diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-06-29 12:58:58 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-07-03 10:37:09 +0200 |
| commit | 3f0592d0fdf372214df4bc8f7c3e5f00bdd59f8c (patch) | |
| tree | 6ab3986f28366fe2e6b1f7af0edfc2604684a869 /src/frontends | |
| parent | 0204374e2119e71f66787dd820d6220eb62c24ba (diff) | |
| download | strongswan-3f0592d0fdf372214df4bc8f7c3e5f00bdd59f8c.tar.bz2 strongswan-3f0592d0fdf372214df4bc8f7c3e5f00bdd59f8c.tar.xz | |
android: Add flag to suppress sending certificate requests
Diffstat (limited to 'src/frontends')
3 files changed, 6 insertions, 1 deletions
diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java b/src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java index df9eb72d2..f4e2899d1 100644 --- a/src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java +++ b/src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java @@ -30,6 +30,7 @@ public class VpnProfile implements Cloneable /* While storing this as EnumSet would be nicer this simplifies storing it in a database */ public static final int SPLIT_TUNNELING_BLOCK_IPV4 = 1; public static final int SPLIT_TUNNELING_BLOCK_IPV6 = 2; + public static final int FLAGS_SUPPRESS_CERT_REQS = 1; private String mName, mGateway, mUsername, mPassword, mCertificate, mUserCertificate; private String mRemoteId, mLocalId, mExcludedSubnets, mIncludedSubnets, mSelectedApps; diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java index d8b4b4e44..235681772 100644 --- a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java +++ b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java @@ -258,6 +258,7 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe writer.setValue("connection.password", mCurrentProfile.getPassword()); writer.setValue("connection.local_id", mCurrentProfile.getLocalId()); writer.setValue("connection.remote_id", mCurrentProfile.getRemoteId()); + writer.setValue("connection.certreq", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_SUPPRESS_CERT_REQS) == 0); initiate(writer.serialize()); } else diff --git a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c index 33585df32..b43507caf 100644 --- a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c +++ b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c @@ -737,11 +737,14 @@ static job_requeue_t initiate(private_android_service_t *this) }; char *type, *server, *remote_id; int port; + bool certreq; server = this->settings->get_str(this->settings, "connection.server", NULL); port = this->settings->get_int(this->settings, "connection.port", IKEV2_UDP_PORT); - ike_cfg = ike_cfg_create(IKEV2, TRUE, TRUE, "0.0.0.0", + certreq = this->settings->get_bool(this->settings, "connection.certreq", + TRUE); + ike_cfg = ike_cfg_create(IKEV2, certreq, TRUE, "0.0.0.0", charon->socket->get_port(charon->socket, FALSE), server, port, FRAGMENTATION_YES, 0); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); |