From a5611ff5b14e15514c20a8f6e8143fa97f1f9bf5 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Thu, 16 Jan 2014 23:56:08 +0100 Subject: =?UTF-8?q?make=20configuring=20=E2=80=94static=20profiles=20a=20b?= =?UTF-8?q?it=20easier?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/de/blinkt/openvpn/VpnProfile.java | 59 +++++++++++----------- .../blinkt/openvpn/activities/ConfigConverter.java | 1 + .../openvpn/fragments/Settings_Authentication.java | 10 ++++ src/de/blinkt/openvpn/fragments/Settings_IP.java | 7 ++- 4 files changed, 46 insertions(+), 31 deletions(-) (limited to 'src/de') diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java index 89e27c47..d580829d 100644 --- a/src/de/blinkt/openvpn/VpnProfile.java +++ b/src/de/blinkt/openvpn/VpnProfile.java @@ -344,35 +344,36 @@ public class VpnProfile implements Serializable { // Authentication - if (mCheckRemoteCN) { - if (mRemoteCN == null || mRemoteCN.equals("")) - cfg += "verify-x509-name " + mServerName + " name\n"; - else - switch (mX509AuthType) { - - // 2.2 style x509 checks - case X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING: - cfg += "compat-names no-remapping\n"; - case X509_VERIFY_TLSREMOTE: - cfg += "tls-remote " + openVpnEscape(mRemoteCN) + "\n"; - break; - - case X509_VERIFY_TLSREMOTE_RDN: - cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name\n"; - break; - - case X509_VERIFY_TLSREMOTE_RDN_PREFIX: - cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name-prefix\n"; - break; - - case X509_VERIFY_TLSREMOTE_DN: - cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + "\n"; - break; - } + if (mAuthenticationType != TYPE_STATICKEYS) { + if (mCheckRemoteCN) { + if (mRemoteCN == null || mRemoteCN.equals("")) + cfg += "verify-x509-name " + mServerName + " name\n"; + else + switch (mX509AuthType) { + + // 2.2 style x509 checks + case X509_VERIFY_TLSREMOTE_COMPAT_NOREMAPPING: + cfg += "compat-names no-remapping\n"; + case X509_VERIFY_TLSREMOTE: + cfg += "tls-remote " + openVpnEscape(mRemoteCN) + "\n"; + break; + + case X509_VERIFY_TLSREMOTE_RDN: + cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name\n"; + break; + + case X509_VERIFY_TLSREMOTE_RDN_PREFIX: + cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + " name-prefix\n"; + break; + + case X509_VERIFY_TLSREMOTE_DN: + cfg += "verify-x509-name " + openVpnEscape(mRemoteCN) + "\n"; + break; + } + } + if (mExpectTLSCert) + cfg += "remote-cert-tls server\n"; } - if (mExpectTLSCert) - cfg += "remote-cert-tls server\n"; - if (nonNull(mCipher)) { cfg += "cipher " + mCipher + "\n"; @@ -676,7 +677,7 @@ public class VpnProfile implements Serializable { return R.string.no_keystore_cert_selected; } - if (!mUsePull) { + if (!mUsePull || mAuthenticationType == TYPE_STATICKEYS) { if (mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null) return R.string.ipv4_format_error; } diff --git a/src/de/blinkt/openvpn/activities/ConfigConverter.java b/src/de/blinkt/openvpn/activities/ConfigConverter.java index 78eb4a2c..491c79a9 100644 --- a/src/de/blinkt/openvpn/activities/ConfigConverter.java +++ b/src/de/blinkt/openvpn/activities/ConfigConverter.java @@ -238,6 +238,7 @@ public class ConfigConverter extends ListActivity { if (foundfile==null && filename!=null && !filename.equals("")) log(R.string.import_could_not_open,filename); + return foundfile; } diff --git a/src/de/blinkt/openvpn/fragments/Settings_Authentication.java b/src/de/blinkt/openvpn/fragments/Settings_Authentication.java index 5dfb73d9..d8c4ac6a 100644 --- a/src/de/blinkt/openvpn/fragments/Settings_Authentication.java +++ b/src/de/blinkt/openvpn/fragments/Settings_Authentication.java @@ -76,6 +76,16 @@ public class Settings_Authentication extends OpenVpnPreferencesFragment implemen onPreferenceChange(mCipher, mProfile.mCipher); mAuth.setText(mProfile.mAuth); onPreferenceChange(mAuth, mProfile.mAuth); + + if (mProfile.mAuthenticationType == VpnProfile.TYPE_STATICKEYS) { + mExpectTLSCert.setEnabled(false); + mCheckRemoteCN.setEnabled(false); + mUseTLSAuth.setChecked(true); + } else { + mExpectTLSCert.setEnabled(true); + mCheckRemoteCN.setEnabled(true); + + } } @Override diff --git a/src/de/blinkt/openvpn/fragments/Settings_IP.java b/src/de/blinkt/openvpn/fragments/Settings_IP.java index 674a09d4..16e3a5c4 100644 --- a/src/de/blinkt/openvpn/fragments/Settings_IP.java +++ b/src/de/blinkt/openvpn/fragments/Settings_IP.java @@ -7,6 +7,7 @@ import android.preference.Preference.OnPreferenceChangeListener; import android.preference.PreferenceManager; import android.preference.SwitchPreference; import de.blinkt.openvpn.R; +import de.blinkt.openvpn.VpnProfile; public class Settings_IP extends OpenVpnPreferencesFragment implements OnPreferenceChangeListener { private EditTextPreference mIPv4; @@ -62,14 +63,16 @@ public class Settings_IP extends OpenVpnPreferencesFragment implements OnPrefere mOverrideDNS.setChecked(mProfile.mOverrideDNS); mSearchdomain.setText(mProfile.mSearchDomain); mNobind.setChecked(mProfile.mNobind); - + if (mProfile.mAuthenticationType == VpnProfile.TYPE_STATICKEYS) + mUsePull.setChecked(false); + // Sets Summary onPreferenceChange(mIPv4, mIPv4.getText()); onPreferenceChange(mIPv6, mIPv6.getText()); onPreferenceChange(mDNS1, mDNS1.getText()); onPreferenceChange(mDNS2, mDNS2.getText()); onPreferenceChange(mSearchdomain, mSearchdomain.getText()); - + setDNSState(); } -- cgit v1.2.3