android: Add new VpnType to enable BYOD features
This commit is contained in:
parent
d27f225d9a
commit
8a5bffb0fe
|
@ -464,13 +464,18 @@ METHOD(listener_t, ike_reestablish, bool,
|
|||
}
|
||||
|
||||
static void add_auth_cfg_eap(private_android_service_t *this,
|
||||
peer_cfg_t *peer_cfg)
|
||||
peer_cfg_t *peer_cfg, bool byod)
|
||||
{
|
||||
identification_t *user;
|
||||
auth_cfg_t *auth;
|
||||
|
||||
auth = auth_cfg_create();
|
||||
auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_EAP);
|
||||
if (byod)
|
||||
{ /* use EAP-TTLS if BYOD is enabled */
|
||||
auth->add(auth, AUTH_RULE_EAP_TYPE, EAP_TTLS);
|
||||
}
|
||||
|
||||
user = identification_create_from_string(this->username);
|
||||
auth->add(auth, AUTH_RULE_IDENTITY, user);
|
||||
|
||||
|
@ -549,9 +554,10 @@ static job_requeue_t initiate(private_android_service_t *this)
|
|||
}
|
||||
}
|
||||
if (streq("ikev2-eap", this->type) ||
|
||||
streq("ikev2-cert-eap", this->type))
|
||||
streq("ikev2-cert-eap", this->type) ||
|
||||
streq("ikev2-byod-eap", this->type))
|
||||
{
|
||||
add_auth_cfg_eap(this, peer_cfg);
|
||||
add_auth_cfg_eap(this, peer_cfg, strpfx(this->type, "ikev2-byod"));
|
||||
}
|
||||
|
||||
/* remote auth config */
|
||||
|
|
|
@ -19,5 +19,6 @@
|
|||
<item>IKEv2 EAP (Benutzername/Passwort)</item>
|
||||
<item>IKEv2 Zertifikat</item>
|
||||
<item>IKEv2 Zertifikat + EAP (Benutzername/Passwort)</item>
|
||||
<item>IKEv2 EAP-TNC (Benutzername/Passwort)</item>
|
||||
</string-array>
|
||||
</resources>
|
|
@ -19,5 +19,6 @@
|
|||
<item>IKEv2 EAP (użytkownik/hasło)</item>
|
||||
<item>IKEv2 certyfikat</item>
|
||||
<item>IKEv2 certyfikat + EAP (użytkownik/hasło)</item>
|
||||
<item>IKEv2 EAP-TNC (użytkownik/hasło)</item>
|
||||
</string-array>
|
||||
</resources>
|
|
@ -18,5 +18,6 @@
|
|||
<item>IKEv2 EAP (Логин/Пароль)</item>
|
||||
<item>IKEv2 Сертификат</item>
|
||||
<item>IKEv2 Сертификат + EAP (Логин/Пароль)</item>
|
||||
<item>IKEv2 EAP-TNC (Логин/Пароль)</item>
|
||||
</string-array>
|
||||
</resources>
|
||||
|
|
|
@ -18,5 +18,6 @@
|
|||
<item>IKEv2 EAP (Логін/Пароль)</item>
|
||||
<item>IKEv2 Сертифікати</item>
|
||||
<item>IKEv2 Сертифікати + EAP (Логін/Пароль)</item>
|
||||
<item>IKEv2 EAP-TNC (Логін/Пароль)</item>
|
||||
</string-array>
|
||||
</resources>
|
||||
|
|
|
@ -19,5 +19,6 @@
|
|||
<item>IKEv2 EAP (Username/Password)</item>
|
||||
<item>IKEv2 Certificate</item>
|
||||
<item>IKEv2 Certificate + EAP (Username/Password)</item>
|
||||
<item>IKEv2 EAP-TNC (Username/Password)</item>
|
||||
</string-array>
|
||||
</resources>
|
|
@ -20,11 +20,13 @@ public enum VpnType
|
|||
/* the order here must match the items in R.array.vpn_types */
|
||||
IKEV2_EAP("ikev2-eap", true, false),
|
||||
IKEV2_CERT("ikev2-cert", false, true),
|
||||
IKEV2_CERT_EAP("ikev2-cert-eap", true, true);
|
||||
IKEV2_CERT_EAP("ikev2-cert-eap", true, true),
|
||||
IKEV2_BYOD_EAP("ikev2-byod-eap", true, false, true);
|
||||
|
||||
private String mIdentifier;
|
||||
private boolean mCertificate;
|
||||
private boolean mUsernamePassword;
|
||||
private boolean mBYOD;
|
||||
|
||||
/**
|
||||
* Enum which provides additional information about the supported VPN types.
|
||||
|
@ -34,10 +36,24 @@ public enum VpnType
|
|||
* @param certificate true if a client certificate is required
|
||||
*/
|
||||
VpnType(String id, boolean userpass, boolean certificate)
|
||||
{
|
||||
this(id, userpass, certificate, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Enum which provides additional information about the supported VPN types.
|
||||
*
|
||||
* @param id identifier used to store and transmit this specific type
|
||||
* @param userpass true if username and password are required
|
||||
* @param certificate true if a client certificate is required
|
||||
* @param byod true to enable BYOD features
|
||||
*/
|
||||
VpnType(String id, boolean userpass, boolean certificate, boolean byod)
|
||||
{
|
||||
mIdentifier = id;
|
||||
mUsernamePassword = userpass;
|
||||
mCertificate = certificate;
|
||||
mBYOD = byod;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -69,6 +85,16 @@ public enum VpnType
|
|||
return mCertificate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether BYOD features should be enabled.
|
||||
*
|
||||
* @return true if BYOD features are to be enabled
|
||||
*/
|
||||
public boolean getEnableBYOD()
|
||||
{
|
||||
return mBYOD;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the enum entry with the given identifier.
|
||||
*
|
||||
|
|
|
@ -214,7 +214,7 @@ public class CharonVpnService extends VpnService implements Runnable
|
|||
mIsDisconnecting = false;
|
||||
|
||||
BuilderAdapter builder = new BuilderAdapter(mCurrentProfile.getName());
|
||||
initializeCharon(builder, mLogFile, true);
|
||||
initializeCharon(builder, mLogFile, mCurrentProfile.getVpnType().getEnableBYOD());
|
||||
Log.i(TAG, "charon started");
|
||||
|
||||
initiate(mCurrentProfile.getVpnType().getIdentifier(),
|
||||
|
|
Loading…
Reference in New Issue