From 2ccc153ecc3fb89ba8a78b8a4c4e08aaf28e1575 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Wed, 16 Mar 2022 11:32:07 +0100 Subject: Also set fake mac address with OpenVPN 2.x The OpenVPN 2.x part of actually sending IV_HWADDR from env is still mising. --- .../main/java/de/blinkt/openvpn/VpnProfile.java | 1 + .../java/de/blinkt/openvpn/core/NetworkUtils.java | 24 ++++++++++++++++++++++ .../de/blinkt/openvpn/core/OpenVPNThreadv3.java | 24 +--------------------- 3 files changed, 26 insertions(+), 23 deletions(-) diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 184c64fd..54d2eb02 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -388,6 +388,7 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append("setenv IV_SSO openurl,webauth,crtext\n"); String versionString = getPlatformVersionEnvString(); cfg.append(String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString))); + cfg.append(String.format("setenv IV_HWADDR %s\n", NetworkUtils.getFakeMacAddrFromSAAID(context))); if (mUseLegacyProvider) cfg.append("providers legacy default\n"); diff --git a/main/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java b/main/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java index 40449118..814aba92 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java +++ b/main/src/main/java/de/blinkt/openvpn/core/NetworkUtils.java @@ -5,9 +5,11 @@ package de.blinkt.openvpn.core; +import android.annotation.SuppressLint; import android.content.Context; import android.net.*; import android.os.Build; +import android.provider.Settings; import android.text.TextUtils; import java.net.Inet4Address; @@ -72,4 +74,26 @@ public class NetworkUtils { return nets; } + @SuppressLint("HardwareIds") + public static String getFakeMacAddrFromSAAID(Context c) { + char[] HEX_ARRAY = "0123456789ABCDEF".toCharArray(); + + String saaid = Settings.Secure.getString(c.getContentResolver(), + Settings.Secure.ANDROID_ID); + + StringBuilder ret = new StringBuilder(); + if (saaid.length() >= 6) { + byte[] sb = saaid.getBytes(); + for (int b = 0; b <= 6; b++) { + if (b != 0) + ret.append(":"); + int v = sb[b] & 0xFF; + ret.append(HEX_ARRAY[v >>> 4]); + ret.append(HEX_ARRAY[v & 0x0F]); + } + } + return ret.toString(); + } + + } \ No newline at end of file diff --git a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java index 927cb14d..780fa217 100644 --- a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -189,7 +189,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable config.setExternalPkiAlias("extpki"); config.setCompressionMode("asym"); - config.setHwAddrOverride(getFakeMacAddrFromSAAID(mService)); + config.setHwAddrOverride(NetworkUtils.getFakeMacAddrFromSAAID(mService)); config.setInfo(true); config.setAllowLocalLanAccess(mVp.mAllowLocalLAN); boolean retryOnAuthFailed = mVp.mAuthRetry == AUTH_RETRY_NOINTERACT; @@ -213,28 +213,6 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable } } - @SuppressLint("HardwareIds") - private String getFakeMacAddrFromSAAID(Context c) { - char[] HEX_ARRAY = "0123456789ABCDEF".toCharArray(); - - String saaid = Settings.Secure.getString(c.getContentResolver(), - Settings.Secure.ANDROID_ID); - - StringBuilder ret = new StringBuilder(); - if (saaid.length() >= 6) { - byte[] sb = saaid.getBytes(); - for (int b = 0; b <= 6; b++) { - if (b != 0) - ret.append(":"); - int v = sb[b] & 0xFF; - ret.append(HEX_ARRAY[v >>> 4]); - ret.append(HEX_ARRAY[v & 0x0F]); - } - } - return ret.toString(); - } - - @Override public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) { VpnStatus.logDebug("Got external PKI certificate request from OpenVPN core"); -- cgit v1.2.3