/* * Copyright (C) 2011 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package de.blinkt.openvpn; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import java.util.HashMap; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import android.app.Activity; import android.content.Intent; import android.content.SharedPreferences; import android.net.VpnService; import android.os.Bundle; import android.os.Handler; import android.os.Handler.Callback; import android.os.Message; import android.security.KeyChain; import android.security.KeyChainAliasCallback; import android.util.Log; import android.view.View; import android.widget.AdapterView; import android.widget.AdapterView.OnItemSelectedListener; import android.widget.CheckBox; import android.widget.CompoundButton; import android.widget.CompoundButton.OnCheckedChangeListener; import android.widget.EditText; import android.widget.Spinner; import android.widget.TextView; import android.widget.ToggleButton; import com.lamerman.FileDialog; import de.blinkt.openvpn.R.id; public class OpenVPNClient extends Activity implements View.OnClickListener, OnItemSelectedListener, Callback, OnCheckedChangeListener { private static final String TAG = "OpenVpnClient"; private static final int START_OPENVPN = 0; private static final int CHOOSE_FILE_OFFSET = 1000; private static final int UPDATE_ALIAS = 20; private static final String PREFS_NAME = "OVPN_SERVER"; private TextView mServerAddress; private TextView mServerPort; private FileSelectLayout mClientCert; private FileSelectLayout mCaCert; private FileSelectLayout mClientKey; private TextView mAliasName; private CheckBox mUseLzo; private ToggleButton mTcpUdp; private Spinner mType; private String certalias; private FileSelectLayout mpkcs12; private TextView mPKCS12Password; private Handler mHandler; private CheckBox mUseTlsAuth; private CheckBox mShowAdvanced; private FileSelectLayout mTlsFile; private HashMap fileselects = new HashMap(); private Spinner mTLSDirection; private EditText mUserName; private EditText mPassword; @Override protected void onStop(){ super.onStop(); savePreferences(); } private void addFileSelectLayout (FileSelectLayout fsl) { int i = fileselects.size() + CHOOSE_FILE_OFFSET; fileselects.put(i, fsl); fsl.setActivity(this,i); } @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.basic_settings); // Forces early JNI Load OpenVPN.foo(); mServerAddress = (TextView) findViewById(R.id.address); mServerPort = (TextView) findViewById(R.id.port); mClientCert = (FileSelectLayout) findViewById(R.id.certselect); mClientKey = (FileSelectLayout) findViewById(R.id.keyselect); mCaCert = (FileSelectLayout) findViewById(R.id.caselect); mpkcs12 = (FileSelectLayout) findViewById(R.id.pkcs12select); mUseLzo = (CheckBox) findViewById(R.id.lzo); mTcpUdp = (ToggleButton) findViewById(id.tcpudp); mType = (Spinner) findViewById(R.id.type); mPKCS12Password = (TextView) findViewById(R.id.pkcs12password); mAliasName = (TextView) findViewById(R.id.aliasname); mUseTlsAuth = (CheckBox) findViewById(R.id.useTLSAuth); mTLSDirection = (Spinner) findViewById(R.id.tls_direction); mShowAdvanced = (CheckBox) findViewById(R.id.show_advanced); mTlsFile = (FileSelectLayout) findViewById(R.id.tlsAuth); mUserName = (EditText) findViewById(R.id.auth_username); mPassword = (EditText) findViewById(R.id.auth_password); addFileSelectLayout(mCaCert); addFileSelectLayout(mClientCert); addFileSelectLayout(mClientKey); addFileSelectLayout(mTlsFile); addFileSelectLayout(mpkcs12); loadPreferences(); mType.setOnItemSelectedListener(this); mShowAdvanced.setOnCheckedChangeListener(this); mUseTlsAuth.setOnCheckedChangeListener(this); findViewById(R.id.select_keystore_button).setOnClickListener(this); findViewById(R.id.about).setOnClickListener(this); findViewById(R.id.connect).setOnClickListener(this); if (mHandler == null) { mHandler = new Handler(this); } } @Override public void onItemSelected(AdapterView parent, View view, int position, long id) { if (parent == mType) { changeType(position); } } private void changeType(int type){ // hide everything findViewById(R.id.pkcs12).setVisibility(View.GONE); findViewById(R.id.certs).setVisibility(View.GONE); findViewById(R.id.statickeys).setVisibility(View.GONE); findViewById(R.id.keystore).setVisibility(View.GONE); switch(type) { case VpnProfile.TYPE_CERTIFICATES: findViewById(R.id.certs).setVisibility(View.VISIBLE); break; case VpnProfile.TYPE_PKCS12: findViewById(R.id.pkcs12).setVisibility(View.VISIBLE); break; case VpnProfile.TYPE_STATICKEYS: findViewById(R.id.statickeys).setVisibility(View.VISIBLE); break; case VpnProfile.TYPE_KEYSTORE: findViewById(R.id.keystore).setVisibility(View.VISIBLE); break; case VpnProfile.TYPE_USERPASS: findViewById(R.id.userpassword).setVisibility(View.VISIBLE); } } private void loadPreferences() { SharedPreferences settings = getSharedPreferences(PREFS_NAME,Activity.MODE_PRIVATE); mClientCert.setData(settings.getString("clientcert", "")); mClientKey.setData(settings.getString("clientkey", "")); mCaCert.setData(settings.getString("ca", "")); mUseLzo.setChecked(settings.getBoolean("useLzo", true)); mServerPort.setText(settings.getString("port", "1194")); mServerAddress.setText(settings.getString("server", "openvpn.blinkt.de")); mTcpUdp.setChecked(settings.getBoolean("udp", true)); mType.setSelection(settings.getInt("type", VpnProfile.TYPE_PKCS12)); mpkcs12.setData(settings.getString("pkcs12file", "")); mPKCS12Password.setText(settings.getString("pkcs12password", "")); certalias = settings.getString("alias", null); mUseTlsAuth.setChecked(settings.getBoolean("tlsauth", false)); onCheckedChanged(mUseTlsAuth,mUseTlsAuth.isChecked()); mTlsFile.setData(settings.getString("tlsfile","")); mTLSDirection.setSelection(settings.getInt("tls-direction", 2)); // Unspecified setAlias(); } private void savePreferences() { // We need an Editor object to make preference changes. // All objects are from android.context.Context SharedPreferences settings = getSharedPreferences(PREFS_NAME,Activity.MODE_PRIVATE); SharedPreferences.Editor editor = settings.edit(); editor.putString("ca" , mCaCert.getData()); editor.putString("clientcert", mClientCert.getData()); editor.putString("clientkey", mClientKey.getData()); editor.putBoolean("useLzo",mUseLzo.isChecked()); editor.putString("port", mServerPort.getText().toString()); editor.putString("server", mServerAddress.getText().toString()); editor.putBoolean("udp", mTcpUdp.isChecked()); editor.putInt("type",mType.getSelectedItemPosition()); editor.putString("pkcs12file", mpkcs12.getData()); editor.putString("pkcs12password", mPKCS12Password.getText().toString()); editor.putString("alias", certalias); editor.putBoolean("tlsauth", mUseTlsAuth.isChecked()); editor.putString("tlsfile", mTlsFile.getData()); editor.putInt("tls-direction", mTLSDirection.getSelectedItemPosition()); // Commit the edits! editor.commit(); } private void setAlias() { if(certalias == null) { mAliasName.setText(R.string.client_no_certificate); } else { mAliasName.setText(certalias); } } public void showCertDialog () { KeyChain.choosePrivateKeyAlias(this, new KeyChainAliasCallback() { public void alias(String alias) { // Credential alias selected. Remember the alias selection for future use. certalias=alias; mHandler.sendEmptyMessage(UPDATE_ALIAS); } }, new String[] {"RSA", "DSA"}, // List of acceptable key types. null for any null, // issuer, null for any "internal.example.com", // host name of server requesting the cert, null if unavailable 443, // port of server requesting the cert, -1 if unavailable null); // alias to preselect, null if unavailable } public void testGetallCerts() throws NoSuchAlgorithmException, KeyStoreException { TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init((KeyStore) null); X509TrustManager xtm = (X509TrustManager) tmf.getTrustManagers()[0]; X509Certificate[] foo = xtm.getAcceptedIssuers(); for (X509Certificate cert : xtm.getAcceptedIssuers()) { String certStr = "S:" + cert.getSubjectDN().getName() + "\nI:" + cert.getIssuerDN().getName(); Log.d(TAG, certStr); } System.out.println(foo); } @Override public void onClick(View v) { if(v == findViewById(R.id.connect)) { Intent intent = VpnService.prepare(this); if (intent != null) { startActivityForResult(intent, 0); } else { onActivityResult(START_OPENVPN, RESULT_OK, null); } } else if (v == findViewById(R.id.about)) { //Intent intent = new Intent(getBaseContext(),AboutActivity.class); Intent intent = new Intent(getBaseContext(),VPNPreferences.class); intent.putExtra("foo","der bar war hier!"); startActivity(intent); } else if (v == findViewById(R.id.select_keystore_button)) { showCertDialog(); } } /* (non-Javadoc) * @see android.app.Activity#onActivityResult(int, int, android.content.Intent) */ @Override protected void onActivityResult(int request, int result, Intent data) { if (request== START_OPENVPN) { if (result == RESULT_OK) { // It always crashes and never saves ;) savePreferences(); new startOpenVpnThread().start(); } } else if (request >= CHOOSE_FILE_OFFSET) { String filepath = data.getStringExtra(FileDialog.RESULT_PATH); FileSelectLayout fsl = fileselects.get(request); fsl.setData(filepath); } savePreferences(); } private class startOpenVpnThread extends Thread { @Override public void run() { // startOpenVpn(); } } @Override public void onNothingSelected(AdapterView parent) { } @Override public boolean handleMessage(Message msg) { setAlias(); return true; } @Override public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) { int visibility; if(isChecked) visibility =View.VISIBLE; else visibility =View.GONE; if(buttonView==mShowAdvanced) { findViewById(R.id.advanced_options).setVisibility(visibility); } else if (buttonView == mUseTlsAuth) { findViewById(R.id.tlsauth_options).setVisibility(visibility); } } }