From 991d5e1d3f0bf8a1daad3ed41bff9489ffb17fe2 Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Sat, 30 Jun 2012 11:38:31 +0200
Subject: Relase version 0.5.9

---
 openvpn/src/openvpn/options.c                      | 2 +-
 res/values/strings.xml                             | 3 ++-
 src/de/blinkt/openvpn/OpenVpnManagementThread.java | 8 ++++++--
 src/de/blinkt/openvpn/VpnProfile.java              | 9 +++++++--
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/openvpn/src/openvpn/options.c b/openvpn/src/openvpn/options.c
index b83c1de6..b3a41d7b 100644
--- a/openvpn/src/openvpn/options.c
+++ b/openvpn/src/openvpn/options.c
@@ -2732,7 +2732,7 @@ options_postprocess_filechecks (struct options *options)
                              "--extra-certs");
 
 #ifdef MANAGMENT_EXTERNAL_KEY
-	if(!(options->management_flags | MF_EXTERNAL_KEY))
+	if(!(options->management_flags & MF_EXTERNAL_KEY))
 #endif
   errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK,
                              "--key");
diff --git a/res/values/strings.xml b/res/values/strings.xml
index ba4f6b02..d6b55458 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -220,6 +220,7 @@
     <string name="keppstatus_summary">Keep the notification displayed after the connection is established to show traffic statistics.</string>
     <string name="keepstatus">Show Traffic Statistics</string>
     <string name="mobile_info">Running on %1$s (%2$s) %3$s, Android API %4$d</string>
-    <string name="error_rsa_sign">Error signing with Android keystore key %s</string>
+    <string name="error_rsa_sign">Error signing with Android keystore key %1$s: %2$s</string>
+    <string name="keychain_jellybeans">Reading from Android Keystore does not work in Jelly Beans (Google change the way private keys are returned)</string>
 </resources>
 
diff --git a/src/de/blinkt/openvpn/OpenVpnManagementThread.java b/src/de/blinkt/openvpn/OpenVpnManagementThread.java
index e1b37342..69129eb1 100644
--- a/src/de/blinkt/openvpn/OpenVpnManagementThread.java
+++ b/src/de/blinkt/openvpn/OpenVpnManagementThread.java
@@ -403,9 +403,12 @@ public class OpenVpnManagementThread implements Runnable {
 	private void processSignCommand(String b64data) {
 		PrivateKey privkey = mProfile.getKeystoreKey();
 		Exception err =null;
+		
 		try{
 			byte[] data = Base64.decode(b64data, Base64.DEFAULT);
-			Cipher rsasinger = javax.crypto.Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+
+			Cipher rsasinger = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+
 			rsasinger.init(Cipher.ENCRYPT_MODE, privkey);
 
 			byte[] signed_bytes = rsasinger.doFinal(data);
@@ -425,8 +428,9 @@ public class OpenVpnManagementThread implements Runnable {
 			err =e;
 		}
 		if(err !=null) {
-			OpenVPN.logError(R.string.error_rsa_sign,err.getLocalizedMessage());
+			OpenVPN.logError(R.string.error_rsa_sign,err.getClass().toString(),err.getLocalizedMessage());
 		}
+
 	}
 
 }
diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java
index 8b758b3b..54eaae88 100644
--- a/src/de/blinkt/openvpn/VpnProfile.java
+++ b/src/de/blinkt/openvpn/VpnProfile.java
@@ -24,6 +24,7 @@ import org.spongycastle.util.io.pem.PemWriter;
 import android.content.Context;
 import android.content.Intent;
 import android.content.pm.ApplicationInfo;
+import android.os.Build;
 import android.security.KeyChain;
 import android.security.KeyChainException;
 
@@ -551,8 +552,12 @@ public class VpnProfile implements  Serializable{
 
 	//! Return an error if somethign is wrong
 	int checkProfile() {
-		if((mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) && mAlias==null) 
-			return R.string.no_keystore_cert_selected;
+		if(mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) {
+			if(mAlias==null) 
+				return R.string.no_keystore_cert_selected;
+			if(Build.VERSION.SDK_INT == 16)
+				return R.string.keychain_jellybeans;
+		}
 
 		if(!mUsePull) {
 			if(mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null)
-- 
cgit v1.2.3