diff options
3 files changed, 33 insertions, 8 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/main/src/main/java/de/blinkt/openvpn/LaunchVPN.java index 34d9f8ff..38057005 100644 --- a/main/src/main/java/de/blinkt/openvpn/LaunchVPN.java +++ b/main/src/main/java/de/blinkt/openvpn/LaunchVPN.java @@ -188,7 +188,7 @@ public class LaunchVPN extends Activity { if(requestCode==START_VPN_PROFILE) { if(resultCode == Activity.RESULT_OK) { - int needpw = mSelectedProfile.needUserPWInput(); + int needpw = mSelectedProfile.needUserPWInput(false); if(needpw !=0) { VpnStatus.updateStateString("USER_VPN_PASSWORD", "", R.string.state_user_vpn_password, ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT); diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 09bf4c87..6028d2e5 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -41,6 +41,7 @@ import java.util.Collection; import java.util.Locale; import java.util.UUID; import java.util.Vector; +import java.util.concurrent.Future; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; @@ -175,7 +176,8 @@ public class VpnProfile implements Serializable { escapedString = escapedString.replace("\n", "\\n"); if (escapedString.equals(unescaped) && !escapedString.contains(" ") && - !escapedString.contains("#") && !escapedString.contains(";")) + !escapedString.contains("#") && !escapedString.contains(";") + && !escapedString.equals("")) return unescaped; else return '"' + escapedString + '"'; @@ -636,6 +638,21 @@ public class VpnProfile implements Serializable { return false; } + public void checkForRestart(final Context context) { + /* This method is called when OpenVPNService is restarted */ + + if ((mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) + && mPrivateKey==null) { + new Thread( new Runnable() { + @Override + public void run() { + getKeyStoreCertificates(context); + + } + }).start(); + } + } + class NoCertReturnedException extends Exception { public NoCertReturnedException (String msg) { @@ -842,21 +859,23 @@ public class VpnProfile implements Serializable { return false; } - public int needUserPWInput() { + public int needUserPWInput(boolean ignoreTransient) { if ((mAuthenticationType == TYPE_PKCS12 || mAuthenticationType == TYPE_USERPASS_PKCS12) && (mPKCS12Password == null || mPKCS12Password.equals(""))) { - if (mTransientPCKS12PW == null) + if (ignoreTransient || mTransientPCKS12PW == null) return R.string.pkcs12_file_encryption_key; } if (mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES) { if (requireTLSKeyPassword() && TextUtils.isEmpty(mKeyPassword)) - if (mTransientPCKS12PW == null) { + if (ignoreTransient || mTransientPCKS12PW == null) { return R.string.private_key_password; } } - if (isUserPWAuth() && !(!TextUtils.isEmpty(mUsername) && (!TextUtils.isEmpty(mPassword) || mTransientPW != null))) { + if (isUserPWAuth() && + (TextUtils.isEmpty(mUsername) || + (TextUtils.isEmpty(mPassword) && (mTransientPW == null || ignoreTransient)))) { return R.string.password; } return 0; diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index 6fa8e27c..df60325b 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -320,6 +320,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac String profileUUID = intent.getStringExtra(prefix + ".profileUUID"); mProfile = ProfileManager.get(this, profileUUID); + // Will refetch the private key of the store on restart + mProfile.checkForRestart(this); String startTitle = getString(R.string.start_vpn_title, mProfile.mName); String startTicker = getString(R.string.start_vpn_ticker, mProfile.mName); @@ -399,8 +401,12 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac ProfileManager.setConnectedVpnProfile(this, mProfile); + /* TODO: At the moment we have no way to handle asynchronous PW input + * Fixing will also allow to handle challenge/responsee authentication /* + if (mProfile.needUserPWInput(true) != 0) + return START_NOT_STICKY; - return START_NOT_STICKY; + return START_REDELIVER_INTENT; } private OpenVPNManagement instantiateOpenVPN3Core() { @@ -504,7 +510,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if ((Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT && !release.startsWith("4.4.3") && !release.startsWith("4.4.4") && !release.startsWith("4.4.5") && !release.startsWith("4.4.6")) && mMtu < 1280) { - VpnStatus.logInfo(String.format("Forcing MTU to 1280 instead of %d to workaround Android Bug #70916", mMtu)); + VpnStatus.logInfo(String.format(Locale.US, "Forcing MTU to 1280 instead of %d to workaround Android Bug #70916", mMtu)); builder.setMtu(1280); } else { builder.setMtu(mMtu); |