mirror/openvpn-android
0
0
Fork 0
mirror of https://github.com/schwabe/ics-openvpn.git synced 2024-09-19 19:42:29 +02:00
Code

Remove API support for API < 19 (Kitkat)

Browse Source 
The newest NDK only support API 19 and higher. Remove support for
lower APIs from this app.
This commit is contained in:
Arne Schwabe 2022-05-04 12:59:09 +02:00
parent 5303c1ab56
commit 0a649719fa
10 changed files with 8 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
main/build.gradle.kts
View File

@ -15,10 +15,10 @@ plugins {
android {
compileSdk = 32
//ndkVersion = "23.0.7599858"
ndkVersion = "24.0.8215888"
defaultConfig {
minSdk = 16
minSdk = 19
targetSdk = 32
versionCode = 189
versionName = "0.7.34"

5
main/src/main/cpp/CMakeLists.txt
View File

@ -114,11 +114,6 @@ else ()
message("Not budiling SSLSpeedTest for output dir ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}")
endif ()
# The magic Jellybean keystore signing hack. Beware dragons and dlsyms magic ahead
add_library(jbcrypto SHARED jbcrypto/jbcrypto.cpp)
target_link_libraries(jbcrypto log dl)
target_compile_options(jbcrypto PRIVATE)
set(openvpn_srcs
src/compat/compat-basename.c
src/compat/compat-daemon.c

126
main/src/main/cpp/jbcrypto/jbcrypto.cpp
View File

@ -1,126 +0,0 @@
//
// JBCyrpto.cpp
// xcopenvpn
//
// Created by Arne Schwabe on 12.07.12.
// Copyright (c) 2012 Universität Paderborn. All rights reserved.
//
#include <jni.h>
#include <android/log.h>
#include <stdio.h>
#include <stdlib.h>
#include <dlfcn.h>
// Minimal defines for openssl 1.0.x
typedef void *RSA;
struct EVP_PKEY
{
int type;
int save_type;
int references;
void *ameth;
void *engine;
union {
RSA *rsa;
} pkey;
};
#define RSA_PKCS1_PADDING 1
#define RSA_NO_PADDING 3
extern "C" {
jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsasign(JNIEnv* env, jclass, jbyteArray from, jint pkeyRef, jboolean pkcs1padding);
int jniThrowException(JNIEnv* env, const char* className, const char* msg);
int (*RSA_size_dyn)(const RSA *);
int (*RSA_private_encrypt_dyn)(int, const unsigned char *, unsigned char *, RSA *, int);
unsigned long (*ERR_get_error_dyn)();
void (*ERR_error_string_n_dyn)(unsigned long, char *, size_t);
void (*ERR_print_errors_fp_dyn)(FILE *);
}
int jniThrowException(JNIEnv* env, const char* className, const char* msg) {
jclass exceptionClass = env->FindClass(className);
if (exceptionClass == NULL) {
__android_log_print(ANDROID_LOG_DEBUG,"openvpn","Unable to find exception class %s", className);
/* ClassNotFoundException now pending */
return -1;
}
if (env->ThrowNew( exceptionClass, msg) != JNI_OK) {
__android_log_print(ANDROID_LOG_DEBUG,"openvpn","Failed throwing '%s' '%s'", className, msg);
/* an exception, most likely OOM, will now be pending */
return -1;
}
env->DeleteLocalRef(exceptionClass);
return 0;
}
static char opensslerr[1024];
jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsasign (JNIEnv* env, jclass, jbyteArray from, jint pkeyRef, jboolean pkcs1padding) {
// EVP_MD_CTX* ctx = reinterpret_cast<EVP_MD_CTX*>(ctxRef);
EVP_PKEY* pkey = reinterpret_cast<EVP_PKEY*>(pkeyRef);
if (pkey == NULL || from == NULL) {
jniThrowException(env, "java/lang/NullPointerException", "EVP_KEY is null");
return NULL;
}
jbyte* data = env-> GetByteArrayElements (from, NULL);
int datalen = env-> GetArrayLength(from);
if(data==NULL )
jniThrowException(env, "java/lang/NullPointerException", "data is null");
int siglen;
RSA_size_dyn= (int (*) (const RSA *)) dlsym(RTLD_DEFAULT, "RSA_size");
unsigned char* sigret = (unsigned char*)malloc(RSA_size_dyn(pkey->pkey.rsa));
//int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
// unsigned char *sigret, unsigned int *siglen, RSA *rsa);
// adapted from s3_clnt.c
/* if (RSA_sign(NID_md5_sha1, (unsigned char*) data, datalen,
sigret, &siglen, pkey->pkey.rsa) <= 0 ) */
RSA_private_encrypt_dyn=(int (*)(int, const unsigned char *, unsigned char *, RSA *, int)) dlsym(RTLD_DEFAULT, "RSA_private_encrypt");
int paddding = pkcs1padding ? RSA_PKCS1_PADDING : RSA_NO_PADDING;
siglen = RSA_private_encrypt_dyn(datalen,(unsigned char*) data,sigret,pkey->pkey.rsa, paddding);
if (siglen < 0)
{
ERR_get_error_dyn = (unsigned long (*)()) dlsym(RTLD_DEFAULT, "ERR_get_error");
ERR_error_string_n_dyn = (void (*)(unsigned long, char *, size_t)) dlsym(RTLD_DEFAULT, "ERR_error_string_n");
ERR_error_string_n_dyn(ERR_get_error_dyn(), opensslerr ,1024);
jniThrowException(env, "java/security/InvalidKeyException", opensslerr);
ERR_print_errors_fp_dyn = (void (*)(FILE *)) dlsym(RTLD_DEFAULT, "ERR_print_errors_fp");
ERR_print_errors_fp_dyn(stderr);
return NULL;
}
jbyteArray jb;
jb =env->NewByteArray(siglen);
env->SetByteArrayRegion(jb, 0, siglen, (jbyte *) sigret);
free(sigret);
return jb;
}

5
main/src/main/java/de/blinkt/openvpn/core/LocaleHelper.java
View File

@ -62,10 +62,7 @@ public class LocaleHelper {
Configuration config = new Configuration(res.getConfiguration());
if(Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1)
config.setLocale(desiredLocale);
else
config.locale = desiredLocale;
config.setLocale(desiredLocale);
res.updateConfiguration(config, res.getDisplayMetrics());
}

4
main/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
View File

@ -53,10 +53,6 @@ public class NativeUtils {
static {
if (!isRoboUnitTest()) {
System.loadLibrary("ovpnutil");
if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN)
System.loadLibrary("jbcrypto");
if (!BuildConfig.FLAVOR.equals("skeleton")) {
System.loadLibrary("osslspeedtest");
}

29
main/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
View File

@ -336,35 +336,6 @@ public class NetworkSpace {
ips.add(ia);
}
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) {
// Include postive routes from the original set under < 4.4 since these might overrule the local
// network but only if no smaller negative route exists
for (IpAddress origIp : mIpAddresses) {
if (!origIp.included)
continue;
// The netspace exists
if (ipsSorted.contains(origIp))
continue;
boolean skipIp = false;
// If there is any smaller net that is excluded we may not add the positive route back
for (IpAddress calculatedIp : ipsSorted) {
if (!calculatedIp.included && origIp.containsNet(calculatedIp)) {
skipIp = true;
break;
}
}
if (skipIp)
continue;
// It is safe to include the IP
ips.add(origIp);
}
}
return ips;
}

27
main/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
View File

@ -276,10 +276,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
// Try to set the priority available since API 16 (Jellybean)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
jbNotificationExtras(priority, nbuilder);
addVpnActionsToNotification(nbuilder);
}
jbNotificationExtras(priority, nbuilder);
addVpnActionsToNotification(nbuilder);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
lpNotificationExtras(nbuilder, Notification.CATEGORY_SERVICE);
@ -360,7 +358,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
}
@TargetApi(Build.VERSION_CODES.JELLY_BEAN)
private void jbNotificationExtras(int priority,
android.app.Notification.Builder nbuilder) {
try {
@ -381,7 +378,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN)
private void addVpnActionsToNotification(Notification.Builder nbuilder) {
Intent disconnectVPN = new Intent(this, DisconnectVPN.class);
disconnectVPN.setAction(DISCONNECT_VPN);
@ -442,9 +438,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
registerReceiver(mDeviceStateReceiver, filter);
VpnStatus.addByteCountListener(mDeviceStateReceiver);
/*if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
addLollipopCMListener(); */
}
synchronized void unregisterDeviceStateReceiver(DeviceStateReceiver deviceStateReceiver) {
@ -458,9 +451,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
// Ignore for now ...
iae.printStackTrace();
}
/*if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
removeLollipopCMListener();*/
}
public void userPause(boolean shouldBePaused) {
@ -943,9 +933,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
} catch (Exception e) {
VpnStatus.logError(R.string.tun_open_error);
VpnStatus.logError(getString(R.string.error) + e.getLocalizedMessage());
if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.JELLY_BEAN_MR1) {
VpnStatus.logError(R.string.tun_error_helpful);
}
return null;
}
@ -983,10 +970,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
if (ipAddr.equals(mLocalIP.mIp))
continue;
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT && !mProfile.mAllowLocalLAN) {
mRoutes.addIPSplit(new CIDRIP(ipAddr, netMask), true);
} else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && mProfile.mAllowLocalLAN)
if(mProfile.mAllowLocalLAN)
mRoutes.addIP(new CIDRIP(ipAddr, netMask), false);
}
@ -1377,10 +1361,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
VpnStatus.updateStateString("USER_INPUT", "waiting for user input", reason, LEVEL_WAITING_FOR_USER_INPUT, intent);
nbuilder.setContentIntent(pIntent);
// Try to set the priority available since API 16 (Jellybean)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN)
jbNotificationExtras(PRIORITY_MAX, nbuilder);
jbNotificationExtras(PRIORITY_MAX, nbuilder);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
lpNotificationExtras(nbuilder, Notification.CATEGORY_STATUS);

5
main/src/main/java/de/blinkt/openvpn/core/OpenVPNStatusService.java
View File

@ -101,10 +101,7 @@ public class OpenVPNStatusService extends Service implements VpnStatus.LogListen
return pipe[0];
} catch (IOException e) {
e.printStackTrace();
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH_MR1) {
throw new RemoteException(e.getMessage());
}
return null;
throw new RemoteException(e.getMessage());
}
}

2
main/src/main/res/values/strings.xml
View File

@ -358,7 +358,6 @@
<string name="ab_tethering_44">Tethering works while the VPN is active. The tethered connection will NOT use the VPN.</string>
<string name="ab_kitkat_mss">Early KitKat version set the wrong MSS value on TCP connections (#61948). Try to enable the mssfix option to workaround this bug.</string>
<string name="ab_proxy">Android will keep using your proxy settings specified for the mobile/Wi-Fi connection when no DNS servers are set. OpenVPN for Android will warn you about this in the log.<p>When a VPN sets a DNS server Android will not use a proxy. There is no API to set a proxy for a VPN connection.</p></string>
<string name="ab_lollipop_reinstall">VPN apps may stop working when uninstalled and reinstalled again. For details see #80074</string>
<string name="ab_not_route_to_vpn">The configured client IP and the IPs in its network mask are not routed to the VPN. OpenVPN works around this bug by explicitly adding a route that corrosponds to the client IP and its netmask</string>
<string name="ab_persist_tun">Opening a tun device while another tun device is active, which is used for persist-tun support, crashes the VPNServices on the device. A reboot is required to make VPN work again. OpenVPN for Android tries to avoid reopening the tun device and if really needed first closes the current TUN before opening the new TUN device to avoid to crash. This may lead to a short window where packets are sent over the non-VPN connection. Even with this workaround the VPNServices sometimes crashes and requires a reboot of the device.</string>
<string name="ab_secondary_users">VPN does not work at all for secondary users.</string>
@ -366,7 +365,6 @@
<string name="ab_vpn_reachability_44">Only destination can be reached over the VPN that are reachable without VPN. IPv6 VPNs does not work at all.</string>
<string name="ab_only_cidr_title">Non CIDR Routes</string>
<string name="ab_proxy_title">Proxy behaviour for VPNs</string>
<string name="ab_lollipop_reinstall_title">Reinstalling VPN apps</string>
<string name="version_upto">%s and earlier</string>
<string name="copy_of_profile">Copy of %s</string>
<string name="ab_not_route_to_vpn_title">Route to the configured IP address</string>

2
main/src/ui/java/de/blinkt/openvpn/fragments/FaqFragment.java
View File

@ -127,8 +127,6 @@ public class FaqFragment extends Fragment {
new FAQEntry(Build.VERSION_CODES.ICE_CREAM_SANDWICH, -1, R.string.faq_androids_clients_title, R.string.faq_android_clients),
new FAQEntry(Build.VERSION_CODES.LOLLIPOP, Build.VERSION_CODES.LOLLIPOP_MR1, R.string.ab_lollipop_reinstall_title, R.string.ab_lollipop_reinstall),
new FAQEntry(Build.VERSION_CODES.ICE_CREAM_SANDWICH, Build.VERSION_CODES.JELLY_BEAN_MR2, R.string.vpn_tethering_title, R.string.faq_tethering),
new FAQEntry(Build.VERSION_CODES.ICE_CREAM_SANDWICH, Build.VERSION_CODES.JELLY_BEAN_MR2, R.string.broken_images, R.string.broken_images_faq),