From: Tobias Brunner Date: Tue, 4 Feb 2025 14:53:46 +0000 (+0100) Subject: android: Ignore empty strings for settings in managed profiles X-Git-Tag: android-2.5.3^2~9 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=10d8b66f0579cc6a71387867594d78dcf47e2733;p=thirdparty%2Fstrongswan.git android: Ignore empty strings for settings in managed profiles Unspecified settings should be set to null, while some MDMs might send them as empty strings, which could cause issues (like an empty password or trying to parse an empty DNS server address). --- diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java b/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java index 5dc7b7744a..30943aa6be 100644 --- a/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java +++ b/src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java @@ -68,9 +68,9 @@ public class ManagedVpnProfile extends VpnProfile setMTU(getInt(bundle, VpnProfileDataSource.KEY_MTU, Constants.MTU_MIN, Constants.MTU_MAX)); setNATKeepAlive(getInt(bundle, VpnProfileDataSource.KEY_NAT_KEEPALIVE, Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX)); - setIkeProposal(bundle.getString(VpnProfileDataSource.KEY_IKE_PROPOSAL)); - setEspProposal(bundle.getString(VpnProfileDataSource.KEY_ESP_PROPOSAL)); - setDnsServers(bundle.getString(VpnProfileDataSource.KEY_DNS_SERVERS)); + setIkeProposal(getString(bundle, VpnProfileDataSource.KEY_IKE_PROPOSAL)); + setEspProposal(getString(bundle, VpnProfileDataSource.KEY_ESP_PROPOSAL)); + setDnsServers(getString(bundle, VpnProfileDataSource.KEY_DNS_SERVERS)); flags = addPositiveFlag(flags, bundle, KEY_TRANSPORT_IPV6_FLAG, VpnProfile.FLAGS_IPv6_TRANSPORT); final Bundle splitTunneling = bundle.getBundle(VpnProfileDataSource.KEY_SPLIT_TUNNELING); @@ -79,8 +79,8 @@ public class ManagedVpnProfile extends VpnProfile splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV4_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV4); splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV6_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV6); - setExcludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_EXCLUDED_SUBNETS)); - setIncludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_INCLUDED_SUBNETS)); + setExcludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_EXCLUDED_SUBNETS)); + setIncludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_INCLUDED_SUBNETS)); } setSplitTunneling(splitFlags); @@ -110,7 +110,7 @@ public class ManagedVpnProfile extends VpnProfile setGateway(remote.getString(VpnProfileDataSource.KEY_GATEWAY)); setPort(getInt(remote, VpnProfileDataSource.KEY_PORT, 1, 65_535)); - setRemoteId(remote.getString(VpnProfileDataSource.KEY_REMOTE_ID)); + setRemoteId(getString(remote, VpnProfileDataSource.KEY_REMOTE_ID)); final String certificateData = remote.getString(VpnProfileDataSource.KEY_CERTIFICATE); if (!TextUtils.isEmpty(certificateData)) @@ -133,9 +133,9 @@ public class ManagedVpnProfile extends VpnProfile return flags; } - setLocalId(local.getString(VpnProfileDataSource.KEY_LOCAL_ID)); - setUsername(local.getString(VpnProfileDataSource.KEY_USERNAME)); - setPassword(local.getString(VpnProfileDataSource.KEY_PASSWORD)); + setLocalId(getString(local, VpnProfileDataSource.KEY_LOCAL_ID)); + setUsername(getString(local, VpnProfileDataSource.KEY_USERNAME)); + setPassword(getString(local, VpnProfileDataSource.KEY_PASSWORD)); final String userCertificateData = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE); final String userCertificatePassword = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE_PASSWORD, ""); @@ -155,6 +155,12 @@ public class ManagedVpnProfile extends VpnProfile return value < min || value > max ? null : value; } + private static String getString(final Bundle bundle, final String key) + { + final String value = bundle.getString(key); + return TextUtils.isEmpty(value) ? null : value; + } + private static int addPositiveFlag(int flags, Bundle bundle, String key, int flag) { if (bundle.getBoolean(key))