diff options
author | Arne Schwabe <arne@rfc2549.org> | 2021-10-01 15:10:23 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2021-10-01 19:56:39 +0200 |
commit | 88885981dbce2e074641c2819011c0649ab29d9b (patch) | |
tree | 21db9f8eaac90b714ef7ce57983274bec85483d9 | |
parent | f6227082f1c70f0443e0f5d6a5f10c2838e1b7ee (diff) |
Do not use key CA certificate if peer-fingerprint is enabled
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 9146af00..f4afb5ad 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -244,6 +244,18 @@ public class VpnProfile implements Serializable, Cloneable { return false; } + static public String getVersionEnvString(Context c) { + String version = "unknown"; + try { + PackageInfo packageinfo = c.getPackageManager().getPackageInfo(c.getPackageName(), 0); + version = packageinfo.versionName; + } catch (PackageManager.NameNotFoundException e) { + VpnStatus.logException(e); + } + return String.format(Locale.US, "%s %s", c.getPackageName(), version); + + } + @Override public boolean equals(Object obj) { if (obj instanceof VpnProfile) { @@ -472,8 +484,10 @@ public class VpnProfile implements Serializable, Cloneable { if (ks != null) { if (!TextUtils.isEmpty(mCaFilename)) { cfg.append(insertFileData("ca", mCaFilename)); - } - else if (!TextUtils.isEmpty(ks[0])) { + } else if (!TextUtils.isEmpty(ks[0]) && !mCheckPeerFingerprint) { + /* if we have enabled peer-fingerprint verification the certificate from + * the keystore is more likely to screw things up than to fix anything + */ cfg.append("<ca>\n").append(ks[0]).append("\n</ca>\n"); } if (!TextUtils.isEmpty(ks[1])) @@ -713,18 +727,6 @@ public class VpnProfile implements Serializable, Cloneable { NativeUtils.getNativeAPI(), Build.BRAND, Build.BOARD, Build.MODEL); } - static public String getVersionEnvString(Context c) { - String version = "unknown"; - try { - PackageInfo packageinfo = c.getPackageManager().getPackageInfo(c.getPackageName(), 0); - version = packageinfo.versionName; - } catch (PackageManager.NameNotFoundException e) { - VpnStatus.logException(e); - } - return String.format(Locale.US, "%s %s", c.getPackageName(), version); - - } - @NonNull private Collection<String> getCustomRoutes(String routes) { Vector<String> cidrRoutes = new Vector<>(); |