private TrustedCertificateEntry mCertEntry;
private String mUserCertLoading;
private CertificateIdentitiesAdapter mSelectUserIdAdapter;
- private String mSelectedUserId;
private TrustedCertificateEntry mUserCertEntry;
private VpnType mVpnType = VpnType.IKEV2_EAP;
private SelectedAppsHandling mSelectedAppsHandling = SelectedAppsHandling.SELECTED_APPS_DISABLE;
private EditText mPassword;
private ViewGroup mUserCertificate;
private RelativeLayout mSelectUserCert;
- private Spinner mSelectUserId;
private CheckBox mCheckAuto;
private RelativeLayout mSelectCert;
private RelativeLayout mTncNotice;
private ViewGroup mAdvancedSettings;
private MultiAutoCompleteTextView mRemoteId;
private TextInputLayoutHelper mRemoteIdWrap;
+ private MultiAutoCompleteTextView mLocalId;
+ private TextInputLayoutHelper mLocalIdWrap;
private EditText mMTU;
private TextInputLayoutHelper mMTUWrap;
private EditText mPort;
mUserCertificate = (ViewGroup)findViewById(R.id.user_certificate_group);
mSelectUserCert = (RelativeLayout)findViewById(R.id.select_user_certificate);
- mSelectUserId = (Spinner)findViewById(R.id.select_user_id);
mCheckAuto = (CheckBox)findViewById(R.id.ca_auto);
mSelectCert = (RelativeLayout)findViewById(R.id.select_certificate);
mRemoteId = (MultiAutoCompleteTextView)findViewById(R.id.remote_id);
mRemoteIdWrap = (TextInputLayoutHelper) findViewById(R.id.remote_id_wrap);
+ mLocalId = findViewById(R.id.local_id);
+ mLocalIdWrap = findViewById(R.id.local_id_wrap);
mDnsServers = findViewById(R.id.dns_servers);
mDnsServersWrap = findViewById(R.id.dns_servers_wrap);
mMTU = (EditText)findViewById(R.id.mtu);
final SpaceTokenizer spaceTokenizer = new SpaceTokenizer();
mName.setTokenizer(spaceTokenizer);
mRemoteId.setTokenizer(spaceTokenizer);
+ mLocalId.setTokenizer(spaceTokenizer);
final ArrayAdapter<String> gatewayAdapter = new ArrayAdapter<>(this, android.R.layout.simple_dropdown_item_1line);
mName.setAdapter(gatewayAdapter);
mRemoteId.setAdapter(gatewayAdapter);
mSelectUserCert.setOnClickListener(new SelectUserCertOnClickListener());
mSelectUserIdAdapter = new CertificateIdentitiesAdapter(this);
- mSelectUserId.setAdapter(mSelectUserIdAdapter);
- mSelectUserId.setOnItemSelectedListener(new OnItemSelectedListener() {
- @Override
- public void onItemSelected(AdapterView<?> parent, View view, int position, long id)
- {
- if (mUserCertEntry != null)
- { /* we don't store the subject DN as it is in the reverse order and the default anyway */
- mSelectedUserId = position == 0 ? null : mSelectUserIdAdapter.getItem(position);
- }
- }
-
- @Override
- public void onNothingSelected(AdapterView<?> parent)
- {
- mSelectedUserId = null;
- }
- });
+ mLocalId.setAdapter(mSelectUserIdAdapter);
mCheckAuto.setOnCheckedChangeListener(new OnCheckedChangeListener() {
@Override
{
outState.putString(VpnProfileDataSource.KEY_USER_CERTIFICATE, mUserCertEntry.getAlias());
}
- if (mSelectedUserId != null)
- {
- outState.putString(VpnProfileDataSource.KEY_LOCAL_ID, mSelectedUserId);
- }
if (mCertEntry != null)
{
outState.putString(VpnProfileDataSource.KEY_CERTIFICATE, mCertEntry.getAlias());
mUsernamePassword.setVisibility(mVpnType.has(VpnTypeFeature.USER_PASS) ? View.VISIBLE : View.GONE);
mUserCertificate.setVisibility(mVpnType.has(VpnTypeFeature.CERTIFICATE) ? View.VISIBLE : View.GONE);
mTncNotice.setVisibility(mVpnType.has(VpnTypeFeature.BYOD) ? View.VISIBLE : View.GONE);
+ mLocalIdWrap.setHelperText(getString(R.string.profile_local_id_hint_user));
if (mVpnType.has(VpnTypeFeature.CERTIFICATE))
{
- mSelectUserId.setEnabled(false);
if (mUserCertLoading != null)
{
((TextView)mSelectUserCert.findViewById(android.R.id.text1)).setText(mUserCertLoading);
((TextView)mSelectUserCert.findViewById(android.R.id.text1)).setText(mUserCertEntry.getAlias());
((TextView)mSelectUserCert.findViewById(android.R.id.text2)).setText(mUserCertEntry.getCertificate().getSubjectDN().toString());
mSelectUserIdAdapter.setCertificate(mUserCertEntry);
- mSelectUserId.setSelection(mSelectUserIdAdapter.getPosition(mSelectedUserId));
- mSelectUserId.setEnabled(true);
}
else
{
((TextView)mSelectUserCert.findViewById(android.R.id.text2)).setText(R.string.profile_user_select_certificate);
mSelectUserIdAdapter.setCertificate(null);
}
+ mLocalIdWrap.setHelperText(getString(R.string.profile_local_id_hint_cert));
}
}
mProfile.getIncludedSubnets() != null || mProfile.getExcludedSubnets() != null ||
mProfile.getSelectedAppsHandling() != SelectedAppsHandling.SELECTED_APPS_DISABLE ||
mProfile.getIkeProposal() != null || mProfile.getEspProposal() != null ||
- mProfile.getDnsServers() != null;
+ mProfile.getDnsServers() != null || mProfile.getLocalId() != null;
}
mShowAdvanced.setVisibility(!show ? View.VISIBLE : View.GONE);
mAdvancedSettings.setVisibility(show ? View.VISIBLE : View.GONE);
if (mVpnType.has(VpnTypeFeature.CERTIFICATE))
{
mProfile.setUserCertificateAlias(mUserCertEntry.getAlias());
- mProfile.setLocalId(mSelectedUserId);
}
String certAlias = mCheckAuto.isChecked() ? null : mCertEntry.getAlias();
mProfile.setCertificateAlias(certAlias);
mProfile.setRemoteId(getString(mRemoteId));
+ mProfile.setLocalId(getString(mLocalId));
mProfile.setMTU(getInteger(mMTU));
mProfile.setPort(getInteger(mPort));
mProfile.setNATKeepAlive(getInteger(mNATKeepalive));
mUsername.setText(mProfile.getUsername());
mPassword.setText(mProfile.getPassword());
mRemoteId.setText(mProfile.getRemoteId());
+ mLocalId.setText(mProfile.getLocalId());
mMTU.setText(mProfile.getMTU() != null ? mProfile.getMTU().toString() : null);
mPort.setText(mProfile.getPort() != null ? mProfile.getPort().toString() : null);
mNATKeepalive.setText(mProfile.getNATKeepAlive() != null ? mProfile.getNATKeepAlive().toString() : null);
/* check if the user selected a user certificate previously */
useralias = savedInstanceState == null ? useralias : savedInstanceState.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE);
- local_id = savedInstanceState == null ? local_id : savedInstanceState.getString(VpnProfileDataSource.KEY_LOCAL_ID);
if (useralias != null)
{
UserCertificateLoader loader = new UserCertificateLoader(this, useralias);
mUserCertLoading = useralias;
- mSelectedUserId = local_id;
loader.execute();
}
/*
- * Copyright (C) 2016 Tobias Brunner
+ * Copyright (C) 2016-2019 Tobias Brunner
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
package org.strongswan.android.ui.adapter;
import android.content.Context;
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.ViewGroup;
import android.widget.ArrayAdapter;
-import android.widget.TextView;
-import org.strongswan.android.R;
import org.strongswan.android.security.TrustedCertificateEntry;
-import java.util.List;
-
public class CertificateIdentitiesAdapter extends ArrayAdapter<String>
{
TrustedCertificateEntry mCertificate;
private void extractIdentities()
{
- if (mCertificate == null)
- {
- add(getContext().getString(R.string.profile_user_select_id_init));
- }
- else
+ if (mCertificate != null)
{
- add(String.format(getContext().getString(R.string.profile_user_select_id_default),
- mCertificate.getCertificate().getSubjectDN().getName()));
addAll(mCertificate.getSubjectAltNames());
}
}
package org.strongswan.android.ui.adapter;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.List;
-
-import org.strongswan.android.R;
-import org.strongswan.android.data.VpnProfile;
-import org.strongswan.android.data.VpnType.VpnTypeFeature;
-
import android.content.Context;
import android.view.LayoutInflater;
import android.view.View;
import android.widget.ArrayAdapter;
import android.widget.TextView;
+import org.strongswan.android.R;
+import org.strongswan.android.data.VpnProfile;
+import org.strongswan.android.data.VpnType.VpnTypeFeature;
+
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.List;
+
public class VpnProfileAdapter extends ArrayAdapter<VpnProfile>
{
private final int resource;
profile.getLocalId() != null)
{
tv.setVisibility(View.VISIBLE);
- tv.setText(getContext().getString(R.string.profile_user_select_id_label) + ": " + profile.getLocalId());
+ tv.setText(getContext().getString(R.string.profile_local_id_label) + ": " + profile.getLocalId());
}
else
{
android:id="@+id/username_wrap"
android:layout_width="match_parent"
android:layout_height="wrap_content"
+ android:layout_marginTop="4dp"
android:hint="@string/profile_username_label" >
<com.google.android.material.textfield.TextInputEditText
android:id="@+id/select_user_certificate"
layout="@layout/two_line_button" />
- <TextView
- android:layout_width="match_parent"
- android:layout_height="wrap_content"
- android:layout_marginTop="4dp"
- android:layout_marginLeft="4dp"
- android:textSize="12sp"
- android:text="@string/profile_user_select_id_label" />
-
- <Spinner
- android:id="@+id/select_user_id"
- android:layout_width="match_parent"
- android:layout_height="wrap_content"
- android:spinnerMode="dropdown" />
-
</LinearLayout>
<TextView
</org.strongswan.android.ui.widget.TextInputLayoutHelper>
+ <org.strongswan.android.ui.widget.TextInputLayoutHelper
+ android:id="@+id/local_id_wrap"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"
+ android:hint="@string/profile_local_id_label"
+ app:helper_text="@string/profile_local_id_hint_user" >
+
+ <MultiAutoCompleteTextView
+ android:id="@+id/local_id"
+ android:layout_width="match_parent"
+ android:layout_height="wrap_content"
+ android:singleLine="true"
+ android:inputType="textNoSuggestions"
+ android:completionThreshold="0" />
+
+ </org.strongswan.android.ui.widget.TextInputLayoutHelper>
+
<org.strongswan.android.ui.widget.TextInputLayoutHelper
android:id="@+id/dns_servers_wrap"
android:layout_width="match_parent"
<string name="profile_user_certificate_label">Benutzer-Zertifikat</string>
<string name="profile_user_select_certificate_label">Benutzer-Zertifikat auswählen</string>
<string name="profile_user_select_certificate">Wählen Sie ein bestimmtes Benutzer-Zertifikat</string>
- <string name="profile_user_select_id_label">Benutzer-Identität</string>
- <string name="profile_user_select_id_init">Wählen Sie zuerst ein Benutzer-Zertifikat</string>
- <string name="profile_user_select_id_default">Standardwert (%1$s)</string>
<string name="profile_ca_label">CA-Zertifikat</string>
<string name="profile_ca_auto_label">Automatisch wählen</string>
<string name="profile_ca_select_certificate_label">CA-Zertifikat auswählen</string>
<string name="profile_remote_id_label">Server-Identität</string>
<string name="profile_remote_id_hint">Standardwert ist der konfigurierte Server. Eigene Werte werden explizit an den Server gesendet und während der Authentifizierung erzwungen</string>
<string name="profile_remote_id_hint_gateway">Standardwert ist \"%1$s\". Eigene Werte werden explizit an den Server gesendet und während der Authentifizierung erzwungen</string>
+ <string name="profile_local_id_label">Client-Identität</string>
+ <string name="profile_local_id_hint_user">Standardwert ist der konfigurierte Benutzername. Eigene Werte können verwendet werden, falls der Server diese erwartet/benötigt</string>
+ <string name="profile_local_id_hint_cert">Standardwert ist die Inhaber-Identität des Zertifkats. Eigene Werte können verwendet werden, falls der Server diese erwartet/benötigt. Zu beachten ist, dass diese üblicherweise vom Zertifikat bestätigt werden müssen (für die alternativen Identitäten des Zertifikats, falls vorhanden, wird eine Auto-Vervollständigung angeboten)</string>
<string name="profile_dns_servers_label">DNS Server</string>
<string name="profile_dns_servers_hint">Benutzerdefinierte DNS Server bei Verbindung zum VPN (mit Leerzeichen getrennt, z.B.. \"8.8.8.8 2001:4860:4860::8888\"), standardmässig werden die vom VPN Server erhaltenen Server verwendet</string>
<string name="profile_mtu_label">MTU des VPN Tunnel-Device</string>
<string name="profile_user_certificate_label">Certyfikat użytkownika</string>
<string name="profile_user_select_certificate_label">Wybierz certyfikat użytkownika</string>
<string name="profile_user_select_certificate">>Wybierz określony certyfikat użytkownika</string>
- <string name="profile_user_select_id_label">User identity</string>
- <string name="profile_user_select_id_init">Select a certificate first</string>
- <string name="profile_user_select_id_default">Default (%1$s)</string>
<string name="profile_ca_label">Certyfikat CA</string>
<string name="profile_ca_auto_label">Wybierz automatycznie</string>
<string name="profile_ca_select_certificate_label">Wybierz certyfikat CA</string>
<string name="profile_remote_id_label">Server identity</string>
<string name="profile_remote_id_hint">Defaults to the configured server. Custom values are explicitly sent to the server and enforced during authentication</string>
<string name="profile_remote_id_hint_gateway">Defaults to \"%1$s\". Custom values are explicitly sent to the server and enforced during authentication</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">MTU of the VPN tunnel device</string>
<string name="profile_user_certificate_label">Сертификат пользователя</string>
<string name="profile_user_select_certificate_label">Выбрать сертификат пользователя</string>
<string name="profile_user_select_certificate">Выбрать сертификат пользователя</string>
- <string name="profile_user_select_id_label">User identity</string>
- <string name="profile_user_select_id_init">Select a certificate first</string>
- <string name="profile_user_select_id_default">Default (%1$s)</string>
<string name="profile_ca_label">Сертификат CA</string>
<string name="profile_ca_auto_label">Выбрать автоматически</string>
<string name="profile_ca_select_certificate_label">Выбрать сертификат CA</string>
<string name="profile_remote_id_label">Server identity</string>
<string name="profile_remote_id_hint">Defaults to the configured server. Custom values are explicitly sent to the server and enforced during authentication</string>
<string name="profile_remote_id_hint_gateway">Defaults to \"%1$s\". Custom values are explicitly sent to the server and enforced during authentication</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">MTU of the VPN tunnel device</string>
<string name="profile_user_certificate_label">Сертифікат користувача</string>
<string name="profile_user_select_certificate_label">Виберіть сертифікат користувача</string>
<string name="profile_user_select_certificate">Вибрати спеціальний сертифікат користувача</string>
- <string name="profile_user_select_id_label">User identity</string>
- <string name="profile_user_select_id_init">Select a certificate first</string>
- <string name="profile_user_select_id_default">Default (%1$s)</string>
<string name="profile_ca_label">Сертифікат CA</string>
<string name="profile_ca_auto_label">Вибрати автоматично</string>
<string name="profile_ca_select_certificate_label">Вибрати сертифікат CA</string>
<string name="profile_remote_id_label">Server identity</string>
<string name="profile_remote_id_hint">Defaults to the configured server. Custom values are explicitly sent to the server and enforced during authentication</string>
<string name="profile_remote_id_hint_gateway">Defaults to \"%1$s\". Custom values are explicitly sent to the server and enforced during authentication</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">MTU of the VPN tunnel device</string>
<string name="profile_user_certificate_label">用户证书</string>
<string name="profile_user_select_certificate_label">选择用户证书</string>
<string name="profile_user_select_certificate">选择指定的用户证书</string>
- <string name="profile_user_select_id_label">用户ID</string>
- <string name="profile_user_select_id_init">首先选择一个证书</string>
- <string name="profile_user_select_id_default">默认(%1$s)</string>
<string name="profile_ca_label">CA证书</string>
<string name="profile_ca_auto_label">自动选择</string>
<string name="profile_ca_select_certificate_label">选择CA证书</string>
<string name="profile_remote_id_label">服务器ID</string>
<string name="profile_remote_id_hint">默认为已配置的服务器地址。自义定值将在鉴权期间被显式地发送至服务器</string>
<string name="profile_remote_id_hint_gateway">默认为 \"%1$s\"。自义定值将在鉴权期间被显式地发送至服务器</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">VPN隧道设备的MTU值</string>
<string name="profile_user_certificate_label">用戶憑證</string>
<string name="profile_user_select_certificate_label">選擇用戶憑證</string>
<string name="profile_user_select_certificate">選擇指定的用戶憑證</string>
- <string name="profile_user_select_id_label">用戶帳號</string>
- <string name="profile_user_select_id_init">請先選擇一個憑證</string>
- <string name="profile_user_select_id_default">預設(%1$s)</string>
<string name="profile_ca_label">CA憑證</string>
<string name="profile_ca_auto_label">自動選擇</string>
<string name="profile_ca_select_certificate_label">選擇CA憑證</string>
<string name="profile_remote_id_label">伺服器ID</string>
<string name="profile_remote_id_hint">預設為已設定的伺服器位置。自訂值會在授權期間送到伺服器</string>
<string name="profile_remote_id_hint_gateway">預設為 \"%1$s\"。自訂值會在授權期間送到伺服器</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">VPN通道裝置的MTU值</string>
<string name="profile_user_certificate_label">User certificate</string>
<string name="profile_user_select_certificate_label">Select user certificate</string>
<string name="profile_user_select_certificate">Select a specific user certificate</string>
- <string name="profile_user_select_id_label">User identity</string>
- <string name="profile_user_select_id_init">Select a certificate first</string>
- <string name="profile_user_select_id_default">Default (%1$s)</string>
<string name="profile_ca_label">CA certificate</string>
<string name="profile_ca_auto_label">Select automatically</string>
<string name="profile_ca_select_certificate_label">Select CA certificate</string>
<string name="profile_remote_id_label">Server identity</string>
<string name="profile_remote_id_hint">Defaults to the configured server. Custom values are explicitly sent to the server and enforced during authentication</string>
<string name="profile_remote_id_hint_gateway">Defaults to \"%1$s\". Custom values are explicitly sent to the server and enforced during authentication</string>
+ <string name="profile_local_id_label">Client identity</string>
+ <string name="profile_local_id_hint_user">Defaults to the configured username. Custom values may be used if expected/required by the server</string>
+ <string name="profile_local_id_hint_cert">Defaults to the certificate\'s subject identity. Custom values may be used if expected/required by the server. Note that these usually must be confirmed by the certificate (auto-completion is provided for the certificate\'s alternative identities, if any)</string>
<string name="profile_dns_servers_label">DNS servers</string>
<string name="profile_dns_servers_hint">Custom DNS servers to use when connected to the VPN (separated by spaces, e.g. \"8.8.8.8 2001:4860:4860::8888\"), defaults to those received from the VPN server</string>
<string name="profile_mtu_label">MTU of the VPN tunnel device</string>
projects / thirdparty / strongswan.git / commitdiff
