diff options
Diffstat (limited to 'main/src/ui/java/de/blinkt/openvpn/fragments/Settings_Authentication.kt')
-rw-r--r-- | main/src/ui/java/de/blinkt/openvpn/fragments/Settings_Authentication.kt | 212 |
1 files changed, 212 insertions, 0 deletions
diff --git a/main/src/ui/java/de/blinkt/openvpn/fragments/Settings_Authentication.kt b/main/src/ui/java/de/blinkt/openvpn/fragments/Settings_Authentication.kt new file mode 100644 index 00000000..15687f26 --- /dev/null +++ b/main/src/ui/java/de/blinkt/openvpn/fragments/Settings_Authentication.kt @@ -0,0 +1,212 @@ +/* + * Copyright (c) 2012-2016 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ +package de.blinkt.openvpn.fragments + +import android.app.Activity +import android.content.Intent +import android.os.Build +import android.os.Bundle +import android.util.Pair +import androidx.activity.result.ActivityResult +import androidx.activity.result.contract.ActivityResultContracts +import androidx.fragment.app.DialogFragment +import androidx.preference.* +import de.blinkt.openvpn.R +import de.blinkt.openvpn.VpnProfile +import de.blinkt.openvpn.activities.FileSelect +import de.blinkt.openvpn.core.VpnStatus +import de.blinkt.openvpn.fragments.Utils.alwaysUseOldFileChooser +import de.blinkt.openvpn.fragments.Utils.getFilePickerIntent +import de.blinkt.openvpn.fragments.Utils.getFilePickerResult +import de.blinkt.openvpn.views.RemoteCNPreference +import de.blinkt.openvpn.views.RemoteCNPreferenceDialog +import java.io.IOException + +class Settings_Authentication : OpenVpnPreferencesFragment(), Preference.OnPreferenceChangeListener, + Preference.OnPreferenceClickListener { + private lateinit var mExpectTLSCert: CheckBoxPreference + private lateinit var mCheckRemoteCN: CheckBoxPreference + private lateinit var mRemoteCN: RemoteCNPreference + private lateinit var mTLSAuthDirection: ListPreference + private lateinit var mTLSAuthFile: Preference + private lateinit var mUseTLSAuth: SwitchPreference + private lateinit var mDataCiphers: EditTextPreference + private var mTlsAuthFileData: String? = null + private lateinit var mAuth: EditTextPreference + private lateinit var mRemoteX509Name: EditTextPreference + + override fun onCreatePreferences(savedInstanceState: Bundle?, rootKey: String?) { + } + + override fun onCreate(savedInstanceState: Bundle?) { + super.onCreate(savedInstanceState) + + // Load the preferences from an XML resource + addPreferencesFromResource(R.xml.vpn_authentification) + mExpectTLSCert = findPreference("remoteServerTLS")!! + mCheckRemoteCN = findPreference("checkRemoteCN")!! + mRemoteCN = findPreference("remotecn")!! + mRemoteCN.onPreferenceChangeListener = this + mRemoteX509Name = findPreference("remotex509name")!! + mRemoteX509Name.onPreferenceChangeListener = this + mUseTLSAuth = findPreference("useTLSAuth")!! + mTLSAuthFile = findPreference("tlsAuthFile")!! + mTLSAuthDirection = findPreference("tls_direction")!! + mTLSAuthFile.onPreferenceClickListener = this + mDataCiphers = findPreference("dataciphers")!! + mDataCiphers.onPreferenceChangeListener = this + mAuth = findPreference("auth")!! + mAuth.onPreferenceChangeListener = this + loadSettings() + } + + override fun loadSettings() { + mExpectTLSCert.isChecked = mProfile.mExpectTLSCert + mCheckRemoteCN.isChecked = mProfile.mCheckRemoteCN + mRemoteCN.setDN(mProfile.mRemoteCN) + mRemoteCN.setAuthType(mProfile.mX509AuthType) + onPreferenceChange( + mRemoteCN, + Pair(mProfile.mX509AuthType, mProfile.mRemoteCN) + ) + mRemoteX509Name.text = mProfile.mx509UsernameField ?: "" + onPreferenceChange(mRemoteX509Name, mProfile.mx509UsernameField ?: "") + mUseTLSAuth.isChecked = mProfile.mUseTLSAuth + mTlsAuthFileData = mProfile.mTLSAuthFilename + setTlsAuthSummary(mTlsAuthFileData) + mTLSAuthDirection.value = mProfile.mTLSAuthDirection + mDataCiphers.text = mProfile.mDataCiphers + onPreferenceChange(mDataCiphers, mProfile.mDataCiphers) + mAuth.text = mProfile.mAuth + onPreferenceChange(mAuth, mProfile.mAuth) + if (mProfile.mAuthenticationType == VpnProfile.TYPE_STATICKEYS) { + mExpectTLSCert.isEnabled = false + mCheckRemoteCN.isEnabled = false + mUseTLSAuth.isChecked = true + } else { + mExpectTLSCert.isEnabled = true + mCheckRemoteCN.isEnabled = true + } + } + + override fun saveSettings() { + mProfile.mExpectTLSCert = mExpectTLSCert.isChecked + mProfile.mCheckRemoteCN = mCheckRemoteCN.isChecked + mProfile.mRemoteCN = mRemoteCN.cnText + mProfile.mX509AuthType = mRemoteCN.authtype + mProfile.mUseTLSAuth = mUseTLSAuth.isChecked + mProfile.mTLSAuthFilename = mTlsAuthFileData + mProfile.mx509UsernameField = mRemoteX509Name.text + if (mTLSAuthDirection.value == null) mProfile.mTLSAuthDirection = + null else mProfile.mTLSAuthDirection = mTLSAuthDirection.value + if (mDataCiphers.text == null) mProfile.mDataCiphers = null else mProfile.mDataCiphers = + mDataCiphers.text + if (mAuth.text == null) mProfile.mAuth = null else mProfile.mAuth = mAuth.text + } + + override fun onPreferenceChange(preference: Preference, newValue: Any): Boolean { + if (preference === mRemoteCN && newValue is Pair<*, *>) { + val authtype = newValue.first as Int + val dn = newValue.second + if ("" == dn) { + if (mProfile.mConnections.size > 0) { + preference.summary = getX509String( + VpnProfile.X509_VERIFY_TLSREMOTE_RDN, + mProfile.mConnections[0].mServerName + ) + } else { + preference.setSummary(R.string.no_remote_defined) + } + } else { + preference.summary = getX509String(authtype, dn as String) + } + } else if (preference === mDataCiphers || preference === mAuth) { + preference.summary = (newValue as CharSequence) + } else if (preference === mRemoteX509Name) { + preference.summary = + (if (newValue.toString().isEmpty()) "CN (default)" else newValue as CharSequence) + } + return true + } + + private fun getX509String(authtype: Int, dn: String): CharSequence { + var ret = "" + when (authtype) { + VpnProfile.X509_VERIFY_TLSREMOTE, VpnProfile.X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING -> ret += "tls-remote " + VpnProfile.X509_VERIFY_TLSREMOTE_DN -> ret = "dn: " + VpnProfile.X509_VERIFY_TLSREMOTE_RDN -> ret = "rdn: " + VpnProfile.X509_VERIFY_TLSREMOTE_RDN_PREFIX -> ret = "rdn prefix: " + } + return ret + dn + } + + fun startFileDialog() { + var startFC: Intent? = null + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && !alwaysUseOldFileChooser(activity)) { + startFC = getFilePickerIntent(requireContext(), Utils.FileType.TLS_AUTH_FILE) + registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result: ActivityResult -> + if (result.resultCode == Activity.RESULT_OK) + try { + mTlsAuthFileData = + getFilePickerResult( + Utils.FileType.TLS_AUTH_FILE, + result.data, + requireContext() + ) + setTlsAuthSummary(mTlsAuthFileData) + } catch (e: IOException) { + VpnStatus.logException(e) + } catch (se: SecurityException) { + VpnStatus.logException(se) + } + } + } + if (startFC == null) { + startFC = Intent(activity, FileSelect::class.java) + startFC.putExtra(FileSelect.START_DATA, mTlsAuthFileData) + startFC.putExtra(FileSelect.WINDOW_TITLE, R.string.tls_auth_file) + registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result: ActivityResult -> + + val resData = result.data?.getStringExtra(FileSelect.RESULT_DATA) + mTlsAuthFileData = resData + setTlsAuthSummary(resData) + + } + } + } + + override fun onPreferenceClick(preference: Preference): Boolean { + startFileDialog() + return true + } + + + private fun setTlsAuthSummary(result: String?) { + var result = result + if (result == null) + result = getString(R.string.no_certificate) + + if (result.startsWith(VpnProfile.INLINE_TAG)) + mTLSAuthFile.setSummary(R.string.inline_file_data) + else if (result.startsWith(VpnProfile.DISPLAYNAME_TAG)) + mTLSAuthFile.summary = + getString(R.string.imported_from_file, VpnProfile.getDisplayName(result)) + else + mTLSAuthFile.summary = result + } + + override fun onDisplayPreferenceDialog(preference: Preference) { + var dialogFragment: DialogFragment? = null + if (preference is RemoteCNPreference) { + dialogFragment = RemoteCNPreferenceDialog.newInstance(preference.getKey()) + } + if (dialogFragment != null) { + dialogFragment.setTargetFragment(this, 0) + dialogFragment.show(parentFragmentManager, "RemoteCNDialog") + } else { + super.onDisplayPreferenceDialog(preference) + } + } +}
\ No newline at end of file |