From 3d54881bc78b893ab286681338dd7b9b69d871b3 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Tue, 1 May 2012 15:33:00 +0200 Subject: Support strange certificate + passsword authentication types --- src/de/blinkt/openvpn/LaunchVPN.java | 8 ++- src/de/blinkt/openvpn/Settings_Basic.java | 8 +++ src/de/blinkt/openvpn/Settings_Obscure.java | 2 + src/de/blinkt/openvpn/VpnProfile.java | 85 ++++++++++++++++++++--------- 4 files changed, 74 insertions(+), 29 deletions(-) (limited to 'src') diff --git a/src/de/blinkt/openvpn/LaunchVPN.java b/src/de/blinkt/openvpn/LaunchVPN.java index 2bd647f9..caeedc09 100644 --- a/src/de/blinkt/openvpn/LaunchVPN.java +++ b/src/de/blinkt/openvpn/LaunchVPN.java @@ -203,7 +203,7 @@ public class LaunchVPN extends ListActivity implements OnItemClickListener { } - private void askForPW(String type) { + private void askForPW(final String type) { final EditText entry = new EditText(this); entry.setSingleLine(); @@ -219,7 +219,11 @@ public class LaunchVPN extends ListActivity implements OnItemClickListener { @Override public void onClick(DialogInterface dialog, int which) { String pw = entry.getText().toString(); - mSelectedProfile.mTransientPW = pw; + if(type.equals("Password")) { + mSelectedProfile.mTransientPW = pw; + } else { + mSelectedProfile.mTransientPCKS12PW = pw; + } onActivityResult(START_VPN_PROFILE, Activity.RESULT_OK, null); } diff --git a/src/de/blinkt/openvpn/Settings_Basic.java b/src/de/blinkt/openvpn/Settings_Basic.java index 35e86792..7eb224a8 100644 --- a/src/de/blinkt/openvpn/Settings_Basic.java +++ b/src/de/blinkt/openvpn/Settings_Basic.java @@ -173,18 +173,26 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On mView.findViewById(R.id.statickeys).setVisibility(View.GONE); mView.findViewById(R.id.keystore).setVisibility(View.GONE); mView.findViewById(R.id.cacert).setVisibility(View.GONE); + mView.findViewById(R.id.userpassword).setVisibility(View.GONE); + // Fallthroughs are by desing switch(type) { + case VpnProfile.TYPE_USERPASS_CERTIFICATES: + mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE); case VpnProfile.TYPE_CERTIFICATES: mView.findViewById(R.id.certs).setVisibility(View.VISIBLE); mView.findViewById(R.id.cacert).setVisibility(View.VISIBLE); break; + case VpnProfile.TYPE_USERPASS_PKCS12: + mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE); case VpnProfile.TYPE_PKCS12: mView.findViewById(R.id.pkcs12).setVisibility(View.VISIBLE); break; case VpnProfile.TYPE_STATICKEYS: mView.findViewById(R.id.statickeys).setVisibility(View.VISIBLE); break; + case VpnProfile.TYPE_USERPASS_KEYSTORE: + mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE); case VpnProfile.TYPE_KEYSTORE: mView.findViewById(R.id.keystore).setVisibility(View.VISIBLE); break; diff --git a/src/de/blinkt/openvpn/Settings_Obscure.java b/src/de/blinkt/openvpn/Settings_Obscure.java index 02a433fb..d7bce9ad 100644 --- a/src/de/blinkt/openvpn/Settings_Obscure.java +++ b/src/de/blinkt/openvpn/Settings_Obscure.java @@ -67,6 +67,8 @@ public class Settings_Obscure extends PreferenceFragment implements OnPreference public boolean onPreferenceChange(Preference preference, Object newValue) { if(preference==mLogverbosity) { mLogverbosity.setDefaultValue(newValue); + // Does not refresh otherwise + mLogverbosity.setSummary("%s"); } return true; diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java index 11f2fffa..04b5927f 100644 --- a/src/de/blinkt/openvpn/VpnProfile.java +++ b/src/de/blinkt/openvpn/VpnProfile.java @@ -35,10 +35,20 @@ public class VpnProfile implements Serializable{ static final int TYPE_KEYSTORE=2; public static final int TYPE_USERPASS = 3; public static final int TYPE_STATICKEYS = 4; + public static final int TYPE_USERPASS_CERTIFICATES = 5; + public static final int TYPE_USERPASS_PKCS12 = 6; + public static final int TYPE_USERPASS_KEYSTORE = 7; + + + + + private static final String OVPNCONFIGFILE = "android.conf"; protected transient String mTransientPW=null; + protected transient String mTransientPCKS12PW=null; + private static transient String mTempPKCS12Password; @@ -141,6 +151,7 @@ public class VpnProfile implements Serializable{ static final String OVPNCONFIGPKCS12 = "android.pkcs12"; + public VpnProfile(String name) { mUuid = UUID.randomUUID(); mName = name; @@ -210,7 +221,11 @@ public class VpnProfile implements Serializable{ + switch(mAuthenticationType) { + case VpnProfile.TYPE_USERPASS_CERTIFICATES: + cfg+="auth-user-pass\n"; + cfg+="management-query-passwords\n"; case VpnProfile.TYPE_CERTIFICATES: // Ca cfg+="ca "; @@ -225,6 +240,8 @@ public class VpnProfile implements Serializable{ cfg+=mClientCertFilename; cfg+="\n"; break; + case VpnProfile.TYPE_USERPASS_PKCS12: + cfg+="auth-user-pass\n"; case VpnProfile.TYPE_PKCS12: cfg+="pkcs12 "; cfg+=mPKCS12Filename; @@ -232,6 +249,8 @@ public class VpnProfile implements Serializable{ cfg+="management-query-passwords\n"; break; + case VpnProfile.TYPE_USERPASS_KEYSTORE: + cfg+="auth-user-pass\n"; case VpnProfile.TYPE_KEYSTORE: cfg+="pkcs12 "; cfg+=cacheDir.getAbsolutePath() + "/" + OVPNCONFIGPKCS12; @@ -239,13 +258,9 @@ public class VpnProfile implements Serializable{ cfg+="management-query-passwords\n"; break; case VpnProfile.TYPE_USERPASS: - cfg+="ca " + mCaFilename + "\n"; cfg+="auth-user-pass\n"; cfg+="management-query-passwords\n"; - break; - - - + cfg+="ca " + mCaFilename +"\n"; } if(mUseLzo) { @@ -298,26 +313,26 @@ public class VpnProfile implements Serializable{ } if(mExpectTLSCert) cfg += "remote-cert-tls server\n"; - - - - + + + + // Obscure Settings dialog if(mUseRandomHostname) cfg += "#my favorite options :)\nremote-random-hostname\n"; - + if(mUseFloat) cfg+= "float\n"; - + if(mUseCustomConfig) { cfg += "# Custom configuration options\n"; cfg += "# You are on your on own here :)\n"; cfg += mCustomConfigOptions; cfg += "\n"; - + } - - + + return cfg; } @@ -388,7 +403,7 @@ public class VpnProfile implements Serializable{ Intent intent = new Intent(context,OpenVpnService.class); - if(mAuthenticationType == VpnProfile.TYPE_KEYSTORE) { + if(mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) { savePKCS12(context); } @@ -457,7 +472,7 @@ public class VpnProfile implements Serializable{ } //! Return an error if somethign is wrong int checkProfile() { - if(mAuthenticationType==TYPE_KEYSTORE && mAlias==null) + if((mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) && mAlias==null) return R.string.no_keystore_cert_selected; if(!mUsePull) { @@ -473,39 +488,55 @@ public class VpnProfile implements Serializable{ } - //! Openvpn asks for a "Private Key", this can be pkcs12 pw or private key pw + //! Openvpn asks for a "Private Key", this should be pkcs12 key // public String getPasswordPrivateKey() { - if(mTransientPW!=null) { - String pwcopy = mTransientPW; - mTransientPW=null; + if(mTransientPCKS12PW!=null) { + String pwcopy = mTransientPCKS12PW; + mTransientPCKS12PW=null; return pwcopy; } switch (mAuthenticationType) { case TYPE_KEYSTORE: + case TYPE_USERPASS_KEYSTORE: return getTemporaryPKCS12Password(); case TYPE_PKCS12: + case TYPE_USERPASS_PKCS12: return mPKCS12Password; + case TYPE_USERPASS: case TYPE_STATICKEYS: case TYPE_CERTIFICATES: + case TYPE_USERPASS_CERTIFICATES: default: return null; } } + private boolean isUserPWAuth() { + switch(mAuthenticationType) { + case TYPE_USERPASS: + case TYPE_USERPASS_CERTIFICATES: + case TYPE_USERPASS_KEYSTORE: + case TYPE_USERPASS_PKCS12: + return true; + default: + return false; + + } + } public String needUserPWInput() { - if(mTransientPW!=null) - return null; - if(mAuthenticationType == TYPE_PKCS12 && + if((mAuthenticationType == TYPE_PKCS12 || mAuthenticationType == TYPE_USERPASS_PKCS12)&& (mPKCS12Password.equals("") || mPKCS12Password == null)) { - return "PKCS12 File Password"; + if(mTransientPCKS12PW==null) + return "PKCS12 File Encryption Key"; } - if(mAuthenticationType == TYPE_USERPASS && - (mPassword.equals("") || mPassword == null)) { - return "Password"; + if(isUserPWAuth() && (mPassword.equals("") || mPassword == null)) { + if(mTransientPW==null) + return "Password"; + } return null; } -- cgit v1.2.3