diff options
| author | Arne Schwabe <arne@rfc2549.org> | 2013-03-08 14:12:04 +0100 | 
|---|---|---|
| committer | Arne Schwabe <arne@rfc2549.org> | 2013-03-08 14:12:04 +0100 | 
| commit | 2dc46e64c7ce808e2d052a4f78cc724cfb54535a (patch) | |
| tree | c8a5407ee2d1f71287ac76ad02ad52924fd4b692 | |
| parent | b38cae44de5aed8d436c19301c4fb4a390128569 (diff) | |
Enhance/fix --verify-x509-name support
| -rw-r--r-- | AndroidManifest.xml | 4 | ||||
| -rw-r--r-- | res/layout/tlsremote.xml | 64 | ||||
| -rwxr-xr-x | res/values/strings.xml | 6 | ||||
| -rw-r--r-- | src/de/blinkt/openvpn/RemoteCNPreference.java | 59 | ||||
| -rw-r--r-- | src/de/blinkt/openvpn/Settings_Obscure.java | 1 | 
5 files changed, 88 insertions, 46 deletions
| diff --git a/AndroidManifest.xml b/AndroidManifest.xml index e88e8813..0fa6a1b9 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -18,8 +18,8 @@  <manifest xmlns:android="http://schemas.android.com/apk/res/android"      xmlns:tools="http://schemas.android.com/tools"      package="de.blinkt.openvpn" -    android:versionCode="63" -    android:versionName="0.5.35" > +    android:versionCode="64" +    android:versionName="0.5.36" >      <uses-permission android:name="android.permission.INTERNET" />      <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> diff --git a/res/layout/tlsremote.xml b/res/layout/tlsremote.xml index 3c16566a..e93b9364 100644 --- a/res/layout/tlsremote.xml +++ b/res/layout/tlsremote.xml @@ -1,38 +1,44 @@  <?xml version="1.0" encoding="utf-8"?> -<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" +<ScrollView xmlns:android="http://schemas.android.com/apk/res/android"      android:layout_width="match_parent"      android:layout_height="match_parent" > -    <TextView -        android:id="@+id/dialogHeader" +    <LinearLayout          android:layout_width="wrap_content"          android:layout_height="wrap_content" -        android:layout_alignParentTop="true" -        android:text="@string/enter_tlscn_dialog" /> +        android:orientation="vertical" > -    <Spinner -        android:id="@+id/x509verifytype" -        android:layout_width="wrap_content" -        android:layout_height="wrap_content" -        android:layout_below="@id/dialogHeader" -        android:layout_toRightOf="@+id/textView1" /> +        <TextView +            android:id="@+id/dialogHeader" +            android:layout_width="wrap_content" +            android:layout_height="wrap_content" +            android:text="@string/enter_tlscn_dialog" /> -    <EditText -        android:id="@+id/tlsremotecn" -        android:layout_width="match_parent" -        android:layout_height="wrap_content" -        android:layout_alignParentLeft="true" -        android:layout_below="@id/x509verifytype" -        android:layout_marginTop="20dp" -        android:ems="10" -        android:inputType="text" /> - -    <TextView -        android:id="@+id/textView2" -        android:layout_width="wrap_content" -        android:layout_height="wrap_content" -        android:layout_alignParentLeft="true" -        android:layout_below="@+id/textView1" -        android:textAppearance="?android:attr/textAppearanceSmall" /> +        <TextView +            android:id="@+id/tlsremotenote" +            android:layout_width="wrap_content" +            android:layout_height="wrap_content" +            android:layout_marginTop="8sp" +            android:text="@string/remotetlsnote" +            android:textAppearance="?android:attr/textAppearanceSmall" +            android:visibility="gone" /> + +        <Spinner +            android:id="@+id/x509verifytype" +            android:layout_width="wrap_content" +            android:layout_height="wrap_content" /> + +        <EditText +            android:id="@+id/tlsremotecn" +            android:layout_width="match_parent" +            android:layout_height="wrap_content" +            android:layout_marginTop="20dp" +            android:ems="10" +            android:inputType="text" > + +            <requestFocus /> +        </EditText> + +    </LinearLayout> -</RelativeLayout>
\ No newline at end of file +</ScrollView>
\ No newline at end of file diff --git a/res/values/strings.xml b/res/values/strings.xml index 7d35c20d..dd36c46e 100755 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -65,7 +65,7 @@      <string name="check_remote_tlscert_title">Except TLS Server</string>      <string name="remote_tlscn_check_summary">Checks the Remote Server Certificate Subject DN</string>      <string name="remote_tlscn_check_title">Certificate Hostname Check</string> -    <string name="enter_tlscn_dialog">Specify the check used to verify the remote certificate DN\n\Specify the complete DN (e.g. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de) or the RDN (openvpn.blinkt.de in the DN example) or an RDN prefix for verification.\n\nRDN prefix will use prefix matching. \"Server\" matches \"Server-1\" and \"Server-2\"\nLeaving the text field empty will check the RDN against the server hostname.\nFor more details see the OpenVPN 2.3.1+ manpage under --verify-x509-name</string> +    <string name="enter_tlscn_dialog">Specify the check used to verify the remote certificate DN (e.g. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\nSpecify the complete DN or the RDN (openvpn.blinkt.de in the example) or an RDN prefix for verification.\n\nRDN prefix will use prefix matching. \"Server\" matches \"Server-1\" and \"Server-2\"\n\nLeaving the text field empty will check the RDN against the server hostname.\n\nFor more details see the OpenVPN 2.3.1+ manpage under —verify-x509-name</string>      <string name="enter_tlscn_title">Remote certificate subject</string>      <string name="tls_key_auth">Enables the TLS Key Authentication</string>      <string name="tls_auth_file">TLS Auth File</string> @@ -272,5 +272,9 @@      <string name="add">Add</string>      <string name="send_config">Send config file</string>      <string name="complete_dn">Complete DN</string> +    <string name="remotetlsnote">Your imported configuration used the old DEPRECATED tls-remote option which uses a different DN format.</string> +    <string name="rdn">RDN (common name)</string> +    <string name="rdn_prefix">RDN prefix</string> +    <string name="tls_remote_deprecated">tls-remote (DEPRECATED)</string>  </resources>
\ No newline at end of file diff --git a/src/de/blinkt/openvpn/RemoteCNPreference.java b/src/de/blinkt/openvpn/RemoteCNPreference.java index 3d142527..22d3126e 100644 --- a/src/de/blinkt/openvpn/RemoteCNPreference.java +++ b/src/de/blinkt/openvpn/RemoteCNPreference.java @@ -7,7 +7,9 @@ import android.util.Pair;  import android.view.View;  import android.widget.ArrayAdapter;  import android.widget.EditText; +import android.widget.ScrollView;  import android.widget.Spinner; +import android.widget.TextView;  public class RemoteCNPreference extends DialogPreference { @@ -15,8 +17,9 @@ public class RemoteCNPreference extends DialogPreference {  	private Spinner mSpinner;  	private EditText mEditText;  	private int mDNType; -	private ArrayAdapter<String> mAuthtypes;  	private String mDn; +	private TextView mRemoteTLSNote; +	//private ScrollView mScrollView;  	public RemoteCNPreference(Context context, AttributeSet attrs) {  		super(context, attrs); @@ -31,6 +34,8 @@ public class RemoteCNPreference extends DialogPreference {  		mEditText = (EditText) view.findViewById(R.id.tlsremotecn);  		mSpinner = (Spinner) view.findViewById(R.id.x509verifytype); +		mRemoteTLSNote = (TextView) view.findViewById(R.id.tlsremotenote); +		//mScrollView = (ScrollView) view.findViewById(R.id.tlsremotescroll);  		if(mDn!=null)  			mEditText.setText(mDn); @@ -38,23 +43,12 @@ public class RemoteCNPreference extends DialogPreference {  	} -	private void populateSpinner() { -		mAuthtypes = new ArrayAdapter<String>(getContext(), android.R.layout.simple_spinner_item); -		mAuthtypes.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item); - -		mAuthtypes.add(getContext().getString(R.string.complete_dn)); -		mAuthtypes.add("RDN (common name)"); -		mAuthtypes.add("RDN prefix"); -		if (mDNType == VpnProfile.X509_VERIFY_TLSREMOTE || mDNType == VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING ) -			mAuthtypes.add("tls-remote (DEPRECATED)"); -		mSpinner.setAdapter(mAuthtypes); -	}  	public String getCNText() {  		return mDn;  	} -	 +  	public int getAuthtype() {  		return mDNType;  	} @@ -84,7 +78,46 @@ public class RemoteCNPreference extends DialogPreference {  			}  		}  	} +	 +	private void populateSpinner() { +		ArrayAdapter<String> authtypes = new ArrayAdapter<String>(getContext(), android.R.layout.simple_spinner_item); +		authtypes.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item); + +		authtypes.add(getContext().getString(R.string.complete_dn)); +		authtypes.add(getContext().getString(R.string.rdn)); +		authtypes.add(getContext().getString(R.string.rdn_prefix)); +		if ((mDNType == VpnProfile.X509_VERIFY_TLSREMOTE || mDNType == VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING)  +				&& !(mDn==null || "".equals(mDn))) { +			authtypes.add(getContext().getString(R.string.tls_remote_deprecated)); +			mRemoteTLSNote.setVisibility(View.VISIBLE); +		} else { +			mRemoteTLSNote.setVisibility(View.GONE); +		} +		mSpinner.setAdapter(authtypes); +		mSpinner.setSelection(getSpinnerPositionFromAuthTYPE()); +	} +	 +	private int getSpinnerPositionFromAuthTYPE() { +		switch (mDNType) { +		case VpnProfile.X509_VERIFY_TLSREMOTE_DN: +			return 0; +		case VpnProfile.X509_VERIFY_TLSREMOTE_RDN: +			return 1; +		case VpnProfile.X509_VERIFY_TLSREMOTE_RDN_PREFIX: +			return 2; +		case VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING: +		case VpnProfile.X509_VERIFY_TLSREMOTE: +			if (mDn==null || "".equals(mDn)) +				return 1; +			else +				return 3; + +		default: +			return 0; +		} +	} +	  	private int getAuthTypeFromSpinner() {  		int pos = mSpinner.getSelectedItemPosition();  		switch (pos) { diff --git a/src/de/blinkt/openvpn/Settings_Obscure.java b/src/de/blinkt/openvpn/Settings_Obscure.java index 160dbe0c..22f561b0 100644 --- a/src/de/blinkt/openvpn/Settings_Obscure.java +++ b/src/de/blinkt/openvpn/Settings_Obscure.java @@ -22,7 +22,6 @@ public class Settings_Obscure extends OpenVpnPreferencesFragment implements OnPr  		super.onCreate(savedInstanceState);  		// Load the preferences from an XML resource  		addPreferencesFromResource(R.xml.vpn_obscure); -  		mUseRandomHostName = (CheckBoxPreference) findPreference("useRandomHostname");  		mUseFloat = (CheckBoxPreference) findPreference("useFloat"); | 
