From d98f6c6ba51ae8810bd2d035fa89f6ca24eba8fd Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Mon, 16 Mar 2015 12:55:41 +0100 Subject: Update/cleanup of external API, allow adding of non user editable profiles --HG-- rename : remoteExample/src/main/assets/hd.conf => remoteExample/src/main/assets/test.conf --- .../de/blinkt/openvpn/api/IOpenVPNAPIService.aidl | 13 +++- remoteExample/src/main/assets/hd.conf | 61 --------------- remoteExample/src/main/assets/test.conf | 61 +++++++++++++++ .../java/de/blinkt/openvpn/api/APIVpnProfile.java | 87 ++++++++++++---------- .../de/blinkt/openvpn/remote/MainFragment.java | 30 +++++--- .../src/main/res/layout/fragment_main.xml | 10 +++ remoteExample/src/main/res/values/strings.xml | 1 + 7 files changed, 151 insertions(+), 112 deletions(-) delete mode 100644 remoteExample/src/main/assets/hd.conf create mode 100644 remoteExample/src/main/assets/test.conf (limited to 'remoteExample') diff --git a/remoteExample/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl b/remoteExample/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl index d0791a4a..273a0046 100644 --- a/remoteExample/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl +++ b/remoteExample/src/main/aidl/de/blinkt/openvpn/api/IOpenVPNAPIService.aidl @@ -12,10 +12,14 @@ interface IOpenVPNAPIService { void startProfile (String profileUUID); - /** Use a profile with all certificates etc. embedded */ + /** Use a profile with all certificates etc. embedded, + * old version which does not return the UUID of the addded profile, see + * below for a version that return the UUID on add */ boolean addVPNProfile (String name, String config); - /** start a profile using an config */ + /** start a profile using a config as inline string. Make sure that all needed data is inlined, + * e.g., using ... or ... + * See the OpenVPN manual page for more on inlining files */ void startVPN (String inlineconfig); /** This permission framework is used to avoid confused deputy style attack to the VPN @@ -55,5 +59,8 @@ interface IOpenVPNAPIService { * Before calling this function you should make sure OpenVPN for Android may actually * this function by checking if prepareVPNService returns null; */ boolean protectSocket(in ParcelFileDescriptor fd); - + + + /** Use a profile with all certificates etc. embedded */ + APIVpnProfile addNewVPNProfile (String name, boolean userEditable, String config); } \ No newline at end of file diff --git a/remoteExample/src/main/assets/hd.conf b/remoteExample/src/main/assets/hd.conf deleted file mode 100644 index 3dc917aa..00000000 --- a/remoteExample/src/main/assets/hd.conf +++ /dev/null @@ -1,61 +0,0 @@ -# This config does not work, -# it only thought as demo to show starting a profile -client - -proto tcp -dev tun -topology subnet - -remote openvpn.blinkt.de 2000 -tls-remote openvpn.blinkt.de - - -wronguser -wrongpassword - - -comp-lzo - ------BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD ------END CERTIFICATE----- - -verb 2 diff --git a/remoteExample/src/main/assets/test.conf b/remoteExample/src/main/assets/test.conf new file mode 100644 index 00000000..3dc917aa --- /dev/null +++ b/remoteExample/src/main/assets/test.conf @@ -0,0 +1,61 @@ +# This config does not work, +# it only thought as demo to show starting a profile +client + +proto tcp +dev tun +topology subnet + +remote openvpn.blinkt.de 2000 +tls-remote openvpn.blinkt.de + + +wronguser +wrongpassword + + +comp-lzo + +-----BEGIN CERTIFICATE----- +MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 +IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB +IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA +Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO +BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi +MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ +ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ +8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 +zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y +fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 +w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc +G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k +epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q +laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ +QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU +fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 +YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w +ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY +gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe +MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 +IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy +dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw +czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 +dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl +aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC +AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg +b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB +ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc +nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg +18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c +gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl +Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY +sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T +SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF +CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum +GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk +zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW +omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD +-----END CERTIFICATE----- + +verb 2 diff --git a/remoteExample/src/main/java/de/blinkt/openvpn/api/APIVpnProfile.java b/remoteExample/src/main/java/de/blinkt/openvpn/api/APIVpnProfile.java index f5591764..9d7e3b8e 100644 --- a/remoteExample/src/main/java/de/blinkt/openvpn/api/APIVpnProfile.java +++ b/remoteExample/src/main/java/de/blinkt/openvpn/api/APIVpnProfile.java @@ -1,3 +1,8 @@ +/* + * Copyright (c) 2012-2015 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + package de.blinkt.openvpn.api; import android.os.Parcel; @@ -5,47 +10,51 @@ import android.os.Parcelable; public class APIVpnProfile implements Parcelable { - public final String mUUID; - public final String mName; - public final boolean mUserEditable; + public final String mUUID; + public final String mName; + public final boolean mUserEditable; + public final String mProfileCreator; - public APIVpnProfile(Parcel in) { - mUUID = in.readString(); - mName = in.readString(); + public APIVpnProfile(Parcel in) { + mUUID = in.readString(); + mName = in.readString(); mUserEditable = in.readInt() != 0; - } - - public APIVpnProfile(String uuidString, String name, boolean userEditable) { - mUUID=uuidString; - mName = name; - mUserEditable=userEditable; - } - - @Override - public int describeContents() { - return 0; - } - - @Override - public void writeToParcel(Parcel dest, int flags) { - dest.writeString(mUUID); - dest.writeString(mName); - if(mUserEditable) - dest.writeInt(0); - else - dest.writeInt(1); - } - - public static final Parcelable.Creator CREATOR - = new Parcelable.Creator() { - public APIVpnProfile createFromParcel(Parcel in) { - return new APIVpnProfile(in); - } - - public APIVpnProfile[] newArray(int size) { - return new APIVpnProfile[size]; - } - }; + mProfileCreator = in.readString(); + } + + public APIVpnProfile(String uuidString, String name, boolean userEditable, String profileCreator) { + mUUID = uuidString; + mName = name; + mUserEditable = userEditable; + mProfileCreator = profileCreator; + } + + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeString(mUUID); + dest.writeString(mName); + if (mUserEditable) + dest.writeInt(0); + else + dest.writeInt(1); + dest.writeString(mProfileCreator); + } + + public static final Creator CREATOR + = new Creator() { + public APIVpnProfile createFromParcel(Parcel in) { + return new APIVpnProfile(in); + } + + public APIVpnProfile[] newArray(int size) { + return new APIVpnProfile[size]; + } + }; } diff --git a/remoteExample/src/main/java/de/blinkt/openvpn/remote/MainFragment.java b/remoteExample/src/main/java/de/blinkt/openvpn/remote/MainFragment.java index 4f6481b0..a6d2baf5 100644 --- a/remoteExample/src/main/java/de/blinkt/openvpn/remote/MainFragment.java +++ b/remoteExample/src/main/java/de/blinkt/openvpn/remote/MainFragment.java @@ -44,6 +44,7 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand v.findViewById(R.id.disconnect).setOnClickListener(this); v.findViewById(R.id.getMyIP).setOnClickListener(this); v.findViewById(R.id.startembedded).setOnClickListener(this); + v.findViewById(R.id.addNewProfile).setOnClickListener(this); mHelloWorld = (TextView) v.findViewById(R.id.helloworld); mStartVpn = (Button) v.findViewById(R.id.startVPN); mStatus = (TextView) v.findViewById(R.id.status); @@ -59,6 +60,8 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand private static final int START_PROFILE_EMBEDDED = 2; private static final int START_PROFILE_BYUUID = 3; private static final int ICS_OPENVPN_PERMISSION = 7; + private static final int PROFILE_ADD_NEW = 8; + protected IOpenVPNAPIService mService=null; private Handler mHandler; @@ -66,7 +69,7 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand - private void startEmbeddedProfile() + private void startEmbeddedProfile(boolean addNew) { try { InputStream conf = getActivity().getAssets().open("test.conf"); @@ -82,12 +85,11 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand } br.readLine(); - // mService.addVPNProfile("test", config); - mService.startVPN(config); - } catch (IOException e) { - e.printStackTrace(); - } catch (RemoteException e) { - // TODO Auto-generated catch block + if (addNew) + mService.addNewVPNProfile("nonEditable", false, config); + else + mService.startVPN(config); + } catch (IOException | RemoteException e) { e.printStackTrace(); } } @@ -252,6 +254,14 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand e.printStackTrace(); } break; + + case R.id.addNewProfile: + try { + prepareStartProfile(PROFILE_ADD_NEW); + } catch (RemoteException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } default: break; } @@ -271,12 +281,11 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand public void onActivityResult(int requestCode, int resultCode, Intent data) { if (resultCode == Activity.RESULT_OK) { if(requestCode==START_PROFILE_EMBEDDED) - startEmbeddedProfile(); + startEmbeddedProfile(false); if(requestCode==START_PROFILE_BYUUID) try { mService.startProfile(mStartUUID); } catch (RemoteException e) { - // TODO Auto-generated catch block e.printStackTrace(); } if (requestCode == ICS_OPENVPN_PERMISSION) { @@ -288,6 +297,9 @@ public class MainFragment extends Fragment implements View.OnClickListener, Hand } } + if (requestCode == PROFILE_ADD_NEW) { + startEmbeddedProfile(true); + } } }; diff --git a/remoteExample/src/main/res/layout/fragment_main.xml b/remoteExample/src/main/res/layout/fragment_main.xml index e4fa019d..9279bd69 100644 --- a/remoteExample/src/main/res/layout/fragment_main.xml +++ b/remoteExample/src/main/res/layout/fragment_main.xml @@ -67,4 +67,14 @@ android:layout_below="@+id/getMyIP" android:text="@string/start_embedded" /> +