diff options
author | Arne Schwabe <arne@rfc2549.org> | 2016-12-19 23:04:40 +0100 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2016-12-19 23:04:40 +0100 |
commit | eb65c0649095f6b017000d6aea22329ecf9d9581 (patch) | |
tree | e3ced2ec2da5fc747c601f27f36d9f14ca29366b /main/src/main/java/de/blinkt/openvpn/VpnProfile.java | |
parent | bc379919437bde35eaa0a0f10315973207b96f03 (diff) |
Bail out if tls-remote is definedv0.6.62
Diffstat (limited to 'main/src/main/java/de/blinkt/openvpn/VpnProfile.java')
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 9147701c..d32ed27e 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -295,6 +295,7 @@ public class VpnProfile implements Serializable, Cloneable { } cfg += "machine-readable-output\n"; + cfg += "allow-recursive-routing\n"; // Users are confused by warnings that are misleading... cfg += "ifconfig-nowarn\n"; @@ -466,11 +467,17 @@ public class VpnProfile implements Serializable, Cloneable { cfg += routes; if (mOverrideDNS || !mUsePull) { - if (!TextUtils.isEmpty(mDNS1)) - cfg += "dhcp-option DNS " + mDNS1 + "\n"; - if (!TextUtils.isEmpty(mDNS2)) - cfg += "dhcp-option DNS " + mDNS2 + "\n"; - if (!TextUtils.isEmpty(mSearchDomain)) + if (!TextUtils.isEmpty(mDNS1)) { + if (mDNS1.contains(":")) + cfg += "dhcp-option DNS6 " + mDNS1 + "\n"; + else + cfg += "dhcp-option DNS " + mDNS1 + "\n"; + } if (!TextUtils.isEmpty(mDNS2)) { + if (mDNS2.contains(":")) + cfg += "dhcp-option DNS6 " + mDNS2 + "\n"; + else + cfg += "dhcp-option DNS " + mDNS2 + "\n"; + } if (!TextUtils.isEmpty(mSearchDomain)) cfg += "dhcp-option DOMAIN " + mSearchDomain + "\n"; } @@ -874,6 +881,8 @@ public class VpnProfile implements Serializable, Cloneable { return R.string.no_ca_cert_selected; } + if (mCheckRemoteCN && mX509AuthType==X509_VERIFY_TLSREMOTE) + return R.string.deprecated_tls_remote; if (!mUsePull || mAuthenticationType == TYPE_STATICKEYS) { if (mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null) |