diff options
author | Arne Schwabe <arne@rfc2549.org> | 2021-10-30 23:00:54 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2021-12-17 11:36:32 +0100 |
commit | 2f137c89d76808d537d3694975518df30475bd90 (patch) | |
tree | f86d169cd3770725636781618b7764a7ca23e8d0 /main/src | |
parent | 1e40ded48b1dfbb9edcd13a4f6d4f69abfb7ffb2 (diff) |
Update OpenVPN 2.x and OpenVPN 3.x
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Diffstat (limited to 'main/src')
m--------- | main/src/main/cpp/openvpn | 0 | ||||
m--------- | main/src/main/cpp/openvpn3 | 0 | ||||
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 4 | ||||
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java | 10 | ||||
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java | 12 | ||||
-rw-r--r-- | main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java | 2 |
6 files changed, 24 insertions, 4 deletions
diff --git a/main/src/main/cpp/openvpn b/main/src/main/cpp/openvpn -Subproject 65ad05d7092dc5e2b65dfd709b0b8848810cbe3 +Subproject e3831a62798d0324eb1e1badc1f199269a5baca diff --git a/main/src/main/cpp/openvpn3 b/main/src/main/cpp/openvpn3 -Subproject eb4ee857333d58ef23ad83bc22eb0687951938a +Subproject d07270962a013844c0f031b73fc5f1b439476d1 diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 4a5b2b4c..bac5939d 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -384,7 +384,7 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append(String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString))); if (mUseLegacyProvider) - cfg.append("provider legacy:default\n"); + cfg.append("provider legacy default\n"); if (!TextUtils.isEmpty(mTlSCertProfile) && mAuthenticationType != TYPE_STATICKEYS) cfg.append(String.format("tls-cert-profile %s\n", mTlSCertProfile)); @@ -1067,7 +1067,7 @@ public class VpnProfile implements Serializable, Cloneable { if (!mUseLegacyProvider && (dataciphers.contains("BF-CBC") - || ((mCompatMode > 0 && mCompatMode < 20500) || useOpenVPN3) + || (mCompatMode > 0 && mCompatMode < 20500) && cipher.equals("BF-CBC"))) { return R.string.bf_cbc_requires_legacy; diff --git a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index db530320..026586d5 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -564,12 +564,20 @@ public class ConfigParser { } } - Vector<String> provider = getOption("provider", 1, 1); + Vector<String> provider = getOption("provider", 1, 9); if (provider != null) { String providers = provider.get(1).toLowerCase(Locale.ROOT); if (providers.equals("legacy:default") || providers.equals("default:legacy")) np.mUseLegacyProvider = true; + + for (String prov:provider) + { + if ("legacy".equals(prov.toLowerCase(Locale.ROOT))) + { + np.mUseLegacyProvider = true; + } + } } diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 09730245..f7b65151 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -536,7 +536,11 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (profile == null) return; ShortcutManager shortcutManager = getSystemService(ShortcutManager.class); - shortcutManager.reportShortcutUsed(profile.getUUIDString()); + if (shortcutManager!=null) { + /* This should never been null but I do not trust Android ROMs to do the right thing + * anymore and neither seems Coverity */ + shortcutManager.reportShortcutUsed(profile.getUUIDString()); + } } private VpnProfile fetchVPNProfile(Intent intent) @@ -752,6 +756,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logInfo(R.string.last_openvpn_tun_config); + if (mProfile == null) + { + VpnStatus.logError("OpenVPN tries to open a VPN descriptor with mProfile==null, please report this bug with log!"); + return null; + } + boolean allowUnsetAF = Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && !mProfile.mBlockUnusedAddressFamilies; if (allowUnsetAF) { allowAllAFFamilies(builder); diff --git a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java index f10011c9..b9ed9822 100644 --- a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -185,6 +185,8 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable boolean retryOnAuthFailed = mVp.mAuthRetry == AUTH_RETRY_NOINTERACT; config.setRetryOnAuthFailed(retryOnAuthFailed); config.setEnableLegacyAlgorithms(mVp.mUseLegacyProvider); + if (mVp.mCompatMode > 0 && mVp.mCompatMode < 20500) + config.setEnableNonPreferredDCOAlgorithms(true); if (!TextUtils.isEmpty(mVp.mTlSCertProfile)) config.setTlsCertProfileOverride(mVp.mTlSCertProfile); |