From 0cdf936963a5cc19c433ff22b8f88e614327e850 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Mon, 8 Oct 2018 17:59:10 +0300 Subject: Include possibility to use mbedtls+openvpn2 --- main/src/main/cpp/CMakeLists.txt | 18 +++++++++++++++--- main/src/main/cpp/openvpn-config/config.h | 1 + main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 2 +- 3 files changed, 17 insertions(+), 4 deletions(-) (limited to 'main') diff --git a/main/src/main/cpp/CMakeLists.txt b/main/src/main/cpp/CMakeLists.txt index ce28ed3b..24b13f3a 100644 --- a/main/src/main/cpp/CMakeLists.txt +++ b/main/src/main/cpp/CMakeLists.txt @@ -13,6 +13,9 @@ OPTION(ENABLE_PROGRAMS "" OFF) OPTION(USE_SHARED_MBEDTLS_LIBRARY "" OFF) OPTION(ENABLE_TESTING "" OFF) +# Own options +OPTION(OPENVPN2MBED "Use mbed TLS for OpenVPN2" OFF) + #add_subdirectory(lzo) include(tools.cmake) include(lzo.cmake) @@ -169,16 +172,18 @@ set(openvpn_srcs src/openvpn/compstub.c ) -PREPEND(openvpn_srcs_with_path "openvpn" ${openvpn_srcs}) +PREPEND(openvpn_srcs_with_path "openvpn" ${openvpn_srcs}) + add_library(openvpn SHARED ${openvpn_srcs_with_path}) + target_include_directories(openvpn PRIVATE openvpn-config openvpn/src/compat openvpn/include + mbedtls/include lzo/include openvpn ) - target_compile_definitions(openvpn PRIVATE -DHAVE_CONFIG_H -DCONFIGURE_GIT_REVISION=\"${OPENVPN2_GIT}\" @@ -186,10 +191,17 @@ target_compile_definitions(openvpn PRIVATE -DTARGET_ABI=\"${ANDROID_ABI}\" ) +if (${OPENVPN2MBED}) +target_compile_definitions(openvpn PRIVATE + -DENABLE_CRYPTO_MBEDTLS=1 + ) + target_link_libraries(openvpn mbedtls mbedx509 mbedcrypto lzo) +else() target_compile_definitions(openvpn PRIVATE -DENABLE_CRYPTO_OPENSSL=1 ) -target_link_libraries(openvpn crypto ssl lzo) + target_link_libraries(openvpn crypto ssl lzo) +endif() add_executable(pie_openvpn.${ANDROID_ABI} minivpn/minivpn.c) target_compile_options(pie_openvpn.${ANDROID_ABI} PRIVATE -fPIE) diff --git a/main/src/main/cpp/openvpn-config/config.h b/main/src/main/cpp/openvpn-config/config.h index 7a25ea96..b15c83dd 100644 --- a/main/src/main/cpp/openvpn-config/config.h +++ b/main/src/main/cpp/openvpn-config/config.h @@ -673,5 +673,6 @@ int res_init(); #define HAVE_EVP_PKEY_GET0_EC_KEY 1 #define HAVE_EC_GROUP_ORDER_BITS 1 #define HAVE_RSA_METH_GET0_APP_DATA 1 +#define HAVE_RSA_METH_SET_SIGN 1 #define ENABLE_OFB_CFB_MODE 1 \ No newline at end of file diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index 1ac4d2ca..43891c3d 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -445,7 +445,7 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append("### From Keystore/ext auth app ####\n"); if (ks != null) { cfg.append("\n").append(ks[0]).append("\n\n"); - if (ks[1] != null) + if (!TextUtils.isEmpty(ks[1])) cfg.append("\n").append(ks[1]).append("\n\n"); cfg.append("\n").append(ks[2]).append("\n\n"); cfg.append("management-external-key nopadding\n"); -- cgit v1.2.3