diff options
author | Arne Schwabe <arne@rfc2549.org> | 2019-07-01 13:44:22 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2019-08-05 16:01:34 +0200 |
commit | 335b63db41633187bfc61b267d94b733fd69689f (patch) | |
tree | 9bc5412330be82d8d8671249a0ddb39abf57d0df /main/src | |
parent | 7668bfaada3127207c8e0a30f84936e8040709b3 (diff) |
Implement challenge response via IV_SSO
Diffstat (limited to 'main/src')
12 files changed, 252 insertions, 52 deletions
diff --git a/main/src/main/AndroidManifest.xml b/main/src/main/AndroidManifest.xml index 9cf728f3..a9a08bf4 100644 --- a/main/src/main/AndroidManifest.xml +++ b/main/src/main/AndroidManifest.xml @@ -1,20 +1,13 @@ -<?xml version="1.0" encoding="utf-8"?><!-- - ~ Copyright (c) 2012-2016 Arne Schwabe - ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt ---> +<?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" package="de.blinkt.openvpn"> <uses-permission android:name="android.permission.INTERNET" /> - <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> - <!-- <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> --> + <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <!-- <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> --> <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" /> - <uses-permission android:name="android.permission.FOREGROUND_SERVICE" /> - - <!-- <uses-permission android:name="com.android.vending.BILLING" /> --> - + <uses-permission android:name="android.permission.FOREGROUND_SERVICE" /> <!-- <uses-permission android:name="com.android.vending.BILLING" /> --> <uses-feature android:name="android.software.leanback" android:required="false" /> @@ -22,7 +15,6 @@ android:name="android.hardware.touchscreen" android:required="false" /> - <application android:name=".core.ICSOpenVPNApplication" android:allowBackup="true" @@ -34,7 +26,7 @@ android:supportsRtl="true" android:theme="@style/blinkt" tools:ignore="UnusedAttribute"> - + <activity android:name=".core.CredentialsPopup"></activity> <meta-data android:name="android.content.APP_RESTRICTIONS" @@ -105,7 +97,6 @@ <meta-data android:name="android.service.quicksettings.ACTIVE_TILE" android:value="false" /> - </service> <activity android:name=".api.GrantPermissionsActivity"> @@ -170,11 +161,10 @@ <data android:pathPattern=".*..*.ovpn" /> <data android:pathPattern=".*.ovpn" /> </intent-filter> - </activity> - <!-- https://commonsware.com/blog/2019/03/27/death-external-storage-stay-away-files.html --> + </activity> <!-- https://commonsware.com/blog/2019/03/27/death-external-storage-stay-away-files.html --> <activity-alias - android:enabled="@bool/supportFileScheme" android:name=".activities.ConfigConverterFile" + android:enabled="@bool/supportFileScheme" android:targetActivity=".activities.ConfigConverter"> <intent-filter> <action android:name="android.intent.action.VIEW" /> @@ -240,7 +230,6 @@ android:exported="true" android:grantUriPermissions="true" tools:ignore="ExportedContentProvider" /> - <!-- <receiver android:name="core.GetRestrictionReceiver"> <intent-filter> @@ -259,16 +248,13 @@ <activity android:name=".api.RemoteAction" /> <activity-alias - android:name=".api.DisconnectVPN" + android:name=".api.ConnectVPN" android:exported="true" android:targetActivity=".api.RemoteAction" /> - <activity-alias - android:name=".api.ConnectVPN" + android:name=".api.DisconnectVPN" android:exported="true" android:targetActivity=".api.RemoteAction" /> - - </application> </manifest>
\ No newline at end of file diff --git a/main/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl b/main/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl index d583bbbd..1c1df7dc 100644 --- a/main/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl +++ b/main/src/main/aidl/de/blinkt/openvpn/core/IOpenVPNServiceInternal.aidl @@ -24,4 +24,6 @@ interface IOpenVPNServiceInternal { void addAllowedExternalApp(String packagename); boolean isAllowedExternalApp(String packagename); + + void challengeResponse(String repsonse); } diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index cdbe97d9..09ffdceb 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -344,6 +344,7 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append("management-hold\n\n"); cfg.append(String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context)))); + cfg.append("setenv IV_SSO openurl,crtext\n"); String versionString = getPlatformVersionEnvString(); cfg.append(String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString))); } else { diff --git a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index 37641912..00604b56 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -90,6 +90,7 @@ public class ConfigParser { private final String[][] ignoreOptionsWithArg = { {"setenv", "IV_GUI_VER"}, + {"setenv", "IV_SSO"}, {"setenv", "IV_PLAT_VER"}, {"setenv", "IV_OPENVPN_GUI_VERSION"}, {"engine", "dynamic"}, diff --git a/main/src/main/java/de/blinkt/openvpn/core/CredentialsPopup.java b/main/src/main/java/de/blinkt/openvpn/core/CredentialsPopup.java new file mode 100644 index 00000000..dcb3255a --- /dev/null +++ b/main/src/main/java/de/blinkt/openvpn/core/CredentialsPopup.java @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2012-2019 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + +package de.blinkt.openvpn.core; + +import android.app.*; +import android.content.*; +import android.os.Bundle; +import android.os.IBinder; +import android.os.RemoteException; +import android.text.InputType; +import android.widget.EditText; +import de.blinkt.openvpn.R; + +public class CredentialsPopup extends Activity { + public static final String EXTRA_CHALLENGE_TXT = "de.blinkt.openvpn.core.CR_TEXT_CHALLENGE"; + + + + + @Override + public void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + + // Get the alarm ID from the intent extra data + Intent intent = getIntent(); + Bundle extras = intent.getExtras(); + if (extras == null) { + finish(); + return; + } + String challenge = extras.getString(EXTRA_CHALLENGE_TXT, "(empty challenge text)"); + + showPwDialog(challenge); + } + + + + + private void showPwDialog(String challenge) { + DialogFragment frag = PasswordDialogFragment.newInstance(challenge); + FragmentTransaction ft = getFragmentManager().beginTransaction(); + frag.show(ft, "dialog"); + } +} diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java index ef17e98b..46631e9e 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java @@ -36,4 +36,10 @@ public interface OpenVPNManagement { void networkChange(boolean sameNetwork); void setPauseCallback(PausedStateCallback callback); + + /** + * Send the response to a challenge response + * @param response Base64 encoded response + */ + void sendCRResponse(String response); } diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 064f3828..1128414a 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -34,6 +34,7 @@ import android.support.annotation.NonNull; import android.support.annotation.RequiresApi; import android.system.OsConstants; import android.text.TextUtils; +import android.util.Base64; import android.util.Log; import android.widget.Toast; @@ -43,6 +44,7 @@ import java.lang.reflect.Method; import java.net.Inet6Address; import java.net.InetAddress; import java.net.UnknownHostException; +import java.nio.charset.Charset; import java.util.Collection; import java.util.Locale; import java.util.Vector; @@ -122,6 +124,11 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } + @Override + public void challengeResponse(String repsonse) throws RemoteException { + OpenVPNService.this.challengeResponse(repsonse); + } + }; private String mLastTunCfg; @@ -189,6 +196,14 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac return extapps.checkRemoteActionPermission(this, packagename); } + @Override + public void challengeResponse(String response) throws RemoteException { + if(mManagement != null) { + String b64response = Base64.encodeToString(response.getBytes(Charset.forName("UTF-8")), Base64.DEFAULT); + mManagement.sendCRResponse(b64response); + } + } + @Override public IBinder onBind(Intent intent) { @@ -1225,27 +1240,47 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac showNotification(getString(resid), getString(resid), NOTIFICATION_CHANNEL_NEWSTATUS_ID, 0, LEVEL_WAITING_FOR_USER_INPUT); } - public void trigger_url_open(String info) { + + public void trigger_sso(String info) { String channel = NOTIFICATION_CHANNEL_USERREQ_ID; - String url = info.split(":",2)[1]; + String method = info.split(":", 2)[0]; NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE); Notification.Builder nbuilder = new Notification.Builder(this); - nbuilder.setContentTitle(getString(R.string.openurl_requested)); - - nbuilder.setContentText(url); nbuilder.setAutoCancel(true); - int icon = android.R.drawable.ic_dialog_info; - nbuilder.setSmallIcon(icon); - Intent openUrlIntent = new Intent(Intent.ACTION_VIEW); - openUrlIntent.setData(Uri.parse(url)); - openUrlIntent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + Intent intent; + + if (method.equals("OPEN_URL")) { + String url = info.split(":", 2)[1]; - nbuilder.setContentIntent(PendingIntent.getActivity(this,0, openUrlIntent, 0)); + nbuilder.setContentTitle(getString(R.string.openurl_requested)); + + nbuilder.setContentText(url); + + + intent = new Intent(Intent.ACTION_VIEW); + intent.setData(Uri.parse(url)); + intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + + + } else if (method.equals("CR_TEXT")) { + String challenge = info.split(":", 2)[1]; + nbuilder.setContentTitle(getString(R.string.crtext_requested)); + nbuilder.setContentText(challenge); + + intent = new Intent(this, CredentialsPopup.class); + intent.putExtra(CredentialsPopup.EXTRA_CHALLENGE_TXT, challenge); + + } else { + VpnStatus.logError("Unknown SSO method found: " + method); + return; + } + + nbuilder.setContentIntent(PendingIntent.getActivity(this, 0, intent, 0)); // Try to set the priority available since API 16 (Jellybean) @@ -1263,6 +1298,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac @SuppressWarnings("deprecation") Notification notification = nbuilder.getNotification(); + int notificationId = channel.hashCode(); mNotificationManager.notify(notificationId, notification); diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java index afc22183..4302b4a8 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java @@ -15,7 +15,6 @@ import android.os.Handler; import android.os.ParcelFileDescriptor;
import android.support.annotation.NonNull;
import android.support.annotation.RequiresApi;
-import android.system.ErrnoException;
import android.system.Os;
import android.util.Log;
import de.blinkt.openvpn.R;
@@ -342,9 +341,9 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { private void processInfoMessage(String info)
{
- if (info.startsWith("OPEN_URL:"))
+ if (info.startsWith("OPEN_URL:") || info.startsWith("CR_TEXT:"))
{
- mOpenVPNService.trigger_url_open(info);
+ mOpenVPNService.trigger_sso(info);
}
}
@@ -733,6 +732,11 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { mPauseCallback = callback;
}
+ @Override
+ public void sendCRResponse(String response) {
+ managmentCommand("cr-response " + response + "\n");
+ }
+
public void signalusr1() {
mResumeHandler.removeCallbacks(mResumeHoldRunnable);
if (!mWaitingForRelease)
diff --git a/main/src/main/java/de/blinkt/openvpn/core/PasswordDialogFragment.java b/main/src/main/java/de/blinkt/openvpn/core/PasswordDialogFragment.java new file mode 100644 index 00000000..230dfad7 --- /dev/null +++ b/main/src/main/java/de/blinkt/openvpn/core/PasswordDialogFragment.java @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2012-2019 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + +package de.blinkt.openvpn.core; + +import android.app.AlertDialog; +import android.app.Dialog; +import android.app.DialogFragment; +import android.content.ComponentName; +import android.content.Intent; +import android.content.ServiceConnection; +import android.os.Bundle; +import android.os.IBinder; +import android.os.RemoteException; +import android.text.InputType; +import android.widget.EditText; + + +public class PasswordDialogFragment extends DialogFragment { + + private IOpenVPNServiceInternal mService; + private ServiceConnection mConnection = new ServiceConnection() { + + + @Override + public void onServiceConnected(ComponentName className, + IBinder service) { + + mService = IOpenVPNServiceInternal.Stub.asInterface(service); + } + + @Override + public void onServiceDisconnected(ComponentName arg0) { + mService = null; + } + + }; + + @Override + public void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + Intent intent = new Intent(getActivity(), OpenVPNService.class); + intent.setAction(OpenVPNService.START_SERVICE); + getActivity().bindService(intent, mConnection, 0); + } + + @Override + public void onDestroy() { + super.onDestroy(); + getActivity().unbindService(mConnection); + } + + static PasswordDialogFragment newInstance(String title) { + PasswordDialogFragment frag = new PasswordDialogFragment(); + Bundle args = new Bundle(); + args.putString("title", title); + frag.setArguments(args); + return frag; + } + + @Override + public Dialog onCreateDialog(Bundle savedInstanceState) { + String title = getArguments().getString("title"); + + final EditText input = new EditText(getActivity()); + input.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD); + + + return new AlertDialog.Builder(getActivity()) + .setIcon(android.R.drawable.ic_dialog_alert) + .setTitle(title) + .setView(input) + .setPositiveButton(android.R.string.ok, (dialogInterface, i) -> { + if (mService != null) { + try { + mService.challengeResponse(input.getText().toString()); + getActivity().finish(); + } catch (RemoteException e) { + VpnStatus.logException(e); + e.printStackTrace(); + } + } + }) + .setNegativeButton(android.R.string.cancel, + (dialog, whichButton) -> getActivity().finish() + ) + .create(); + } +}
\ No newline at end of file diff --git a/main/src/main/java/de/blinkt/openvpn/fragments/KeyChainSettingsFragment.kt b/main/src/main/java/de/blinkt/openvpn/fragments/KeyChainSettingsFragment.kt index fe074c63..323b3a4d 100644 --- a/main/src/main/java/de/blinkt/openvpn/fragments/KeyChainSettingsFragment.kt +++ b/main/src/main/java/de/blinkt/openvpn/fragments/KeyChainSettingsFragment.kt @@ -16,6 +16,7 @@ import android.os.Handler import android.os.Message import android.security.KeyChain import android.security.KeyChainException +import android.security.keystore.KeyInfo import android.text.TextUtils import android.view.View import android.widget.AdapterView @@ -27,6 +28,8 @@ import de.blinkt.openvpn.VpnProfile import de.blinkt.openvpn.api.ExternalCertificateProvider import de.blinkt.openvpn.core.ExtAuthHelper import de.blinkt.openvpn.core.X509Utils +import java.security.KeyFactory +import java.security.PrivateKey import java.security.cert.X509Certificate @@ -43,8 +46,18 @@ internal abstract class KeyChainSettingsFragment : Settings_Fragment(), View.OnC @TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2) @Throws(KeyChainException::class, InterruptedException::class) get() { - val algorithm = KeyChain.getPrivateKey(activity.applicationContext, mProfile.mAlias)!!.algorithm - return KeyChain.isBoundKeyAlgorithm(algorithm) + val key : PrivateKey = KeyChain.getPrivateKey(activity.applicationContext, mProfile.mAlias) ?: return false + + if (Build.VERSION.SDK_INT > Build.VERSION_CODES.M) + { + val keyFactory = KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore") + val keyInfo = keyFactory.getKeySpec(key, KeyInfo::class.java) + return keyInfo.isInsideSecureHardware() + + } else { + val algorithm = key.algorithm + return KeyChain.isBoundKeyAlgorithm(algorithm) + } } @@ -136,7 +149,7 @@ internal abstract class KeyChainSettingsFragment : Settings_Fragment(), View.OnC protected fun initKeychainViews(v: View) { v.findViewById<View>(R.id.select_keystore_button).setOnClickListener(this) - v.findViewById<View>(R.id.configure_extauth_button).setOnClickListener(this) + v.findViewById<View>(R.id.configure_extauth_button)?.setOnClickListener(this) v.findViewById<View>(R.id.install_keystore_button).setOnClickListener(this) mAliasCertificate = v.findViewById(R.id.alias_certificate) mExtAuthSpinner = v.findViewById(R.id.extauth_spinner) @@ -172,7 +185,7 @@ internal abstract class KeyChainSettingsFragment : Settings_Fragment(), View.OnC } private fun startExternalAuthConfig() { - val eAuth = mExtAuthSpinner!!.selectedItem as ExtAuthHelper.ExternalAuthProvider + val eAuth = mExtAuthSpinner.selectedItem as ExtAuthHelper.ExternalAuthProvider mProfile.mExternalAuthenticator = eAuth.packageName if (!eAuth.configurable) { fetchExtCertificateMetaData() diff --git a/main/src/main/res/values/strings.xml b/main/src/main/res/values/strings.xml index 5b14dbd1..5ab3783d 100755 --- a/main/src/main/res/values/strings.xml +++ b/main/src/main/res/values/strings.xml @@ -475,7 +475,7 @@ <string name="no_orbotfound">Orbot application cannot be found. Please install Orbot or use manual Socks v5 integration.</string> <string name="faq_remote_api_title">Remote API</string> <string name="faq_remote_api">OpenVPN for Android supports two remote APIs, a sophisticated API using AIDL (remoteEXample in the git repository) and a simple one using Intents. <p>Examples using adb shell and the intents. Replace profilname with your profile name<p><p> adb shell am start-activity -a android.intent.action.MAIN de.blinkt.openvpn/.api.DisconnectVPN<p> adb shell am start-activity -a android.intent.action.MAIN -e de.blinkt.openvpn.api.profileName Blinkt de.blinkt.openvpn/.api.ConnectVPN</string> - <string name ="enableproxyauth">Enable Proxy Authentication</string> + <string name="enableproxyauth">Enable Proxy Authentication</string> <string name="error_orbot_and_proxy_options">Cannot use extra http-proxy-option statement and Orbot integration at the same timeO</string> <string name="info_from_server">Info from server: \'%s\'</string> <string name="channel_name_userreq">User interaction required</string> @@ -483,6 +483,7 @@ authentification </string> <string name="openurl_requested">Open URL to continue VPN authentication</string> + <string name="crtext_requested">Answer challenge to continue VPN authentication</string> <string name="state_auth_pending">Authentication pending</string> <string name="external_authenticator">External Authenticator</string> <string name="configure">Configure</string> diff --git a/main/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java index dc2ac74f..bdaaa431 100644 --- a/main/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ b/main/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -1,16 +1,18 @@ package de.blinkt.openvpn.core; import android.content.Context; +import android.util.Base64; import de.blinkt.openvpn.R; import de.blinkt.openvpn.VpnProfile; import net.openvpn.ovpn3.*; import net.openvpn.ovpn3.ClientAPI_OpenVPNClient; +import net.openvpn.ovpn3.ClientAPI_DynamicChallenge; + +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; import static de.blinkt.openvpn.VpnProfile.AUTH_RETRY_NOINTERACT; -import static net.openvpn.ovpn3.ClientAPI_OpenVPNClient.copyright; -import static net.openvpn.ovpn3.ClientAPI_OpenVPNClient.init_process; -import static net.openvpn.ovpn3.ClientAPI_OpenVPNClient.platform; public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement { @@ -182,6 +184,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable config.setContent(vpnconfig); config.setTunPersist(mVp.mPersistTun); config.setGuiVersion(mVp.getVersionEnvString(mService)); + config.setSsoMethods("openurl,crtext"); //config.setPlatformVersion(mVp.getPlatformVersionEnvString()); config.setExternalPkiAlias("extpki"); config.setCompressionMode("asym"); @@ -225,14 +228,14 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable @Override public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) { - VpnStatus.logDebug("Got external PKI signing request from OpenVPN core for algorithm " + signreq.getPadding()); + VpnStatus.logDebug("Got external PKI signing request from OpenVPN core for algorithm " + signreq.getAlgorithm()); boolean pkcs1padding; - if (signreq.getPadding().equals("RSA_PKCS1_PADDING")) + if (signreq.getAlgorithm().equals("RSA_PKCS1_PADDING")) pkcs1padding = true; - else if (signreq.getPadding().equals("RSA_NO_PADDING")) + else if (signreq.getAlgorithm().equals("RSA_NO_PADDING")) pkcs1padding = false; else - throw new IllegalArgumentException("Illegal padding in sign request" + signreq.getPadding()); + throw new IllegalArgumentException("Illegal padding in sign request" + signreq.getAlgorithm()); signreq.setSig(mVp.getSignedData(mService, signreq.getData(), pkcs1padding)); } @@ -248,8 +251,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable @Override public boolean socket_protect(int socket, String remote, boolean ipv6) { - boolean b= mService.protect(socket); - return b; + return mService.protect(socket); } @@ -276,6 +278,11 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable } @Override + public void sendCRResponse(String response) { + post_cc_msg("CR_RESPONSE," + response + "\n"); + } + + @Override public void log(ClientAPI_LogInfo arg0) { String logmsg =arg0.getText(); while (logmsg.endsWith("\n")) @@ -290,13 +297,18 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable String info = event.getInfo(); if (name.equals("INFO")) { VpnStatus.logInfo(R.string.info_from_server, info); - if (info.startsWith("OPEN_URL:")) + if (info.startsWith("OPEN_URL:") || info.startsWith("CR_TEXT:")) { - mService.trigger_url_open(info); + mService.trigger_sso(info); } } else{ VpnStatus.updateStateString(name, info); } + /* if (event.name.equals("DYNAMIC_CHALLENGE")) { + ClientAPI_DynamicChallenge challenge = new ClientAPI_DynamicChallenge(); + final boolean status = ClientAPI_OpenVPNClient.parse_dynamic_challenge(event.info, challenge); + + } else */ if(event.getError()) VpnStatus.logError(String.format("EVENT(Error): %s: %s", name, info)); } |