summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/ProviderAPI.java
AgeCommit message (Collapse)Author
2013-07-12Shows bad user/password message when appropriate.Parménides GV
If an empty json string is received after sending M1 (that means no M2 in return), bad user/password message is shown. This fixes bug 3153.
2013-07-12New certificates are added without creating filesParménides GV
LeapHttpClient can fetch the main CA certificate downloaded from the provider and add it to its in-memory keystore, without saving the certificate in a file. This is a very important feature, I think it can be cherry picked (it has little modifications, and very localized). It's very important because authentication does not work without this bug fix in the latest branches, because I removed the code that saved the certificate in a file but didn't test the authentication part.
2013-07-12Shows certificate error message.Parménides GV
If a download didn't occurr due to an IOException, we assume it was for an SSL error and notify the user telling him/her that LEAP provider is not trusted.
2013-07-12Distinguish non LEAP provider and down provider.Parménides GV
I've set ProviderAPI to show its own toast depending on the exception that getStringFromProvider issues. If the socket timeout reaches its end, a toast different from when an IOException or a MalformedException occur.
2013-07-12User messages are added to the new recovery dialogParménides GV
When login is not successful, a new recovery dialog is prompted with a message about the previous error.
2013-07-12Pressing back button, we don't choose any providerParménides GV
Once in the provider detail fragment, if the user presses the back button, provider.json is removed from sharedpreferences (so that Dashboard does not start as if the user had selected the canceled provider) and ConfigurationWizard gets the focus.
2013-07-12UnknownHostException separated from IOException.Parménides GV
I was treating the former exception simply as a kind of the latter, but user messages are different. Now, each one shows its different error message.
2013-07-12Untrusted message is not shown if danger_on = trueParménides GV
I forgot to add an else in the IOException from getStringFromProvider. This was causing that even if the user checked the trusted completely beckbox and everything was fine, the "not trusted provider" message was being shown.
2013-07-12Back to IOException instead of SSL exception.Parménides GV
The previous commit broke functionality, and instead of discarding it I've decided to undo with a new commit for future references. It would seem that IOException can be substitued by SSLHandshakeException, but the previous commit proves it cannot.
2013-07-12Substituted IOException by SSLHandshakeException.Parménides GV
In getStringFromProvider, there is no IOException but an SSLHandshakeException. Substituing this gives our code more semantics.
2013-07-12Shows certificate error message.Parménides GV
If a download didn't occurr due to an IOException, we assume it was for an SSL error and notify the user telling him/her that LEAP provider is not trusted.
2013-07-12Distinguish non LEAP provider and down provider.Parménides GV
I've set ProviderAPI to show its own toast depending on the exception that getStringFromProvider issues. If the socket timeout reaches its end, a toast different from when an IOException or a MalformedException occur.
2013-07-02We can ignore any certificate.Parménides GV
If ssl errors don't vanish using CA cert from provider, we go further and let the certificate not to be validated at all.
2013-06-26The added provider is selected automatically.Parménides GV
I've also removed a lot of finishes when things go wrong (so that it should be returning to the previous activity/fragment).
2013-06-20Quite basic staring and stopping of VPNSean Leonard
2013-06-20No binary library needed.Parménides GV
I've decided not to include any lib, but to copy the SRPParameters class to our codebase and Util.trim method to ConfigHelper.
2013-06-20User messages are now in string.xmlParménides GV
Some more constants added to ConfigHelper. This solves #2908.
2013-06-19First round of comments.Parménides GV
This resolves the first step from issue #2908. Next step: Put user message strings into an appropiate place.
2013-06-13Bypasses self signed certificates.Parménides GV
It's working against cdev.bitmask.net and bitmask.net. Look at #2840 for further explanation about self signed certificates. I've also removed some file dependant configuration (when a provider was custom, ConfigurationWizard still tried to read from file a provider.json that now I store in memory via ProviderItem class).
2013-06-13bitmask json files are downloaded.Parménides GV
There was a problem on the assets file "bitmask.url". It had an error in the eip-service url. We should use this file only for main url, and proceed as if it were a new provider but with a preseeded main url.
2013-06-11We are not using SD storage anymore.Parménides GV
We were using it to save certificate and provider.json files from chosen provider, so that exporting them was easily done. We don't need that files, because if we wanted to export that files we would be able to recover them easily and updated. This fixes #2783
2013-06-10Removed unused methods and variables.Parménides GV
Variables from LeapSRPSession were there because I used it while testing srp calculations, comparing that strings with the ones from javascript. Unused method from ProviderAPI was there because I foresee I'll have to implement it in the future, but I've removed it since it's already in the history. This fixes #2781.
2013-06-10OpenVPN certificate is downloaded from API_BASE, using api_uri fieldParménides GV
from provider.json. This fixes bug #2780
2013-06-08Improve retrieving and saving SharedPreferences for different types (String, ↵Sean Leonard
boolean, JSONObject)
2013-06-04Fixed 2 important bugs.Parménides GV
LeapSRPSession was doing bad SRP calculations when salt byte array started with a 0. Now I trimmed that array before using it. ProviderAPI was not timing out when a server didn't respond. Now, I use a timeout of 1 second to stop waiting for a response.
2013-05-14Anon certificate is downloaded if possible.Parménides GV
I download the anon certificate only if allow_anonymous is true, and before launching Dashboard. I store it in SharedPreferences, with "cert" key, as a JSON object.
2013-05-13A bit more clean.Parménides GV
I've upper cased ConfigHelper constants. I've created a new method in ConfigHelper, to send requests to a server, that it's used when sending A and M1.
2013-05-09Log in and Log out options are shown only if allow registration is true.Parménides GV
Allow registration is present in provider.json. Provider.json is downloaded from both preseeded and custom providers. Authentication success or fail is notified correctly to the user.
2013-05-08After loggin in successfully, the new client certificate is downloaded.Parménides GV
It is stored in SharedPrefs, with ConfigHelper.cert_key (="cert") key.
2013-05-01If the app is restarted with a custom provider selected, the client canParménides GV
request a log in without certificates problems. I've removed the addition of the certificate when downloaded eip-service.json, because I already do that in LeapHttpClient. Solves issue 2367: https://leap.se/code/issues/2367
2013-04-29Changed the message shown when checking if the password is valid or not.Parménides GV
Refactored LeapSRPSession so that there is no need to send A twice.
2013-04-29"Trust completely" checkbox saves that trust for the new providerParménides GV
entered, so that if in the future the client tries to log in or whatever, it can use the certificate downloaded when added. Log in dialog works ok, showing a toast when authentication fails (by this time, I have not managed to get a correct login due to dev.bitmask.net problems). dev.bitmask.net works perfectly, via adding it as a new provider (MeanderingCode, this is for you ;) ). All GET requests are done by default Android URL class, which means that certificates trusted by Android are also trusted by us. If there are problems when logging in due to certificates, the app is able to use only the certificate associated to the provider in the moment it was selected as the chosen provider.
2013-04-29Added danger mode: we can bypass dev.bitmask.net hostname io exception.Parménides GV
2013-04-29Coded dialog (now there is a button in the Dashboard), time to test.Parménides GV
I need to implement bypass for dev.bitmask.net, because bitmask.net is down.
2013-04-29Coded logout method, and tested.Parménides GV
2013-04-29This commit contains:Parménides GV
- SRP algorithm improved (validate method uses trim, and some other trims have been added). - Refactored calculatePasswordHash, so that it receives a String instead of a char array, and now it is capable of escaping "\" correctly. - A 1000*2 successful logins, with a new test that performs 1000 trials for 2 different username/password/server trios. Next step: think about how the user is going to trigger the log in fragment.
2013-04-29Made SRP working with ProviderAPI methods more frequently than not in ↵Parménides GV
localhost, but I cannot succeed in api.bitmask.net with my personal account. Next step: add tests from api.bitmask.net.
2013-04-16Fixed bug #2225 (https://leap.se/code/issues/2225)Parménides GV
2013-04-15Fixed bug 2231.Parménides GV
New provider dialog works OK.
2013-04-15Added one "else if" that I missed during merge.Parménides GV
Next step: understand why ca.cert from bitmask is not being downloaded correctly.
2013-04-15Merge branch 'wizard' into feature/wizardParménides GV
Conflicts: src/se/leap/leapclient/ConfigHelper.java src/se/leap/leapclient/ConfigurationWizard.java src/se/leap/leapclient/ProviderAPI.java
2013-04-03Fixed bug #2146 => A calculation is now fine. Next step: fix M1Parménides GV
calculation, since right now (using tests) response() method is not doing OK. Added new SRPSession modifying response() method from JBoss SRP implementation. Added hosts-for-android-emulator. Use with the following commands to be able to test on api.lvh.me: adb shell mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system adb push ~/workspace/leap_android/hosts-for-android-emulator /system/etc/hosts
2013-03-30Trial for srpforjava: it does not work since it implements SRP-6, andParménides GV
not SRP-6a. That means, for example, that M1 is calculated differently from what we need.
2013-03-29Tried to implement SRP with JBoss: discarded because it needs RMI to getParménides GV
the salt, and because of our messageflow I cannot obtain it before starting Authentication. That's why on line 132 from ProviderAPI I tried to get a new SRPClientSession using the newly obtained salt, but of course it fails since A cannot be restored from previous initialization. Next step: try with srpforjava. Next next step: if srpforjava does not work for us, use lower level methods to implement our own http srp flow.
2013-03-19Trying to find a jar from JBoss to use their SRP implementation. ImportsParménides GV
errors because of classes not yet found.
2013-03-18Refactored ProviderAPI code.Parménides GV
ConfigurationWizard works without problem for both new and preseeded providers. I've added flow control for the activity to finish when all files have been downloaded, managing errors with setResult(RESULT_CANCELED).
2013-03-18If ca.crt from new provider is not trusted, we can download it withoutParménides GV
problems assuming user wanted to trust it since s/he entered by him/herself the URL. Next step: refactor a bit, to make code more beautiful.
2013-03-14After downloading provider.json successfully, ConfigurationWizard nowParménides GV
can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted.
2013-03-13ConfigurationWizard sets provider.json correctly for Dashboard once aParménides GV
custom provider is selected. Tested using https://bitmask.net as url for custom provider.
2013-03-12Error using CryptoUtil.calculatePasswordHash.Parménides GV
Going to hit some bugs before continuing with this work.