0x04,0x01, /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */ -0x67,0x2B,0x01,0x04,0x03, /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */ -0x67,0x2B,0x01,0x04,0x04, /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */ -0x67,0x2B,0x01,0x04,0x05, /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */ -0x67,0x2B,0x01,0x04,0x06, /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */ -0x67,0x2B,0x01,0x04,0x07, /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */ -0x67,0x2B,0x01,0x04,0x08, /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */ -0x67,0x2B,0x01,0x04,0x09, /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */ -0x67,0x2B,0x01,0x04,0x0A, /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */ -0x67,0x2B,0x01,0x04,0x0B, /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */ -0x67,0x2B,0x01,0x04,0x0C, /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */ -0x55,0x1D,0x20,0x00, /* [4996] OBJ_any_policy */ -0x55,0x1D,0x21, /* [5000] OBJ_policy_mappings */ -0x55,0x1D,0x36, /* [5003] OBJ_inhibit_any_policy */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5039] OBJ_camellia_128_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5047] OBJ_camellia_192_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5055] OBJ_camellia_256_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5063] OBJ_camellia_128_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5071] OBJ_camellia_192_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5079] OBJ_camellia_256_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5087] OBJ_camellia_128_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5095] OBJ_camellia_192_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5103] OBJ_camellia_256_ofb128 */ -0x55,0x1D,0x09, /* [5111] OBJ_subject_directory_attributes */ -0x55,0x1D,0x1C, /* [5114] OBJ_issuing_distribution_point */ -0x55,0x1D,0x1D, /* [5117] OBJ_certificate_issuer */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5120] OBJ_kisa */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5126] OBJ_seed_ecb */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5134] OBJ_seed_cbc */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5142] OBJ_seed_ofb128 */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5150] OBJ_seed_cfb128 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5158] OBJ_hmac_md5 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5166] OBJ_hmac_sha1 */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5192] OBJ_id_it_suppLangTags */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5200] OBJ_caRepository */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5257] OBJ_ecdsa_with_Recommended */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5264] OBJ_ecdsa_with_Specified */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5271] OBJ_ecdsa_with_SHA224 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5279] OBJ_ecdsa_with_SHA256 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5287] OBJ_ecdsa_with_SHA384 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5295] OBJ_ecdsa_with_SHA512 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5303] OBJ_hmacWithMD5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5311] OBJ_hmacWithSHA224 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5319] OBJ_hmacWithSHA256 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5327] OBJ_hmacWithSHA384 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5335] OBJ_hmacWithSHA512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5343] OBJ_dsa_with_SHA224 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5352] OBJ_dsa_with_SHA256 */ -0x28,0xCF,0x06,0x03,0x00,0x37, /* [5361] OBJ_whirlpool */ -0x2A,0x85,0x03,0x02,0x02, /* [5367] OBJ_cryptopro */ -0x2A,0x85,0x03,0x02,0x09, /* [5372] OBJ_cryptocom */ -0x2A,0x85,0x03,0x02,0x02,0x03, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x04, /* [5383] OBJ_id_GostR3411_94_with_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x09, /* [5389] OBJ_id_GostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5395] OBJ_id_HMACGostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x13, /* [5401] OBJ_id_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x14, /* [5407] OBJ_id_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x15, /* [5413] OBJ_id_Gost28147_89 */ -0x2A,0x85,0x03,0x02,0x02,0x16, /* [5419] OBJ_id_Gost28147_89_MAC */ -0x2A,0x85,0x03,0x02,0x02,0x17, /* [5425] OBJ_id_GostR3411_94_prf */ -0x2A,0x85,0x03,0x02,0x02,0x62, /* [5431] OBJ_id_GostR3410_2001DH */ -0x2A,0x85,0x03,0x02,0x02,0x63, /* [5437] OBJ_id_GostR3410_94DH */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5443] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5450] OBJ_id_Gost28147_89_None_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5457] OBJ_id_GostR3411_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5464] OBJ_id_GostR3411_94_CryptoProParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5471] OBJ_id_Gost28147_89_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5478] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5485] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5492] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5499] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5506] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5513] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5520] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5527] OBJ_id_GostR3410_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5534] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5541] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5548] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5555] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5562] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5569] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5576] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5583] OBJ_id_GostR3410_2001_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5590] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5597] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5604] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5611] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5618] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5625] OBJ_id_GostR3410_94_a */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5632] OBJ_id_GostR3410_94_aBis */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5639] OBJ_id_GostR3410_94_b */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5646] OBJ_id_GostR3410_94_bBis */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5653] OBJ_id_Gost28147_89_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5661] OBJ_id_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5669] OBJ_id_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5677] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */ -0x55,0x1D,0x2E, /* [5710] OBJ_freshest_crl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5713] OBJ_id_on_permanentIdentifier */ -0x55,0x04,0x0E, /* [5721] OBJ_searchGuide */ -0x55,0x04,0x0F, /* [5724] OBJ_businessCategory */ -0x55,0x04,0x10, /* [5727] OBJ_postalAddress */ -0x55,0x04,0x12, /* [5730] OBJ_postOfficeBox */ -0x55,0x04,0x13, /* [5733] OBJ_physicalDeliveryOfficeName */ -0x55,0x04,0x14, /* [5736] OBJ_telephoneNumber */ -0x55,0x04,0x15, /* [5739] OBJ_telexNumber */ -0x55,0x04,0x16, /* [5742] OBJ_teletexTerminalIdentifier */ -0x55,0x04,0x17, /* [5745] OBJ_facsimileTelephoneNumber */ -0x55,0x04,0x18, /* [5748] OBJ_x121Address */ -0x55,0x04,0x19, /* [5751] OBJ_internationaliSDNNumber */ -0x55,0x04,0x1A, /* [5754] OBJ_registeredAddress */ -0x55,0x04,0x1B, /* [5757] OBJ_destinationIndicator */ -0x55,0x04,0x1C, /* [5760] OBJ_preferredDeliveryMethod */ -0x55,0x04,0x1D, /* [5763] OBJ_presentationAddress */ -0x55,0x04,0x1E, /* [5766] OBJ_supportedApplicationContext */ -0x55,0x04,0x1F, /* [5769] OBJ_member */ -0x55,0x04,0x20, /* [5772] OBJ_owner */ -0x55,0x04,0x21, /* [5775] OBJ_roleOccupant */ -0x55,0x04,0x22, /* [5778] OBJ_seeAlso */ -0x55,0x04,0x23, /* [5781] OBJ_userPassword */ -0x55,0x04,0x24, /* [5784] OBJ_userCertificate */ -0x55,0x04,0x25, /* [5787] OBJ_cACertificate */ -0x55,0x04,0x26, /* [5790] OBJ_authorityRevocationList */ -0x55,0x04,0x27, /* [5793] OBJ_certificateRevocationList */ -0x55,0x04,0x28, /* [5796] OBJ_crossCertificatePair */ -0x55,0x04,0x2F, /* [5799] OBJ_enhancedSearchGuide */ -0x55,0x04,0x30, /* [5802] OBJ_protocolInformation */ -0x55,0x04,0x31, /* [5805] OBJ_distinguishedName */ -0x55,0x04,0x32, /* [5808] OBJ_uniqueMember */ -0x55,0x04,0x33, /* [5811] OBJ_houseIdentifier */ -0x55,0x04,0x34, /* [5814] OBJ_supportedAlgorithms */ -0x55,0x04,0x35, /* [5817] OBJ_deltaRevocationList */ -0x55,0x04,0x36, /* [5820] OBJ_dmdName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5823] OBJ_id_alg_PWRI_KEK */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5834] OBJ_aes_128_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5843] OBJ_aes_128_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5852] OBJ_id_aes128_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5861] OBJ_aes_192_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5870] OBJ_aes_192_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5879] OBJ_id_aes192_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5888] OBJ_aes_256_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5897] OBJ_aes_256_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5906] OBJ_id_aes256_wrap_pad */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5915] OBJ_id_camellia128_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */ -0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5970] OBJ_rsaesOaep */ +static const unsigned char lvalues[5974]={ +0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */ +0x55, /* [ 82] OBJ_X500 */ +0x55,0x04, /* [ 83] OBJ_X509 */ +0x55,0x04,0x03, /* [ 85] OBJ_commonName */ +0x55,0x04,0x06, /* [ 88] OBJ_countryName */ +0x55,0x04,0x07, /* [ 91] OBJ_localityName */ +0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */ +0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */ +0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */ +0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */ +0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */ +0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */ +0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */ +0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede_ecb */ +0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [217] OBJ_rc2_cbc */ +0x2B,0x0E,0x03,0x02,0x12, /* [225] OBJ_sha */ +0x2B,0x0E,0x03,0x02,0x0F, /* [230] OBJ_shaWithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [235] OBJ_des_ede3_cbc */ +0x2B,0x0E,0x03,0x02,0x08, /* [243] OBJ_des_ofb64 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [248] OBJ_pkcs9 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [337] OBJ_netscape */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [344] OBJ_netscape_cert_extension */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [352] OBJ_netscape_data_type */ +0x2B,0x0E,0x03,0x02,0x1A, /* [360] OBJ_sha1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */ +0x2B,0x0E,0x03,0x02,0x0D, /* [374] OBJ_dsaWithSHA */ +0x2B,0x0E,0x03,0x02,0x0C, /* [379] OBJ_dsa_2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */ +0x2B,0x0E,0x03,0x02,0x1B, /* [402] OBJ_dsaWithSHA1_2 */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */ +0x55,0x1D, /* [488] OBJ_id_ce */ +0x55,0x1D,0x0E, /* [490] OBJ_subject_key_identifier */ +0x55,0x1D,0x0F, /* [493] OBJ_key_usage */ +0x55,0x1D,0x10, /* [496] OBJ_private_key_usage_period */ +0x55,0x1D,0x11, /* [499] OBJ_subject_alt_name */ +0x55,0x1D,0x12, /* [502] OBJ_issuer_alt_name */ +0x55,0x1D,0x13, /* [505] OBJ_basic_constraints */ +0x55,0x1D,0x14, /* [508] OBJ_crl_number */ +0x55,0x1D,0x20, /* [511] OBJ_certificate_policies */ +0x55,0x1D,0x23, /* [514] OBJ_authority_key_identifier */ +0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */ +0x55,0x08,0x03,0x65, /* [526] OBJ_mdc2 */ +0x55,0x08,0x03,0x64, /* [530] OBJ_mdc2WithRSA */ +0x55,0x04,0x2A, /* [534] OBJ_givenName */ +0x55,0x04,0x04, /* [537] OBJ_surname */ +0x55,0x04,0x2B, /* [540] OBJ_initials */ +0x55,0x1D,0x1F, /* [543] OBJ_crl_distribution_points */ +0x2B,0x0E,0x03,0x02,0x03, /* [546] OBJ_md5WithRSA */ +0x55,0x04,0x05, /* [551] OBJ_serialNumber */ +0x55,0x04,0x0C, /* [554] OBJ_title */ +0x55,0x04,0x0D, /* [557] OBJ_description */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [578] OBJ_dsaWithSHA1 */ +0x2B,0x0E,0x03,0x02,0x1D, /* [585] OBJ_sha1WithRSA */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [590] OBJ_dsa */ +0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */ +0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */ +0x29,0x01,0x01,0x85,0x1A,0x01, /* [616] OBJ_rle_compression */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [633] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [636] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [642] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [649] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [657] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [665] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [673] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [681] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [748] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [751] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [754] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [757] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [954] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [962] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [970] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */ +0x55,0x04,0x29, /* [1033] OBJ_name */ +0x55,0x04,0x2E, /* [1036] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1039] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1046] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1053] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1061] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1069] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1077] OBJ_OCSP_sign */ +0x2A, /* [1085] OBJ_member_body */ +0x2A,0x86,0x48, /* [1086] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1089] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1094] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1100] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1108] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1866] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1874] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1881] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1888] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1895] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1902] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1909] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1916] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1923] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1930] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1937] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1944] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1951] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1959] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1967] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1975] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1983] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1991] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1999] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2007] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2015] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2023] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2031] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2039] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2047] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2055] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2063] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2071] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2079] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2087] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2095] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2103] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2111] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2119] OBJ_sbgp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2127] OBJ_sbgp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2135] OBJ_sbgp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2143] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2151] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2159] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2167] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2175] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2183] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2191] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2199] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2207] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2215] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2223] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2231] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2239] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2247] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2255] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2263] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2271] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2279] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2287] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2295] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2303] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2311] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2391] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2399] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2415] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2423] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2431] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2439] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2447] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2455] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2463] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2471] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2479] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2487] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2495] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2503] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2511] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2519] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2527] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2535] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2543] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2551] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2559] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2567] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2575] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2583] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2591] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2599] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2607] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2615] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2623] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2631] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2639] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2647] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2655] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2663] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2679] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2687] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2695] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2703] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2711] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2818] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2822] OBJ_rsaSignature */ +0x55,0x08, /* [2827] OBJ_X500algorithms */ +0x2B, /* [2829] OBJ_org */ +0x2B,0x06, /* [2830] OBJ_dod */ +0x2B,0x06,0x01, /* [2832] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2835] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2839] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2843] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2847] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2851] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2855] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2859] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2863] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */ +0x55,0x01,0x05, /* [2897] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2900] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2913] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2921] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2929] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2937] OBJ_role */ +0x55,0x1D,0x24, /* [2940] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2943] OBJ_target_information */ +0x55,0x1D,0x38, /* [2946] OBJ_no_rev_avail */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2949] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2954] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2961] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2968] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2975] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2983] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2991] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2999] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3007] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3015] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3023] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3031] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3155] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3158] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3165] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3172] OBJ_hold_instruction_reject */ +0x09, /* [3179] OBJ_data */ +0x09,0x92,0x26, /* [3180] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3183] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3190] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3844] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3847] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3852] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3858] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3864] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3871] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3878] OBJ_generationQualifier */ +0x55,0x04,0x41, /* [3881] OBJ_pseudonym */ +0x67,0x2A, /* [3884] OBJ_id_set */ +0x67,0x2A,0x00, /* [3886] OBJ_set_ctype */ +0x67,0x2A,0x01, /* [3889] OBJ_set_msgExt */ +0x67,0x2A,0x03, /* [3892] OBJ_set_attr */ +0x67,0x2A,0x05, /* [3895] OBJ_set_policy */ +0x67,0x2A,0x07, /* [3898] OBJ_set_certExt */ +0x67,0x2A,0x08, /* [3901] OBJ_set_brand */ +0x67,0x2A,0x00,0x00, /* [3904] OBJ_setct_PANData */ +0x67,0x2A,0x00,0x01, /* [3908] OBJ_setct_PANToken */ +0x67,0x2A,0x00,0x02, /* [3912] OBJ_setct_PANOnly */ +0x67,0x2A,0x00,0x03, /* [3916] OBJ_setct_OIData */ +0x67,0x2A,0x00,0x04, /* [3920] OBJ_setct_PI */ +0x67,0x2A,0x00,0x05, /* [3924] OBJ_setct_PIData */ +0x67,0x2A,0x00,0x06, /* [3928] OBJ_setct_PIDataUnsigned */ +0x67,0x2A,0x00,0x07, /* [3932] OBJ_setct_HODInput */ +0x67,0x2A,0x00,0x08, /* [3936] OBJ_setct_AuthResBaggage */ +0x67,0x2A,0x00,0x09, /* [3940] OBJ_setct_AuthRevReqBaggage */ +0x67,0x2A,0x00,0x0A, /* [3944] OBJ_setct_AuthRevResBaggage */ +0x67,0x2A,0x00,0x0B, /* [3948] OBJ_setct_CapTokenSeq */ +0x67,0x2A,0x00,0x0C, /* [3952] OBJ_setct_PInitResData */ +0x67,0x2A,0x00,0x0D, /* [3956] OBJ_setct_PI_TBS */ +0x67,0x2A,0x00,0x0E, /* [3960] OBJ_setct_PResData */ +0x67,0x2A,0x00,0x10, /* [3964] OBJ_setct_AuthReqTBS */ +0x67,0x2A,0x00,0x11, /* [3968] OBJ_setct_AuthResTBS */ +0x67,0x2A,0x00,0x12, /* [3972] OBJ_setct_AuthResTBSX */ +0x67,0x2A,0x00,0x13, /* [3976] OBJ_setct_AuthTokenTBS */ +0x67,0x2A,0x00,0x14, /* [3980] OBJ_setct_CapTokenData */ +0x67,0x2A,0x00,0x15, /* [3984] OBJ_setct_CapTokenTBS */ +0x67,0x2A,0x00,0x16, /* [3988] OBJ_setct_AcqCardCodeMsg */ +0x67,0x2A,0x00,0x17, /* [3992] OBJ_setct_AuthRevReqTBS */ +0x67,0x2A,0x00,0x18, /* [3996] OBJ_setct_AuthRevResData */ +0x67,0x2A,0x00,0x19, /* [4000] OBJ_setct_AuthRevResTBS */ +0x67,0x2A,0x00,0x1A, /* [4004] OBJ_setct_CapReqTBS */ +0x67,0x2A,0x00,0x1B, /* [4008] OBJ_setct_CapReqTBSX */ +0x67,0x2A,0x00,0x1C, /* [4012] OBJ_setct_CapResData */ +0x67,0x2A,0x00,0x1D, /* [4016] OBJ_setct_CapRevReqTBS */ +0x67,0x2A,0x00,0x1E, /* [4020] OBJ_setct_CapRevReqTBSX */ +0x67,0x2A,0x00,0x1F, /* [4024] OBJ_setct_CapRevResData */ +0x67,0x2A,0x00,0x20, /* [4028] OBJ_setct_CredReqTBS */ +0x67,0x2A,0x00,0x21, /* [4032] OBJ_setct_CredReqTBSX */ +0x67,0x2A,0x00,0x22, /* [4036] OBJ_setct_CredResData */ +0x67,0x2A,0x00,0x23, /* [4040] OBJ_setct_CredRevReqTBS */ +0x67,0x2A,0x00,0x24, /* [4044] OBJ_setct_CredRevReqTBSX */ +0x67,0x2A,0x00,0x25, /* [4048] OBJ_setct_CredRevResData */ +0x67,0x2A,0x00,0x26, /* [4052] OBJ_setct_PCertReqData */ +0x67,0x2A,0x00,0x27, /* [4056] OBJ_setct_PCertResTBS */ +0x67,0x2A,0x00,0x28, /* [4060] OBJ_setct_BatchAdminReqData */ +0x67,0x2A,0x00,0x29, /* [4064] OBJ_setct_BatchAdminResData */ +0x67,0x2A,0x00,0x2A, /* [4068] OBJ_setct_CardCInitResTBS */ +0x67,0x2A,0x00,0x2B, /* [4072] OBJ_setct_MeAqCInitResTBS */ +0x67,0x2A,0x00,0x2C, /* [4076] OBJ_setct_RegFormResTBS */ +0x67,0x2A,0x00,0x2D, /* [4080] OBJ_setct_CertReqData */ +0x67,0x2A,0x00,0x2E, /* [4084] OBJ_setct_CertReqTBS */ +0x67,0x2A,0x00,0x2F, /* [4088] OBJ_setct_CertResData */ +0x67,0x2A,0x00,0x30, /* [4092] OBJ_setct_CertInqReqTBS */ +0x67,0x2A,0x00,0x31, /* [4096] OBJ_setct_ErrorTBS */ +0x67,0x2A,0x00,0x32, /* [4100] OBJ_setct_PIDualSignedTBE */ +0x67,0x2A,0x00,0x33, /* [4104] OBJ_setct_PIUnsignedTBE */ +0x67,0x2A,0x00,0x34, /* [4108] OBJ_setct_AuthReqTBE */ +0x67,0x2A,0x00,0x35, /* [4112] OBJ_setct_AuthResTBE */ +0x67,0x2A,0x00,0x36, /* [4116] OBJ_setct_AuthResTBEX */ +0x67,0x2A,0x00,0x37, /* [4120] OBJ_setct_AuthTokenTBE */ +0x67,0x2A,0x00,0x38, /* [4124] OBJ_setct_CapTokenTBE */ +0x67,0x2A,0x00,0x39, /* [4128] OBJ_setct_CapTokenTBEX */ +0x67,0x2A,0x00,0x3A, /* [4132] OBJ_setct_AcqCardCodeMsgTBE */ +0x67,0x2A,0x00,0x3B, /* [4136] OBJ_setct_AuthRevReqTBE */ +0x67,0x2A,0x00,0x3C, /* [4140] OBJ_setct_AuthRevResTBE */ +0x67,0x2A,0x00,0x3D, /* [4144] OBJ_setct_AuthRevResTBEB */ +0x67,0x2A,0x00,0x3E, /* [4148] OBJ_setct_CapReqTBE */ +0x67,0x2A,0x00,0x3F, /* [4152] OBJ_setct_CapReqTBEX */ +0x67,0x2A,0x00,0x40, /* [4156] OBJ_setct_CapResTBE */ +0x67,0x2A,0x00,0x41, /* [4160] OBJ_setct_CapRevReqTBE */ +0x67,0x2A,0x00,0x42, /* [4164] OBJ_setct_CapRevReqTBEX */ +0x67,0x2A,0x00,0x43, /* [4168] OBJ_setct_CapRevResTBE */ +0x67,0x2A,0x00,0x44, /* [4172] OBJ_setct_CredReqTBE */ +0x67,0x2A,0x00,0x45, /* [4176] OBJ_setct_CredReqTBEX */ +0x67,0x2A,0x00,0x46, /* [4180] OBJ_setct_CredResTBE */ +0x67,0x2A,0x00,0x47, /* [4184] OBJ_setct_CredRevReqTBE */ +0x67,0x2A,0x00,0x48, /* [4188] OBJ_setct_CredRevReqTBEX */ +0x67,0x2A,0x00,0x49, /* [4192] OBJ_setct_CredRevResTBE */ +0x67,0x2A,0x00,0x4A, /* [4196] OBJ_setct_BatchAdminReqTBE */ +0x67,0x2A,0x00,0x4B, /* [4200] OBJ_setct_BatchAdminResTBE */ +0x67,0x2A,0x00,0x4C, /* [4204] OBJ_setct_RegFormReqTBE */ +0x67,0x2A,0x00,0x4D, /* [4208] OBJ_setct_CertReqTBE */ +0x67,0x2A,0x00,0x4E, /* [4212] OBJ_setct_CertReqTBEX */ +0x67,0x2A,0x00,0x4F, /* [4216] OBJ_setct_CertResTBE */ +0x67,0x2A,0x00,0x50, /* [4220] OBJ_setct_CRLNotificationTBS */ +0x67,0x2A,0x00,0x51, /* [4224] OBJ_setct_CRLNotificationResTBS */ +0x67,0x2A,0x00,0x52, /* [4228] OBJ_setct_BCIDistributionTBS */ +0x67,0x2A,0x01,0x01, /* [4232] OBJ_setext_genCrypt */ +0x67,0x2A,0x01,0x03, /* [4236] OBJ_setext_miAuth */ +0x67,0x2A,0x01,0x04, /* [4240] OBJ_setext_pinSecure */ +0x67,0x2A,0x01,0x05, /* [4244] OBJ_setext_pinAny */ +0x67,0x2A,0x01,0x07, /* [4248] OBJ_setext_track2 */ +0x67,0x2A,0x01,0x08, /* [4252] OBJ_setext_cv */ +0x67,0x2A,0x05,0x00, /* [4256] OBJ_set_policy_root */ +0x67,0x2A,0x07,0x00, /* [4260] OBJ_setCext_hashedRoot */ +0x67,0x2A,0x07,0x01, /* [4264] OBJ_setCext_certType */ +0x67,0x2A,0x07,0x02, /* [4268] OBJ_setCext_merchData */ +0x67,0x2A,0x07,0x03, /* [4272] OBJ_setCext_cCertRequired */ +0x67,0x2A,0x07,0x04, /* [4276] OBJ_setCext_tunneling */ +0x67,0x2A,0x07,0x05, /* [4280] OBJ_setCext_setExt */ +0x67,0x2A,0x07,0x06, /* [4284] OBJ_setCext_setQualf */ +0x67,0x2A,0x07,0x07, /* [4288] OBJ_setCext_PGWYcapabilities */ +0x67,0x2A,0x07,0x08, /* [4292] OBJ_setCext_TokenIdentifier */ +0x67,0x2A,0x07,0x09, /* [4296] OBJ_setCext_Track2Data */ +0x67,0x2A,0x07,0x0A, /* [4300] OBJ_setCext_TokenType */ +0x67,0x2A,0x07,0x0B, /* [4304] OBJ_setCext_IssuerCapabilities */ +0x67,0x2A,0x03,0x00, /* [4308] OBJ_setAttr_Cert */ +0x67,0x2A,0x03,0x01, /* [4312] OBJ_setAttr_PGWYcap */ +0x67,0x2A,0x03,0x02, /* [4316] OBJ_setAttr_TokenType */ +0x67,0x2A,0x03,0x03, /* [4320] OBJ_setAttr_IssCap */ +0x67,0x2A,0x03,0x00,0x00, /* [4324] OBJ_set_rootKeyThumb */ +0x67,0x2A,0x03,0x00,0x01, /* [4329] OBJ_set_addPolicy */ +0x67,0x2A,0x03,0x02,0x01, /* [4334] OBJ_setAttr_Token_EMV */ +0x67,0x2A,0x03,0x02,0x02, /* [4339] OBJ_setAttr_Token_B0Prime */ +0x67,0x2A,0x03,0x03,0x03, /* [4344] OBJ_setAttr_IssCap_CVM */ +0x67,0x2A,0x03,0x03,0x04, /* [4349] OBJ_setAttr_IssCap_T2 */ +0x67,0x2A,0x03,0x03,0x05, /* [4354] OBJ_setAttr_IssCap_Sig */ +0x67,0x2A,0x03,0x03,0x03,0x01, /* [4359] OBJ_setAttr_GenCryptgrm */ +0x67,0x2A,0x03,0x03,0x04,0x01, /* [4365] OBJ_setAttr_T2Enc */ +0x67,0x2A,0x03,0x03,0x04,0x02, /* [4371] OBJ_setAttr_T2cleartxt */ +0x67,0x2A,0x03,0x03,0x05,0x01, /* [4377] OBJ_setAttr_TokICCsig */ +0x67,0x2A,0x03,0x03,0x05,0x02, /* [4383] OBJ_setAttr_SecDevSig */ +0x67,0x2A,0x08,0x01, /* [4389] OBJ_set_brand_IATA_ATA */ +0x67,0x2A,0x08,0x1E, /* [4393] OBJ_set_brand_Diners */ +0x67,0x2A,0x08,0x22, /* [4397] OBJ_set_brand_AmericanExpress */ +0x67,0x2A,0x08,0x23, /* [4401] OBJ_set_brand_JCB */ +0x67,0x2A,0x08,0x04, /* [4405] OBJ_set_brand_Visa */ +0x67,0x2A,0x08,0x05, /* [4409] OBJ_set_brand_MasterCard */ +0x67,0x2A,0x08,0xAE,0x7B, /* [4413] OBJ_set_brand_Novus */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4418] OBJ_des_cdmf */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */ +0x67, /* [4435] OBJ_international_organizations */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */ +0x55,0x04,0x09, /* [4456] OBJ_streetAddress */ +0x55,0x04,0x11, /* [4459] OBJ_postalCode */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4462] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4469] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4477] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4485] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4493] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4496] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */ +0x2B, /* [4576] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4577] OBJ_certicom_arc */ +0x67,0x2B, /* [4580] OBJ_wap */ +0x67,0x2B,0x01, /* [4582] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4585] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4620] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4628] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4636] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4644] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4652] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4660] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4668] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4676] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4684] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4692] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4700] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4708] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4716] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4724] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4732] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4740] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4748] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4756] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4764] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4772] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4780] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4785] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4790] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4795] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4800] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4805] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4810] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4815] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4820] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4825] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4830] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4835] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4840] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4845] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4850] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4855] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4860] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4865] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4870] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4875] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4880] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4885] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4890] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4895] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4900] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4905] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4910] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4915] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4920] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4925] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4930] OBJ_sect571r1 */ +0x67,0x2B,0x01,0x04,0x01, /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x01,0x04,0x03, /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x01,0x04,0x04, /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x01,0x04,0x05, /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x01,0x04,0x06, /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x01,0x04,0x07, /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x01,0x04,0x08, /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x01,0x04,0x09, /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x01,0x04,0x0A, /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x01,0x04,0x0B, /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x01,0x04,0x0C, /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4990] OBJ_any_policy */ +0x55,0x1D,0x21, /* [4994] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [4997] OBJ_inhibit_any_policy */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5033] OBJ_camellia_128_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5041] OBJ_camellia_192_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5049] OBJ_camellia_256_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5057] OBJ_camellia_128_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5065] OBJ_camellia_192_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5073] OBJ_camellia_256_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5081] OBJ_camellia_128_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5089] OBJ_camellia_192_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5097] OBJ_camellia_256_ofb128 */ +0x55,0x1D,0x09, /* [5105] OBJ_subject_directory_attributes */ +0x55,0x1D,0x1C, /* [5108] OBJ_issuing_distribution_point */ +0x55,0x1D,0x1D, /* [5111] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5114] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5120] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5128] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5136] OBJ_seed_ofb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5144] OBJ_seed_cfb128 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5152] OBJ_hmac_md5 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5160] OBJ_hmac_sha1 */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5186] OBJ_id_it_suppLangTags */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5194] OBJ_caRepository */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5251] OBJ_ecdsa_with_Recommended */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5258] OBJ_ecdsa_with_Specified */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5265] OBJ_ecdsa_with_SHA224 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5273] OBJ_ecdsa_with_SHA256 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5281] OBJ_ecdsa_with_SHA384 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5289] OBJ_ecdsa_with_SHA512 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5297] OBJ_hmacWithMD5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5305] OBJ_hmacWithSHA224 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5313] OBJ_hmacWithSHA256 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5321] OBJ_hmacWithSHA384 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5329] OBJ_hmacWithSHA512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */ +0x28,0xCF,0x06,0x03,0x00,0x37, /* [5355] OBJ_whirlpool */ +0x2A,0x85,0x03,0x02,0x02, /* [5361] OBJ_cryptopro */ +0x2A,0x85,0x03,0x02,0x09, /* [5366] OBJ_cryptocom */ +0x2A,0x85,0x03,0x02,0x02,0x03, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x04, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x09, /* [5383] OBJ_id_GostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5389] OBJ_id_HMACGostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x13, /* [5395] OBJ_id_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x14, /* [5401] OBJ_id_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x15, /* [5407] OBJ_id_Gost28147_89 */ +0x2A,0x85,0x03,0x02,0x02,0x16, /* [5413] OBJ_id_Gost28147_89_MAC */ +0x2A,0x85,0x03,0x02,0x02,0x17, /* [5419] OBJ_id_GostR3411_94_prf */ +0x2A,0x85,0x03,0x02,0x02,0x62, /* [5425] OBJ_id_GostR3410_2001DH */ +0x2A,0x85,0x03,0x02,0x02,0x63, /* [5431] OBJ_id_GostR3410_94DH */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5451] OBJ_id_GostR3411_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5465] OBJ_id_Gost28147_89_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5521] OBJ_id_GostR3410_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5577] OBJ_id_GostR3410_2001_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5619] OBJ_id_GostR3410_94_a */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5626] OBJ_id_GostR3410_94_aBis */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5633] OBJ_id_GostR3410_94_b */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5640] OBJ_id_GostR3410_94_bBis */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5647] OBJ_id_Gost28147_89_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5655] OBJ_id_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5663] OBJ_id_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */ +0x55,0x1D,0x2E, /* [5704] OBJ_freshest_crl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5707] OBJ_id_on_permanentIdentifier */ +0x55,0x04,0x0E, /* [5715] OBJ_searchGuide */ +0x55,0x04,0x0F, /* [5718] OBJ_businessCategory */ +0x55,0x04,0x10, /* [5721] OBJ_postalAddress */ +0x55,0x04,0x12, /* [5724] OBJ_postOfficeBox */ +0x55,0x04,0x13, /* [5727] OBJ_physicalDeliveryOfficeName */ +0x55,0x04,0x14, /* [5730] OBJ_telephoneNumber */ +0x55,0x04,0x15, /* [5733] OBJ_telexNumber */ +0x55,0x04,0x16, /* [5736] OBJ_teletexTerminalIdentifier */ +0x55,0x04,0x17, /* [5739] OBJ_facsimileTelephoneNumber */ +0x55,0x04,0x18, /* [5742] OBJ_x121Address */ +0x55,0x04,0x19, /* [5745] OBJ_internationaliSDNNumber */ +0x55,0x04,0x1A, /* [5748] OBJ_registeredAddress */ +0x55,0x04,0x1B, /* [5751] OBJ_destinationIndicator */ +0x55,0x04,0x1C, /* [5754] OBJ_preferredDeliveryMethod */ +0x55,0x04,0x1D, /* [5757] OBJ_presentationAddress */ +0x55,0x04,0x1E, /* [5760] OBJ_supportedApplicationContext */ +0x55,0x04,0x1F, /* [5763] OBJ_member */ +0x55,0x04,0x20, /* [5766] OBJ_owner */ +0x55,0x04,0x21, /* [5769] OBJ_roleOccupant */ +0x55,0x04,0x22, /* [5772] OBJ_seeAlso */ +0x55,0x04,0x23, /* [5775] OBJ_userPassword */ +0x55,0x04,0x24, /* [5778] OBJ_userCertificate */ +0x55,0x04,0x25, /* [5781] OBJ_cACertificate */ +0x55,0x04,0x26, /* [5784] OBJ_authorityRevocationList */ +0x55,0x04,0x27, /* [5787] OBJ_certificateRevocationList */ +0x55,0x04,0x28, /* [5790] OBJ_crossCertificatePair */ +0x55,0x04,0x2F, /* [5793] OBJ_enhancedSearchGuide */ +0x55,0x04,0x30, /* [5796] OBJ_protocolInformation */ +0x55,0x04,0x31, /* [5799] OBJ_distinguishedName */ +0x55,0x04,0x32, /* [5802] OBJ_uniqueMember */ +0x55,0x04,0x33, /* [5805] OBJ_houseIdentifier */ +0x55,0x04,0x34, /* [5808] OBJ_supportedAlgorithms */ +0x55,0x04,0x35, /* [5811] OBJ_deltaRevocationList */ +0x55,0x04,0x36, /* [5814] OBJ_dmdName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */ +0x55,0x1D,0x25,0x00, /* [5942] OBJ_anyExtendedKeyUsage */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ -{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0}, -{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0}, -{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0}, -{"MD2","md2",NID_md2,8,&(lvalues[14]),0}, -{"MD5","md5",NID_md5,8,&(lvalues[22]),0}, -{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0}, -{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0}, +{"UNDEF","undefined",NID_undef,0,NULL,0}, +{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0}, +{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0}, +{"MD2","md2",NID_md2,8,&(lvalues[13]),0}, +{"MD5","md5",NID_md5,8,&(lvalues[21]),0}, +{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0}, +{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0}, {"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9, - &(lvalues[47]),0}, + &(lvalues[46]),0}, {"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9, - &(lvalues[56]),0}, + &(lvalues[55]),0}, {"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9, - &(lvalues[65]),0}, + &(lvalues[64]),0}, {"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9, - &(lvalues[74]),0}, -{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0}, -{"X509","X509",NID_X509,2,&(lvalues[84]),0}, -{"CN","commonName",NID_commonName,3,&(lvalues[86]),0}, -{"C","countryName",NID_countryName,3,&(lvalues[89]),0}, -{"L","localityName",NID_localityName,3,&(lvalues[92]),0}, -{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0}, -{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0}, + &(lvalues[73]),0}, +{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0}, +{"X509","X509",NID_X509,2,&(lvalues[83]),0}, +{"CN","commonName",NID_commonName,3,&(lvalues[85]),0}, +{"C","countryName",NID_countryName,3,&(lvalues[88]),0}, +{"L","localityName",NID_localityName,3,&(lvalues[91]),0}, +{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0}, +{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0}, {"OU","organizationalUnitName",NID_organizationalUnitName,3, - &(lvalues[101]),0}, -{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0}, -{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0}, -{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0}, + &(lvalues[100]),0}, +{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0}, +{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0}, +{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0}, {"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9, - &(lvalues[125]),0}, + &(lvalues[124]),0}, {"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9, - &(lvalues[134]),0}, + &(lvalues[133]),0}, {"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData", - NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0}, + NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0}, {"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9, - &(lvalues[152]),0}, + &(lvalues[151]),0}, {"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9, - &(lvalues[161]),0}, -{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0}, + &(lvalues[160]),0}, +{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0}, {"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9, - &(lvalues[178]),0}, -{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0}, -{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, -{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, -{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0}, + &(lvalues[177]),0}, +{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0}, +{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0}, +{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0}, +{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0}, {"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0}, -{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0}, +{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0}, {"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0}, {"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0}, -{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0}, +{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0}, {"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0}, {"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0}, {"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0}, -{"SHA","sha",NID_sha,5,&(lvalues[226]),0}, +{"SHA","sha",NID_sha,5,&(lvalues[225]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, - &(lvalues[231]),0}, + &(lvalues[230]),0}, {"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0}, -{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0}, -{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0}, +{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0}, +{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0}, {"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0}, -{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0}, +{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0}, {"emailAddress","emailAddress",NID_pkcs9_emailAddress,9, - &(lvalues[257]),0}, + &(lvalues[256]),0}, {"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9, - &(lvalues[266]),0}, -{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0}, + &(lvalues[265]),0}, +{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0}, {"messageDigest","messageDigest",NID_pkcs9_messageDigest,9, - &(lvalues[284]),0}, -{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0}, + &(lvalues[283]),0}, +{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0}, {"countersignature","countersignature",NID_pkcs9_countersignature,9, - &(lvalues[302]),0}, + &(lvalues[301]),0}, {"challengePassword","challengePassword",NID_pkcs9_challengePassword, - 9,&(lvalues[311]),0}, + 9,&(lvalues[310]),0}, {"unstructuredAddress","unstructuredAddress", - NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0}, + NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0}, {"extendedCertificateAttributes","extendedCertificateAttributes", - NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0}, + NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0}, {"Netscape","Netscape Communications Corp.",NID_netscape,7, - &(lvalues[338]),0}, + &(lvalues[337]),0}, {"nsCertExt","Netscape Certificate Extension", - NID_netscape_cert_extension,8,&(lvalues[345]),0}, + NID_netscape_cert_extension,8,&(lvalues[344]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, - &(lvalues[353]),0}, + &(lvalues[352]),0}, {"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0}, {"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0}, {"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0}, {"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0}, -{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0}, +{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, - &(lvalues[366]),0}, -{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0}, -{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0}, + &(lvalues[365]),0}, +{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0}, +{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0}, {"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC, - 9,&(lvalues[385]),0}, -{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0}, -{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0}, + 9,&(lvalues[384]),0}, +{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0}, +{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0}, {"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9, - &(lvalues[408]),0}, + &(lvalues[407]),0}, {"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9, - &(lvalues[417]),0}, + &(lvalues[416]),0}, {"nsRevocationUrl","Netscape Revocation Url", - NID_netscape_revocation_url,9,&(lvalues[426]),0}, + NID_netscape_revocation_url,9,&(lvalues[425]),0}, {"nsCaRevocationUrl","Netscape CA Revocation Url", - NID_netscape_ca_revocation_url,9,&(lvalues[435]),0}, + NID_netscape_ca_revocation_url,9,&(lvalues[434]),0}, {"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9, - &(lvalues[444]),0}, + &(lvalues[443]),0}, {"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url, - 9,&(lvalues[453]),0}, + 9,&(lvalues[452]),0}, {"nsSslServerName","Netscape SSL Server Name", - NID_netscape_ssl_server_name,9,&(lvalues[462]),0}, -{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0}, + NID_netscape_ssl_server_name,9,&(lvalues[461]),0}, +{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0}, {"nsCertSequence","Netscape Certificate Sequence", - NID_netscape_cert_sequence,9,&(lvalues[480]),0}, + NID_netscape_cert_sequence,9,&(lvalues[479]),0}, {"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0}, -{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0}, +{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", - NID_subject_key_identifier,3,&(lvalues[491]),0}, -{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0}, + NID_subject_key_identifier,3,&(lvalues[490]),0}, +{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0}, {"privateKeyUsagePeriod","X509v3 Private Key Usage Period", - NID_private_key_usage_period,3,&(lvalues[497]),0}, + NID_private_key_usage_period,3,&(lvalues[496]),0}, {"subjectAltName","X509v3 Subject Alternative Name", - NID_subject_alt_name,3,&(lvalues[500]),0}, + NID_subject_alt_name,3,&(lvalues[499]),0}, {"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name, - 3,&(lvalues[503]),0}, + 3,&(lvalues[502]),0}, {"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints, - 3,&(lvalues[506]),0}, -{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0}, + 3,&(lvalues[505]),0}, +{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0}, {"certificatePolicies","X509v3 Certificate Policies", - NID_certificate_policies,3,&(lvalues[512]),0}, + NID_certificate_policies,3,&(lvalues[511]),0}, {"authorityKeyIdentifier","X509v3 Authority Key Identifier", - NID_authority_key_identifier,3,&(lvalues[515]),0}, -{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0}, + NID_authority_key_identifier,3,&(lvalues[514]),0}, +{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0}, {"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0}, {"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0}, {"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0}, -{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0}, -{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0}, +{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0}, +{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0}, {"RC4-40","rc4-40",NID_rc4_40,0,NULL,0}, {"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0}, -{"GN","givenName",NID_givenName,3,&(lvalues[535]),0}, -{"SN","surname",NID_surname,3,&(lvalues[538]),0}, -{"initials","initials",NID_initials,3,&(lvalues[541]),0}, +{"GN","givenName",NID_givenName,3,&(lvalues[534]),0}, +{"SN","surname",NID_surname,3,&(lvalues[537]),0}, +{"initials","initials",NID_initials,3,&(lvalues[540]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"crlDistributionPoints","X509v3 CRL Distribution Points", - NID_crl_distribution_points,3,&(lvalues[544]),0}, -{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0}, -{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0}, -{"title","title",NID_title,3,&(lvalues[555]),0}, -{"description","description",NID_description,3,&(lvalues[558]),0}, -{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0}, + NID_crl_distribution_points,3,&(lvalues[543]),0}, +{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0}, +{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0}, +{"title","title",NID_title,3,&(lvalues[554]),0}, +{"description","description",NID_description,3,&(lvalues[557]),0}, +{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0}, {"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0}, {"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0}, {"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", - NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0}, -{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0}, + NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0}, +{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0}, {"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0}, -{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0}, -{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0}, -{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0}, +{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0}, +{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0}, +{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, - &(lvalues[603]),0}, -{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0}, + &(lvalues[602]),0}, +{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0}, {"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0}, {"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0}, -{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0}, -{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0}, +{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0}, {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, - &(lvalues[634]),0}, -{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0}, -{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0}, + &(lvalues[633]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0}, {"serverAuth","TLS Web Server Authentication",NID_server_auth,8, - &(lvalues[650]),0}, + &(lvalues[649]),0}, {"clientAuth","TLS Web Client Authentication",NID_client_auth,8, - &(lvalues[658]),0}, -{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0}, + &(lvalues[657]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0}, {"emailProtection","E-mail Protection",NID_email_protect,8, - &(lvalues[674]),0}, -{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0}, + &(lvalues[673]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0}, {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, - &(lvalues[690]),0}, + &(lvalues[689]),0}, {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, - &(lvalues[700]),0}, + &(lvalues[699]),0}, {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, - &(lvalues[710]),0}, -{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0}, + &(lvalues[709]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0}, {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, - &(lvalues[730]),0}, -{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0}, + &(lvalues[729]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0}, {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, - &(lvalues[749]),0}, -{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0}, + &(lvalues[748]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0}, {"invalidityDate","Invalidity Date",NID_invalidity_date,3, - &(lvalues[755]),0}, -{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0}, + &(lvalues[754]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0}, {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", - NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0}, + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0}, {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", - NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0}, + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0}, {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0}, + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0}, {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", - NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0}, + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0}, {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", - NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0}, + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0}, {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", - NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0}, -{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0}, + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0}, {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, - 11,&(lvalues[834]),0}, -{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0}, -{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0}, -{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0}, + 11,&(lvalues[833]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0}, {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, - &(lvalues[878]),0}, -{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0}, -{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0}, + &(lvalues[877]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0}, {"x509Certificate","x509Certificate",NID_x509Certificate,10, - &(lvalues[907]),0}, + &(lvalues[906]),0}, {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, - &(lvalues[917]),0}, -{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0}, -{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0}, -{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0}, -{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0}, -{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0}, + &(lvalues[916]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0}, {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, - &(lvalues[971]),0}, + &(lvalues[970]),0}, {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, - &(lvalues[979]),0}, + &(lvalues[978]),0}, {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, - &(lvalues[988]),0}, + &(lvalues[987]),0}, {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, - &(lvalues[997]),0}, + &(lvalues[996]),0}, {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, - &(lvalues[1006]),0}, + &(lvalues[1005]),0}, {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, - &(lvalues[1015]),0}, -{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0}, -{"name","name",NID_name,3,&(lvalues[1034]),0}, -{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0}, -{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0}, -{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0}, + &(lvalues[1014]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0}, +{"name","name",NID_name,3,&(lvalues[1033]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0}, {"authorityInfoAccess","Authority Information Access",NID_info_access, - 8,&(lvalues[1054]),0}, -{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0}, -{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0}, -{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0}, -{"ISO","iso",NID_iso,1,&(lvalues[1086]),0}, -{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0}, -{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0}, -{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0}, -{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0}, -{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0}, -{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0}, -{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0}, -{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0}, -{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0}, -{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0}, -{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0}, -{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0}, -{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0}, -{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0}, + 8,&(lvalues[1053]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0}, +{"ISO","iso",NID_iso,0,NULL,0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0}, {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, - &(lvalues[1197]),0}, + &(lvalues[1195]),0}, {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, - &(lvalues[1208]),0}, + &(lvalues[1206]),0}, {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, - &(lvalues[1219]),0}, + &(lvalues[1217]),0}, {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, - 11,&(lvalues[1230]),0}, + 11,&(lvalues[1228]),0}, {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", - NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0}, + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0}, {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", - NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0}, + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0}, {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", - NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0}, + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0}, {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", - NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0}, + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0}, {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, - 11,&(lvalues[1285]),0}, + 11,&(lvalues[1283]),0}, {"id-smime-ct-authData","id-smime-ct-authData", - NID_id_smime_ct_authData,11,&(lvalues[1296]),0}, + NID_id_smime_ct_authData,11,&(lvalues[1294]),0}, {"id-smime-ct-publishCert","id-smime-ct-publishCert", - NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0}, + NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0}, {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, - 11,&(lvalues[1318]),0}, + 11,&(lvalues[1316]),0}, {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, - 11,&(lvalues[1329]),0}, + 11,&(lvalues[1327]),0}, {"id-smime-ct-contentInfo","id-smime-ct-contentInfo", - NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0}, + NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0}, {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", - NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0}, + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0}, {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", - NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0}, + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0}, {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", - NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0}, + NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0}, {"id-smime-aa-securityLabel","id-smime-aa-securityLabel", - NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0}, + NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0}, {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", - NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0}, + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0}, {"id-smime-aa-contentHint","id-smime-aa-contentHint", - NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0}, + NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0}, {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", - NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0}, + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0}, {"id-smime-aa-encapContentType","id-smime-aa-encapContentType", - NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0}, + NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0}, {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", - NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0}, + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0}, {"id-smime-aa-macValue","id-smime-aa-macValue", - NID_id_smime_aa_macValue,11,&(lvalues[1450]),0}, + NID_id_smime_aa_macValue,11,&(lvalues[1448]),0}, {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", - NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0}, + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0}, {"id-smime-aa-contentReference","id-smime-aa-contentReference", - NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0}, + NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0}, {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", - NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0}, + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0}, {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", - NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0}, + NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0}, {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", - NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0}, + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0}, {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", - NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0}, + NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0}, {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", - NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0}, + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0}, {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", - NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0}, + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0}, {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", - NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0}, + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0}, {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", - NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0}, + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0}, {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", - NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0}, + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0}, {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp", - NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0}, + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0}, {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", - NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0}, + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0}, {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", - NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0}, + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0}, {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", - NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0}, + NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0}, {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues", - NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0}, + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0}, {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", - NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0}, + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0}, {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp", - NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0}, + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0}, {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp", - NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0}, + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0}, {"id-smime-aa-signatureType","id-smime-aa-signatureType", - NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0}, + NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0}, {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", - NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0}, + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0}, {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", - NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0}, + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0}, {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", - NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0}, + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0}, {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", - NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0}, + NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0}, {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", - NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0}, + NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0}, {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, - &(lvalues[1736]),0}, + &(lvalues[1734]),0}, {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", - NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0}, + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0}, {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", - NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0}, + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0}, {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, - &(lvalues[1769]),0}, + &(lvalues[1767]),0}, {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", - NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0}, + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0}, {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", - NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0}, + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0}, {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", - NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0}, + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0}, {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", - NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0}, + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0}, {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery", - NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0}, + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0}, {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", - NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0}, + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0}, {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval", - NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0}, + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0}, {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation", - NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0}, -{"MD4","md4",NID_md4,8,&(lvalues[1868]),0}, -{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0}, -{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0}, -{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0}, -{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0}, -{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0}, -{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0}, -{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0}, -{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0}, -{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0}, -{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0}, -{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0}, + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1866]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0}, {"id-pkix1-explicit-88","id-pkix1-explicit-88", - NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0}, + NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0}, {"id-pkix1-implicit-88","id-pkix1-implicit-88", - NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0}, + NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0}, {"id-pkix1-explicit-93","id-pkix1-explicit-93", - NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0}, + NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0}, {"id-pkix1-implicit-93","id-pkix1-implicit-93", - NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0}, -{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0}, -{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0}, + NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0}, {"id-mod-kea-profile-88","id-mod-kea-profile-88", - NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0}, + NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0}, {"id-mod-kea-profile-93","id-mod-kea-profile-93", - NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0}, -{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0}, + NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0}, {"id-mod-qualified-cert-88","id-mod-qualified-cert-88", - NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0}, + NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0}, {"id-mod-qualified-cert-93","id-mod-qualified-cert-93", - NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0}, + NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0}, {"id-mod-attribute-cert","id-mod-attribute-cert", - NID_id_mod_attribute_cert,8,&(lvalues[2041]),0}, + NID_id_mod_attribute_cert,8,&(lvalues[2039]),0}, {"id-mod-timestamp-protocol","id-mod-timestamp-protocol", - NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0}, -{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0}, -{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0}, + NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0}, {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, - &(lvalues[2073]),0}, -{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0}, -{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0}, + &(lvalues[2071]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0}, {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, - &(lvalues[2097]),0}, -{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0}, -{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0}, + &(lvalues[2095]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0}, {"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8, - &(lvalues[2121]),0}, + &(lvalues[2119]),0}, {"sbgp-autonomousSysNum","sbgp-autonomousSysNum", - NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0}, + NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0}, {"sbgp-routerIdentifier","sbgp-routerIdentifier", - NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0}, -{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0}, + NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0}, {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, - &(lvalues[2153]),0}, -{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0}, -{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0}, -{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0}, + &(lvalues[2151]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0}, {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, - 8,&(lvalues[2185]),0}, + 8,&(lvalues[2183]),0}, {"id-it-signKeyPairTypes","id-it-signKeyPairTypes", - NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0}, + NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0}, {"id-it-encKeyPairTypes","id-it-encKeyPairTypes", - NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0}, + NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0}, {"id-it-preferredSymmAlg","id-it-preferredSymmAlg", - NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0}, + NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0}, {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", - NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0}, + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0}, {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, - &(lvalues[2225]),0}, + &(lvalues[2223]),0}, {"id-it-unsupportedOIDs","id-it-unsupportedOIDs", - NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0}, + NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0}, {"id-it-subscriptionRequest","id-it-subscriptionRequest", - NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0}, + NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0}, {"id-it-subscriptionResponse","id-it-subscriptionResponse", - NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0}, + NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0}, {"id-it-keyPairParamReq","id-it-keyPairParamReq", - NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0}, + NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0}, {"id-it-keyPairParamRep","id-it-keyPairParamRep", - NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0}, + NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0}, {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, - 8,&(lvalues[2273]),0}, + 8,&(lvalues[2271]),0}, {"id-it-implicitConfirm","id-it-implicitConfirm", - NID_id_it_implicitConfirm,8,&(lvalues[2281]),0}, + NID_id_it_implicitConfirm,8,&(lvalues[2279]),0}, {"id-it-confirmWaitTime","id-it-confirmWaitTime", - NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0}, + NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0}, {"id-it-origPKIMessage","id-it-origPKIMessage", - NID_id_it_origPKIMessage,8,&(lvalues[2297]),0}, -{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0}, -{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0}, + NID_id_it_origPKIMessage,8,&(lvalues[2295]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0}, {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, - 9,&(lvalues[2321]),0}, + 9,&(lvalues[2319]),0}, {"id-regCtrl-authenticator","id-regCtrl-authenticator", - NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0}, + NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0}, {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", - NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0}, + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0}, {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", - NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0}, + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0}, {"id-regCtrl-oldCertID","id-regCtrl-oldCertID", - NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0}, + NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0}, {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", - NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0}, + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0}, {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", - NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0}, + NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0}, {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, - &(lvalues[2384]),0}, -{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0}, + &(lvalues[2382]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0}, {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, - &(lvalues[2401]),0}, + &(lvalues[2399]),0}, {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", - NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0}, -{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0}, + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0}, {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, - &(lvalues[2425]),0}, + &(lvalues[2423]),0}, {"id-cmc-identification","id-cmc-identification", - NID_id_cmc_identification,8,&(lvalues[2433]),0}, + NID_id_cmc_identification,8,&(lvalues[2431]),0}, {"id-cmc-identityProof","id-cmc-identityProof", - NID_id_cmc_identityProof,8,&(lvalues[2441]),0}, + NID_id_cmc_identityProof,8,&(lvalues[2439]),0}, {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, - &(lvalues[2449]),0}, + &(lvalues[2447]),0}, {"id-cmc-transactionId","id-cmc-transactionId", - NID_id_cmc_transactionId,8,&(lvalues[2457]),0}, + NID_id_cmc_transactionId,8,&(lvalues[2455]),0}, {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, - &(lvalues[2465]),0}, + &(lvalues[2463]),0}, {"id-cmc-recipientNonce","id-cmc-recipientNonce", - NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0}, + NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0}, {"id-cmc-addExtensions","id-cmc-addExtensions", - NID_id_cmc_addExtensions,8,&(lvalues[2481]),0}, + NID_id_cmc_addExtensions,8,&(lvalues[2479]),0}, {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, - 8,&(lvalues[2489]),0}, + 8,&(lvalues[2487]),0}, {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, - 8,&(lvalues[2497]),0}, + 8,&(lvalues[2495]),0}, {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", - NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0}, + NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0}, {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, - &(lvalues[2513]),0}, -{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0}, + &(lvalues[2511]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0}, {"id-cmc-revokeRequest","id-cmc-revokeRequest", - NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0}, + NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0}, {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, - &(lvalues[2537]),0}, + &(lvalues[2535]),0}, {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, - 8,&(lvalues[2545]),0}, + 8,&(lvalues[2543]),0}, {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, - 8,&(lvalues[2553]),0}, + 8,&(lvalues[2551]),0}, {"id-cmc-popLinkRandom","id-cmc-popLinkRandom", - NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0}, + NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0}, {"id-cmc-popLinkWitness","id-cmc-popLinkWitness", - NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0}, + NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0}, {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", - NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0}, + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0}, {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, - &(lvalues[2585]),0}, + &(lvalues[2583]),0}, {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, - &(lvalues[2593]),0}, + &(lvalues[2591]),0}, {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, - 8,&(lvalues[2601]),0}, + 8,&(lvalues[2599]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0}, {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", - NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0}, + NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0}, {"id-pda-countryOfResidence","id-pda-countryOfResidence", - NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0}, + NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0}, {"id-aca-authenticationInfo","id-aca-authenticationInfo", - NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0}, + NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0}, {"id-aca-accessIdentity","id-aca-accessIdentity", - NID_id_aca_accessIdentity,8,&(lvalues[2641]),0}, + NID_id_aca_accessIdentity,8,&(lvalues[2639]),0}, {"id-aca-chargingIdentity","id-aca-chargingIdentity", - NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0}, -{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0}, -{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0}, + NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0}, {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", - NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0}, -{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0}, + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0}, {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, - &(lvalues[2689]),0}, + &(lvalues[2687]),0}, {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, - &(lvalues[2697]),0}, + &(lvalues[2695]),0}, {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, - &(lvalues[2705]),0}, -{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0}, + &(lvalues[2703]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0}, {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, - &(lvalues[2721]),0}, -{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0}, -{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0}, + &(lvalues[2719]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0}, {"acceptableResponses","Acceptable OCSP Responses", - NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0}, -{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0}, + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0}, {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, - 9,&(lvalues[2766]),0}, + 9,&(lvalues[2764]),0}, {"serviceLocator","OCSP Service Locator", - NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0}, + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0}, {"extendedStatus","Extended OCSP Status", - NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0}, -{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0}, -{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0}, + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0}, {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, - &(lvalues[2811]),0}, -{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0}, -{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0}, + &(lvalues[2809]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0}, {"X500algorithms","directory services - algorithms", - NID_X500algorithms,2,&(lvalues[2829]),0}, -{"ORG","org",NID_org,1,&(lvalues[2831]),0}, -{"DOD","dod",NID_dod,2,&(lvalues[2832]),0}, -{"IANA","iana",NID_iana,3,&(lvalues[2834]),0}, -{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0}, -{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0}, -{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0}, -{"private","Private",NID_Private,4,&(lvalues[2849]),0}, -{"security","Security",NID_Security,4,&(lvalues[2853]),0}, -{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0}, -{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0}, -{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0}, -{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0}, -{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0}, -{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0}, -{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0}, + NID_X500algorithms,2,&(lvalues[2827]),0}, +{"ORG","org",NID_org,1,&(lvalues[2829]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2830]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2832]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0}, +{"private","Private",NID_Private,4,&(lvalues[2847]),0}, +{"security","Security",NID_Security,4,&(lvalues[2851]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0}, +{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0}, {"selected-attribute-types","Selected Attribute Types", - NID_selected_attribute_types,3,&(lvalues[2900]),0}, -{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0}, + NID_selected_attribute_types,3,&(lvalues[2897]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0}, {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, - &(lvalues[2907]),0}, -{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0}, + &(lvalues[2904]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0}, {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, - &(lvalues[2924]),0}, + &(lvalues[2921]),0}, {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, - &(lvalues[2932]),0}, -{"role","role",NID_role,3,&(lvalues[2940]),0}, + &(lvalues[2929]),0}, +{"role","role",NID_role,3,&(lvalues[2937]),0}, {"policyConstraints","X509v3 Policy Constraints", - NID_policy_constraints,3,&(lvalues[2943]),0}, + NID_policy_constraints,3,&(lvalues[2940]),0}, {"targetInformation","X509v3 AC Targeting",NID_target_information,3, - &(lvalues[2946]),0}, + &(lvalues[2943]),0}, {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, - &(lvalues[2949]),0}, -{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0}, -{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0}, -{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0}, + &(lvalues[2946]),0}, +{"NULL","NULL",NID_ccitt,0,NULL,0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0}, {"characteristic-two-field","characteristic-two-field", - NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0}, + NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0}, {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, - &(lvalues[2972]),0}, -{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0}, -{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0}, -{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0}, -{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0}, -{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0}, -{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0}, -{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0}, + &(lvalues[2968]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, - &(lvalues[3035]),0}, -{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0}, -{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0}, -{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0}, -{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0}, -{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0}, -{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0}, -{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0}, -{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0}, -{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0}, -{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0}, -{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0}, -{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0}, -{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0}, + &(lvalues[3031]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0}, {"holdInstructionCode","Hold Instruction Code", - NID_hold_instruction_code,3,&(lvalues[3159]),0}, + NID_hold_instruction_code,3,&(lvalues[3155]),0}, {"holdInstructionNone","Hold Instruction None", - NID_hold_instruction_none,7,&(lvalues[3162]),0}, + NID_hold_instruction_none,7,&(lvalues[3158]),0}, {"holdInstructionCallIssuer","Hold Instruction Call Issuer", - NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0}, + NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0}, {"holdInstructionReject","Hold Instruction Reject", - NID_hold_instruction_reject,7,&(lvalues[3176]),0}, -{"data","data",NID_data,1,&(lvalues[3183]),0}, -{"pss","pss",NID_pss,3,&(lvalues[3184]),0}, -{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0}, -{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0}, + NID_hold_instruction_reject,7,&(lvalues[3172]),0}, +{"data","data",NID_data,1,&(lvalues[3179]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3180]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0}, {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, - &(lvalues[3202]),0}, + &(lvalues[3198]),0}, {"pilotAttributeSyntax","pilotAttributeSyntax", - NID_pilotAttributeSyntax,9,&(lvalues[3211]),0}, + NID_pilotAttributeSyntax,9,&(lvalues[3207]),0}, {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, - &(lvalues[3220]),0}, -{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0}, + &(lvalues[3216]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0}, {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, - &(lvalues[3238]),0}, + &(lvalues[3234]),0}, {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", - NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0}, -{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0}, -{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0}, -{"account","account",NID_account,10,&(lvalues[3278]),0}, -{"document","document",NID_document,10,&(lvalues[3288]),0}, -{"room","room",NID_room,10,&(lvalues[3298]),0}, + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0}, +{"account","account",NID_account,10,&(lvalues[3274]),0}, +{"document","document",NID_document,10,&(lvalues[3284]),0}, +{"room","room",NID_room,10,&(lvalues[3294]),0}, {"documentSeries","documentSeries",NID_documentSeries,10, - &(lvalues[3308]),0}, + &(lvalues[3304]),0}, {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, - &(lvalues[3318]),0}, -{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0}, + &(lvalues[3314]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0}, {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, - 10,&(lvalues[3338]),0}, + 10,&(lvalues[3334]),0}, {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, - &(lvalues[3348]),0}, + &(lvalues[3344]),0}, {"simpleSecurityObject","simpleSecurityObject", - NID_simpleSecurityObject,10,&(lvalues[3358]),0}, + NID_simpleSecurityObject,10,&(lvalues[3354]),0}, {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, - &(lvalues[3368]),0}, -{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0}, + &(lvalues[3364]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0}, {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, - 10,&(lvalues[3388]),0}, -{"UID","userId",NID_userId,10,&(lvalues[3398]),0}, + 10,&(lvalues[3384]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3394]),0}, {"textEncodedORAddress","textEncodedORAddress", - NID_textEncodedORAddress,10,&(lvalues[3408]),0}, -{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0}, -{"info","info",NID_info,10,&(lvalues[3428]),0}, + NID_textEncodedORAddress,10,&(lvalues[3404]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0}, +{"info","info",NID_info,10,&(lvalues[3424]),0}, {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, - &(lvalues[3438]),0}, -{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0}, -{"photo","photo",NID_photo,10,&(lvalues[3458]),0}, -{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0}, -{"host","host",NID_host,10,&(lvalues[3478]),0}, -{"manager","manager",NID_manager,10,&(lvalues[3488]),0}, + &(lvalues[3434]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3454]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0}, +{"host","host",NID_host,10,&(lvalues[3474]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3484]),0}, {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, - &(lvalues[3498]),0}, -{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0}, + &(lvalues[3494]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0}, {"documentVersion","documentVersion",NID_documentVersion,10, - &(lvalues[3518]),0}, + &(lvalues[3514]),0}, {"documentAuthor","documentAuthor",NID_documentAuthor,10, - &(lvalues[3528]),0}, + &(lvalues[3524]),0}, {"documentLocation","documentLocation",NID_documentLocation,10, - &(lvalues[3538]),0}, + &(lvalues[3534]),0}, {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, - 10,&(lvalues[3548]),0}, -{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0}, -{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0}, + 10,&(lvalues[3544]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0}, {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, - &(lvalues[3578]),0}, + &(lvalues[3574]),0}, {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, - &(lvalues[3588]),0}, -{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0}, + &(lvalues[3584]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0}, {"pilotAttributeType27","pilotAttributeType27", - NID_pilotAttributeType27,10,&(lvalues[3608]),0}, -{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0}, -{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0}, -{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0}, -{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0}, + NID_pilotAttributeType27,10,&(lvalues[3604]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0}, {"associatedDomain","associatedDomain",NID_associatedDomain,10, - &(lvalues[3658]),0}, + &(lvalues[3654]),0}, {"associatedName","associatedName",NID_associatedName,10, - &(lvalues[3668]),0}, + &(lvalues[3664]),0}, {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, - &(lvalues[3678]),0}, -{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0}, + &(lvalues[3674]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0}, {"mobileTelephoneNumber","mobileTelephoneNumber", - NID_mobileTelephoneNumber,10,&(lvalues[3698]),0}, + NID_mobileTelephoneNumber,10,&(lvalues[3694]),0}, {"pagerTelephoneNumber","pagerTelephoneNumber", - NID_pagerTelephoneNumber,10,&(lvalues[3708]),0}, + NID_pagerTelephoneNumber,10,&(lvalues[3704]),0}, {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, - 10,&(lvalues[3718]),0}, + 10,&(lvalues[3714]),0}, {"organizationalStatus","organizationalStatus", - NID_organizationalStatus,10,&(lvalues[3728]),0}, -{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0}, + NID_organizationalStatus,10,&(lvalues[3724]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0}, {"mailPreferenceOption","mailPreferenceOption", - NID_mailPreferenceOption,10,&(lvalues[3748]),0}, -{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0}, -{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0}, + NID_mailPreferenceOption,10,&(lvalues[3744]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0}, {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, - &(lvalues[3778]),0}, + &(lvalues[3774]),0}, {"subtreeMinimumQuality","subtreeMinimumQuality", - NID_subtreeMinimumQuality,10,&(lvalues[3788]),0}, + NID_subtreeMinimumQuality,10,&(lvalues[3784]),0}, {"subtreeMaximumQuality","subtreeMaximumQuality", - NID_subtreeMaximumQuality,10,&(lvalues[3798]),0}, + NID_subtreeMaximumQuality,10,&(lvalues[3794]),0}, {"personalSignature","personalSignature",NID_personalSignature,10, - &(lvalues[3808]),0}, -{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0}, -{"audio","audio",NID_audio,10,&(lvalues[3828]),0}, + &(lvalues[3804]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3824]),0}, {"documentPublisher","documentPublisher",NID_documentPublisher,10, - &(lvalues[3838]),0}, + &(lvalues[3834]),0}, {"x500UniqueIdentifier","x500UniqueIdentifier", - NID_x500UniqueIdentifier,3,&(lvalues[3848]),0}, -{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0}, + NID_x500UniqueIdentifier,3,&(lvalues[3844]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0}, {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, - &(lvalues[3856]),0}, + &(lvalues[3852]),0}, {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, - &(lvalues[3862]),0}, + &(lvalues[3858]),0}, {"id-hex-partial-message","id-hex-partial-message", - NID_id_hex_partial_message,7,&(lvalues[3868]),0}, + NID_id_hex_partial_message,7,&(lvalues[3864]),0}, {"id-hex-multipart-message","id-hex-multipart-message", - NID_id_hex_multipart_message,7,&(lvalues[3875]),0}, + NID_id_hex_multipart_message,7,&(lvalues[3871]),0}, {"generationQualifier","generationQualifier",NID_generationQualifier, - 3,&(lvalues[3882]),0}, -{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0}, + 3,&(lvalues[3878]),0}, +{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"id-set","Secure Electronic Transactions",NID_id_set,2, - &(lvalues[3888]),0}, -{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0}, -{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0}, -{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0}, -{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0}, + &(lvalues[3884]),0}, +{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0}, +{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0}, +{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0}, +{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0}, {"set-certExt","certificate extensions",NID_set_certExt,3, - &(lvalues[3902]),0}, -{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0}, -{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0}, + &(lvalues[3898]),0}, +{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0}, +{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0}, {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4, - &(lvalues[3912]),0}, -{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0}, -{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0}, -{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0}, -{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0}, + &(lvalues[3908]),0}, +{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0}, +{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0}, +{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0}, +{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0}, {"setct-PIDataUnsigned","setct-PIDataUnsigned", - NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0}, + NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0}, {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4, - &(lvalues[3936]),0}, + &(lvalues[3932]),0}, {"setct-AuthResBaggage","setct-AuthResBaggage", - NID_setct_AuthResBaggage,4,&(lvalues[3940]),0}, + NID_setct_AuthResBaggage,4,&(lvalues[3936]),0}, {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage", - NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0}, + NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0}, {"setct-AuthRevResBaggage","setct-AuthRevResBaggage", - NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0}, + NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0}, {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4, - &(lvalues[3952]),0}, + &(lvalues[3948]),0}, {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4, - &(lvalues[3956]),0}, -{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0}, + &(lvalues[3952]),0}, +{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0}, {"setct-PResData","setct-PResData",NID_setct_PResData,4, - &(lvalues[3964]),0}, + &(lvalues[3960]),0}, {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4, - &(lvalues[3968]),0}, + &(lvalues[3964]),0}, {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4, - &(lvalues[3972]),0}, + &(lvalues[3968]),0}, {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4, - &(lvalues[3976]),0}, + &(lvalues[3972]),0}, {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4, - &(lvalues[3980]),0}, + &(lvalues[3976]),0}, {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4, - &(lvalues[3984]),0}, + &(lvalues[3980]),0}, {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4, - &(lvalues[3988]),0}, + &(lvalues[3984]),0}, {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg", - NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0}, + NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0}, {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS, - 4,&(lvalues[3996]),0}, + 4,&(lvalues[3992]),0}, {"setct-AuthRevResData","setct-AuthRevResData", - NID_setct_AuthRevResData,4,&(lvalues[4000]),0}, + NID_setct_AuthRevResData,4,&(lvalues[3996]),0}, {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS, - 4,&(lvalues[4004]),0}, + 4,&(lvalues[4000]),0}, {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4, - &(lvalues[4008]),0}, + &(lvalues[4004]),0}, {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4, - &(lvalues[4012]),0}, + &(lvalues[4008]),0}, {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4, - &(lvalues[4016]),0}, + &(lvalues[4012]),0}, {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4, - &(lvalues[4020]),0}, + &(lvalues[4016]),0}, {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX, - 4,&(lvalues[4024]),0}, + 4,&(lvalues[4020]),0}, {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData, - 4,&(lvalues[4028]),0}, + 4,&(lvalues[4024]),0}, {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4, - &(lvalues[4032]),0}, + &(lvalues[4028]),0}, {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4, - &(lvalues[4036]),0}, + &(lvalues[4032]),0}, {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4, - &(lvalues[4040]),0}, + &(lvalues[4036]),0}, {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS, - 4,&(lvalues[4044]),0}, + 4,&(lvalues[4040]),0}, {"setct-CredRevReqTBSX","setct-CredRevReqTBSX", - NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0}, + NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0}, {"setct-CredRevResData","setct-CredRevResData", - NID_setct_CredRevResData,4,&(lvalues[4052]),0}, + NID_setct_CredRevResData,4,&(lvalues[4048]),0}, {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4, - &(lvalues[4056]),0}, + &(lvalues[4052]),0}, {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4, - &(lvalues[4060]),0}, + &(lvalues[4056]),0}, {"setct-BatchAdminReqData","setct-BatchAdminReqData", - NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0}, + NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0}, {"setct-BatchAdminResData","setct-BatchAdminResData", - NID_setct_BatchAdminResData,4,&(lvalues[4068]),0}, + NID_setct_BatchAdminResData,4,&(lvalues[4064]),0}, {"setct-CardCInitResTBS","setct-CardCInitResTBS", - NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0}, + NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0}, {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS", - NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0}, + NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0}, {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS, - 4,&(lvalues[4080]),0}, + 4,&(lvalues[4076]),0}, {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4, - &(lvalues[4084]),0}, + &(lvalues[4080]),0}, {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4, - &(lvalues[4088]),0}, + &(lvalues[4084]),0}, {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4, - &(lvalues[4092]),0}, + &(lvalues[4088]),0}, {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS, - 4,&(lvalues[4096]),0}, + 4,&(lvalues[4092]),0}, {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4, - &(lvalues[4100]),0}, + &(lvalues[4096]),0}, {"setct-PIDualSignedTBE","setct-PIDualSignedTBE", - NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0}, + NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0}, {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE, - 4,&(lvalues[4108]),0}, + 4,&(lvalues[4104]),0}, {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4, - &(lvalues[4112]),0}, + &(lvalues[4108]),0}, {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4, - &(lvalues[4116]),0}, + &(lvalues[4112]),0}, {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4, - &(lvalues[4120]),0}, + &(lvalues[4116]),0}, {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4, - &(lvalues[4124]),0}, + &(lvalues[4120]),0}, {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4, - &(lvalues[4128]),0}, + &(lvalues[4124]),0}, {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4, - &(lvalues[4132]),0}, + &(lvalues[4128]),0}, {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE", - NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0}, + NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0}, {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE, - 4,&(lvalues[4140]),0}, + 4,&(lvalues[4136]),0}, {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE, - 4,&(lvalues[4144]),0}, + 4,&(lvalues[4140]),0}, {"setct-AuthRevResTBEB","setct-AuthRevResTBEB", - NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0}, + NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0}, {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4, - &(lvalues[4152]),0}, + &(lvalues[4148]),0}, {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4, - &(lvalues[4156]),0}, + &(lvalues[4152]),0}, {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4, - &(lvalues[4160]),0}, + &(lvalues[4156]),0}, {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4, - &(lvalues[4164]),0}, + &(lvalues[4160]),0}, {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX, - 4,&(lvalues[4168]),0}, + 4,&(lvalues[4164]),0}, {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4, - &(lvalues[4172]),0}, + &(lvalues[4168]),0}, {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4, - &(lvalues[4176]),0}, + &(lvalues[4172]),0}, {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4, - &(lvalues[4180]),0}, + &(lvalues[4176]),0}, {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4, - &(lvalues[4184]),0}, + &(lvalues[4180]),0}, {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE, - 4,&(lvalues[4188]),0}, + 4,&(lvalues[4184]),0}, {"setct-CredRevReqTBEX","setct-CredRevReqTBEX", - NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0}, + NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0}, {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE, - 4,&(lvalues[4196]),0}, + 4,&(lvalues[4192]),0}, {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE", - NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0}, + NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0}, {"setct-BatchAdminResTBE","setct-BatchAdminResTBE", - NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0}, + NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0}, {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE, - 4,&(lvalues[4208]),0}, + 4,&(lvalues[4204]),0}, {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4, - &(lvalues[4212]),0}, + &(lvalues[4208]),0}, {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4, - &(lvalues[4216]),0}, + &(lvalues[4212]),0}, {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4, - &(lvalues[4220]),0}, + &(lvalues[4216]),0}, {"setct-CRLNotificationTBS","setct-CRLNotificationTBS", - NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0}, + NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0}, {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS", - NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0}, + NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0}, {"setct-BCIDistributionTBS","setct-BCIDistributionTBS", - NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0}, + NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0}, {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4, - &(lvalues[4236]),0}, + &(lvalues[4232]),0}, {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4, - &(lvalues[4240]),0}, + &(lvalues[4236]),0}, {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4, - &(lvalues[4244]),0}, -{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0}, -{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0}, + &(lvalues[4240]),0}, +{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0}, +{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0}, {"setext-cv","additional verification",NID_setext_cv,4, - &(lvalues[4256]),0}, + &(lvalues[4252]),0}, {"set-policy-root","set-policy-root",NID_set_policy_root,4, - &(lvalues[4260]),0}, + &(lvalues[4256]),0}, {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4, - &(lvalues[4264]),0}, + &(lvalues[4260]),0}, {"setCext-certType","setCext-certType",NID_setCext_certType,4, - &(lvalues[4268]),0}, + &(lvalues[4264]),0}, {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4, - &(lvalues[4272]),0}, + &(lvalues[4268]),0}, {"setCext-cCertRequired","setCext-cCertRequired", - NID_setCext_cCertRequired,4,&(lvalues[4276]),0}, + NID_setCext_cCertRequired,4,&(lvalues[4272]),0}, {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4, - &(lvalues[4280]),0}, + &(lvalues[4276]),0}, {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4, - &(lvalues[4284]),0}, + &(lvalues[4280]),0}, {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4, - &(lvalues[4288]),0}, + &(lvalues[4284]),0}, {"setCext-PGWYcapabilities","setCext-PGWYcapabilities", - NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0}, + NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0}, {"setCext-TokenIdentifier","setCext-TokenIdentifier", - NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0}, + NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0}, {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4, - &(lvalues[4300]),0}, + &(lvalues[4296]),0}, {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4, - &(lvalues[4304]),0}, + &(lvalues[4300]),0}, {"setCext-IssuerCapabilities","setCext-IssuerCapabilities", - NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0}, -{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0}, + NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0}, +{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0}, {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap, - 4,&(lvalues[4316]),0}, + 4,&(lvalues[4312]),0}, {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4, - &(lvalues[4320]),0}, + &(lvalues[4316]),0}, {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4, - &(lvalues[4324]),0}, + &(lvalues[4320]),0}, {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5, - &(lvalues[4328]),0}, -{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0}, + &(lvalues[4324]),0}, +{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0}, {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5, - &(lvalues[4338]),0}, + &(lvalues[4334]),0}, {"setAttr-Token-B0Prime","setAttr-Token-B0Prime", - NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0}, + NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0}, {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5, - &(lvalues[4348]),0}, + &(lvalues[4344]),0}, {"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, - &(lvalues[4353]),0}, + &(lvalues[4349]),0}, {"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, - &(lvalues[4358]),0}, + &(lvalues[4354]),0}, {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm, - 6,&(lvalues[4363]),0}, + 6,&(lvalues[4359]),0}, {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6, - &(lvalues[4369]),0}, + &(lvalues[4365]),0}, {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6, - &(lvalues[4375]),0}, + &(lvalues[4371]),0}, {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6, - &(lvalues[4381]),0}, + &(lvalues[4377]),0}, {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig, - 6,&(lvalues[4387]),0}, + 6,&(lvalues[4383]),0}, {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4, - &(lvalues[4393]),0}, + &(lvalues[4389]),0}, {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4, - &(lvalues[4397]),0}, + &(lvalues[4393]),0}, {"set-brand-AmericanExpress","set-brand-AmericanExpress", - NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0}, -{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0}, + NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0}, +{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0}, {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4, - &(lvalues[4409]),0}, + &(lvalues[4405]),0}, {"set-brand-MasterCard","set-brand-MasterCard", - NID_set_brand_MasterCard,4,&(lvalues[4413]),0}, + NID_set_brand_MasterCard,4,&(lvalues[4409]),0}, {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5, - &(lvalues[4417]),0}, -{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0}, + &(lvalues[4413]),0}, +{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0}, {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET", - NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0}, -{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0}, -{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1, - &(lvalues[4440]),0}, + NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0}, +{"ITU-T","itu-t",NID_itu_t,0,NULL,0}, +{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0}, {"international-organizations","International Organizations", - NID_international_organizations,1,&(lvalues[4441]),0}, + NID_international_organizations,1,&(lvalues[4435]),0}, {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login, - 10,&(lvalues[4442]),0}, + 10,&(lvalues[4436]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, - &(lvalues[4452]),0}, + &(lvalues[4446]),0}, {"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0}, {"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0}, {"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0}, @@ -1979,138 +1972,138 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0}, {"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0}, {"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0}, -{"street","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0}, -{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0}, +{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0}, +{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0}, {"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4475]),0}, + &(lvalues[4469]),0}, {"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, - &(lvalues[4483]),0}, + &(lvalues[4477]),0}, {"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, - &(lvalues[4491]),0}, + &(lvalues[4485]),0}, {"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, - &(lvalues[4499]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0}, + &(lvalues[4493]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0}, {"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4510]),0}, + &(lvalues[4504]),0}, {"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4519]),0}, + &(lvalues[4513]),0}, {"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4528]),0}, + &(lvalues[4522]),0}, {"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4537]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0}, + &(lvalues[4531]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0}, {"identified-organization","identified-organization", - NID_identified_organization,1,&(lvalues[4582]),0}, -{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0}, -{"wap","wap",NID_wap,2,&(lvalues[4586]),0}, -{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0}, + NID_identified_organization,1,&(lvalues[4576]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4580]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0}, {"id-characteristic-two-basis","id-characteristic-two-basis", - NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0}, -{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0}, -{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0}, -{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0}, -{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0}, -{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0}, -{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0}, -{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0}, -{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0}, -{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0}, -{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0}, -{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0}, -{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0}, -{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0}, -{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0}, -{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0}, -{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0}, -{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0}, -{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0}, -{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0}, -{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0}, -{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0}, -{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0}, -{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0}, -{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0}, -{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0}, -{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0}, -{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0}, -{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0}, -{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0}, -{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0}, -{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0}, -{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0}, -{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0}, -{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0}, -{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0}, -{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0}, -{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0}, -{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0}, -{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0}, -{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0}, -{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0}, -{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0}, -{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0}, -{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0}, -{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0}, -{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0}, -{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0}, -{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0}, -{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0}, -{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0}, -{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0}, -{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0}, -{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0}, -{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0}, + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0}, {"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", - NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0}, + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0}, {"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", - NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0}, + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0}, {"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", - NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0}, + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0}, {"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", - NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0}, + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0}, {"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", - NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0}, + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0}, {"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", - NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0}, + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0}, {"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", - NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0}, + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0}, {"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", - NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0}, + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0}, {"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", - NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0}, + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0}, {"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", - NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0}, + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0}, {"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", - NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0}, -{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0}, + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0}, {"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, - &(lvalues[5000]),0}, + &(lvalues[4994]),0}, {"inhibitAnyPolicy","X509v3 Inhibit Any Policy", - NID_inhibit_any_policy,3,&(lvalues[5003]),0}, + NID_inhibit_any_policy,3,&(lvalues[4997]),0}, {"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0}, {"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0}, {"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11, - &(lvalues[5006]),0}, + &(lvalues[5000]),0}, {"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11, - &(lvalues[5017]),0}, + &(lvalues[5011]),0}, {"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11, - &(lvalues[5028]),0}, + &(lvalues[5022]),0}, {"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8, - &(lvalues[5039]),0}, + &(lvalues[5033]),0}, {"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8, - &(lvalues[5047]),0}, + &(lvalues[5041]),0}, {"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8, - &(lvalues[5055]),0}, + &(lvalues[5049]),0}, {"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8, - &(lvalues[5063]),0}, + &(lvalues[5057]),0}, {"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8, - &(lvalues[5071]),0}, + &(lvalues[5065]),0}, {"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8, - &(lvalues[5079]),0}, + &(lvalues[5073]),0}, {"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0}, {"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0}, {"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0}, @@ -2118,284 +2111,284 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0}, {"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0}, {"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8, - &(lvalues[5087]),0}, + &(lvalues[5081]),0}, {"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8, - &(lvalues[5095]),0}, + &(lvalues[5089]),0}, {"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8, - &(lvalues[5103]),0}, + &(lvalues[5097]),0}, {"subjectDirectoryAttributes","X509v3 Subject Directory Attributes", - NID_subject_directory_attributes,3,&(lvalues[5111]),0}, + NID_subject_directory_attributes,3,&(lvalues[5105]),0}, {"issuingDistributionPoint","X509v3 Issuing Distrubution Point", - NID_issuing_distribution_point,3,&(lvalues[5114]),0}, + NID_issuing_distribution_point,3,&(lvalues[5108]),0}, {"certificateIssuer","X509v3 Certificate Issuer", - NID_certificate_issuer,3,&(lvalues[5117]),0}, + NID_certificate_issuer,3,&(lvalues[5111]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0}, -{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0}, -{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0}, -{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0}, -{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0}, -{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0}, +{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0}, +{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0}, {"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9, - &(lvalues[5174]),0}, + &(lvalues[5168]),0}, {"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9, - &(lvalues[5183]),0}, + &(lvalues[5177]),0}, {"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8, - &(lvalues[5192]),0}, -{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0}, + &(lvalues[5186]),0}, +{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0}, {"id-smime-ct-compressedData","id-smime-ct-compressedData", - NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0}, + NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0}, {"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF", - NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0}, + NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0}, {"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9, - &(lvalues[5230]),0}, + &(lvalues[5224]),0}, {"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9, - &(lvalues[5239]),0}, + &(lvalues[5233]),0}, {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, - &(lvalues[5248]),0}, + &(lvalues[5242]),0}, {"ecdsa-with-Recommended","ecdsa-with-Recommended", - NID_ecdsa_with_Recommended,7,&(lvalues[5257]),0}, + NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0}, {"ecdsa-with-Specified","ecdsa-with-Specified", - NID_ecdsa_with_Specified,7,&(lvalues[5264]),0}, + NID_ecdsa_with_Specified,7,&(lvalues[5258]),0}, {"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8, - &(lvalues[5271]),0}, + &(lvalues[5265]),0}, {"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8, - &(lvalues[5279]),0}, + &(lvalues[5273]),0}, {"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8, - &(lvalues[5287]),0}, + &(lvalues[5281]),0}, {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, - &(lvalues[5295]),0}, -{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5303]),0}, + &(lvalues[5289]),0}, +{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0}, {"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8, - &(lvalues[5311]),0}, + &(lvalues[5305]),0}, {"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8, - &(lvalues[5319]),0}, + &(lvalues[5313]),0}, {"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8, - &(lvalues[5327]),0}, + &(lvalues[5321]),0}, {"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8, - &(lvalues[5335]),0}, + &(lvalues[5329]),0}, {"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, - &(lvalues[5343]),0}, + &(lvalues[5337]),0}, {"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, - &(lvalues[5352]),0}, -{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5361]),0}, -{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5367]),0}, -{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5372]),0}, + &(lvalues[5346]),0}, +{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0}, +{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0}, +{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0}, {"id-GostR3411-94-with-GostR3410-2001", "GOST R 34.11-94 with GOST R 34.10-2001", - NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5377]),0}, + NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0}, {"id-GostR3411-94-with-GostR3410-94", "GOST R 34.11-94 with GOST R 34.10-94", - NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5383]),0}, -{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5389]),0}, + NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0}, +{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0}, {"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6, - &(lvalues[5395]),0}, + &(lvalues[5389]),0}, {"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6, - &(lvalues[5401]),0}, -{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5407]),0}, -{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5413]),0}, + &(lvalues[5395]),0}, +{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0}, +{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0}, {"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0}, {"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, - &(lvalues[5419]),0}, + &(lvalues[5413]),0}, {"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6, - &(lvalues[5425]),0}, + &(lvalues[5419]),0}, {"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH, - 6,&(lvalues[5431]),0}, + 6,&(lvalues[5425]),0}, {"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6, - &(lvalues[5437]),0}, + &(lvalues[5431]),0}, {"id-Gost28147-89-CryptoPro-KeyMeshing", "id-Gost28147-89-CryptoPro-KeyMeshing", - NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5443]),0}, + NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0}, {"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing", - NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5450]),0}, + NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0}, {"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet", - NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5457]),0}, + NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0}, {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet", - NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5464]),0}, + NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0}, {"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet", - NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5471]),0}, + NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0}, {"id-Gost28147-89-CryptoPro-A-ParamSet", "id-Gost28147-89-CryptoPro-A-ParamSet", - NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5478]),0}, + NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0}, {"id-Gost28147-89-CryptoPro-B-ParamSet", "id-Gost28147-89-CryptoPro-B-ParamSet", - NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5485]),0}, + NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0}, {"id-Gost28147-89-CryptoPro-C-ParamSet", "id-Gost28147-89-CryptoPro-C-ParamSet", - NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5492]),0}, + NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0}, {"id-Gost28147-89-CryptoPro-D-ParamSet", "id-Gost28147-89-CryptoPro-D-ParamSet", - NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5499]),0}, + NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0}, {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5506]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]), 0}, {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5513]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]), 0}, {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet", "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5520]),0}, + NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0}, {"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet", - NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5527]),0}, + NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0}, {"id-GostR3410-94-CryptoPro-A-ParamSet", "id-GostR3410-94-CryptoPro-A-ParamSet", - NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5534]),0}, + NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0}, {"id-GostR3410-94-CryptoPro-B-ParamSet", "id-GostR3410-94-CryptoPro-B-ParamSet", - NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5541]),0}, + NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0}, {"id-GostR3410-94-CryptoPro-C-ParamSet", "id-GostR3410-94-CryptoPro-C-ParamSet", - NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5548]),0}, + NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0}, {"id-GostR3410-94-CryptoPro-D-ParamSet", "id-GostR3410-94-CryptoPro-D-ParamSet", - NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5555]),0}, + NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0}, {"id-GostR3410-94-CryptoPro-XchA-ParamSet", "id-GostR3410-94-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5562]),0}, + NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0}, {"id-GostR3410-94-CryptoPro-XchB-ParamSet", "id-GostR3410-94-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5569]),0}, + NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0}, {"id-GostR3410-94-CryptoPro-XchC-ParamSet", "id-GostR3410-94-CryptoPro-XchC-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5576]),0}, + NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0}, {"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet", - NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5583]),0}, + NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0}, {"id-GostR3410-2001-CryptoPro-A-ParamSet", "id-GostR3410-2001-CryptoPro-A-ParamSet", - NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5590]),0}, + NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0}, {"id-GostR3410-2001-CryptoPro-B-ParamSet", "id-GostR3410-2001-CryptoPro-B-ParamSet", - NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5597]),0}, + NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0}, {"id-GostR3410-2001-CryptoPro-C-ParamSet", "id-GostR3410-2001-CryptoPro-C-ParamSet", - NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5604]),0}, + NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0}, {"id-GostR3410-2001-CryptoPro-XchA-ParamSet", "id-GostR3410-2001-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5611]),0}, + NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0}, {"id-GostR3410-2001-CryptoPro-XchB-ParamSet", "id-GostR3410-2001-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5618]),0}, + NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0}, {"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7, - &(lvalues[5625]),0}, + &(lvalues[5619]),0}, {"id-GostR3410-94-aBis","id-GostR3410-94-aBis", - NID_id_GostR3410_94_aBis,7,&(lvalues[5632]),0}, + NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0}, {"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7, - &(lvalues[5639]),0}, + &(lvalues[5633]),0}, {"id-GostR3410-94-bBis","id-GostR3410-94-bBis", - NID_id_GostR3410_94_bBis,7,&(lvalues[5646]),0}, + NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0}, {"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet", - NID_id_Gost28147_89_cc,8,&(lvalues[5653]),0}, + NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0}, {"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8, - &(lvalues[5661]),0}, + &(lvalues[5655]),0}, {"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8, - &(lvalues[5669]),0}, + &(lvalues[5663]),0}, {"id-GostR3411-94-with-GostR3410-94-cc", "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5677]),0}, + NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0}, {"id-GostR3411-94-with-GostR3410-2001-cc", "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5685]),0}, + NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0}, {"id-GostR3410-2001-ParamSet-cc", "GOST R 3410-2001 Parameter Set Cryptocom", - NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5693]),0}, + NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0}, {"HMAC","hmac",NID_hmac,0,NULL,0}, {"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9, - &(lvalues[5701]),0}, + &(lvalues[5695]),0}, {"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3, - &(lvalues[5710]),0}, + &(lvalues[5704]),0}, {"id-on-permanentIdentifier","Permanent Identifier", - NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0}, -{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5721]),0}, + NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0}, +{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0}, {"businessCategory","businessCategory",NID_businessCategory,3, - &(lvalues[5724]),0}, -{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5727]),0}, -{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5730]),0}, + &(lvalues[5718]),0}, +{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0}, +{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0}, {"physicalDeliveryOfficeName","physicalDeliveryOfficeName", - NID_physicalDeliveryOfficeName,3,&(lvalues[5733]),0}, + NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0}, {"telephoneNumber","telephoneNumber",NID_telephoneNumber,3, - &(lvalues[5736]),0}, -{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5739]),0}, + &(lvalues[5730]),0}, +{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0}, {"teletexTerminalIdentifier","teletexTerminalIdentifier", - NID_teletexTerminalIdentifier,3,&(lvalues[5742]),0}, + NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0}, {"facsimileTelephoneNumber","facsimileTelephoneNumber", - NID_facsimileTelephoneNumber,3,&(lvalues[5745]),0}, -{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5748]),0}, + NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0}, +{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0}, {"internationaliSDNNumber","internationaliSDNNumber", - NID_internationaliSDNNumber,3,&(lvalues[5751]),0}, + NID_internationaliSDNNumber,3,&(lvalues[5745]),0}, {"registeredAddress","registeredAddress",NID_registeredAddress,3, - &(lvalues[5754]),0}, + &(lvalues[5748]),0}, {"destinationIndicator","destinationIndicator", - NID_destinationIndicator,3,&(lvalues[5757]),0}, + NID_destinationIndicator,3,&(lvalues[5751]),0}, {"preferredDeliveryMethod","preferredDeliveryMethod", - NID_preferredDeliveryMethod,3,&(lvalues[5760]),0}, + NID_preferredDeliveryMethod,3,&(lvalues[5754]),0}, {"presentationAddress","presentationAddress",NID_presentationAddress, - 3,&(lvalues[5763]),0}, + 3,&(lvalues[5757]),0}, {"supportedApplicationContext","supportedApplicationContext", - NID_supportedApplicationContext,3,&(lvalues[5766]),0}, -{"member","member",NID_member,3,&(lvalues[5769]),0}, -{"owner","owner",NID_owner,3,&(lvalues[5772]),0}, -{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5775]),0}, -{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5778]),0}, -{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5781]),0}, + NID_supportedApplicationContext,3,&(lvalues[5760]),0}, +{"member","member",NID_member,3,&(lvalues[5763]),0}, +{"owner","owner",NID_owner,3,&(lvalues[5766]),0}, +{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0}, +{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0}, +{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0}, {"userCertificate","userCertificate",NID_userCertificate,3, - &(lvalues[5784]),0}, -{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5787]),0}, + &(lvalues[5778]),0}, +{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0}, {"authorityRevocationList","authorityRevocationList", - NID_authorityRevocationList,3,&(lvalues[5790]),0}, + NID_authorityRevocationList,3,&(lvalues[5784]),0}, {"certificateRevocationList","certificateRevocationList", - NID_certificateRevocationList,3,&(lvalues[5793]),0}, + NID_certificateRevocationList,3,&(lvalues[5787]),0}, {"crossCertificatePair","crossCertificatePair", - NID_crossCertificatePair,3,&(lvalues[5796]),0}, + NID_crossCertificatePair,3,&(lvalues[5790]),0}, {"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide, - 3,&(lvalues[5799]),0}, + 3,&(lvalues[5793]),0}, {"protocolInformation","protocolInformation",NID_protocolInformation, - 3,&(lvalues[5802]),0}, + 3,&(lvalues[5796]),0}, {"distinguishedName","distinguishedName",NID_distinguishedName,3, - &(lvalues[5805]),0}, -{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5808]),0}, + &(lvalues[5799]),0}, +{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0}, {"houseIdentifier","houseIdentifier",NID_houseIdentifier,3, - &(lvalues[5811]),0}, + &(lvalues[5805]),0}, {"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms, - 3,&(lvalues[5814]),0}, + 3,&(lvalues[5808]),0}, {"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList, - 3,&(lvalues[5817]),0}, -{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5820]),0}, + 3,&(lvalues[5811]),0}, +{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0}, {"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11, - &(lvalues[5823]),0}, + &(lvalues[5817]),0}, {"CMAC","cmac",NID_cmac,0,NULL,0}, -{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5834]),0}, -{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5843]),0}, +{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0}, +{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0}, {"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9, - &(lvalues[5852]),0}, -{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5861]),0}, -{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5870]),0}, + &(lvalues[5846]),0}, +{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0}, +{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0}, {"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9, - &(lvalues[5879]),0}, -{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5888]),0}, -{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5897]),0}, + &(lvalues[5873]),0}, +{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0}, +{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0}, {"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9, - &(lvalues[5906]),0}, + &(lvalues[5900]),0}, {"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0}, {"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0}, {"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0}, {"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap, - 11,&(lvalues[5915]),0}, + 11,&(lvalues[5909]),0}, {"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap, - 11,&(lvalues[5926]),0}, + 11,&(lvalues[5920]),0}, {"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap, - 11,&(lvalues[5937]),0}, + 11,&(lvalues[5931]),0}, {"anyExtendedKeyUsage","Any Extended Key Usage", - NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0}, -{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5952]),0}, -{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5961]),0}, + NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0}, +{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0}, +{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0}, {"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0}, {"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0}, {"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0}, @@ -2405,7 +2398,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ NID_aes_192_cbc_hmac_sha1,0,NULL,0}, {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", NID_aes_256_cbc_hmac_sha1,0,NULL,0}, -{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5970]),0}, +{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -4242,15 +4235,15 @@ static const unsigned int ln_objs[NUM_LN]={ static const unsigned int obj_objs[NUM_OBJ]={ 0, /* OBJ_undef 0 */ +181, /* OBJ_iso 1 */ 393, /* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */ 404, /* OBJ_ccitt OBJ_itu_t */ 645, /* OBJ_itu_t 0 */ +646, /* OBJ_joint_iso_itu_t 2 */ 434, /* OBJ_data 0 9 */ -181, /* OBJ_iso 1 */ 182, /* OBJ_member_body 1 2 */ 379, /* OBJ_org 1 3 */ 676, /* OBJ_identified_organization 1 3 */ -646, /* OBJ_joint_iso_itu_t 2 */ 11, /* OBJ_X500 2 5 */ 647, /* OBJ_international_organizations 2 23 */ 380, /* OBJ_dod 1 3 6 */ diff --git a/app/openssl/crypto/objects/obj_dat.pl b/app/openssl/crypto/objects/obj_dat.pl index c67f71c3..86bcefb9 100644 --- a/app/openssl/crypto/objects/obj_dat.pl +++ b/app/openssl/crypto/objects/obj_dat.pl @@ -115,7 +115,7 @@ for ($i=0; $i<$n; $i++) $out.="\"$sn\""; $out.=","."\"$ln\""; $out.=",NID_$nid{$i},"; - if (defined($obj{$nid{$i}})) + if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/) { $v=$objd{$obj{$nid{$i}}}; $v =~ s/L//g; diff --git a/app/openssl/crypto/ocsp/ocsp_ht.c b/app/openssl/crypto/ocsp/ocsp_ht.c index af5fc166..09eb855d 100644 --- a/app/openssl/crypto/ocsp/ocsp_ht.c +++ b/app/openssl/crypto/ocsp/ocsp_ht.c @@ -158,6 +158,8 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, OCSP_REQ_CTX *rctx; rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + if (!rctx) + return NULL; rctx->state = OHS_ERROR; rctx->mem = BIO_new(BIO_s_mem()); rctx->io = io; @@ -167,18 +169,21 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); - if (!rctx->iobuf) - return 0; + if (!rctx->mem || !rctx->iobuf) + goto err; if (!path) path = "/"; if (BIO_printf(rctx->mem, post_hdr, path) <= 0) - return 0; + goto err; if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) - return 0; + goto err; return rctx; + err: + OCSP_REQ_CTX_free(rctx); + return NULL; } /* Parse the HTTP response. This will look like this: @@ -490,6 +495,9 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) ctx = OCSP_sendreq_new(b, path, req, -1); + if (!ctx) + return NULL; + do { rv = OCSP_sendreq_nbio(&resp, ctx); diff --git a/app/openssl/crypto/ocsp/ocsp_lib.c b/app/openssl/crypto/ocsp/ocsp_lib.c index a94dc838..5061c057 100644 --- a/app/openssl/crypto/ocsp/ocsp_lib.c +++ b/app/openssl/crypto/ocsp/ocsp_lib.c @@ -222,8 +222,19 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss if (!*ppath) goto mem_err; + p = host; + if(host[0] == '[') + { + /* ipv6 literal */ + host++; + p = strchr(host, ']'); + if(!p) goto parse_err; + *p = '\0'; + p++; + } + /* Look for optional ':' for port number */ - if ((p = strchr(host, ':'))) + if ((p = strchr(p, ':'))) { *p = 0; port = p + 1; diff --git a/app/openssl/crypto/ocsp/ocsp_vfy.c b/app/openssl/crypto/ocsp/ocsp_vfy.c index 27671830..fc0d4cc0 100644 --- a/app/openssl/crypto/ocsp/ocsp_vfy.c +++ b/app/openssl/crypto/ocsp/ocsp_vfy.c @@ -436,8 +436,11 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm if(!(flags & OCSP_NOINTERN)) { signer = X509_find_by_subject(req->optionalSignature->certs, nm); - *psigner = signer; - return 1; + if (signer) + { + *psigner = signer; + return 1; + } } signer = X509_find_by_subject(certs, nm); diff --git a/app/openssl/crypto/opensslconf-32.h b/app/openssl/crypto/opensslconf-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/crypto/opensslconf-32.h +++ b/app/openssl/crypto/opensslconf-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-64.h b/app/openssl/crypto/opensslconf-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/crypto/opensslconf-64.h +++ b/app/openssl/crypto/opensslconf-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-32.h b/app/openssl/crypto/opensslconf-static-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/crypto/opensslconf-static-32.h +++ b/app/openssl/crypto/opensslconf-static-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-64.h b/app/openssl/crypto/opensslconf-static-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/crypto/opensslconf-static-64.h +++ b/app/openssl/crypto/opensslconf-static-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-trusty.h b/app/openssl/crypto/opensslconf-static-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/crypto/opensslconf-static-trusty.h +++ b/app/openssl/crypto/opensslconf-static-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-trusty.h b/app/openssl/crypto/opensslconf-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/crypto/opensslconf-trusty.h +++ b/app/openssl/crypto/opensslconf-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslv.h b/app/openssl/crypto/opensslv.h index c3b6acec..f375967e 100644 --- a/app/openssl/crypto/opensslv.h +++ b/app/openssl/crypto/opensslv.h @@ -1,6 +1,10 @@ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H +#ifdef __cplusplus +extern "C" { +#endif + /* Numeric release version identifier: * MNNFFPPS: major minor fix patch status * The status nibble has one of the values 0 for development, 1 to e for betas @@ -25,11 +29,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x1000108fL +#define OPENSSL_VERSION_NUMBER 0x100010afL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j-fips 15 Oct 2014" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j 15 Oct 2014" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -86,4 +90,7 @@ #define SHLIB_VERSION_NUMBER "1.0.0" +#ifdef __cplusplus +} +#endif #endif /* HEADER_OPENSSLV_H */ diff --git a/app/openssl/crypto/ossl_typ.h b/app/openssl/crypto/ossl_typ.h index ea9227f6..12cdd43b 100644 --- a/app/openssl/crypto/ossl_typ.h +++ b/app/openssl/crypto/ossl_typ.h @@ -55,6 +55,10 @@ #ifndef HEADER_OPENSSL_TYPES_H #define HEADER_OPENSSL_TYPES_H +#ifdef __cplusplus +extern "C" { +#endif + #include #ifdef NO_ASN1_TYPEDEFS @@ -199,4 +203,7 @@ typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; typedef struct ocsp_response_st OCSP_RESPONSE; typedef struct ocsp_responder_id_st OCSP_RESPID; +#ifdef __cplusplus +} +#endif #endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/app/openssl/crypto/pem/pvkfmt.c b/app/openssl/crypto/pem/pvkfmt.c index b1bf71a5..ae89f828 100644 --- a/app/openssl/crypto/pem/pvkfmt.c +++ b/app/openssl/crypto/pem/pvkfmt.c @@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); p += 8; + if (keylen < 8) + { + PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); + return NULL; + } inlen = keylen - 8; q = enctmp + 8; if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) diff --git a/app/openssl/crypto/pkcs7/bio_ber.c b/app/openssl/crypto/pkcs7/bio_ber.c deleted file mode 100644 index 31973fcd..00000000 --- a/app/openssl/crypto/pkcs7/bio_ber.c +++ /dev/null @@ -1,466 +0,0 @@ -/* crypto/evp/bio_ber.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int ber_write(BIO *h,char *buf,int num); -static int ber_read(BIO *h,char *buf,int size); -/*static int ber_puts(BIO *h,char *str); */ -/*static int ber_gets(BIO *h,char *str,int size); */ -static long ber_ctrl(BIO *h,int cmd,long arg1,char *arg2); -static int ber_new(BIO *h); -static int ber_free(BIO *data); -static long ber_callback_ctrl(BIO *h,int cmd,void *(*fp)()); -#define BER_BUF_SIZE (32) - -/* This is used to hold the state of the BER objects being read. */ -typedef struct ber_struct - { - int tag; - int class; - long length; - int inf; - int num_left; - int depth; - } BER_CTX; - -typedef struct bio_ber_struct - { - int tag; - int class; - long length; - int inf; - - /* most of the following are used when doing non-blocking IO */ - /* reading */ - long num_left; /* number of bytes still to read/write in block */ - int depth; /* used with indefinite encoding. */ - int finished; /* No more read data */ - - /* writting */ - char *w_addr; - int w_offset; - int w_left; - - int buf_len; - int buf_off; - unsigned char buf[BER_BUF_SIZE]; - } BIO_BER_CTX; - -static BIO_METHOD methods_ber= - { - BIO_TYPE_CIPHER,"cipher", - ber_write, - ber_read, - NULL, /* ber_puts, */ - NULL, /* ber_gets, */ - ber_ctrl, - ber_new, - ber_free, - ber_callback_ctrl, - }; - -BIO_METHOD *BIO_f_ber(void) - { - return(&methods_ber); - } - -static int ber_new(BIO *bi) - { - BIO_BER_CTX *ctx; - - ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); - if (ctx == NULL) return(0); - - memset((char *)ctx,0,sizeof(BIO_BER_CTX)); - - bi->init=0; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int ber_free(BIO *a) - { - BIO_BER_CTX *b; - - if (a == NULL) return(0); - b=(BIO_BER_CTX *)a->ptr; - OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx) - { - char buf[64]; - int i,j,n; - int ret; - unsigned char *p; - unsigned long length - int tag; - int class; - long max; - - BIO_clear_retry_flags(b); - - /* Pack the buffer down if there is a hole at the front */ - if (ctx->buf_off != 0) - { - p=ctx->buf; - j=ctx->buf_off; - n=ctx->buf_len-j; - for (i=0; ibuf_len-j; - ctx->buf_off=0; - } - - /* If there is more room, read some more data */ - i=BER_BUF_SIZE-ctx->buf_len; - if (i) - { - i=BIO_read(bio->next_bio,&(ctx->buf[ctx->buf_len]),i); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - else - ctx->buf_len+=i; - } - - max=ctx->buf_len; - p=ctx->buf; - ret=ASN1_get_object(&p,&length,&tag,&class,max); - - if (ret & 0x80) - { - if ((ctx->buf_len < BER_BUF_SIZE) && - (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) - { - ERR_clear_error(); /* clear the error */ - BIO_set_retry_read(b); - } - return(-1); - } - - /* We have no error, we have a header, so make use of it */ - - if ((ctx->tag >= 0) && (ctx->tag != tag)) - { - BIOerr(BIO_F_BIO_BER_GET_HEADER,BIO_R_TAG_MISMATCH); - sprintf(buf,"tag=%d, got %d",ctx->tag,tag); - ERR_add_error_data(1,buf); - return(-1); - } - if (ret & 0x01) - if (ret & V_ASN1_CONSTRUCTED) - } - -static int ber_read(BIO *b, char *out, int outl) - { - int ret=0,i,n; - BIO_BER_CTX *ctx; - - BIO_clear_retry_flags(b); - - if (out == NULL) return(0); - ctx=(BIO_BER_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - if (ctx->finished) return(0); - -again: - /* First see if we are half way through reading a block */ - if (ctx->num_left > 0) - { - if (ctx->num_left < outl) - n=ctx->num_left; - else - n=outl; - i=BIO_read(b->next_bio,out,n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->num_left-=i; - outl-=i; - ret+=i; - if (ctx->num_left <= 0) - { - ctx->depth--; - if (ctx->depth <= 0) - ctx->finished=1; - } - if (outl <= 0) - return(ret); - else - goto again; - } - else /* we need to read another BER header */ - { - } - } - -static int ber_write(BIO *b, char *in, int inl) - { - int ret=0,n,i; - BIO_ENC_CTX *ctx; - - ctx=(BIO_ENC_CTX *)b->ptr; - ret=inl; - - BIO_clear_retry_flags(b); - n=ctx->buf_len-ctx->buf_off; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->buf_off+=i; - n-=i; - } - /* at this point all pending data has been written */ - - if ((in == NULL) || (inl <= 0)) return(0); - - ctx->buf_off=0; - while (inl > 0) - { - n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl; - EVP_CipherUpdate(&(ctx->cipher), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)in,n); - inl-=n; - in+=n; - - ctx->buf_off=0; - n=ctx->buf_len; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - n-=i; - ctx->buf_off+=i; - } - ctx->buf_len=0; - ctx->buf_off=0; - } - BIO_copy_next_retry(b); - return(ret); - } - -static long ber_ctrl(BIO *b, int cmd, long num, char *ptr) - { - BIO *dbio; - BIO_ENC_CTX *ctx,*dctx; - long ret=1; - int i; - - ctx=(BIO_ENC_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->ok=1; - ctx->finished=0; - EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL, - ctx->cipher.berrypt); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret=1; - else - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_WPENDING: - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ -again: - while (ctx->buf_len != ctx->buf_off) - { - i=ber_write(b,NULL,0); - if (i < 0) - { - ret=i; - break; - } - } - - if (!ctx->finished) - { - ctx->finished=1; - ctx->buf_off=0; - ret=EVP_CipherFinal_ex(&(ctx->cipher), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - ctx->ok=(int)ret; - if (ret <= 0) break; - - /* push out the bytes */ - goto again; - } - - /* Finally flush the underlying BIO */ - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_C_GET_CIPHER_STATUS: - ret=(long)ctx->ok; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - dctx=(BIO_ENC_CTX *)dbio->ptr; - memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher)); - dbio->init=1; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long ber_callback_ctrl(BIO *b, int cmd, void *(*fp)()) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -/* -void BIO_set_cipher_ctx(b,c) -BIO *b; -EVP_CIPHER_ctx *c; - { - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX)); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); - } -*/ - -void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i, - int e) - { - BIO_ENC_CTX *ctx; - - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); - } - diff --git a/app/openssl/crypto/pkcs7/dec.c b/app/openssl/crypto/pkcs7/dec.c deleted file mode 100644 index 6752ec56..00000000 --- a/app/openssl/crypto/pkcs7/dec.c +++ /dev/null @@ -1,248 +0,0 @@ -/* crypto/pkcs7/verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include -#include -#include - -int verify_callback(int ok, X509_STORE_CTX *ctx); - -BIO *bio_err=NULL; - -int main(argc,argv) -int argc; -char *argv[]; - { - char *keyfile=NULL; - BIO *in; - EVP_PKEY *pkey; - X509 *x509; - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - X509_STORE *cert_store=NULL; - BIO *data,*detached=NULL,*p7bio=NULL; - char buf[1024*4]; - unsigned char *pp; - int i,printit=0; - STACK_OF(PKCS7_SIGNER_INFO) *sk; - - OpenSSL_add_all_algorithms(); - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - data=BIO_new(BIO_s_file()); - pp=NULL; - while (argc > 1) - { - argc--; - argv++; - if (strcmp(argv[0],"-p") == 0) - { - printit=1; - } - else if ((strcmp(argv[0],"-k") == 0) && (argc >= 2)) { - keyfile = argv[1]; - argc-=1; - argv+=1; - } else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2)) - { - detached=BIO_new(BIO_s_file()); - if (!BIO_read_filename(detached,argv[1])) - goto err; - argc-=1; - argv+=1; - } - else break; - } - - if (!BIO_read_filename(data,argv[0])) goto err; - - if(!keyfile) { - fprintf(stderr, "No private key file specified\n"); - goto err; - } - - if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) - goto err; - BIO_free(in); - - if (pp == NULL) - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - - /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; - - - - /* This stuff is being setup for certificate verification. - * When using SSL, it could be replaced with a - * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */ - cert_store=X509_STORE_new(); - X509_STORE_set_default_paths(cert_store); - X509_STORE_load_locations(cert_store,NULL,"../../certs"); - X509_STORE_set_verify_cb_func(cert_store,verify_callback); - - ERR_clear_error(); - - /* We need to process the data */ - /* We cannot support detached encryption */ - p7bio=PKCS7_dataDecode(p7,pkey,detached,x509); - - if (p7bio == NULL) - { - printf("problems decoding\n"); - goto err; - } - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) - { - i=BIO_read(p7bio,buf,sizeof(buf)); - /* print it? */ - if (i <= 0) break; - fwrite(buf,1, i, stdout); - } - - /* We can now verify signatures */ - sk=PKCS7_get_signer_info(p7); - if (sk == NULL) - { - fprintf(stderr, "there are no signatures on this data\n"); - } - else - { - /* Ok, first we need to, for each subject entry, - * see if we can verify */ - ERR_clear_error(); - for (i=0; ierror) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); - BIO_printf(bio_err,"issuer= %s\n",buf); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err,"notBefore="); - ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err,"notAfter="); - ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - } - BIO_printf(bio_err,"verify return:%d\n",ok); - return(ok); - } diff --git a/app/openssl/crypto/pkcs7/des.pem b/app/openssl/crypto/pkcs7/des.pem deleted file mode 100644 index 62d1657e..00000000 --- a/app/openssl/crypto/pkcs7/des.pem +++ /dev/null @@ -1,15 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ -/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N -WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL -lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8 -5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA= - diff --git a/app/openssl/crypto/pkcs7/doc b/app/openssl/crypto/pkcs7/doc deleted file mode 100644 index d2e8b7b2..00000000 --- a/app/openssl/crypto/pkcs7/doc +++ /dev/null @@ -1,24 +0,0 @@ -int PKCS7_set_content_type(PKCS7 *p7, int type); -Call to set the type of PKCS7 object we are working on - -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - EVP_MD *dgst); -Use this to setup a signer info -There will also be functions to add signed and unsigned attributes. - -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); -Add a signer info to the content. - -int PKCS7_add_certificae(PKCS7 *p7, X509 *x509); -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); - ----- - -p7=PKCS7_new(); -PKCS7_set_content_type(p7,NID_pkcs7_signed); - -signer=PKCS7_SINGNER_INFO_new(); -PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5()); -PKCS7_add_signer(py,signer); - -we are now setup. diff --git a/app/openssl/crypto/pkcs7/enc.c b/app/openssl/crypto/pkcs7/enc.c deleted file mode 100644 index 7417f8a4..00000000 --- a/app/openssl/crypto/pkcs7/enc.c +++ /dev/null @@ -1,174 +0,0 @@ -/* crypto/pkcs7/enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include - -int main(argc,argv) -int argc; -char *argv[]; - { - X509 *x509; - PKCS7 *p7; - BIO *in; - BIO *data,*p7bio; - char buf[1024*4]; - int i; - int nodetach=1; - char *keyfile = NULL; - const EVP_CIPHER *cipher=NULL; - STACK_OF(X509) *recips=NULL; - - OpenSSL_add_all_algorithms(); - - data=BIO_new(BIO_s_file()); - while(argc > 1) - { - if (strcmp(argv[1],"-nd") == 0) - { - nodetach=1; - argv++; argc--; - } - else if ((strcmp(argv[1],"-c") == 0) && (argc >= 2)) { - if(!(cipher = EVP_get_cipherbyname(argv[2]))) { - fprintf(stderr, "Unknown cipher %s\n", argv[2]); - goto err; - } - argc-=2; - argv+=2; - } else if ((strcmp(argv[1],"-k") == 0) && (argc >= 2)) { - keyfile = argv[2]; - argc-=2; - argv+=2; - if (!(in=BIO_new_file(keyfile,"r"))) goto err; - if (!(x509=PEM_read_bio_X509(in,NULL,NULL,NULL))) - goto err; - if(!recips) recips = sk_X509_new_null(); - sk_X509_push(recips, x509); - BIO_free(in); - } else break; - } - - if(!recips) { - fprintf(stderr, "No recipients\n"); - goto err; - } - - if (!BIO_read_filename(data,argv[1])) goto err; - - p7=PKCS7_new(); -#if 0 - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err; - BIO_free(in); - PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped); - - if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; - /* we may want to add more */ - PKCS7_add_certificate(p7,x509); -#else - PKCS7_set_type(p7,NID_pkcs7_enveloped); -#endif - if(!cipher) { -#ifndef OPENSSL_NO_DES - cipher = EVP_des_ede3_cbc(); -#else - fprintf(stderr, "No cipher selected\n"); - goto err; -#endif - } - - if (!PKCS7_set_cipher(p7,cipher)) goto err; - for(i = 0; i < sk_X509_num(recips); i++) { - if (!PKCS7_add_recipient(p7,sk_X509_value(recips, i))) goto err; - } - sk_X509_pop_free(recips, X509_free); - - /* Set the content of the signed to 'data' */ - /* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */ - - /* could be used, but not in this version :-) - if (!nodetach) PKCS7_set_detached(p7,1); - */ - - if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err; - - for (;;) - { - i=BIO_read(data,buf,sizeof(buf)); - if (i <= 0) break; - BIO_write(p7bio,buf,i); - } - BIO_flush(p7bio); - - if (!PKCS7_dataFinal(p7,p7bio)) goto err; - BIO_free(p7bio); - - PEM_write_PKCS7(stdout,p7); - PKCS7_free(p7); - - exit(0); -err: - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - } - diff --git a/app/openssl/crypto/pkcs7/es1.pem b/app/openssl/crypto/pkcs7/es1.pem deleted file mode 100644 index 47112a23..00000000 --- a/app/openssl/crypto/pkcs7/es1.pem +++ /dev/null @@ -1,66 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqGSIb3DQEBAQUABEDWak0y/5XZJhQJeCLo -KECcHXkTEbjzYkYNHIinbiPmRK4QbNfs9z2mA3z/c2ykQ4eAqFR2jyNrUMN/+I5XEiv6MIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEAWg9+KgtCjc77Jdj1Ve4wGgHjVHbbSYEA1ZqKFDoi15vSr9hfpHmC4 -ycZzcRo16JkTfolefiHZzmyjVz94vSN6MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQI7X4Tk4mcbV6ggASBsHl1mCaJ3RhXWlNPCgCRU53d7M5x6TDZRkvwdtdvW96m1lupT03F -XtonkBqk7oMkH7kGfs5/REQOPjx0QE2Ixmgt1W3szum82EZwA7pZNppcraK7W/odw/7bYZO+ -II3HPmRklE2N9qiu1LPaPUsnYogkO6SennyeL5tZ382vBweL/8pnG0qsbT1OBb65v+llnsjT -pa1T/p+fIx/iJJGE6K9fYFokC6gXLQ6ozXRdOu5oBDB8mPCYYvAqKycidM/MrGGUkpEtS4f0 -lS31PwQi5YTim8Ig3/TOwVpPX32i46FTuEIEIMHkD/OvpfwCCzXUHHJnKnKUAUvIsSY3vGBs -8ezpUDfBBBj9LHDy32hZ2tQilkDefP5VM2LLdrWgamYEgfiyITQvn08Ul5lQOQxbFKBheFq5 -otCCN4MR+w5eq12xQu6y+f9z0159ag2ru87D0lLtUtXXtCELbO1nUkT2sJ0k/iDs9TOXr6Cx -go1XKYho83hlkXYiCteVizdAbgVGNsNRD4wtIdajsorET/LuJECgp11YeL9w1dlDB0HLEZfi -XCsUphH4jGagba3hDeUSibnjSiJlN0ukfuQurBBbI2UkBAujiEAubKPn7C1FZJRSw6CPPX5t -KEpmcqT1JNk6LO8Js6/1sCmmBh1VGCy1+EuTI9J1p7Dagf4nQ8cHitoCRpHuKZlFHnZyv7tw -Rn/KOhHaYP2VzAh40gQIvKMAAWh9oFsEEIMwIoOmLwLH5wf+8QdbDhoECH8HwZt9a12dBAjL -r4j2zlvtfgQIt7nmEM3wz1EECKlc3EIy1irCBBCAKINcermK3A+jI6ISN2RzBFA3dsh/xwMu -l61aWMBBZzEz/SF92k6n35KZhCC0d6fIVC/1WMv0fnCwQ8oEDynSre216VEFiYKBaQLJe5o/ -mTAxC7Ht3goXnuc+i1FItOkLrgRI/wyvTICEn2WsNZiMADnGaee2bqPnUopo+VMGexJEtCPk -l0ZNlDJGquPDkpUwaEtecVZzCNyVPYyyF4J/l8rmGDhDdYUIC8IKBEg/ip/E0BuubBLWVbv+ -HRl4QrnGpyCyeXRXXK603QP3sT1Zbbm1v5pI/loOhVHi724LmtXHSyp5qv9MDcxE1PoX10LY -gBRtlwwESPeCF8bK5jk4xIQMhK5NMHj1Y1KQWTZ9NGITBL4hjRq2qp4Qk5GIpGgOVPopAuCo -TIyPikpqBRNtLSPRSsDs6QPUPzWBh6JgxwRQblnDKKUkxUcnJiD4i9QtGa/ZabMn4KxtNOBL -5JSh1nJkaLXCZY070131WWPAByLcd5TiXq8x84pmzV5NNk4tiMpoXhJNsx8e4rskQQlKd6ME -SCe2eYDHKcKPX3WJbUzhrJSQ92/aWnI2iUY8WQ+kSNyiZ2QUjyuUg9Z66g/0d2STlvPOBHT/ -y5ODP2CwbcWX4QmCbUc9TT66fQRIrRVuwvtOfnUueyGgYhJ3HpAJfVaB/7kap5bj7Fi/azW4 -9JDfd1bC/W9h0Kyk7RO2gxvE0hIHc26mZJHTm9MNP5D328MnM2MdBEjKjQBtgrp+lFIii7MP -nGHFTKUkG4WAIZJCf/CsT+p6/SW0qG71Me/YcSw5STB24j+a+HgMV8RVIeUlkP4z0IWWrSoB -Gh4d/Z0EUMCVHs/HZ/bWgiyhtHpvuVAzidm8D81p1LJ5BQX5/5f/m+q5+fS/npL27dTEbNqs -LSB6ij3MZAi7LwHWpTn9zWnDajCMEj9vlaV7mcKtHK5iBEg85agFi1h3MvicqLtoFe5hVv9T -tG0j6CRkjkixPzivltlrf44KHv14gLM0XJxCGyq7vd3l8QYr3+9at0zNnX/yqTiBnsnE5dUE -SIgrYuz87M2gi/ER9PcDoTtONH3+CkcqVy03q/Sj8cVWD/b1KgEhqnNOfc8Ak9PctyR/ItcR -8Me5XVn1GJKkQJk4O29fxvgNoAQIrIESvUWGshAEQByXiFoFTDUByjTlgjcy77H1lrH+y3P/ -wAInJjJAut9kCNyGJV0PA4kdPB5USWltuO6t8gk4Pd2YBMl09zqUWkAEUCjFrtZ3mapjcGZI -uQTASKR5LSjXoWxTT5gae/+64MerF/oCEeO3ehRTpjnPrsiRDo0rWIQTaj9+Nro8Z2xtWstw -RnfoAHIxV1lEamPwjsceBEi2SD9hiifFeO5ECiVoaE1FdXUXhU+jwYAMx6jHWO9hMkYzS9pM -Y3IyWR5ybtOjiQgkUdvRJPUPGf5DVVMPnymGX25aDh5PYpIESPbsM9akCpOOVuscywcUswmU -o7dXvlB48WWCfg/al3BQKAZbn5ZXtWNwpUZkrEdHsrxAVv3rxRcdkT3Z1fzUbIuYkLJN200o -WgRIJvn6RO8KEj7/HOg2sYuuM8nz1kR0TSgwX7/0y/7JfjBa0JIlP7o75sNJscE8oyoIMzuy -Dvn6/U9g3BCDXn83A/s+ke60qn9gBFC6NAeLOlXal1YVWYhMQNOqCyUfAjiXBTawaysQb1Mk -YgeNlF8xuEFcUQWIP+vNG7FJ5JPMaMRL4YEoaQ3sVFhYOERJR1cSb+8xt4QCYtBKQgRIUOmJ -CHW5o1hXJWJiTkZK2qWFcEMzTINSj5EpYFySr8aVBjkRnI7vxegRT/+XZZXoYedQ3UNsnGI3 -DdkWii5VzX0PNF6C60pfBEiVpausYuX7Wjb3Lfm8cBj7GgN69i6Pm2gxtobVcmpo2nS4D714 -ePyhlX9n8kJ6QAcqWMRj22smDPrHVGNTizfzHBh5zNllK9gESJizILOWI327og3ZWp+qUht5 -kNDJCzMK7Z09UAy+h+vq0VTQuEo3FgLzVdqkJujjSL4Nx97lXg51AovrEn3nd4evydwcjKLX -1wRIo72NaeWuUEQ+rt1SlCsOJ7k1ioJSqhrPOfvwcaFcb4beVet1JWiy4yvowTjLDGbUje2s -xjrlVt4BJWI/uA6jbQsrxSe89ADZBAi5YAlR4qszeAQIXD3VSBVKbRUECNTtyvw9vvqXBAhb -IZNn4H4cxgQI+XW7GkfL+ekECCCCg2reMyGDBAh1PYqkg3lw3gQQkNlggEPU+BH8eh7Gm7n7 -7AQIjC5EWbkil5cEEKcpuqwTWww/X89KnQAg8TcECJPomqHvrlZFBBiRSuIiHpmN+PaujXpv -qZV2VhjkB2j09GEECOIdv8AVOJgKBAjlHgIqAD9jZQQIXHbs44+wogcEIGGqTACRJxrhMcMG -X8drNjksIPt+snxTXUBIkTVpZWoABAh6unXPTyIr8QQgBF8xKoX27MWk7iTNmkSNZggZXa2a -DWCGHSYLngbSOHIECD9XmO6VsvTgBAjfqB70CEW4WwQIVIBkbCocznUEEHB/zFXy/sR4OYHe -UfbNPnIEEDWBB/NTCLMGE+o8BfyujcAECFik7GQnnF9VBBAhLXExQeWAofZNc6NtN7qZBCC1 -gVIS3ruTwKltmcrgx3heT3M8ZJhCfWa+6KzchnmKygQQ+1NL5sSzR4m/fdrqxHFyUAQYCT2x -PamQr3wK3h0lyZER+4H0zPM86AhFBBC3CkmvL2vjflMfujnzPBVpBBge9rMbI5+0q9DLrTiT -5F3AIgXLpD8PQWAECHkHVo6RomV3BAgMbi8E271UeAQIqtS8wnI3XngECG3TWmOMb3/iBEha -y+mvCS6I3n3JfL8e1B5P4qX9/czJRaERLuKpGNjLiL4A+zxN0LZ0UHd0qfmJjwOTxAx3iJAC -lGXX4nB9ATYPUT5EU+o1Y4sECN01pP6vWNIdBDAsiE0Ts8/9ltJlqX2B3AoOM4qOt9EaCjXf -lB+aEmrhtjUwuZ6GqS5Ke7P6XnakTk4ECCLIMatNdootAAAAAAAAAAAAAA== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/example.c b/app/openssl/crypto/pkcs7/example.c deleted file mode 100644 index 2953d04b..00000000 --- a/app/openssl/crypto/pkcs7/example.c +++ /dev/null @@ -1,329 +0,0 @@ -#include -#include -#include -#include -#include -#include - -int add_signed_time(PKCS7_SIGNER_INFO *si) - { - ASN1_UTCTIME *sign_time; - - /* The last parameter is the amount to add/subtract from the current - * time (in seconds) */ - sign_time=X509_gmtime_adj(NULL,0); - PKCS7_add_signed_attribute(si,NID_pkcs9_signingTime, - V_ASN1_UTCTIME,(char *)sign_time); - return(1); - } - -ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si) - { - ASN1_TYPE *so; - - so=PKCS7_get_signed_attribute(si,NID_pkcs9_signingTime); - if (so->type == V_ASN1_UTCTIME) - return so->value.utctime; - return NULL; - } - -static int signed_string_nid= -1; - -void add_signed_string(PKCS7_SIGNER_INFO *si, char *str) - { - ASN1_OCTET_STRING *os; - - /* To a an object of OID 1.2.3.4.5, which is an octet string */ - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); - /* When we add, we do not free */ - PKCS7_add_signed_attribute(si,signed_string_nid, - V_ASN1_OCTET_STRING,(char *)os); - } - -int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len) - { - ASN1_TYPE *so; - ASN1_OCTET_STRING *os; - int i; - - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(si,signed_string_nid); - if (so != NULL) - { - if (so->type == V_ASN1_OCTET_STRING) - { - os=so->value.octet_string; - i=os->length; - if ((i+1) > len) - i=len-1; - memcpy(buf,os->data,i); - return(i); - } - } - return(0); - } - -static int signed_seq2string_nid= -1; -/* ########################################### */ -int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) - { - /* To add an object of OID 1.9.999, which is a sequence containing - * 2 octet strings */ - unsigned char *p; - ASN1_OCTET_STRING *os1,*os2; - ASN1_STRING *seq; - unsigned char *data; - int i,total; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - os1=ASN1_OCTET_STRING_new(); - os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); - i =i2d_ASN1_OCTET_STRING(os1,NULL); - i+=i2d_ASN1_OCTET_STRING(os2,NULL); - total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - - data=malloc(total); - p=data; - ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(os1,&p); - i2d_ASN1_OCTET_STRING(os2,&p); - - seq=ASN1_STRING_new(); - ASN1_STRING_set(seq,data,total); - free(data); - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - - PKCS7_add_signed_attribute(si,signed_seq2string_nid, - V_ASN1_SEQUENCE,(char *)seq); - return(1); - } - -/* For this case, I will malloc the return strings */ -int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) - { - ASN1_TYPE *so; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); - if (so && (so->type == V_ASN1_SEQUENCE)) - { - ASN1_const_CTX c; - ASN1_STRING *s; - long length; - ASN1_OCTET_STRING *os1,*os2; - - s=so->value.sequence; - c.p=ASN1_STRING_data(s); - c.max=c.p+ASN1_STRING_length(s); - if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ - - c.q=c.p; - if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - c.q=c.p; - if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - if (!asn1_const_Finish(&c)) goto err; - *str1=malloc(os1->length+1); - *str2=malloc(os2->length+1); - memcpy(*str1,os1->data,os1->length); - memcpy(*str2,os2->data,os2->length); - (*str1)[os1->length]='\0'; - (*str2)[os2->length]='\0'; - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - return(1); - } -err: - return(0); - } - - -/* ####################################### - * THE OTHER WAY TO DO THINGS - * ####################################### - */ -X509_ATTRIBUTE *create_time(void) - { - ASN1_UTCTIME *sign_time; - X509_ATTRIBUTE *ret; - - /* The last parameter is the amount to add/subtract from the current - * time (in seconds) */ - sign_time=X509_gmtime_adj(NULL,0); - ret=X509_ATTRIBUTE_create(NID_pkcs9_signingTime, - V_ASN1_UTCTIME,(char *)sign_time); - return(ret); - } - -ASN1_UTCTIME *sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk) - { - ASN1_TYPE *so; - PKCS7_SIGNER_INFO si; - - si.auth_attr=sk; - so=PKCS7_get_signed_attribute(&si,NID_pkcs9_signingTime); - if (so->type == V_ASN1_UTCTIME) - return so->value.utctime; - return NULL; - } - -X509_ATTRIBUTE *create_string(char *str) - { - ASN1_OCTET_STRING *os; - X509_ATTRIBUTE *ret; - - /* To a an object of OID 1.2.3.4.5, which is an octet string */ - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); - /* When we add, we do not free */ - ret=X509_ATTRIBUTE_create(signed_string_nid, - V_ASN1_OCTET_STRING,(char *)os); - return(ret); - } - -int sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len) - { - ASN1_TYPE *so; - ASN1_OCTET_STRING *os; - int i; - PKCS7_SIGNER_INFO si; - - si.auth_attr=sk; - - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(&si,signed_string_nid); - if (so != NULL) - { - if (so->type == V_ASN1_OCTET_STRING) - { - os=so->value.octet_string; - i=os->length; - if ((i+1) > len) - i=len-1; - memcpy(buf,os->data,i); - return(i); - } - } - return(0); - } - -X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) - { - /* To add an object of OID 1.9.999, which is a sequence containing - * 2 octet strings */ - unsigned char *p; - ASN1_OCTET_STRING *os1,*os2; - ASN1_STRING *seq; - X509_ATTRIBUTE *ret; - unsigned char *data; - int i,total; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - os1=ASN1_OCTET_STRING_new(); - os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); - i =i2d_ASN1_OCTET_STRING(os1,NULL); - i+=i2d_ASN1_OCTET_STRING(os2,NULL); - total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - - data=malloc(total); - p=data; - ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(os1,&p); - i2d_ASN1_OCTET_STRING(os2,&p); - - seq=ASN1_STRING_new(); - ASN1_STRING_set(seq,data,total); - free(data); - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - - ret=X509_ATTRIBUTE_create(signed_seq2string_nid, - V_ASN1_SEQUENCE,(char *)seq); - return(ret); - } - -/* For this case, I will malloc the return strings */ -int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) - { - ASN1_TYPE *so; - PKCS7_SIGNER_INFO si; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - si.auth_attr=sk; - /* To retrieve */ - so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); - if (so->type == V_ASN1_SEQUENCE) - { - ASN1_const_CTX c; - ASN1_STRING *s; - long length; - ASN1_OCTET_STRING *os1,*os2; - - s=so->value.sequence; - c.p=ASN1_STRING_data(s); - c.max=c.p+ASN1_STRING_length(s); - if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ - - c.q=c.p; - if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - c.q=c.p; - if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - if (!asn1_const_Finish(&c)) goto err; - *str1=malloc(os1->length+1); - *str2=malloc(os2->length+1); - memcpy(*str1,os1->data,os1->length); - memcpy(*str2,os2->data,os2->length); - (*str1)[os1->length]='\0'; - (*str2)[os2->length]='\0'; - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - return(1); - } -err: - return(0); - } - - diff --git a/app/openssl/crypto/pkcs7/example.h b/app/openssl/crypto/pkcs7/example.h deleted file mode 100644 index 96167de1..00000000 --- a/app/openssl/crypto/pkcs7/example.h +++ /dev/null @@ -1,57 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -int add_signed_time(PKCS7_SIGNER_INFO *si); -ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si); -int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2); diff --git a/app/openssl/crypto/pkcs7/info.pem b/app/openssl/crypto/pkcs7/info.pem deleted file mode 100644 index 989baf87..00000000 --- a/app/openssl/crypto/pkcs7/info.pem +++ /dev/null @@ -1,57 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/infokey.pem b/app/openssl/crypto/pkcs7/infokey.pem deleted file mode 100644 index 1e2acc95..00000000 --- a/app/openssl/crypto/pkcs7/infokey.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/p7/a1 b/app/openssl/crypto/pkcs7/p7/a1 deleted file mode 100644 index 56ca9437..00000000 --- a/app/openssl/crypto/pkcs7/p7/a1 +++ /dev/null @@ -1,2 +0,0 @@ -j,H>__DzEL VJ觬E3Yx%_k -3)DLSc8% M \ No newline at end of file diff --git a/app/openssl/crypto/pkcs7/p7/a2 b/app/openssl/crypto/pkcs7/p7/a2 deleted file mode 100644 index 23d8fb5e..00000000 --- a/app/openssl/crypto/pkcs7/p7/a2 +++ /dev/null @@ -1 +0,0 @@ -k~@a,NM͹ Uo_Bqrm?٠t?tρId2 \ No newline at end of file diff --git a/app/openssl/crypto/pkcs7/p7/cert.p7c b/app/openssl/crypto/pkcs7/p7/cert.p7c deleted file mode 100644 index 2b75ec05..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/cert.p7c and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/p7/smime.p7m b/app/openssl/crypto/pkcs7/p7/smime.p7m deleted file mode 100644 index 2b6e6f82..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/smime.p7m and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/p7/smime.p7s b/app/openssl/crypto/pkcs7/p7/smime.p7s deleted file mode 100644 index 2b5d4fb0..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/smime.p7s and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/pkcs7.h b/app/openssl/crypto/pkcs7/pkcs7.h index 04f60379..5d54c4ac 100644 --- a/app/openssl/crypto/pkcs7/pkcs7.h +++ b/app/openssl/crypto/pkcs7/pkcs7.h @@ -233,10 +233,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) #define PKCS7_set_detached(p,v) \ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) diff --git a/app/openssl/crypto/pkcs7/server.pem b/app/openssl/crypto/pkcs7/server.pem deleted file mode 100644 index 750aac20..00000000 --- a/app/openssl/crypto/pkcs7/server.pem +++ /dev/null @@ -1,24 +0,0 @@ -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit) ------BEGIN CERTIFICATE----- -MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5 -MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG -A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl -cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP -Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2// -Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW -mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i -xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH -irObpESxAZLySCmPPg== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD -TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu -OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj -gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz -rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b -PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA -vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU= ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/sign.c b/app/openssl/crypto/pkcs7/sign.c deleted file mode 100644 index 8b59885f..00000000 --- a/app/openssl/crypto/pkcs7/sign.c +++ /dev/null @@ -1,154 +0,0 @@ -/* crypto/pkcs7/sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include - -int main(argc,argv) -int argc; -char *argv[]; - { - X509 *x509; - EVP_PKEY *pkey; - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - BIO *in; - BIO *data,*p7bio; - char buf[1024*4]; - int i; - int nodetach=0; - -#ifndef OPENSSL_NO_MD2 - EVP_add_digest(EVP_md2()); -#endif -#ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); -#endif -#ifndef OPENSSL_NO_SHA1 - EVP_add_digest(EVP_sha1()); -#endif -#ifndef OPENSSL_NO_MDC2 - EVP_add_digest(EVP_mdc2()); -#endif - - data=BIO_new(BIO_s_file()); -again: - if (argc > 1) - { - if (strcmp(argv[1],"-nd") == 0) - { - nodetach=1; - argv++; argc--; - goto again; - } - if (!BIO_read_filename(data,argv[1])) - goto err; - } - else - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - if ((in=BIO_new_file("server.pem","r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_free(in); - - p7=PKCS7_new(); - PKCS7_set_type(p7,NID_pkcs7_signed); - - si=PKCS7_add_signature(p7,x509,pkey,EVP_sha1()); - if (si == NULL) goto err; - - /* If you do this then you get signing time automatically added */ - PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT, - OBJ_nid2obj(NID_pkcs7_data)); - - /* we may want to add more */ - PKCS7_add_certificate(p7,x509); - - /* Set the content of the signed to 'data' */ - PKCS7_content_new(p7,NID_pkcs7_data); - - if (!nodetach) - PKCS7_set_detached(p7,1); - - if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err; - - for (;;) - { - i=BIO_read(data,buf,sizeof(buf)); - if (i <= 0) break; - BIO_write(p7bio,buf,i); - } - - if (!PKCS7_dataFinal(p7,p7bio)) goto err; - BIO_free(p7bio); - - PEM_write_PKCS7(stdout,p7); - PKCS7_free(p7); - - exit(0); -err: - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - } - diff --git a/app/openssl/crypto/pkcs7/t/3des.pem b/app/openssl/crypto/pkcs7/t/3des.pem deleted file mode 100644 index b2b5081a..00000000 --- a/app/openssl/crypto/pkcs7/t/3des.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ -/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N -WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL -lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8 -5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA= ------END PKCS7----- - diff --git a/app/openssl/crypto/pkcs7/t/3dess.pem b/app/openssl/crypto/pkcs7/t/3dess.pem deleted file mode 100644 index 23f01351..00000000 --- a/app/openssl/crypto/pkcs7/t/3dess.pem +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN PKCS7----- -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/c.pem b/app/openssl/crypto/pkcs7/t/c.pem deleted file mode 100644 index a4b55e32..00000000 --- a/app/openssl/crypto/pkcs7/t/c.pem +++ /dev/null @@ -1,48 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - diff --git a/app/openssl/crypto/pkcs7/t/ff b/app/openssl/crypto/pkcs7/t/ff deleted file mode 100644 index 23f01351..00000000 --- a/app/openssl/crypto/pkcs7/t/ff +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN PKCS7----- -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-e b/app/openssl/crypto/pkcs7/t/msie-e deleted file mode 100644 index aafae69f..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-e +++ /dev/null @@ -1,20 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECMzu8y -wQ/qZbO8cAGMRBF+mPruv3+Dvb9aWNZ2k8njUgqF6mcdhVB2MkGcsG3memRXJBixvMYWVkU3qK4Z -VuKsMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABEBcWwYFHJbJGhiztt7lzue3Lc9CH5WAbyR+2BZ3uv+JxZfRs1PuaWPOwRa0Vgs3 -YwSJoRfxQj2Gk0wFqG1qt6d1MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQI8vRlP/Nx -2iSggASCAZhR5srxyspy7DfomRJ9ff8eMCtaNwEoEx7G25PZRonC57hBvGoScLtEPU3Wp9FEbPN7 -oJESeC+AqMTyTLNy8aQsyC5s53E9UkoIvg62ekYZBbXZqXsrxx4PhiiX3NH8GVh42phB0Chjw0nK -HZeRDmxGY3Cmk+J+l0uVKxbNIfJIKOguLBnhqmnKH/PrnzDt591u0ULy2aTLqRm+4/1Yat/QPb6J -eoKGwNPBbS9ogBdrCNCp9ZFg3Xar2AtQHzyTQIfYeH3SRQUpKmRm5U5o9p5emgEdT+ZfJm/J4tSH -OmbgAFsbHQakA4MBZ4J5qfDJhOA2g5lWk1hIeu5Dn/AaLRZd0yz3oY0Ieo/erPWx/bCqtBzYbMe9 -qSFTedKlbc9EGe3opOTdBZVzK8KH3w3zsy5luxKdOUG59YYb5F1IZiWGiDyuo/HuacX+griu5LeD -bEzOtZnko+TZXvWIko30fD79j3T4MRRhWXbgj2HKza+4vJ0mzcC/1+GPsJjAEAA/JgIEDU4w6/DI -/HQHhLAO3G+9xKD7MvmrzkoAAAAAAAAAAAAA - - diff --git a/app/openssl/crypto/pkcs7/t/msie-e.pem b/app/openssl/crypto/pkcs7/t/msie-e.pem deleted file mode 100644 index a2a5e24e..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-e.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIIDkAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQIzO7zLBD+pls7xwAYxEEX6Y+u6/f4O9 -v1pY1naTyeNSCoXqZx2FUHYyQZywbeZ6ZFckGLG8xhZWRTeorhlW4qwwgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFxbBgUclskaGLO23uXO57ctz0If -lYBvJH7YFne6/4nFl9GzU+5pY87BFrRWCzdjBImhF/FCPYaTTAWobWq3p3UwggHD -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECPL0ZT/zcdokgIIBmFHmyvHK -ynLsN+iZEn19/x4wK1o3ASgTHsbbk9lGicLnuEG8ahJwu0Q9Tdan0URs83ugkRJ4 -L4CoxPJMs3LxpCzILmzncT1SSgi+DrZ6RhkFtdmpeyvHHg+GKJfc0fwZWHjamEHQ -KGPDScodl5EObEZjcKaT4n6XS5UrFs0h8kgo6C4sGeGqacof8+ufMO3n3W7RQvLZ -pMupGb7j/Vhq39A9vol6gobA08FtL2iAF2sI0Kn1kWDddqvYC1AfPJNAh9h4fdJF -BSkqZGblTmj2nl6aAR1P5l8mb8ni1Ic6ZuAAWxsdBqQDgwFngnmp8MmE4DaDmVaT -WEh67kOf8BotFl3TLPehjQh6j96s9bH9sKq0HNhsx72pIVN50qVtz0QZ7eik5N0F -lXMrwoffDfOzLmW7Ep05Qbn1hhvkXUhmJYaIPK6j8e5pxf6CuK7kt4NsTM61meSj -5Nle9YiSjfR8Pv2PdPgxFGFZduCPYcrNr7i8nSbNwL/X4Y+wmMAQAD8mAgQNTjDr -8Mj8dAeEsA7cb73EoPsy+avOSgAAAAA= ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-01 b/app/openssl/crypto/pkcs7/t/msie-enc-01 deleted file mode 100644 index 2c93ab64..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-01 +++ /dev/null @@ -1,62 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxgfMwgfACAQAwgZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0 -IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMT -EkRFTU8gWkVSTyBWQUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKvMaW8xh6oF/X+CJivz -IZV7yHxlp4O3NHQtWG0A8MOZB+CtKlU7/6g5e/a9Du/TOqxRMqtYRp63pa2Q/mM4IYMwgAYJ -KoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAifz6RvzOPYlKCABIGwxtGA/FLBBRs1wbBP -gDCbSG0yCwjJNsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrI -pd8WiSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqrcWTm -STSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sgQki4t2g4/Saq -Kl4EMISgluk6swdND0tiHY7v5d6YR29ePCl2/STJ98eJpWkEEC22GNNvOy7ru/Rv2He4MgQg -optd7sk9MMd9xhJppg7CcH/yDx//HrtgpOcWmn6VxpgECFqon4uXkQtIBIH4PaNclFn7/hLx -Pw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5mYXfw+b81lh1kutxaPaV4YJ9 -ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/t -Mnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVwNx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78Y -M+NaIpIQ3On4DokJA2ZHtjBjZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3Te -dvKJsbZuu0stErbvWcRy11I328l557EECAJT7d44OJ3rBBBj6bnnx6dDU2SRqp2CEoQaBAhK -RBuyhNxkygQIOY9/NhwqAJAECOvX0Zd0DqgoBAjobPpMHhVV3gQQWLU2vEoZ51BwzxdzCmxO -wwQI4oKfudaNqoAESKzBNAqv5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQ -NUEM1dNU+EYslL4o3RoSHRjUgPU+2t9c0prS9A/bPARIEOP94PynaTNxwHi3VTK7SzuQmgzA -4n942E9joSiqsQPlsKAb3sPUaLC3SuUxSjNBgfpvD0bmrA/5h+WZoYXvIogFpwjkSmnFBEie -0lh5Ov1aRrvCw5/j3Q/W/4ZtN5U+aeVBJMtA8n0Mxd5kPxHbNVh4oGprZ6wEegV8ht3voyZa -mZ5Cyxc8ffMYnM/JJI6/oEYEUEMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62r5HgNbdD -FHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3PbfknszCEBEh4PdXYbbaR -3AacN3Q5kYYmWsq3WW6xgrg0mmEGosGvwSQxBBuiXZrxScCa4ivEq05UZwyShePvKduOvnUE -2zDO6IXFLZxhTZAESEm9/FovLgGAiJ7iMGmYvsISLJScwG4n+wrSaQNQXizs9N3ykys54wBN -d/+BQ4F7pncHhDQ2Dyt5MekB8Y8iNOocUTFCu524vQRIaWCXmXP3vU7D21dp0XnAMzRQJ565 -JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6BFDK -6CmKbnyyjOfE2iLGJmTFa905V2KrVDCmlEu/xyGMs80yTyZC+ySzM83FMVvLEQmSzcTNUZVp -DfA1kNXbXkPouBXXT6g8r8JCRljaKKABmgRIlMheOJQRUUU4cgvhMreXPayhq5Ao4VMSCkA5 -hYRCBczm4Di/MMohF0SxIsdRY6gY9CPnrBXAsY6h1RbR7Tw0iQZmeXi52DCiBEj0by+SYMAa -9z0CReIzl8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG -955HlAoEQBOGJbcESCgd5XSirZ9Y3AbCfuKOqoMBvEUGn+w/pMaqnGvnr5FZhuBDKrhRXqtx -QsxA//drGUxsrZOuSL/0+fbvo7n2h1Z8Ny86jOvVZAQIAjw2l1Yc5RAESNc9i3I8pKEOVQf/ -UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs/4n+Vu3SVYU3cAxo -lUTiCGUSlARIF+TD57SI5+RI+MNtnD9rs4E1ml51YoHGWFj3UPriDmY0FKEwIgqtMXMY3fZ9 -Kq8d83bjDzxwbDX7WwR7KbSeJWT42pCz7kM+BEjjPsOnZHuusXT3x2rrsBnYtYsbt98mSFiS -KzTtFmXfkOBbCQdit1P76QnYJ1aXMGs6zP6GypQTadK/zYWvlm38QkVwueaJ0woESKW2pqKA -70h2UMDHOrpepU1lj0YMzmotDHSTU3L909VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1Yda -KPmgsv62RWLYl80wXQRQwG0e/mgG75jp9lOhJdVXqcYbQpS9viwVaVkwH+69mu/bQI4gjoEs -UYX6O71Re2z+cYhcm9UrK+DXuSFBXQOIlAFxKMW4B0apd6fU84FsZLMESOorXE5OE0A2B2ji -J8QI0Exk4hUvWrMNJfUZwFyS7E05xV9ORuX1xmsKqkT4tVR5Nqln4vhvAY860VBoloz0CDkd -8seSBEjeMgRI9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+ -F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCbBEjdlI1c+IQGA/IuTDMJYCuQ/v+8BG5ZeWVH -icPZmXfRat9eFK1dGKAJef6+Tf9HPuDjSpDyffrifsp7Dc34lmm7GN1+ON3ZMtwEUNm6epb8 -1RKWjoI7jIKUV/M2p/0eeGSqs4b06KF/VR6dBwsJVL5DpnTsp3MV4j/CAOlRdSPZ5++tsKbM -aplk+ceqQtpEFz1MYTtVV4+rlrWaBEA1okJyNZ5/tNOwM7B+XfOZ0xw+uyVi9v4byTZM2Qds -J+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNedXPHtBAiBKX+Mdy3wFQQIqE9gVgvrFNUE -CKKoTFoMGqnPBAjDPgLCklNfrwQI3Ek1vSq68w8ECBodu2FOZJVkBAgzwjfSr2N9WQQQTCoQ -KkAbrS9tnjXn1I3+ZwQIrPx3eINo/YUECIeYWCFskxlYBAiDUdvZXwD3vgQIkEyZbbZWbUUE -CH4+odl1Isk3BBj68fkqJ0fKJRWVLWuW/O3VE4BOPKwFlaIECFseVTdDUho8BAj+cOKvV2WA -hgQgaXr+wwq+ItblG0Qxz8IVUXX6PV2mIdHwz4SCCvnCsaIECJhBYxdfLI/XBCDswamPn9MR -yXi2HVQBineV+GtWVkIoZ2dCLFB9mQRMoAQI0nUR5a5AOJoECA+AunKlAlx8BAi5RtFeF4g1 -FQQIz/ie+16LlQcECOmNuVg5DXjMBAjH2nkfpXZgWwQIVdLuO/+kuHAECO/5rEHmyI9vBBD4 -16BU4Rd3YerDQnHtrwOQBCCkho1XxK5Maz8KLCNi20wvcGt8wsIXlj2h5q9ITBq7IgQQvKVY -4OfJ7bKbItP2dylwQgQYPIGxwkkbRXNraONYvN19G8UdF35rFOuIBAjf0sKz/618ZQQIxObr -xJkRe0sECIC+ssnjEb2NBBBI+XM4OntVWGsRV9Td3sFgBAinGwIroo8O0gQQMGAwgc9PaLaG -gBCiwSTrYQQIVHjfCQgOtygEUIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/g0thR0lM -+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy043GNZBAhOqjyB2JbD -NwQoR23XCYD9x6E20ChHJRXmaHwyMdYXKl5CUxypl7ois+sy2D7jDukS3wQIsTyyPgJi0GsA -AAAAAAAAAAAA - diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-01.pem b/app/openssl/crypto/pkcs7/t/msie-enc-01.pem deleted file mode 100644 index 9abf00b2..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-01.pem +++ /dev/null @@ -1,66 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIILyAIBADGB8zCB8AIBADCBmTCBkjELMAkGA1UEBhMC -QVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYD -VQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBAgIEbjANBgkq -hkiG9w0BAQEFAARAq8xpbzGHqgX9f4ImK/MhlXvIfGWng7c0dC1YbQDww5kH4K0q -VTv/qDl79r0O79M6rFEyq1hGnrelrZD+YzghgzCCCssGCSqGSIb3DQEHATAaBggq -hkiG9w0DAjAOAgIAoAQIn8+kb8zj2JSAggqgxtGA/FLBBRs1wbBPgDCbSG0yCwjJ -NsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrIpd8W -iSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqr -cWTmSTSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sg -Qki4t2g4/SaqKl6EoJbpOrMHTQ9LYh2O7+XemEdvXjwpdv0kyffHiaVpBBAtthjT -bzsu67v0b9h3uDKim13uyT0wx33GEmmmDsJwf/IPH/8eu2Ck5xaafpXGmFqon4uX -kQtIPaNclFn7/hLxPw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5 -mYXfw+b81lh1kutxaPaV4YJ9ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/ -GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/tMnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVw -Nx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78YM+NaIpIQ3On4DokJA2ZHtjBj -ZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3TedvKJsbZuu0stErbv -WcRy11I328l557ECU+3eODid62PpuefHp0NTZJGqnYIShBpKRBuyhNxkyjmPfzYc -KgCQ69fRl3QOqCjobPpMHhVV3li1NrxKGedQcM8XcwpsTsPigp+51o2qgKzBNAqv -5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQNUEM1dNU+EYslL4o -3RoSHRjUgPU+2t9c0prS9A/bPBDj/eD8p2kzccB4t1Uyu0s7kJoMwOJ/eNhPY6Eo -qrED5bCgG97D1Giwt0rlMUozQYH6bw9G5qwP+YflmaGF7yKIBacI5EppxZ7SWHk6 -/VpGu8LDn+PdD9b/hm03lT5p5UEky0DyfQzF3mQ/Eds1WHigamtnrAR6BXyG3e+j -JlqZnkLLFzx98xicz8kkjr+gRkMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62 -r5HgNbdDFHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3Pbfkn -szCEeD3V2G22kdwGnDd0OZGGJlrKt1lusYK4NJphBqLBr8EkMQQbol2a8UnAmuIr -xKtOVGcMkoXj7ynbjr51BNswzuiFxS2cYU2QSb38Wi8uAYCInuIwaZi+whIslJzA -bif7CtJpA1BeLOz03fKTKznjAE13/4FDgXumdweENDYPK3kx6QHxjyI06hxRMUK7 -nbi9aWCXmXP3vU7D21dp0XnAMzRQJ565JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW -7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6yugpim58soznxNoixiZkxWvdOVdi -q1QwppRLv8chjLPNMk8mQvskszPNxTFbyxEJks3EzVGVaQ3wNZDV215D6LgV10+o -PK/CQkZY2iigAZqUyF44lBFRRThyC+Eyt5c9rKGrkCjhUxIKQDmFhEIFzObgOL8w -yiEXRLEix1FjqBj0I+esFcCxjqHVFtHtPDSJBmZ5eLnYMKL0by+SYMAa9z0CReIz -l8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG -955HlAoEQBOGJbcoHeV0oq2fWNwGwn7ijqqDAbxFBp/sP6TGqpxr56+RWYbgQyq4 -UV6rcULMQP/3axlMbK2Trki/9Pn276O59odWfDcvOozr1WQCPDaXVhzlENc9i3I8 -pKEOVQf/UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs -/4n+Vu3SVYU3cAxolUTiCGUSlBfkw+e0iOfkSPjDbZw/a7OBNZpedWKBxlhY91D6 -4g5mNBShMCIKrTFzGN32fSqvHfN24w88cGw1+1sEeym0niVk+NqQs+5DPuM+w6dk -e66xdPfHauuwGdi1ixu33yZIWJIrNO0WZd+Q4FsJB2K3U/vpCdgnVpcwazrM/obK -lBNp0r/Nha+WbfxCRXC55onTCqW2pqKA70h2UMDHOrpepU1lj0YMzmotDHSTU3L9 -09VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1YdaKPmgsv62RWLYl80wXcBtHv5o -Bu+Y6fZToSXVV6nGG0KUvb4sFWlZMB/uvZrv20COII6BLFGF+ju9UXts/nGIXJvV -Kyvg17khQV0DiJQBcSjFuAdGqXen1POBbGSz6itcTk4TQDYHaOInxAjQTGTiFS9a -sw0l9RnAXJLsTTnFX05G5fXGawqqRPi1VHk2qWfi+G8BjzrRUGiWjPQIOR3yx5IE -SN4y9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+ -F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCb3ZSNXPiEBgPyLkwzCWArkP7/vARu -WXllR4nD2Zl30WrfXhStXRigCXn+vk3/Rz7g40qQ8n364n7Kew3N+JZpuxjdfjjd -2TLc2bp6lvzVEpaOgjuMgpRX8zan/R54ZKqzhvTooX9VHp0HCwlUvkOmdOyncxXi -P8IA6VF1I9nn762wpsxqmWT5x6pC2kQXPUxhO1VXj6uWtZo1okJyNZ5/tNOwM7B+ -XfOZ0xw+uyVi9v4byTZM2QdsJ+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNed -XPHtgSl/jHct8BWoT2BWC+sU1aKoTFoMGqnPwz4CwpJTX6/cSTW9KrrzDxodu2FO -ZJVkM8I30q9jfVlMKhAqQButL22eNefUjf5nrPx3eINo/YWHmFghbJMZWINR29lf -APe+kEyZbbZWbUV+PqHZdSLJN/rx+SonR8olFZUta5b87dUTgE48rAWVolseVTdD -Uho8/nDir1dlgIZpev7DCr4i1uUbRDHPwhVRdfo9XaYh0fDPhIIK+cKxophBYxdf -LI/X7MGpj5/TEcl4th1UAYp3lfhrVlZCKGdnQixQfZkETKDSdRHlrkA4mg+AunKl -Alx8uUbRXheINRXP+J77XouVB+mNuVg5DXjMx9p5H6V2YFtV0u47/6S4cO/5rEHm -yI9v+NegVOEXd2Hqw0Jx7a8DkKSGjVfErkxrPwosI2LbTC9wa3zCwheWPaHmr0hM -GrsivKVY4OfJ7bKbItP2dylwQjyBscJJG0Vza2jjWLzdfRvFHRd+axTriN/SwrP/ -rXxlxObrxJkRe0uAvrLJ4xG9jUj5czg6e1VYaxFX1N3ewWCnGwIroo8O0jBgMIHP -T2i2hoAQosEk62FUeN8JCA63KIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/ -g0thR0lM+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy04 -3GNZTqo8gdiWwzdHbdcJgP3HoTbQKEclFeZofDIx1hcqXkJTHKmXuiKz6zLYPuMO -6RLfsTyyPgJi0GsAAAAA ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-02 b/app/openssl/crypto/pkcs7/t/msie-enc-02 deleted file mode 100644 index 70170559..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-02 +++ /dev/null @@ -1,90 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABEACr4tn -kSzvo3aIlHfJLGbfokNCV6FjdDP1vQhL+kdXONqcFCEf9ReETCvaHslIr/Wepc5j2hjZselzgqLn -rM1ZMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABEBanBxKOvUoRn3DiFY55lly2TPu2Cv+dI/GLrzW6qvnUMZPWGPGaUlPyWLMZrXJ -xGXZUiRJKTBwDu91fnodUEK9MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQImxKZEDWP -EuOggASCBACBi1bX/qc3geqFyfRpX7JyIo/g4CDr62GlwvassAGlIO8zJ5Z/UDIIooeV6QS4D4OW -PymKd0WXhwcJI0yBcJTWEoxND27LM7CWFJpA07AoxVCRHTOPgm794NynLecNUOqVTFyS4CRuLhVG -PAk0nFZG/RE2yMtx4rAkSiVgOexES7wq/xWuoDSSmuTMNQOTbKfkEKqdFLkM/d62gD2wnaph7vKk -PPK82wdZP8rF3nUUC5c4ahbNoa8g+5B3tIF/Jz3ZZK3vGLU0IWO+i7W451dna13MglDDjXOeikNl -XLsQdAVo0nsjfGu+f66besJojPzysNA+IEZl6gNWUetl9lim4SqrxubUExdS2rmXnXXmEuEW/HC7 -dlTAeYq5Clqx5id6slhC2C2oegMww3XH9yxHw6OqzvXY6pVPEScEtBMQLgaKFQT+m2SRtbTVFG7c -QcnUODyVB1IbpQTF1DHeeOX1W/HfpWZym8dzkti6SCyeumHmqO406xDiIMVKtHOqM86nEHuAMZsr -cLy+ey6TEJvR6S4N8QRzng8JJDZDTJXQN6q84aEudsnOrw2KyOVwPpI6ey4qBsHUgQ8kAFy5lsQa -WV45h6exgUwbBcKLgPZGFj+OdD2RKJsTb83/UqbJS5Q/lGXhzBlnaYucyJxEprRxbntmcnOEPFJe -+tRDUwOTd7qlJljdhIJL+uDcooL9Ahgo6Cwep6tduekv2cSEohJeTE8Dvy34YRhMbLvnFNdmnpNy -rNZDYVVxxaKoyd2AfB8NPFZh1VdAYfI3R1QAQ2kXEef5NNIfVQfMzD9akJn4RP+Kv32Qaxm4FrnK -xmwRyGJShavIBc2ax+F1r1+NZXuSBHn5vfoRTxOk0ST4dXsw74dnlYUMRaSu4qqUdM9jsXSyeX4Z -gQgkR2bkaYO6ezFgenFIa7QWVw8rXZAEZ5aibCxbnY1VE41PYIvhlLdbFJhH9gY22s+fFAuwnzyA -SRjC40A9aAEItRlaPStWSGiqlLRgNkBBwdpv2l2YPBd2QzHx6ek6XGrvRJuAC+Nh62rtQKwpNH54 -YAOHW55maBFW2SQ3TF+cZ6NbbqhCmHTyyR7mcSYc9sXSVDWEhYKQ1iyU870zhHWVpvglZizZetJC -ZFjYex3b1ngVdcgargOvpPq9urCKKi2mbkqv/EFpzSWGXkKSpfCG/XfMnEOtkNrB8S06vnk2JcJB -OBqJot+uuSH5hOg0vTpxX2DuONJSiWSWyfRE/lTfJJFXwhod7SXclUyXPeSyibcSic2hVAzDmwjD -31js/j2k02PI/agPhr3UQ8cMgcNAiaoCKbNaWfn6BGbCAbTchxzUlo2cSJiLlrX2IDZmfXbXmZCo -m1smWIG+BIIEALiuAxDb6dWLAYyVBoN9hYI4AiPeZAY9MtvQ6AV8o2/EFm6PvYGXy3Hei5830CH0 -PBeX7Kdd6ff1y33TW/l5qSkIL1ULTGR7okFfJePHDmq1dFt6/JOMptiQ8WSu7CsJQvZ9VTFXeYFc -ZqCPPZc1NrPegNK70Zf9QxWIbDAevJ5KLBf1c6j8pU2/6LnvDY6VjaTvYSgr7vTR8eVzH4Rm77W0 -iOHxg5VcODv6cGSVyuvbX8UAGo8Cmb58ERDtBDJBQXVpWKLNAuDJ9GX8n2zNkpjZLbPSkcmuhqGa -BJBE/BaCTkUQWlY9dIbRtEnxIU1mfbPPdx1Ppa8DqGDjSOsQdKcKYNNZtayEw++EIpmpdBNsKphC -fB8UEK2Wkk4ZVW+qyGoi/r0MFsvO1NmSOOZ0o/jy/YHmoeURHhPy97AO3eVTkEAa5CfJEJybmo56 -7CDw/FwoGAUCgsoz7rlxzMudr/IhHIH+APinncxXlHO2ecvHD9i8DaHGA8tVifgsUhqQoZieULut -eF94O5UAxOkv41UZssYTwN4nYrN1QkesZl3BX4ORS4EE30/PQ23ARf3WZptZrCJevGm2ZYzGeh8x -g17mCDfiLO+bff4qP/4mC96Pu4ia6j4to5BwKIJS/+DCuoD8WeSKF4pugXQkMUiHdQnNnVP9Sp2O -/4ly5mO8JzrQC59V2bnTNBqPhpno8kfJvK5TypPSVC+bTzern3rJ6UceB3srcn9zxKx9GdNydJQj -yWjv8ec3n3d1nuQwhz5Q053NBhIjwoGg3Go7LO6i78ZOlpF7dcoAO13NfHLyNjnyHCaiWtVRTct9 -rLf5vN00urSn8YJngHk1eTKK8nHGIcOg6YdYDOD2nE5XwRijKmieG8Xa3eKRzfbL06GrBQENle6J -mC131bp3cRVxpjq+o6RAbGoMm4yICsL4eTarCQrsyHmoPHqr91UHo91avyxU7knWmEhX27ybmsrs -8aeZwPHixL14TeyhruCqRVvkf1Ks7P+z8MPUboGNqQe2WLN8ktCGEr15O8MJR/em86G03Jfo4oaw -/DVUH5RwLT6acedOGuzMh/2r8BcmemhVQ8/cWvV4YJ0tOW4hzyVHC5hQf8sZ3LzxXLH6Ohnrbprh -xvrdbaSdChWZDDP0bCCbxEhkwuBkBeKZrMbwRTP+TPTPYLVTH/CmKLzKh/114tkGkyO3hHS4qExU -V39F2Sj4mylx+hD0+20D9pntpNi7htccGlOm6yNM69at/3+kLgJJyoIlaxLcCUYHNMifDt+T3p/t -5U4XmD53uUQ6M8dvj/udqPekNSUfse15yrd9pjOt5PcJuqW28q0sFHf9pHIgz3XZFMe5PD7ppw6r -S+C6Ir4PrYIEggQA7ZDVtiCm+BbtNNB/UJm79/OQ5mp5bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOB -DICj7jHOXSHT7JlGyX6aSFJUltucAnZvwzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwf -WSDRtIHkWTjly+pe4yy5K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/y -NH8Wy3qvb2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6KCEi -LgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili20hCn4hVfsqUQk2PT -8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvlSVIfY+/v/FR8feKOjaGhyGF51BAx -aM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKmCMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vP -Ko/mQCfWy/9icUaIfKQldvkllUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnl -m89saTJxRb7NWHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj -hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUDsvjgjgLQ3P2U -p2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1IyKqHFoB7h48OXxXKKY94DY0TG -x6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJGObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuF -yhdPZyuniIcmtLNxRZ1duYHErcAyX56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT -7lTcXvDJgOUNnBRaIcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxy -Xg4pkneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7VKHtXrNyj -dPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/6EIHBy2hZ7ukfjHmdP4L -yQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8Ro9eo6mfjjQ45z8adC43a47klwTEzvod -3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5 -BpRD9Tgm3u6HPQSCBADgkWEN75Mu9TGosXY0xm1k6K6sPv8L949CrLWo4r1I2LA072bTGvQP28Vs -hUA76jgcT1ocC++9PoktIK10YCq5w+FfMAQ04KeCXuAdmiY2iAT4Slea61PMCMta3mVGyLUZCLEm -P+I0UKR5mlO0fGEcjU9j8TmbjZqxNFqloLsU7oSi7Os0EtYHkdAVrExUyOc/ZDie6fBjdLTmLdCm -bE9JNwjlbXypdTZupGgLNhKGDIskUAAMwZYayI6YfSIMkNCeAYTnjOuGZZ1msCXGXsfMBR1sfUIj -9UeGjwD8gq+UVVHX/oeoH/m0eJ5ppqi3+nUlgc9DvpYsC/Fg0G2KuYb9B+VJ+a4GMzQSPREoFtQp -B9dtLkBb7Ha/hpGWTIdqzW0eAo5llyN8FNvl2Fu2IcLaNmWFO69gLjRKQopp0dvFOuwAVI6fvGDj -p1WigoNbFZl8N+iiWmzKOjoG2ZLbez1clZCms/JPJrXhEMMOxWpVzkQyN336VWHmGgMcjaKCGSeA -2nnESIGuiCXMrkHlGfabYIsKcHFCo2t13uXyZPf0zSPTkuD0Eh92wqC9pvA3gvrrCUfo9Mn3bs+e -KWKmDlpcs8mDn032oIg+zrQhIduMqXVn3evzeVM3B5MBOGMvg51/SXg7R+MC/463juQQEb9IVe/I -YGnO//oWm9lw/377Af/qH+FnN02obJw1FvesQIs9e5RHNQykKbO+vmVJQl1nd9DZWrHDNO7/80Yz -2hCm7Tws5nSRN2iFlyRaYJHr7ypxkU2rCak2r6ua7XDwu1qU2RT3+qPjT1RuxQ2oTlHyGkKPMZGC -Rc+CSWz5aeeCmHZVwdb3nC8YpfsujMiYqygLeuQ82pjKuR7DIKGmnfcOLdv5F+Ek2Wyy0D98iSgk -+aoQGYLhL9llU13pn21uRsDY5uGcXiIw1IETFlTdgENEv8futZuJsegrp7fmFXyNoNyFNyypeDrM -6ZqR4vKxFjg3tKKeVpkw/W4EAklzMxmNiazGNDBHsnYV3rwPlKa+HeeE2YxnsKwGLCNgRYUXTaJk -461vS160z3dvh/mLfdZ7MYCkmO3bNE3ELUDAw7YQkSuo9ujzdFKte9LC34sjg9fOex3ThAg5Y50n -wYm4zBmGM7yEqL8O6QgnM6tIDFS9XryDaLNzcGhMWqMvhzO6sC/AA2WfLgwS517Cp03IkJQWqG9q -w52+E+GAtpioJfczEhlv9BrhjttdugRSjJrG8SYVYE4zG3Aur5eNBoGaALIOHOtPw8+JovQmIWcF -oaJ/WQuglFrWtew51IK6F8RiHAOBVavZOuZcO7tV+5enVfreOd0rX8ZOy4hYmHhmF1hOrrWOn+Ee -E0SYKonXN01BM9xMBIIBSLCvNAppnGPTUGjwbMJRg1VJ2KMiBWH5oJp8tyfIAxMuWFdtaLYbRSOD -XbOAshPVK8JAY8DQDkzqaCTAkLTfSRAt9yY6SbUpMsRv7xa8nMZNJBJzJT9b/wNjgiOJgaGuJMkV -2g/DX2jfP3PrMM/Sbnz7edORXHj1Pa5XTT8nG5MS0FuZgvevdq3o/gVVAz+ZCKOH3ShMzZvfp01l -SX5gaJTflmU6cdNwtn2yZ6IScF7OrjUeA9iEoSVR9dQcA+4lB3RAG3LMwcnxXY35D7+PMJzHIZdF -cSnq+n03ACY2/E/T31iijRH29rvYHGI+mP/ieYs45iq4fTWo6i1HofeWLdP0fX7xW3XO0/hWYFiw -BxKu66whAbRhaib3XJNvetVs25ToYXyiDpjG+cd5rCMei8sGQwTBj9Zeh0URoeMW1inTP0JvCmMU -rZgAAAAAAAAAAAAA - diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-02.pem b/app/openssl/crypto/pkcs7/t/msie-enc-02.pem deleted file mode 100644 index 279c5d83..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-02.pem +++ /dev/null @@ -1,106 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIITQAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQAKvi2eRLO+jdoiUd8ksZt+iQ0JXoWN0 -M/W9CEv6R1c42pwUIR/1F4RMK9oeyUiv9Z6lzmPaGNmx6XOCoueszVkwgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFqcHEo69ShGfcOIVjnmWXLZM+7Y -K/50j8YuvNbqq+dQxk9YY8ZpSU/JYsxmtcnEZdlSJEkpMHAO73V+eh1QQr0wghFz -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECJsSmRA1jxLjgIIRSIGLVtf+ -pzeB6oXJ9GlfsnIij+DgIOvrYaXC9qywAaUg7zMnln9QMgiih5XpBLgPg5Y/KYp3 -RZeHBwkjTIFwlNYSjE0PbsszsJYUmkDTsCjFUJEdM4+Cbv3g3Kct5w1Q6pVMXJLg -JG4uFUY8CTScVkb9ETbIy3HisCRKJWA57ERLvCr/Fa6gNJKa5Mw1A5Nsp+QQqp0U -uQz93raAPbCdqmHu8qQ88rzbB1k/ysXedRQLlzhqFs2hryD7kHe0gX8nPdlkre8Y -tTQhY76LtbjnV2drXcyCUMONc56KQ2VcuxB0BWjSeyN8a75/rpt6wmiM/PKw0D4g -RmXqA1ZR62X2WKbhKqvG5tQTF1LauZeddeYS4Rb8cLt2VMB5irkKWrHmJ3qyWELY -Lah6AzDDdcf3LEfDo6rO9djqlU8RJwS0ExAuBooVBP6bZJG1tNUUbtxBydQ4PJUH -UhulBMXUMd545fVb8d+lZnKbx3OS2LpILJ66Yeao7jTrEOIgxUq0c6ozzqcQe4Ax -mytwvL57LpMQm9HpLg3xBHOeDwkkNkNMldA3qrzhoS52yc6vDYrI5XA+kjp7LioG -wdSBDyQAXLmWxBpZXjmHp7GBTBsFwouA9kYWP450PZEomxNvzf9SpslLlD+UZeHM -GWdpi5zInESmtHFue2Zyc4Q8Ul761ENTA5N3uqUmWN2Egkv64Nyigv0CGCjoLB6n -q1256S/ZxISiEl5MTwO/LfhhGExsu+cU12aek3Ks1kNhVXHFoqjJ3YB8Hw08VmHV -V0Bh8jdHVABDaRcR5/k00h9VB8zMP1qQmfhE/4q/fZBrGbgWucrGbBHIYlKFq8gF -zZrH4XWvX41le5IEefm9+hFPE6TRJPh1ezDvh2eVhQxFpK7iqpR0z2OxdLJ5fhmB -CCRHZuRpg7p7MWB6cUhrtBZXDytdkARnlqJsLFudjVUTjU9gi+GUt1sUmEf2Bjba -z58UC7CfPIBJGMLjQD1oAQi1GVo9K1ZIaKqUtGA2QEHB2m/aXZg8F3ZDMfHp6Tpc -au9Em4AL42Hrau1ArCk0fnhgA4dbnmZoEVbZJDdMX5xno1tuqEKYdPLJHuZxJhz2 -xdJUNYSFgpDWLJTzvTOEdZWm+CVmLNl60kJkWNh7HdvWeBV1yBquA6+k+r26sIoq -LaZuSq/8QWnNJYZeQpKl8Ib9d8ycQ62Q2sHxLTq+eTYlwkE4Gomi3665IfmE6DS9 -OnFfYO440lKJZJbJ9ET+VN8kkVfCGh3tJdyVTJc95LKJtxKJzaFUDMObCMPfWOz+ -PaTTY8j9qA+GvdRDxwyBw0CJqgIps1pZ+foEZsIBtNyHHNSWjZxImIuWtfYgNmZ9 -dteZkKibWyZYgb64rgMQ2+nViwGMlQaDfYWCOAIj3mQGPTLb0OgFfKNvxBZuj72B -l8tx3oufN9Ah9DwXl+ynXen39ct901v5eakpCC9VC0xke6JBXyXjxw5qtXRbevyT -jKbYkPFkruwrCUL2fVUxV3mBXGagjz2XNTaz3oDSu9GX/UMViGwwHryeSiwX9XOo -/KVNv+i57w2OlY2k72EoK+700fHlcx+EZu+1tIjh8YOVXDg7+nBklcrr21/FABqP -Apm+fBEQ7QQyQUF1aViizQLgyfRl/J9szZKY2S2z0pHJroahmgSQRPwWgk5FEFpW -PXSG0bRJ8SFNZn2zz3cdT6WvA6hg40jrEHSnCmDTWbWshMPvhCKZqXQTbCqYQnwf -FBCtlpJOGVVvqshqIv69DBbLztTZkjjmdKP48v2B5qHlER4T8vewDt3lU5BAGuQn -yRCcm5qOeuwg8PxcKBgFAoLKM+65cczLna/yIRyB/gD4p53MV5RztnnLxw/YvA2h -xgPLVYn4LFIakKGYnlC7rXhfeDuVAMTpL+NVGbLGE8DeJ2KzdUJHrGZdwV+DkUuB -BN9Pz0NtwEX91mabWawiXrxptmWMxnofMYNe5gg34izvm33+Kj/+Jgvej7uImuo+ -LaOQcCiCUv/gwrqA/FnkiheKboF0JDFIh3UJzZ1T/Uqdjv+JcuZjvCc60AufVdm5 -0zQaj4aZ6PJHybyuU8qT0lQvm083q596yelHHgd7K3J/c8SsfRnTcnSUI8lo7/Hn -N593dZ7kMIc+UNOdzQYSI8KBoNxqOyzuou/GTpaRe3XKADtdzXxy8jY58hwmolrV -UU3Lfay3+bzdNLq0p/GCZ4B5NXkyivJxxiHDoOmHWAzg9pxOV8EYoyponhvF2t3i -kc32y9OhqwUBDZXuiZgtd9W6d3EVcaY6vqOkQGxqDJuMiArC+Hk2qwkK7Mh5qDx6 -q/dVB6PdWr8sVO5J1phIV9u8m5rK7PGnmcDx4sS9eE3soa7gqkVb5H9SrOz/s/DD -1G6BjakHtlizfJLQhhK9eTvDCUf3pvOhtNyX6OKGsPw1VB+UcC0+mnHnThrszIf9 -q/AXJnpoVUPP3Fr1eGCdLTluIc8lRwuYUH/LGdy88Vyx+joZ626a4cb63W2knQoV -mQwz9Gwgm8RIZMLgZAXimazG8EUz/kz0z2C1Ux/wpii8yof9deLZBpMjt4R0uKhM -VFd/Rdko+JspcfoQ9PttA/aZ7aTYu4bXHBpTpusjTOvWrf9/pC4CScqCJWsS3AlG -BzTInw7fk96f7eVOF5g+d7lEOjPHb4/7naj3pDUlH7Htecq3faYzreT3CbqltvKt -LBR3/aRyIM912RTHuTw+6acOq0vguiK+D62C7ZDVtiCm+BbtNNB/UJm79/OQ5mp5 -bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOBDICj7jHOXSHT7JlGyX6aSFJUltucAnZv -wzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwfWSDRtIHkWTjly+pe4yy5 -K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/yNH8Wy3qv -b2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6 -KCEiLgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili2 -0hCn4hVfsqUQk2PT8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvl -SVIfY+/v/FR8feKOjaGhyGF51BAxaM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKm -CMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vPKo/mQCfWy/9icUaIfKQldvkl -lUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnlm89saTJxRb7N -WHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj -hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUD -svjgjgLQ3P2Up2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1Iy -KqHFoB7h48OXxXKKY94DY0TGx6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJ -GObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuFyhdPZyuniIcmtLNxRZ1duYHErcAy -X56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT7lTcXvDJgOUNnBRa -IcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxyXg4p -kneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7V -KHtXrNyjdPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/ -6EIHBy2hZ7ukfjHmdP4LyQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8 -Ro9eo6mfjjQ45z8adC43a47klwTEzvod3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK -0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5BpRD9Tgm3u6HPeCRYQ3v -ky71MaixdjTGbWTorqw+/wv3j0KstajivUjYsDTvZtMa9A/bxWyFQDvqOBxPWhwL -770+iS0grXRgKrnD4V8wBDTgp4Je4B2aJjaIBPhKV5rrU8wIy1reZUbItRkIsSY/ -4jRQpHmaU7R8YRyNT2PxOZuNmrE0WqWguxTuhKLs6zQS1geR0BWsTFTI5z9kOJ7p -8GN0tOYt0KZsT0k3COVtfKl1Nm6kaAs2EoYMiyRQAAzBlhrIjph9IgyQ0J4BhOeM -64ZlnWawJcZex8wFHWx9QiP1R4aPAPyCr5RVUdf+h6gf+bR4nmmmqLf6dSWBz0O+ -liwL8WDQbYq5hv0H5Un5rgYzNBI9ESgW1CkH120uQFvsdr+GkZZMh2rNbR4CjmWX -I3wU2+XYW7Yhwto2ZYU7r2AuNEpCimnR28U67ABUjp+8YOOnVaKCg1sVmXw36KJa -bMo6OgbZktt7PVyVkKaz8k8mteEQww7FalXORDI3ffpVYeYaAxyNooIZJ4DaecRI -ga6IJcyuQeUZ9ptgiwpwcUKja3Xe5fJk9/TNI9OS4PQSH3bCoL2m8DeC+usJR+j0 -yfduz54pYqYOWlyzyYOfTfagiD7OtCEh24ypdWfd6/N5UzcHkwE4Yy+DnX9JeDtH -4wL/jreO5BARv0hV78hgac7/+hab2XD/fvsB/+of4Wc3TahsnDUW96xAiz17lEc1 -DKQps76+ZUlCXWd30NlascM07v/zRjPaEKbtPCzmdJE3aIWXJFpgkevvKnGRTasJ -qTavq5rtcPC7WpTZFPf6o+NPVG7FDahOUfIaQo8xkYJFz4JJbPlp54KYdlXB1vec -Lxil+y6MyJirKAt65DzamMq5HsMgoaad9w4t2/kX4STZbLLQP3yJKCT5qhAZguEv -2WVTXemfbW5GwNjm4ZxeIjDUgRMWVN2AQ0S/x+61m4mx6Cunt+YVfI2g3IU3LKl4 -OszpmpHi8rEWODe0op5WmTD9bgQCSXMzGY2JrMY0MEeydhXevA+Upr4d54TZjGew -rAYsI2BFhRdNomTjrW9LXrTPd2+H+Yt91nsxgKSY7ds0TcQtQMDDthCRK6j26PN0 -Uq170sLfiyOD1857HdOECDljnSfBibjMGYYzvISovw7pCCczq0gMVL1evINos3Nw -aExaoy+HM7qwL8ADZZ8uDBLnXsKnTciQlBaob2rDnb4T4YC2mKgl9zMSGW/0GuGO -2126BFKMmsbxJhVgTjMbcC6vl40GgZoAsg4c60/Dz4mi9CYhZwWhon9ZC6CUWta1 -7DnUgroXxGIcA4FVq9k65lw7u1X7l6dV+t453Stfxk7LiFiYeGYXWE6utY6f4R4T -RJgqidc3TUEz3EywrzQKaZxj01Bo8GzCUYNVSdijIgVh+aCafLcnyAMTLlhXbWi2 -G0Ujg12zgLIT1SvCQGPA0A5M6mgkwJC030kQLfcmOkm1KTLEb+8WvJzGTSQScyU/ -W/8DY4IjiYGhriTJFdoPw19o3z9z6zDP0m58+3nTkVx49T2uV00/JxuTEtBbmYL3 -r3at6P4FVQM/mQijh90oTM2b36dNZUl+YGiU35ZlOnHTcLZ9smeiEnBezq41HgPY -hKElUfXUHAPuJQd0QBtyzMHJ8V2N+Q+/jzCcxyGXRXEp6vp9NwAmNvxP099Yoo0R -9va72BxiPpj/4nmLOOYquH01qOotR6H3li3T9H1+8Vt1ztP4VmBYsAcSruusIQG0 -YWom91yTb3rVbNuU6GF8og6YxvnHeawjHovLBkMEwY/WXodFEaHjFtYp0z9Cbwpj -FK2YAAAAAA== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-s-a-e b/app/openssl/crypto/pkcs7/t/msie-s-a-e deleted file mode 100644 index 0067794d..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-s-a-e +++ /dev/null @@ -1,91 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECjscaS -G0U299fqiEAgTqTFQBp8Ai6zzjl557cVb3k6z4QZ7CbqBjSXAjLbh5e7S5Hd/FrFcDnxl1Ka06ha -VHGPMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABECsyHXZ1xaiv0UQRvOmVYsaF38AL2XX75wxbCsz5/wOg7g3RP4aicZxaR4sBog0 -f2G1o9om/hu+A0rIYF/L4/GUMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQIsozQrnwj -cc2ggASCBAAQz/LPoJe/+iYWeTwSebz6Q9UeKZzQ2UWm7GLtEM3s3c9SCvpmkwIRdEhLjWaBJMyI -DiL7t1I1vMf9inB8LXgAcIEYkpNScjS8ERA9Ebb7ieNKSBg7w7B8ATHFxLSlDADqRgoZrB1Ctfgf -ximp3EgxTgnhtyQhZxXW7kBQyFRwumplrJXOp7albP7IothrOKncw30IJT1fwPxWNMItI9juXF0U -CbWVSjPzGBo4+XNXMvUO6MplOQEz/ywEQ9E8OZAQex1Zw9qq5ppsXB2pMsYV5sLJGikukMYKquiz -3YK+tN6J8ahLcDUs+VGwqvZi17gpBTlbEP+ZmXJpnO63t1yTEB0V5AZcRKWUOhzlCBM5YUagqNoY -cpsmSvOK6bYzkUKOrzWpDCAtGZ/Dvul5dTZZmxs2WpM+iyeHXMxO3huy8K1brPTqt1f1sHhuq1jD -1eXedaCjIgUW9qV18vNAQCof/Yb6T/1fxztf/jD7pPLQJ+7LJkKCAEHGcaizpoKqhYcttaEhLq1G -O+Ohqf7yFegMdTJ3wwP324w5ZYSU5fLo2Z34/Edf6EGvXyTIqVfAmEBALd6JGVdN5GlYYTxrL+eO -P80Z4ao4YKoxwEmRp5bmQsQ8B29QhOFKmC6eiG5B96qLMtp7Zmu1grDNxTd6OXShWVwYARD0/B1P -Sy0PAfk9Gb4fAkO9fZJDQYZ7s0mM5iOPEeSR7820TolOb+KfRabLA9d714jsc2jEykKlpP66Bh4j -aCsyqJ0uUQcE8SnzrKAqGwgWiCGQpiTa+HBiP6eRlRGOKQj5Y06vcNx6Ija4cGe6+yCN8HV8tCY0 -okZK98NQCl5t79R/ZB2c3NvBJH+/g3ulU48ikT3tVmDxE3mOZofZyGFEM99P+YCMScLDxTl3hzGy -0YkI8U855P7qOAbcFfh2T5n+LSELwLhbkymEfZT917GWTfmypBWMvJx0WHeDhKwQYPdzbKgWETnc -yeKasaCW+oLdhBwrd6Ws2r4MA8cwiYXDLbwYmCxJA8VF++8kubF2HJOjSyMBS+QT2PSV/0D9UWoi -Vfk7R4OvWBJVvq7nV+lXS0O5igjExxlmx1OaBfg7+Cr/MbK4zVNrKSJn82NnKKt6LC6RaTmvFYay -0sDFxQ7Xo+Th6tDNKmKWJt6Kegfjc+qTWJTKb3kL+UI8vS0zTLy1+M/rZ4ekos/JiS5rYIcAswvg -58kBgp/0rc6upBeWjBaK5O0aLAeBQfLulo1axWX04OSVKmYeoAltyR6UO9ME3acurQyg7Ta24yqO -whi/PrIaEiO7dsWvFtzsshVzBLic02NlAkPkMUzliPYnZHWQglDAVxL5K2qhvK1OFCkQpIgBsBDM -6KYRL/mkBIIEALIl927rIkaN37/BQIcxLcSa05YfC0Hl3mxWESt1A0D4lA37A9S8EbYmDfAYlMc0 -3HhZGdZEtawfpJFyDHzNZceNWBch6nxeNZCY4YFdsbzuGS0RKpwNA9S/czOJ4p9ymBCxuhGepI3U -PKbC8C749Www1/wMdAot1n+K7M/PBGR8hWmaH5SS7U3yMwAB1fq2NDjx4ur+Um+MclSdN01MDXzG -EO+eAo1pdAY8479234l8dB2YVAhZ1ZlJ4KmbqMKJrGJXnQUEYS6/cTDRjsUocsoW7uGg1ci2GiHa -qjlkfpBfie3SdhFW/K8hwAH0HALs56oFN66wUkP/AaJAPfIUNhR6RpHKzZ9zCC42oB2mNawQRMnF -ETBl1s/SwMxLKRp7jAfKs4NZxSY6I9z/2dTpzS3tsHMjxVDuxkolvRNWBILEMeL1CBvip2HhmoUw -/Sz5NDgyzk1aQLV6DQNJ2RZLMZDRCtSwZSBu6lhhSgTJGazP0+NbqXXC5aQTrqrFIcWyDXz+ADle -kszzYM/gSaQTCALTwfDDaU9Ek3xVgW+XBtExtJ3U+0AN3l0j86rUIdIvp6eWdxWQqv9LtpoorKMD -KfUc5PYV09Z1JgsT4X51Zzq+74l5dz7udIM7UNbdTpmRm9PDj3TUbGCvNR9hqOEGTLbkvb1ZR24a -h6uGRl2znB25IpDAGRhNRb9is/pO2tvHwHTDMOjrgvZG/pNvXgSUxz0pRjUjXIcqBe2X2gcQfeal -r8gY76o83WEGL6ODryV9vTQVHt52+izgpYoBZaVlpgqbZl54c+OE0Zxf9RwXwDbcYu5Ku5E0MPL0 -qUjc0y2+Y6E4P5bAWaZGMGT+ORkyVUzcaWmM/+XlO7PER5wrWlCIMZCX1L/nvioY0q0CKqALn7DJ -QU+qenbwrb6uwS7uNZY6V86s0aDYpU7yRyqxC5SbuyNJb02gdxUCgpIscFaMUjMVRml4M4BIjX/b -U+HgHoVMUm8SnN9gRcT2izPrgOGVcMTJjfenzoCKoCPo9RjgGMctgB4DvKamErNU7OrilIfuoqzE -PNSeP9SPw/zkDmNvMebM499We9CVnsHUWqF00/ZJWoua77+0f1bLS/tmci1JBvIcMo/4SJvgH+KF -o0gijP9gqAPd5iCOnpnJlHUqRIym42SmyKEDuzdSwXKjAR6j7uXda39JyMJr8gGzEsu0jYRkAmj1 -YdiqwKXUcLMkcj1AKeU/PxTUVw0YKsv/rowrPYww3xQUWqNivrXB7GCHE3BzsYNdHsmziaGIXQbA -+EBHdkuKrM8BcC+fxhF/l/KUxngsD1E75IcUv8zFDF+sk4CBYHqks9S4JYlcubuizqsILbdGzIMN -Z7w34k0XT+sEggQAyzr8MHeIJGsT+AYnZr08PeTbyr01JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzY -CXrxZcUmuay6/MV8w/f5T6vQXdoSw5puWodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSV -OWSvST0AtAX57fFOTckm+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4Eg -XBLNvOZY9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ40BQD -c6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q53DvKVtXp9Ycam5J -TmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp6B+06HljUwQLBJs9XtCfqH5Zgdz9 -gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/TH68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4 -zVkwsn203bUmKLyz+yl1zItDpn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeD -JJVld3ac6F8+3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w -95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUCQkJyqTeTeGgH -rn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrVuh6V9m7Mpl9hzpogg++EZqah -fzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUt -j2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRI -Ipi+7tX0FsilqEbmjG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRm -hOhGqUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38Bw10ERap -m8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6L7IwJWotIUx8E0XH0/cU -xS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+NtgabrZ6SsKGthGa7eULTpz0McWTLRU0y/ -/tkckpm5pDnXSFbIMskwwjECz82UZBSPpigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9P -O1tQd60EO+3awASCBAAZQvWV3/yJ6FxPttbP+qeURpJoPEZfpN2UYZmd8HqtR0YbaOZ6Rln9nvpd -K9fylXdw9z2xeCbjDWUttJB4VqZxGJM8eCTC1VDVyAOsQ5n7SY55dMkQbU+o4Z/4J5m8+wz50BBI -LfruL1eZ6/CF6CdvxVRiJ10sXc0Tn2sVMXqkw7Adp1GYoCI9c6VFSFK74+n+y7LVFQ5HBnbQyKJc -dvdLOXwZOPaFHC5UNXRmOpcwdPqyXUe+xIsOMYbzdlAnI9eGDNeRDktUa/Rh0CbZCxjmJzoZEYOE -ZjsYZlEfp1Kb61t8z4m28hGLEg88T1Ihmxa2HeUWes1RpmgIOP+/2Lb3smj/l/fpSu4gabFgyCAV -H5HdCYMScUv8SVu55+tpeO8ELoHHQUXV4rr084O4budzhgNSOPyLGDl5sfDUXiyusPCxS4JVO/KY -6V2Qrtg/q2wtmXpEkZnGT+Qi3WDzwt4W81alztnYMP17oGLmxX71KV9OEiMZjI4WaaGt+OOINLtR -qefioZ1NI2L1s5M0tybwTsyU9WERM+3pUwXIfJVsbMZRlNaO2OogcHbaR4UWvhOj+3CTG1sThiYQ -MxMnp1Rpqx3nhyzqLO3TRrkYvxnA3cdPBn9EeqpgBMg7X3hCiMV3Fl5cj/WOMhtHYgY7BgeCXo46 -EFVZ4+WroGZ46xGiRDiIblo8bzLd7QCxvukzxy3mUDgsZQ8pds4N28weSUhBk5MAPbfBpRvXUVJx -MhKqXucQU1Md1qSGLbuuIQuz9pAGp1JFUx/vEkCgm74daSoVWCZuB+1ZE4f48clvrBj51xMNf8CP -EFE7vySzVb6X2H1i5X3Z+Y3DdIcWw4Y2FClfcJk4Mwq8Cq2GALGFEge9YSEE9YmyuU6OFeU0ICon -iXAgZ72SM8fBwJPruLFbdsNYKW+oAfmPisXSWMcZmdSbfk0GYv+vKtu3eegSbWw1UsCVtZOh9E5Z -uQ83l59CBqO9sV/SFU3WrrJ0qNWxrmXu9nJn5Qf5iCRoFGYNHYHkIG5FS6N00GEDZxGkxmro2d++ -Adj5LVHc/b1cYWmrux+jEqI8ZK8cyTB0XMbBA/HYbx9NXazr7znP4/Mlv3pZToEcYt+lgLHAArtU -AdhybhbLIwNMq0gr6EwtDklBa3ns4Wx/rJU8H7LGs6gV8uqeaSketv+nz+sQhfctxZ1rx+5qzXfy -FOQVpO23KDQunBi1Bl9k61Di4q9JWcyADBXPHXJzp7mL8Fk7zdvMAEfuED1phdRm6GgDYoYUs4yQ -IrhSjFlWyk7hT8475xk3BIv++obvWSAv/3+pF6A6U2RXDChVmnG0JnPa9wYYtdzBmLfZKBjX+DjD -yEMsuhPsCzuN4R6tBIIBWCVRKmKwdkatmpsQBgDw48u0/Arffl5/DRlS9ee+QffFecUitDdCK+kt -X5L2fGYrL5g6SltncMIeV1ptx4nuSjC/O944q1KYtqvQiPFWJqEXIRMNbbYOC47sjLza0tEFrimN -wxcrWGSzsy5R9beFQ1aHPcMrDWfCoviNRk2qPtxuKIC5Qk2ZuOmJLjCiLwUGEb0/1Mpzv3MqQa7d -mRayXg3DZWJPajxNZv6eS357ElMvwGQmqafb2mlQJwWLsg9m9PG7uqEoyrqSc6MiuY+icLEFib9j -OfRQrx70rTSKUfTr4MtP0aZZAefjCrpVIyTekhFDOk0Nmx057eonlyGgmGpl5/Uo+t1J1Z11Ya/l -bNbfmebRISJeTVW0I8FhseAZMI1GSwp/ludJxSLYOgyRkh+GX134MexNo7O9F1SxLCfWaSG9Fc3s -5ify04ua9/t8SGrYZPm/l3MkAAAAAAAAAAAAAA== - - diff --git a/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem b/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem deleted file mode 100644 index 55dbd8f8..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem +++ /dev/null @@ -1,106 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIITUAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQKOxxpIbRTb31+qIQCBOpMVAGnwCLrPO -OXnntxVveTrPhBnsJuoGNJcCMtuHl7tLkd38WsVwOfGXUprTqFpUcY8wgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKzIddnXFqK/RRBG86ZVixoXfwAv -ZdfvnDFsKzPn/A6DuDdE/hqJxnFpHiwGiDR/YbWj2ib+G74DSshgX8vj8ZQwghGD -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECLKM0K58I3HNgIIRWBDP8s+g -l7/6JhZ5PBJ5vPpD1R4pnNDZRabsYu0Qzezdz1IK+maTAhF0SEuNZoEkzIgOIvu3 -UjW8x/2KcHwteABwgRiSk1JyNLwRED0RtvuJ40pIGDvDsHwBMcXEtKUMAOpGChms -HUK1+B/GKancSDFOCeG3JCFnFdbuQFDIVHC6amWslc6ntqVs/sii2Gs4qdzDfQgl -PV/A/FY0wi0j2O5cXRQJtZVKM/MYGjj5c1cy9Q7oymU5ATP/LARD0Tw5kBB7HVnD -2qrmmmxcHakyxhXmwskaKS6Qxgqq6LPdgr603onxqEtwNSz5UbCq9mLXuCkFOVsQ -/5mZcmmc7re3XJMQHRXkBlxEpZQ6HOUIEzlhRqCo2hhymyZK84rptjORQo6vNakM -IC0Zn8O+6Xl1NlmbGzZakz6LJ4dczE7eG7LwrVus9Oq3V/WweG6rWMPV5d51oKMi -BRb2pXXy80BAKh/9hvpP/V/HO1/+MPuk8tAn7ssmQoIAQcZxqLOmgqqFhy21oSEu -rUY746Gp/vIV6Ax1MnfDA/fbjDllhJTl8ujZnfj8R1/oQa9fJMipV8CYQEAt3okZ -V03kaVhhPGsv544/zRnhqjhgqjHASZGnluZCxDwHb1CE4UqYLp6IbkH3qosy2ntm -a7WCsM3FN3o5dKFZXBgBEPT8HU9LLQ8B+T0Zvh8CQ719kkNBhnuzSYzmI48R5JHv -zbROiU5v4p9FpssD13vXiOxzaMTKQqWk/roGHiNoKzKonS5RBwTxKfOsoCobCBaI -IZCmJNr4cGI/p5GVEY4pCPljTq9w3HoiNrhwZ7r7II3wdXy0JjSiRkr3w1AKXm3v -1H9kHZzc28Ekf7+De6VTjyKRPe1WYPETeY5mh9nIYUQz30/5gIxJwsPFOXeHMbLR -iQjxTznk/uo4BtwV+HZPmf4tIQvAuFuTKYR9lP3XsZZN+bKkFYy8nHRYd4OErBBg -93NsqBYROdzJ4pqxoJb6gt2EHCt3pazavgwDxzCJhcMtvBiYLEkDxUX77yS5sXYc -k6NLIwFL5BPY9JX/QP1RaiJV+TtHg69YElW+rudX6VdLQ7mKCMTHGWbHU5oF+Dv4 -Kv8xsrjNU2spImfzY2coq3osLpFpOa8VhrLSwMXFDtej5OHq0M0qYpYm3op6B+Nz -6pNYlMpveQv5Qjy9LTNMvLX4z+tnh6Siz8mJLmtghwCzC+DnyQGCn/Stzq6kF5aM -Fork7RosB4FB8u6WjVrFZfTg5JUqZh6gCW3JHpQ70wTdpy6tDKDtNrbjKo7CGL8+ -shoSI7t2xa8W3OyyFXMEuJzTY2UCQ+QxTOWI9idkdZCCUMBXEvkraqG8rU4UKRCk -iAGwEMzophEv+aSyJfdu6yJGjd+/wUCHMS3EmtOWHwtB5d5sVhErdQNA+JQN+wPU -vBG2Jg3wGJTHNNx4WRnWRLWsH6SRcgx8zWXHjVgXIep8XjWQmOGBXbG87hktESqc -DQPUv3MzieKfcpgQsboRnqSN1DymwvAu+PVsMNf8DHQKLdZ/iuzPzwRkfIVpmh+U -ku1N8jMAAdX6tjQ48eLq/lJvjHJUnTdNTA18xhDvngKNaXQGPOO/dt+JfHQdmFQI -WdWZSeCpm6jCiaxiV50FBGEuv3Ew0Y7FKHLKFu7hoNXIthoh2qo5ZH6QX4nt0nYR -VvyvIcAB9BwC7OeqBTeusFJD/wGiQD3yFDYUekaRys2fcwguNqAdpjWsEETJxREw -ZdbP0sDMSykae4wHyrODWcUmOiPc/9nU6c0t7bBzI8VQ7sZKJb0TVgSCxDHi9Qgb -4qdh4ZqFMP0s+TQ4Ms5NWkC1eg0DSdkWSzGQ0QrUsGUgbupYYUoEyRmsz9PjW6l1 -wuWkE66qxSHFsg18/gA5XpLM82DP4EmkEwgC08Hww2lPRJN8VYFvlwbRMbSd1PtA -Dd5dI/Oq1CHSL6enlncVkKr/S7aaKKyjAyn1HOT2FdPWdSYLE+F+dWc6vu+JeXc+ -7nSDO1DW3U6ZkZvTw4901GxgrzUfYajhBky25L29WUduGoerhkZds5wduSKQwBkY -TUW/YrP6Ttrbx8B0wzDo64L2Rv6Tb14ElMc9KUY1I1yHKgXtl9oHEH3mpa/IGO+q -PN1hBi+jg68lfb00FR7edvos4KWKAWWlZaYKm2ZeeHPjhNGcX/UcF8A23GLuSruR -NDDy9KlI3NMtvmOhOD+WwFmmRjBk/jkZMlVM3GlpjP/l5TuzxEecK1pQiDGQl9S/ -574qGNKtAiqgC5+wyUFPqnp28K2+rsEu7jWWOlfOrNGg2KVO8kcqsQuUm7sjSW9N -oHcVAoKSLHBWjFIzFUZpeDOASI1/21Ph4B6FTFJvEpzfYEXE9osz64DhlXDEyY33 -p86AiqAj6PUY4BjHLYAeA7ymphKzVOzq4pSH7qKsxDzUnj/Uj8P85A5jbzHmzOPf -VnvQlZ7B1FqhdNP2SVqLmu+/tH9Wy0v7ZnItSQbyHDKP+Eib4B/ihaNIIoz/YKgD -3eYgjp6ZyZR1KkSMpuNkpsihA7s3UsFyowEeo+7l3Wt/ScjCa/IBsxLLtI2EZAJo -9WHYqsCl1HCzJHI9QCnlPz8U1FcNGCrL/66MKz2MMN8UFFqjYr61wexghxNwc7GD -XR7Js4mhiF0GwPhAR3ZLiqzPAXAvn8YRf5fylMZ4LA9RO+SHFL/MxQxfrJOAgWB6 -pLPUuCWJXLm7os6rCC23RsyDDWe8N+JNF0/ryzr8MHeIJGsT+AYnZr08PeTbyr01 -JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzYCXrxZcUmuay6/MV8w/f5T6vQXdoSw5pu -WodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSVOWSvST0AtAX57fFOTckm -+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4EgXBLNvOZY -9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ4 -0BQDc6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q -53DvKVtXp9Ycam5JTmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp -6B+06HljUwQLBJs9XtCfqH5Zgdz9gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/T -H68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4zVkwsn203bUmKLyz+yl1zItD -pn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeDJJVld3ac6F8+ -3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w -95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUC -QkJyqTeTeGgHrn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrV -uh6V9m7Mpl9hzpogg++EZqahfzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6 -M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUtj2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4 -EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRIIpi+7tX0FsilqEbm -jG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRmhOhG -qUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38 -Bw10ERapm8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6 -L7IwJWotIUx8E0XH0/cUxS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+Nt -gabrZ6SsKGthGa7eULTpz0McWTLRU0y//tkckpm5pDnXSFbIMskwwjECz82UZBSP -pigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9PO1tQd60EO+3awBlC9ZXf -/InoXE+21s/6p5RGkmg8Rl+k3ZRhmZ3weq1HRhto5npGWf2e+l0r1/KVd3D3PbF4 -JuMNZS20kHhWpnEYkzx4JMLVUNXIA6xDmftJjnl0yRBtT6jhn/gnmbz7DPnQEEgt -+u4vV5nr8IXoJ2/FVGInXSxdzROfaxUxeqTDsB2nUZigIj1zpUVIUrvj6f7LstUV -DkcGdtDIolx290s5fBk49oUcLlQ1dGY6lzB0+rJdR77Eiw4xhvN2UCcj14YM15EO -S1Rr9GHQJtkLGOYnOhkRg4RmOxhmUR+nUpvrW3zPibbyEYsSDzxPUiGbFrYd5RZ6 -zVGmaAg4/7/YtveyaP+X9+lK7iBpsWDIIBUfkd0JgxJxS/xJW7nn62l47wQugcdB -RdXiuvTzg7hu53OGA1I4/IsYOXmx8NReLK6w8LFLglU78pjpXZCu2D+rbC2ZekSR -mcZP5CLdYPPC3hbzVqXO2dgw/XugYubFfvUpX04SIxmMjhZpoa3444g0u1Gp5+Kh -nU0jYvWzkzS3JvBOzJT1YREz7elTBch8lWxsxlGU1o7Y6iBwdtpHhRa+E6P7cJMb -WxOGJhAzEyenVGmrHeeHLOos7dNGuRi/GcDdx08Gf0R6qmAEyDtfeEKIxXcWXlyP -9Y4yG0diBjsGB4JejjoQVVnj5augZnjrEaJEOIhuWjxvMt3tALG+6TPHLeZQOCxl -Dyl2zg3bzB5JSEGTkwA9t8GlG9dRUnEyEqpe5xBTUx3WpIYtu64hC7P2kAanUkVT -H+8SQKCbvh1pKhVYJm4H7VkTh/jxyW+sGPnXEw1/wI8QUTu/JLNVvpfYfWLlfdn5 -jcN0hxbDhjYUKV9wmTgzCrwKrYYAsYUSB71hIQT1ibK5To4V5TQgKieJcCBnvZIz -x8HAk+u4sVt2w1gpb6gB+Y+KxdJYxxmZ1Jt+TQZi/68q27d56BJtbDVSwJW1k6H0 -Tlm5DzeXn0IGo72xX9IVTdausnSo1bGuZe72cmflB/mIJGgUZg0dgeQgbkVLo3TQ -YQNnEaTGaujZ374B2PktUdz9vVxhaau7H6MSojxkrxzJMHRcxsED8dhvH01drOvv -Oc/j8yW/ellOgRxi36WAscACu1QB2HJuFssjA0yrSCvoTC0OSUFreezhbH+slTwf -ssazqBXy6p5pKR62/6fP6xCF9y3FnWvH7mrNd/IU5BWk7bcoNC6cGLUGX2TrUOLi -r0lZzIAMFc8dcnOnuYvwWTvN28wAR+4QPWmF1GboaANihhSzjJAiuFKMWVbKTuFP -zjvnGTcEi/76hu9ZIC//f6kXoDpTZFcMKFWacbQmc9r3Bhi13MGYt9koGNf4OMPI -Qyy6E+wLO43hHq0lUSpisHZGrZqbEAYA8OPLtPwK335efw0ZUvXnvkH3xXnFIrQ3 -QivpLV+S9nxmKy+YOkpbZ3DCHldabceJ7kowvzveOKtSmLar0IjxViahFyETDW22 -DguO7Iy82tLRBa4pjcMXK1hks7MuUfW3hUNWhz3DKw1nwqL4jUZNqj7cbiiAuUJN -mbjpiS4woi8FBhG9P9TKc79zKkGu3ZkWsl4Nw2ViT2o8TWb+nkt+exJTL8BkJqmn -29ppUCcFi7IPZvTxu7qhKMq6knOjIrmPonCxBYm/Yzn0UK8e9K00ilH06+DLT9Gm -WQHn4wq6VSMk3pIRQzpNDZsdOe3qJ5choJhqZef1KPrdSdWddWGv5WzW35nm0SEi -Xk1VtCPBYbHgGTCNRksKf5bnScUi2DoMkZIfhl9d+DHsTaOzvRdUsSwn1mkhvRXN -7OYn8tOLmvf7fEhq2GT5v5dzJAAAAAA= ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/nav-smime b/app/openssl/crypto/pkcs7/t/nav-smime deleted file mode 100644 index 6ee4b597..00000000 --- a/app/openssl/crypto/pkcs7/t/nav-smime +++ /dev/null @@ -1,157 +0,0 @@ -From angela@c2.net.au Thu May 14 13:32:27 1998 -X-UIDL: 83c94dd550e54329bf9571b72038b8c8 -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27838 for ; Thu, 14 May 1998 13:32:26 +1000 (EST) -Message-ID: <355A6779.4B63E64C@cryptsoft.com> -Date: Thu, 14 May 1998 13:39:37 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: signed -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms9A58844C95949ECC78A1C54C" -Content-Length: 2604 -Status: OR - -This is a cryptographically signed message in MIME format. - ---------------ms9A58844C95949ECC78A1C54C -Content-Type: text/plain; charset=us-ascii -Content-Transfer-Encoding: 7bit - -signed body - ---------------ms9A58844C95949ECC78A1C54C -Content-Type: application/x-pkcs7-signature; name="smime.p7s" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7s" -Content-Description: S/MIME Cryptographic Signature - -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ---------------ms9A58844C95949ECC78A1C54C-- - - -From angela@c2.net.au Thu May 14 13:33:16 1998 -X-UIDL: 8f076c44ff7c5967fd5b00c4588a8731 -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27847 for ; Thu, 14 May 1998 13:33:15 +1000 (EST) -Message-ID: <355A67AB.2AF38806@cryptsoft.com> -Date: Thu, 14 May 1998 13:40:27 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: signed -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------msD7863B84BD61E02C407F2F5E" -Content-Length: 2679 -Status: OR - -This is a cryptographically signed message in MIME format. - ---------------msD7863B84BD61E02C407F2F5E -Content-Type: text/plain; charset=us-ascii -Content-Transfer-Encoding: 7bit - -signed body 2 - ---------------msD7863B84BD61E02C407F2F5E -Content-Type: application/x-pkcs7-signature; name="smime.p7s" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7s" -Content-Description: S/MIME Cryptographic Signature - -MIIGVgYJKoZIhvcNAQcCoIIGRzCCBkMCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggGzMIIBrwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN -AQkFMQ8XDTk4MDUxNDAzNDAyN1owIwYJKoZIhvcNAQkEMRYEFOKcV8mNYJnM8rHQajcSEqJN -rwdDMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsO -AwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEADPE/N -coH+zTFuX5YpolupTKxKK8eEjc48TuADuO8bIHHDE/fEYaWunlwDuTlcFJl1ig0idffPB1qC -Zp8SSVVY ---------------msD7863B84BD61E02C407F2F5E-- - - -From angela@c2.net.au Thu May 14 14:05:32 1998 -X-UIDL: a7d629b4b9acacaee8b39371b860a32a -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id OAA28033 for ; Thu, 14 May 1998 14:05:32 +1000 (EST) -Message-ID: <355A6F3B.AC385981@cryptsoft.com> -Date: Thu, 14 May 1998 14:12:43 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: encrypted -Content-Type: application/x-pkcs7-mime; name="smime.p7m" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7m" -Content-Description: S/MIME Encrypted Message -Content-Length: 905 -Status: OR - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEA92N29Yk39RUY2tIVd -exGT2MFX3J6H8LB8aDRJjw7843ALgJ5zXpM5+f80QkAWwEN2A6Pl3VxiCeKLi435zXVyMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0G -CSqGSIb3DQEBAQUABECR9IfyHtvnjFmZ8B2oUCEs1vxMsG0u1kxKE4RMPFyDqDCEARq7zXMg -nzSUI7Wgv5USSKDqcLRJeW+jvYURv/nJMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIrLqrij2ZMpeggAQoibtn6reRZWuWk5Iv5IAhgitr8EYE4w4ySQ7EMB6mTlBoFpccUMWX -BwQgQn1UoWCvYAlhDzURdbui64Dc0rS2wtj+kE/InS6y25EEEPe4NUKaF8/UlE+lo3LtILQE -CL3uV8k7m0iqAAAAAAAAAAAAAA== - diff --git a/app/openssl/crypto/pkcs7/t/s.pem b/app/openssl/crypto/pkcs7/t/s.pem deleted file mode 100644 index 4fa925b1..00000000 --- a/app/openssl/crypto/pkcs7/t/s.pem +++ /dev/null @@ -1,57 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - diff --git a/app/openssl/crypto/pkcs7/t/server.pem b/app/openssl/crypto/pkcs7/t/server.pem deleted file mode 100644 index 989baf87..00000000 --- a/app/openssl/crypto/pkcs7/t/server.pem +++ /dev/null @@ -1,57 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/verify.c b/app/openssl/crypto/pkcs7/verify.c deleted file mode 100644 index b40f2603..00000000 --- a/app/openssl/crypto/pkcs7/verify.c +++ /dev/null @@ -1,263 +0,0 @@ -/* crypto/pkcs7/verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include -#include -#include "example.h" - -int verify_callback(int ok, X509_STORE_CTX *ctx); - -BIO *bio_err=NULL; -BIO *bio_out=NULL; - -int main(argc,argv) -int argc; -char *argv[]; - { - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - X509_STORE *cert_store=NULL; - BIO *data,*detached=NULL,*p7bio=NULL; - char buf[1024*4]; - char *pp; - int i,printit=0; - STACK_OF(PKCS7_SIGNER_INFO) *sk; - - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); -#ifndef OPENSSL_NO_MD2 - EVP_add_digest(EVP_md2()); -#endif -#ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); -#endif -#ifndef OPENSSL_NO_SHA1 - EVP_add_digest(EVP_sha1()); -#endif -#ifndef OPENSSL_NO_MDC2 - EVP_add_digest(EVP_mdc2()); -#endif - - data=BIO_new(BIO_s_file()); - - pp=NULL; - while (argc > 1) - { - argc--; - argv++; - if (strcmp(argv[0],"-p") == 0) - { - printit=1; - } - else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2)) - { - detached=BIO_new(BIO_s_file()); - if (!BIO_read_filename(detached,argv[1])) - goto err; - argc--; - argv++; - } - else - { - pp=argv[0]; - if (!BIO_read_filename(data,argv[0])) - goto err; - } - } - - if (pp == NULL) - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - - /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; - - /* This stuff is being setup for certificate verification. - * When using SSL, it could be replaced with a - * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */ - cert_store=X509_STORE_new(); - X509_STORE_set_default_paths(cert_store); - X509_STORE_load_locations(cert_store,NULL,"../../certs"); - X509_STORE_set_verify_cb_func(cert_store,verify_callback); - - ERR_clear_error(); - - /* We need to process the data */ - if ((PKCS7_get_detached(p7) || detached)) - { - if (detached == NULL) - { - printf("no data to verify the signature on\n"); - exit(1); - } - else - p7bio=PKCS7_dataInit(p7,detached); - } - else - { - p7bio=PKCS7_dataInit(p7,NULL); - } - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) - { - i=BIO_read(p7bio,buf,sizeof(buf)); - /* print it? */ - if (i <= 0) break; - } - - /* We can now verify signatures */ - sk=PKCS7_get_signer_info(p7); - if (sk == NULL) - { - printf("there are no signatures on this data\n"); - exit(1); - } - - /* Ok, first we need to, for each subject entry, see if we can verify */ - for (i=0; ierror) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); - BIO_printf(bio_err,"issuer= %s\n",buf); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err,"notBefore="); - ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err,"notAfter="); - ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - } - BIO_printf(bio_err,"verify return:%d\n",ok); - return(ok); - } diff --git a/app/openssl/crypto/pqueue/pqueue.h b/app/openssl/crypto/pqueue/pqueue.h index 87fc9037..26b53480 100644 --- a/app/openssl/crypto/pqueue/pqueue.h +++ b/app/openssl/crypto/pqueue/pqueue.h @@ -64,6 +64,9 @@ #include #include +#ifdef __cplusplus +extern "C" { +#endif typedef struct _pqueue *pqueue; typedef struct _pitem @@ -91,4 +94,7 @@ pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); int pqueue_size(pqueue pq); +#ifdef __cplusplus +} +#endif #endif /* ! HEADER_PQUEUE_H */ diff --git a/app/openssl/crypto/rand/md_rand.c b/app/openssl/crypto/rand/md_rand.c index aee1c30b..888b4eb8 100644 --- a/app/openssl/crypto/rand/md_rand.c +++ b/app/openssl/crypto/rand/md_rand.c @@ -159,7 +159,6 @@ const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, double add_entropy); -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo); static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_status(void); @@ -334,7 +333,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, (double)num); } -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) { static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; @@ -383,10 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) * are fed into the hash function and the results are kept in the * global 'md'. */ -#ifdef OPENSSL_FIPS - /* NB: in FIPS mode we are already under a lock */ - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ @@ -466,9 +462,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) @@ -521,15 +515,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) MD_Init(&m); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,local_md,MD_DIGEST_LENGTH); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Final(&m,md); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); EVP_MD_CTX_cleanup(&m); @@ -548,14 +538,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 0); + return ssleay_rand_bytes(buf, num, 0, 1); } /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 1); + return ssleay_rand_bytes(buf, num, 1, 1); } static int ssleay_rand_status(void) diff --git a/app/openssl/crypto/rand/rand_lcl.h b/app/openssl/crypto/rand/rand_lcl.h index 618a8ec8..0fabf8dc 100644 --- a/app/openssl/crypto/rand/rand_lcl.h +++ b/app/openssl/crypto/rand/rand_lcl.h @@ -154,5 +154,6 @@ #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock); #endif diff --git a/app/openssl/crypto/rand/rand_lib.c b/app/openssl/crypto/rand/rand_lib.c index 5ac0e14c..239a1cde 100644 --- a/app/openssl/crypto/rand/rand_lib.c +++ b/app/openssl/crypto/rand/rand_lib.c @@ -68,6 +68,7 @@ #ifdef OPENSSL_FIPS #include #include +#include "rand_lcl.h" #endif #ifndef OPENSSL_NO_ENGINE @@ -199,7 +200,7 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, *pout = OPENSSL_malloc(min_len); if (!*pout) return 0; - if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) + if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) { OPENSSL_free(*pout); *pout = NULL; diff --git a/app/openssl/crypto/rand/randfile.c b/app/openssl/crypto/rand/randfile.c index 7f142807..14ba69d4 100644 --- a/app/openssl/crypto/rand/randfile.c +++ b/app/openssl/crypto/rand/randfile.c @@ -79,6 +79,7 @@ #endif #ifndef OPENSSL_NO_POSIX_IO # include +# include #endif #ifdef _WIN32 diff --git a/app/openssl/crypto/rsa/rsa.h b/app/openssl/crypto/rsa/rsa.h index 5f269e57..11853fee 100644 --- a/app/openssl/crypto/rsa/rsa.h +++ b/app/openssl/crypto/rsa/rsa.h @@ -559,6 +559,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 +#define RSA_R_PKCS_DECODING_ERROR 159 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 diff --git a/app/openssl/crypto/rsa/rsa_eay.c b/app/openssl/crypto/rsa/rsa_eay.c index 88ee2cb5..aa810459 100644 --- a/app/openssl/crypto/rsa/rsa_eay.c +++ b/app/openssl/crypto/rsa/rsa_eay.c @@ -459,7 +459,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (padding == RSA_X931_PADDING) { BN_sub(f, rsa->n, ret); - if (BN_cmp(ret, f)) + if (BN_cmp(ret, f) > 0) res = f; else res = ret; diff --git a/app/openssl/crypto/rsa/rsa_err.c b/app/openssl/crypto/rsa/rsa_err.c index 46e0bf99..9da79d92 100644 --- a/app/openssl/crypto/rsa/rsa_err.c +++ b/app/openssl/crypto/rsa/rsa_err.c @@ -175,6 +175,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, +{ERR_REASON(RSA_R_PKCS_DECODING_ERROR) ,"pkcs decoding error"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"}, diff --git a/app/openssl/crypto/rsa/rsa_oaep.c b/app/openssl/crypto/rsa/rsa_oaep.c index af4d24a5..c3633319 100644 --- a/app/openssl/crypto/rsa/rsa_oaep.c +++ b/app/openssl/crypto/rsa/rsa_oaep.c @@ -18,6 +18,7 @@ * an equivalent notion. */ +#include "constant_time_locl.h" #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) #include @@ -95,92 +96,117 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, int num, const unsigned char *param, int plen) { - int i, dblen, mlen = -1; - const unsigned char *maskeddb; - int lzero; - unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; - unsigned char *padded_from; - int bad = 0; - - if (--num < 2 * SHA_DIGEST_LENGTH + 1) - /* 'num' is the length of the modulus, i.e. does not depend on the - * particular ciphertext. */ - goto decoding_err; + int i, dblen, mlen = -1, one_index = 0, msg_index; + unsigned int good, found_one_byte; + const unsigned char *maskedseed, *maskeddb; + /* |em| is the encoded message, zero-padded to exactly |num| bytes: + * em = Y || maskedSeed || maskedDB */ + unsigned char *db = NULL, *em = NULL, seed[EVP_MAX_MD_SIZE], + phash[EVP_MAX_MD_SIZE]; - lzero = num - flen; - if (lzero < 0) - { - /* signalling this error immediately after detection might allow - * for side-channel attacks (e.g. timing if 'plen' is huge - * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal - * Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001), - * so we use a 'bad' flag */ - bad = 1; - lzero = 0; - flen = num; /* don't overflow the memcpy to padded_from */ - } + if (tlen <= 0 || flen <= 0) + return -1; - dblen = num - SHA_DIGEST_LENGTH; - db = OPENSSL_malloc(dblen + num); - if (db == NULL) + /* + * |num| is the length of the modulus; |flen| is the length of the + * encoded message. Therefore, for any |from| that was obtained by + * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, + * num < 2 * SHA_DIGEST_LENGTH + 2 must hold for the modulus + * irrespective of the ciphertext, see PKCS #1 v2.2, section 7.1.2. + * This does not leak any side-channel information. + */ + if (num < flen || num < 2 * SHA_DIGEST_LENGTH + 2) + goto decoding_err; + + dblen = num - SHA_DIGEST_LENGTH - 1; + db = OPENSSL_malloc(dblen); + em = OPENSSL_malloc(num); + if (db == NULL || em == NULL) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return -1; + goto cleanup; } - /* Always do this zero-padding copy (even when lzero == 0) - * to avoid leaking timing info about the value of lzero. */ - padded_from = db + dblen; - memset(padded_from, 0, lzero); - memcpy(padded_from + lzero, from, flen); + /* + * Always do this zero-padding copy (even when num == flen) to avoid + * leaking that information. The copy still leaks some side-channel + * information, but it's impossible to have a fixed memory access + * pattern since we can't read out of the bounds of |from|. + * + * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL. + */ + memset(em, 0, num); + memcpy(em + num - flen, from, flen); - maskeddb = padded_from + SHA_DIGEST_LENGTH; + /* + * The first byte must be zero, however we must not leak if this is + * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA + * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). + */ + good = constant_time_is_zero(em[0]); + + maskedseed = em + 1; + maskeddb = em + 1 + SHA_DIGEST_LENGTH; if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen)) - return -1; + goto cleanup; for (i = 0; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= padded_from[i]; - + seed[i] ^= maskedseed[i]; + if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH)) - return -1; + goto cleanup; for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL)) - return -1; + goto cleanup; + + good &= constant_time_is_zero(CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH)); - if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) + found_one_byte = 0; + for (i = SHA_DIGEST_LENGTH; i < dblen; i++) + { + /* Padding consists of a number of 0-bytes, followed by a 1. */ + unsigned int equals1 = constant_time_eq(db[i], 1); + unsigned int equals0 = constant_time_is_zero(db[i]); + one_index = constant_time_select_int(~found_one_byte & equals1, + i, one_index); + found_one_byte |= equals1; + good &= (found_one_byte | equals0); + } + + good &= found_one_byte; + + /* + * At this point |good| is zero unless the plaintext was valid, + * so plaintext-awareness ensures timing side-channels are no longer a + * concern. + */ + if (!good) goto decoding_err; + + msg_index = one_index + 1; + mlen = dblen - msg_index; + + if (tlen < mlen) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); + mlen = -1; + } else { - for (i = SHA_DIGEST_LENGTH; i < dblen; i++) - if (db[i] != 0x00) - break; - if (i == dblen || db[i] != 0x01) - goto decoding_err; - else - { - /* everything looks OK */ - - mlen = dblen - ++i; - if (tlen < mlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); - mlen = -1; - } - else - memcpy(to, db + i, mlen); - } + memcpy(to, db + msg_index, mlen); + goto cleanup; } - OPENSSL_free(db); - return mlen; decoding_err: - /* to avoid chosen ciphertext attacks, the error message should not reveal - * which kind of decoding error happened */ + /* To avoid chosen ciphertext attacks, the error message should not reveal + * which kind of decoding error happened. */ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); +cleanup: if (db != NULL) OPENSSL_free(db); - return -1; + if (em != NULL) OPENSSL_free(em); + return mlen; } int PKCS1_MGF1(unsigned char *mask, long len, diff --git a/app/openssl/crypto/rsa/rsa_pk1.c b/app/openssl/crypto/rsa/rsa_pk1.c index 8560755f..c2da56f6 100644 --- a/app/openssl/crypto/rsa/rsa_pk1.c +++ b/app/openssl/crypto/rsa/rsa_pk1.c @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +#include "constant_time_locl.h" + #include #include "cryptlib.h" #include @@ -181,44 +183,87 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen, int num) { - int i,j; - const unsigned char *p; + int i; + /* |em| is the encoded message, zero-padded to exactly |num| bytes */ + unsigned char *em = NULL; + unsigned int good, found_zero_byte; + int zero_index = 0, msg_index, mlen = -1; - p=from; - if ((num != (flen+1)) || (*(p++) != 02)) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02); - return(-1); - } -#ifdef PKCS1_CHECK - return(num-11); -#endif + if (tlen < 0 || flen < 0) + return -1; - /* scan over padding data */ - j=flen-1; /* one for type. */ - for (i=0; i num) + goto err; + + if (num < 11) + goto err; + + em = OPENSSL_malloc(num); + if (em == NULL) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING); - return(-1); + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, ERR_R_MALLOC_FAILURE); + return -1; } + memset(em, 0, num); + /* + * Always do this zero-padding copy (even when num == flen) to avoid + * leaking that information. The copy still leaks some side-channel + * information, but it's impossible to have a fixed memory access + * pattern since we can't read out of the bounds of |from|. + * + * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL. + */ + memcpy(em + num - flen, from, flen); - if (i < 8) + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); + + found_zero_byte = 0; + for (i = 2; i < num; i++) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT); - return(-1); + unsigned int equals0 = constant_time_is_zero(em[i]); + zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); + found_zero_byte |= equals0; } - i++; /* Skip over the '\0' */ - j-=i; - if (j > tlen) + + /* + * PS must be at least 8 bytes long, and it starts two bytes into |em|. + * If we never found a 0-byte, then |zero_index| is 0 and the check + * also fails. + */ + good &= constant_time_ge((unsigned int)(zero_index), 2 + 8); + + /* Skip the zero byte. This is incorrect if we never found a zero-byte + * but in this case we also do not copy the message out. */ + msg_index = zero_index + 1; + mlen = num - msg_index; + + /* For good measure, do this check in constant time as well; it could + * leak something if |tlen| was assuming valid padding. */ + good &= constant_time_ge((unsigned int)(tlen), (unsigned int)(mlen)); + + /* + * We can't continue in constant-time because we need to copy the result + * and we cannot fake its length. This unavoidably leaks timing + * information at the API boundary. + * TODO(emilia): this could be addressed at the call site, + * see BoringSSL commit 0aa0767340baf925bda4804882aab0cb974b2d26. + */ + if (!good) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE); - return(-1); + mlen = -1; + goto err; } - memcpy(to,p,(unsigned int)j); - return(j); - } + memcpy(to, em + msg_index, mlen); +err: + if (em != NULL) + OPENSSL_free(em); + if (mlen == -1) + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, RSA_R_PKCS_DECODING_ERROR); + return mlen; + } diff --git a/app/openssl/crypto/rsa/rsa_sign.c b/app/openssl/crypto/rsa/rsa_sign.c index b6f6037a..225bcfe2 100644 --- a/app/openssl/crypto/rsa/rsa_sign.c +++ b/app/openssl/crypto/rsa/rsa_sign.c @@ -151,6 +151,25 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return(ret); } +/* + * Check DigestInfo structure does not contain extraneous data by reencoding + * using DER and checking encoding against original. + */ +static int rsa_check_digestinfo(X509_SIG *sig, const unsigned char *dinfo, int dinfolen) + { + unsigned char *der = NULL; + int derlen; + int ret = 0; + derlen = i2d_X509_SIG(sig, &der); + if (derlen <= 0) + return 0; + if (derlen == dinfolen && !memcmp(dinfo, der, derlen)) + ret = 1; + OPENSSL_cleanse(der, derlen); + OPENSSL_free(der); + return ret; + } + int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, @@ -228,7 +247,7 @@ int int_rsa_verify(int dtype, const unsigned char *m, if (sig == NULL) goto err; /* Excess data can be used to create forgeries */ - if(p != s+i) + if(p != s+i || !rsa_check_digestinfo(sig, s, i)) { RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; diff --git a/app/openssl/crypto/srp/srp_lib.c b/app/openssl/crypto/srp/srp_lib.c index 7c1dcc51..83d417a3 100644 --- a/app/openssl/crypto/srp/srp_lib.c +++ b/app/openssl/crypto/srp/srp_lib.c @@ -89,6 +89,9 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) int longg ; int longN = BN_num_bytes(N); + if (BN_ucmp(g, N) >= 0) + return NULL; + if ((tmp = OPENSSL_malloc(longN)) == NULL) return NULL; BN_bn2bin(N,tmp) ; @@ -121,6 +124,9 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) if ((A == NULL) ||(B == NULL) || (N == NULL)) return NULL; + if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0) + return NULL; + longN= BN_num_bytes(N); if ((cAB = OPENSSL_malloc(2*longN)) == NULL) diff --git a/app/openssl/crypto/stack/safestack.h b/app/openssl/crypto/stack/safestack.h index ea3aa0d8..bc194cb2 100644 --- a/app/openssl/crypto/stack/safestack.h +++ b/app/openssl/crypto/stack/safestack.h @@ -57,6 +57,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + #ifndef CHECKED_PTR_OF #define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) @@ -2660,4 +2664,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) /* End of util/mkstack.pl block, you may now edit :-) */ + +#ifdef __cplusplus +} +#endif #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/app/openssl/crypto/ui/ui_lib.c b/app/openssl/crypto/ui/ui_lib.c index a8abc270..167da002 100644 --- a/app/openssl/crypto/ui/ui_lib.c +++ b/app/openssl/crypto/ui/ui_lib.c @@ -916,9 +916,9 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result) break; } } + } default: break; } - } return 0; } diff --git a/app/openssl/e_os.h b/app/openssl/e_os.h index 6a0aad1d..733155e4 100644 --- a/app/openssl/e_os.h +++ b/app/openssl/e_os.h @@ -373,7 +373,16 @@ static unsigned int _strlen31(const char *str) # define check_winnt() (1) #else # define check_winnt() (GetVersion() < 0x80000000) -#endif +#endif + +/* + * Visual Studio: inline is available in C++ only, however + * __inline is available for C, see + * http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx + */ +#if defined(_MSC_VER) && !defined(__cplusplus) && !defined(inline) +# define inline __inline +#endif #else /* The non-microsoft world */ @@ -738,4 +747,3 @@ struct servent *getservbyname(const char *name, const char *proto); #endif #endif - diff --git a/app/openssl/flavor.mk b/app/openssl/flavor.mk new file mode 100644 index 00000000..f32fe41a --- /dev/null +++ b/app/openssl/flavor.mk @@ -0,0 +1,4 @@ +# This makefile exists to be included by makefiles in other directories so that +# they can detect whether BoringSSL or OpenSSL is being used. + +OPENSSL_FLAVOR=OpenSSL diff --git a/app/openssl/import_openssl.sh b/app/openssl/import_openssl.sh index f16596bc..dc4049ca 100755 --- a/app/openssl/import_openssl.sh +++ b/app/openssl/import_openssl.sh @@ -439,6 +439,9 @@ LOCAL_ADDITIONAL_DEPENDENCIES += \$(LOCAL_PATH)/$(basename $output) print_vardef_with_prefix_in_mk common_c_includes external/openssl/ $common_includes for arch in $all_archs; do + arch_clang_asflags=$(var_sorted_value OPENSSL_${prefix}_CLANG_ASFLAGS_${arch}) + print_vardef_in_mk ${arch}_clang_asflags $arch_clang_asflags + arch_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES_${arch}) print_defines_in_mk ${arch}_cflags $arch_defines @@ -457,7 +460,8 @@ LOCAL_C_INCLUDES += \$(common_c_includes)" for arch in $all_archs; do echo " LOCAL_SRC_FILES_${arch} += \$(filter-out \$(${arch}_exclude_files),\$(common_src_files) \$(${arch}_src_files)) -LOCAL_CFLAGS_${arch} += \$(${arch}_cflags)" +LOCAL_CFLAGS_${arch} += \$(${arch}_cflags) +LOCAL_CLANG_ASFLAGS_${arch} += \$(${arch}_clang_asflags)" done else echo " diff --git a/app/openssl/include/openssl/dtls1.h b/app/openssl/include/openssl/dtls1.h index e65d5011..192c5def 100644 --- a/app/openssl/include/openssl/dtls1.h +++ b/app/openssl/include/openssl/dtls1.h @@ -84,6 +84,8 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF +#define DTLS_MAX_VERSION DTLS1_VERSION + #define DTLS1_BAD_VER 0x0100 #if 0 @@ -284,4 +286,3 @@ typedef struct dtls1_record_data_st } #endif #endif - diff --git a/app/openssl/include/openssl/ebcdic.h b/app/openssl/include/openssl/ebcdic.h index 6d65afcf..85f3cf7f 100644 --- a/app/openssl/include/openssl/ebcdic.h +++ b/app/openssl/include/openssl/ebcdic.h @@ -5,6 +5,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + /* Avoid name clashes with other applications */ #define os_toascii _openssl_os_toascii #define os_toebcdic _openssl_os_toebcdic @@ -16,4 +20,7 @@ extern const unsigned char os_toebcdic[256]; void *ebcdic2ascii(void *dest, const void *srce, size_t count); void *ascii2ebcdic(void *dest, const void *srce, size_t count); +#ifdef __cplusplus +} +#endif #endif diff --git a/app/openssl/include/openssl/ec.h b/app/openssl/include/openssl/ec.h index d008a0da..b6e745b8 100644 --- a/app/openssl/include/openssl/ec.h +++ b/app/openssl/include/openssl/ec.h @@ -629,7 +629,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx); -/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] +/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i] * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) diff --git a/app/openssl/include/openssl/modes.h b/app/openssl/include/openssl/modes.h index f18215bb..7773c254 100644 --- a/app/openssl/include/openssl/modes.h +++ b/app/openssl/include/openssl/modes.h @@ -7,6 +7,9 @@ #include +#ifdef __cplusplus +extern "C" { +#endif typedef void (*block128_f)(const unsigned char in[16], unsigned char out[16], const void *key); @@ -133,3 +136,6 @@ typedef struct xts128_context XTS128_CONTEXT; int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16], const unsigned char *inp, unsigned char *out, size_t len, int enc); +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-32.h b/app/openssl/include/openssl/opensslconf-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/include/openssl/opensslconf-32.h +++ b/app/openssl/include/openssl/opensslconf-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-64.h b/app/openssl/include/openssl/opensslconf-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/include/openssl/opensslconf-64.h +++ b/app/openssl/include/openssl/opensslconf-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-32.h b/app/openssl/include/openssl/opensslconf-static-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/include/openssl/opensslconf-static-32.h +++ b/app/openssl/include/openssl/opensslconf-static-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-64.h b/app/openssl/include/openssl/opensslconf-static-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/include/openssl/opensslconf-static-64.h +++ b/app/openssl/include/openssl/opensslconf-static-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-trusty.h b/app/openssl/include/openssl/opensslconf-static-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/include/openssl/opensslconf-static-trusty.h +++ b/app/openssl/include/openssl/opensslconf-static-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-trusty.h b/app/openssl/include/openssl/opensslconf-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/include/openssl/opensslconf-trusty.h +++ b/app/openssl/include/openssl/opensslconf-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslv.h b/app/openssl/include/openssl/opensslv.h index c3b6acec..f375967e 100644 --- a/app/openssl/include/openssl/opensslv.h +++ b/app/openssl/include/openssl/opensslv.h @@ -1,6 +1,10 @@ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H +#ifdef __cplusplus +extern "C" { +#endif + /* Numeric release version identifier: * MNNFFPPS: major minor fix patch status * The status nibble has one of the values 0 for development, 1 to e for betas @@ -25,11 +29,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x1000108fL +#define OPENSSL_VERSION_NUMBER 0x100010afL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j-fips 15 Oct 2014" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j 15 Oct 2014" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -86,4 +90,7 @@ #define SHLIB_VERSION_NUMBER "1.0.0" +#ifdef __cplusplus +} +#endif #endif /* HEADER_OPENSSLV_H */ diff --git a/app/openssl/include/openssl/ossl_typ.h b/app/openssl/include/openssl/ossl_typ.h index ea9227f6..12cdd43b 100644 --- a/app/openssl/include/openssl/ossl_typ.h +++ b/app/openssl/include/openssl/ossl_typ.h @@ -55,6 +55,10 @@ #ifndef HEADER_OPENSSL_TYPES_H #define HEADER_OPENSSL_TYPES_H +#ifdef __cplusplus +extern "C" { +#endif + #include #ifdef NO_ASN1_TYPEDEFS @@ -199,4 +203,7 @@ typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; typedef struct ocsp_response_st OCSP_RESPONSE; typedef struct ocsp_responder_id_st OCSP_RESPID; +#ifdef __cplusplus +} +#endif #endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/app/openssl/include/openssl/pkcs7.h b/app/openssl/include/openssl/pkcs7.h index 04f60379..5d54c4ac 100644 --- a/app/openssl/include/openssl/pkcs7.h +++ b/app/openssl/include/openssl/pkcs7.h @@ -233,10 +233,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) #define PKCS7_set_detached(p,v) \ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) diff --git a/app/openssl/include/openssl/pqueue.h b/app/openssl/include/openssl/pqueue.h index 87fc9037..26b53480 100644 --- a/app/openssl/include/openssl/pqueue.h +++ b/app/openssl/include/openssl/pqueue.h @@ -64,6 +64,9 @@ #include #include +#ifdef __cplusplus +extern "C" { +#endif typedef struct _pqueue *pqueue; typedef struct _pitem @@ -91,4 +94,7 @@ pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); int pqueue_size(pqueue pq); +#ifdef __cplusplus +} +#endif #endif /* ! HEADER_PQUEUE_H */ diff --git a/app/openssl/include/openssl/rsa.h b/app/openssl/include/openssl/rsa.h index 5f269e57..11853fee 100644 --- a/app/openssl/include/openssl/rsa.h +++ b/app/openssl/include/openssl/rsa.h @@ -559,6 +559,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 +#define RSA_R_PKCS_DECODING_ERROR 159 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 diff --git a/app/openssl/include/openssl/safestack.h b/app/openssl/include/openssl/safestack.h index ea3aa0d8..bc194cb2 100644 --- a/app/openssl/include/openssl/safestack.h +++ b/app/openssl/include/openssl/safestack.h @@ -57,6 +57,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + #ifndef CHECKED_PTR_OF #define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) @@ -2660,4 +2664,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) /* End of util/mkstack.pl block, you may now edit :-) */ + +#ifdef __cplusplus +} +#endif #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/app/openssl/include/openssl/srtp.h b/app/openssl/include/openssl/srtp.h index c0cf33ef..24f23309 100644 --- a/app/openssl/include/openssl/srtp.h +++ b/app/openssl/include/openssl/srtp.h @@ -130,6 +130,8 @@ extern "C" { #define SRTP_NULL_SHA1_80 0x0005 #define SRTP_NULL_SHA1_32 0x0006 +#ifndef OPENSSL_NO_SRTP + int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); @@ -137,6 +139,8 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); +#endif + #ifdef __cplusplus } #endif diff --git a/app/openssl/include/openssl/ssl.h b/app/openssl/include/openssl/ssl.h index 7566f2df..7a1fce89 100644 --- a/app/openssl/include/openssl/ssl.h +++ b/app/openssl/include/openssl/ssl.h @@ -264,6 +264,7 @@ extern "C" { #define SSL_TXT_aGOST94 "aGOST94" #define SSL_TXT_aGOST01 "aGOST01" #define SSL_TXT_aGOST "aGOST" +#define SSL_TXT_aSRP "aSRP" #define SSL_TXT_DSS "DSS" #define SSL_TXT_DH "DH" @@ -664,11 +665,15 @@ struct ssl_session_st */ #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L +/* Send TLS_FALLBACK_SCSV in the ClientHello. + * To be set by applications that reconnect with a downgraded protocol + * version; see draft-ietf-tls-downgrade-scsv-00 for details. */ +#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L /* When set, clients may send application data before receipt of CCS * and Finished. This mode enables full-handshakes to 'complete' in * one RTT. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000080L +#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000200L /* When set, TLS 1.0 and SSLv3, multi-byte, CBC records will be split in two: * the first record will contain a single byte and the second will contain the @@ -1615,6 +1620,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE #define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE #define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ +#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */ #define SSL_ERROR_NONE 0 #define SSL_ERROR_SSL 1 @@ -1729,6 +1735,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 +#define SSL_CTRL_CHECK_PROTO_VERSION 119 + #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ @@ -2191,6 +2199,10 @@ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); +#ifndef OPENSSL_NO_UNIT_TEST +const struct openssl_ssl_test_functions *SSL_test_functions(void); +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -2459,6 +2471,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_SRP_B_LENGTH 348 #define SSL_R_BAD_SRP_G_LENGTH 349 #define SSL_R_BAD_SRP_N_LENGTH 350 +#define SSL_R_BAD_SRP_PARAMETERS 371 #define SSL_R_BAD_SRP_S_LENGTH 351 #define SSL_R_BAD_SRTP_MKI_VALUE 352 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 @@ -2519,6 +2532,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 #define SSL_R_ILLEGAL_PADDING 283 +#define SSL_R_INAPPROPRIATE_FALLBACK 373 #define SSL_R_INCONSISTENT_COMPRESSION 340 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 @@ -2668,6 +2682,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 +#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 diff --git a/app/openssl/include/openssl/ssl3.h b/app/openssl/include/openssl/ssl3.h index 83d59bff..cba94345 100644 --- a/app/openssl/include/openssl/ssl3.h +++ b/app/openssl/include/openssl/ssl3.h @@ -128,9 +128,14 @@ extern "C" { #endif -/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ +/* Signalling cipher suite value from RFC 5746 + * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) */ #define SSL3_CK_SCSV 0x030000FF +/* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 + * (TLS_FALLBACK_SCSV) */ +#define SSL3_CK_FALLBACK_SCSV 0x03005600 + #define SSL3_CK_RSA_NULL_MD5 0x03000001 #define SSL3_CK_RSA_NULL_SHA 0x03000002 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003 diff --git a/app/openssl/include/openssl/tls1.h b/app/openssl/include/openssl/tls1.h index b9a0899e..dc36f79f 100644 --- a/app/openssl/include/openssl/tls1.h +++ b/app/openssl/include/openssl/tls1.h @@ -159,17 +159,19 @@ extern "C" { #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 +#define TLS1_VERSION 0x0301 +#define TLS1_1_VERSION 0x0302 #define TLS1_2_VERSION 0x0303 -#define TLS1_2_VERSION_MAJOR 0x03 -#define TLS1_2_VERSION_MINOR 0x03 +#define TLS_MAX_VERSION TLS1_2_VERSION + +#define TLS1_VERSION_MAJOR 0x03 +#define TLS1_VERSION_MINOR 0x01 -#define TLS1_1_VERSION 0x0302 #define TLS1_1_VERSION_MAJOR 0x03 #define TLS1_1_VERSION_MINOR 0x02 -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 +#define TLS1_2_VERSION_MAJOR 0x03 +#define TLS1_2_VERSION_MINOR 0x03 #define TLS1_get_version(s) \ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) @@ -187,6 +189,7 @@ extern "C" { #define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ #define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ #define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ +#define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 /* codes 110-114 are from RFC3546 */ diff --git a/app/openssl/openssl.config b/app/openssl/openssl.config index 867711fe..9edd51e2 100644 --- a/app/openssl/openssl.config +++ b/app/openssl/openssl.config @@ -128,6 +128,7 @@ crypto/cmac/Makefile \ crypto/cms/Makefile \ crypto/comp/Makefile \ crypto/conf/Makefile \ +crypto/constant_time_test.c \ crypto/crypto-lib.com \ crypto/des/Makefile \ crypto/des/des-lib.com \ @@ -220,6 +221,7 @@ ssl/heartbeat_test.c \ ssl/install-ssl.com \ ssl/ssl-lib.com \ ssl/ssl_task.c \ +ssl/ssl_utst.c \ " NEEDED_SOURCES="\ @@ -237,6 +239,10 @@ OPENSSL_CRYPTO_DEFINES="\ NO_WINDOWS_BRAINDEATH \ " +OPENSSL_CRYPTO_CLANG_ASFLAGS_arm="\ +-no-integrated-as \ +" + OPENSSL_CRYPTO_DEFINES_arm="\ AES_ASM \ BSAES_ASM \ @@ -250,6 +256,10 @@ SHA256_ASM \ SHA512_ASM \ " +OPENSSL_CRYPTO_CLANG_ASFLAGS_arm64="\ +-no-integrated-as \ +" + OPENSSL_CRYPTO_DEFINES_arm64="\ DES_UNROLL \ OPENSSL_CPUID_OBJ \ @@ -491,6 +501,7 @@ crypto/conf/conf_lib.c \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ +crypto/constant_time_locl.h \ crypto/des/cbc_cksm.c \ crypto/des/cbc_enc.c \ crypto/des/cfb64ede.c \ diff --git a/app/openssl/openssl.version b/app/openssl/openssl.version index ab2e62bf..293396f3 100644 --- a/app/openssl/openssl.version +++ b/app/openssl/openssl.version @@ -1 +1 @@ -OPENSSL_VERSION=1.0.1h +OPENSSL_VERSION=1.0.1j diff --git a/app/openssl/patches/README b/app/openssl/patches/README index 13e9bd8b..53444701 100644 --- a/app/openssl/patches/README +++ b/app/openssl/patches/README @@ -75,3 +75,8 @@ psk_client_callback_128_byte_id_bug.patch Fixes the issue where it was impossible to return a 128 byte long PSK identity (the maximum supported length) from psk_client_callback. + +tls_fallback_scsv.patch + +Adds the signalling cipher suite value (SCSV) from +https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 diff --git a/app/openssl/rules.mk b/app/openssl/rules.mk index 252dbbb3..1c3ae64f 100644 --- a/app/openssl/rules.mk +++ b/app/openssl/rules.mk @@ -26,6 +26,8 @@ MODULE_SRCS += $(addprefix $(LOCAL_DIR)/,$(LOCAL_SRC_FILES_$(ARCH))) MODULE_CFLAGS += $(LOCAL_CFLAGS) MODULE_CFLAGS += -Wno-error=implicit-function-declaration +MODULE_CFLAGS += -Wno-empty-body +MODULE_CFLAGS += -Wno-missing-field-initializers # Global for other modules which include openssl headers GLOBAL_DEFINES += OPENSSL_SYS_TRUSTY diff --git a/app/openssl/ssl/d1_both.c b/app/openssl/ssl/d1_both.c index 04aa2310..2e4250fc 100644 --- a/app/openssl/ssl/d1_both.c +++ b/app/openssl/ssl/d1_both.c @@ -587,29 +587,32 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) return 0; } +/* dtls1_max_handshake_message_len returns the maximum number of bytes + * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but may + * be greater if the maximum certificate list size requires it. */ +static unsigned long dtls1_max_handshake_message_len(const SSL *s) + { + unsigned long max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; + if (max_len < (unsigned long)s->max_cert_list) + return s->max_cert_list; + return max_len; + } static int -dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) +dtls1_reassemble_fragment(SSL *s, const struct hm_header_st* msg_hdr, int *ok) { hm_fragment *frag = NULL; pitem *item = NULL; int i = -1, is_complete; unsigned char seq64be[8]; - unsigned long frag_len = msg_hdr->frag_len, max_len; + unsigned long frag_len = msg_hdr->frag_len; - if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) + if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len || + msg_hdr->msg_len > dtls1_max_handshake_message_len(s)) goto err; - /* Determine maximum allowed message size. Depends on (user set) - * maximum certificate length, but 16k is minimum. - */ - if (DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH < s->max_cert_list) - max_len = s->max_cert_list; - else - max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; - - if ((msg_hdr->frag_off+frag_len) > max_len) - goto err; + if (frag_len == 0) + return DTLS1_HM_FRAGMENT_RETRY; /* Try to find item in queue */ memset(seq64be,0,sizeof(seq64be)); @@ -639,7 +642,8 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* If message is already reassembled, this must be a - * retransmit and can be dropped. + * retransmit and can be dropped. In this case item != NULL and so frag + * does not need to be freed. */ if (frag->reassembly == NULL) { @@ -659,7 +663,9 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* read the body of the fragment (header has already been read */ i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, frag->fragment + msg_hdr->frag_off,frag_len,0); - if (i<=0 || (unsigned long)i!=frag_len) + if ((unsigned long)i!=frag_len) + i=-1; + if (i<=0) goto err; RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off, @@ -676,10 +682,6 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) if (item == NULL) { - memset(seq64be,0,sizeof(seq64be)); - seq64be[6] = (unsigned char)(msg_hdr->seq>>8); - seq64be[7] = (unsigned char)(msg_hdr->seq); - item = pitem_new(seq64be, frag); if (item == NULL) { @@ -687,21 +689,25 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) goto err; } - pqueue_insert(s->d1->buffered_messages, item); + item = pqueue_insert(s->d1->buffered_messages, item); + /* pqueue_insert fails iff a duplicate item is inserted. + * However, |item| cannot be a duplicate. If it were, + * |pqueue_find|, above, would have returned it and control + * would never have reached this branch. */ + OPENSSL_assert(item != NULL); } return DTLS1_HM_FRAGMENT_RETRY; err: - if (frag != NULL) dtls1_hm_fragment_free(frag); - if (item != NULL) OPENSSL_free(item); + if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; } static int -dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) +dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st* msg_hdr, int *ok) { int i=-1; hm_fragment *frag = NULL; @@ -721,7 +727,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* If we already have an entry and this one is a fragment, * don't discard it and rather try to reassemble it. */ - if (item != NULL && frag_len < msg_hdr->msg_len) + if (item != NULL && frag_len != msg_hdr->msg_len) item = NULL; /* Discard the message if sequence number was already there, is @@ -746,9 +752,12 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) } else { - if (frag_len && frag_len < msg_hdr->msg_len) + if (frag_len != msg_hdr->msg_len) return dtls1_reassemble_fragment(s, msg_hdr, ok); + if (frag_len > dtls1_max_handshake_message_len(s)) + goto err; + frag = dtls1_hm_fragment_new(frag_len, 0); if ( frag == NULL) goto err; @@ -760,26 +769,31 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* read the body of the fragment (header has already been read */ i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, frag->fragment,frag_len,0); - if (i<=0 || (unsigned long)i!=frag_len) + if ((unsigned long)i!=frag_len) + i = -1; + if (i<=0) goto err; } - memset(seq64be,0,sizeof(seq64be)); - seq64be[6] = (unsigned char)(msg_hdr->seq>>8); - seq64be[7] = (unsigned char)(msg_hdr->seq); - item = pitem_new(seq64be, frag); if ( item == NULL) goto err; - pqueue_insert(s->d1->buffered_messages, item); + item = pqueue_insert(s->d1->buffered_messages, item); + /* pqueue_insert fails iff a duplicate item is inserted. + * However, |item| cannot be a duplicate. If it were, + * |pqueue_find|, above, would have returned it. Then, either + * |frag_len| != |msg_hdr->msg_len| in which case |item| is set + * to NULL and it will have been processed with + * |dtls1_reassemble_fragment|, above, or the record will have + * been discarded. */ + OPENSSL_assert(item != NULL); } return DTLS1_HM_FRAGMENT_RETRY; err: - if ( frag != NULL) dtls1_hm_fragment_free(frag); - if ( item != NULL) OPENSSL_free(item); + if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; } @@ -1180,6 +1194,8 @@ dtls1_buffer_message(SSL *s, int is_ccs) OPENSSL_assert(s->init_off == 0); frag = dtls1_hm_fragment_new(s->init_num, 0); + if (!frag) + return 0; memcpy(frag->fragment, s->init_buf->data, s->init_num); @@ -1476,6 +1492,9 @@ dtls1_process_heartbeat(SSL *s) /* Read type and payload length first */ if (1 + 2 + 16 > s->s3->rrec.length) return 0; /* silently discard */ + if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH) + return 0; /* silently discard per RFC 6520 sec. 4 */ + hbtype = *p++; n2s(p, payload); if (1 + 2 + payload + 16 > s->s3->rrec.length) diff --git a/app/openssl/ssl/d1_clnt.c b/app/openssl/ssl/d1_clnt.c index 5ee8f58e..37dd5483 100644 --- a/app/openssl/ssl/d1_clnt.c +++ b/app/openssl/ssl/d1_clnt.c @@ -882,12 +882,18 @@ int dtls1_client_hello(SSL *s) *(p++)=0; /* Add the NULL method */ #ifndef OPENSSL_NO_TLSEXT + /* TLS extensions*/ + if (ssl_prepare_clienthello_tlsext(s) <= 0) + { + SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); + goto err; + } if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); goto err; } -#endif +#endif l=(p-d); d=buf; @@ -996,6 +1002,13 @@ int dtls1_send_client_key_exchange(SSL *s) RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; + if (s->session->sess_cert == NULL) + { + /* We should always have a server certificate with SSL_kRSA. */ + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR); + goto err; + } + if (s->session->sess_cert->peer_rsa_tmp != NULL) rsa=s->session->sess_cert->peer_rsa_tmp; else @@ -1186,6 +1199,13 @@ int dtls1_send_client_key_exchange(SSL *s) { DH *dh_srvr,*dh_clnt; + if (s->session->sess_cert == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + if (s->session->sess_cert->peer_dh_tmp != NULL) dh_srvr=s->session->sess_cert->peer_dh_tmp; else @@ -1245,6 +1265,13 @@ int dtls1_send_client_key_exchange(SSL *s) int ecdh_clnt_cert = 0; int field_size = 0; + if (s->session->sess_cert == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + /* Did we send out the client's * ECDH share for use in premaster * computation as part of client certificate? @@ -1709,5 +1736,3 @@ int dtls1_send_client_certificate(SSL *s) /* SSL3_ST_CW_CERT_D */ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); } - - diff --git a/app/openssl/ssl/d1_lib.c b/app/openssl/ssl/d1_lib.c index 6bde16fa..82ca6539 100644 --- a/app/openssl/ssl/d1_lib.c +++ b/app/openssl/ssl/d1_lib.c @@ -266,6 +266,16 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) case DTLS_CTRL_LISTEN: ret = dtls1_listen(s, parg); break; + case SSL_CTRL_CHECK_PROTO_VERSION: + /* For library-internal use; checks that the current protocol + * is the highest enabled version (according to s->ctx->method, + * as version negotiation may have changed s->method). */ +#if DTLS_MAX_VERSION != DTLS1_VERSION +# error Code needs update for DTLS_method() support beyond DTLS1_VERSION. +#endif + /* Just one protocol version is supported so far; + * fail closed if the version is not as expected. */ + return s->version == DTLS_MAX_VERSION; default: ret = ssl3_ctrl(s, cmd, larg, parg); diff --git a/app/openssl/ssl/d1_srtp.c b/app/openssl/ssl/d1_srtp.c index ab9c4192..535539ba 100644 --- a/app/openssl/ssl/d1_srtp.c +++ b/app/openssl/ssl/d1_srtp.c @@ -168,25 +168,6 @@ static int find_profile_by_name(char *profile_name, return 1; } -static int find_profile_by_num(unsigned profile_num, - SRTP_PROTECTION_PROFILE **pptr) - { - SRTP_PROTECTION_PROFILE *p; - - p=srtp_known_profiles; - while(p->name) - { - if(p->id == profile_num) - { - *pptr=p; - return 0; - } - p++; - } - - return 1; - } - static int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTECTION_PROFILE) **out) { STACK_OF(SRTP_PROTECTION_PROFILE) *profiles; @@ -209,11 +190,19 @@ static int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTE if(!find_profile_by_name(ptr,&p, col ? col-ptr : (int)strlen(ptr))) { + if (sk_SRTP_PROTECTION_PROFILE_find(profiles,p) >= 0) + { + SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + sk_SRTP_PROTECTION_PROFILE_free(profiles); + return 1; + } + sk_SRTP_PROTECTION_PROFILE_push(profiles,p); } else { SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); + sk_SRTP_PROTECTION_PROFILE_free(profiles); return 1; } @@ -305,13 +294,12 @@ int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al) { - SRTP_PROTECTION_PROFILE *cprof,*sprof; - STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0,*srvr; + SRTP_PROTECTION_PROFILE *sprof; + STACK_OF(SRTP_PROTECTION_PROFILE) *srvr; int ct; int mki_len; - int i,j; - int id; - int ret; + int i, srtp_pref; + unsigned int id; /* Length value + the MKI length */ if(len < 3) @@ -341,22 +329,32 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al return 1; } + srvr=SSL_get_srtp_profiles(s); + s->srtp_profile = NULL; + /* Search all profiles for a match initially */ + srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr); - clnt=sk_SRTP_PROTECTION_PROFILE_new_null(); - while(ct) { n2s(d,id); ct-=2; len-=2; - if(!find_profile_by_num(id,&cprof)) + /* + * Only look for match in profiles of higher preference than + * current match. + * If no profiles have been have been configured then this + * does nothing. + */ + for (i = 0; i < srtp_pref; i++) { - sk_SRTP_PROTECTION_PROFILE_push(clnt,cprof); - } - else - { - ; /* Ignore */ + sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i); + if (sprof->id == id) + { + s->srtp_profile = sprof; + srtp_pref = i; + break; + } } } @@ -371,36 +369,7 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al return 1; } - srvr=SSL_get_srtp_profiles(s); - - /* Pick our most preferred profile. If no profiles have been - configured then the outer loop doesn't run - (sk_SRTP_PROTECTION_PROFILE_num() = -1) - and so we just return without doing anything */ - for(i=0;iid==sprof->id) - { - s->srtp_profile=sprof; - *al=0; - ret=0; - goto done; - } - } - } - - ret=0; - -done: - if(clnt) sk_SRTP_PROTECTION_PROFILE_free(clnt); - - return ret; + return 0; } int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) diff --git a/app/openssl/ssl/d1_srvr.c b/app/openssl/ssl/d1_srvr.c index c181db6d..03b20a27 100644 --- a/app/openssl/ssl/d1_srvr.c +++ b/app/openssl/ssl/d1_srvr.c @@ -598,10 +598,11 @@ int dtls1_accept(SSL *s) s->state = SSL3_ST_SR_CLNT_HELLO_C; } else { - /* could be sent for a DH cert, even if we - * have not asked for it :-) */ - ret=ssl3_get_client_certificate(s); - if (ret <= 0) goto end; + if (s->s3->tmp.cert_request) + { + ret=ssl3_get_client_certificate(s); + if (ret <= 0) goto end; + } s->init_num=0; s->state=SSL3_ST_SR_KEY_EXCH_A; } @@ -980,6 +981,11 @@ int dtls1_send_server_hello(SSL *s) #endif #ifndef OPENSSL_NO_TLSEXT + if (ssl_prepare_serverhello_tlsext(s) <= 0) + { + SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT); + return -1; + } if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR); diff --git a/app/openssl/ssl/dtls1.h b/app/openssl/ssl/dtls1.h index e65d5011..192c5def 100644 --- a/app/openssl/ssl/dtls1.h +++ b/app/openssl/ssl/dtls1.h @@ -84,6 +84,8 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF +#define DTLS_MAX_VERSION DTLS1_VERSION + #define DTLS1_BAD_VER 0x0100 #if 0 @@ -284,4 +286,3 @@ typedef struct dtls1_record_data_st } #endif #endif - diff --git a/app/openssl/ssl/s23_clnt.c b/app/openssl/ssl/s23_clnt.c index 2bc92141..f02c275c 100644 --- a/app/openssl/ssl/s23_clnt.c +++ b/app/openssl/ssl/s23_clnt.c @@ -125,9 +125,11 @@ static const SSL_METHOD *ssl23_get_client_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_client_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_client_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_client_method()); @@ -698,6 +700,7 @@ static int ssl23_get_server_hello(SSL *s) { /* we have sslv3 or tls1 (server hello or alert) */ +#ifndef OPENSSL_NO_SSL3 if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) { @@ -712,7 +715,9 @@ static int ssl23_get_server_hello(SSL *s) s->version=SSL3_VERSION; s->method=SSLv3_client_method(); } - else if ((p[2] == TLS1_VERSION_MINOR) && + else +#endif + if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; @@ -736,6 +741,9 @@ static int ssl23_get_server_hello(SSL *s) goto err; } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) { /* fatal alert */ diff --git a/app/openssl/ssl/s23_lib.c b/app/openssl/ssl/s23_lib.c index 3bf72831..f3c29d1d 100644 --- a/app/openssl/ssl/s23_lib.c +++ b/app/openssl/ssl/s23_lib.c @@ -107,6 +107,13 @@ int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) long l; /* We can write SSLv2 and SSLv3 ciphers */ + /* but no ECC ciphers */ + if (c->algorithm_mkey == SSL_kECDHr || + c->algorithm_mkey == SSL_kECDHe || + c->algorithm_mkey == SSL_kEECDH || + c->algorithm_auth == SSL_aECDH || + c->algorithm_auth == SSL_aECDSA) + return 0; if (p != NULL) { l=c->id; diff --git a/app/openssl/ssl/s23_srvr.c b/app/openssl/ssl/s23_srvr.c index 48778490..93ca7d53 100644 --- a/app/openssl/ssl/s23_srvr.c +++ b/app/openssl/ssl/s23_srvr.c @@ -127,9 +127,11 @@ static const SSL_METHOD *ssl23_get_server_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_server_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_server_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_server_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_server_method()); @@ -348,23 +350,19 @@ int ssl23_get_client_hello(SSL *s) * Client Hello message, this would be difficult, and we'd have * to read more records to find out. * No known SSL 3.0 client fragments ClientHello like this, - * so we simply assume TLS 1.0 to avoid protocol version downgrade - * attacks. */ + * so we simply reject such connections to avoid + * protocol version downgrade attacks. */ if (p[3] == 0 && p[4] < 6) { -#if 0 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); goto err; -#else - v[1] = TLS1_VERSION_MINOR; -#endif } /* if major version number > 3 set minor to a value * which will use the highest version 3 we support. * If TLS 2.0 ever appears we will need to revise * this.... */ - else if (p[9] > SSL3_VERSION_MAJOR) + if (p[9] > SSL3_VERSION_MAJOR) v[1]=0xff; else v[1]=p[10]; /* minor version according to client_version */ @@ -425,6 +423,9 @@ int ssl23_get_client_hello(SSL *s) } } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + #ifdef OPENSSL_FIPS if (FIPS_mode() && (s->version < TLS1_VERSION)) { @@ -444,14 +445,34 @@ int ssl23_get_client_hello(SSL *s) v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ v[1] = p[4]; + /* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 + * header is sent directly on the wire, not wrapped as a TLS + * record. It's format is: + * Byte Content + * 0-1 msg_length + * 2 msg_type + * 3-4 version + * 5-6 cipher_spec_length + * 7-8 session_id_length + * 9-10 challenge_length + * ... ... + */ n=((p[0]&0x7f)<<8)|p[1]; if (n > (1024*4)) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); goto err; } + if (n < 9) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); + goto err; + } j=ssl23_read_bytes(s,n+2); + /* We previously read 11 bytes, so if j > 0, we must have + * j == n+2 == s->packet_length. We have at least 11 valid + * packet bytes. */ if (j <= 0) return(j); ssl3_finish_mac(s, s->packet+2, s->packet_length-2); @@ -581,6 +602,12 @@ int ssl23_get_client_hello(SSL *s) if ((type == 2) || (type == 3)) { /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ + s->method = ssl23_get_server_method(s->version); + if (s->method == NULL) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; + } if (!ssl_init_wbio_buffer(s,1)) goto err; @@ -608,14 +635,6 @@ int ssl23_get_client_hello(SSL *s) s->s3->rbuf.left=0; s->s3->rbuf.offset=0; } - if (s->version == TLS1_2_VERSION) - s->method = TLSv1_2_server_method(); - else if (s->version == TLS1_1_VERSION) - s->method = TLSv1_1_server_method(); - else if (s->version == TLS1_VERSION) - s->method = TLSv1_server_method(); - else - s->method = SSLv3_server_method(); #if 0 /* ssl3_get_client_hello does this */ s->client_version=(v[0]<<8)|v[1]; #endif diff --git a/app/openssl/ssl/s2_lib.c b/app/openssl/ssl/s2_lib.c index 99146041..c63be305 100644 --- a/app/openssl/ssl/s2_lib.c +++ b/app/openssl/ssl/s2_lib.c @@ -250,7 +250,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ SSL_SSLV2, SSL_NOT_EXP|SSL_HIGH, 0, - 168, + 112, 168, }, @@ -391,6 +391,8 @@ long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_GET_SESSION_REUSED: ret=s->hit; break; + case SSL_CTRL_CHECK_PROTO_VERSION: + return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg); default: break; } @@ -437,7 +439,7 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) if (p != NULL) { l=c->id; - if ((l & 0xff000000) != 0x02000000) return(0); + if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) return(0); p[0]=((unsigned char)(l>>16L))&0xFF; p[1]=((unsigned char)(l>> 8L))&0xFF; p[2]=((unsigned char)(l ))&0xFF; diff --git a/app/openssl/ssl/s3_cbc.c b/app/openssl/ssl/s3_cbc.c index 443a31e7..11f13adb 100644 --- a/app/openssl/ssl/s3_cbc.c +++ b/app/openssl/ssl/s3_cbc.c @@ -53,6 +53,7 @@ * */ +#include "../crypto/constant_time_locl.h" #include "ssl_locl.h" #include @@ -67,37 +68,6 @@ * supported by TLS.) */ #define MAX_HASH_BLOCK_SIZE 128 -/* Some utility functions are needed: - * - * These macros return the given value with the MSB copied to all the other - * bits. They use the fact that arithmetic shift shifts-in the sign bit. - * However, this is not ensured by the C standard so you may need to replace - * them with something else on odd CPUs. */ -#define DUPLICATE_MSB_TO_ALL(x) ( (unsigned)( (int)(x) >> (sizeof(int)*8-1) ) ) -#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x))) - -/* constant_time_lt returns 0xff if a=b and 0x00 otherwise. */ -static unsigned constant_time_ge(unsigned a, unsigned b) - { - a -= b; - return DUPLICATE_MSB_TO_ALL(~a); - } - -/* constant_time_eq_8 returns 0xff if a==b and 0x00 otherwise. */ -static unsigned char constant_time_eq_8(unsigned a, unsigned b) - { - unsigned c = a ^ b; - c--; - return DUPLICATE_MSB_TO_ALL_8(c); - } - /* ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC * record in |rec| by updating |rec->length| in constant time. * @@ -126,8 +96,8 @@ int ssl3_cbc_remove_padding(const SSL* s, padding_length = good & (padding_length+1); rec->length -= padding_length; rec->type |= padding_length<<8; /* kludge: pass padding length */ - return (int)((good & 1) | (~good & -1)); -} + return constant_time_select_int(good, 1, -1); + } /* tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC * record in |rec| in constant time and returns 1 if the padding is valid and @@ -208,7 +178,7 @@ int tls1_cbc_remove_padding(const SSL* s, for (i = 0; i < to_check; i++) { - unsigned char mask = constant_time_ge(padding_length, i); + unsigned char mask = constant_time_ge_8(padding_length, i); unsigned char b = rec->data[rec->length-1-i]; /* The final |padding_length+1| bytes should all have the value * |padding_length|. Therefore the XOR should be zero. */ @@ -216,20 +186,14 @@ int tls1_cbc_remove_padding(const SSL* s, } /* If any of the final |padding_length+1| bytes had the wrong value, - * one or more of the lower eight bits of |good| will be cleared. We - * AND the bottom 8 bits together and duplicate the result to all the - * bits. */ - good &= good >> 4; - good &= good >> 2; - good &= good >> 1; - good <<= sizeof(good)*8-1; - good = DUPLICATE_MSB_TO_ALL(good); - + * one or more of the lower eight bits of |good| will be cleared. + */ + good = constant_time_eq(0xff, good & 0xff); padding_length = good & (padding_length+1); rec->length -= padding_length; rec->type |= padding_length<<8; /* kludge: pass padding length */ - return (int)((good & 1) | (~good & -1)); + return constant_time_select_int(good, 1, -1); } /* ssl3_cbc_copy_mac copies |md_size| bytes from the end of |rec| to |out| in @@ -296,8 +260,8 @@ void ssl3_cbc_copy_mac(unsigned char* out, memset(rotated_mac, 0, md_size); for (i = scan_start, j = 0; i < orig_len; i++) { - unsigned char mac_started = constant_time_ge(i, mac_start); - unsigned char mac_ended = constant_time_ge(i, mac_end); + unsigned char mac_started = constant_time_ge_8(i, mac_start); + unsigned char mac_ended = constant_time_ge_8(i, mac_end); unsigned char b = rec->data[i]; rotated_mac[j++] |= b & mac_started & ~mac_ended; j &= constant_time_lt(j,md_size); @@ -683,12 +647,12 @@ void ssl3_cbc_digest_record( b = data[k-header_length]; k++; - is_past_c = is_block_a & constant_time_ge(j, c); - is_past_cp1 = is_block_a & constant_time_ge(j, c+1); + is_past_c = is_block_a & constant_time_ge_8(j, c); + is_past_cp1 = is_block_a & constant_time_ge_8(j, c+1); /* If this is the block containing the end of the * application data, and we are at the offset for the * 0x80 value, then overwrite b with 0x80. */ - b = (b&~is_past_c) | (0x80&is_past_c); + b = constant_time_select_8(is_past_c, 0x80, b); /* If this the the block containing the end of the * application data and we're past the 0x80 value then * just write zero. */ @@ -704,7 +668,8 @@ void ssl3_cbc_digest_record( if (j >= md_block_size - md_length_size) { /* If this is index_b, write a length byte. */ - b = (b&~is_block_b) | (is_block_b&length_bytes[j-(md_block_size-md_length_size)]); + b = constant_time_select_8( + is_block_b, length_bytes[j-(md_block_size-md_length_size)], b); } block[j] = b; } diff --git a/app/openssl/ssl/s3_clnt.c b/app/openssl/ssl/s3_clnt.c index 486f538b..8a81793e 100644 --- a/app/openssl/ssl/s3_clnt.c +++ b/app/openssl/ssl/s3_clnt.c @@ -332,9 +332,9 @@ int ssl3_connect(SSL *s) break; } #endif - /* Check if it is anon DH/ECDH */ + /* Check if it is anon DH/ECDH, SRP auth */ /* or non-RSA PSK */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) && !((s->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK) && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA))) { @@ -530,6 +530,7 @@ int ssl3_connect(SSL *s) s->method->ssl3_enc->client_finished_label, s->method->ssl3_enc->client_finished_label_len); if (ret <= 0) goto end; + s->s3->flags |= SSL3_FLAGS_CCS_OK; s->state=SSL3_ST_CW_FLUSH; /* clear flags */ @@ -975,6 +976,7 @@ int ssl3_get_server_hello(SSL *s) { s->session->cipher = pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s, p+j); + s->s3->flags |= SSL3_FLAGS_CCS_OK; } } #endif /* OPENSSL_NO_TLSEXT */ @@ -1032,6 +1034,15 @@ int ssl3_get_server_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); + goto f_err; + } +#endif /* OPENSSL_NO_SRP */ p+=ssl_put_cipher_by_char(s,NULL,NULL); sk=ssl_get_ciphers_by_id(s); @@ -1346,8 +1357,8 @@ int ssl3_get_key_exchange(SSL *s) #endif EVP_MD_CTX md_ctx; unsigned char *param,*p; - int al,i,j,param_len,ok; - long n,alg_k,alg_a; + int al,j,ok; + long i,param_len,n,alg_k,alg_a; EVP_PKEY *pkey=NULL; const EVP_MD *md = NULL; #ifndef OPENSSL_NO_RSA @@ -1425,19 +1436,29 @@ int ssl3_get_key_exchange(SSL *s) s->session->sess_cert=ssl_sess_cert_new(); } + /* Total length of the parameters including the length prefix */ param_len=0; + alg_k=s->s3->tmp.new_cipher->algorithm_mkey; alg_a=s->s3->tmp.new_cipher->algorithm_auth; EVP_MD_CTX_init(&md_ctx); + al=SSL_AD_DECODE_ERROR; + #ifndef OPENSSL_NO_PSK if (alg_a & SSL_aPSK) { char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1]; - al=SSL_AD_HANDSHAKE_FAILURE; + param_len = 2; + if (param_len > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } n2s(p,i); - param_len=i+2; + if (s->session->psk_identity_hint) { OPENSSL_free(s->session->psk_identity_hint); @@ -1451,17 +1472,19 @@ int ssl3_get_key_exchange(SSL *s) * long as the maximum length of a PSK identity. */ if (i > PSK_MAX_IDENTITY_LEN) { + al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto f_err; } - if (param_len > n) + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH); goto f_err; } + param_len += i; + /* If received PSK identity hint contains NULL * characters, the hint is truncated from the first * NULL. p may not be ending with NULL, so create a @@ -1471,6 +1494,7 @@ int ssl3_get_key_exchange(SSL *s) s->session->psk_identity_hint = BUF_strdup(tmp_id_hint); if (s->session->psk_identity_hint == NULL) { + al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto f_err; } @@ -1484,14 +1508,22 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_SRP else if (alg_k & SSL_kSRP) { - n2s(p,i); - param_len=i+2; + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1499,14 +1531,24 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1514,15 +1556,25 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + + if (1 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 1; + i = (unsigned int)(p[0]); p++; - param_len+=i+1; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1530,14 +1582,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1546,6 +1607,12 @@ int ssl3_get_key_exchange(SSL *s) p+=i; n-=param_len; + if (!srp_verify_server_param(s, &al)) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS); + goto f_err; + } + /* We must check if there is a certificate */ #ifndef OPENSSL_NO_RSA if (alg_a & SSL_aRSA) @@ -1568,14 +1635,23 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); goto err; } - n2s(p,i); - param_len=i+2; + + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH); goto f_err; } + param_len += i; + if (!(rsa->n=BN_bin2bn(p,i,rsa->n))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1583,14 +1659,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH); goto f_err; } + param_len += i; + if (!(rsa->e=BN_bin2bn(p,i,rsa->e))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1619,14 +1704,23 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB); goto err; } - n2s(p,i); - param_len=i+2; + + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH); goto f_err; } + param_len += i; + if (!(dh->p=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1634,14 +1728,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH); goto f_err; } + param_len += i; + if (!(dh->g=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1649,14 +1752,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH); goto f_err; } + param_len += i; + if (!(dh->pub_key=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1708,12 +1820,19 @@ int ssl3_get_key_exchange(SSL *s) */ /* XXX: For now we only support named (not generic) curves - * and the ECParameters in this case is just three bytes. + * and the ECParameters in this case is just three bytes. We + * also need one byte for the length of the encoded point */ - param_len=3; - if ((param_len > n) || - (*p != NAMED_CURVE_TYPE) || - ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) + param_len=4; + if (param_len > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + + if ((*p != NAMED_CURVE_TYPE) || + ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) { al=SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); @@ -1755,15 +1874,15 @@ int ssl3_get_key_exchange(SSL *s) encoded_pt_len = *p; /* length of encoded point */ p+=1; - param_len += (1 + encoded_pt_len); - if ((param_len > n) || + + if ((encoded_pt_len > n - param_len) || (EC_POINT_oct2point(group, srvr_ecpoint, p, encoded_pt_len, bn_ctx) == 0)) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_ECPOINT); goto f_err; } + param_len += encoded_pt_len; n-=param_len; p+=encoded_pt_len; @@ -1806,7 +1925,15 @@ int ssl3_get_key_exchange(SSL *s) { if (TLS1_get_version(s) >= TLS1_2_VERSION) { - int sigalg = tls12_get_sigid(pkey); + int sigalg; + if (2 > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + + sigalg = tls12_get_sigid(pkey); /* Should never happen */ if (sigalg == -1) { @@ -1824,7 +1951,6 @@ int ssl3_get_key_exchange(SSL *s) if (md == NULL) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNKNOWN_DIGEST); - al=SSL_AD_DECODE_ERROR; goto f_err; } #ifdef SSL_DEBUG @@ -1835,15 +1961,21 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); } else md = EVP_sha1(); - + + if (2 > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } n2s(p,i); n-=2; j=EVP_PKEY_size(pkey); + /* Check signature length. If n is 0 then signature is empty */ if ((i != n) || (n > j) || (n <= 0)) { /* wrong packet length */ - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); goto f_err; } @@ -1852,6 +1984,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION) { int num; + unsigned int size; j=0; q=md_buf; @@ -1864,9 +1997,9 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); EVP_DigestUpdate(&md_ctx,param,param_len); - EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i); - q+=i; - j+=i; + EVP_DigestFinal_ex(&md_ctx,q,&size); + q+=size; + j+=size; } i=RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa); @@ -1902,7 +2035,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); } else { - if (!(alg_a & SSL_aNULL) && + if (!(alg_a & (SSL_aNULL|SSL_aSRP)) && /* Among PSK ciphers only RSA_PSK needs a public key */ !((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) { @@ -1912,7 +2045,6 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); /* still data left over */ if (n != 0) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE); goto f_err; } @@ -2338,7 +2470,10 @@ int ssl3_send_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_PSK if (alg_a & SSL_aPSK) { - char identity[PSK_MAX_IDENTITY_LEN + 1]; + /* The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes + * to return a \0-terminated identity. The last byte + * is for us for simulating strnlen. */ + char identity[PSK_MAX_IDENTITY_LEN + 2]; size_t identity_len; unsigned char *t = NULL; unsigned char pre_ms[PSK_MAX_PSK_LEN*2+4]; @@ -2355,7 +2490,7 @@ int ssl3_send_client_key_exchange(SSL *s) memset(identity, 0, sizeof(identity)); psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, - identity, sizeof(identity), psk, sizeof(psk)); + identity, sizeof(identity - 1), psk, sizeof(psk)); if (psk_len > PSK_MAX_PSK_LEN) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2368,14 +2503,14 @@ int ssl3_send_client_key_exchange(SSL *s) SSL_R_PSK_IDENTITY_NOT_FOUND); goto psk_err; } - identity_len = strnlen(identity, sizeof(identity)); + identity[PSK_MAX_IDENTITY_LEN + 1] = '\0'; + identity_len = strlen(identity); if (identity_len > PSK_MAX_IDENTITY_LEN) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto psk_err; } - if (!(alg_k & SSL_kEECDH)) { /* Create the shared secret now if we're not using ECDHE-PSK.*/ @@ -2407,7 +2542,7 @@ int ssl3_send_client_key_exchange(SSL *s) } psk_err = 0; psk_err: - OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN); + OPENSSL_cleanse(identity, sizeof(identity)); OPENSSL_cleanse(pre_ms, sizeof(pre_ms)); if (psk_err != 0) { @@ -2424,6 +2559,13 @@ int ssl3_send_client_key_exchange(SSL *s) RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; + if (s->session->sess_cert == NULL) + { + /* We should always have a server certificate with SSL_kRSA. */ + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR); + goto err; + } + if (s->session->sess_cert->peer_rsa_tmp != NULL) rsa=s->session->sess_cert->peer_rsa_tmp; else @@ -2820,7 +2962,7 @@ int ssl3_send_client_key_exchange(SSL *s) /* ECDHE PSK ciphersuites from RFC 5489 */ if ((alg_a & SSL_aPSK) && psk_len != 0) { - pre_ms_len = 2+psk_len+2+n; + pre_ms_len = 2+n+2+psk_len; pre_ms = OPENSSL_malloc(pre_ms_len); if (pre_ms == NULL) { @@ -2830,11 +2972,11 @@ int ssl3_send_client_key_exchange(SSL *s) } memset(pre_ms, 0, pre_ms_len); t = pre_ms; - s2n(psk_len, t); - memcpy(t, psk, psk_len); - t += psk_len; s2n(n, t); memcpy(t, p, n); + t += n; + s2n(psk_len, t); + memcpy(t, psk, psk_len); s->session->master_key_length = s->method->ssl3_enc \ -> generate_master_secret(s, s->session->master_key, pre_ms, pre_ms_len); @@ -3341,7 +3483,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) alg_a=s->s3->tmp.new_cipher->algorithm_auth; /* we don't have a certificate */ - if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || ((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) + if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK)) return(1); sc=s->session->sess_cert; diff --git a/app/openssl/ssl/s3_enc.c b/app/openssl/ssl/s3_enc.c index 53b94b7c..bcb65d48 100644 --- a/app/openssl/ssl/s3_enc.c +++ b/app/openssl/ssl/s3_enc.c @@ -641,10 +641,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p) int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) { - int ret; + int ret, sha1len; ret=ssl3_handshake_mac(s,NID_md5,sender,len,p); + if(ret == 0) + return 0; + p+=ret; - ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p); + + sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p); + if(sha1len == 0) + return 0; + + ret+=sha1len; return(ret); } static int ssl3_handshake_mac(SSL *s, int md_nid, @@ -891,7 +899,7 @@ int ssl3_alert_code(int code) case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(SSL3_AD_HANDSHAKE_FAILURE); case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(SSL3_AD_HANDSHAKE_FAILURE); case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY); + case SSL_AD_INAPPROPRIATE_FALLBACK:return(TLS1_AD_INAPPROPRIATE_FALLBACK); default: return(-1); } } - diff --git a/app/openssl/ssl/s3_lib.c b/app/openssl/ssl/s3_lib.c index 896d1e19..c378dd60 100644 --- a/app/openssl/ssl/s3_lib.c +++ b/app/openssl/ssl/s3_lib.c @@ -328,7 +328,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -377,7 +377,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -425,7 +425,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -474,7 +474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -602,7 +602,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -687,7 +687,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -751,7 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -1685,7 +1685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2062,7 +2062,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2142,7 +2142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2222,7 +2222,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2302,7 +2302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2382,7 +2382,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2426,13 +2426,13 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_3DES, SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2448,7 +2448,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2464,7 +2464,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2474,7 +2474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES128, SSL_SHA1, SSL_TLSV1, @@ -2522,7 +2522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES256, SSL_SHA1, SSL_TLSV1, @@ -3439,6 +3439,33 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return 64; #endif /* !OPENSSL_NO_TLSEXT */ + + case SSL_CTRL_CHECK_PROTO_VERSION: + /* For library-internal use; checks that the current protocol + * is the highest enabled version (according to s->ctx->method, + * as version negotiation may have changed s->method). */ + if (s->version == s->ctx->method->version) + return 1; + /* Apparently we're using a version-flexible SSL_METHOD + * (not at its highest protocol version). */ + if (s->ctx->method->version == SSLv23_method()->version) + { +#if TLS_MAX_VERSION != TLS1_2_VERSION +# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. +#endif + if (!(s->options & SSL_OP_NO_TLSv1_2)) + return s->version == TLS1_2_VERSION; + if (!(s->options & SSL_OP_NO_TLSv1_1)) + return s->version == TLS1_1_VERSION; + if (!(s->options & SSL_OP_NO_TLSv1)) + return s->version == TLS1_VERSION; + if (!(s->options & SSL_OP_NO_SSLv3)) + return s->version == SSL3_VERSION; + if (!(s->options & SSL_OP_NO_SSLv2)) + return s->version == SSL2_VERSION; + } + return 0; /* Unexpected state; fail closed. */ + default: break; } @@ -3816,6 +3843,7 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) break; #endif #endif + default: return(0); } @@ -3924,10 +3952,15 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, emask_k = cert->export_mask_k; emask_a = cert->export_mask_a; #ifndef OPENSSL_NO_SRP - mask_k=cert->mask_k | s->srp_ctx.srp_Mask; - emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; + if (s->srp_ctx.srp_Mask & SSL_kSRP) + { + mask_k |= SSL_kSRP; + emask_k |= SSL_kSRP; + mask_a |= SSL_aSRP; + emask_a |= SSL_aSRP; + } #endif - + #ifdef KSSL_DEBUG /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ #endif /* KSSL_DEBUG */ @@ -4406,4 +4439,3 @@ long ssl_get_algorithm2(SSL *s) return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; return alg2; } - diff --git a/app/openssl/ssl/s3_pkt.c b/app/openssl/ssl/s3_pkt.c index df436cf7..4a2f5d6c 100644 --- a/app/openssl/ssl/s3_pkt.c +++ b/app/openssl/ssl/s3_pkt.c @@ -273,6 +273,12 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) return(n); } +/* MAX_EMPTY_RECORDS defines the number of consecutive, empty records that will + * be processed per call to ssl3_get_record. Without this limit an attacker + * could send empty records at a faster rate than we can process and cause + * ssl3_get_record to loop forever. */ +#define MAX_EMPTY_RECORDS 32 + /* Call this to get a new input record. * It will return <= 0 if more data is needed, normally due to an error * or non-blocking IO. @@ -293,6 +299,7 @@ static int ssl3_get_record(SSL *s) short version; unsigned mac_size, orig_len; size_t extra; + unsigned empty_record_count = 0; rr= &(s->s3->rrec); sess=s->session; @@ -523,7 +530,17 @@ printf("\n"); s->packet_length=0; /* just read a 0 length packet */ - if (rr->length == 0) goto again; + if (rr->length == 0) + { + empty_record_count++; + if (empty_record_count > MAX_EMPTY_RECORDS) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_RECORD_TOO_SMALL); + goto f_err; + } + goto again; + } #if 0 fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type, rr->length); @@ -979,7 +996,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) if (!ssl3_setup_read_buffer(s)) return(-1); - if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) || + if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE)) || (peek && (type != SSL3_RT_APPLICATION_DATA))) { SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR); diff --git a/app/openssl/ssl/s3_srvr.c b/app/openssl/ssl/s3_srvr.c index f83c9366..a42fc9e3 100644 --- a/app/openssl/ssl/s3_srvr.c +++ b/app/openssl/ssl/s3_srvr.c @@ -154,6 +154,7 @@ #include #include "ssl_locl.h" #include "kssl_lcl.h" +#include "../crypto/constant_time_locl.h" #include #include #include @@ -414,11 +415,10 @@ int ssl3_accept(SSL *s) case SSL3_ST_SW_CERT_B: /* Check if it is anon DH or anon ECDH, */ /* non-RSA PSK or KRB5 or SRP */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aKRB5|SSL_aSRP)) /* Among PSK ciphersuites only RSA_PSK uses server certificate */ && !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK && - !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA)) - && !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)) + !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA))) { ret=ssl3_send_server_certificate(s); if (ret <= 0) goto end; @@ -524,7 +524,9 @@ int ssl3_accept(SSL *s) * (against the specs, but s3_clnt.c accepts this for SSL 3) */ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) || /* never request cert in Kerberos ciphersuites */ - (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) || + /* don't request certificate for SRP auth */ + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP) /* With normal PSK Certificates and * Certificate Requests are omitted */ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) @@ -1905,7 +1907,7 @@ int ssl3_send_server_key_exchange(SSL *s) n+=2+nr[i]; } - if (!(alg_a & SSL_aNULL) + if (!(alg_a & (SSL_aNULL|SSL_aSRP)) /* Among PSK ciphersuites only RSA uses a certificate */ && !((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) { @@ -2325,6 +2327,10 @@ int ssl3_get_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_RSA if (alg_k & SSL_kRSA) { + unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH]; + int decrypt_len; + unsigned char decrypt_good, version_good; + /* FIX THIS UP EAY EAY EAY EAY */ if (s->s3->tmp.use_rsa_tmp) { @@ -2372,54 +2378,61 @@ int ssl3_get_client_key_exchange(SSL *s) n=i; } - i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); - - al = -1; - - if (i != SSL_MAX_MASTER_KEY_LENGTH) - { - al=SSL_AD_DECODE_ERROR; - /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */ - } + /* We must not leak whether a decryption failure occurs because + * of Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see + * RFC 2246, section 7.4.7.1). The code follows that advice of + * the TLS RFC and generates a random premaster secret for the + * case that the decrypt fails. See + * https://tools.ietf.org/html/rfc5246#section-7.4.7.1 */ - if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff)))) - { - /* The premaster secret must contain the same version number as the - * ClientHello to detect version rollback attacks (strangely, the - * protocol does not offer such protection for DH ciphersuites). - * However, buggy clients exist that send the negotiated protocol - * version instead if the server does not support the requested - * protocol version. - * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */ - if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) && - (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff)))) - { - al=SSL_AD_DECODE_ERROR; - /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ - - /* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack - * (http://eprint.iacr.org/2003/052/) exploits the version - * number check as a "bad version oracle" -- an alert would - * reveal that the plaintext corresponding to some ciphertext - * made up by the adversary is properly formatted except - * that the version number is wrong. To avoid such attacks, - * we should treat this just like any other decryption error. */ - } + /* should be RAND_bytes, but we cannot work around a failure. */ + if (RAND_pseudo_bytes(rand_premaster_secret, + sizeof(rand_premaster_secret)) <= 0) + goto err; + decrypt_len = RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); + ERR_clear_error(); + + /* decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. + * decrypt_good will be 0xff if so and zero otherwise. */ + decrypt_good = constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH); + + /* If the version in the decrypted pre-master secret is correct + * then version_good will be 0xff, otherwise it'll be zero. + * The Klima-Pokorny-Rosa extension of Bleichenbacher's attack + * (http://eprint.iacr.org/2003/052/) exploits the version + * number check as a "bad version oracle". Thus version checks + * are done in constant time and are treated like any other + * decryption error. */ + version_good = constant_time_eq_8(p[0], (unsigned)(s->client_version>>8)); + version_good &= constant_time_eq_8(p[1], (unsigned)(s->client_version&0xff)); + + /* The premaster secret must contain the same version number as + * the ClientHello to detect version rollback attacks + * (strangely, the protocol does not offer such protection for + * DH ciphersuites). However, buggy clients exist that send the + * negotiated protocol version instead if the server does not + * support the requested protocol version. If + * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */ + if (s->options & SSL_OP_TLS_ROLLBACK_BUG) + { + unsigned char workaround_good; + workaround_good = constant_time_eq_8(p[0], (unsigned)(s->version>>8)); + workaround_good &= constant_time_eq_8(p[1], (unsigned)(s->version&0xff)); + version_good |= workaround_good; + } + + /* Both decryption and version must be good for decrypt_good + * to remain non-zero (0xff). */ + decrypt_good &= version_good; + + /* Now copy rand_premaster_secret over p using + * decrypt_good_mask. */ + for (i = 0; i < (int) sizeof(rand_premaster_secret); i++) + { + p[i] = constant_time_select_8(decrypt_good, p[i], + rand_premaster_secret[i]); } - if (al != -1) - { - /* Some decryption failure -- use random value instead as countermeasure - * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding - * (see RFC 2246, section 7.4.7.1). */ - ERR_clear_error(); - i = SSL_MAX_MASTER_KEY_LENGTH; - p[0] = s->client_version >> 8; - p[1] = s->client_version & 0xff; - if (RAND_pseudo_bytes(p+2, i-2) <= 0) /* should be RAND_bytes, but we cannot work around a failure */ - goto err; - } - s->session->master_key_length= s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, @@ -2837,7 +2850,7 @@ int ssl3_get_client_key_exchange(SSL *s) /* ECDHE PSK ciphersuites from RFC 5489 */ if ((alg_a & SSL_aPSK) && psk_len != 0) { - pre_ms_len = 2+psk_len+2+i; + pre_ms_len = 2+i+2+psk_len; pre_ms = OPENSSL_malloc(pre_ms_len); if (pre_ms == NULL) { @@ -2847,11 +2860,11 @@ int ssl3_get_client_key_exchange(SSL *s) } memset(pre_ms, 0, pre_ms_len); t = pre_ms; - s2n(psk_len, t); - memcpy(t, psk, psk_len); - t += psk_len; s2n(i, t); memcpy(t, p, i); + t += i; + s2n(psk_len, t); + memcpy(t, psk, psk_len); s->session->master_key_length = s->method->ssl3_enc \ -> generate_master_secret(s, s->session->master_key, pre_ms, pre_ms_len); @@ -3009,7 +3022,7 @@ int ssl3_get_cert_verify(SSL *s) SSL3_ST_SR_CERT_VRFY_A, SSL3_ST_SR_CERT_VRFY_B, -1, - 516, /* Enough for 4096 bit RSA key with TLS v1.2 */ + SSL3_RT_MAX_PLAIN_LENGTH, &ok); if (!ok) return((int)n); diff --git a/app/openssl/ssl/srtp.h b/app/openssl/ssl/srtp.h index c0cf33ef..24f23309 100644 --- a/app/openssl/ssl/srtp.h +++ b/app/openssl/ssl/srtp.h @@ -130,6 +130,8 @@ extern "C" { #define SRTP_NULL_SHA1_80 0x0005 #define SRTP_NULL_SHA1_32 0x0006 +#ifndef OPENSSL_NO_SRTP + int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); @@ -137,6 +139,8 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); +#endif + #ifdef __cplusplus } #endif diff --git a/app/openssl/ssl/ssl.h b/app/openssl/ssl/ssl.h index 7566f2df..7a1fce89 100644 --- a/app/openssl/ssl/ssl.h +++ b/app/openssl/ssl/ssl.h @@ -264,6 +264,7 @@ extern "C" { #define SSL_TXT_aGOST94 "aGOST94" #define SSL_TXT_aGOST01 "aGOST01" #define SSL_TXT_aGOST "aGOST" +#define SSL_TXT_aSRP "aSRP" #define SSL_TXT_DSS "DSS" #define SSL_TXT_DH "DH" @@ -664,11 +665,15 @@ struct ssl_session_st */ #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L +/* Send TLS_FALLBACK_SCSV in the ClientHello. + * To be set by applications that reconnect with a downgraded protocol + * version; see draft-ietf-tls-downgrade-scsv-00 for details. */ +#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L /* When set, clients may send application data before receipt of CCS * and Finished. This mode enables full-handshakes to 'complete' in * one RTT. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000080L +#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000200L /* When set, TLS 1.0 and SSLv3, multi-byte, CBC records will be split in two: * the first record will contain a single byte and the second will contain the @@ -1615,6 +1620,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE #define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE #define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ +#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */ #define SSL_ERROR_NONE 0 #define SSL_ERROR_SSL 1 @@ -1729,6 +1735,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 +#define SSL_CTRL_CHECK_PROTO_VERSION 119 + #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ @@ -2191,6 +2199,10 @@ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); +#ifndef OPENSSL_NO_UNIT_TEST +const struct openssl_ssl_test_functions *SSL_test_functions(void); +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -2459,6 +2471,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_SRP_B_LENGTH 348 #define SSL_R_BAD_SRP_G_LENGTH 349 #define SSL_R_BAD_SRP_N_LENGTH 350 +#define SSL_R_BAD_SRP_PARAMETERS 371 #define SSL_R_BAD_SRP_S_LENGTH 351 #define SSL_R_BAD_SRTP_MKI_VALUE 352 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 @@ -2519,6 +2532,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 #define SSL_R_ILLEGAL_PADDING 283 +#define SSL_R_INAPPROPRIATE_FALLBACK 373 #define SSL_R_INCONSISTENT_COMPRESSION 340 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 @@ -2668,6 +2682,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 +#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 diff --git a/app/openssl/ssl/ssl3.h b/app/openssl/ssl/ssl3.h index 83d59bff..cba94345 100644 --- a/app/openssl/ssl/ssl3.h +++ b/app/openssl/ssl/ssl3.h @@ -128,9 +128,14 @@ extern "C" { #endif -/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ +/* Signalling cipher suite value from RFC 5746 + * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) */ #define SSL3_CK_SCSV 0x030000FF +/* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 + * (TLS_FALLBACK_SCSV) */ +#define SSL3_CK_FALLBACK_SCSV 0x03005600 + #define SSL3_CK_RSA_NULL_MD5 0x03000001 #define SSL3_CK_RSA_NULL_SHA 0x03000002 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003 diff --git a/app/openssl/ssl/ssl_ciph.c b/app/openssl/ssl/ssl_ciph.c index e8794d4b..cd9f1082 100644 --- a/app/openssl/ssl/ssl_ciph.c +++ b/app/openssl/ssl/ssl_ciph.c @@ -270,6 +270,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0}, + {0,SSL_TXT_aSRP,0, 0,SSL_aSRP, 0,0,0,0,0,0,0}, /* aliases combining key exchange and server authentication */ {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, @@ -562,7 +563,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, break; } - if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) *enc=NULL; else { @@ -596,7 +597,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, i= -1; break; } - if ((i < 0) || (i > SSL_MD_NUM_IDX)) + if ((i < 0) || (i >= SSL_MD_NUM_IDX)) { *md=NULL; if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef; @@ -925,7 +926,7 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { - CIPHER_ORDER *head, *tail, *curr, *curr2, *last; + CIPHER_ORDER *head, *tail, *curr, *next, *last; const SSL_CIPHER *cp; int reverse = 0; @@ -942,21 +943,25 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, if (reverse) { - curr = tail; + next = tail; last = head; } else { - curr = head; + next = head; last = tail; } - curr2 = curr; + curr = NULL; for (;;) { - if ((curr == NULL) || (curr == last)) break; - curr = curr2; - curr2 = reverse ? curr->prev : curr->next; + if (curr == last) break; + + curr = next; + + if (curr == NULL) break; + + next = reverse ? curr->prev : curr->next; cp = curr->cipher; @@ -1598,6 +1603,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_kSRP: kx="SRP"; break; + case SSL_kGOST: + kx="GOST"; + break; default: kx="unknown"; } @@ -1628,6 +1636,15 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_aPSK: au="PSK"; break; + case SSL_aSRP: + au="SRP"; + break; + case SSL_aGOST94: + au="GOST94"; + break; + case SSL_aGOST01: + au="GOST01"; + break; default: au="unknown"; break; @@ -1675,6 +1692,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_SEED: enc="SEED(128)"; break; + case SSL_eGOST2814789CNT: + enc="GOST89(256)"; + break; default: enc="unknown"; break; @@ -1697,6 +1717,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AEAD: mac="AEAD"; break; + case SSL_GOST89MAC: + mac="GOST89"; + break; + case SSL_GOST94: + mac="GOST94"; + break; default: mac="unknown"; break; diff --git a/app/openssl/ssl/ssl_err.c b/app/openssl/ssl/ssl_err.c index ac0aad9b..0e92ccb0 100644 --- a/app/openssl/ssl/ssl_err.c +++ b/app/openssl/ssl/ssl_err.c @@ -331,6 +331,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"}, {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"}, {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"}, +{ERR_REASON(SSL_R_BAD_SRP_PARAMETERS) ,"bad srp parameters"}, {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"}, {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) ,"bad srtp mki value"}, {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),"bad srtp protection profile list"}, @@ -391,6 +392,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"}, {ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"}, {ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"}, +{ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK),"inappropriate fallback"}, {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"}, {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"}, {ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"}, @@ -540,6 +542,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"}, {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),"tlsv1 alert decrypt error"}, {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),"tlsv1 alert export restriction"}, +{ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),"tlsv1 alert inappropriate fallback"}, {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),"tlsv1 alert insufficient security"}, {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),"tlsv1 alert internal error"}, {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),"tlsv1 alert no renegotiation"}, diff --git a/app/openssl/ssl/ssl_lib.c b/app/openssl/ssl/ssl_lib.c index 3de68a78..eb1ae782 100644 --- a/app/openssl/ssl/ssl_lib.c +++ b/app/openssl/ssl/ssl_lib.c @@ -1441,6 +1441,8 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, if (sk == NULL) return(0); q=p; + if (put_cb == NULL) + put_cb = s->method->put_cipher_by_char; for (i=0; ipsk_client_callback == NULL) continue; #endif /* OPENSSL_NO_PSK */ - j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p); +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + continue; +#endif /* OPENSSL_NO_SRP */ + j = put_cb(c,p); p+=j; } - /* If p == q, no ciphers and caller indicates an error. Otherwise - * add SCSV if not renegotiating. - */ - if (p != q && !s->renegotiate) + /* If p == q, no ciphers; caller indicates an error. + * Otherwise, add applicable SCSVs. */ + if (p != q) { - static SSL_CIPHER scsv = + if (!s->renegotiate) { - 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 - }; - j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p); - p+=j; + static SSL_CIPHER scsv = + { + 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + j = put_cb(&scsv,p); + p+=j; #ifdef OPENSSL_RI_DEBUG - fprintf(stderr, "SCSV sent by client\n"); + fprintf(stderr, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n"); #endif - } + } + + if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) + { + static SSL_CIPHER scsv = + { + 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + j = put_cb(&scsv,p); + p+=j; + } + } return(p-q); } @@ -1488,11 +1507,12 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, const SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *sk; int i,n; + if (s->s3) s->s3->send_connection_binding = 0; n=ssl_put_cipher_by_char(s,NULL,NULL); - if ((num%n) != 0) + if (n == 0 || (num%n) != 0) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return(NULL); @@ -1507,7 +1527,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, for (i=0; is3 && (n != 3 || !p[0]) && (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) && (p[n-1] == (SSL3_CK_SCSV & 0xff))) @@ -1527,6 +1547,23 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, continue; } + /* Check for TLS_FALLBACK_SCSV */ + if ((n != 3 || !p[0]) && + (p[n-2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) && + (p[n-1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) + { + /* The SCSV indicates that the client previously tried a higher version. + * Fail if the current version is an unexpected downgrade. */ + if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) + { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_INAPPROPRIATE_FALLBACK); + if (s->s3) + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK); + goto err; + } + continue; + } + c=ssl_get_cipher_by_char(s,p); p+=n; if (c != NULL) diff --git a/app/openssl/ssl/ssl_locl.h b/app/openssl/ssl/ssl_locl.h index 6b7731a4..ca399078 100644 --- a/app/openssl/ssl/ssl_locl.h +++ b/app/openssl/ssl/ssl_locl.h @@ -311,6 +311,7 @@ #define SSL_aPSK 0x00000080L /* PSK auth */ #define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 signature auth */ #define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */ +#define SSL_aSRP 0x00000400L /* SRP auth */ /* Bits for algorithm_enc (symmetric encryption) */ @@ -809,6 +810,16 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } +struct openssl_ssl_test_functions + { + int (*p_ssl_init_wbio_buffer)(SSL *s, int push); + int (*p_ssl3_setup_buffers)(SSL *s); + int (*p_tls1_process_heartbeat)(SSL *s); + int (*p_dtls1_process_heartbeat)(SSL *s); + }; + +#ifndef OPENSSL_UNIT_TEST + void ssl_clear_cipher_ctx(SSL *s); int ssl_clear_bad_session(SSL *s); CERT *ssl_cert_new(void); @@ -1096,8 +1107,8 @@ int tls1_ec_nid2curve_id(int nid); #endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_TLSEXT -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); -unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); +unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_prepare_clienthello_tlsext(SSL *s); @@ -1179,4 +1190,14 @@ void tls_fips_digest_extra( const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx, const unsigned char *data, size_t data_len, size_t orig_len); +int srp_verify_server_param(SSL *s, int *al); + +#else + +#define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer +#define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers +#define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat +#define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat + +#endif #endif diff --git a/app/openssl/ssl/ssl_stat.c b/app/openssl/ssl/ssl_stat.c index 144b81e5..c5a15ce5 100644 --- a/app/openssl/ssl/ssl_stat.c +++ b/app/openssl/ssl/ssl_stat.c @@ -212,7 +212,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; #endif -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) /* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; @@ -222,7 +221,6 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break; /* server */ case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; -#endif /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DTLS1 read hello verify request A"; break; @@ -366,7 +364,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; #endif -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) /* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; @@ -376,7 +373,7 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; /* server */ case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; -#endif + /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DRCHVA"; break; case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DRCHVB"; break; diff --git a/app/openssl/ssl/t1_enc.c b/app/openssl/ssl/t1_enc.c index 22dd3cab..455992ad 100644 --- a/app/openssl/ssl/t1_enc.c +++ b/app/openssl/ssl/t1_enc.c @@ -1153,7 +1153,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, int rv; #ifdef KSSL_DEBUG - printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen); + printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, context, contextlen); #endif /* KSSL_DEBUG */ buff = OPENSSL_malloc(olen); @@ -1266,6 +1266,7 @@ int tls1_alert_code(int code) case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE); case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE); case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY); + case SSL_AD_INAPPROPRIATE_FALLBACK:return(TLS1_AD_INAPPROPRIATE_FALLBACK); #if 0 /* not appropriate for TLS, not used for DTLS */ case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE); diff --git a/app/openssl/ssl/t1_lib.c b/app/openssl/ssl/t1_lib.c index 122a25f5..d0b893b5 100644 --- a/app/openssl/ssl/t1_lib.c +++ b/app/openssl/ssl/t1_lib.c @@ -352,15 +352,16 @@ int tls12_get_req_sig_algs(SSL *s, unsigned char *p) return (int)slen; } -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) { int extdatalen=0; - unsigned char *ret = p; + unsigned char *orig = buf; + unsigned char *ret = buf; /* don't add extensions for SSLv3 unless doing secure renegotiation */ if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding) - return p; + return orig; ret+=2; @@ -409,7 +410,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha return NULL; } - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_renegotiate,ret); s2n(el,ret); @@ -452,8 +453,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha #endif #ifndef OPENSSL_NO_EC - if (s->tlsext_ecpointformatlist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ecpointformatlist != NULL) { /* Add TLS extension ECPointFormats to the ClientHello message */ long lenmax; @@ -472,8 +472,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length); ret+=s->tlsext_ecpointformatlist_length; } - if (s->tlsext_ellipticcurvelist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ellipticcurvelist != NULL) { /* Add TLS extension EllipticCurves to the ClientHello message */ long lenmax; @@ -669,13 +668,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } #ifndef OPENSSL_NO_SRTP - if(SSL_get_srtp_profiles(s)) + if(SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) { int el; ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0); - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_use_srtp,ret); s2n(el,ret); @@ -718,24 +717,25 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } } - if ((extdatalen = ret-p-2)== 0) - return p; + if ((extdatalen = ret-orig-2)== 0) + return orig; - s2n(extdatalen,p); + s2n(extdatalen, orig); return ret; } -unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) +unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) { int extdatalen=0; - unsigned char *ret = p; + unsigned char *orig = buf; + unsigned char *ret = buf; #ifndef OPENSSL_NO_NEXTPROTONEG int next_proto_neg_seen; #endif /* don't add extensions for SSLv3, unless doing secure renegotiation */ if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) - return p; + return orig; ret+=2; if (ret>=limit) return NULL; /* this really never occurs, but ... */ @@ -758,7 +758,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha return NULL; } - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_renegotiate,ret); s2n(el,ret); @@ -773,8 +773,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha } #ifndef OPENSSL_NO_EC - if (s->tlsext_ecpointformatlist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ecpointformatlist != NULL) { /* Add TLS extension ECPointFormats to the ServerHello message */ long lenmax; @@ -832,13 +831,13 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha #endif #ifndef OPENSSL_NO_SRTP - if(s->srtp_profile) + if(SSL_IS_DTLS(s) && s->srtp_profile) { int el; ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_use_srtp,ret); s2n(el,ret); @@ -937,10 +936,10 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha ret += len; } - if ((extdatalen = ret-p-2)== 0) - return p; + if ((extdatalen = ret-orig-2)== 0) + return orig; - s2n(extdatalen,p); + s2n(extdatalen, orig); return ret; } @@ -1288,8 +1287,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in #endif #ifndef OPENSSL_NO_EC - else if (type == TLSEXT_TYPE_ec_point_formats && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; int ecpointformatlist_length = *(sdata++); @@ -1323,8 +1321,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in fprintf(stderr,"\n"); #endif } - else if (type == TLSEXT_TYPE_elliptic_curves && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_elliptic_curves) { unsigned char *sdata = data; int ellipticcurvelist_length = (*(sdata++) << 8); @@ -1600,7 +1597,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in /* session ticket processed earlier */ #ifndef OPENSSL_NO_SRTP - else if (type == TLSEXT_TYPE_use_srtp) + else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s) + && type == TLSEXT_TYPE_use_srtp) { if(ssl_parse_clienthello_use_srtp_ext(s, data, size, al)) @@ -1706,8 +1704,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in } #ifndef OPENSSL_NO_EC - else if (type == TLSEXT_TYPE_ec_point_formats && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; int ecpointformatlist_length = *(sdata++); @@ -1718,15 +1715,18 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in *al = TLS1_AD_DECODE_ERROR; return 0; } - s->session->tlsext_ecpointformatlist_length = 0; - if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + if (!s->hit) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->session->tlsext_ecpointformatlist_length = 0; + if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); + if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } + s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; + memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); } - s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; - memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); #if 0 fprintf(stderr,"ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist "); sdata = s->session->tlsext_ecpointformatlist; @@ -1912,7 +1912,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in } #endif #ifndef OPENSSL_NO_SRTP - else if (type == TLSEXT_TYPE_use_srtp) + else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) { if(ssl_parse_serverhello_use_srtp_ext(s, data, size, al)) @@ -2561,7 +2561,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) + { + EVP_CIPHER_CTX_cleanup(&ctx); return 2; + } /* Attempt to decrypt session data */ /* Move p after IV to start of encrypted ticket, update length */ p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); @@ -2574,7 +2577,11 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, } EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen); if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) + { + EVP_CIPHER_CTX_cleanup(&ctx); + OPENSSL_free(sdec); return 2; + } slen += mlen; EVP_CIPHER_CTX_cleanup(&ctx); p = sdec; diff --git a/app/openssl/ssl/tls1.h b/app/openssl/ssl/tls1.h index b9a0899e..dc36f79f 100644 --- a/app/openssl/ssl/tls1.h +++ b/app/openssl/ssl/tls1.h @@ -159,17 +159,19 @@ extern "C" { #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 +#define TLS1_VERSION 0x0301 +#define TLS1_1_VERSION 0x0302 #define TLS1_2_VERSION 0x0303 -#define TLS1_2_VERSION_MAJOR 0x03 -#define TLS1_2_VERSION_MINOR 0x03 +#define TLS_MAX_VERSION TLS1_2_VERSION + +#define TLS1_VERSION_MAJOR 0x03 +#define TLS1_VERSION_MINOR 0x01 -#define TLS1_1_VERSION 0x0302 #define TLS1_1_VERSION_MAJOR 0x03 #define TLS1_1_VERSION_MINOR 0x02 -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 +#define TLS1_2_VERSION_MAJOR 0x03 +#define TLS1_2_VERSION_MINOR 0x03 #define TLS1_get_version(s) \ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) @@ -187,6 +189,7 @@ extern "C" { #define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ #define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ #define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ +#define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 /* codes 110-114 are from RFC3546 */ diff --git a/app/openssl/ssl/tls_srp.c b/app/openssl/ssl/tls_srp.c index 2315a7c0..e7368a8f 100644 --- a/app/openssl/ssl/tls_srp.c +++ b/app/openssl/ssl/tls_srp.c @@ -408,16 +408,46 @@ err: return ret; } -int SRP_Calc_A_param(SSL *s) +int srp_verify_server_param(SSL *s, int *al) { - unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; + SRP_CTX *srp = &s->srp_ctx; + /* Sanity check parameters: we can quickly check B % N == 0 + * by checking B != 0 since B < N + */ + if (BN_ucmp(srp->g, srp->N) >=0 || BN_ucmp(srp->B, srp->N) >= 0 + || BN_is_zero(srp->B)) + { + *al = SSL3_AD_ILLEGAL_PARAMETER; + return 0; + } - if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength) - return -1; + if (BN_num_bits(srp->N) < srp->strength) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } - if (s->srp_ctx.SRP_verify_param_callback ==NULL && - !SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N)) - return -1 ; + if (srp->SRP_verify_param_callback) + { + if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } + } + else if(!SRP_check_known_gN_param(srp->g, srp->N)) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } + + return 1; + } + + +int SRP_Calc_A_param(SSL *s) + { + unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; RAND_bytes(rnd, sizeof(rnd)); s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a); @@ -426,10 +456,6 @@ int SRP_Calc_A_param(SSL *s) if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g))) return -1; - /* We can have a callback to verify SRP param!! */ - if (s->srp_ctx.SRP_verify_param_callback !=NULL) - return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg); - return 1; } diff --git a/app/openvpn/.gitignore b/app/openvpn/.gitignore deleted file mode 100644 index 538c0208..00000000 --- a/app/openvpn/.gitignore +++ /dev/null @@ -1,59 +0,0 @@ -*.[oa] -*.l[oa] -*.dll -*.exe -*.exe.* -*.obj -*.pyc -*.so -*~ -*.idb -*.suo -*.ncb -*.vcproj.* -*.vcxproj.user -*.sln.cache -*.log -Release -Debug -Win32-Output -.deps -.libs -Makefile -Makefile.in -aclocal.m4 -autodefs.h -autom4te.cache -config.guess -config.h -config.h.in -config.log -config.status -config.sub -configure -configure.h -depcomp -stamp-h1 -install-sh -missing -ltmain.sh -libtool -m4/libtool.m4 -m4/ltoptions.m4 -m4/ltsugar.m4 -m4/ltversion.m4 -m4/lt~obsolete.m4 - -version.sh -msvc-env-local.bat -config-msvc-local.h -config-msvc-version.h -doc/openvpn.8.html -distro/rpm/openvpn.spec -tests/t_client.sh -tests/t_client-*-20??????-??????/ -src/openvpn/openvpn -config-version.h -nbproject -test-driver -compile diff --git a/app/openvpn/distro/rpm/openvpn.spec b/app/openvpn/distro/rpm/openvpn.spec new file mode 100644 index 00000000..86ed85c9 --- /dev/null +++ b/app/openvpn/distro/rpm/openvpn.spec @@ -0,0 +1,248 @@ +# OpenVPN spec file, used to drive rpmbuild + +# OPTIONS +# +# Disable LZO +# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_lzo 1' +# +# Disable PAM plugin +# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_pam 1' +# +# Allow passwords to be read from files +# rpmbuild -tb [openvpn.x.tar.gz] --define 'with_password_save 1' + +Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +Name: openvpn +Version: 2.3_master +Release: 1 +URL: http://openvpn.net/ +Source0: http://prdownloads.sourceforge.net/openvpn/%{name}-%{version}.tar.gz + +License: GPL +Group: Applications/Internet +Vendor: James Yonan +Packager: James Yonan +BuildRoot: %{_tmppath}/%{name}-%(id -un) + +# +# Include dependencies manually +# + +AutoReq: 0 + +BuildRequires: openssl-devel >= 0.9.7 +Requires: openssl >= 0.9.7 + +%if "%{_vendor}" == "Mandrakesoft" +%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07} +%{!?without_lzo:Requires: liblzo1 >= 1.07} +%else +%if "%{_vendor}" == "MandrakeSoft" +%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07} +%{!?without_lzo:Requires: liblzo1 >= 1.07} +%else +%{!?without_lzo:BuildRequires: lzo-devel >= 1.07} +%{!?without_lzo:Requires: lzo >= 1.07} +%endif +%endif + +%{!?without_pam:BuildRequires: pam-devel} +%{!?without_pam:Requires: pam} + +%{?with_pkcs11:BuildRequires: pkcs11-helper-devel} +%{?with_pkcs11:Requires: pkcs11-helper} + +# +# Description +# + +%description +OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +OpenVPN supports SSL/TLS security, +ethernet bridging, +TCP or UDP tunnel transport through proxies or NAT, +support for dynamic IP addresses and DHCP, +scalability to hundreds or thousands of users, +and portability to most major OS platforms. + +%package devel +Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +Group: Applications/Internet +Requires: %{name} +%description devel +Development support for OpenVPN. + +# +# Define vendor type +# + +%if "%{_vendor}" == "suse" || "%{_vendor}" == "pc" +%define VENDOR SuSE +%else +%define VENDOR %_vendor +%endif + +# +# Other definitions +# + +%define debug_package %{nil} + +# +# Build OpenVPN binary +# + +%prep +%setup -q + +%build +%configure \ + --disable-dependency-tracking \ + --docdir="%{_docdir}/%{name}-%{version}" \ + %{?with_password_save:--enable-password-save} \ + %{!?without_lzo:--enable-lzo} \ + %{?with_pkcs11:--enable-pkcs11} \ + %{?without_pam:--disable-plugin-auth-pam} +%__make + +# +# Installation section +# + +%install +[ %{buildroot} != "/" ] && rm -rf %{buildroot} +%__make install DESTDIR="%{buildroot}" + +# Install init script +%if "%{VENDOR}" == "SuSE" +%__install -c -d -m 755 "%{buildroot}/etc/init.d" +%__install -c -m 755 "distro/rpm/%{name}.init.d.suse" "%{buildroot}/etc/init.d/%{name}" +%else +%__install -c -d -m 755 "%{buildroot}/etc/rc.d/init.d" +%__install -c -m 755 distro/rpm/%{name}.init.d.rhel "%{buildroot}/etc/rc.d/init.d/%{name}" +%endif + +# Install /etc/openvpn +%__install -c -d -m 755 "%{buildroot}/etc/%{name}" + +# Install extra %doc stuff +cp -r AUTHORS ChangeLog NEWS contrib/ sample/ \ + "%{buildroot}/%{_docdir}/%{name}-%{version}" + +# +# Clean section +# + +%clean +[ %{buildroot} != "/" ] && rm -rf "%{buildroot}" + +# +# On Linux 2.4, make the device node +# + +%post +case "`uname -r`" in +2.4*) + /bin/mkdir /dev/net >/dev/null 2>&1 + /bin/mknod /dev/net/tun c 10 200 >/dev/null 2>&1 + ;; +esac + +# +# Handle the init script +# + +/sbin/chkconfig --add %{name} +%if "%{VENDOR}" == "SuSE" +/etc/init.d/openvpn restart +%else +/sbin/service %{name} condrestart +%endif +%preun +if [ "$1" = 0 ] +then + %if "%{VENDOR}" == "SuSE" + /etc/init.d/openvpn stop + %else + /sbin/service %{name} stop + %endif + /sbin/chkconfig --del %{name} +fi + +# +# Files section +# +# don't use %doc as old rpmbuild removes it[1]. +# [1] http://rpm.org/ticket/836 + +%files +%defattr(-,root,root) +%{_mandir} +%{_sbindir}/%{name} +%{_libdir}/%{name} +%{_docdir}/%{name}-%{version} +%dir /etc/%{name} +%if "%{VENDOR}" == "SuSE" +/etc/init.d/%{name} +%else +/etc/rc.d/init.d/%{name} +%endif + +%files devel +%defattr(-,root,root) +%{_includedir}/* + +%changelog +* Thu Jul 30 2009 David Sommerseth +- Removed management/ directory from %doc + +* Thu Dec 14 2006 Alon Bar-Lev +- Added with_pkcs11 + +* Mon Aug 2 2005 James Yonan +- Fixed build problem with --define 'without_pam 1' + +* Mon Apr 4 2005 James Yonan +- Moved some files from /usr/share/openvpn to %doc for compatibility + with Dag Wieers' RPM repository + +* Sat Mar 12 2005 Tom Walsh +- Added MandrakeSoft liblzo1 require + +* Fri Dec 10 2004 James Yonan +- Added AutoReq: 0 for manual dependencies + +* Fri Dec 10 2004 James Yonan +- Packaged the plugins + +* Sun Nov 7 2004 Umberto Nicoletti +- SuSE support + +* Wed Aug 18 2004 Bishop Clark (LC957) +- restrict what we claim in /etc/ to avoid ownership conflicts + +* Sun Feb 23 2003 Matthias Andree 1.3.2.14-1. +- Have the version number filled in by autoconf. + +* Wed Jul 10 2002 James Yonan 1.3.1-1 +- Fixed %preun to only remove service on final uninstall + +* Mon Jun 17 2002 bishop clark (LC957) 1.2.2-1 +- Added condrestart to openvpn.spec & openvpn.init. + +* Wed May 22 2002 James Yonan 1.2.0-1 +- Added mknod for Linux 2.4. + +* Wed May 15 2002 Doug Keller 1.1.1.16-2 +- Added init scripts +- Added conf file support + +* Mon May 13 2002 bishop clark (LC957) 1.1.1.14-1 +- Added new directories for config examples and such + +* Sun May 12 2002 bishop clark (LC957) 1.1.1.13-1 +- Updated buildroot directive and cleanup command +- added easy-rsa utilities + +* Mon Mar 25 2002 bishop clark (LC957) 1.0-1 +- Initial build. diff --git a/app/openvpn/src/plugins/Makefile.in b/app/openvpn/src/plugins/Makefile.in new file mode 100644 index 00000000..6a366c4b --- /dev/null +++ b/app/openvpn/src/plugins/Makefile.in @@ -0,0 +1,546 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN -- An application to securely tunnel IP networks +# over a single UDP port, with support for SSL/TLS-based +# session authentication and key exchange, +# packet encryption, packet authentication, and +# packet compression. +# +# Copyright (C) 2002-2010 OpenVPN Technologies, Inc. +# Copyright (C) 2006-2012 Alon Bar-Lev +# +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-dvi-recursive install-exec-recursive \ + install-html-recursive install-info-recursive \ + install-pdf-recursive install-ps-recursive install-recursive \ + installcheck-recursive installdirs-recursive pdf-recursive \ + ps-recursive uninstall-recursive +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +SUBDIRS = auth-pam down-root +all: all-recursive + +.SUFFIXES: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. +$(RECURSIVE_TARGETS): + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +$(RECURSIVE_CLEAN_TARGETS): + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + rev=''; for subdir in $$list; do \ + if test "$$subdir" = "."; then :; else \ + rev="$$subdir $$rev"; \ + fi; \ + done; \ + rev="$$rev ."; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ + (cd $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-recursive +all-am: Makefile +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +info: info-recursive + +info-am: + +install-data-am: + +install-dvi: install-dvi-recursive + +install-exec-am: + +install-html: install-html-recursive + +install-info: install-info-recursive + +install-man: + +install-pdf: install-pdf-recursive + +install-ps: install-ps-recursive + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: + +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ + install-strip + +.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am check check-am clean clean-generic clean-libtool \ + ctags ctags-recursive distclean distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs installdirs-am maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ + uninstall uninstall-am + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/openvpn/src/plugins/auth-pam/Makefile.in b/app/openvpn/src/plugins/auth-pam/Makefile.in new file mode 100644 index 00000000..74c23306 --- /dev/null +++ b/app/openvpn/src/plugins/auth-pam/Makefile.in @@ -0,0 +1,570 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN (TM) PAM Auth Plugin -- OpenVPN Plugin +# +# Copyright (C) 2012 Alon Bar-Lev +# + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins/auth-pam +DIST_COMMON = $(am__dist_doc_DATA_DIST) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +am__DEPENDENCIES_1 = +openvpn_plugin_auth_pam_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_openvpn_plugin_auth_pam_la_OBJECTS = auth-pam.lo pamdl.lo +openvpn_plugin_auth_pam_la_OBJECTS = \ + $(am_openvpn_plugin_auth_pam_la_OBJECTS) +openvpn_plugin_auth_pam_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(openvpn_plugin_auth_pam_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@ENABLE_PLUGIN_AUTH_PAM_TRUE@am_openvpn_plugin_auth_pam_la_rpath = \ +@ENABLE_PLUGIN_AUTH_PAM_TRUE@ -rpath $(plugindir) +DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(openvpn_plugin_auth_pam_la_SOURCES) +DIST_SOURCES = $(openvpn_plugin_auth_pam_la_SOURCES) +am__dist_doc_DATA_DIST = README.auth-pam +dist_docDATA_INSTALL = $(INSTALL_DATA) +DATA = $(dist_doc_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +AM_CFLAGS = \ + -I$(top_srcdir)/include + +@ENABLE_PLUGIN_AUTH_PAM_TRUE@plugin_LTLIBRARIES = openvpn-plugin-auth-pam.la +@ENABLE_PLUGIN_AUTH_PAM_TRUE@dist_doc_DATA = README.auth-pam +openvpn_plugin_auth_pam_la_SOURCES = \ + auth-pam.c \ + pamdl.c pamdl.h \ + auth-pam.exports + +openvpn_plugin_auth_pam_la_LIBADD = \ + $(PLUGIN_AUTH_PAM_LIBS) + +openvpn_plugin_auth_pam_la_LDFLAGS = $(AM_LDFLAGS) \ + -export-symbols "$(srcdir)/auth-pam.exports" \ + -module -shared -avoid-version -no-undefined + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +openvpn-plugin-auth-pam.la: $(openvpn_plugin_auth_pam_la_OBJECTS) $(openvpn_plugin_auth_pam_la_DEPENDENCIES) + $(openvpn_plugin_auth_pam_la_LINK) $(am_openvpn_plugin_auth_pam_la_rpath) $(openvpn_plugin_auth_pam_la_OBJECTS) $(openvpn_plugin_auth_pam_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth-pam.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pamdl.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-dist_docDATA: $(dist_doc_DATA) + @$(NORMAL_INSTALL) + test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)" + @list='$(dist_doc_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(dist_docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \ + $(dist_docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \ + done + +uninstall-dist_docDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_doc_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \ + rm -f "$(DESTDIR)$(docdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-dist_docDATA install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-dist_docDATA install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + + $(PLUGIN_AUTH_PAM_CFLAGS) +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/openvpn/src/plugins/down-root/Makefile.in b/app/openvpn/src/plugins/down-root/Makefile.in new file mode 100644 index 00000000..fa06a466 --- /dev/null +++ b/app/openvpn/src/plugins/down-root/Makefile.in @@ -0,0 +1,563 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN (TM) Down Root Plugin -- OpenVPN Plugin +# +# Copyright (C) 2012 Alon Bar-Lev +# + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins/down-root +DIST_COMMON = $(am__dist_doc_DATA_DIST) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +openvpn_plugin_down_root_la_LIBADD = +am_openvpn_plugin_down_root_la_OBJECTS = down-root.lo +openvpn_plugin_down_root_la_OBJECTS = \ + $(am_openvpn_plugin_down_root_la_OBJECTS) +openvpn_plugin_down_root_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(openvpn_plugin_down_root_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@am_openvpn_plugin_down_root_la_rpath = \ +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@ -rpath $(plugindir) +DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(openvpn_plugin_down_root_la_SOURCES) +DIST_SOURCES = $(openvpn_plugin_down_root_la_SOURCES) +am__dist_doc_DATA_DIST = README.down-root +dist_docDATA_INSTALL = $(INSTALL_DATA) +DATA = $(dist_doc_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +AM_CFLAGS = \ + -I$(top_srcdir)/include + +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@plugin_LTLIBRARIES = openvpn-plugin-down-root.la +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@dist_doc_DATA = README.down-root +openvpn_plugin_down_root_la_SOURCES = \ + down-root.c \ + down-root.exports + +openvpn_plugin_down_root_la_LDFLAGS = $(AM_LDFLAGS) \ + -export-symbols "$(srcdir)/down-root.exports" \ + -module -shared -avoid-version -no-undefined + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/down-root/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/down-root/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +openvpn-plugin-down-root.la: $(openvpn_plugin_down_root_la_OBJECTS) $(openvpn_plugin_down_root_la_DEPENDENCIES) + $(openvpn_plugin_down_root_la_LINK) $(am_openvpn_plugin_down_root_la_rpath) $(openvpn_plugin_down_root_la_OBJECTS) $(openvpn_plugin_down_root_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/down-root.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-dist_docDATA: $(dist_doc_DATA) + @$(NORMAL_INSTALL) + test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)" + @list='$(dist_doc_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(dist_docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \ + $(dist_docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \ + done + +uninstall-dist_docDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_doc_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \ + rm -f "$(DESTDIR)$(docdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-dist_docDATA install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-dist_docDATA install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java new file mode 100644 index 00000000..e595106c --- /dev/null +++ b/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -0,0 +1,275 @@ +package de.blinkt.openvpn.core; + +import net.openvpn.ovpn3.ClientAPI_Config; +import net.openvpn.ovpn3.ClientAPI_EvalConfig; +import net.openvpn.ovpn3.ClientAPI_Event; +import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest; +import net.openvpn.ovpn3.ClientAPI_ExternalPKISignRequest; +import net.openvpn.ovpn3.ClientAPI_LogInfo; +import net.openvpn.ovpn3.ClientAPI_OpenVPNClient; +import net.openvpn.ovpn3.ClientAPI_ProvideCreds; +import net.openvpn.ovpn3.ClientAPI_Status; +import net.openvpn.ovpn3.ClientAPI_TransportStats; + +import java.lang.Override; + +import de.blinkt.openvpn.VpnProfile; + +import android.content.Context; + +public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement { + + static { + /*System.loadLibrary("crypto"); + System.loadLibrary("ssl");*/ + System.loadLibrary("polarssl-dynamic"); + System.loadLibrary("ovpn3"); + } + + private VpnProfile mVp; + private OpenVPNService mService; + + class StatusPoller implements Runnable + { + private long mSleeptime; + + boolean mStopped=false; + + public StatusPoller(long sleeptime) { + mSleeptime=sleeptime; + } + + public void run() { + while(!mStopped) { + try { + Thread.sleep(mSleeptime); + } catch (InterruptedException e) { + } + ClientAPI_TransportStats t = transport_stats(); + long in = t.getBytesIn(); + long out = t.getBytesOut(); + VpnStatus.updateByteCount(in, out); + } + } + + public void stop() { + mStopped=true; + } + } + + @Override + public void run() { + String configstr = mVp.getConfigFile((Context)mService,true); + if(!setConfig(configstr)) + return; + setUserPW(); + VpnStatus.logInfo(copyright()); + + StatusPoller statuspoller = new StatusPoller(5000); + new Thread(statuspoller,"Status Poller").start(); + + ClientAPI_Status status = connect(); + if(status.getError()) { + VpnStatus.logError(String.format("connect() error: %s: %s",status.getStatus(),status.getMessage())); + } else { + VpnStatus.logInfo("OpenVPN3 thread finished"); + } + statuspoller.stop(); + } + + @Override + public boolean tun_builder_set_remote_address(String address, boolean ipv6) { + mService.setMtu(1500); + return true; + } + + @Override + public boolean tun_builder_set_mtu(int mtu) { + mService.setMtu(mtu); + return true; + } + @Override + public boolean tun_builder_add_dns_server(String address, boolean ipv6) { + mService.addDNS(address); + return true; + } + + @Override + public boolean tun_builder_add_route(String address, int prefix_length, + boolean ipv6) { + if (address.equals("remote_host")) + return false; + + if(ipv6) + mService.addRoutev6(address + "/" + prefix_length,"tun"); + else + mService.addRoute(new CIDRIP(address, prefix_length)); + return true; + } + + @Override + public boolean tun_builder_add_search_domain(String domain) { + mService.setDomain(domain); + return true; + } + + @Override + public int tun_builder_establish() { + return mService.openTun().detachFd(); + } + + @Override + public boolean tun_builder_set_session_name(String name) { + VpnStatus.logInfo("We should call this session" + name); + return true; + } + + + + @Override + public boolean tun_builder_add_address(String address, int prefix_length, + boolean ipv6) { + if(!ipv6) + mService.setLocalIP(new CIDRIP(address, prefix_length)); + else + mService.setLocalIPv6(address+ "/" + prefix_length); + return true; + } + + @Override + public boolean tun_builder_new() { + + return true; + } + + @Override + public boolean tun_builder_reroute_gw(String server_address, + boolean server_address_ipv6, boolean ipv4, boolean ipv6, long flags) { + // ignore + return true; + } + + @Override + public boolean tun_builder_exclude_route(String address, int prefix_length, + boolean ipv6) { + //ignore + return true; + } + + + private boolean setConfig(String vpnconfig) { + + ClientAPI_Config config = new ClientAPI_Config(); + if(mVp.getPasswordPrivateKey()!=null) + config.setPrivateKeyPassword(mVp.getPasswordPrivateKey()); + + config.setContent(vpnconfig); + config.setTunPersist(mVp.mPersistTun); + config.setGuiVersion(mVp.getVersionEnvString(mService)); + config.setExternalPkiAlias("extpki"); + + ClientAPI_EvalConfig ec = eval_config(config); + if(ec.getExternalPki()) { + VpnStatus.logError("OpenVPN seem to think as external PKI"); + } + if (ec.getError()) { + VpnStatus.logError("OpenVPN config file parse error: " + ec.getMessage()); + return false; + } else { + config.setContent(vpnconfig); + return true; + } + } + + @Override + public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) { + VpnStatus.logError("EXT PKI CERT"); + String[] ks = mVp.getKeyStoreCertificates((Context) mService); + if(ks==null) { + certreq.setError(true); + certreq.setErrorText("Error in pki cert request"); + return; + } + + String supcerts = ks[0]; + /* FIXME: How to differentiate between chain and ca certs in OpenVPN 3? */ + if (ks[1]!=null) + supcerts += "\n" + ks[1]; + certreq.setSupportingChain(supcerts); + certreq.setCert(ks[2]); + certreq.setError(false); + } + + @Override + public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) { + signreq.setSig(mVp.getSignedData(signreq.getData())); + } + + void setUserPW() { + if(mVp.isUserPWAuth()) { + ClientAPI_ProvideCreds creds = new ClientAPI_ProvideCreds(); + creds.setCachePassword(true); + creds.setPassword(mVp.getPasswordAuth()); + creds.setUsername(mVp.mUsername); + provide_creds(creds); + } + } + + @Override + public boolean socket_protect(int socket) { + boolean b= mService.protect(socket); + return b; + + } + + public OpenVPNThreadv3(OpenVPNService openVpnService, VpnProfile vp) { + init_process(); + mVp =vp; + mService =openVpnService; + } + + @Override + public void pause(pauseReason pauseReason) + { + pause(); + } + + @Override + public void log(ClientAPI_LogInfo arg0) { + String logmsg =arg0.getText(); + while (logmsg.endsWith("\n")) + logmsg = logmsg.substring(0, logmsg.length()-1); + + VpnStatus.logInfo(logmsg); + } + + @Override + public void event(ClientAPI_Event event) { + VpnStatus.updateStateString(event.getName(), event.getInfo()); + if(event.getError()) + VpnStatus.logError(String.format("EVENT(Error): %s: %s",event.getName(),event.getInfo())); + } + + + // When a connection is close to timeout, the core will call this + // method. If it returns false, the core will disconnect with a + // CONNECTION_TIMEOUT event. If true, the core will enter a PAUSE + // state. + + @Override + public boolean pause_on_connection_timeout() { + VpnStatus.logInfo("pause on connection timeout?! "); + return true; + } + + public boolean stopVPN() { + stop(); + return true; + } + + @Override + public void reconnect() { + reconnect(1); + } + +} diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index 7d1063ef..6b548dbb 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -27,13 +27,14 @@ + android:targetSdkVersion="21"/> + android:label="@string/app" + android:theme="@style/appstyle"> + + + + @drawable/ic_close_white_24dp + @drawable/ic_share_white_24dp + @drawable/ic_filter_list_white_24dp + @drawable/ic_delete_white_24dp + @drawable/ic_edit_white_24dp + diff --git a/app/src/main/res/values/colours.xml b/app/src/main/res/values/colours.xml new file mode 100644 index 00000000..89fb41dd --- /dev/null +++ b/app/src/main/res/values/colours.xml @@ -0,0 +1,13 @@ + + + + + + + #3F51B5 + #303F9F + #FFA726 + \ No newline at end of file diff --git a/app/src/main/res/values/refs.xml b/app/src/main/res/values/refs.xml new file mode 100644 index 00000000..5e7f5e14 --- /dev/null +++ b/app/src/main/res/values/refs.xml @@ -0,0 +1,15 @@ + + + + + @android:drawable/ic_menu_close_clear_cancel + @android:drawable/ic_menu_share + @android:drawable/ic_menu_save + @android:drawable/ic_menu_view + @android:drawable/ic_menu_delete + @android:drawable/ic_menu_edit + + diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 7257bf3a..349c94fc 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -2469,6 +2469,666 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/app/src/ovpn3/Android.mk b/app/src/ovpn3/Android.mk new file mode 100644 index 00000000..7f037ac0 --- /dev/null +++ b/app/src/ovpn3/Android.mk @@ -0,0 +1,40 @@ +LOCAL_PATH:= $(call my-dir)/ + +include $(CLEAR_VARS) + +LOCAL_LDLIBS := -lz +LOCAL_C_INCLUDES := openssl/include lzo/include openssl/crypto openssl openvpn/src/compat openvpn3/client openvpn3 boost_1_55_0 polarssl/include snappy +LOCAL_CPP_FEATURES += exceptions rtti + +#LOCAL_SHARED_LIBRARIES := libssl libcrypto +LOCAL_SHARED_LIBRARIES := polarssl-dynamic +#LOCAL_STATIC_LIBRARIES := libssl_static libcrypto_static liblzo-static +LOCAL_STATIC_LIBRARIES := liblzo-static snappy-static + +#LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_OPENSSL -DOPENSSL_NO_ENGINE +LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_POLARSSL -DHAVE_SNAPPY -DHAVE_LZO + +#ifneq ($(TARGET_ARCH),mips) +#LOCAL_STATIC_LIBRARIES += breakpad_client +#LOCAL_CFLAGS += -DGOOGLE_BREAKPAD=1 +#endif + +LOCAL_MODULE = ovpn3 + +LOCAL_SRC_FILES:= \ + ../openvpn3/javacli/ovpncli_wrap.cxx \ + boostsrc/error_code.cpp \ + ../openvpn3/client/ovpncli.cpp \ + + +#ifneq ($(TARGET_ARCH),mips) +#LOCAL_SRC_FILES+=src/openvpn/breakpad.cpp +#endif + + + +include $(BUILD_SHARED_LIBRARY) +#include $(BUILD_EXECUTABLE) + + + diff --git a/app/src/ovpn3/boostsrc/error_code.cpp b/app/src/ovpn3/boostsrc/error_code.cpp new file mode 100644 index 00000000..6772d154 --- /dev/null +++ b/app/src/ovpn3/boostsrc/error_code.cpp @@ -0,0 +1,430 @@ +// error_code support implementation file ----------------------------------// + +// Copyright Beman Dawes 2002, 2006 + +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) + +// See library home page at http://www.boost.org/libs/system + +//----------------------------------------------------------------------------// + +#include + +// define BOOST_SYSTEM_SOURCE so that knows +// the library is being built (possibly exporting rather than importing code) +#define BOOST_SYSTEM_SOURCE + +#include +#include +#include +#include +#include +#include + +using namespace boost::system; +using namespace boost::system::errc; + +#include // for strerror/strerror_r + +# if defined( BOOST_WINDOWS_API ) +# include +# include "local_free_on_destruction.hpp" +# ifndef ERROR_INCORRECT_SIZE +# define ERROR_INCORRECT_SIZE ERROR_BAD_ARGUMENTS +# endif +# endif + +//----------------------------------------------------------------------------// + +namespace +{ +#if defined(__PGI) + using boost::system::errc::invalid_argument; +#endif + // standard error categories ---------------------------------------------// + + class generic_error_category : public error_category + { + public: + generic_error_category(){} + const char * name() const; + std::string message( int ev ) const; + }; + + class system_error_category : public error_category + { + public: + system_error_category(){} + const char * name() const; + std::string message( int ev ) const; + error_condition default_error_condition( int ev ) const; + }; + + // generic_error_category implementation ---------------------------------// + + const char * generic_error_category::name() const + { + return "generic"; + } + + std::string generic_error_category::message( int ev ) const + { + static std::string unknown_err( "Unknown error" ); + // strerror_r is preferred because it is always thread safe, + // however, we fallback to strerror in certain cases because: + // -- Windows doesn't provide strerror_r. + // -- HP and Sun do provide strerror_r on newer systems, but there is + // no way to tell if is available at runtime and in any case their + // versions of strerror are thread safe anyhow. + // -- Linux only sometimes provides strerror_r. + // -- Tru64 provides strerror_r only when compiled -pthread. + // -- VMS doesn't provide strerror_r, but on this platform, strerror is + // thread safe. + # if defined(BOOST_WINDOWS_API) || defined(__hpux) || defined(__sun)\ + || (defined(__linux) && (!defined(__USE_XOPEN2K) || defined(BOOST_SYSTEM_USE_STRERROR)))\ + || (defined(__osf__) && !defined(_REENTRANT))\ + || (defined(__INTEGRITY))\ + || (defined(__vms))\ + || (defined(__QNXNTO__)) + const char * c_str = std::strerror( ev ); + return c_str + ? std::string( c_str ) + : unknown_err; + # else // use strerror_r + char buf[64]; + char * bp = buf; + std::size_t sz = sizeof(buf); + # if defined(__CYGWIN__) || defined(__USE_GNU) + // Oddball version of strerror_r + const char * c_str = strerror_r( ev, bp, sz ); + return c_str + ? std::string( c_str ) + : unknown_err; + # else + // POSIX version of strerror_r + int result; + for (;;) + { + // strerror_r returns 0 on success, otherwise ERANGE if buffer too small, + // invalid_argument if ev not a valid error number + # if defined (__sgi) + const char * c_str = strerror( ev ); + result = 0; + return c_str + ? std::string( c_str ) + : unknown_err; + # else + result = strerror_r( ev, bp, sz ); + # endif + if (result == 0 ) + break; + else + { + # if defined(__linux) + // Linux strerror_r returns -1 on error, with error number in errno + result = errno; + # endif + if ( result != ERANGE ) break; + if ( sz > sizeof(buf) ) std::free( bp ); + sz *= 2; + if ( (bp = static_cast(std::malloc( sz ))) == 0 ) + return std::string( "ENOMEM" ); + } + } + std::string msg; + try + { + msg = ( ( result == invalid_argument ) ? "Unknown error" : bp ); + } + +# ifndef BOOST_NO_EXCEPTIONS + // See ticket #2098 + catch(...) + { + // just eat the exception + } +# endif + + if ( sz > sizeof(buf) ) std::free( bp ); + sz = 0; + return msg; + # endif // else POSIX version of strerror_r + # endif // else use strerror_r + } + // system_error_category implementation --------------------------------// + + const char * system_error_category::name() const + { + return "system"; + } + + error_condition system_error_category::default_error_condition( int ev ) const + { + switch ( ev ) + { + case 0: return make_error_condition( success ); +# if defined(BOOST_POSIX_API) + // POSIX-like O/S -> posix_errno decode table ---------------------------// + case E2BIG: return make_error_condition( argument_list_too_long ); + case EACCES: return make_error_condition( permission_denied ); + case EADDRINUSE: return make_error_condition( address_in_use ); + case EADDRNOTAVAIL: return make_error_condition( address_not_available ); + case EAFNOSUPPORT: return make_error_condition( address_family_not_supported ); + case EAGAIN: return make_error_condition( resource_unavailable_try_again ); +# if EALREADY != EBUSY // EALREADY and EBUSY are the same on QNX Neutrino + case EALREADY: return make_error_condition( connection_already_in_progress ); +# endif + case EBADF: return make_error_condition( bad_file_descriptor ); + case EBADMSG: return make_error_condition( bad_message ); + case EBUSY: return make_error_condition( device_or_resource_busy ); + case ECANCELED: return make_error_condition( operation_canceled ); + case ECHILD: return make_error_condition( no_child_process ); + case ECONNABORTED: return make_error_condition( connection_aborted ); + case ECONNREFUSED: return make_error_condition( connection_refused ); + case ECONNRESET: return make_error_condition( connection_reset ); + case EDEADLK: return make_error_condition( resource_deadlock_would_occur ); + case EDESTADDRREQ: return make_error_condition( destination_address_required ); + case EDOM: return make_error_condition( argument_out_of_domain ); + case EEXIST: return make_error_condition( file_exists ); + case EFAULT: return make_error_condition( bad_address ); + case EFBIG: return make_error_condition( file_too_large ); + case EHOSTUNREACH: return make_error_condition( host_unreachable ); + case EIDRM: return make_error_condition( identifier_removed ); + case EILSEQ: return make_error_condition( illegal_byte_sequence ); + case EINPROGRESS: return make_error_condition( operation_in_progress ); + case EINTR: return make_error_condition( interrupted ); + case EINVAL: return make_error_condition( invalid_argument ); + case EIO: return make_error_condition( io_error ); + case EISCONN: return make_error_condition( already_connected ); + case EISDIR: return make_error_condition( is_a_directory ); + case ELOOP: return make_error_condition( too_many_symbolic_link_levels ); + case EMFILE: return make_error_condition( too_many_files_open ); + case EMLINK: return make_error_condition( too_many_links ); + case EMSGSIZE: return make_error_condition( message_size ); + case ENAMETOOLONG: return make_error_condition( filename_too_long ); + case ENETDOWN: return make_error_condition( network_down ); + case ENETRESET: return make_error_condition( network_reset ); + case ENETUNREACH: return make_error_condition( network_unreachable ); + case ENFILE: return make_error_condition( too_many_files_open_in_system ); + case ENOBUFS: return make_error_condition( no_buffer_space ); + case ENODATA: return make_error_condition( no_message_available ); + case ENODEV: return make_error_condition( no_such_device ); + case ENOENT: return make_error_condition( no_such_file_or_directory ); + case ENOEXEC: return make_error_condition( executable_format_error ); + case ENOLCK: return make_error_condition( no_lock_available ); + case ENOLINK: return make_error_condition( no_link ); + case ENOMEM: return make_error_condition( not_enough_memory ); + case ENOMSG: return make_error_condition( no_message ); + case ENOPROTOOPT: return make_error_condition( no_protocol_option ); + case ENOSPC: return make_error_condition( no_space_on_device ); + case ENOSR: return make_error_condition( no_stream_resources ); + case ENOSTR: return make_error_condition( not_a_stream ); + case ENOSYS: return make_error_condition( function_not_supported ); + case ENOTCONN: return make_error_condition( not_connected ); + case ENOTDIR: return make_error_condition( not_a_directory ); + # if ENOTEMPTY != EEXIST // AIX treats ENOTEMPTY and EEXIST as the same value + case ENOTEMPTY: return make_error_condition( directory_not_empty ); + # endif // ENOTEMPTY != EEXIST + # if ENOTRECOVERABLE != ECONNRESET // the same on some Broadcom chips + case ENOTRECOVERABLE: return make_error_condition( state_not_recoverable ); + # endif // ENOTRECOVERABLE != ECONNRESET + case ENOTSOCK: return make_error_condition( not_a_socket ); + case ENOTSUP: return make_error_condition( not_supported ); + case ENOTTY: return make_error_condition( inappropriate_io_control_operation ); + case ENXIO: return make_error_condition( no_such_device_or_address ); + # if EOPNOTSUPP != ENOTSUP + case EOPNOTSUPP: return make_error_condition( operation_not_supported ); + # endif // EOPNOTSUPP != ENOTSUP + case EOVERFLOW: return make_error_condition( value_too_large ); + # if EOWNERDEAD != ECONNABORTED // the same on some Broadcom chips + case EOWNERDEAD: return make_error_condition( owner_dead ); + # endif // EOWNERDEAD != ECONNABORTED + case EPERM: return make_error_condition( operation_not_permitted ); + case EPIPE: return make_error_condition( broken_pipe ); + case EPROTO: return make_error_condition( protocol_error ); + case EPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); + case EPROTOTYPE: return make_error_condition( wrong_protocol_type ); + case ERANGE: return make_error_condition( result_out_of_range ); + case EROFS: return make_error_condition( read_only_file_system ); + case ESPIPE: return make_error_condition( invalid_seek ); + case ESRCH: return make_error_condition( no_such_process ); + case ETIME: return make_error_condition( stream_timeout ); + case ETIMEDOUT: return make_error_condition( timed_out ); + case ETXTBSY: return make_error_condition( text_file_busy ); + # if EAGAIN != EWOULDBLOCK + case EWOULDBLOCK: return make_error_condition( operation_would_block ); + # endif // EAGAIN != EWOULDBLOCK + case EXDEV: return make_error_condition( cross_device_link ); + #else + // Windows system -> posix_errno decode table ---------------------------// + // see WinError.h comments for descriptions of errors + case ERROR_ACCESS_DENIED: return make_error_condition( permission_denied ); + case ERROR_ALREADY_EXISTS: return make_error_condition( file_exists ); + case ERROR_BAD_UNIT: return make_error_condition( no_such_device ); + case ERROR_BUFFER_OVERFLOW: return make_error_condition( filename_too_long ); + case ERROR_BUSY: return make_error_condition( device_or_resource_busy ); + case ERROR_BUSY_DRIVE: return make_error_condition( device_or_resource_busy ); + case ERROR_CANNOT_MAKE: return make_error_condition( permission_denied ); + case ERROR_CANTOPEN: return make_error_condition( io_error ); + case ERROR_CANTREAD: return make_error_condition( io_error ); + case ERROR_CANTWRITE: return make_error_condition( io_error ); + case ERROR_CURRENT_DIRECTORY: return make_error_condition( permission_denied ); + case ERROR_DEV_NOT_EXIST: return make_error_condition( no_such_device ); + case ERROR_DEVICE_IN_USE: return make_error_condition( device_or_resource_busy ); + case ERROR_DIR_NOT_EMPTY: return make_error_condition( directory_not_empty ); + case ERROR_DIRECTORY: return make_error_condition( invalid_argument ); // WinError.h: "The directory name is invalid" + case ERROR_DISK_FULL: return make_error_condition( no_space_on_device ); + case ERROR_FILE_EXISTS: return make_error_condition( file_exists ); + case ERROR_FILE_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); + case ERROR_HANDLE_DISK_FULL: return make_error_condition( no_space_on_device ); + case ERROR_INVALID_ACCESS: return make_error_condition( permission_denied ); + case ERROR_INVALID_DRIVE: return make_error_condition( no_such_device ); + case ERROR_INVALID_FUNCTION: return make_error_condition( function_not_supported ); + case ERROR_INVALID_HANDLE: return make_error_condition( invalid_argument ); + case ERROR_INVALID_NAME: return make_error_condition( invalid_argument ); + case ERROR_LOCK_VIOLATION: return make_error_condition( no_lock_available ); + case ERROR_LOCKED: return make_error_condition( no_lock_available ); + case ERROR_NEGATIVE_SEEK: return make_error_condition( invalid_argument ); + case ERROR_NOACCESS: return make_error_condition( permission_denied ); + case ERROR_NOT_ENOUGH_MEMORY: return make_error_condition( not_enough_memory ); + case ERROR_NOT_READY: return make_error_condition( resource_unavailable_try_again ); + case ERROR_NOT_SAME_DEVICE: return make_error_condition( cross_device_link ); + case ERROR_OPEN_FAILED: return make_error_condition( io_error ); + case ERROR_OPEN_FILES: return make_error_condition( device_or_resource_busy ); + case ERROR_OPERATION_ABORTED: return make_error_condition( operation_canceled ); + case ERROR_OUTOFMEMORY: return make_error_condition( not_enough_memory ); + case ERROR_PATH_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); + case ERROR_READ_FAULT: return make_error_condition( io_error ); + case ERROR_RETRY: return make_error_condition( resource_unavailable_try_again ); + case ERROR_SEEK: return make_error_condition( io_error ); + case ERROR_SHARING_VIOLATION: return make_error_condition( permission_denied ); + case ERROR_TOO_MANY_OPEN_FILES: return make_error_condition( too_many_files_open ); + case ERROR_WRITE_FAULT: return make_error_condition( io_error ); + case ERROR_WRITE_PROTECT: return make_error_condition( permission_denied ); + case WSAEACCES: return make_error_condition( permission_denied ); + case WSAEADDRINUSE: return make_error_condition( address_in_use ); + case WSAEADDRNOTAVAIL: return make_error_condition( address_not_available ); + case WSAEAFNOSUPPORT: return make_error_condition( address_family_not_supported ); + case WSAEALREADY: return make_error_condition( connection_already_in_progress ); + case WSAEBADF: return make_error_condition( bad_file_descriptor ); + case WSAECONNABORTED: return make_error_condition( connection_aborted ); + case WSAECONNREFUSED: return make_error_condition( connection_refused ); + case WSAECONNRESET: return make_error_condition( connection_reset ); + case WSAEDESTADDRREQ: return make_error_condition( destination_address_required ); + case WSAEFAULT: return make_error_condition( bad_address ); + case WSAEHOSTUNREACH: return make_error_condition( host_unreachable ); + case WSAEINPROGRESS: return make_error_condition( operation_in_progress ); + case WSAEINTR: return make_error_condition( interrupted ); + case WSAEINVAL: return make_error_condition( invalid_argument ); + case WSAEISCONN: return make_error_condition( already_connected ); + case WSAEMFILE: return make_error_condition( too_many_files_open ); + case WSAEMSGSIZE: return make_error_condition( message_size ); + case WSAENAMETOOLONG: return make_error_condition( filename_too_long ); + case WSAENETDOWN: return make_error_condition( network_down ); + case WSAENETRESET: return make_error_condition( network_reset ); + case WSAENETUNREACH: return make_error_condition( network_unreachable ); + case WSAENOBUFS: return make_error_condition( no_buffer_space ); + case WSAENOPROTOOPT: return make_error_condition( no_protocol_option ); + case WSAENOTCONN: return make_error_condition( not_connected ); + case WSAENOTSOCK: return make_error_condition( not_a_socket ); + case WSAEOPNOTSUPP: return make_error_condition( operation_not_supported ); + case WSAEPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); + case WSAEPROTOTYPE: return make_error_condition( wrong_protocol_type ); + case WSAETIMEDOUT: return make_error_condition( timed_out ); + case WSAEWOULDBLOCK: return make_error_condition( operation_would_block ); + #endif + default: return error_condition( ev, system_category() ); + } + } + +# if !defined( BOOST_WINDOWS_API ) + + std::string system_error_category::message( int ev ) const + { + return generic_category().message( ev ); + } +# else + + std::string system_error_category::message( int ev ) const + { +# ifndef BOOST_NO_ANSI_APIS + LPVOID lpMsgBuf = 0; + DWORD retval = ::FormatMessageA( + FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + ev, + MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language + (LPSTR) &lpMsgBuf, + 0, + NULL + ); + detail::local_free_on_destruction lfod(lpMsgBuf); + if (retval == 0) + return std::string("Unknown error"); + + std::string str( static_cast(lpMsgBuf) ); +# else // WinCE workaround + LPVOID lpMsgBuf = 0; + DWORD retval = ::FormatMessageW( + FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + ev, + MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language + (LPWSTR) &lpMsgBuf, + 0, + NULL + ); + detail::local_free_on_destruction lfod(lpMsgBuf); + if (retval == 0) + return std::string("Unknown error"); + + int num_chars = (wcslen( static_cast(lpMsgBuf) ) + 1) * 2; + LPSTR narrow_buffer = (LPSTR)_alloca( num_chars ); + if (::WideCharToMultiByte(CP_ACP, 0, static_cast(lpMsgBuf), -1, narrow_buffer, num_chars, NULL, NULL) == 0) + return std::string("Unknown error"); + + std::string str( narrow_buffer ); +# endif + while ( str.size() + && (str[str.size()-1] == '\n' || str[str.size()-1] == '\r') ) + str.erase( str.size()-1 ); + if ( str.size() && str[str.size()-1] == '.' ) + { str.erase( str.size()-1 ); } + return str; + } +# endif + +} // unnamed namespace + +namespace boost +{ + namespace system + { + +# ifndef BOOST_SYSTEM_NO_DEPRECATED + BOOST_SYSTEM_DECL error_code throws; // "throw on error" special error_code; + // note that it doesn't matter if this + // isn't initialized before use since + // the only use is to take its + // address for comparison purposes +# endif + + BOOST_SYSTEM_DECL const error_category & system_category() + { + static const system_error_category system_category_const; + return system_category_const; + } + + BOOST_SYSTEM_DECL const error_category & generic_category() + { + static const generic_error_category generic_category_const; + return generic_category_const; + } + + } // namespace system +} // namespace boost diff --git a/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml b/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml deleted file mode 100644 index 6eace130..00000000 --- a/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - VpnDialog Xposed Module - Select the apps that should be allowed to use the VpnService API without user confirmation - No Apps using the VPNService API found - - -- cgit v1.2.3 From 582758a34f6fd82ad1071bf9a196f0fa048689e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 11:30:28 +0100 Subject: Working on Android 5. Beware! https://code.google.com/p/android/issues/detail?id=80074: Wrong VpnService.prepare() behavior after re-installation of the VPN app on Android 5.0 "The following steps will cause incorrect behavior of the VpnService.prepare(): 1. Establish VPN connection using any VPN app. VpnService.prepare() will return an intent for the "Connection request" system activity. Once user accepts it, VPN connection can be established successfully. 2. Uninstall VPN app. 3. Re-install the same VPN app. 4. Now VpnService.prepare() returns null, as if the VPN service has been already prepared. 5. Now VpnService.protect() returns false and VPN connection fails. Device reboot is needed in order to be able to establish VPN connection again." --- .../java/se/leap/bitmaskclient/ProviderAPI.java | 20 +++--- .../main/java/se/leap/bitmaskclient/Dashboard.java | 72 +++++++++++++--------- .../se/leap/bitmaskclient/EipServiceFragment.java | 21 ++----- .../java/se/leap/bitmaskclient/eip/Constants.java | 1 - .../main/java/se/leap/bitmaskclient/eip/EIP.java | 28 ++++----- .../java/se/leap/bitmaskclient/ProviderAPI.java | 21 +++---- 6 files changed, 80 insertions(+), 83 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index 9ac5ff66..f47510bc 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -62,11 +62,11 @@ public class ProviderAPI extends IntentService { ; final public static int - SRP_AUTHENTICATION_SUCCESSFUL = 3, - SRP_AUTHENTICATION_FAILED = 4, - SRP_REGISTRATION_SUCCESSFUL = 5, - SRP_REGISTRATION_FAILED = 6, - LOGOUT_SUCCESSFUL = 7, + SUCCESSFUL_LOGIN = 3, + FAILED_LOGIN = 4, + SUCCESSFUL_SIGNUP = 5, + FAILED_SIGNUP = 6, + SUCCESSFUL_LOGOUT = 7, LOGOUT_FAILED = 8, CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, @@ -142,20 +142,20 @@ public class ProviderAPI extends IntentService { } else if (action.equalsIgnoreCase(SRP_REGISTER)) { Bundle session_id_bundle = tryToRegister(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { - receiver.send(SRP_REGISTRATION_SUCCESSFUL, session_id_bundle); + receiver.send(SUCCESSFUL_SIGNUP, session_id_bundle); } else { - receiver.send(SRP_REGISTRATION_FAILED, session_id_bundle); + receiver.send(FAILED_SIGNUP, session_id_bundle); } } else if (action.equalsIgnoreCase(SRP_AUTH)) { Bundle session_id_bundle = tryToAuthenticate(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { - receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, session_id_bundle); + receiver.send(SUCCESSFUL_LOGIN, session_id_bundle); } else { - receiver.send(SRP_AUTHENTICATION_FAILED, session_id_bundle); + receiver.send(FAILED_LOGIN, session_id_bundle); } } else if (action.equalsIgnoreCase(LOG_OUT)) { if(logOut()) { - receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); + receiver.send(SUCCESSFUL_LOGOUT, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); } diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 3ecf5e52..862086eb 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -16,6 +16,7 @@ */ package se.leap.bitmaskclient; +import android.annotation.SuppressLint; import android.app.Activity; import android.app.AlertDialog; import android.app.DialogFragment; @@ -34,6 +35,7 @@ import android.view.MenuItem; import android.widget.ProgressBar; import android.widget.TextView; +import org.jetbrains.annotations.NotNull; import org.json.JSONException; import org.json.JSONObject; @@ -48,7 +50,7 @@ import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.eip.EipStatus; /** - * The main user facing Activity of LEAP Android, consisting of status, controls, + * The main user facing Activity of Bitmask Android, consisting of status, controls, * and access to preferences. * * @author Sean Leonard @@ -81,7 +83,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn public ProviderAPIResultReceiver providerAPI_result_receiver; @Override - protected void onSaveInstanceState(Bundle outState) { + protected void onSaveInstanceState(@NotNull Bundle outState) { if(provider != null) outState.putParcelable(Provider.KEY, provider); super.onSaveInstanceState(outState); @@ -99,24 +101,36 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - if(savedInstanceState != null) - provider = savedInstanceState.getParcelable(Provider.KEY); - if(provider == null && preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) - try { - provider = new Provider(new URL(preferences.getString(Provider.MAIN_URL, ""))); - provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); - } catch (MalformedURLException e) { - e.printStackTrace(); - } catch (JSONException e) { - e.printStackTrace(); - } - + provider = getSavedProvider(savedInstanceState); if (provider == null || provider.getName().isEmpty()) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); } + private Provider getSavedProvider(Bundle savedInstanceState) { + Provider provider = null; + if(savedInstanceState != null) + provider = savedInstanceState.getParcelable(Provider.KEY); + else if(preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) + provider = getSavedProviderFromSharedPreferences(); + + return provider; + } + + private Provider getSavedProviderFromSharedPreferences() { + Provider provider = null; + try { + provider = new Provider(new URL(preferences.getString(Provider.MAIN_URL, ""))); + provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); + } catch (MalformedURLException | JSONException e) { + e.printStackTrace(); + } + + return provider; + } + + private void handleVersion() { try { int versionCode = getPackageManager().getPackageInfo(getPackageName(), 0).versionCode; @@ -140,13 +154,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn } } + @SuppressLint("CommitPrefEdits") @Override protected void onActivityResult(int requestCode, int resultCode, Intent data){ Log.d(TAG, "onActivityResult: requestCode = " + requestCode); if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { - // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { if ( resultCode == RESULT_OK ) { - preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); @@ -205,7 +218,6 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn ButterKnife.inject(this); provider_name.setText(provider.getDomain()); - if ( provider.hasEIP()){ fragment_manager.removePreviousFragment(EipServiceFragment.TAG); @@ -412,16 +424,16 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn @Override public void onReceiveResult(int resultCode, Bundle resultData) { Log.d(TAG, "onReceiveResult"); - if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL) { + if(resultCode == ProviderAPI.SUCCESSFUL_SIGNUP) { String username = resultData.getString(SessionDialog.USERNAME); String password = resultData.getString(SessionDialog.PASSWORD); logIn(username, password); - } else if(resultCode == ProviderAPI.SRP_REGISTRATION_FAILED) { + } else if(resultCode == ProviderAPI.FAILED_SIGNUP) { changeStatusMessage(resultCode); hideProgressBar(); signUpDialog(resultData); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL) { + } else if(resultCode == ProviderAPI.SUCCESSFUL_LOGIN) { changeStatusMessage(resultCode); hideProgressBar(); @@ -431,12 +443,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); downloadAuthedUserCertificate(); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { + } else if(resultCode == ProviderAPI.FAILED_LOGIN) { changeStatusMessage(resultCode); hideProgressBar(); logInDialog(resultData); - } else if(resultCode == ProviderAPI.LOGOUT_SUCCESSFUL) { + } else if(resultCode == ProviderAPI.SUCCESSFUL_LOGOUT) { changeStatusMessage(resultCode); hideProgressBar(); @@ -477,7 +489,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn } } }; - updateEIP.putExtra(Constants.RECEIVER_TAG, receiver); + //updateEIP.putExtra(Constants.RECEIVER_TAG, receiver); startService(updateEIP); } @@ -491,11 +503,11 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn if (resultCode == Activity.RESULT_OK){ switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.SUCCESSFUL_LOGIN: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.FAILED_LOGIN: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.authed_secured_status); break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.SUCCESSFUL_LOGOUT: eip_fragment.status_message.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } @@ -504,12 +516,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; - case ProviderAPI.SRP_REGISTRATION_FAILED: eip_fragment.status_message.setText(R.string.registration_failed_message); break; + case ProviderAPI.SUCCESSFUL_LOGIN: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.FAILED_LOGIN: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.FAILED_SIGNUP: eip_fragment.status_message.setText(R.string.registration_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.SUCCESSFUL_LOGOUT: eip_fragment.status_message.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 904aa31d..acfc967b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -139,7 +139,7 @@ public class EipServiceFragment extends Fragment implements Observer { private boolean canStartEIP() { boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); - return (isAllowedAnon || certificateExists) && !eip_status.isConnected(); + return (isAllowedAnon || certificateExists) && !eip_status.isConnected() && !eip_status.isConnecting(); } private boolean canLogInToStartEIP() { @@ -275,19 +275,13 @@ public class EipServiceFragment extends Fragment implements Observer { adjustSwitch(); } - protected void setStatusMessage(String status) { - if(status_message == null) - status_message = (TextView) parent_activity.findViewById(R.id.status_message); - status_message.setText(status); - } - private void hideProgressBar() { if(progress_bar != null) progress_bar.setVisibility(View.GONE); } protected class EIPReceiver extends ResultReceiver { - + protected EIPReceiver(Handler handler){ super(handler); } @@ -295,17 +289,14 @@ public class EipServiceFragment extends Fragment implements Observer { @Override protected void onReceiveResult(int resultCode, Bundle resultData) { super.onReceiveResult(resultCode, resultData); - + String request = resultData.getString(Constants.REQUEST_TAG); if (request.equals(Constants.ACTION_START_EIP)) { switch (resultCode){ case Activity.RESULT_OK: - Log.d(TAG, "Action start eip = Result OK"); - progress_bar.setVisibility(View.VISIBLE); break; case Activity.RESULT_CANCELED: - progress_bar.setVisibility(View.GONE); break; } } else if (request.equals(Constants.ACTION_STOP_EIP)) { @@ -336,13 +327,13 @@ public class EipServiceFragment extends Fragment implements Observer { status_message.setText(getString(R.string.updating_certificate_message)); if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { dashboard.logInDialog(Bundle.EMPTY); - } else { + } else { Intent provider_API_command = new Intent(parent_activity, ProviderAPI.class); if(dashboard.providerAPI_result_receiver == null) { dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); dashboard.providerAPI_result_receiver.setReceiver(dashboard); } - + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver); parent_activity.startService(provider_API_command); @@ -352,7 +343,7 @@ public class EipServiceFragment extends Fragment implements Observer { } } } - + public static EIPReceiver getReceiver() { return mEIPReceiver; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index 01a83d5f..12c2e015 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -39,7 +39,6 @@ public interface Constants { public final static String CERTIFICATE = "cert"; public final static String PRIVATE_KEY = TAG + ".PRIVATE_KEY"; public final static String KEY = TAG + ".KEY"; - public final static String PARSED_SERIAL = TAG + ".PARSED_SERIAL"; public final static String RECEIVER_TAG = TAG + ".RECEIVER_TAG"; public final static String REQUEST_TAG = TAG + ".REQUEST_TAG"; public final static String START_BLOCKING_VPN_PROFILE = TAG + ".START_BLOCKING_VPN_PROFILE"; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 4363dd13..0713e521 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -22,6 +22,7 @@ import android.content.Context; import android.content.Intent; import android.content.SharedPreferences; import android.os.Bundle; +import android.os.Handler; import android.os.ResultReceiver; import android.util.Log; @@ -38,7 +39,6 @@ import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.ProfileManager; import se.leap.bitmaskclient.Dashboard; import se.leap.bitmaskclient.EipServiceFragment; -import se.leap.bitmaskclient.Provider; import static se.leap.bitmaskclient.eip.Constants.ACTION_CHECK_CERT_VALIDITY; import static se.leap.bitmaskclient.eip.Constants.ACTION_IS_EIP_RUNNING; @@ -65,20 +65,19 @@ public final class EIP extends IntentService { public final static String TAG = EIP.class.getSimpleName(); public final static String SERVICE_API_PATH = "config/eip-service.json"; - public static final int DISCONNECT = 15; private static Context context; private static ResultReceiver mReceiver; private static SharedPreferences preferences; - private static JSONObject eip_definition = null; + private static JSONObject eip_definition; private static List gateways = new ArrayList(); private static ProfileManager profile_manager; - private static Gateway activeGateway = null; + private static Gateway gateway; public EIP(){ - super("LEAPEIP"); + super(TAG); } @Override @@ -117,13 +116,15 @@ public final class EIP extends IntentService { private void startEIP() { if(gateways.isEmpty()) updateEIPService(); - GatewaySelector gateway_selector = new GatewaySelector(gateways); - activeGateway = gateway_selector.select(); - if(activeGateway != null && activeGateway.getProfile() != null) { + earlyRoutes(); + + GatewaySelector gateway_selector = new GatewaySelector(gateways); + gateway = gateway_selector.select(); + if(gateway != null && gateway.getProfile() != null) { mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); } - earlyRoutes(); + tellToReceiver(ACTION_START_EIP, Activity.RESULT_OK); } /** @@ -140,16 +141,11 @@ public final class EIP extends IntentService { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.getProfile().getName() ); + intent.putExtra(LaunchVPN.EXTRA_NAME, gateway.getProfile().getName()); intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); - intent.putExtra(RECEIVER_TAG, mReceiver); startActivity(intent); } - - /** - * Disconnects the EIP connection gracefully through the bound service or forcefully - * if there is no bound service. Sends a message to the requesting ResultReceiver. - */ + private void stopEIP() { EipStatus eip_status = EipStatus.getInstance(); Log.d(TAG, "stopEip(): eip is connected? " + eip_status.isConnected()); diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index f5f27247..f1cb84d6 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -63,12 +63,11 @@ public class ProviderAPI extends IntentService { ; final public static int - CUSTOM_PROVIDER_ADDED = 0, - SRP_AUTHENTICATION_SUCCESSFUL = 3, - SRP_AUTHENTICATION_FAILED = 4, - SRP_REGISTRATION_SUCCESSFUL = 5, - SRP_REGISTRATION_FAILED = 6, - LOGOUT_SUCCESSFUL = 7, + SUCCESSFUL_LOGIN = 3, + FAILED_LOGIN = 4, + SUCCESSFUL_SIGNUP = 5, + FAILED_SIGNUP = 6, + SUCCESSFUL_LOGOUT = 7, LOGOUT_FAILED = 8, CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, @@ -140,20 +139,20 @@ public class ProviderAPI extends IntentService { } else if (action.equalsIgnoreCase(SRP_REGISTER)) { Bundle result = tryToRegister(parameters); if(result.getBoolean(RESULT_KEY)) { - receiver.send(SRP_REGISTRATION_SUCCESSFUL, result); + receiver.send(SUCCESSFUL_SIGNUP, result); } else { - receiver.send(SRP_REGISTRATION_FAILED, result); + receiver.send(FAILED_SIGNUP, result); } } else if (action.equalsIgnoreCase(SRP_AUTH)) { Bundle result = tryToAuthenticate(parameters); if(result.getBoolean(RESULT_KEY)) { - receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, result); + receiver.send(SUCCESSFUL_LOGIN, result); } else { - receiver.send(SRP_AUTHENTICATION_FAILED, result); + receiver.send(FAILED_LOGIN, result); } } else if (action.equalsIgnoreCase(LOG_OUT)) { if(logOut()) { - receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); + receiver.send(SUCCESSFUL_LOGOUT, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); } -- cgit v1.2.3 From ceb9128fcd03aba3454faa3979f45490252749b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 12:45:50 +0100 Subject: Starting to connect EIP means ConnectedUI --- .../java/se/leap/bitmaskclient/EipServiceFragment.java | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index acfc967b..1b40c94c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -47,6 +47,7 @@ public class EipServiceFragment extends Fragment implements Observer { private static Activity parent_activity; private static EIPReceiver mEIPReceiver; private static EipStatus eip_status; + private boolean is_starting_to_connect; @Override public void onAttach(Activity activity) { @@ -178,6 +179,7 @@ public class EipServiceFragment extends Fragment implements Observer { } public void startEipFromScratch() { + is_starting_to_connect = true; progress_bar.setVisibility(View.VISIBLE); eip_switch.setVisibility(View.VISIBLE); String status = parent_activity.getString(R.string.eip_status_start_pending); @@ -230,18 +232,19 @@ public class EipServiceFragment extends Fragment implements Observer { Log.d(TAG, "handleNewState: " + eip_status.toString()); if(eip_status.wantsToDisconnect()) setDisconnectedUI(); + else if(eip_status.isConnecting() || is_starting_to_connect) + setInProgressUI(eip_status); else if (eip_status.isConnected()) setConnectedUI(); else if (eip_status.isDisconnected() && !eip_status.isConnecting()) setDisconnectedUI(); - else - setInProgressUI(eip_status); } private void setConnectedUI() { hideProgressBar(); Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); adjustSwitch(); + is_starting_to_connect = false; status_message.setText(parent_activity.getString(R.string.eip_state_connected)); } @@ -252,14 +255,14 @@ public class EipServiceFragment extends Fragment implements Observer { } private void adjustSwitch() { - if(eip_status.isConnected() || eip_status.isConnecting()) { - Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked? " + eip_switch.isChecked()); + if(eip_status.isConnected() || eip_status.isConnecting() || is_starting_to_connect) { + Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked"); if(!eip_switch.isChecked()) { eip_switch.setChecked(true); } } else { Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); - + if(eip_switch.isChecked()) { eip_switch.setChecked(false); } @@ -272,6 +275,7 @@ public class EipServiceFragment extends Fragment implements Observer { String prefix = parent_activity.getString(localizedResId); status_message.setText(prefix + " " + logmessage); + is_starting_to_connect = false; adjustSwitch(); } -- cgit v1.2.3 From 6e8255ffde3e71b8e0c651f23f570dd1ff6f6085 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 15:51:02 +0100 Subject: Don't updateIcsOpenVpn each build. --- app/build.gradle | 10 ++-------- app/src/main/res/values/untranslatable.xml | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+), 8 deletions(-) (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 5f739419..7d6d0a2c 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -164,7 +164,7 @@ task mergeUntranslatable( type: Copy, dependsOn: 'removeDuplicatedStrings') { delete ics_openvpn_untranslatable } -task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { +task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') << { from('../ics-openvpn-stripped/main/src/') { include 'openvpn/**' include 'openssl/**' @@ -177,13 +177,7 @@ task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { } task buildNative ( type: Exec ) { - commandLine 'sh', 'misc/build-native.sh', 'USE_BREAKPAD=0', '-j 8' } -preBuild.dependsOn buildNative - -//assembleRelease.dependsOn connectedCheck -afterEvaluate { - //installRelease.dependsOn connectedCheck -} +preBuild.dependsOn buildNative \ No newline at end of file diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 349c94fc..82147ab5 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -3129,6 +3129,26 @@ + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From 33c5958a18599267820f73b151d8161d83f93d88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 16:07:29 +0100 Subject: Duplicated folder. --- app/src/ovpn3/Android.mk | 40 -- app/src/ovpn3/boostsrc/error_code.cpp | 430 --------------------- .../de/blinkt/openvpn/core/OpenVPNThreadv3.java | 275 ------------- 3 files changed, 745 deletions(-) delete mode 100644 app/src/ovpn3/Android.mk delete mode 100644 app/src/ovpn3/boostsrc/error_code.cpp delete mode 100644 app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java (limited to 'app') diff --git a/app/src/ovpn3/Android.mk b/app/src/ovpn3/Android.mk deleted file mode 100644 index 7f037ac0..00000000 --- a/app/src/ovpn3/Android.mk +++ /dev/null @@ -1,40 +0,0 @@ -LOCAL_PATH:= $(call my-dir)/ - -include $(CLEAR_VARS) - -LOCAL_LDLIBS := -lz -LOCAL_C_INCLUDES := openssl/include lzo/include openssl/crypto openssl openvpn/src/compat openvpn3/client openvpn3 boost_1_55_0 polarssl/include snappy -LOCAL_CPP_FEATURES += exceptions rtti - -#LOCAL_SHARED_LIBRARIES := libssl libcrypto -LOCAL_SHARED_LIBRARIES := polarssl-dynamic -#LOCAL_STATIC_LIBRARIES := libssl_static libcrypto_static liblzo-static -LOCAL_STATIC_LIBRARIES := liblzo-static snappy-static - -#LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_OPENSSL -DOPENSSL_NO_ENGINE -LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_POLARSSL -DHAVE_SNAPPY -DHAVE_LZO - -#ifneq ($(TARGET_ARCH),mips) -#LOCAL_STATIC_LIBRARIES += breakpad_client -#LOCAL_CFLAGS += -DGOOGLE_BREAKPAD=1 -#endif - -LOCAL_MODULE = ovpn3 - -LOCAL_SRC_FILES:= \ - ../openvpn3/javacli/ovpncli_wrap.cxx \ - boostsrc/error_code.cpp \ - ../openvpn3/client/ovpncli.cpp \ - - -#ifneq ($(TARGET_ARCH),mips) -#LOCAL_SRC_FILES+=src/openvpn/breakpad.cpp -#endif - - - -include $(BUILD_SHARED_LIBRARY) -#include $(BUILD_EXECUTABLE) - - - diff --git a/app/src/ovpn3/boostsrc/error_code.cpp b/app/src/ovpn3/boostsrc/error_code.cpp deleted file mode 100644 index 6772d154..00000000 --- a/app/src/ovpn3/boostsrc/error_code.cpp +++ /dev/null @@ -1,430 +0,0 @@ -// error_code support implementation file ----------------------------------// - -// Copyright Beman Dawes 2002, 2006 - -// Distributed under the Boost Software License, Version 1.0. (See accompanying -// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) - -// See library home page at http://www.boost.org/libs/system - -//----------------------------------------------------------------------------// - -#include - -// define BOOST_SYSTEM_SOURCE so that knows -// the library is being built (possibly exporting rather than importing code) -#define BOOST_SYSTEM_SOURCE - -#include -#include -#include -#include -#include -#include - -using namespace boost::system; -using namespace boost::system::errc; - -#include // for strerror/strerror_r - -# if defined( BOOST_WINDOWS_API ) -# include -# include "local_free_on_destruction.hpp" -# ifndef ERROR_INCORRECT_SIZE -# define ERROR_INCORRECT_SIZE ERROR_BAD_ARGUMENTS -# endif -# endif - -//----------------------------------------------------------------------------// - -namespace -{ -#if defined(__PGI) - using boost::system::errc::invalid_argument; -#endif - // standard error categories ---------------------------------------------// - - class generic_error_category : public error_category - { - public: - generic_error_category(){} - const char * name() const; - std::string message( int ev ) const; - }; - - class system_error_category : public error_category - { - public: - system_error_category(){} - const char * name() const; - std::string message( int ev ) const; - error_condition default_error_condition( int ev ) const; - }; - - // generic_error_category implementation ---------------------------------// - - const char * generic_error_category::name() const - { - return "generic"; - } - - std::string generic_error_category::message( int ev ) const - { - static std::string unknown_err( "Unknown error" ); - // strerror_r is preferred because it is always thread safe, - // however, we fallback to strerror in certain cases because: - // -- Windows doesn't provide strerror_r. - // -- HP and Sun do provide strerror_r on newer systems, but there is - // no way to tell if is available at runtime and in any case their - // versions of strerror are thread safe anyhow. - // -- Linux only sometimes provides strerror_r. - // -- Tru64 provides strerror_r only when compiled -pthread. - // -- VMS doesn't provide strerror_r, but on this platform, strerror is - // thread safe. - # if defined(BOOST_WINDOWS_API) || defined(__hpux) || defined(__sun)\ - || (defined(__linux) && (!defined(__USE_XOPEN2K) || defined(BOOST_SYSTEM_USE_STRERROR)))\ - || (defined(__osf__) && !defined(_REENTRANT))\ - || (defined(__INTEGRITY))\ - || (defined(__vms))\ - || (defined(__QNXNTO__)) - const char * c_str = std::strerror( ev ); - return c_str - ? std::string( c_str ) - : unknown_err; - # else // use strerror_r - char buf[64]; - char * bp = buf; - std::size_t sz = sizeof(buf); - # if defined(__CYGWIN__) || defined(__USE_GNU) - // Oddball version of strerror_r - const char * c_str = strerror_r( ev, bp, sz ); - return c_str - ? std::string( c_str ) - : unknown_err; - # else - // POSIX version of strerror_r - int result; - for (;;) - { - // strerror_r returns 0 on success, otherwise ERANGE if buffer too small, - // invalid_argument if ev not a valid error number - # if defined (__sgi) - const char * c_str = strerror( ev ); - result = 0; - return c_str - ? std::string( c_str ) - : unknown_err; - # else - result = strerror_r( ev, bp, sz ); - # endif - if (result == 0 ) - break; - else - { - # if defined(__linux) - // Linux strerror_r returns -1 on error, with error number in errno - result = errno; - # endif - if ( result != ERANGE ) break; - if ( sz > sizeof(buf) ) std::free( bp ); - sz *= 2; - if ( (bp = static_cast(std::malloc( sz ))) == 0 ) - return std::string( "ENOMEM" ); - } - } - std::string msg; - try - { - msg = ( ( result == invalid_argument ) ? "Unknown error" : bp ); - } - -# ifndef BOOST_NO_EXCEPTIONS - // See ticket #2098 - catch(...) - { - // just eat the exception - } -# endif - - if ( sz > sizeof(buf) ) std::free( bp ); - sz = 0; - return msg; - # endif // else POSIX version of strerror_r - # endif // else use strerror_r - } - // system_error_category implementation --------------------------------// - - const char * system_error_category::name() const - { - return "system"; - } - - error_condition system_error_category::default_error_condition( int ev ) const - { - switch ( ev ) - { - case 0: return make_error_condition( success ); -# if defined(BOOST_POSIX_API) - // POSIX-like O/S -> posix_errno decode table ---------------------------// - case E2BIG: return make_error_condition( argument_list_too_long ); - case EACCES: return make_error_condition( permission_denied ); - case EADDRINUSE: return make_error_condition( address_in_use ); - case EADDRNOTAVAIL: return make_error_condition( address_not_available ); - case EAFNOSUPPORT: return make_error_condition( address_family_not_supported ); - case EAGAIN: return make_error_condition( resource_unavailable_try_again ); -# if EALREADY != EBUSY // EALREADY and EBUSY are the same on QNX Neutrino - case EALREADY: return make_error_condition( connection_already_in_progress ); -# endif - case EBADF: return make_error_condition( bad_file_descriptor ); - case EBADMSG: return make_error_condition( bad_message ); - case EBUSY: return make_error_condition( device_or_resource_busy ); - case ECANCELED: return make_error_condition( operation_canceled ); - case ECHILD: return make_error_condition( no_child_process ); - case ECONNABORTED: return make_error_condition( connection_aborted ); - case ECONNREFUSED: return make_error_condition( connection_refused ); - case ECONNRESET: return make_error_condition( connection_reset ); - case EDEADLK: return make_error_condition( resource_deadlock_would_occur ); - case EDESTADDRREQ: return make_error_condition( destination_address_required ); - case EDOM: return make_error_condition( argument_out_of_domain ); - case EEXIST: return make_error_condition( file_exists ); - case EFAULT: return make_error_condition( bad_address ); - case EFBIG: return make_error_condition( file_too_large ); - case EHOSTUNREACH: return make_error_condition( host_unreachable ); - case EIDRM: return make_error_condition( identifier_removed ); - case EILSEQ: return make_error_condition( illegal_byte_sequence ); - case EINPROGRESS: return make_error_condition( operation_in_progress ); - case EINTR: return make_error_condition( interrupted ); - case EINVAL: return make_error_condition( invalid_argument ); - case EIO: return make_error_condition( io_error ); - case EISCONN: return make_error_condition( already_connected ); - case EISDIR: return make_error_condition( is_a_directory ); - case ELOOP: return make_error_condition( too_many_symbolic_link_levels ); - case EMFILE: return make_error_condition( too_many_files_open ); - case EMLINK: return make_error_condition( too_many_links ); - case EMSGSIZE: return make_error_condition( message_size ); - case ENAMETOOLONG: return make_error_condition( filename_too_long ); - case ENETDOWN: return make_error_condition( network_down ); - case ENETRESET: return make_error_condition( network_reset ); - case ENETUNREACH: return make_error_condition( network_unreachable ); - case ENFILE: return make_error_condition( too_many_files_open_in_system ); - case ENOBUFS: return make_error_condition( no_buffer_space ); - case ENODATA: return make_error_condition( no_message_available ); - case ENODEV: return make_error_condition( no_such_device ); - case ENOENT: return make_error_condition( no_such_file_or_directory ); - case ENOEXEC: return make_error_condition( executable_format_error ); - case ENOLCK: return make_error_condition( no_lock_available ); - case ENOLINK: return make_error_condition( no_link ); - case ENOMEM: return make_error_condition( not_enough_memory ); - case ENOMSG: return make_error_condition( no_message ); - case ENOPROTOOPT: return make_error_condition( no_protocol_option ); - case ENOSPC: return make_error_condition( no_space_on_device ); - case ENOSR: return make_error_condition( no_stream_resources ); - case ENOSTR: return make_error_condition( not_a_stream ); - case ENOSYS: return make_error_condition( function_not_supported ); - case ENOTCONN: return make_error_condition( not_connected ); - case ENOTDIR: return make_error_condition( not_a_directory ); - # if ENOTEMPTY != EEXIST // AIX treats ENOTEMPTY and EEXIST as the same value - case ENOTEMPTY: return make_error_condition( directory_not_empty ); - # endif // ENOTEMPTY != EEXIST - # if ENOTRECOVERABLE != ECONNRESET // the same on some Broadcom chips - case ENOTRECOVERABLE: return make_error_condition( state_not_recoverable ); - # endif // ENOTRECOVERABLE != ECONNRESET - case ENOTSOCK: return make_error_condition( not_a_socket ); - case ENOTSUP: return make_error_condition( not_supported ); - case ENOTTY: return make_error_condition( inappropriate_io_control_operation ); - case ENXIO: return make_error_condition( no_such_device_or_address ); - # if EOPNOTSUPP != ENOTSUP - case EOPNOTSUPP: return make_error_condition( operation_not_supported ); - # endif // EOPNOTSUPP != ENOTSUP - case EOVERFLOW: return make_error_condition( value_too_large ); - # if EOWNERDEAD != ECONNABORTED // the same on some Broadcom chips - case EOWNERDEAD: return make_error_condition( owner_dead ); - # endif // EOWNERDEAD != ECONNABORTED - case EPERM: return make_error_condition( operation_not_permitted ); - case EPIPE: return make_error_condition( broken_pipe ); - case EPROTO: return make_error_condition( protocol_error ); - case EPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); - case EPROTOTYPE: return make_error_condition( wrong_protocol_type ); - case ERANGE: return make_error_condition( result_out_of_range ); - case EROFS: return make_error_condition( read_only_file_system ); - case ESPIPE: return make_error_condition( invalid_seek ); - case ESRCH: return make_error_condition( no_such_process ); - case ETIME: return make_error_condition( stream_timeout ); - case ETIMEDOUT: return make_error_condition( timed_out ); - case ETXTBSY: return make_error_condition( text_file_busy ); - # if EAGAIN != EWOULDBLOCK - case EWOULDBLOCK: return make_error_condition( operation_would_block ); - # endif // EAGAIN != EWOULDBLOCK - case EXDEV: return make_error_condition( cross_device_link ); - #else - // Windows system -> posix_errno decode table ---------------------------// - // see WinError.h comments for descriptions of errors - case ERROR_ACCESS_DENIED: return make_error_condition( permission_denied ); - case ERROR_ALREADY_EXISTS: return make_error_condition( file_exists ); - case ERROR_BAD_UNIT: return make_error_condition( no_such_device ); - case ERROR_BUFFER_OVERFLOW: return make_error_condition( filename_too_long ); - case ERROR_BUSY: return make_error_condition( device_or_resource_busy ); - case ERROR_BUSY_DRIVE: return make_error_condition( device_or_resource_busy ); - case ERROR_CANNOT_MAKE: return make_error_condition( permission_denied ); - case ERROR_CANTOPEN: return make_error_condition( io_error ); - case ERROR_CANTREAD: return make_error_condition( io_error ); - case ERROR_CANTWRITE: return make_error_condition( io_error ); - case ERROR_CURRENT_DIRECTORY: return make_error_condition( permission_denied ); - case ERROR_DEV_NOT_EXIST: return make_error_condition( no_such_device ); - case ERROR_DEVICE_IN_USE: return make_error_condition( device_or_resource_busy ); - case ERROR_DIR_NOT_EMPTY: return make_error_condition( directory_not_empty ); - case ERROR_DIRECTORY: return make_error_condition( invalid_argument ); // WinError.h: "The directory name is invalid" - case ERROR_DISK_FULL: return make_error_condition( no_space_on_device ); - case ERROR_FILE_EXISTS: return make_error_condition( file_exists ); - case ERROR_FILE_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); - case ERROR_HANDLE_DISK_FULL: return make_error_condition( no_space_on_device ); - case ERROR_INVALID_ACCESS: return make_error_condition( permission_denied ); - case ERROR_INVALID_DRIVE: return make_error_condition( no_such_device ); - case ERROR_INVALID_FUNCTION: return make_error_condition( function_not_supported ); - case ERROR_INVALID_HANDLE: return make_error_condition( invalid_argument ); - case ERROR_INVALID_NAME: return make_error_condition( invalid_argument ); - case ERROR_LOCK_VIOLATION: return make_error_condition( no_lock_available ); - case ERROR_LOCKED: return make_error_condition( no_lock_available ); - case ERROR_NEGATIVE_SEEK: return make_error_condition( invalid_argument ); - case ERROR_NOACCESS: return make_error_condition( permission_denied ); - case ERROR_NOT_ENOUGH_MEMORY: return make_error_condition( not_enough_memory ); - case ERROR_NOT_READY: return make_error_condition( resource_unavailable_try_again ); - case ERROR_NOT_SAME_DEVICE: return make_error_condition( cross_device_link ); - case ERROR_OPEN_FAILED: return make_error_condition( io_error ); - case ERROR_OPEN_FILES: return make_error_condition( device_or_resource_busy ); - case ERROR_OPERATION_ABORTED: return make_error_condition( operation_canceled ); - case ERROR_OUTOFMEMORY: return make_error_condition( not_enough_memory ); - case ERROR_PATH_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); - case ERROR_READ_FAULT: return make_error_condition( io_error ); - case ERROR_RETRY: return make_error_condition( resource_unavailable_try_again ); - case ERROR_SEEK: return make_error_condition( io_error ); - case ERROR_SHARING_VIOLATION: return make_error_condition( permission_denied ); - case ERROR_TOO_MANY_OPEN_FILES: return make_error_condition( too_many_files_open ); - case ERROR_WRITE_FAULT: return make_error_condition( io_error ); - case ERROR_WRITE_PROTECT: return make_error_condition( permission_denied ); - case WSAEACCES: return make_error_condition( permission_denied ); - case WSAEADDRINUSE: return make_error_condition( address_in_use ); - case WSAEADDRNOTAVAIL: return make_error_condition( address_not_available ); - case WSAEAFNOSUPPORT: return make_error_condition( address_family_not_supported ); - case WSAEALREADY: return make_error_condition( connection_already_in_progress ); - case WSAEBADF: return make_error_condition( bad_file_descriptor ); - case WSAECONNABORTED: return make_error_condition( connection_aborted ); - case WSAECONNREFUSED: return make_error_condition( connection_refused ); - case WSAECONNRESET: return make_error_condition( connection_reset ); - case WSAEDESTADDRREQ: return make_error_condition( destination_address_required ); - case WSAEFAULT: return make_error_condition( bad_address ); - case WSAEHOSTUNREACH: return make_error_condition( host_unreachable ); - case WSAEINPROGRESS: return make_error_condition( operation_in_progress ); - case WSAEINTR: return make_error_condition( interrupted ); - case WSAEINVAL: return make_error_condition( invalid_argument ); - case WSAEISCONN: return make_error_condition( already_connected ); - case WSAEMFILE: return make_error_condition( too_many_files_open ); - case WSAEMSGSIZE: return make_error_condition( message_size ); - case WSAENAMETOOLONG: return make_error_condition( filename_too_long ); - case WSAENETDOWN: return make_error_condition( network_down ); - case WSAENETRESET: return make_error_condition( network_reset ); - case WSAENETUNREACH: return make_error_condition( network_unreachable ); - case WSAENOBUFS: return make_error_condition( no_buffer_space ); - case WSAENOPROTOOPT: return make_error_condition( no_protocol_option ); - case WSAENOTCONN: return make_error_condition( not_connected ); - case WSAENOTSOCK: return make_error_condition( not_a_socket ); - case WSAEOPNOTSUPP: return make_error_condition( operation_not_supported ); - case WSAEPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); - case WSAEPROTOTYPE: return make_error_condition( wrong_protocol_type ); - case WSAETIMEDOUT: return make_error_condition( timed_out ); - case WSAEWOULDBLOCK: return make_error_condition( operation_would_block ); - #endif - default: return error_condition( ev, system_category() ); - } - } - -# if !defined( BOOST_WINDOWS_API ) - - std::string system_error_category::message( int ev ) const - { - return generic_category().message( ev ); - } -# else - - std::string system_error_category::message( int ev ) const - { -# ifndef BOOST_NO_ANSI_APIS - LPVOID lpMsgBuf = 0; - DWORD retval = ::FormatMessageA( - FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - ev, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language - (LPSTR) &lpMsgBuf, - 0, - NULL - ); - detail::local_free_on_destruction lfod(lpMsgBuf); - if (retval == 0) - return std::string("Unknown error"); - - std::string str( static_cast(lpMsgBuf) ); -# else // WinCE workaround - LPVOID lpMsgBuf = 0; - DWORD retval = ::FormatMessageW( - FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - ev, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language - (LPWSTR) &lpMsgBuf, - 0, - NULL - ); - detail::local_free_on_destruction lfod(lpMsgBuf); - if (retval == 0) - return std::string("Unknown error"); - - int num_chars = (wcslen( static_cast(lpMsgBuf) ) + 1) * 2; - LPSTR narrow_buffer = (LPSTR)_alloca( num_chars ); - if (::WideCharToMultiByte(CP_ACP, 0, static_cast(lpMsgBuf), -1, narrow_buffer, num_chars, NULL, NULL) == 0) - return std::string("Unknown error"); - - std::string str( narrow_buffer ); -# endif - while ( str.size() - && (str[str.size()-1] == '\n' || str[str.size()-1] == '\r') ) - str.erase( str.size()-1 ); - if ( str.size() && str[str.size()-1] == '.' ) - { str.erase( str.size()-1 ); } - return str; - } -# endif - -} // unnamed namespace - -namespace boost -{ - namespace system - { - -# ifndef BOOST_SYSTEM_NO_DEPRECATED - BOOST_SYSTEM_DECL error_code throws; // "throw on error" special error_code; - // note that it doesn't matter if this - // isn't initialized before use since - // the only use is to take its - // address for comparison purposes -# endif - - BOOST_SYSTEM_DECL const error_category & system_category() - { - static const system_error_category system_category_const; - return system_category_const; - } - - BOOST_SYSTEM_DECL const error_category & generic_category() - { - static const generic_error_category generic_category_const; - return generic_category_const; - } - - } // namespace system -} // namespace boost diff --git a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java deleted file mode 100644 index e595106c..00000000 --- a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ /dev/null @@ -1,275 +0,0 @@ -package de.blinkt.openvpn.core; - -import net.openvpn.ovpn3.ClientAPI_Config; -import net.openvpn.ovpn3.ClientAPI_EvalConfig; -import net.openvpn.ovpn3.ClientAPI_Event; -import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest; -import net.openvpn.ovpn3.ClientAPI_ExternalPKISignRequest; -import net.openvpn.ovpn3.ClientAPI_LogInfo; -import net.openvpn.ovpn3.ClientAPI_OpenVPNClient; -import net.openvpn.ovpn3.ClientAPI_ProvideCreds; -import net.openvpn.ovpn3.ClientAPI_Status; -import net.openvpn.ovpn3.ClientAPI_TransportStats; - -import java.lang.Override; - -import de.blinkt.openvpn.VpnProfile; - -import android.content.Context; - -public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement { - - static { - /*System.loadLibrary("crypto"); - System.loadLibrary("ssl");*/ - System.loadLibrary("polarssl-dynamic"); - System.loadLibrary("ovpn3"); - } - - private VpnProfile mVp; - private OpenVPNService mService; - - class StatusPoller implements Runnable - { - private long mSleeptime; - - boolean mStopped=false; - - public StatusPoller(long sleeptime) { - mSleeptime=sleeptime; - } - - public void run() { - while(!mStopped) { - try { - Thread.sleep(mSleeptime); - } catch (InterruptedException e) { - } - ClientAPI_TransportStats t = transport_stats(); - long in = t.getBytesIn(); - long out = t.getBytesOut(); - VpnStatus.updateByteCount(in, out); - } - } - - public void stop() { - mStopped=true; - } - } - - @Override - public void run() { - String configstr = mVp.getConfigFile((Context)mService,true); - if(!setConfig(configstr)) - return; - setUserPW(); - VpnStatus.logInfo(copyright()); - - StatusPoller statuspoller = new StatusPoller(5000); - new Thread(statuspoller,"Status Poller").start(); - - ClientAPI_Status status = connect(); - if(status.getError()) { - VpnStatus.logError(String.format("connect() error: %s: %s",status.getStatus(),status.getMessage())); - } else { - VpnStatus.logInfo("OpenVPN3 thread finished"); - } - statuspoller.stop(); - } - - @Override - public boolean tun_builder_set_remote_address(String address, boolean ipv6) { - mService.setMtu(1500); - return true; - } - - @Override - public boolean tun_builder_set_mtu(int mtu) { - mService.setMtu(mtu); - return true; - } - @Override - public boolean tun_builder_add_dns_server(String address, boolean ipv6) { - mService.addDNS(address); - return true; - } - - @Override - public boolean tun_builder_add_route(String address, int prefix_length, - boolean ipv6) { - if (address.equals("remote_host")) - return false; - - if(ipv6) - mService.addRoutev6(address + "/" + prefix_length,"tun"); - else - mService.addRoute(new CIDRIP(address, prefix_length)); - return true; - } - - @Override - public boolean tun_builder_add_search_domain(String domain) { - mService.setDomain(domain); - return true; - } - - @Override - public int tun_builder_establish() { - return mService.openTun().detachFd(); - } - - @Override - public boolean tun_builder_set_session_name(String name) { - VpnStatus.logInfo("We should call this session" + name); - return true; - } - - - - @Override - public boolean tun_builder_add_address(String address, int prefix_length, - boolean ipv6) { - if(!ipv6) - mService.setLocalIP(new CIDRIP(address, prefix_length)); - else - mService.setLocalIPv6(address+ "/" + prefix_length); - return true; - } - - @Override - public boolean tun_builder_new() { - - return true; - } - - @Override - public boolean tun_builder_reroute_gw(String server_address, - boolean server_address_ipv6, boolean ipv4, boolean ipv6, long flags) { - // ignore - return true; - } - - @Override - public boolean tun_builder_exclude_route(String address, int prefix_length, - boolean ipv6) { - //ignore - return true; - } - - - private boolean setConfig(String vpnconfig) { - - ClientAPI_Config config = new ClientAPI_Config(); - if(mVp.getPasswordPrivateKey()!=null) - config.setPrivateKeyPassword(mVp.getPasswordPrivateKey()); - - config.setContent(vpnconfig); - config.setTunPersist(mVp.mPersistTun); - config.setGuiVersion(mVp.getVersionEnvString(mService)); - config.setExternalPkiAlias("extpki"); - - ClientAPI_EvalConfig ec = eval_config(config); - if(ec.getExternalPki()) { - VpnStatus.logError("OpenVPN seem to think as external PKI"); - } - if (ec.getError()) { - VpnStatus.logError("OpenVPN config file parse error: " + ec.getMessage()); - return false; - } else { - config.setContent(vpnconfig); - return true; - } - } - - @Override - public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) { - VpnStatus.logError("EXT PKI CERT"); - String[] ks = mVp.getKeyStoreCertificates((Context) mService); - if(ks==null) { - certreq.setError(true); - certreq.setErrorText("Error in pki cert request"); - return; - } - - String supcerts = ks[0]; - /* FIXME: How to differentiate between chain and ca certs in OpenVPN 3? */ - if (ks[1]!=null) - supcerts += "\n" + ks[1]; - certreq.setSupportingChain(supcerts); - certreq.setCert(ks[2]); - certreq.setError(false); - } - - @Override - public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) { - signreq.setSig(mVp.getSignedData(signreq.getData())); - } - - void setUserPW() { - if(mVp.isUserPWAuth()) { - ClientAPI_ProvideCreds creds = new ClientAPI_ProvideCreds(); - creds.setCachePassword(true); - creds.setPassword(mVp.getPasswordAuth()); - creds.setUsername(mVp.mUsername); - provide_creds(creds); - } - } - - @Override - public boolean socket_protect(int socket) { - boolean b= mService.protect(socket); - return b; - - } - - public OpenVPNThreadv3(OpenVPNService openVpnService, VpnProfile vp) { - init_process(); - mVp =vp; - mService =openVpnService; - } - - @Override - public void pause(pauseReason pauseReason) - { - pause(); - } - - @Override - public void log(ClientAPI_LogInfo arg0) { - String logmsg =arg0.getText(); - while (logmsg.endsWith("\n")) - logmsg = logmsg.substring(0, logmsg.length()-1); - - VpnStatus.logInfo(logmsg); - } - - @Override - public void event(ClientAPI_Event event) { - VpnStatus.updateStateString(event.getName(), event.getInfo()); - if(event.getError()) - VpnStatus.logError(String.format("EVENT(Error): %s: %s",event.getName(),event.getInfo())); - } - - - // When a connection is close to timeout, the core will call this - // method. If it returns false, the core will disconnect with a - // CONNECTION_TIMEOUT event. If true, the core will enter a PAUSE - // state. - - @Override - public boolean pause_on_connection_timeout() { - VpnStatus.logInfo("pause on connection timeout?! "); - return true; - } - - public boolean stopVPN() { - stop(); - return true; - } - - @Override - public void reconnect() { - reconnect(1); - } - -} -- cgit v1.2.3 From f9b875c58f2a370b0c4727ed54cab46424bda603 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 17:49:00 +0100 Subject: 0.8.1 RC1 --- app/src/main/AndroidManifest.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index 6b548dbb..e8afa156 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -17,8 +17,8 @@ + android:versionCode="103" + android:versionName="0.8.1" > -- cgit v1.2.3 From 7e4fbc04427e31c96348b1424e93288d5495c789 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Fri, 26 Sep 2014 14:42:04 +0200 Subject: Readd original copyright --- app/src/main/res/layout/about.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'app') diff --git a/app/src/main/res/layout/about.xml b/app/src/main/res/layout/about.xml index ccb1ea26..2669caa3 100644 --- a/app/src/main/res/layout/about.xml +++ b/app/src/main/res/layout/about.xml @@ -27,6 +27,17 @@ android:autoLink="all" android:text="@string/copyright_leapgui" /> + + + + + -- cgit v1.2.3 From 8f178d430b50cb1eccec75facf99d94c3554a5c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 10 Dec 2014 08:12:25 +0100 Subject: Calyx and Riseup are preseeded providers. --- app/assets/urls/calyx.url | 3 +++ app/assets/urls/riseup.url | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 app/assets/urls/calyx.url create mode 100644 app/assets/urls/riseup.url (limited to 'app') diff --git a/app/assets/urls/calyx.url b/app/assets/urls/calyx.url new file mode 100644 index 00000000..8de04fe9 --- /dev/null +++ b/app/assets/urls/calyx.url @@ -0,0 +1,3 @@ +{ + "main_url" : "https://calyx.net/" +} diff --git a/app/assets/urls/riseup.url b/app/assets/urls/riseup.url new file mode 100644 index 00000000..4548b433 --- /dev/null +++ b/app/assets/urls/riseup.url @@ -0,0 +1,3 @@ +{ + "main_url" : "https://riseup.net/" +} -- cgit v1.2.3 From 8cad9be37713870882541ddd382cb94640142879 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 11 Dec 2014 12:59:33 +0100 Subject: No duplicates between preseeded and custom --- app/src/main/java/se/leap/bitmaskclient/Provider.java | 5 +++-- app/src/main/java/se/leap/bitmaskclient/ProviderManager.java | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index f22a4bfb..d7ff6633 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -35,6 +35,7 @@ import java.util.Locale; /** * @author Sean Leonard + * @author Parménides GV * */ public final class Provider implements Parcelable { @@ -187,7 +188,7 @@ public final class Provider implements Parcelable { public boolean equals(Object o) { if(o instanceof Provider) { Provider p = (Provider) o; - return p.mainUrl().equals(mainUrl()); + return p.mainUrl().getHost().equals(mainUrl().getHost()); } else return false; } @@ -203,6 +204,6 @@ public final class Provider implements Parcelable { @Override public int hashCode() { - return main_url.hashCode(); + return mainUrl().getHost().hashCode(); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java index 911144f7..69bd7c1e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java @@ -136,7 +136,8 @@ public class ProviderManager implements AdapteeCollection { @Override public void add(Provider element) { - custom_providers.add(element); + if(!default_providers.contains(element)) + custom_providers.add(element); } @Override -- cgit v1.2.3 From 9f146deb3448815fccc1637c00588e0dfb23293e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 20:45:55 +0100 Subject: Delete gateways from profilemanager and from list. --- app/src/main/java/se/leap/bitmaskclient/eip/EIP.java | 1 + 1 file changed, 1 insertion(+) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 0713e521..7db35c17 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -195,6 +195,7 @@ public final class EIP extends IntentService { private void deleteAllVpnProfiles() { Collection profiles = profile_manager.getProfiles(); profiles.removeAll(profiles); + gateways.clear(); } /** -- cgit v1.2.3 From 14692f1ad6ae6f6d3b07400c743352e4aed3f23a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 20:54:47 +0100 Subject: 0.8.0RC2 --- app/src/main/AndroidManifest.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index e8afa156..8df76712 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -17,7 +17,7 @@ -- cgit v1.2.3 From 132b62695b021b61d1774944a7bfa6e9166d3ea0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 16 Dec 2014 16:58:07 +0100 Subject: Update eip-service.json each EipFragment.onAttach --- .../java/se/leap/bitmaskclient/ProviderAPI.java | 34 +- .../main/java/se/leap/bitmaskclient/Dashboard.java | 19 +- .../java/se/leap/bitmaskclient/EipFragment.java | 354 ++++++++++++++++++++ .../se/leap/bitmaskclient/EipServiceFragment.java | 355 --------------------- .../java/se/leap/bitmaskclient/SessionDialog.java | 2 +- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 5 +- .../java/se/leap/bitmaskclient/ProviderAPI.java | 36 ++- 7 files changed, 414 insertions(+), 391 deletions(-) create mode 100644 app/src/main/java/se/leap/bitmaskclient/EipFragment.java delete mode 100644 app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index f47510bc..886d70a0 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -46,6 +46,7 @@ import se.leap.bitmaskclient.eip.*; public class ProviderAPI extends IntentService { final public static String + TAG = ProviderAPI.class.getSimpleName(), SET_UP_PROVIDER = "setUpProvider", DOWNLOAD_NEW_PROVIDER_DOTJSON = "downloadNewProviderDotJSON", SRP_REGISTER = "srpRegister", @@ -58,7 +59,7 @@ public class ProviderAPI extends IntentService { ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = ProviderAPI.class.getSimpleName() + DOWNLOAD_EIP_SERVICE = TAG + ".DOWNLOAD_EIP_SERVICE" ; final public static int @@ -71,7 +72,9 @@ public class ProviderAPI extends IntentService { CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, PROVIDER_OK = 11, - PROVIDER_NOK = 12 + PROVIDER_NOK = 12, + CORRECTLY_DOWNLOADED_EIP_SERVICE = 13, + INCORRECTLY_DOWNLOADED_EIP_SERVICE= 14 ; private static boolean @@ -82,12 +85,12 @@ public class ProviderAPI extends IntentService { private static String last_provider_main_url; private static boolean last_danger_on = false; - private static boolean setting_up_provider = true; + private static boolean go_ahead = true; private static SharedPreferences preferences; private static String provider_api_url; public static void stop() { - setting_up_provider = false; + go_ahead = false; } public ProviderAPI() { @@ -124,15 +127,15 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "no provider")); provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); - setting_up_provider = true; + go_ahead = true; } catch (JSONException e) { - setting_up_provider = false; + go_ahead = false; } } if(action.equalsIgnoreCase(SET_UP_PROVIDER)) { Bundle result = setUpProvider(parameters); - if(setting_up_provider) { + if(go_ahead) { if(result.getBoolean(RESULT_KEY)) { receiver.send(PROVIDER_OK, result); } else { @@ -165,7 +168,14 @@ public class ProviderAPI extends IntentService { } else { receiver.send(INCORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY); } - } + } else if(action.equalsIgnoreCase(DOWNLOAD_EIP_SERVICE)) { + Bundle result = getAndSetEipServiceJson(); + if(result.getBoolean(RESULT_KEY)) { + receiver.send(CORRECTLY_DOWNLOADED_EIP_SERVICE, result); + } else { + receiver.send(INCORRECTLY_DOWNLOADED_EIP_SERVICE, result); + } + } } private Bundle tryToRegister(Bundle task) { @@ -487,7 +497,7 @@ public class ProviderAPI extends IntentService { last_danger_on = task.getBoolean(ProviderItem.DANGER_ON); last_provider_main_url = task.getString(Provider.MAIN_URL); CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; - setting_up_provider = true; + go_ahead = true; } if(!PROVIDER_JSON_DOWNLOADED) @@ -518,7 +528,7 @@ public class ProviderAPI extends IntentService { String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI); String cert_string = downloadWithCommercialCA(ca_cert_url, danger_on); - if(validCertificate(cert_string) && setting_up_provider) { + if(validCertificate(cert_string) && go_ahead) { preferences.edit().putString(Provider.CA_CERT, cert_string).commit(); result.putBoolean(RESULT_KEY, true); } else { @@ -579,7 +589,7 @@ public class ProviderAPI extends IntentService { private Bundle getAndSetProviderJson(String provider_main_url, boolean danger_on) { Bundle result = new Bundle(); - if(setting_up_provider) { + if(go_ahead) { String provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on); try { @@ -606,7 +616,7 @@ public class ProviderAPI extends IntentService { private Bundle getAndSetEipServiceJson() { Bundle result = new Bundle(); String eip_service_json_string = ""; - if(setting_up_provider) { + if(go_ahead) { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); String eip_service_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH; diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 862086eb..cca9c63c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -77,7 +77,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn @InjectView(R.id.providerName) TextView provider_name; - EipServiceFragment eip_fragment; + EipFragment eip_fragment; private Provider provider; private static boolean authed_eip; public ProviderAPIResultReceiver providerAPI_result_receiver; @@ -220,17 +220,17 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn provider_name.setText(provider.getDomain()); if ( provider.hasEIP()){ - fragment_manager.removePreviousFragment(EipServiceFragment.TAG); - eip_fragment = new EipServiceFragment(); + fragment_manager.removePreviousFragment(EipFragment.TAG); + eip_fragment = new EipFragment(); if (hide_and_turn_on_eip) { preferences.edit().remove(Dashboard.START_ON_BOOT).apply(); Bundle arguments = new Bundle(); - arguments.putBoolean(EipServiceFragment.START_ON_BOOT, true); + arguments.putBoolean(EipFragment.START_ON_BOOT, true); if(eip_fragment != null) eip_fragment.setArguments(arguments); } - fragment_manager.replace(R.id.servicesCollection, eip_fragment, EipServiceFragment.TAG); + fragment_manager.replace(R.id.servicesCollection, eip_fragment, EipFragment.TAG); if (hide_and_turn_on_eip) { onBackPressed(); @@ -312,7 +312,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn } - private Intent prepareProviderAPICommand() { + protected Intent prepareProviderAPICommand() { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); providerAPI_result_receiver.setReceiver(this); @@ -474,6 +474,13 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn hideProgressBar(); setResult(RESULT_CANCELED); } + else if(resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_EIP_SERVICE) { + setResult(RESULT_OK); + + updateEipService(); + } else if(resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_EIP_SERVICE) { + setResult(RESULT_CANCELED); + } } private void updateEipService() { diff --git a/app/src/main/java/se/leap/bitmaskclient/EipFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java new file mode 100644 index 00000000..92d2a8bd --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java @@ -0,0 +1,354 @@ +package se.leap.bitmaskclient; + +import android.app.Activity; +import android.app.AlertDialog; +import android.app.Fragment; +import android.content.DialogInterface; +import android.content.Intent; +import android.os.Bundle; +import android.os.Handler; +import android.os.ResultReceiver; +import android.util.Log; +import android.view.LayoutInflater; +import android.view.View; +import android.view.ViewGroup; +import android.widget.ProgressBar; +import android.widget.Switch; +import android.widget.TextView; + +import java.util.Observable; +import java.util.Observer; + +import butterknife.ButterKnife; +import butterknife.InjectView; +import butterknife.OnCheckedChanged; +import de.blinkt.openvpn.activities.DisconnectVPN; +import se.leap.bitmaskclient.eip.Constants; +import se.leap.bitmaskclient.eip.EIP; +import se.leap.bitmaskclient.eip.EipStatus; + +public class EipFragment extends Fragment implements Observer { + + public static String TAG = EipFragment.class.getSimpleName(); + + protected static final String IS_PENDING = TAG + ".is_pending"; + protected static final String IS_CONNECTED = TAG + ".is_connected"; + protected static final String STATUS_MESSAGE = TAG + ".status_message"; + public static final String START_ON_BOOT = "start on boot"; + + private View view; + @InjectView(R.id.eipSwitch) + Switch eip_switch; + @InjectView(R.id.status_message) + TextView status_message; + @InjectView(R.id.eipProgress) + ProgressBar progress_bar; + + private static Activity parent_activity; + private static EIPReceiver mEIPReceiver; + private static EipStatus eip_status; + private boolean is_starting_to_connect; + + @Override + public void onAttach(Activity activity) { + super.onAttach(activity); + parent_activity = activity; + + Dashboard dashboard = (Dashboard) parent_activity; + Intent provider_API_command = dashboard.prepareProviderAPICommand(); + provider_API_command.setAction(ProviderAPI.DOWNLOAD_EIP_SERVICE); + parent_activity.startService(provider_API_command); + } + + @Override + public void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + eip_status = EipStatus.getInstance(); + eip_status.addObserver(this); + mEIPReceiver = new EIPReceiver(new Handler()); + } + + @Override + public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { + view = inflater.inflate(R.layout.eip_service_fragment, container, false); + ButterKnife.inject(this, view); + + if (eip_status.isConnecting()) + eip_switch.setVisibility(View.VISIBLE); + + Log.d(TAG, "onCreateView, eip_switch is checked? " + eip_switch.isChecked()); + + Bundle arguments = getArguments(); + if(arguments != null && arguments.containsKey(START_ON_BOOT) && arguments.getBoolean(START_ON_BOOT)) + startEipFromScratch(); + + if (savedInstanceState != null) { + status_message.setText(savedInstanceState.getString(STATUS_MESSAGE)); + if(savedInstanceState.getBoolean(IS_PENDING)) + eip_status.setConnecting(); + else if(savedInstanceState.getBoolean(IS_CONNECTED)) { + eip_status.setConnectedOrDisconnected(); + } + } + return view; + } + + @Override + public void onResume() { + super.onResume(); + eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); + handleNewState(eip_status); + } + + @Override + public void onSaveInstanceState(Bundle outState) { + outState.putBoolean(IS_PENDING, eip_status.isConnecting()); + outState.putBoolean(IS_CONNECTED, eip_status.isConnected()); + Log.d(TAG, "status message onSaveInstanceState = " + status_message.getText().toString()); + outState.putString(STATUS_MESSAGE, status_message.getText().toString()); + super.onSaveInstanceState(outState); + } + + protected void saveEipStatus() { + boolean eip_is_on = false; + Log.d(TAG, "saveEipStatus"); + if(eip_switch.isChecked()) { + eip_is_on = true; + } + + if(parent_activity != null) + Dashboard.preferences.edit().putBoolean(Dashboard.START_ON_BOOT, eip_is_on).commit(); + } + + @OnCheckedChanged(R.id.eipSwitch) + void handleSwitch(boolean isChecked) { + if(isChecked) + handleSwitchOn(); + else + handleSwitchOff(); + + saveEipStatus(); + } + + private void handleSwitchOn() { + if(canStartEIP()) + startEipFromScratch(); + else if(canLogInToStartEIP()) { + Log.d(TAG, "Can Log In to start EIP"); + Dashboard dashboard = (Dashboard) parent_activity; + Bundle bundle = new Bundle(); + bundle.putBoolean(IS_PENDING, true); + dashboard.logInDialog(bundle); + } + } + + private boolean canStartEIP() { + boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); + boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); + return (isAllowedAnon || certificateExists) && !eip_status.isConnected() && !eip_status.isConnecting(); + } + + private boolean canLogInToStartEIP() { + boolean isAllowedRegistered = Dashboard.preferences.getBoolean(Constants.ALLOWED_REGISTERED, false); + boolean isLoggedIn = !LeapSRPSession.getToken().isEmpty(); + Log.d(TAG, "Allow registered? " + isAllowedRegistered); + Log.d(TAG, "Is logged in? " + isLoggedIn); + return isAllowedRegistered && !isLoggedIn && !eip_status.isConnecting() && !eip_status.isConnected(); + } + + private void handleSwitchOff() { + if(eip_status.isConnecting()) { + askPendingStartCancellation(); + } else if(eip_status.isConnected()) { + stopEIP(); + } + } + + private void askPendingStartCancellation() { + AlertDialog.Builder alertBuilder = new AlertDialog.Builder(parent_activity); + alertBuilder.setTitle(parent_activity.getString(R.string.eip_cancel_connect_title)) + .setMessage(parent_activity.getString(R.string.eip_cancel_connect_text)) + .setPositiveButton((R.string.yes), new DialogInterface.OnClickListener() { + @Override + public void onClick(DialogInterface dialog, int which) { + stopEIP(); + } + }) + .setNegativeButton(parent_activity.getString(R.string.no), new DialogInterface.OnClickListener() { + @Override + public void onClick(DialogInterface dialog, int which) { + eip_switch.setChecked(true); + } + }) + .show(); + } + + public void startEipFromScratch() { + is_starting_to_connect = true; + progress_bar.setVisibility(View.VISIBLE); + eip_switch.setVisibility(View.VISIBLE); + String status = parent_activity.getString(R.string.eip_status_start_pending); + status_message.setText(status); + + if(!eip_switch.isChecked()) { + eip_switch.setChecked(true); + saveEipStatus(); + } + eipCommand(Constants.ACTION_START_EIP); + } + + protected void stopEIP() { + hideProgressBar(); + + String status = parent_activity.getString(R.string.eip_state_not_connected); + status_message.setText(status); + eipCommand(Constants.ACTION_STOP_EIP); + } + + /** + * Send a command to EIP + * + * @param action A valid String constant from EIP class representing an Intent + * filter for the EIP class + */ + private void eipCommand(String action){ + // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? + Intent vpn_intent = new Intent(parent_activity.getApplicationContext(), EIP.class); + vpn_intent.setAction(action); + vpn_intent.putExtra(Constants.RECEIVER_TAG, mEIPReceiver); + parent_activity.startService(vpn_intent); + } + + @Override + public void update (Observable observable, Object data) { + if(observable instanceof EipStatus) { + eip_status = (EipStatus) observable; + final EipStatus eip_status = (EipStatus) observable; + parent_activity.runOnUiThread(new Runnable() { + @Override + public void run() { + handleNewState(eip_status); + } + }); + } + } + + private void handleNewState(EipStatus eip_status) { + Log.d(TAG, "handleNewState: " + eip_status.toString()); + if(eip_status.wantsToDisconnect()) + setDisconnectedUI(); + else if(eip_status.isConnecting() || is_starting_to_connect) + setInProgressUI(eip_status); + else if (eip_status.isConnected()) + setConnectedUI(); + else if (eip_status.isDisconnected() && !eip_status.isConnecting()) + setDisconnectedUI(); + } + + private void setConnectedUI() { + hideProgressBar(); + Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); + adjustSwitch(); + is_starting_to_connect = false; + status_message.setText(parent_activity.getString(R.string.eip_state_connected)); + } + + private void setDisconnectedUI(){ + hideProgressBar(); + adjustSwitch(); + status_message.setText(parent_activity.getString(R.string.eip_state_not_connected)); + } + + private void adjustSwitch() { + if(eip_status.isConnected() || eip_status.isConnecting() || is_starting_to_connect) { + Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked"); + if(!eip_switch.isChecked()) { + eip_switch.setChecked(true); + } + } else { + Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); + + if(eip_switch.isChecked()) { + eip_switch.setChecked(false); + } + } + } + + private void setInProgressUI(EipStatus eip_status) { + int localizedResId = eip_status.getLocalizedResId(); + String logmessage = eip_status.getLogMessage(); + String prefix = parent_activity.getString(localizedResId); + + status_message.setText(prefix + " " + logmessage); + is_starting_to_connect = false; + adjustSwitch(); + } + + private void hideProgressBar() { + if(progress_bar != null) + progress_bar.setVisibility(View.GONE); + } + + protected class EIPReceiver extends ResultReceiver { + + protected EIPReceiver(Handler handler){ + super(handler); + } + + @Override + protected void onReceiveResult(int resultCode, Bundle resultData) { + super.onReceiveResult(resultCode, resultData); + + String request = resultData.getString(Constants.REQUEST_TAG); + + if (request.equals(Constants.ACTION_START_EIP)) { + switch (resultCode){ + case Activity.RESULT_OK: + break; + case Activity.RESULT_CANCELED: + break; + } + } else if (request.equals(Constants.ACTION_STOP_EIP)) { + switch (resultCode){ + case Activity.RESULT_OK: + Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); + parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); + eip_status.setDisconnecting(); + break; + case Activity.RESULT_CANCELED: + break; + } + } else if (request.equals(Constants.EIP_NOTIFICATION)) { + switch (resultCode){ + case Activity.RESULT_OK: + break; + case Activity.RESULT_CANCELED: + break; + } + } else if (request.equals(Constants.ACTION_CHECK_CERT_VALIDITY)) { + switch (resultCode) { + case Activity.RESULT_OK: + break; + case Activity.RESULT_CANCELED: + Dashboard dashboard = (Dashboard) parent_activity; + + progress_bar.setVisibility(View.VISIBLE); + status_message.setText(getString(R.string.updating_certificate_message)); + if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { + dashboard.logInDialog(Bundle.EMPTY); + } else { + Intent provider_API_command = dashboard.prepareProviderAPICommand(); + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); + parent_activity.startService(provider_API_command); + } + break; + } + } + } + } + + + public static EIPReceiver getReceiver() { + return mEIPReceiver; + } +} diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java deleted file mode 100644 index 1b40c94c..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ /dev/null @@ -1,355 +0,0 @@ -package se.leap.bitmaskclient; - -import android.app.Activity; -import android.app.AlertDialog; -import android.app.Fragment; -import android.content.DialogInterface; -import android.content.Intent; -import android.os.Bundle; -import android.os.Handler; -import android.os.ResultReceiver; -import android.util.Log; -import android.view.LayoutInflater; -import android.view.View; -import android.view.ViewGroup; -import android.widget.ProgressBar; -import android.widget.Switch; -import android.widget.TextView; - -import java.util.Observable; -import java.util.Observer; - -import butterknife.ButterKnife; -import butterknife.InjectView; -import butterknife.OnCheckedChanged; -import de.blinkt.openvpn.activities.DisconnectVPN; -import se.leap.bitmaskclient.eip.Constants; -import se.leap.bitmaskclient.eip.EIP; -import se.leap.bitmaskclient.eip.EipStatus; - -public class EipServiceFragment extends Fragment implements Observer { - - public static String TAG = "se.leap.bitmask.EipServiceFragment"; - - protected static final String IS_PENDING = TAG + ".is_pending"; - protected static final String IS_CONNECTED = TAG + ".is_connected"; - protected static final String STATUS_MESSAGE = TAG + ".status_message"; - public static final String START_ON_BOOT = "start on boot"; - - private View view; - @InjectView(R.id.eipSwitch) - Switch eip_switch; - @InjectView(R.id.status_message) - TextView status_message; - @InjectView(R.id.eipProgress) - ProgressBar progress_bar; - - private static Activity parent_activity; - private static EIPReceiver mEIPReceiver; - private static EipStatus eip_status; - private boolean is_starting_to_connect; - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - parent_activity = activity; - } - - @Override - public void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - eip_status = EipStatus.getInstance(); - eip_status.addObserver(this); - mEIPReceiver = new EIPReceiver(new Handler()); - } - - @Override - public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { - view = inflater.inflate(R.layout.eip_service_fragment, container, false); - ButterKnife.inject(this, view); - - if (eip_status.isConnecting()) - eip_switch.setVisibility(View.VISIBLE); - - Log.d(TAG, "onCreateView, eip_switch is checked? " + eip_switch.isChecked()); - - Bundle arguments = getArguments(); - if(arguments != null && arguments.containsKey(START_ON_BOOT) && arguments.getBoolean(START_ON_BOOT)) - startEipFromScratch(); - - if (savedInstanceState != null) { - status_message.setText(savedInstanceState.getString(STATUS_MESSAGE)); - if(savedInstanceState.getBoolean(IS_PENDING)) - eip_status.setConnecting(); - else if(savedInstanceState.getBoolean(IS_CONNECTED)) { - eip_status.setConnectedOrDisconnected(); - } - } - return view; - } - - @Override - public void onResume() { - super.onResume(); - eipCommand(Constants.ACTION_CHECK_CERT_VALIDITY); - handleNewState(eip_status); - } - - @Override - public void onSaveInstanceState(Bundle outState) { - outState.putBoolean(IS_PENDING, eip_status.isConnecting()); - outState.putBoolean(IS_CONNECTED, eip_status.isConnected()); - Log.d(TAG, "status message onSaveInstanceState = " + status_message.getText().toString()); - outState.putString(STATUS_MESSAGE, status_message.getText().toString()); - super.onSaveInstanceState(outState); - } - - protected void saveEipStatus() { - boolean eip_is_on = false; - Log.d(TAG, "saveEipStatus"); - if(eip_switch.isChecked()) { - eip_is_on = true; - } - - if(parent_activity != null) - Dashboard.preferences.edit().putBoolean(Dashboard.START_ON_BOOT, eip_is_on).commit(); - } - - @OnCheckedChanged(R.id.eipSwitch) - void handleSwitch(boolean isChecked) { - if(isChecked) - handleSwitchOn(); - else - handleSwitchOff(); - - saveEipStatus(); - } - - private void handleSwitchOn() { - if(canStartEIP()) - startEipFromScratch(); - else if(canLogInToStartEIP()) { - Log.d(TAG, "Can Log In to start EIP"); - Dashboard dashboard = (Dashboard) parent_activity; - Bundle bundle = new Bundle(); - bundle.putBoolean(IS_PENDING, true); - dashboard.logInDialog(bundle); - } - } - - private boolean canStartEIP() { - boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); - boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); - return (isAllowedAnon || certificateExists) && !eip_status.isConnected() && !eip_status.isConnecting(); - } - - private boolean canLogInToStartEIP() { - boolean isAllowedRegistered = Dashboard.preferences.getBoolean(Constants.ALLOWED_REGISTERED, false); - boolean isLoggedIn = !LeapSRPSession.getToken().isEmpty(); - Log.d(TAG, "Allow registered? " + isAllowedRegistered); - Log.d(TAG, "Is logged in? " + isLoggedIn); - return isAllowedRegistered && !isLoggedIn && !eip_status.isConnecting() && !eip_status.isConnected(); - } - - private void handleSwitchOff() { - if(eip_status.isConnecting()) { - askPendingStartCancellation(); - } else if(eip_status.isConnected()) { - stopEIP(); - } - } - - private void askPendingStartCancellation() { - AlertDialog.Builder alertBuilder = new AlertDialog.Builder(parent_activity); - alertBuilder.setTitle(parent_activity.getString(R.string.eip_cancel_connect_title)) - .setMessage(parent_activity.getString(R.string.eip_cancel_connect_text)) - .setPositiveButton((R.string.yes), new DialogInterface.OnClickListener() { - @Override - public void onClick(DialogInterface dialog, int which) { - stopEIP(); - } - }) - .setNegativeButton(parent_activity.getString(R.string.no), new DialogInterface.OnClickListener() { - @Override - public void onClick(DialogInterface dialog, int which) { - eip_switch.setChecked(true); - } - }) - .show(); - } - - public void startEipFromScratch() { - is_starting_to_connect = true; - progress_bar.setVisibility(View.VISIBLE); - eip_switch.setVisibility(View.VISIBLE); - String status = parent_activity.getString(R.string.eip_status_start_pending); - status_message.setText(status); - - if(!eip_switch.isChecked()) { - eip_switch.setChecked(true); - saveEipStatus(); - } - eipCommand(Constants.ACTION_START_EIP); - } - - protected void stopEIP() { - hideProgressBar(); - - String status = parent_activity.getString(R.string.eip_state_not_connected); - status_message.setText(status); - eipCommand(Constants.ACTION_STOP_EIP); - } - - /** - * Send a command to EIP - * - * @param action A valid String constant from EIP class representing an Intent - * filter for the EIP class - */ - private void eipCommand(String action){ - // TODO validate "action"...how do we get the list of intent-filters for a class via Android API? - Intent vpn_intent = new Intent(parent_activity.getApplicationContext(), EIP.class); - vpn_intent.setAction(action); - vpn_intent.putExtra(Constants.RECEIVER_TAG, mEIPReceiver); - parent_activity.startService(vpn_intent); - } - - @Override - public void update (Observable observable, Object data) { - if(observable instanceof EipStatus) { - eip_status = (EipStatus) observable; - final EipStatus eip_status = (EipStatus) observable; - parent_activity.runOnUiThread(new Runnable() { - @Override - public void run() { - handleNewState(eip_status); - } - }); - } - } - - private void handleNewState(EipStatus eip_status) { - Log.d(TAG, "handleNewState: " + eip_status.toString()); - if(eip_status.wantsToDisconnect()) - setDisconnectedUI(); - else if(eip_status.isConnecting() || is_starting_to_connect) - setInProgressUI(eip_status); - else if (eip_status.isConnected()) - setConnectedUI(); - else if (eip_status.isDisconnected() && !eip_status.isConnecting()) - setDisconnectedUI(); - } - - private void setConnectedUI() { - hideProgressBar(); - Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); - adjustSwitch(); - is_starting_to_connect = false; - status_message.setText(parent_activity.getString(R.string.eip_state_connected)); - } - - private void setDisconnectedUI(){ - hideProgressBar(); - adjustSwitch(); - status_message.setText(parent_activity.getString(R.string.eip_state_not_connected)); - } - - private void adjustSwitch() { - if(eip_status.isConnected() || eip_status.isConnecting() || is_starting_to_connect) { - Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked"); - if(!eip_switch.isChecked()) { - eip_switch.setChecked(true); - } - } else { - Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); - - if(eip_switch.isChecked()) { - eip_switch.setChecked(false); - } - } - } - - private void setInProgressUI(EipStatus eip_status) { - int localizedResId = eip_status.getLocalizedResId(); - String logmessage = eip_status.getLogMessage(); - String prefix = parent_activity.getString(localizedResId); - - status_message.setText(prefix + " " + logmessage); - is_starting_to_connect = false; - adjustSwitch(); - } - - private void hideProgressBar() { - if(progress_bar != null) - progress_bar.setVisibility(View.GONE); - } - - protected class EIPReceiver extends ResultReceiver { - - protected EIPReceiver(Handler handler){ - super(handler); - } - - @Override - protected void onReceiveResult(int resultCode, Bundle resultData) { - super.onReceiveResult(resultCode, resultData); - - String request = resultData.getString(Constants.REQUEST_TAG); - - if (request.equals(Constants.ACTION_START_EIP)) { - switch (resultCode){ - case Activity.RESULT_OK: - break; - case Activity.RESULT_CANCELED: - break; - } - } else if (request.equals(Constants.ACTION_STOP_EIP)) { - switch (resultCode){ - case Activity.RESULT_OK: - Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); - parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); - eip_status.setDisconnecting(); - break; - case Activity.RESULT_CANCELED: - break; - } - } else if (request.equals(Constants.EIP_NOTIFICATION)) { - switch (resultCode){ - case Activity.RESULT_OK: - break; - case Activity.RESULT_CANCELED: - break; - } - } else if (request.equals(Constants.ACTION_CHECK_CERT_VALIDITY)) { - switch (resultCode) { - case Activity.RESULT_OK: - break; - case Activity.RESULT_CANCELED: - Dashboard dashboard = (Dashboard) parent_activity; - - progress_bar.setVisibility(View.VISIBLE); - status_message.setText(getString(R.string.updating_certificate_message)); - if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { - dashboard.logInDialog(Bundle.EMPTY); - } else { - Intent provider_API_command = new Intent(parent_activity, ProviderAPI.class); - if(dashboard.providerAPI_result_receiver == null) { - dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); - dashboard.providerAPI_result_receiver.setReceiver(dashboard); - } - - provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver); - parent_activity.startService(provider_API_command); - } - break; - } - } - } - } - - - public static EIPReceiver getReceiver() { - return mEIPReceiver; - } -} diff --git a/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java index 60382cf0..22e0f128 100644 --- a/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/SessionDialog.java @@ -72,7 +72,7 @@ public class SessionDialog extends DialogFragment{ Bundle arguments = getArguments(); if (arguments != null) { - is_eip_pending = arguments.getBoolean(EipServiceFragment.IS_PENDING, false); + is_eip_pending = arguments.getBoolean(EipFragment.IS_PENDING, false); if (arguments.containsKey(PASSWORD_INVALID_LENGTH)) password_field.setError(getString(R.string.error_not_valid_password_user_message)); if (arguments.containsKey(USERNAME)) { diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 7db35c17..7017e874 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -22,7 +22,6 @@ import android.content.Context; import android.content.Intent; import android.content.SharedPreferences; import android.os.Bundle; -import android.os.Handler; import android.os.ResultReceiver; import android.util.Log; @@ -38,7 +37,7 @@ import de.blinkt.openvpn.LaunchVPN; import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.ProfileManager; import se.leap.bitmaskclient.Dashboard; -import se.leap.bitmaskclient.EipServiceFragment; +import se.leap.bitmaskclient.EipFragment; import static se.leap.bitmaskclient.eip.Constants.ACTION_CHECK_CERT_VALIDITY; import static se.leap.bitmaskclient.eip.Constants.ACTION_IS_EIP_RUNNING; @@ -121,7 +120,7 @@ public final class EIP extends IntentService { GatewaySelector gateway_selector = new GatewaySelector(gateways); gateway = gateway_selector.select(); if(gateway != null && gateway.getProfile() != null) { - mReceiver = EipServiceFragment.getReceiver(); + mReceiver = EipFragment.getReceiver(); launchActiveGateway(); } tellToReceiver(ACTION_START_EIP, Activity.RESULT_OK); diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index f1cb84d6..9d0b4db6 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -31,8 +31,6 @@ import javax.net.ssl.*; import org.apache.http.client.ClientProtocolException; import org.json.*; -import se.leap.bitmaskclient.R; -import se.leap.bitmaskclient.SessionDialog; import se.leap.bitmaskclient.eip.*; /** @@ -47,6 +45,7 @@ import se.leap.bitmaskclient.eip.*; public class ProviderAPI extends IntentService { final public static String + TAG = ProviderAPI.class.getSimpleName(), SET_UP_PROVIDER = "setUpProvider", DOWNLOAD_NEW_PROVIDER_DOTJSON = "downloadNewProviderDotJSON", SRP_REGISTER = "srpRegister", @@ -59,7 +58,7 @@ public class ProviderAPI extends IntentService { ERRORS = "errors", UPDATE_PROGRESSBAR = "update_progressbar", CURRENT_PROGRESS = "current_progress", - TAG = ProviderAPI.class.getSimpleName() + DOWNLOAD_EIP_SERVICE = TAG + ".DOWNLOAD_EIP_SERVICE" ; final public static int @@ -72,7 +71,9 @@ public class ProviderAPI extends IntentService { CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, PROVIDER_OK = 11, - PROVIDER_NOK = 12 + PROVIDER_NOK = 12, + CORRECTLY_DOWNLOADED_EIP_SERVICE = 13, + INCORRECTLY_DOWNLOADED_EIP_SERVICE= 14 ; private static boolean @@ -82,12 +83,12 @@ public class ProviderAPI extends IntentService { ; private static String last_provider_main_url; - private static boolean setting_up_provider = true; + private static boolean go_ahead = true; private static SharedPreferences preferences; private static String provider_api_url; public static void stop() { - setting_up_provider = false; + go_ahead = false; } public ProviderAPI() { @@ -121,15 +122,15 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); - setting_up_provider = true; + go_ahead = true; } catch (JSONException e) { - setting_up_provider = false; + go_ahead = false; } } if(action.equalsIgnoreCase(SET_UP_PROVIDER)) { Bundle result = setUpProvider(parameters); - if(setting_up_provider) { + if(go_ahead) { if(result.getBoolean(RESULT_KEY)) { receiver.send(PROVIDER_OK, result); } else { @@ -162,7 +163,14 @@ public class ProviderAPI extends IntentService { } else { receiver.send(INCORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY); } - } + } else if(action.equalsIgnoreCase(DOWNLOAD_EIP_SERVICE)) { + Bundle result = getAndSetEipServiceJson(); + if(result.getBoolean(RESULT_KEY)) { + receiver.send(CORRECTLY_DOWNLOADED_EIP_SERVICE, result); + } else { + receiver.send(INCORRECTLY_DOWNLOADED_EIP_SERVICE, result); + } + } } private Bundle tryToRegister(Bundle task) { @@ -479,7 +487,7 @@ public class ProviderAPI extends IntentService { if(task != null && task.containsKey(Provider.MAIN_URL)) { last_provider_main_url = task.getString(Provider.MAIN_URL); CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; - setting_up_provider = true; + go_ahead = true; } if(!PROVIDER_JSON_DOWNLOADED) @@ -512,7 +520,7 @@ public class ProviderAPI extends IntentService { String cert_string = downloadWithCommercialCA(ca_cert_url); result.putBoolean(RESULT_KEY, true); - if(validCertificate(cert_string) && setting_up_provider) { + if(validCertificate(cert_string) && go_ahead) { preferences.edit().putString(Provider.CA_CERT, cert_string).commit(); result.putBoolean(RESULT_KEY, true); } else { @@ -575,7 +583,7 @@ public class ProviderAPI extends IntentService { private Bundle getAndSetProviderJson(String provider_main_url) { Bundle result = new Bundle(); - if(setting_up_provider) { + if(go_ahead) { String provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json"); try { @@ -602,7 +610,7 @@ public class ProviderAPI extends IntentService { private Bundle getAndSetEipServiceJson() { Bundle result = new Bundle(); String eip_service_json_string = ""; - if(setting_up_provider) { + if(go_ahead) { try { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); String eip_service_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH; -- cgit v1.2.3 From 2571d03aca9f240017dd1f00e0963abc13b35890 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 16 Dec 2014 17:44:21 +0100 Subject: 0.8.0 RC3 --- app/src/main/AndroidManifest.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index 8df76712..a0c6ce36 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -17,7 +17,7 @@ -- cgit v1.2.3 From 63ae29d808da4c85c223f2e2b6824322b8fc45df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 17 Dec 2014 12:25:31 +0100 Subject: Stop normal and blocking VPNs correctly --- .../java/se/leap/bitmaskclient/EipFragment.java | 10 ++++++--- .../main/java/se/leap/bitmaskclient/eip/EIP.java | 2 +- .../se/leap/bitmaskclient/eip/VoidVpnService.java | 24 ++++++++++++++++++++-- 3 files changed, 30 insertions(+), 6 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java index 92d2a8bd..fc412449 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java @@ -26,6 +26,7 @@ import de.blinkt.openvpn.activities.DisconnectVPN; import se.leap.bitmaskclient.eip.Constants; import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.eip.EipStatus; +import se.leap.bitmaskclient.eip.VoidVpnService; public class EipFragment extends Fragment implements Observer { @@ -306,14 +307,17 @@ public class EipFragment extends Fragment implements Observer { case Activity.RESULT_OK: break; case Activity.RESULT_CANCELED: + break; } } else if (request.equals(Constants.ACTION_STOP_EIP)) { switch (resultCode){ case Activity.RESULT_OK: - Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); - parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); - eip_status.setDisconnecting(); + if(eip_status.isConnecting()) + VoidVpnService.stop(); + Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); + parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); + eip_status.setDisconnecting(); break; case Activity.RESULT_CANCELED: break; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 7017e874..3d3070c8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -149,7 +149,7 @@ public final class EIP extends IntentService { EipStatus eip_status = EipStatus.getInstance(); Log.d(TAG, "stopEip(): eip is connected? " + eip_status.isConnected()); int result_code = Activity.RESULT_CANCELED; - if(eip_status.isConnected()) + if(eip_status.isConnected() || eip_status.isConnecting()) result_code = Activity.RESULT_OK; tellToReceiver(ACTION_STOP_EIP, result_code); diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java index a6f9fe76..0c773208 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -2,14 +2,18 @@ package se.leap.bitmaskclient.eip; import android.content.Intent; import android.net.VpnService; +import android.os.ParcelFileDescriptor; + +import java.io.IOException; public class VoidVpnService extends VpnService { static final String TAG = VoidVpnService.class.getSimpleName(); + static ParcelFileDescriptor fd; @Override public int onStartCommand(Intent intent, int flags, int startId) { - String action = intent.getAction(); + String action = intent != null ? intent.getAction() : ""; if (action == Constants.START_BLOCKING_VPN_PROFILE) { new Thread(new Runnable() { public void run() { @@ -20,7 +24,7 @@ public class VoidVpnService extends VpnService { builder.addRoute("192.168.1.0", 24); builder.addDnsServer("10.42.0.1"); try { - builder.establish(); + fd = builder.establish(); } catch (Exception e) { e.printStackTrace(); } @@ -30,4 +34,20 @@ public class VoidVpnService extends VpnService { } return 0; } + + @Override + public void onRevoke() { + super.onRevoke(); + } + + public static boolean stop() { + try { + fd.close(); + return true; + } catch (IOException | NullPointerException e) { + android.util.Log.d(TAG, "VoidVpnService didn't stop"); + e.printStackTrace(); + return false; + } + } } -- cgit v1.2.3 From 5d05a628fbd833860abfc85bb450186ec8dedf19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 17 Dec 2014 12:39:41 +0100 Subject: Small refactor to stop EIP methods. --- .../main/java/se/leap/bitmaskclient/Dashboard.java | 2 +- .../main/java/se/leap/bitmaskclient/EipFragment.java | 20 ++++++++++++-------- 2 files changed, 13 insertions(+), 9 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index cca9c63c..e32dbdee 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -292,7 +292,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn if (preferences.getBoolean(Constants.AUTHED_EIP, false)) { logOut(); } - eip_fragment.stopEIP(); + eip_fragment.askToStopEIP(); } preferences.edit().clear().apply(); startActivityForResult(new Intent(this,ConfigurationWizard.class), SWITCH_PROVIDER); diff --git a/app/src/main/java/se/leap/bitmaskclient/EipFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java index fc412449..420da7a1 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipFragment.java @@ -161,7 +161,7 @@ public class EipFragment extends Fragment implements Observer { if(eip_status.isConnecting()) { askPendingStartCancellation(); } else if(eip_status.isConnected()) { - stopEIP(); + askToStopEIP(); } } @@ -172,7 +172,7 @@ public class EipFragment extends Fragment implements Observer { .setPositiveButton((R.string.yes), new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - stopEIP(); + askToStopEIP(); } }) .setNegativeButton(parent_activity.getString(R.string.no), new DialogInterface.OnClickListener() { @@ -198,7 +198,15 @@ public class EipFragment extends Fragment implements Observer { eipCommand(Constants.ACTION_START_EIP); } - protected void stopEIP() { + private void stopEIP() { + if(eip_status.isConnecting()) + VoidVpnService.stop(); + Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); + parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); + eip_status.setDisconnecting(); + } + + protected void askToStopEIP() { hideProgressBar(); String status = parent_activity.getString(R.string.eip_state_not_connected); @@ -313,11 +321,7 @@ public class EipFragment extends Fragment implements Observer { } else if (request.equals(Constants.ACTION_STOP_EIP)) { switch (resultCode){ case Activity.RESULT_OK: - if(eip_status.isConnecting()) - VoidVpnService.stop(); - Intent disconnect_vpn = new Intent(parent_activity, DisconnectVPN.class); - parent_activity.startActivityForResult(disconnect_vpn, EIP.DISCONNECT); - eip_status.setDisconnecting(); + stopEIP(); break; case Activity.RESULT_CANCELED: break; -- cgit v1.2.3 From c33d27974fbd3e6fcd9522207171bb944f4914e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 17 Dec 2014 12:43:23 +0100 Subject: 0.8.1 RC4 --- app/src/main/AndroidManifest.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index a0c6ce36..5f61cd78 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -17,7 +17,7 @@ -- cgit v1.2.3