]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4f808cb)
android: Ignore empty strings for settings in managed profiles
authorTobias Brunner <tobias@strongswan.org>
Tue, 4 Feb 2025 14:53:46 +0000 (15:53 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 18 Feb 2025 13:12:43 +0000 (14:12 +0100)
Unspecified settings should be set to null, while some MDMs might send
them as empty strings, which could cause issues (like an empty password
or trying to parse an empty DNS server address).

src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java patch | blob | blame | history

diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java b/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java
index 5dc7b7744a794d3d18b74f03559bbda982ebed86..30943aa6be9f6acb82717554a58161892bf699dd 100644 (file)
--- a/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java
+++ b/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java
@@ -68,9 +68,9 @@ public class ManagedVpnProfile extends VpnProfile
 
                setMTU(getInt(bundle, VpnProfileDataSource.KEY_MTU, Constants.MTU_MIN, Constants.MTU_MAX));
                setNATKeepAlive(getInt(bundle, VpnProfileDataSource.KEY_NAT_KEEPALIVE, Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX));
-               setIkeProposal(bundle.getString(VpnProfileDataSource.KEY_IKE_PROPOSAL));
-               setEspProposal(bundle.getString(VpnProfileDataSource.KEY_ESP_PROPOSAL));
-               setDnsServers(bundle.getString(VpnProfileDataSource.KEY_DNS_SERVERS));
+               setIkeProposal(getString(bundle, VpnProfileDataSource.KEY_IKE_PROPOSAL));
+               setEspProposal(getString(bundle, VpnProfileDataSource.KEY_ESP_PROPOSAL));
+               setDnsServers(getString(bundle, VpnProfileDataSource.KEY_DNS_SERVERS));
                flags = addPositiveFlag(flags, bundle, KEY_TRANSPORT_IPV6_FLAG, VpnProfile.FLAGS_IPv6_TRANSPORT);
 
                final Bundle splitTunneling = bundle.getBundle(VpnProfileDataSource.KEY_SPLIT_TUNNELING);
@@ -79,8 +79,8 @@ public class ManagedVpnProfile extends VpnProfile
                        splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV4_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV4);
                        splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV6_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV6);
 
-                       setExcludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_EXCLUDED_SUBNETS));
-                       setIncludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_INCLUDED_SUBNETS));
+                       setExcludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_EXCLUDED_SUBNETS));
+                       setIncludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_INCLUDED_SUBNETS));
                }
 
                setSplitTunneling(splitFlags);
@@ -110,7 +110,7 @@ public class ManagedVpnProfile extends VpnProfile
 
                setGateway(remote.getString(VpnProfileDataSource.KEY_GATEWAY));
                setPort(getInt(remote, VpnProfileDataSource.KEY_PORT, 1, 65_535));
-               setRemoteId(remote.getString(VpnProfileDataSource.KEY_REMOTE_ID));
+               setRemoteId(getString(remote, VpnProfileDataSource.KEY_REMOTE_ID));
 
                final String certificateData = remote.getString(VpnProfileDataSource.KEY_CERTIFICATE);
                if (!TextUtils.isEmpty(certificateData))
@@ -133,9 +133,9 @@ public class ManagedVpnProfile extends VpnProfile
                        return flags;
                }
 
-               setLocalId(local.getString(VpnProfileDataSource.KEY_LOCAL_ID));
-               setUsername(local.getString(VpnProfileDataSource.KEY_USERNAME));
-               setPassword(local.getString(VpnProfileDataSource.KEY_PASSWORD));
+               setLocalId(getString(local, VpnProfileDataSource.KEY_LOCAL_ID));
+               setUsername(getString(local, VpnProfileDataSource.KEY_USERNAME));
+               setPassword(getString(local, VpnProfileDataSource.KEY_PASSWORD));
 
                final String userCertificateData = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE);
                final String userCertificatePassword = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE_PASSWORD, "");
@@ -155,6 +155,12 @@ public class ManagedVpnProfile extends VpnProfile
                return value < min || value > max ? null : value;
        }
 
+       private static String getString(final Bundle bundle, final String key)
+       {
+               final String value = bundle.getString(key);
+               return TextUtils.isEmpty(value) ? null : value;
+       }
+
        private static int addPositiveFlag(int flags, Bundle bundle, String key, int flag)
        {
                if (bundle.getBoolean(key))
Unnamed repository; edit this file 'description' to name the repository.