| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Fixes #1410.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
An old (already rekeyed) CHILD_SA would get switched back into CHILD_REKEYING
state. And we actually want to change the currently installed CHILD_SA to
that state and later CHILD_REKEYED and properly call e.g. child_rekey() and
not do this again with an old CHILD_SA. Instead let's only check installed
or currently rekeying CHILD_SAs (in case of a rekey collision). It's also
uncommon that there is a CHILD_SA in state CHILD_REKEYED but none in state
CHILD_INSTALLED or CHILD_REKEYING, which could happen if e.g. a peer deleted
and recreated a CHILD_SA after a rekeying. But in that case we don't want
to treat the new CHILD_SA as rekeying (e.g. in regards to events on the bus).
|
| |
|
|
| |
Fixes #1421.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
When certificates are imported via Storage Access Framework we did handle
the selection directly in onActivityResult(). However, at that point the
activity might apparently not yet be resumed. So committing
FragmentTransactions could result in IllegalStateExceptions due to the
potential state loss. To avoid that we cache the returned URI and wait
until onPostResume() to make sure the activity's state is fully restored
before showing the confirmation dialog.
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
limits
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes an interoperability issue with Windows Server 2012 R2 gateways.
They insist on using modp1024 for IKE, however, Microsoft's IKEv2
implementation seems only to consider the first 15 DH groups in the proposal.
Depending on the loaded plugins modp1024 is now at position 17 or even
later, causing the server to reject the proposal. By removing some of
the weaker and rarely used DH groups from the default proposal we make
sure modp1024 is among the first 15 DH groups. The removed groups may
still be used by configuring custom proposals.
|
| |
|
|
|
| |
In the profile editor the password is now marked as optional in the
label, which looks a bit strange in the login dialog.
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Removes the progress dialogs while connecting/disconnecting, updates
the VPN profile editor (floating labels, helper texts) and allows
configuration of the remote identity (disables loose identity matching),
and selection of the local identity if certificates are used.
Also fixes an issue when redirected during IKE_AUTH and increases the
NAT-T keepalive interval.
Fixes #1403.
|
| | |
| |
| |
| | |
This also readds the colons that were removed from the labels.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
Duplicates (e.g. with different types) are filtered. If necessary we
could later perhaps add a prefix.
|
| | |
| |
| |
| |
| | |
This makes it easy to explicitly use the server's IP/hostname as remote
identity or use it in the profile name.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
This adds floating labels and helper texts to the form fields. It also
changed/added lots of strings in the editor.
|
| | |
| |
| |
| |
| |
| | |
the text field
Also hides the error message if the text is changed.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
We still default to the username or subject DN if none is configured.
But we don't check if the local ID is contained in the configured
certificate.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
If one is explicitly set we don't use loose identity matching and send it as
IDr to the server.
Closes #strongswan/strongswan#29.
Fixes #1268.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
onSaveInstanceState is apparently called after pausing the fragment and after
that committing any FragmentTransactions causes an IllegalStateException.
We could use commitAllowingStateLoss() but that's not really necessary
as we don't need to update when we are not active anyway. We also don't
update the view directly after registration as this happens
asynchronously, i.e. we might be paused when it finishes.
|
| | |
| |
| |
| |
| |
| | |
In case this doesn't work out we could probably make it configurable.
References #1326.
|
| | | |
|
| | |
| |
| |
| |
| | |
Instead we use a ProgressBar directly in the fragment and use the
existing button to cancel the process.
|
| | |
| |
| |
| |
| |
| | |
Because the support library creates its own layout manually and uses
different IDs than the list_content layout we can't use the method we
used previously (and which is actually recommended in the docs).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
warnings
For instance, onAttach() with an Activitiy as first argument was deprecated
with API level 23. However, the overload with a Context as first argument
does obviously not get called on older API levels. Luckily, the classes
provided by the support library handle that for us.
|
| | | |
|
| | |
| |
| |
| |
| | |
This avoids issues with recursion, which could have happened if the
strongswan directory was a symlink.
|
| |/ |
|
| |\
| |
| |
| |
| | |
This migrates some deprecated Android APIs to replacements provided by
the support library. This also changes the theme slightly.
|
| | |
| |
| |
| |
| | |
This adds a workaround for an issue on older platforms where the list is
not properly styled with colorAccent. Similarly applies to borderless buttons.
|
| | |
| |
| |
| |
| | |
When using the application context theme customizations wouldn't get
applied for some reason.
|
| | |
| |
| |
| |
| |
| | |
The term "gateway" is unfamiliar for most new users (or they confuse it
with the default gateway of their network) but they usually know that
they want to connect to a "server".
|
| | |
| |
| |
| |
| |
| |
| | |
This mainly changes the color of the appbar (colorPrimary), the color
of the status bar (colorPrimaryDark) is black like the default.
The accent color (colorAccent) used for controls like buttons and check
boxes is a slightly toned down version of the default.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Instead we use TabLayout and ViewPager from the support libraries.
|
| | |
| |
| |
| | |
No need to manually reset the fragments anymore.
|
