diff options
author | Arne Schwabe <arne@rfc2549.org> | 2013-03-08 14:12:04 +0100 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2013-03-08 14:12:04 +0100 |
commit | 2dc46e64c7ce808e2d052a4f78cc724cfb54535a (patch) | |
tree | c8a5407ee2d1f71287ac76ad02ad52924fd4b692 | |
parent | b38cae44de5aed8d436c19301c4fb4a390128569 (diff) |
Enhance/fix --verify-x509-name support
-rw-r--r-- | AndroidManifest.xml | 4 | ||||
-rw-r--r-- | res/layout/tlsremote.xml | 64 | ||||
-rwxr-xr-x | res/values/strings.xml | 6 | ||||
-rw-r--r-- | src/de/blinkt/openvpn/RemoteCNPreference.java | 59 | ||||
-rw-r--r-- | src/de/blinkt/openvpn/Settings_Obscure.java | 1 |
5 files changed, 88 insertions, 46 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml index e88e8813..0fa6a1b9 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -18,8 +18,8 @@ <manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" package="de.blinkt.openvpn" - android:versionCode="63" - android:versionName="0.5.35" > + android:versionCode="64" + android:versionName="0.5.36" > <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> diff --git a/res/layout/tlsremote.xml b/res/layout/tlsremote.xml index 3c16566a..e93b9364 100644 --- a/res/layout/tlsremote.xml +++ b/res/layout/tlsremote.xml @@ -1,38 +1,44 @@ <?xml version="1.0" encoding="utf-8"?> -<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" +<ScrollView xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:layout_height="match_parent" > - <TextView - android:id="@+id/dialogHeader" + <LinearLayout android:layout_width="wrap_content" android:layout_height="wrap_content" - android:layout_alignParentTop="true" - android:text="@string/enter_tlscn_dialog" /> + android:orientation="vertical" > - <Spinner - android:id="@+id/x509verifytype" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_below="@id/dialogHeader" - android:layout_toRightOf="@+id/textView1" /> + <TextView + android:id="@+id/dialogHeader" + android:layout_width="wrap_content" + android:layout_height="wrap_content" + android:text="@string/enter_tlscn_dialog" /> - <EditText - android:id="@+id/tlsremotecn" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_alignParentLeft="true" - android:layout_below="@id/x509verifytype" - android:layout_marginTop="20dp" - android:ems="10" - android:inputType="text" /> - - <TextView - android:id="@+id/textView2" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_alignParentLeft="true" - android:layout_below="@+id/textView1" - android:textAppearance="?android:attr/textAppearanceSmall" /> + <TextView + android:id="@+id/tlsremotenote" + android:layout_width="wrap_content" + android:layout_height="wrap_content" + android:layout_marginTop="8sp" + android:text="@string/remotetlsnote" + android:textAppearance="?android:attr/textAppearanceSmall" + android:visibility="gone" /> + + <Spinner + android:id="@+id/x509verifytype" + android:layout_width="wrap_content" + android:layout_height="wrap_content" /> + + <EditText + android:id="@+id/tlsremotecn" + android:layout_width="match_parent" + android:layout_height="wrap_content" + android:layout_marginTop="20dp" + android:ems="10" + android:inputType="text" > + + <requestFocus /> + </EditText> + + </LinearLayout> -</RelativeLayout>
\ No newline at end of file +</ScrollView>
\ No newline at end of file diff --git a/res/values/strings.xml b/res/values/strings.xml index 7d35c20d..dd36c46e 100755 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -65,7 +65,7 @@ <string name="check_remote_tlscert_title">Except TLS Server</string> <string name="remote_tlscn_check_summary">Checks the Remote Server Certificate Subject DN</string> <string name="remote_tlscn_check_title">Certificate Hostname Check</string> - <string name="enter_tlscn_dialog">Specify the check used to verify the remote certificate DN\n\Specify the complete DN (e.g. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de) or the RDN (openvpn.blinkt.de in the DN example) or an RDN prefix for verification.\n\nRDN prefix will use prefix matching. \"Server\" matches \"Server-1\" and \"Server-2\"\nLeaving the text field empty will check the RDN against the server hostname.\nFor more details see the OpenVPN 2.3.1+ manpage under --verify-x509-name</string> + <string name="enter_tlscn_dialog">Specify the check used to verify the remote certificate DN (e.g. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\nSpecify the complete DN or the RDN (openvpn.blinkt.de in the example) or an RDN prefix for verification.\n\nRDN prefix will use prefix matching. \"Server\" matches \"Server-1\" and \"Server-2\"\n\nLeaving the text field empty will check the RDN against the server hostname.\n\nFor more details see the OpenVPN 2.3.1+ manpage under —verify-x509-name</string> <string name="enter_tlscn_title">Remote certificate subject</string> <string name="tls_key_auth">Enables the TLS Key Authentication</string> <string name="tls_auth_file">TLS Auth File</string> @@ -272,5 +272,9 @@ <string name="add">Add</string> <string name="send_config">Send config file</string> <string name="complete_dn">Complete DN</string> + <string name="remotetlsnote">Your imported configuration used the old DEPRECATED tls-remote option which uses a different DN format.</string> + <string name="rdn">RDN (common name)</string> + <string name="rdn_prefix">RDN prefix</string> + <string name="tls_remote_deprecated">tls-remote (DEPRECATED)</string> </resources>
\ No newline at end of file diff --git a/src/de/blinkt/openvpn/RemoteCNPreference.java b/src/de/blinkt/openvpn/RemoteCNPreference.java index 3d142527..22d3126e 100644 --- a/src/de/blinkt/openvpn/RemoteCNPreference.java +++ b/src/de/blinkt/openvpn/RemoteCNPreference.java @@ -7,7 +7,9 @@ import android.util.Pair; import android.view.View; import android.widget.ArrayAdapter; import android.widget.EditText; +import android.widget.ScrollView; import android.widget.Spinner; +import android.widget.TextView; public class RemoteCNPreference extends DialogPreference { @@ -15,8 +17,9 @@ public class RemoteCNPreference extends DialogPreference { private Spinner mSpinner; private EditText mEditText; private int mDNType; - private ArrayAdapter<String> mAuthtypes; private String mDn; + private TextView mRemoteTLSNote; + //private ScrollView mScrollView; public RemoteCNPreference(Context context, AttributeSet attrs) { super(context, attrs); @@ -31,6 +34,8 @@ public class RemoteCNPreference extends DialogPreference { mEditText = (EditText) view.findViewById(R.id.tlsremotecn); mSpinner = (Spinner) view.findViewById(R.id.x509verifytype); + mRemoteTLSNote = (TextView) view.findViewById(R.id.tlsremotenote); + //mScrollView = (ScrollView) view.findViewById(R.id.tlsremotescroll); if(mDn!=null) mEditText.setText(mDn); @@ -38,23 +43,12 @@ public class RemoteCNPreference extends DialogPreference { } - private void populateSpinner() { - mAuthtypes = new ArrayAdapter<String>(getContext(), android.R.layout.simple_spinner_item); - mAuthtypes.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item); - - mAuthtypes.add(getContext().getString(R.string.complete_dn)); - mAuthtypes.add("RDN (common name)"); - mAuthtypes.add("RDN prefix"); - if (mDNType == VpnProfile.X509_VERIFY_TLSREMOTE || mDNType == VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING ) - mAuthtypes.add("tls-remote (DEPRECATED)"); - mSpinner.setAdapter(mAuthtypes); - } public String getCNText() { return mDn; } - + public int getAuthtype() { return mDNType; } @@ -84,7 +78,46 @@ public class RemoteCNPreference extends DialogPreference { } } } + + private void populateSpinner() { + ArrayAdapter<String> authtypes = new ArrayAdapter<String>(getContext(), android.R.layout.simple_spinner_item); + authtypes.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item); + + authtypes.add(getContext().getString(R.string.complete_dn)); + authtypes.add(getContext().getString(R.string.rdn)); + authtypes.add(getContext().getString(R.string.rdn_prefix)); + if ((mDNType == VpnProfile.X509_VERIFY_TLSREMOTE || mDNType == VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING) + && !(mDn==null || "".equals(mDn))) { + authtypes.add(getContext().getString(R.string.tls_remote_deprecated)); + mRemoteTLSNote.setVisibility(View.VISIBLE); + } else { + mRemoteTLSNote.setVisibility(View.GONE); + } + mSpinner.setAdapter(authtypes); + mSpinner.setSelection(getSpinnerPositionFromAuthTYPE()); + } + + private int getSpinnerPositionFromAuthTYPE() { + switch (mDNType) { + case VpnProfile.X509_VERIFY_TLSREMOTE_DN: + return 0; + case VpnProfile.X509_VERIFY_TLSREMOTE_RDN: + return 1; + case VpnProfile.X509_VERIFY_TLSREMOTE_RDN_PREFIX: + return 2; + case VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING: + case VpnProfile.X509_VERIFY_TLSREMOTE: + if (mDn==null || "".equals(mDn)) + return 1; + else + return 3; + + default: + return 0; + } + } + private int getAuthTypeFromSpinner() { int pos = mSpinner.getSelectedItemPosition(); switch (pos) { diff --git a/src/de/blinkt/openvpn/Settings_Obscure.java b/src/de/blinkt/openvpn/Settings_Obscure.java index 160dbe0c..22f561b0 100644 --- a/src/de/blinkt/openvpn/Settings_Obscure.java +++ b/src/de/blinkt/openvpn/Settings_Obscure.java @@ -22,7 +22,6 @@ public class Settings_Obscure extends OpenVpnPreferencesFragment implements OnPr super.onCreate(savedInstanceState); // Load the preferences from an XML resource addPreferencesFromResource(R.xml.vpn_obscure); - mUseRandomHostName = (CheckBoxPreference) findPreference("useRandomHostname"); mUseFloat = (CheckBoxPreference) findPreference("useFloat"); |