From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 17 Nov 2017 16:40:52 +0000 (+0100)
Subject: android: Validate proposal strings in the GUI
X-Git-Tag: 5.6.2dr1~4^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9f962f6c1917551fa99904f81687c042345c0f0b;p=thirdparty%2Fstrongswan.git

android: Validate proposal strings in the GUI
---

diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java b/src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java
index 6ba8f80fb8..37c5b3357f 100644
--- a/src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java
+++ b/src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileDetailActivity.java
@@ -70,6 +70,7 @@ import org.strongswan.android.ui.adapter.CertificateIdentitiesAdapter;
 import org.strongswan.android.ui.widget.TextInputLayoutHelper;
 import org.strongswan.android.utils.Constants;
 import org.strongswan.android.utils.IPRangeSet;
+import org.strongswan.android.utils.Utils;
 
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -653,6 +654,16 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 													 Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX));
 			valid = false;
 		}
+		if (!validateProposal(mIkeProposal, true))
+		{
+			mIkeProposalWrap.setError(getString(R.string.alert_text_no_proposal));
+			valid = false;
+		}
+		if (!validateProposal(mEspProposal, false))
+		{
+			mEspProposalWrap.setError(getString(R.string.alert_text_no_proposal));
+			valid = false;
+		}
 		return valid;
 	}
 
@@ -845,6 +856,17 @@ public class VpnProfileDetailActivity extends AppCompatActivity
 		return value.isEmpty() || IPRangeSet.fromString(value) != null;
 	}
 
+	/**
+	 * Check that the value in the given text box is a valid proposal
+	 *
+	 * @param view text box
+	 */
+	private boolean validateProposal(EditText view, boolean ike)
+	{
+		String value = view.getText().toString().trim();
+		return value.isEmpty() || Utils.isProposalValid(ike, value);
+	}
+
 	private class SelectUserCertOnClickListener implements OnClickListener, KeyChainAliasCallback
 	{
 		@Override
diff --git a/src/frontends/android/app/src/main/res/values-de/strings.xml b/src/frontends/android/app/src/main/res/values-de/strings.xml
index 93eeb2a51a..49a0ab411e 100644
--- a/src/frontends/android/app/src/main/res/values-de/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-de/strings.xml
@@ -119,6 +119,7 @@
     <string name="alert_text_nocertfound">Bitte wÃ¤hlen Sie eines aus oder aktivieren Sie <i>Automatisch wÃ¤hlen</i></string>
     <string name="alert_text_out_of_range">Bitte geben Sie eine Nummer von %1$d - %2$d ein</string>
     <string name="alert_text_no_subnets">Bitte geben Sie mit Leerzeichen getrennte, gÃ¼ltige Subnetzte und/oder IP-Adressen ein</string>
+    <string name="alert_text_no_proposal">Bitte geben Sie eine mit Bindestrichen getrennte, gÃ¼ltige Liste von Algorithmen ein</string>
     <string name="tnc_notice_title">EAP-TNC kann Ihre PrivatsphÃ¤re beeintrÃ¤chtigen</string>
     <string name="tnc_notice_subtitle">GerÃ¤tedaten werden an den Server-Betreiber gesendet</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) erlaubt Server-Betreibern den Gesundheitszustand von EndgerÃ¤ten zu prÃ¼fen.</p><p>Dazu kann der Betreiber Daten verlangen, wie etwa eine eindeutige Identifikationsnummer, eine Liste der installierten Pakete, Systemeinstellungen oder kryptografische PrÃ¼fsummen von Dateien.</p><b>Solche Daten werden nur Ã¼bermittelt nachdem die IdentitÃ¤t des Servers geprÃ¼ft wurde.</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values-pl/strings.xml b/src/frontends/android/app/src/main/res/values-pl/strings.xml
index cc48a9b282..61fd3f09ee 100644
--- a/src/frontends/android/app/src/main/res/values-pl/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-pl/strings.xml
@@ -119,6 +119,7 @@
     <string name="alert_text_nocertfound">Wybierz lub uaktywnij jeden <i>Wybierz automatycznie</i></string>
     <string name="alert_text_out_of_range">Please enter a number in the range from %1$d - %2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNC may affect your privacy</string>
     <string name="tnc_notice_subtitle">Device data is sent to the server operator</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) allows server operators to assess the health of a client device.</p><p>For that purpose the server operator may request data such as a unique identifier, a list of installed packages, system settings, or cryptographic checksums of files.</p><b>Any data will be sent only after verifying the server\'s identity.</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values-ru/strings.xml b/src/frontends/android/app/src/main/res/values-ru/strings.xml
index a422300993..a2b3ada45d 100644
--- a/src/frontends/android/app/src/main/res/values-ru/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-ru/strings.xml
@@ -116,6 +116,7 @@
     <string name="alert_text_nocertfound">ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð²ÑÐ±ÐµÑÐ¸ÑÐµ Ð¾Ð´Ð¸Ð½ <i>ÐÑÐ±ÑÐ°ÑÑ Ð°Ð²ÑÐ¾Ð¼Ð°ÑÐ¸ÑÐµÑÐºÐ¸</i></string>
     <string name="alert_text_out_of_range">Please enter a number in the range from %1$d - %2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNC may affect your privacy</string>
     <string name="tnc_notice_subtitle">Device data is sent to the server operator</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) allows server operators to assess the health of a client device.</p><p>For that purpose the server operator may request data such as a unique identifier, a list of installed packages, system settings, or cryptographic checksums of files.</p><b>Any data will be sent only after verifying the server\'s identity.</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values-ua/strings.xml b/src/frontends/android/app/src/main/res/values-ua/strings.xml
index 3f4a4c62f0..bfe4719cda 100644
--- a/src/frontends/android/app/src/main/res/values-ua/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-ua/strings.xml
@@ -117,6 +117,7 @@
     <string name="alert_text_nocertfound">ÐÑÐ´Ñ Ð»Ð°ÑÐºÐ° Ð²Ð¸Ð±ÐµÑÑÑÑ Ð¾Ð´Ð¸Ð½ <i>ÐÐ¸Ð±ÑÐ°ÑÐ¸ Ð°Ð²ÑÐ¾Ð¼Ð°ÑÐ¸ÑÐ½Ð¾</i></string>
     <string name="alert_text_out_of_range">Please enter a number in the range from %1$d - %2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNC may affect your privacy</string>
     <string name="tnc_notice_subtitle">Device data is sent to the server operator</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) allows server operators to assess the health of a client device.</p><p>For that purpose the server operator may request data such as a unique identifier, a list of installed packages, system settings, or cryptographic checksums of files.</p><b>Any data will be sent only after verifying the server\'s identity.</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml b/src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml
index 7d0d529a42..bda7324437 100644
--- a/src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml
@@ -116,6 +116,7 @@
     <string name="alert_text_nocertfound">è¯·éæ©ä¸é¡¹ææ¿æ´» <i>èªå¨éæ©</i></string>
     <string name="alert_text_out_of_range">è¯·è¾å¥ä¸ä¸ªæ°å­èå´ä»%1$då°%2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNCå¯è½ä¼å½±åæ¨çéç§</string>
     <string name="tnc_notice_subtitle">è®¾å¤æ°æ®å·²è¢«åéè³æå¡å¨ç®¡çå</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) åè®¸æå¡å¨ç®¡çåè¯å®ä¸ä¸ªç¨æ·è®¾å¤çç¶åµã</p><p>åºäºæ­¤ç®çï¼æå¡å¨ç®¡çåå¯è½è¦æ±ä»¥ä¸æ°æ®å¦ç¬ç«IDãå·²å®è£è½¯ä»¶åè¡¨ãç³»ç»è®¾ç½®ãæå å¯è¿çæä»¶æ ¡éªå¼ã</p><b>ä»»ä½æ°æ®é½ä»å°å¨éªè¯è¿æå¡å¨çèº«ä»½IDä¹åè¢«ååºã</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml b/src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml
index 4e87530a98..2d49923335 100644
--- a/src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml
+++ b/src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml
@@ -116,6 +116,7 @@
     <string name="alert_text_nocertfound">è«é¸æä¸é æåå <i>èªåé¸æ</i></string>
     <string name="alert_text_out_of_range">è«è¼¸å¥ä¸åæ¸å­ç¯åå¾%1$då°%2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNCå¯è½æå½±é¿æ¨çé±ç§å®å¨</string>
     <string name="tnc_notice_subtitle">è£ç½®è³æå·²ç¶ç¼éçµ¦ä¼ºæå¨ç®¡çè</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) å¯ä»¥è®ä¼ºæå¨ç®¡çèè©ä¼°ç¨æ¶è£ç½®ççæ³ã</p><p>å¨éåç®çä¸ï¼ä¼ºæå¨ç®¡çèå¯è½æè¦æ±ä»¥ä¸è³æï¼ä¾å¦IDãå·²å®è£çAppé ç®ãç³»çµ±è¨­å®ãæå å¯æªæ¡é©è­å¼ã</p><b>ä»»ä½è³æé½åªæå¨é©è­ä¼ºæå¨çèº«åIDä¹å¾ææè¢«éåºã</b>]]></string>
diff --git a/src/frontends/android/app/src/main/res/values/strings.xml b/src/frontends/android/app/src/main/res/values/strings.xml
index c51f373ea9..dd22d3be71 100644
--- a/src/frontends/android/app/src/main/res/values/strings.xml
+++ b/src/frontends/android/app/src/main/res/values/strings.xml
@@ -119,6 +119,7 @@
     <string name="alert_text_nocertfound">Please select one or activate <i>Select automatically</i></string>
     <string name="alert_text_out_of_range">Please enter a number in the range from %1$d - %2$d</string>
     <string name="alert_text_no_subnets">Please enter valid subnets and/or IP addresses, separated by spaces</string>
+    <string name="alert_text_no_proposal">Please enter a valid list of algorithms, separated by hyphens</string>
     <string name="tnc_notice_title">EAP-TNC may affect your privacy</string>
     <string name="tnc_notice_subtitle">Device data is sent to the server operator</string>
     <string name="tnc_notice_details"><![CDATA[<p>Trusted Network Connect (TNC) allows server operators to assess the health of a client device.</p><p>For that purpose the server operator may request data such as a unique identifier, a list of installed packages, system settings, or cryptographic checksums of files.</p><b>Any data will be sent only after verifying the server\'s identity.</b>]]></string>
