380 lines
15 KiB
Java
380 lines
15 KiB
Java
/*
|
|
* Copyright (C) 2011 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package com.android.settings.vpn2;
|
|
|
|
import com.android.settings.R;
|
|
|
|
import android.app.AlertDialog;
|
|
import android.content.Context;
|
|
import android.content.DialogInterface;
|
|
import android.os.Bundle;
|
|
import android.security.Credentials;
|
|
import android.security.KeyStore;
|
|
import android.text.Editable;
|
|
import android.text.TextWatcher;
|
|
import android.view.View;
|
|
import android.view.WindowManager;
|
|
import android.widget.AdapterView;
|
|
import android.widget.ArrayAdapter;
|
|
import android.widget.Button;
|
|
import android.widget.CheckBox;
|
|
import android.widget.Spinner;
|
|
import android.widget.TextView;
|
|
|
|
import java.net.InetAddress;
|
|
|
|
class VpnDialog extends AlertDialog implements TextWatcher,
|
|
View.OnClickListener, AdapterView.OnItemSelectedListener {
|
|
private final KeyStore mKeyStore = KeyStore.getInstance();
|
|
private final DialogInterface.OnClickListener mListener;
|
|
private final VpnProfile mProfile;
|
|
|
|
private boolean mEditing;
|
|
|
|
private View mView;
|
|
|
|
private TextView mName;
|
|
private Spinner mType;
|
|
private TextView mServer;
|
|
private TextView mUsername;
|
|
private TextView mPassword;
|
|
private TextView mSearchDomains;
|
|
private TextView mDnsServers;
|
|
private TextView mRoutes;
|
|
private CheckBox mMppe;
|
|
private TextView mL2tpSecret;
|
|
private TextView mIpsecIdentifier;
|
|
private TextView mIpsecSecret;
|
|
private Spinner mIpsecUserCert;
|
|
private Spinner mIpsecCaCert;
|
|
private Spinner mIpsecServerCert;
|
|
private CheckBox mSaveLogin;
|
|
|
|
VpnDialog(Context context, DialogInterface.OnClickListener listener,
|
|
VpnProfile profile, boolean editing) {
|
|
super(context);
|
|
mListener = listener;
|
|
mProfile = profile;
|
|
mEditing = editing;
|
|
}
|
|
|
|
@Override
|
|
protected void onCreate(Bundle savedState) {
|
|
mView = getLayoutInflater().inflate(R.layout.vpn_dialog, null);
|
|
setView(mView);
|
|
setInverseBackgroundForced(true);
|
|
|
|
Context context = getContext();
|
|
|
|
// First, find out all the fields.
|
|
mName = (TextView) mView.findViewById(R.id.name);
|
|
mType = (Spinner) mView.findViewById(R.id.type);
|
|
mServer = (TextView) mView.findViewById(R.id.server);
|
|
mUsername = (TextView) mView.findViewById(R.id.username);
|
|
mPassword = (TextView) mView.findViewById(R.id.password);
|
|
mSearchDomains = (TextView) mView.findViewById(R.id.search_domains);
|
|
mDnsServers = (TextView) mView.findViewById(R.id.dns_servers);
|
|
mRoutes = (TextView) mView.findViewById(R.id.routes);
|
|
mMppe = (CheckBox) mView.findViewById(R.id.mppe);
|
|
mL2tpSecret = (TextView) mView.findViewById(R.id.l2tp_secret);
|
|
mIpsecIdentifier = (TextView) mView.findViewById(R.id.ipsec_identifier);
|
|
mIpsecSecret = (TextView) mView.findViewById(R.id.ipsec_secret);
|
|
mIpsecUserCert = (Spinner) mView.findViewById(R.id.ipsec_user_cert);
|
|
mIpsecCaCert = (Spinner) mView.findViewById(R.id.ipsec_ca_cert);
|
|
mIpsecServerCert = (Spinner) mView.findViewById(R.id.ipsec_server_cert);
|
|
mSaveLogin = (CheckBox) mView.findViewById(R.id.save_login);
|
|
|
|
// Second, copy values from the profile.
|
|
mName.setText(mProfile.name);
|
|
mType.setSelection(mProfile.type);
|
|
mServer.setText(mProfile.server);
|
|
mUsername.setText(mProfile.username);
|
|
mPassword.setText(mProfile.password);
|
|
mSearchDomains.setText(mProfile.searchDomains);
|
|
mDnsServers.setText(mProfile.dnsServers);
|
|
mRoutes.setText(mProfile.routes);
|
|
mMppe.setChecked(mProfile.mppe);
|
|
mL2tpSecret.setText(mProfile.l2tpSecret);
|
|
mIpsecIdentifier.setText(mProfile.ipsecIdentifier);
|
|
mIpsecSecret.setText(mProfile.ipsecSecret);
|
|
loadCertificates(mIpsecUserCert, Credentials.USER_CERTIFICATE,
|
|
0, mProfile.ipsecUserCert);
|
|
loadCertificates(mIpsecCaCert, Credentials.CA_CERTIFICATE,
|
|
R.string.vpn_no_ca_cert, mProfile.ipsecCaCert);
|
|
loadCertificates(mIpsecServerCert, Credentials.USER_CERTIFICATE,
|
|
R.string.vpn_no_server_cert, mProfile.ipsecServerCert);
|
|
mSaveLogin.setChecked(mProfile.saveLogin);
|
|
|
|
// Third, add listeners to required fields.
|
|
mName.addTextChangedListener(this);
|
|
mType.setOnItemSelectedListener(this);
|
|
mServer.addTextChangedListener(this);
|
|
mUsername.addTextChangedListener(this);
|
|
mPassword.addTextChangedListener(this);
|
|
mDnsServers.addTextChangedListener(this);
|
|
mRoutes.addTextChangedListener(this);
|
|
mIpsecSecret.addTextChangedListener(this);
|
|
mIpsecUserCert.setOnItemSelectedListener(this);
|
|
|
|
// Forth, determine to do editing or connecting.
|
|
boolean valid = validate(true);
|
|
mEditing = mEditing || !valid;
|
|
|
|
if (mEditing) {
|
|
setTitle(R.string.vpn_edit);
|
|
|
|
// Show common fields.
|
|
mView.findViewById(R.id.editor).setVisibility(View.VISIBLE);
|
|
|
|
// Show type-specific fields.
|
|
changeType(mProfile.type);
|
|
|
|
// Show advanced options directly if any of them is set.
|
|
View showOptions = mView.findViewById(R.id.show_options);
|
|
if (mProfile.searchDomains.isEmpty() && mProfile.dnsServers.isEmpty() &&
|
|
mProfile.routes.isEmpty()) {
|
|
showOptions.setOnClickListener(this);
|
|
} else {
|
|
onClick(showOptions);
|
|
}
|
|
|
|
// Create a button to save the profile.
|
|
setButton(DialogInterface.BUTTON_POSITIVE,
|
|
context.getString(R.string.vpn_save), mListener);
|
|
} else {
|
|
setTitle(context.getString(R.string.vpn_connect_to, mProfile.name));
|
|
|
|
// Not editing, just show username and password.
|
|
mView.findViewById(R.id.login).setVisibility(View.VISIBLE);
|
|
|
|
// Create a button to connect the network.
|
|
setButton(DialogInterface.BUTTON_POSITIVE,
|
|
context.getString(R.string.vpn_connect), mListener);
|
|
}
|
|
|
|
// Always provide a cancel button.
|
|
setButton(DialogInterface.BUTTON_NEGATIVE,
|
|
context.getString(R.string.vpn_cancel), mListener);
|
|
|
|
// Let AlertDialog create everything.
|
|
super.onCreate(null);
|
|
|
|
// Disable the action button if necessary.
|
|
getButton(DialogInterface.BUTTON_POSITIVE)
|
|
.setEnabled(mEditing ? valid : validate(false));
|
|
|
|
// Workaround to resize the dialog for the input method.
|
|
getWindow().setSoftInputMode(WindowManager.LayoutParams.SOFT_INPUT_ADJUST_RESIZE |
|
|
WindowManager.LayoutParams.SOFT_INPUT_STATE_VISIBLE);
|
|
}
|
|
|
|
@Override
|
|
public void afterTextChanged(Editable field) {
|
|
getButton(DialogInterface.BUTTON_POSITIVE).setEnabled(validate(mEditing));
|
|
}
|
|
|
|
@Override
|
|
public void beforeTextChanged(CharSequence s, int start, int count, int after) {
|
|
}
|
|
|
|
@Override
|
|
public void onTextChanged(CharSequence s, int start, int before, int count) {
|
|
}
|
|
|
|
@Override
|
|
public void onClick(View showOptions) {
|
|
showOptions.setVisibility(View.GONE);
|
|
mView.findViewById(R.id.options).setVisibility(View.VISIBLE);
|
|
}
|
|
|
|
@Override
|
|
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
|
|
if (parent == mType) {
|
|
changeType(position);
|
|
}
|
|
getButton(DialogInterface.BUTTON_POSITIVE).setEnabled(validate(mEditing));
|
|
}
|
|
|
|
@Override
|
|
public void onNothingSelected(AdapterView<?> parent) {
|
|
}
|
|
|
|
private void changeType(int type) {
|
|
// First, hide everything.
|
|
mMppe.setVisibility(View.GONE);
|
|
mView.findViewById(R.id.l2tp).setVisibility(View.GONE);
|
|
mView.findViewById(R.id.ipsec_psk).setVisibility(View.GONE);
|
|
mView.findViewById(R.id.ipsec_user).setVisibility(View.GONE);
|
|
mView.findViewById(R.id.ipsec_peer).setVisibility(View.GONE);
|
|
|
|
// Then, unhide type-specific fields.
|
|
switch (type) {
|
|
case VpnProfile.TYPE_PPTP:
|
|
mMppe.setVisibility(View.VISIBLE);
|
|
break;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
|
|
mView.findViewById(R.id.l2tp).setVisibility(View.VISIBLE);
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
|
|
mView.findViewById(R.id.ipsec_psk).setVisibility(View.VISIBLE);
|
|
break;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
|
|
mView.findViewById(R.id.l2tp).setVisibility(View.VISIBLE);
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
|
|
mView.findViewById(R.id.ipsec_user).setVisibility(View.VISIBLE);
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
|
|
mView.findViewById(R.id.ipsec_peer).setVisibility(View.VISIBLE);
|
|
break;
|
|
}
|
|
}
|
|
|
|
private boolean validate(boolean editing) {
|
|
if (!editing) {
|
|
return mUsername.getText().length() != 0 && mPassword.getText().length() != 0;
|
|
}
|
|
if (mName.getText().length() == 0 || mServer.getText().length() == 0 ||
|
|
!validateAddresses(mDnsServers.getText().toString(), false) ||
|
|
!validateAddresses(mRoutes.getText().toString(), true)) {
|
|
return false;
|
|
}
|
|
switch (mType.getSelectedItemPosition()) {
|
|
case VpnProfile.TYPE_PPTP:
|
|
case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
|
|
return true;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
|
|
return mIpsecSecret.getText().length() != 0;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
|
|
return mIpsecUserCert.getSelectedItemPosition() != 0;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
private boolean validateAddresses(String addresses, boolean cidr) {
|
|
try {
|
|
for (String address : addresses.split(" ")) {
|
|
if (address.isEmpty()) {
|
|
continue;
|
|
}
|
|
// Legacy VPN currently only supports IPv4.
|
|
int prefixLength = 32;
|
|
if (cidr) {
|
|
String[] parts = address.split("/", 2);
|
|
address = parts[0];
|
|
prefixLength = Integer.parseInt(parts[1]);
|
|
}
|
|
byte[] bytes = InetAddress.parseNumericAddress(address).getAddress();
|
|
int integer = (bytes[3] & 0xFF) | (bytes[2] & 0xFF) << 8 |
|
|
(bytes[1] & 0xFF) << 16 | (bytes[0] & 0xFF) << 24;
|
|
if (bytes.length != 4 || prefixLength < 0 || prefixLength > 32 ||
|
|
(prefixLength < 32 && (integer << prefixLength) != 0)) {
|
|
return false;
|
|
}
|
|
}
|
|
} catch (Exception e) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
private void loadCertificates(Spinner spinner, String prefix, int firstId, String selected) {
|
|
Context context = getContext();
|
|
String first = (firstId == 0) ? "" : context.getString(firstId);
|
|
String[] certificates = mKeyStore.saw(prefix);
|
|
|
|
if (certificates == null || certificates.length == 0) {
|
|
certificates = new String[] {first};
|
|
} else {
|
|
String[] array = new String[certificates.length + 1];
|
|
array[0] = first;
|
|
System.arraycopy(certificates, 0, array, 1, certificates.length);
|
|
certificates = array;
|
|
}
|
|
|
|
ArrayAdapter<String> adapter = new ArrayAdapter<String>(
|
|
context, android.R.layout.simple_spinner_item, certificates);
|
|
adapter.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item);
|
|
spinner.setAdapter(adapter);
|
|
|
|
for (int i = 1; i < certificates.length; ++i) {
|
|
if (certificates[i].equals(selected)) {
|
|
spinner.setSelection(i);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
boolean isEditing() {
|
|
return mEditing;
|
|
}
|
|
|
|
VpnProfile getProfile() {
|
|
// First, save common fields.
|
|
VpnProfile profile = new VpnProfile(mProfile.key);
|
|
profile.name = mName.getText().toString();
|
|
profile.type = mType.getSelectedItemPosition();
|
|
profile.server = mServer.getText().toString().trim();
|
|
profile.username = mUsername.getText().toString();
|
|
profile.password = mPassword.getText().toString();
|
|
profile.searchDomains = mSearchDomains.getText().toString().trim();
|
|
profile.dnsServers = mDnsServers.getText().toString().trim();
|
|
profile.routes = mRoutes.getText().toString().trim();
|
|
|
|
// Then, save type-specific fields.
|
|
switch (profile.type) {
|
|
case VpnProfile.TYPE_PPTP:
|
|
profile.mppe = mMppe.isChecked();
|
|
break;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
|
|
profile.l2tpSecret = mL2tpSecret.getText().toString();
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
|
|
profile.ipsecIdentifier = mIpsecIdentifier.getText().toString();
|
|
profile.ipsecSecret = mIpsecSecret.getText().toString();
|
|
break;
|
|
|
|
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
|
|
profile.l2tpSecret = mL2tpSecret.getText().toString();
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
|
|
if (mIpsecUserCert.getSelectedItemPosition() != 0) {
|
|
profile.ipsecUserCert = (String) mIpsecUserCert.getSelectedItem();
|
|
}
|
|
// fall through
|
|
case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
|
|
if (mIpsecCaCert.getSelectedItemPosition() != 0) {
|
|
profile.ipsecCaCert = (String) mIpsecCaCert.getSelectedItem();
|
|
}
|
|
if (mIpsecServerCert.getSelectedItemPosition() != 0) {
|
|
profile.ipsecServerCert = (String) mIpsecServerCert.getSelectedItem();
|
|
}
|
|
break;
|
|
}
|
|
|
|
profile.saveLogin = mSaveLogin.isChecked();
|
|
return profile;
|
|
}
|
|
}
|