sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity

android: Ignore empty strings for settings in managed profiles

Browse Source 
Unspecified settings should be set to null, while some MDMs might send
them as empty strings, which could cause issues (like an empty password
or trying to parse an empty DNS server address).
This commit is contained in:
Tobias Brunner 2025-02-04 15:53:46 +01:00
parent 4f808cb2b0
commit 10d8b66f05
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/frontends/android/app/src/main/java/org/strongswan/android/data/ManagedVpnProfile.java
View File

@ -68,9 +68,9 @@ public class ManagedVpnProfile extends VpnProfile
setMTU(getInt(bundle, VpnProfileDataSource.KEY_MTU, Constants.MTU_MIN, Constants.MTU_MAX)); setMTU(getInt(bundle, VpnProfileDataSource.KEY_MTU, Constants.MTU_MIN, Constants.MTU_MAX));
setNATKeepAlive(getInt(bundle, VpnProfileDataSource.KEY_NAT_KEEPALIVE, Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX)); setNATKeepAlive(getInt(bundle, VpnProfileDataSource.KEY_NAT_KEEPALIVE, Constants.NAT_KEEPALIVE_MIN, Constants.NAT_KEEPALIVE_MAX));
setIkeProposal(bundle.getString(VpnProfileDataSource.KEY_IKE_PROPOSAL)); setIkeProposal(getString(bundle, VpnProfileDataSource.KEY_IKE_PROPOSAL));
setEspProposal(bundle.getString(VpnProfileDataSource.KEY_ESP_PROPOSAL)); setEspProposal(getString(bundle, VpnProfileDataSource.KEY_ESP_PROPOSAL));
setDnsServers(bundle.getString(VpnProfileDataSource.KEY_DNS_SERVERS)); setDnsServers(getString(bundle, VpnProfileDataSource.KEY_DNS_SERVERS));
flags = addPositiveFlag(flags, bundle, KEY_TRANSPORT_IPV6_FLAG, VpnProfile.FLAGS_IPv6_TRANSPORT); flags = addPositiveFlag(flags, bundle, KEY_TRANSPORT_IPV6_FLAG, VpnProfile.FLAGS_IPv6_TRANSPORT);
final Bundle splitTunneling = bundle.getBundle(VpnProfileDataSource.KEY_SPLIT_TUNNELING); final Bundle splitTunneling = bundle.getBundle(VpnProfileDataSource.KEY_SPLIT_TUNNELING);
@ -79,8 +79,8 @@ public class ManagedVpnProfile extends VpnProfile
splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV4_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV4); splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV4_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV4);
splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV6_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV6); splitFlags = addPositiveFlag(splitFlags, splitTunneling, KEY_SPLIT_TUNNELLING_BLOCK_IPV6_FLAG, VpnProfile.SPLIT_TUNNELING_BLOCK_IPV6);
setExcludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_EXCLUDED_SUBNETS)); setExcludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_EXCLUDED_SUBNETS));
setIncludedSubnets(splitTunneling.getString(VpnProfileDataSource.KEY_INCLUDED_SUBNETS)); setIncludedSubnets(getString(splitTunneling, VpnProfileDataSource.KEY_INCLUDED_SUBNETS));
} }
setSplitTunneling(splitFlags); setSplitTunneling(splitFlags);
@ -110,7 +110,7 @@ public class ManagedVpnProfile extends VpnProfile
setGateway(remote.getString(VpnProfileDataSource.KEY_GATEWAY)); setGateway(remote.getString(VpnProfileDataSource.KEY_GATEWAY));
setPort(getInt(remote, VpnProfileDataSource.KEY_PORT, 1, 65_535)); setPort(getInt(remote, VpnProfileDataSource.KEY_PORT, 1, 65_535));
setRemoteId(remote.getString(VpnProfileDataSource.KEY_REMOTE_ID)); setRemoteId(getString(remote, VpnProfileDataSource.KEY_REMOTE_ID));
final String certificateData = remote.getString(VpnProfileDataSource.KEY_CERTIFICATE); final String certificateData = remote.getString(VpnProfileDataSource.KEY_CERTIFICATE);
if (!TextUtils.isEmpty(certificateData)) if (!TextUtils.isEmpty(certificateData))
@ -133,9 +133,9 @@ public class ManagedVpnProfile extends VpnProfile
return flags; return flags;
} }
setLocalId(local.getString(VpnProfileDataSource.KEY_LOCAL_ID)); setLocalId(getString(local, VpnProfileDataSource.KEY_LOCAL_ID));
setUsername(local.getString(VpnProfileDataSource.KEY_USERNAME)); setUsername(getString(local, VpnProfileDataSource.KEY_USERNAME));
setPassword(local.getString(VpnProfileDataSource.KEY_PASSWORD)); setPassword(getString(local, VpnProfileDataSource.KEY_PASSWORD));
final String userCertificateData = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE); final String userCertificateData = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE);
final String userCertificatePassword = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE_PASSWORD, ""); final String userCertificatePassword = local.getString(VpnProfileDataSource.KEY_USER_CERTIFICATE_PASSWORD, "");
@ -155,6 +155,12 @@ public class ManagedVpnProfile extends VpnProfile
return value < min || value > max ? null : value; return value < min || value > max ? null : value;
} }
private static String getString(final Bundle bundle, final String key)
{
final String value = bundle.getString(key);
return TextUtils.isEmpty(value) ? null : value;
}
private static int addPositiveFlag(int flags, Bundle bundle, String key, int flag) private static int addPositiveFlag(int flags, Bundle bundle, String key, int flag)
{ {
if (bundle.getBoolean(key)) if (bundle.getBoolean(key))