From af6c8187ecff2ca2955f267975e346e34f0a4c91 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Sun, 3 Oct 2021 18:36:57 +0200 Subject: Fix peer-fingerprint with auth-user-pass Also throw an error if neither of CA or peer-fingerprint is configured --- main/src/main/java/de/blinkt/openvpn/VpnProfile.java | 7 +++++-- main/src/main/res/values/strings.xml | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'main') diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java index f4afb5ad..e82f508c 100644 --- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -505,7 +505,8 @@ public class VpnProfile implements Serializable, Cloneable { break; case VpnProfile.TYPE_USERPASS: cfg.append("auth-user-pass\n"); - cfg.append(insertFileData("ca", mCaFilename)); + if (!TextUtils.isEmpty(mCaFilename)) + cfg.append(insertFileData("ca", mCaFilename)); if (configForOvpn3) { // OpenVPN 3 needs to be told that a client certificate is not required cfg.append("client-cert-not-required\n"); @@ -1054,7 +1055,9 @@ public class VpnProfile implements Serializable, Cloneable { } } - + if (mAuthenticationType != TYPE_STATICKEYS && !mCheckPeerFingerprint && TextUtils.isEmpty(mCaFilename)) { + return R.string.need_fingerprint_or_ca; + } // Everything okay return R.string.no_error_found; diff --git a/main/src/main/res/values/strings.xml b/main/src/main/res/values/strings.xml index 2de43eb2..dd2589c6 100755 --- a/main/src/main/res/values/strings.xml +++ b/main/src/main/res/values/strings.xml @@ -511,5 +511,6 @@ URL Compatiblity Mode Compatibility mode + An OpenVPN profile needs a CA certificate or peer fingerprint -- cgit v1.2.3