sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-03 00:00:24 -04:00
Code Issues Projects Releases Wiki Activity

android: Imported VPN profile files may contain passwords

Browse Source 
A warning is displayed to the users, reminding them that there is a
cleartext password in the file.
This commit is contained in:
Tobias Brunner 2025-02-18 13:26:08 +01:00
parent 0b6d42661d
commit a47e282d09
9 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/frontends/android/app/src/main/java/org/strongswan/android/ui/VpnProfileImportActivity.java
View File

@ -99,6 +99,7 @@ public class VpnProfileImportActivity extends AppCompatActivity
private boolean mHideImport;
private androidx.core.widget.ContentLoadingProgressBar mProgressBar;
private TextView mExistsWarning;
private TextView mSharedSecretWarning;
private ViewGroup mBasicDataGroup;
private TextView mName;
private TextView mGateway;
@ -206,6 +207,7 @@ public class VpnProfileImportActivity extends AppCompatActivity
mProgressBar = findViewById(R.id.progress_bar);
mExistsWarning = findViewById(R.id.exists_warning);
mSharedSecretWarning = findViewById(R.id.shared_secret_warning);
mBasicDataGroup = findViewById(R.id.basic_data_group);
mName = findViewById(R.id.name);
mGateway = findViewById(R.id.gateway);
@ -224,6 +226,7 @@ public class VpnProfileImportActivity extends AppCompatActivity
mRemoteCert = findViewById(R.id.remote_certificate);
mExistsWarning.setVisibility(View.GONE);
mSharedSecretWarning.setVisibility(View.GONE);
mBasicDataGroup.setVisibility(View.GONE);
mUsernamePassword.setVisibility(View.GONE);
mUserCertificate.setVisibility(View.GONE);
@ -400,10 +403,16 @@ public class VpnProfileImportActivity extends AppCompatActivity
if (mProfile.getVpnType().has(VpnTypeFeature.USER_PASS))
{
mUsername.setText(mProfile.getUsername());
if (mProfile.getUsername() != null && !mProfile.getUsername().isEmpty())
if (!TextUtils.isEmpty(mProfile.getUsername()))
{
mUsername.setEnabled(false);
}
mPassword.setText(mProfile.getPassword());
if (!TextUtils.isEmpty(mProfile.getPassword()))
{
mPassword.setEnabled(false);
mSharedSecretWarning.setVisibility(View.VISIBLE);
}
}
mUserCertificate.setVisibility(mProfile.getVpnType().has(VpnTypeFeature.CERTIFICATE) ? View.VISIBLE : View.GONE);
@ -523,6 +532,7 @@ public class VpnProfileImportActivity extends AppCompatActivity
if (type.has(VpnTypeFeature.USER_PASS))
{
profile.setUsername(local.optString("eap_id", null));
profile.setPassword(local.optString("shared_secret", null));
}
if (type.has(VpnTypeFeature.CERTIFICATE))

14
src/frontends/android/app/src/main/res/layout/profile_import_view.xml
View File

@ -47,6 +47,20 @@
android:textAppearance="?android:attr/textAppearanceSmall"
android:textColor="?android:attr/textColorPrimary" />
<TextView
android:id="@+id/shared_secret_warning"
android:background="@drawable/state_background"
android:padding="8dp"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_marginBottom="8dp"
app:drawableStartCompat="@android:drawable/ic_dialog_alert"
android:drawablePadding="8dp"
android:textStyle="bold"
android:text="@string/profile_import_shared_secret"
android:textAppearance="?android:attr/textAppearanceSmall"
android:textColor="?android:attr/textColorPrimary" />
<LinearLayout
android:id="@+id/basic_data_group"
android:layout_width="match_parent"

1
src/frontends/android/app/src/main/res/values-de/strings.xml
View File

@ -136,6 +136,7 @@
<string name="profile_import_failed_tls">TLS-Handshake fehlgeschlagen</string>
<string name="profile_import_failed_value">Ungültiger Wert in \"%1$s\"</string>
<string name="profile_import_exists">Dieses VPN Profil existiert bereits, die bestehenden Einstellungen werden ersetzt.</string>
<string name="profile_import_shared_secret">Diese Datei enthält ein Klartext-Passwort. Denken Sie daran, sie nach dem Importieren zu löschen.</string>
<string name="profile_cert_import">Zertifikat aus VPN Profil importieren</string>
<string name="profile_cert_alias">Zertifikat für \"%1$s\"</string>
<string name="profile_profile_id">Profil-ID</string>

1
src/frontends/android/app/src/main/res/values-pl/strings.xml
View File

@ -138,6 +138,7 @@
<string name="profile_import_failed_tls">TLS handshake failed</string>
<string name="profile_import_failed_value">Invalid value in \"%1$s\"</string>
<string name="profile_import_exists">This VPN profile already exists, its current settings will be replaced.</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">Import certificate from VPN profile</string>
<string name="profile_cert_alias">Certificate for \"%1$s\"</string>
<string name="profile_profile_id">Profile ID</string>

1
src/frontends/android/app/src/main/res/values-ru/strings.xml
View File

@ -132,6 +132,7 @@
<string name="profile_import_failed_tls">TLS handshake failed</string>
<string name="profile_import_failed_value">Invalid value in \"%1$s\"</string>
<string name="profile_import_exists">This VPN profile already exists, its current settings will be replaced.</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">Import certificate from VPN profile</string>
<string name="profile_cert_alias">Certificate for \"%1$s\"</string>
<string name="profile_profile_id">Profile ID</string>

1
src/frontends/android/app/src/main/res/values-uk/strings.xml
View File

@ -133,6 +133,7 @@
<string name="profile_import_failed_tls">TLS handshake failed</string>
<string name="profile_import_failed_value">Invalid value in \"%1$s\"</string>
<string name="profile_import_exists">This VPN profile already exists, its current settings will be replaced.</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">Import certificate from VPN profile</string>
<string name="profile_cert_alias">Certificate for \"%1$s\"</string>
<string name="profile_profile_id">Profile ID</string>

1
src/frontends/android/app/src/main/res/values-zh-rCN/strings.xml
View File

@ -132,6 +132,7 @@
<string name="profile_import_failed_tls">TLS握手失败</string>
<string name="profile_import_failed_value">无效的值: \"%1$s\"</string>
<string name="profile_import_exists">此VPN配置已经存在当前设定将被覆盖。</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">从VPN配置导入证书</string>
<string name="profile_cert_alias">\"%1$s\" 所对应的证书</string>
<string name="profile_profile_id">配置文件ID</string>

1
src/frontends/android/app/src/main/res/values-zh-rTW/strings.xml
View File

@ -132,6 +132,7 @@
<string name="profile_import_failed_tls">TLS連線失敗</string>
<string name="profile_import_failed_value">Invalid value in \"%1$s\"</string>
<string name="profile_import_exists">這個VPN設定檔已經存在當前設定檔會被覆蓋。</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">從VPN設定檔匯入憑證</string>
<string name="profile_cert_alias">\"%1$s\" 對應的憑證</string>
<string name="profile_profile_id">Profile ID</string>

1
src/frontends/android/app/src/main/res/values/strings.xml
View File

@ -136,6 +136,7 @@
<string name="profile_import_failed_tls">TLS handshake failed</string>
<string name="profile_import_failed_value">Invalid value in \"%1$s\"</string>
<string name="profile_import_exists">This VPN profile already exists, its current settings will be replaced.</string>
<string name="profile_import_shared_secret">This file contains a cleartext password. Remember to delete it after importing.</string>
<string name="profile_cert_import">Import certificate from VPN profile</string>
<string name="profile_cert_alias">Certificate for \"%1$s\"</string>
<string name="profile_profile_id">Profile ID</string>