diff options
author | Arne Schwabe <arne@rfc2549.org> | 2012-05-13 23:00:27 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2012-05-13 23:00:27 +0200 |
commit | 1f490292a90ab16c24231fc3965771387bbbed05 (patch) | |
tree | 949176b4c5ddd26d2ca3089e2a9900ce2240c10d | |
parent | 048094fa587dbb0bef8ce1443936528e3912eb2e (diff) |
If you think having cought all things that are broken in images one images tries harder to break things...
-rw-r--r-- | res/values/strings.xml | 4 | ||||
-rw-r--r-- | src/de/blinkt/openvpn/Settings_Basic.java | 96 |
2 files changed, 57 insertions, 43 deletions
diff --git a/res/values/strings.xml b/res/values/strings.xml index 9b0c8f2..85ed762 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -214,5 +214,7 @@ <string name="import_configuration_file">Import configuration file</string> <string name="faq_security_title">Security considerations</string> <string name="faq_security">"As openvpn is security sensitive a few notes about security are sensible. All data on the sdcard is inherently unsecure. Every app can read it (for example this program requires no special sd card rights). The data of this application can only be read by the application itself. By using the import option for cacert/cert/key in the file dialog the data is stored in the vpn profile. The vpn profiles are only accessable by this application. (Do not forget to delte the copies on the sdcard afterwards). Even though accessible only by this application the data is stil unecrypted. By rooting the telephone or other exploits it may be possible to retrieve the data. Saved passwords are stored in plain text as well. For pkcs12 files it is highly recommended that you import them into the android keystore."</string> - <string name="import_vpn">Import</string> + <string name="import_vpn">Import</string> + <string name="broken_image_cert_title">Error showing certificate selection</string> + <string name="broken_image_cert">Got an excption trying to show the Android 4.0+ certificate selction dialog. This should never happens as this a standard feature of Android 4.0+. Maybe your Android ROM support for certificate storage is broken</string> </resources> diff --git a/src/de/blinkt/openvpn/Settings_Basic.java b/src/de/blinkt/openvpn/Settings_Basic.java index 0066317..6e82922 100644 --- a/src/de/blinkt/openvpn/Settings_Basic.java +++ b/src/de/blinkt/openvpn/Settings_Basic.java @@ -19,7 +19,10 @@ package de.blinkt.openvpn; import java.util.HashMap; import android.app.Activity; +import android.app.AlertDialog; +import android.app.AlertDialog.Builder; import android.app.Fragment; +import android.content.ActivityNotFoundException; import android.content.Intent; import android.os.Bundle; import android.os.Handler; @@ -36,6 +39,7 @@ import android.widget.CheckBox; import android.widget.EditText; import android.widget.Spinner; import android.widget.TextView; +import android.widget.Toast; import android.widget.ToggleButton; @@ -45,7 +49,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On private static final int CHOOSE_FILE_OFFSET = 1000; private static final int UPDATE_ALIAS = 20; - + private TextView mServerAddress; private TextView mServerPort; @@ -63,7 +67,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On - + private HashMap<Integer, FileSelectLayout> fileselects = new HashMap<Integer, FileSelectLayout>(); @@ -87,8 +91,8 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On fileselects.put(i, fsl); fsl.setFragment(this,i); } - - + + public void onCreate(Bundle savedInstanceState) { String profileuuid =getArguments().getString(getActivity().getPackageName() + ".profileUUID"); mProfile=ProfileManager.get(profileuuid); @@ -97,10 +101,10 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On @Override public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { - - + + mView = inflater.inflate(R.layout.basic_settings,container,false); - + mProfileName = (EditText) mView.findViewById(R.id.profilename); mServerAddress = (TextView) mView.findViewById(R.id.address); mServerPort = (TextView) mView.findViewById(R.id.port); @@ -116,9 +120,9 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On mUserName = (EditText) mView.findViewById(R.id.auth_username); mPassword = (EditText) mView.findViewById(R.id.auth_password); - - - + + + addFileSelectLayout(mCaCert); addFileSelectLayout(mClientCert); @@ -131,26 +135,26 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On mType.setOnItemSelectedListener(this); mView.findViewById(R.id.select_keystore_button).setOnClickListener(this); - + if (mHandler == null) { mHandler = new Handler(this); } - + return mView; } - - - @Override + + + @Override public void onActivityResult(int request, int result, Intent data) { - if (result == Activity.RESULT_OK && request >= CHOOSE_FILE_OFFSET) { - String filedata = data.getStringExtra(FileSelect.RESULT_DATA); - FileSelectLayout fsl = fileselects.get(request); - fsl.setData(filedata); - } - savePreferences(); - } - + if (result == Activity.RESULT_OK && request >= CHOOSE_FILE_OFFSET) { + String filedata = data.getStringExtra(FileSelect.RESULT_DATA); + FileSelectLayout fsl = fileselects.get(request); + fsl.setData(filedata); + } + savePreferences(); + } + @Override public void onActivityCreated(Bundle savedInstanceState) { @@ -197,7 +201,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On case VpnProfile.TYPE_KEYSTORE: mView.findViewById(R.id.keystore).setVisibility(View.VISIBLE); break; - + case VpnProfile.TYPE_USERPASS: mView.findViewById(R.id.userpassword).setVisibility(View.VISIBLE); mView.findViewById(R.id.cacert).setVisibility(View.VISIBLE); @@ -222,7 +226,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On mPKCS12Password.setText(mProfile.mPKCS12Password); mUserName.setText(mProfile.mUsername); mPassword.setText(mProfile.mPassword); - + setAlias(); } @@ -258,22 +262,30 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On } public void showCertDialog () { - KeyChain.choosePrivateKeyAlias(getActivity(), - new KeyChainAliasCallback() { - - public void alias(String alias) { - // Credential alias selected. Remember the alias selection for future use. - mProfile.mAlias=alias; - mHandler.sendEmptyMessage(UPDATE_ALIAS); - } - - - }, - new String[] {"RSA", "DSA"}, // List of acceptable key types. null for any - null, // issuer, null for any - "internal.example.com", // host name of server requesting the cert, null if unavailable - 443, // port of server requesting the cert, -1 if unavailable - null); // alias to preselect, null if unavailable + try { + KeyChain.choosePrivateKeyAlias(getActivity(), + new KeyChainAliasCallback() { + + public void alias(String alias) { + // Credential alias selected. Remember the alias selection for future use. + mProfile.mAlias=alias; + mHandler.sendEmptyMessage(UPDATE_ALIAS); + } + + + }, + new String[] {"RSA", "DSA"}, // List of acceptable key types. null for any + null, // issuer, null for any + "internal.example.com", // host name of server requesting the cert, null if unavailable + 443, // port of server requesting the cert, -1 if unavailable + null); // alias to preselect, null if unavailable + } catch (ActivityNotFoundException anf) { + Builder ab = new AlertDialog.Builder(getActivity()); + ab.setTitle(R.string.broken_image_cert_title); + ab.setMessage(R.string.broken_image_cert); + ab.setPositiveButton(android.R.string.ok, null); + ab.show(); + } } @Override @@ -282,7 +294,7 @@ public class Settings_Basic extends Fragment implements View.OnClickListener, On showCertDialog(); } } - + @Override public void onSaveInstanceState(Bundle outState) { super.onSaveInstanceState(outState); |