diff options
author | Arne Schwabe <arne@rfc2549.org> | 2016-11-19 18:15:42 +0100 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2016-11-19 18:15:42 +0100 |
commit | 34f9c3afec04f8d36a11e37346549e613e1b4bb8 (patch) | |
tree | fd1e1939bb906d7bac682b30f508fda1a972c673 /main/src | |
parent | fc24fcf01e55d51b091c451f69e441ad2115af87 (diff) |
Implement tis-crypt
Diffstat (limited to 'main/src')
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 6 | ||||
-rw-r--r-- | main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java | 6 | ||||
-rwxr-xr-x | main/src/main/res/values-de/strings.xml | 1 | ||||
-rw-r--r-- | main/src/main/res/values/arrays.xml | 1 | ||||
-rwxr-xr-x | main/src/main/res/values/strings.xml | 2 | ||||
-rw-r--r-- | main/src/main/res/values/untranslatable.xml | 1 | ||||
-rw-r--r-- | main/src/main/res/xml/vpn_authentification.xml | 2 |
7 files changed, 15 insertions, 4 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index fe8cb19a..c39603b2 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -399,12 +399,16 @@ public class VpnProfile implements Serializable, Cloneable { } if (mUseTLSAuth) { + boolean useTlsCrypt = mTLSAuthDirection.equals("tls-crypt"); + if (mAuthenticationType == TYPE_STATICKEYS) cfg += insertFileData("secret", mTLSAuthFilename); + else if(useTlsCrypt) + cfg += insertFileData("tls-crypt", mTLSAuthFilename); else cfg += insertFileData("tls-auth", mTLSAuthFilename); - if (!TextUtils.isEmpty(mTLSAuthDirection)) { + if (!TextUtils.isEmpty(mTLSAuthDirection) && !useTlsCrypt) { cfg += "key-direction "; cfg += mTLSAuthDirection; cfg += "\n"; diff --git a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index e0aac552..b716d2ca 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/main/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -422,6 +422,12 @@ public class ConfigParser { if (direction != null) np.mTLSAuthDirection = direction.get(1); + Vector<String> tlscrypt = getOption("tls-crypt", 1, 1); + if (tlscrypt!=null) { + np.mUseTLSAuth = true; + np.mTLSAuthDirection = "tls-crypt"; + } + Vector<Vector<String>> defgw = getAllOption("redirect-gateway", 0, 5); if (defgw != null) { np.mUseDefaultRoute = true; diff --git a/main/src/main/res/values-de/strings.xml b/main/src/main/res/values-de/strings.xml index 67ef166c..e5cd8937 100755 --- a/main/src/main/res/values-de/strings.xml +++ b/main/src/main/res/values-de/strings.xml @@ -164,7 +164,6 @@ <string name="private_key_password">Passphrase des privaten Schlüssels</string> <string name="password">Passwort</string> <string name="file_icon">Dateisymbol</string> - <string name="tls_authentication">TLS-Authentifizierung</string> <string name="generated_config">Generierte Konfiguration</string> <string name="generalsettings">Einstellungen</string> <string name="owner_fix_summary">Versucht, den Eigentümer von /dev/tun auf system zu ändern. Einige Cyanogenmod 9-ROM-Versionen benötigen diese Option, damit die VPN-API funktioniert. Benötigt root.</string> diff --git a/main/src/main/res/values/arrays.xml b/main/src/main/res/values/arrays.xml index cf02d1b8..7ade38fe 100644 --- a/main/src/main/res/values/arrays.xml +++ b/main/src/main/res/values/arrays.xml @@ -20,6 +20,7 @@ <item translatable="false">0</item> <item translatable="false">1</item> <item>Unspecified</item> + <item>Encryption (tls-crypt)</item> </string-array> <string-array name="crm_entries"> <item>No reconnection retries</item> diff --git a/main/src/main/res/values/strings.xml b/main/src/main/res/values/strings.xml index e8762203..faab789c 100755 --- a/main/src/main/res/values/strings.xml +++ b/main/src/main/res/values/strings.xml @@ -162,7 +162,7 @@ <string name="private_key_password">Private Key Password</string> <string name="password">Password</string> <string name="file_icon">file icon</string> - <string name="tls_authentication">TLS Authentication</string> + <string name="tls_authentication">TLS Authentication/Encryption</string> <string name="generated_config">Generated Config</string> <string name="generalsettings">Settings</string> <string name="owner_fix_summary">Tries to set the owner of /dev/tun to system. Some CM9 images need this to make the VPNService API work. Requires root.</string> diff --git a/main/src/main/res/values/untranslatable.xml b/main/src/main/res/values/untranslatable.xml index 372ae0aa..8e6f2c75 100644 --- a/main/src/main/res/values/untranslatable.xml +++ b/main/src/main/res/values/untranslatable.xml @@ -33,6 +33,7 @@ <item>0</item> <item>1</item> <item></item> + <item>tls-crypt</item> </string-array> <string-array name="crm_values" translatable="false"> <item>1</item> diff --git a/main/src/main/res/xml/vpn_authentification.xml b/main/src/main/res/xml/vpn_authentification.xml index 09354de3..458378b7 100644 --- a/main/src/main/res/xml/vpn_authentification.xml +++ b/main/src/main/res/xml/vpn_authentification.xml @@ -21,9 +21,9 @@ <EditTextPreference android:dependency="checkRemoteCN" + android:dialogMessage="Field in the X.509 certificate subject to be used as the username (default=CN)." android:key="remotex509name" android:persistent="false" - android:dialogMessage="Field in the X.509 certificate subject to be used as the username (default=CN)." android:title="X509 Username Field" /> </PreferenceCategory> |