| /* |
| * Copyright (C) 2011 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package com.android.internal.net; |
| |
| import android.os.Parcel; |
| import android.os.Parcelable; |
| import android.text.TextUtils; |
| import android.util.Log; |
| |
| import java.net.InetAddress; |
| import java.nio.charset.StandardCharsets; |
| |
| /** |
| * Parcel-like entity class for VPN profiles. To keep things simple, all |
| * fields are package private. Methods are provided for serialization, so |
| * storage can be implemented easily. Two rules are set for this class. |
| * First, all fields must be kept non-null. Second, always make a copy |
| * using clone() before modifying. |
| * |
| * @hide |
| */ |
| public class VpnProfile implements Cloneable, Parcelable { |
| private static final String TAG = "VpnProfile"; |
| |
| // Match these constants with R.array.vpn_types. |
| public static final int TYPE_PPTP = 0; |
| public static final int TYPE_L2TP_IPSEC_PSK = 1; |
| public static final int TYPE_L2TP_IPSEC_RSA = 2; |
| public static final int TYPE_IPSEC_XAUTH_PSK = 3; |
| public static final int TYPE_IPSEC_XAUTH_RSA = 4; |
| public static final int TYPE_IPSEC_HYBRID_RSA = 5; |
| public static final int TYPE_MAX = 5; |
| |
| // Entity fields. |
| public final String key; // -1 |
| public String name = ""; // 0 |
| public int type = TYPE_PPTP; // 1 |
| public String server = ""; // 2 |
| public String username = ""; // 3 |
| public String password = ""; // 4 |
| public String dnsServers = ""; // 5 |
| public String searchDomains = ""; // 6 |
| public String routes = ""; // 7 |
| public boolean mppe = true; // 8 |
| public String l2tpSecret = ""; // 9 |
| public String ipsecIdentifier = "";// 10 |
| public String ipsecSecret = ""; // 11 |
| public String ipsecUserCert = ""; // 12 |
| public String ipsecCaCert = ""; // 13 |
| public String ipsecServerCert = "";// 14 |
| |
| // Helper fields. |
| public boolean saveLogin = false; |
| |
| public VpnProfile(String key) { |
| this.key = key; |
| } |
| |
| public VpnProfile(Parcel in) { |
| key = in.readString(); |
| name = in.readString(); |
| type = in.readInt(); |
| server = in.readString(); |
| username = in.readString(); |
| password = in.readString(); |
| dnsServers = in.readString(); |
| searchDomains = in.readString(); |
| routes = in.readString(); |
| mppe = in.readInt() != 0; |
| l2tpSecret = in.readString(); |
| ipsecIdentifier = in.readString(); |
| ipsecSecret = in.readString(); |
| ipsecUserCert = in.readString(); |
| ipsecCaCert = in.readString(); |
| ipsecServerCert = in.readString(); |
| saveLogin = in.readInt() != 0; |
| } |
| |
| @Override |
| public void writeToParcel(Parcel out, int flags) { |
| out.writeString(key); |
| out.writeString(name); |
| out.writeInt(type); |
| out.writeString(server); |
| out.writeString(username); |
| out.writeString(password); |
| out.writeString(dnsServers); |
| out.writeString(searchDomains); |
| out.writeString(routes); |
| out.writeInt(mppe ? 1 : 0); |
| out.writeString(l2tpSecret); |
| out.writeString(ipsecIdentifier); |
| out.writeString(ipsecSecret); |
| out.writeString(ipsecUserCert); |
| out.writeString(ipsecCaCert); |
| out.writeString(ipsecServerCert); |
| out.writeInt(saveLogin ? 1 : 0); |
| } |
| |
| public static VpnProfile decode(String key, byte[] value) { |
| try { |
| if (key == null) { |
| return null; |
| } |
| |
| String[] values = new String(value, StandardCharsets.UTF_8).split("\0", -1); |
| // There can be 14 or 15 values in ICS MR1. |
| if (values.length < 14 || values.length > 15) { |
| return null; |
| } |
| |
| VpnProfile profile = new VpnProfile(key); |
| profile.name = values[0]; |
| profile.type = Integer.valueOf(values[1]); |
| if (profile.type < 0 || profile.type > TYPE_MAX) { |
| return null; |
| } |
| profile.server = values[2]; |
| profile.username = values[3]; |
| profile.password = values[4]; |
| profile.dnsServers = values[5]; |
| profile.searchDomains = values[6]; |
| profile.routes = values[7]; |
| profile.mppe = Boolean.valueOf(values[8]); |
| profile.l2tpSecret = values[9]; |
| profile.ipsecIdentifier = values[10]; |
| profile.ipsecSecret = values[11]; |
| profile.ipsecUserCert = values[12]; |
| profile.ipsecCaCert = values[13]; |
| profile.ipsecServerCert = (values.length > 14) ? values[14] : ""; |
| |
| profile.saveLogin = !profile.username.isEmpty() || !profile.password.isEmpty(); |
| return profile; |
| } catch (Exception e) { |
| // ignore |
| } |
| return null; |
| } |
| |
| public byte[] encode() { |
| StringBuilder builder = new StringBuilder(name); |
| builder.append('\0').append(type); |
| builder.append('\0').append(server); |
| builder.append('\0').append(saveLogin ? username : ""); |
| builder.append('\0').append(saveLogin ? password : ""); |
| builder.append('\0').append(dnsServers); |
| builder.append('\0').append(searchDomains); |
| builder.append('\0').append(routes); |
| builder.append('\0').append(mppe); |
| builder.append('\0').append(l2tpSecret); |
| builder.append('\0').append(ipsecIdentifier); |
| builder.append('\0').append(ipsecSecret); |
| builder.append('\0').append(ipsecUserCert); |
| builder.append('\0').append(ipsecCaCert); |
| builder.append('\0').append(ipsecServerCert); |
| return builder.toString().getBytes(StandardCharsets.UTF_8); |
| } |
| |
| /** |
| * Test if profile is valid for lockdown, which requires IPv4 address for |
| * both server and DNS. Server hostnames would require using DNS before |
| * connection. |
| */ |
| public boolean isValidLockdownProfile() { |
| try { |
| InetAddress.parseNumericAddress(server); |
| |
| for (String dnsServer : dnsServers.split(" +")) { |
| InetAddress.parseNumericAddress(this.dnsServers); |
| } |
| if (TextUtils.isEmpty(dnsServers)) { |
| Log.w(TAG, "DNS required"); |
| return false; |
| } |
| |
| // Everything checked out above |
| return true; |
| |
| } catch (IllegalArgumentException e) { |
| Log.w(TAG, "Invalid address", e); |
| return false; |
| } |
| } |
| |
| public static final Creator<VpnProfile> CREATOR = new Creator<VpnProfile>() { |
| @Override |
| public VpnProfile createFromParcel(Parcel in) { |
| return new VpnProfile(in); |
| } |
| |
| @Override |
| public VpnProfile[] newArray(int size) { |
| return new VpnProfile[size]; |
| } |
| }; |
| |
| @Override |
| public int describeContents() { |
| return 0; |
| } |
| } |