From 12c2b2a9d724edff6499caad63997bb8cef8f4a4 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Fri, 15 Oct 2021 03:21:03 +0200 Subject: Add log message for unsupported key encryption --- main/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java | 2 +- main/src/main/java/de/blinkt/openvpn/core/VpnStatus.java | 5 ++++- main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java index 8b3d4525..1d8f6cc6 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java +++ b/main/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java @@ -155,7 +155,7 @@ public class OpenVPNThread implements Runnable { logLevel = Math.max(4, logLevel); VpnStatus.logMessageOpenVPN(logStatus, logLevel, msg); - VpnStatus.checkWeakMD(msg); + VpnStatus.addExtraHints(msg); } else { VpnStatus.logInfo("P:" + logline); } diff --git a/main/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/main/src/main/java/de/blinkt/openvpn/core/VpnStatus.java index 04848f93..c8e69414 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/VpnStatus.java +++ b/main/src/main/java/de/blinkt/openvpn/core/VpnStatus.java @@ -474,10 +474,13 @@ public class VpnStatus { } - public static void checkWeakMD(String msg) { + public static void addExtraHints(String msg) { if ((msg.endsWith("md too weak") && msg.startsWith("OpenSSL: error")) || msg.contains("error:140AB18E") || msg.contains("SSL_CA_MD_TOO_WEAK") || (msg.contains("ca md too weak"))) logError("OpenSSL reported a certificate with a weak hash, please see the in app FAQ about weak hashes."); + if ((msg.contains("digital envelope routines::unsupported"))) + logError("The encryption method of your private keys/pkcs12 might be outdated and you probably need to enable " + + "the OpenSSL legacy provider to be able to use this profile."); } public static synchronized void updateByteCount(long in, long out) { diff --git a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java index c51fc2cc..f10011c9 100644 --- a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -55,7 +55,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable ClientAPI_Status status = connect(); if (status.getError()) { VpnStatus.logError(String.format("connect() error: %s: %s", status.getStatus(), status.getMessage())); - VpnStatus.checkWeakMD(status.getMessage()); + VpnStatus.addExtraHints(status.getMessage()); } else { VpnStatus.updateStateString("NOPROCESS", "OpenVPN3 thread finished", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); } @@ -306,7 +306,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable logmsg = logmsg.substring(0, logmsg.length() - 1); VpnStatus.logInfo(logmsg); - VpnStatus.checkWeakMD(logmsg); + VpnStatus.addExtraHints(logmsg); } @Override -- cgit v1.2.3