summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--main/src/main/java/de/blinkt/openvpn/VpnProfile.java110
1 files changed, 37 insertions, 73 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 316acefb..09fc21ae 100644
--- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -16,6 +16,7 @@ import android.os.Build;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
+import android.support.annotation.NonNull;
import android.text.TextUtils;
import android.util.Base64;
@@ -150,7 +151,7 @@ public class VpnProfile implements Serializable, Cloneable {
public int mMssFix =0; // -1 is default,
public Connection[] mConnections = new Connection[0];
public boolean mRemoteRandom=false;
- public HashSet<String> mAllowedAppsVpn = new HashSet<String>();
+ public HashSet<String> mAllowedAppsVpn = new HashSet<>();
public boolean mAllowedAppsVpnAreDisallowed = true;
public String mProfileCreator;
@@ -220,7 +221,7 @@ public class VpnProfile implements Serializable, Cloneable {
mAllowedAppsVpnAreDisallowed=true;
}
if (mAllowedAppsVpn==null)
- mAllowedAppsVpn = new HashSet<String>();
+ mAllowedAppsVpn = new HashSet<>();
if (mConnections ==null)
mConnections = new Connection[0];
@@ -440,9 +441,9 @@ public class VpnProfile implements Serializable, Cloneable {
}
if (mMssFix !=0){
- if (mMssFix!=1450)
- cfg+=String.format("mssfix %d\n", mMssFix, Locale.US);
- else
+ if (mMssFix!=1450) {
+ cfg += String.format("mssfix %d\n", mMssFix, Locale.US);
+ } else
cfg+="mssfix\n";
}
@@ -564,8 +565,9 @@ public class VpnProfile implements Serializable, Cloneable {
}
}
+ @NonNull
private Collection<String> getCustomRoutes(String routes) {
- Vector<String> cidrRoutes = new Vector<String>();
+ Vector<String> cidrRoutes = new Vector<>();
if (routes == null) {
// No routes set, return empty vector
return cidrRoutes;
@@ -574,7 +576,7 @@ public class VpnProfile implements Serializable, Cloneable {
if (!route.equals("")) {
String cidrroute = cidrToIPAndNetmask(route);
if (cidrroute == null)
- return null;
+ return cidrRoutes;
cidrRoutes.add(cidrroute);
}
@@ -584,7 +586,7 @@ public class VpnProfile implements Serializable, Cloneable {
}
private Collection<String> getCustomRoutesv6(String routes) {
- Vector<String> cidrRoutes = new Vector<String>();
+ Vector<String> cidrRoutes = new Vector<>();
if (routes == null) {
// No routes set, return empty vector
return cidrRoutes;
@@ -617,8 +619,8 @@ public class VpnProfile implements Serializable, Cloneable {
return null;
- long nm = 0xffffffffl;
- nm = (nm << (32 - len)) & 0xffffffffl;
+ long nm = 0xffffffffL;
+ nm = (nm << (32 - len)) & 0xffffffffL;
String netmask = String.format(Locale.ENGLISH, "%d.%d.%d.%d", (nm & 0xff000000) >> 24, (nm & 0xff0000) >> 16, (nm & 0xff00) >> 8, nm & 0xff);
return parts[0] + " " + netmask;
@@ -719,7 +721,7 @@ public class VpnProfile implements Serializable, Cloneable {
public VpnProfile copy(String name) {
try {
- VpnProfile copy = (VpnProfile) clone();
+ VpnProfile copy = clone();
copy.mName = name;
return copy;
@@ -737,17 +739,14 @@ public class VpnProfile implements Serializable, Cloneable {
}
synchronized String[] getKeyStoreCertificates(Context context,int tries) {
- PrivateKey privateKey = null;
- X509Certificate[] caChain;
- Exception exp;
try {
- privateKey = KeyChain.getPrivateKey(context, mAlias);
+ PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias);
mPrivateKey = privateKey;
String keystoreChain = null;
- caChain = KeyChain.getCertificateChain(context, mAlias);
+ X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias);
if(caChain == null)
throw new NoCertReturnedException("No certificate returned from Keystore");
@@ -807,20 +806,19 @@ public class VpnProfile implements Serializable, Cloneable {
}
return new String[]{ca, extra, user};
- } catch (InterruptedException e) {
- exp=e;
- } catch (FileNotFoundException e) {
- exp=e;
- } catch (CertificateException e) {
- exp=e;
- } catch (IOException e) {
- exp=e;
- } catch (KeyChainException e) {
- exp=e;
- } catch (NoCertReturnedException e) {
- exp =e;
- } catch (IllegalArgumentException e) {
- exp =e;
+ } catch (InterruptedException | IOException | KeyChainException | NoCertReturnedException | IllegalArgumentException
+ | CertificateException e) {
+ e.printStackTrace();
+ VpnStatus.logError(R.string.keyChainAccessError, e.getLocalizedMessage());
+
+ VpnStatus.logError(R.string.keychain_access);
+ if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
+ if (!mAlias.matches("^[a-zA-Z0-9]$")) {
+ VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
+ }
+ }
+ return null;
+
} catch (AssertionError e) {
if (tries ==0)
return null;
@@ -833,19 +831,9 @@ public class VpnProfile implements Serializable, Cloneable {
return getKeyStoreCertificates(context, tries-1);
}
- exp.printStackTrace();
- VpnStatus.logError(R.string.keyChainAccessError, exp.getLocalizedMessage());
-
- VpnStatus.logError(R.string.keychain_access);
- if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
- if (!mAlias.matches("^[a-zA-Z0-9]$")) {
- VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
- }
- }
- return null;
}
- //! Return an error if somethign is wrong
+ //! Return an error if something is wrong
public int checkProfile(Context context) {
if (mAuthenticationType == TYPE_KEYSTORE || mAuthenticationType == TYPE_USERPASS_KEYSTORE) {
if (mAlias == null)
@@ -856,7 +844,7 @@ public class VpnProfile implements Serializable, Cloneable {
if (mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null)
return R.string.ipv4_format_error;
}
- if (!mUseDefaultRoute && (getCustomRoutes(mCustomRoutes) == null || getCustomRoutes(mExcludedRoutes) ==null))
+ if (!mUseDefaultRoute && (getCustomRoutes(mCustomRoutes).size() == 0|| getCustomRoutes(mExcludedRoutes).size() == 0))
return R.string.custom_route_format_error;
boolean noRemoteEnabled = true;
@@ -991,7 +979,6 @@ public class VpnProfile implements Serializable, Cloneable {
public String getSignedData(String b64data) {
PrivateKey privkey = getKeystoreKey();
- Exception err;
byte[] data = Base64.decode(b64data, Base64.DEFAULT);
@@ -1015,26 +1002,14 @@ public class VpnProfile implements Serializable, Cloneable {
byte[] signed_bytes = rsaSigner.doFinal(data);
return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
- } catch (NoSuchAlgorithmException e) {
- err = e;
- } catch (InvalidKeyException e) {
- err = e;
- } catch (NoSuchPaddingException e) {
- err = e;
- } catch (IllegalBlockSizeException e) {
- err = e;
- } catch (BadPaddingException e) {
- err = e;
+ } catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException
+ | BadPaddingException | NoSuchPaddingException e) {
+ VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
+ return null;
}
-
- VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage());
-
- return null;
-
}
private String processSignJellyBeans(PrivateKey privkey, byte[] data) {
- Exception err;
try {
Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey");
getKey.setAccessible(true);
@@ -1055,21 +1030,10 @@ public class VpnProfile implements Serializable, Cloneable {
byte[] signed_bytes = NativeUtils.rsasign(data, pkey);
return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
- } catch (NoSuchMethodException e) {
- err = e;
- } catch (IllegalArgumentException e) {
- err = e;
- } catch (IllegalAccessException e) {
- err = e;
- } catch (InvocationTargetException e) {
- err = e;
- } catch (InvalidKeyException e) {
- err = e;
+ } catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) {
+ VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
+ return null;
}
- VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage());
-
- return null;
-
}