android: Add new VpnType to enable BYOD features
authorTobias Brunner <tobias@strongswan.org>
Wed, 19 Jun 2013 10:41:09 +0000 (12:41 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 8 Jul 2013 16:49:30 +0000 (18:49 +0200)
src/frontends/android/jni/libandroidbridge/backend/android_service.c
src/frontends/android/res/values-de/arrays.xml
src/frontends/android/res/values-pl/arrays.xml
src/frontends/android/res/values-ru/arrays.xml
src/frontends/android/res/values-ua/arrays.xml
src/frontends/android/res/values/arrays.xml
src/frontends/android/src/org/strongswan/android/data/VpnType.java
src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java

index b221865..c35d348 100644 (file)
@@ -464,13 +464,18 @@ METHOD(listener_t, ike_reestablish, bool,
 }
 
 static void add_auth_cfg_eap(private_android_service_t *this,
-                                                        peer_cfg_t *peer_cfg)
+                                                        peer_cfg_t *peer_cfg, bool byod)
 {
        identification_t *user;
        auth_cfg_t *auth;
 
        auth = auth_cfg_create();
        auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
+       if (byod)
+       {       /* use EAP-TTLS if BYOD is enabled */
+               auth->add(auth, AUTH_RULE_EAP_TYPE, EAP_TTLS);
+       }
+
        user = identification_create_from_string(this->username);
        auth->add(auth, AUTH_RULE_IDENTITY, user);
 
@@ -549,9 +554,10 @@ static job_requeue_t initiate(private_android_service_t *this)
                }
        }
        if (streq("ikev2-eap", this->type) ||
-               streq("ikev2-cert-eap", this->type))
+               streq("ikev2-cert-eap", this->type) ||
+               streq("ikev2-byod-eap", this->type))
        {
-               add_auth_cfg_eap(this, peer_cfg);
+               add_auth_cfg_eap(this, peer_cfg, strpfx(this->type, "ikev2-byod"));
        }
 
        /* remote auth config */
index d0117b2..30578c0 100644 (file)
@@ -19,5 +19,6 @@
         <item>IKEv2 EAP (Benutzername/Passwort)</item>
         <item>IKEv2 Zertifikat</item>
         <item>IKEv2 Zertifikat + EAP (Benutzername/Passwort)</item>
+        <item>IKEv2 EAP-TNC (Benutzername/Passwort)</item>
     </string-array>
 </resources>
\ No newline at end of file
index 1b74b2e..1a04cbf 100644 (file)
@@ -19,5 +19,6 @@
         <item>IKEv2 EAP (użytkownik/hasło)</item>
         <item>IKEv2 certyfikat</item>
         <item>IKEv2 certyfikat + EAP (użytkownik/hasło)</item>
+        <item>IKEv2 EAP-TNC (użytkownik/hasło)</item>
     </string-array>
 </resources>
\ No newline at end of file
index 55144f2..713f8e4 100644 (file)
@@ -18,5 +18,6 @@
         <item>IKEv2 EAP (Логин/Пароль)</item>
         <item>IKEv2 Сертификат</item>
         <item>IKEv2 Сертификат + EAP (Логин/Пароль)</item>
+        <item>IKEv2 EAP-TNC (Логин/Пароль)</item>
     </string-array>
 </resources>
index 490fea5..4bd92fe 100644 (file)
@@ -18,5 +18,6 @@
         <item>IKEv2 EAP (Логін/Пароль)</item>
         <item>IKEv2 Сертифікати</item>
         <item>IKEv2 Сертифікати + EAP (Логін/Пароль)</item>
+        <item>IKEv2 EAP-TNC (Логін/Пароль)</item>
     </string-array>
 </resources>
index 1ac4cc2..29f999d 100644 (file)
@@ -19,5 +19,6 @@
         <item>IKEv2 EAP (Username/Password)</item>
         <item>IKEv2 Certificate</item>
         <item>IKEv2 Certificate + EAP (Username/Password)</item>
+        <item>IKEv2 EAP-TNC (Username/Password)</item>
     </string-array>
 </resources>
\ No newline at end of file
index 47cc1cb..f62c96d 100644 (file)
@@ -20,11 +20,13 @@ public enum VpnType
        /* the order here must match the items in R.array.vpn_types */
        IKEV2_EAP("ikev2-eap", true, false),
        IKEV2_CERT("ikev2-cert", false, true),
-       IKEV2_CERT_EAP("ikev2-cert-eap", true, true);
+       IKEV2_CERT_EAP("ikev2-cert-eap", true, true),
+       IKEV2_BYOD_EAP("ikev2-byod-eap", true, false, true);
 
        private String mIdentifier;
        private boolean mCertificate;
        private boolean mUsernamePassword;
+       private boolean mBYOD;
 
        /**
         * Enum which provides additional information about the supported VPN types.
@@ -35,9 +37,23 @@ public enum VpnType
         */
        VpnType(String id, boolean userpass, boolean certificate)
        {
+               this(id, userpass, certificate, false);
+       }
+
+       /**
+        * Enum which provides additional information about the supported VPN types.
+        *
+        * @param id identifier used to store and transmit this specific type
+        * @param userpass true if username and password are required
+        * @param certificate true if a client certificate is required
+        * @param byod true to enable BYOD features
+        */
+       VpnType(String id, boolean userpass, boolean certificate, boolean byod)
+       {
                mIdentifier = id;
                mUsernamePassword = userpass;
                mCertificate = certificate;
+               mBYOD = byod;
        }
 
        /**
@@ -70,6 +86,16 @@ public enum VpnType
        }
 
        /**
+        * Whether BYOD features should be enabled.
+        *
+        * @return true if BYOD features are to be enabled
+        */
+       public boolean getEnableBYOD()
+       {
+               return mBYOD;
+       }
+
+       /**
         * Get the enum entry with the given identifier.
         *
         * @param identifier get the enum entry with this identifier
index 9274717..a7b8a8c 100644 (file)
@@ -214,7 +214,7 @@ public class CharonVpnService extends VpnService implements Runnable
                                                mIsDisconnecting = false;
 
                                                BuilderAdapter builder = new BuilderAdapter(mCurrentProfile.getName());
-                                               initializeCharon(builder, mLogFile, true);
+                                               initializeCharon(builder, mLogFile, mCurrentProfile.getVpnType().getEnableBYOD());
                                                Log.i(TAG, "charon started");
 
                                                initiate(mCurrentProfile.getVpnType().getIdentifier(),