android: Add new VpnType to enable BYOD features

author Tobias Brunner <tobias@strongswan.org>

Wed, 19 Jun 2013 10:41:09 +0000 (12:41 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 8 Jul 2013 16:49:30 +0000 (18:49 +0200)
author Tobias Brunner <tobias@strongswan.org>
Wed, 19 Jun 2013 10:41:09 +0000 (12:41 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 8 Jul 2013 16:49:30 +0000 (18:49 +0200)
diff --git a/src/frontends/android/jni/libandroidbridge/backend/android_service.c b/src/frontends/android/jni/libandroidbridge/backend/android_service.c

index b22186580119cca252b5fba58b5dd4006a96455b..c35d348bab93fb2387b780d1900f30bc32945895 100644 (file)
--- a/src/frontends/android/jni/libandroidbridge/backend/android_service.c
+++ b/src/frontends/android/jni/libandroidbridge/backend/android_service.c
@@ -464,13 +464,18 @@ METHOD(listener_t, ike_reestablish, bool,
  }
  
  static void add_auth_cfg_eap(private_android_service_t *this,
-                                                        peer_cfg_t *peer_cfg)
+                                                        peer_cfg_t *peer_cfg, bool byod)
  {
         identification_t *user;
         auth_cfg_t *auth;
  
         auth = auth_cfg_create();
         auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+       if (byod)
+       {       /* use EAP-TTLS if BYOD is enabled */
+               auth->add(auth, AUTH_RULE_EAP_TYPE, EAP_TTLS);
+       }
+
         user = identification_create_from_string(this->username);
         auth->add(auth, AUTH_RULE_IDENTITY, user);
  
@@ -549,9 +554,10 @@ static job_requeue_t initiate(private_android_service_t *this)
                 }
         }
         if (streq("ikev2-eap", this->type) ||
-               streq("ikev2-cert-eap", this->type))
+               streq("ikev2-cert-eap", this->type) ||
+               streq("ikev2-byod-eap", this->type))
         {
-               add_auth_cfg_eap(this, peer_cfg);
+               add_auth_cfg_eap(this, peer_cfg, strpfx(this->type, "ikev2-byod"));
         }
  
         /* remote auth config */
diff --git a/src/frontends/android/res/values-de/arrays.xml b/src/frontends/android/res/values-de/arrays.xml

index d0117b202ce226407d27ea4d23fc3374d31bf0f8..30578c0a8a706a895bd7cf1eb918ee22d43ff56b 100644 (file)
--- a/src/frontends/android/res/values-de/arrays.xml
+++ b/src/frontends/android/res/values-de/arrays.xml
@@ -19,5 +19,6 @@
          <item>IKEv2 EAP (Benutzername/Passwort)</item>
          <item>IKEv2 Zertifikat</item>
          <item>IKEv2 Zertifikat + EAP (Benutzername/Passwort)</item>
+        <item>IKEv2 EAP-TNC (Benutzername/Passwort)</item>
      </string-array>
  </resources>
 \ No newline at end of file
diff --git a/src/frontends/android/res/values-pl/arrays.xml b/src/frontends/android/res/values-pl/arrays.xml

index 1b74b2e57e276521ee918c66954b193b912cbb1f..1a04cbf2e415f1942aedf2ac7fb771d06d90046d 100644 (file)
--- a/src/frontends/android/res/values-pl/arrays.xml
+++ b/src/frontends/android/res/values-pl/arrays.xml
@@ -19,5 +19,6 @@
          <item>IKEv2 EAP (użytkownik/hasło)</item>
          <item>IKEv2 certyfikat</item>
          <item>IKEv2 certyfikat + EAP (użytkownik/hasło)</item>
+        <item>IKEv2 EAP-TNC (użytkownik/hasło)</item>
      </string-array>
  </resources>
 \ No newline at end of file
diff --git a/src/frontends/android/res/values-ru/arrays.xml b/src/frontends/android/res/values-ru/arrays.xml

index 55144f29441c64e28bc5dbf662c65aaa3cc80636..713f8e4045193f9bc0965aeba8cc2b6b98af46e2 100644 (file)
--- a/src/frontends/android/res/values-ru/arrays.xml
+++ b/src/frontends/android/res/values-ru/arrays.xml
@@ -18,5 +18,6 @@
          <item>IKEv2 EAP (Логин/Пароль)</item>
          <item>IKEv2 Сертификат</item>
          <item>IKEv2 Сертификат + EAP (Логин/Пароль)</item>
+        <item>IKEv2 EAP-TNC (Логин/Пароль)</item>
      </string-array>
  </resources>
diff --git a/src/frontends/android/res/values-ua/arrays.xml b/src/frontends/android/res/values-ua/arrays.xml

index 490fea5e1f71653fe66a6ab999f6d424c80cb8e3..4bd92fe0ad2fd5ef99d81d5c034cd7e92e921272 100644 (file)
--- a/src/frontends/android/res/values-ua/arrays.xml
+++ b/src/frontends/android/res/values-ua/arrays.xml
@@ -18,5 +18,6 @@
          <item>IKEv2 EAP (Логін/Пароль)</item>
          <item>IKEv2 Сертифікати</item>
          <item>IKEv2 Сертифікати + EAP (Логін/Пароль)</item>
+        <item>IKEv2 EAP-TNC (Логін/Пароль)</item>
      </string-array>
  </resources>
diff --git a/src/frontends/android/res/values/arrays.xml b/src/frontends/android/res/values/arrays.xml

index 1ac4cc21dbdc8a3610f0a9d3263f64aca0bbb3f2..29f999d9a8813c993827186bca4e1f2be0f46995 100644 (file)
--- a/src/frontends/android/res/values/arrays.xml
+++ b/src/frontends/android/res/values/arrays.xml
@@ -19,5 +19,6 @@
          <item>IKEv2 EAP (Username/Password)</item>
          <item>IKEv2 Certificate</item>
          <item>IKEv2 Certificate + EAP (Username/Password)</item>
+        <item>IKEv2 EAP-TNC (Username/Password)</item>
      </string-array>
  </resources>
 \ No newline at end of file
diff --git a/src/frontends/android/src/org/strongswan/android/data/VpnType.java b/src/frontends/android/src/org/strongswan/android/data/VpnType.java

index 47cc1cb02bcd26c12c12b055f7996be475ff54af..f62c96d76a8d90406c05243a2151359370dfe499 100644 (file)
--- a/src/frontends/android/src/org/strongswan/android/data/VpnType.java
+++ b/src/frontends/android/src/org/strongswan/android/data/VpnType.java
@@ -20,11 +20,13 @@ public enum VpnType
         /* the order here must match the items in R.array.vpn_types */
         IKEV2_EAP("ikev2-eap", true, false),
         IKEV2_CERT("ikev2-cert", false, true),
-       IKEV2_CERT_EAP("ikev2-cert-eap", true, true);
+       IKEV2_CERT_EAP("ikev2-cert-eap", true, true),
+       IKEV2_BYOD_EAP("ikev2-byod-eap", true, false, true);
  
         private String mIdentifier;
         private boolean mCertificate;
         private boolean mUsernamePassword;
+       private boolean mBYOD;
  
         /**
          * Enum which provides additional information about the supported VPN types.
@@ -34,10 +36,24 @@ public enum VpnType
          * @param certificate true if a client certificate is required
          */
         VpnType(String id, boolean userpass, boolean certificate)
+       {
+               this(id, userpass, certificate, false);
+       }
+
+       /**
+        * Enum which provides additional information about the supported VPN types.
+        *
+        * @param id identifier used to store and transmit this specific type
+        * @param userpass true if username and password are required
+        * @param certificate true if a client certificate is required
+        * @param byod true to enable BYOD features
+        */
+       VpnType(String id, boolean userpass, boolean certificate, boolean byod)
         {
                 mIdentifier = id;
                 mUsernamePassword = userpass;
                 mCertificate = certificate;
+               mBYOD = byod;
         }
  
         /**
@@ -69,6 +85,16 @@ public enum VpnType
                 return mCertificate;
         }
  
+       /**
+        * Whether BYOD features should be enabled.
+        *
+        * @return true if BYOD features are to be enabled
+        */
+       public boolean getEnableBYOD()
+       {
+               return mBYOD;
+       }
+
         /**
          * Get the enum entry with the given identifier.
          *
diff --git a/src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java b/src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java

index 9274717b9b39c0260af0ba30a2572b313339c2a3..a7b8a8ceffcec57d14e3ba8ffa6e616932c6e005 100644 (file)
--- a/src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java
+++ b/src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java
@@ -214,7 +214,7 @@ public class CharonVpnService extends VpnService implements Runnable
                                                 mIsDisconnecting = false;
  
                                                 BuilderAdapter builder = new BuilderAdapter(mCurrentProfile.getName());
-                                               initializeCharon(builder, mLogFile, true);
+                                               initializeCharon(builder, mLogFile, mCurrentProfile.getVpnType().getEnableBYOD());
                                                 Log.i(TAG, "charon started");
  
                                                 initiate(mCurrentProfile.getVpnType().getIdentifier(),
author	Tobias Brunner <tobias@strongswan.org>
	Wed, 19 Jun 2013 10:41:09 +0000 (12:41 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 8 Jul 2013 16:49:30 +0000 (18:49 +0200)
src/frontends/android/jni/libandroidbridge/backend/android_service.c		patch \| blob \| blame \| history
src/frontends/android/res/values-de/arrays.xml		patch \| blob \| blame \| history
src/frontends/android/res/values-pl/arrays.xml		patch \| blob \| blame \| history
src/frontends/android/res/values-ru/arrays.xml		patch \| blob \| blame \| history
src/frontends/android/res/values-ua/arrays.xml		patch \| blob \| blame \| history
src/frontends/android/res/values/arrays.xml		patch \| blob \| blame \| history
src/frontends/android/src/org/strongswan/android/data/VpnType.java		patch \| blob \| blame \| history
src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java		patch \| blob \| blame \| history