diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000000000000000000000000000000000000..6f8f92c853d08b754280ecbbf5f4043c65db603a --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,16 @@ +image: "0xacab.org:4567/leap/bitmask_android/android-ndk:latest" + +stages: + - build + +before_script: + - git submodule sync --recursive + - git submodule update --init --recursive + +build: + stage: build + script: + - ./gradlew assembleDebug + artifacts: + paths: + - app/build/outputs/ diff --git a/.gitmodules b/.gitmodules index 8bd0f9d5f165798ee38a56885834c6373085499e..7c73874b01e034bb4b04af4a1b9a33d35d9a4ac9 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ [submodule "ics-openvpn"] path = ics-openvpn branch = bitmask - url = git@github.com:parmegv/ics-openvpn.git + url = https://github.com/parmegv/ics-openvpn.git diff --git a/README.md b/README.md index f1921e1080d60aae7ab608c4a8d625714b4e9b20..20711e6351a18586653a61b5151bc3e5b97373e5 100644 --- a/README.md +++ b/README.md @@ -1,93 +1,469 @@ -# Bitmask Android App +# Bitmask Android Client + +This repository contains the source code for the [Bitmask](https://bitmask.net/) Android client. Bitmask Android offers one-click free VPN service from trusted providers of the LEAP stack. + +To lean about the stack, visit [leap.se](https://leap.se). + +Please see the [issues](https://0xacab.org/leap/bitmask_android/issues) section to report any bugs or feature requests, and to see the list of known issues. + +# Table Of Contents + +* [License](#license) +* [Installing](#installing) + * [JDK](#jdk) + * [C Libraries](#c-libraries) + * [Android SDK](#android-sdk) + * [With Android Studio](#with-android-studio) + * [With Bash](#with-bash) + * [Updating Your PATH](#updating-your-path) + * [With Docker](#with-docker) + * [Submodules](#submodules) +* [Compiling](#compiling) + * [Just Build It!](#just-build-it) + * [Debug APKs](#debug-apks) + * [Release APKs](#release-apks) + * [Signed Release APKs](#signed-release-apks) +* [Running Tests](#running-tests) +* [Debugging in an Emulator](#debugging-in-an-emulator) + * [From Android Studio](#from-android-studio) + * [From The Shell](#from-the-shell) + * [Debian Gotchas](#debian-gotchas) + * [Virtualization Not Enabled](#virtualization-not-enabled) + * [Unpatched Filepaths Bug](#unpatched-filepaths-bug) + * [Outdated GL Libraries](#outdated-gl-libraries) +* [Updating Submodules](#updating-submodules) +* [Acknowledgments](#acknowledgments) +* [Contributing](#contributing) + +## License -This repository contains the source code for the [Bitmask](https://bitmask.net/) Android app. +* [See LICENSE file](https://github.com/leapcode/bitmask_android/blob/master/LICENSE.txt) -Please see the [issues](https://github.com/leapcode/bitmask_android/issues) section to -report any bugs or feature requests and to see the list of known issues. -## License +## Installing -* [See LICENSE file](https://github.com/leapcode/bitmask_android/blob/master/LICENSE.txt) +We will assume for convenience that you are installing on a Debian- or Ubuntu-based GNU/Linux machine. (Patches welcome with instructions for Mac, Windows, or other GNU/Linux distributions!) + +The Bitmask Android Client has the following system-level dependencies: + +* JDK v. 1.8 +* Assorted 32-bit C libraries +* Android SDK Tools, v. 25.2.5, with these packages: + * Platform-Tools, v. 25.0.2 + * Build-Tools, API v. 23-25 + * Platforms 23-25 + * Android Support Repository + * Google Support Repository + * NDK v. r12b (enables C code in Android) +* For running the app in an emulator, you will also need these packages: + * Android Emulator + * System Images for Android APIs 23-25 +* The ICS-OpenVpn submodule + +You can install them as follows: + +### JDK + +Install with: + +```bash +sudo apt install default-jdk +``` + +### C Libraries + +These are necessary to make sure the program cross-compiles to 32-bit architectures successfully from 64-bit GNU/Linux machines: + +``` +sudo apt make gcc file install lib32stdc++ lib32z1 +``` + +### Android SDK + +#### With Android Studio + +All of the Android SDK and NDK packages are downloadable through Android Studio, which (sadly) is probably the most hassle-free way to go about things. + +You can download Android studio here: + +https://developer.android.com/studio/index.html + +Once you've got it installed, use the `SDK Manager` tool (Android figure Icon with blue arrow second from the right in the tool pane) to download all the Android SDK and NDK depencencies listed above. + +#### With Bash + +Alternatley (eg: for build machines), you may download and unzip the `android-sdk` bundle from Google as follows (assuming an install location of `/opt/android-sdk-linux`: + +``` +curl -L https://dl.google.com/android/android-sdk_r25.2.5-linux.zip -o sdk-tools.zip \ + && unzip -q sdk-tools.zip -d /opt/android-sdk-linux \ + && rm -f sdk-tools.zip +``` + +To download the NDK (for cross-compiling and running the C code used in `ics-openvpn`), use: + +``` +curl -L http://dl.google.com/android/repository/android-ndk-r12b-linux-x86_64.zip -o ndk.zip \ + && unzip ndk.zip -d /opt/android-sdk-linux/android-ndk-r12b \ + && rm -rf ndk.zip +``` + +After updating your PATH (see next step), you may now use the `sdkmanager` tool bundled with `android-sdk` to browse and install new sdk packages from Google. + +To browse all available packages, run: + +```shell +sdkmanager --list +``` + +To search for available packages of a certain type (eg: `tools`), run: + +```shell +sdkmanager --list | grep tools +``` + +To install all of the dependencies listed above (targetting SDK versions 23 - 25), run: + +```shell +sdkmanager tools +sdkmanager platform-tools +sdkmanager extras;android;m2repository +sdkmanager extras;google;m2repository +sdkmanager build-tools;25.0.2 +sdkmanager build-tools;24.0.3 +sdkmanager build-tools;23.0.3 +sdkmanager platforms;android-25 +sdkmanager platforms;android-24 +sdkmanager platforms;android-23 +``` -## Build Requirements +#### Updating Your Path -Install from developer.android.com: +Once you've installed Android SDK & NDK packages, you need to modify your PATH so you can invoke all the programs you just installed. You can do that with something like the following in your `~/.shellrc` or `~/.bash_profile`: -* Android SDK, API 17: http://developer.android.com/sdk/index.html -* Android NDK, r9d: http://developer.android.com/tools/sdk/ndk/index.html +```shell +export ANDROID_HOME= +export ANDROID_NDK_HOME=$ANDROID_HOME/ndk-bundle +export PATH=$ANDROID_NDK_HOME:$PATH +export PATH=$ANDROID_HOME/platform-tools:$PATH +export PATH=$ANDROID_HOME/tools/bin:$PATH +``` -Make sure add the necessary android tools to your bin path. For example, assuming you installed -the SDK and NDK to `~/dev` on a linux machine, you would add this to your path: +NOTE: On GNU/Linux machines, Android Studio installs the Android SDK in `~/Android/Sdk/`. Our dockerfile installs it in `/opt/android-sdk-linux`. You can install it wherever you want! Just be sure to remember where so you can add it to your PATH! :) - ~/dev/android-sdk-linux/tools - ~/dev/android-sdk-linux/platform-tools - ~/dev/android-ndk-r9d +#### With Docker -Installable via `android` command (SDK Manager): +Geesh! If all that above seems like a lot, it is! -* Android SDK Build-tools, 19.0.3 -* Android Support Repository, 4+ +To keep ourselves from messing it up all the time everyone someone new joins the project, we made a Dockerfile that creates the above environment with one line. You can pull the image and run builds from inside it, or consult the [Dockerfile](/docker/android-sdk.dockerfile) itself for requirements that your system might need but be missing. -We need Mercurial: -* Mercurial: http://mercurial.selenic.com/downloads +Assuming you've already [installed docker](https://docs.docker.com/engine/installation/), you can pull the image with: -Finally, install a java compiler. For example: +``` shell +docker pull 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest +``` - sudo apt-get install default-jdk +Run the image with: -### Build native sources +``` shell +docker run --rm -it 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest +``` +More likely than not, you'll want to run the image with the source code mounted. You can do that with: -To build NDK sources, you need to issue these commands: +``` shell +cd +docker run --rm -it -v`pwd`:/bitmask_android -t 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest +``` - cd app - ./build-native.sh - cd .. (to get back to the project directory) -### Compiling from the command line -#### Signed APK +### Submodules -If you want to release a signed APK, you'll have to create a gradle.properties file in the project root with the following structure: - - storeFileProperty=fullPath - storePasswordProperty=store password without quotation marks - keyAliasProperty=key alias without quotation marks - keyPasswordProperty=key password without quotation marks - -#### Actual command - ./gradlew build +We depend on [ics-openvpn](https://github.com/schwabe/ics-openvpn) as an interface to Android's OpenVPN implementation. We include it as a [git submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules) in our project, which requires that we initialize and update it (and its respective upstream submodule dependencies) in order to compile and run Bitmask Android. -The resulting apk(s) will be in `app/build/apk`. +We do so with: -### Using Android Studio +```bash +cd +git submodule init +git submodule update --init --recursive +``` -* `Import project` => select bitmask_android top folder +## Compiling -## Running tests +You have lots of options for compiling, all of which will output Android-executable `apk` packages to `/bitmask_android/app/build/outputs/apk/`. + +### Just Build It! + +You are welcome to run: + +``` +./gradlew build +``` + +This will compile the code and run the tests, but not output any `apk` packages. As such, it's not all that useful. :) + +### Debug APKs + +To assemble debug packages for running locally or testing in CI, run: + +```bash +./gradlew assembleDebug +``` + +This will output `app-insecure-debug.apk` and `app-production-debug.apk` to `/bitmask_android/app/build/outputs/apk/`. + +### Release APKs + +To assemble release packages, run: + +```bash +./gradlew assembleRelease +``` + +This will output `app-insecure-release.apk` and `app-production-release.apk` to `/bitmask_android/app/build/outputs/apk/`. + +### Signed Release APKs + +If you want to release a signed APK (which you *must* do to publish the app to the Google Play store), you'll have to create a gradle.properties file in the project root with the following structure: + +```properties +storeFileProperty= +storePasswordProperty= +keyAliasProperty= +keyPasswordProperty= +``` + +### Building In Docker + +If you want to make sure the environment you use to build APKs matches exactly the environment that Gitlab will use to build and publish artifacts, you can run any of the above build commands from inside Docker. To assemble a release build this way, run the following commands: + +``` shell +$ cd +$ sudo docker run --rm -it -v `pwd`:/bitmask_android 0xacab.org/leap/bitmask_android/android-ndk:latest +# cd /bitmask_android +# ./gradlew assembleRelease +``` + +## Running Tests To run the automated tests: + 1. Run an emulator (device doesn't necesarily has root, so testVpnCertificateValidator.testIsValid may fail). 2. Unlock Android 3. Issue the command ./gradlew connectedCheck 4. Pay attention and check the "Trust this app" checkbox, if you don't do so tests won't run. Due to the nature of some tests, adb will lose its connectivity and you won't receive any tests results. To look for failed tests, do the following: + 1. adb kill-server 2. adb logcat | less 3. Look for: "failed: test" -We'll polish this process soon, but right now that's what we're doing (well, in fact, we run "adb logcat" in Emacs and then search "failed: test" in the corresponding buffer ;) ). +We'll polish this process soon, but right now that's what we're doing. + +## Debugging in an Emulator + +You can run the app in an emulator running any version of Android and simulating (almost) any device. To run it you'll have to create an emulator, run the emulator, and then load an assembled APK of the app onto the emulator. (You can then use all sort of nifty tools in [Anroid Debug Bridge](https://developer.android.com/studio/command-line/adb.html) to tail the logs and debug the app.) + +Assuming you've already tackled (or don't need to tackle) the [Debian Gotchas](#debian-gotchas) listed below, you can do that using either Android Studio or a bash shell as follows: + +### From Android Studio + +To create an emulator: + +* Select `Tools/Android/AVD Manager` from the application menu +* Follow the instructions + +To run a pre-existing emulator: + +* Open the `AVD Manager` as above +* Press the "Play" button next to the emulator you want to run + +To run the app: + +* Ensure you have an emulator running +* Open the left-hand project pane (Meta-1 or Cmd-1, depending on your keybindings) +* Navigate to `bitmask_android/app/src/main/java/se/leap/bitmaskclient/Dashboard` +* Right-click over the `Dashboard` filename and click the `Run 'Dashboard'` option (or use Shift-Ctl-F10 or Shift-Ctl-R, depending on your keybindings) +* After you have done this once, you should be able to simply select `Dashboard` from the dropdown menu next to the big green arrow in the toolbar, then click the green arrow to run the app. + +### From the Shell + +To list the available avd images for creating an emulator: + +``` shell +avdmanager list +``` + +To create an emulator: + +``` shell +avdmanager create avd +``` + +To list the emulators you have already created: + +``` shell +avdmanager list avd +``` + +To run a pre-existing emulator called `Nexus_5_API_25`: + +``` shell +emulator @Nexus_5_API_15 +``` + +Verify the device is running with: + +``` shell +adb devices +``` + +You should see something like: + +``` shell +List of devices attached +emulator-5554 device +``` +Install APK with: + +``` shell +abd install .apk +``` + +Uninstall with: + +``` shell +abd uninstall se.leap.bitmaskclient +``` +Install with option to reinstall: + +``` shell +abd install -r +``` + +### Debian Gotchas + +If you are running Debian on a 64-bit machine, your emulator will likely not work out of the gate. Test to see if this is the case by: + +* first creating an emulator in Android Studio (with name, eg, `Nexus_5_API_25`) +* then running: + ```shell + cd ~/ + emulator @ + ``` +If you can launch an emulator, HUZZAH! If not, you likely have one of 3 problems: + +#### 1. Virtualization Not Enabled + +Boo! Try turning it on. The second half of [this article](https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Troubleshooting-Enabling_Intel_VT_and_AMD_V_virtualization_hardware_extensions_in_BIOS.html) is a decent enough guide. + +#### 2. Unpatched Filepaths Bug + +**Symptoms:** If you have this bug, you will see something like the following when you try to spin up an emulator: + +``` shell +[140500439390016]:ERROR:./android/qt/qt_setup.cpp:28:Qt library not found at ../emulator/lib64/qt/lib +Could not launch '../emulator/qemu/linux-x86_64/qemu-system-i386': No such file or directory +``` +As [documented here](https://stackoverflow.com/questions/42554337/cannot-launch-avd-in-emulatorqt-library-not-found), there is a standing bug in the version of `emulator` packaged for emulator that assumes it always runs from within the `$ANDROID_HOME/emulator` directory, and can thus safely use relative filepaths, when in fact this is almost never the case. (Cool bug!) + +**Fixes:** + +You have a couple options. The second is more robust: + +1. Always run emulator from within its own directory (clunky!): + +``` shell + cd "$(dirname "$(which emulator)")" + emulator +``` + +2. Insert a line in your `~/.bashrc` to automatically navigate to the correct directory (and back) whenever you invoke `emulator`: + + ```shell +function emulator { pushd `pwd`; cd "$(dirname "$(which emulator)")" && ./emulator "$@"; popd;} +``` + +#### 3. Outdated GL Libraries + +**Symptoms:** If you have this bug, you will see something like the following: + +``` shell +libGL error: failed to load driver: swrast +X Error of failed request: BadValue (integer parameter out of range for operation) +# redacted incredibly long stack trace +``` + +As documented [here](http://stackoverflow.com/questions/36554322/cannot-start-emulator-in-android-studio-2-0), the current emulator package ships without outdated versions of LibGL libraries. To work around this: + +1. Install modern GL libriaries with: + +``` shell +sudo apt-get install mesa-utils +``` + +2. Ensure that `emulator` always uses the correct libraries by either: + + a. always calling `emulator` with the `-use-system-libs` flag, like so: + + ``` shell + emulator -use-system-libs -avd Nexus_5_API_25 + ``` + b. adding the following line to your ~/.bashrc or ~/.bash_profile: + + ```shell + export ANDROID_EMULATOR_USE_SYSTEM_LIBS=1 + ``` + +**Special Android Studio Debian Bonus Gotcha:** + +Assuming you have made all the above fixes (great job!), to be able to launch emulators from Android Studio, you must either: + +1. Use the environment variable solution above (option a), then *always* launch Android Studio from a bash shell with: + +``` shell +studio +``` + +This means never using the desktop launcher. :( + +2. If you want to use the desktop launcher: + + * You must *always* launch emulators from the terminal. :( + * But: you can quickly access a terminal inside of Android Studio with `OPTION-F12` + +## Updating Submodules + +If you need to refresh of our upstream dependency on ics-openvpn, you may do so with: + +``` shell +cd +./gradlew updateIcsOpenVpn +``` + +Alternately: + +```shell +cd +cd ics-openvpn +git remote add upstream https://github.com/schwabe/ics-openvpn.git +git pull --rebase upstream master +``` +A bunch of conflicts may arise. The guidelines are: + + 1. Methods in HEAD (upstream) completely removed from Bitmask should be removed again (e.g. askPW) + 2. Sometimes, Dashboard.class is in Bitmask while in ics-openvpn it is replaced by MainActivity.class and other classes. Keep removing them to keep Dashboard.class in there. + 3. Some resources files are stripped from several entries. Remove them if possible (check the code we compile is not using anything else new). -## Acknowledgements +## Acknowledgments This project bases its work in [ics-openvpn project](https://code.google.com/p/ics-openvpn/). -## Contributing +## Contributing -Please fork this repository and contribute back using -[pull requests](https://github.com/leapcode/leap_android/pulls). +Please fork this repository and contribute back using [pull requests](https://github.com/leapcode/leap_android/pulls). Our preferred method for receiving translations is our [Transifex project](https://www.transifex.com/projects/p/bitmask-android). -Any contributions, large or small, major features, bug fixes, additional -language translations, unit/integration tests are welcomed and appreciated -but will be thoroughly reviewed and discussed. +Any contributions, large or small, major features, bug fixes, additional language translations, unit/integration tests are welcomed and appreciated but will be thoroughly reviewed and discussed. diff --git a/app/assets/urls/bitmask demo.url b/app/assets/urls/bitmask demo.url index 81bdba521e5e66c1de954c1ca46bb5a39f24c56b..1a412055b063d0a410fad0b4429a65f6ec3aa607 100644 --- a/app/assets/urls/bitmask demo.url +++ b/app/assets/urls/bitmask demo.url @@ -1,4 +1,3 @@ { - "main_url" : "https://demo.bitmask.net/", - "ca_cert_fingerprint" : "c3f9f39af6d42d1f201195dec918ac7603597049" + "main_url" : "https://demo.bitmask.net/" } diff --git a/app/assets/urls/calyx.url b/app/assets/urls/calyx.url index 9ae902f741106ffb120a3efa4256ff11d643317b..8de04fe97395c4771b7c4f8153b6c012ebc013f2 100644 --- a/app/assets/urls/calyx.url +++ b/app/assets/urls/calyx.url @@ -1,5 +1,3 @@ { - "main_url" : "https://calyx.net/", - "ca_cert_fingerprint" : "98086aee17b5800acd0bdefe852e7c1ae72bd248" - + "main_url" : "https://calyx.net/" } diff --git a/app/assets/urls/riseup.url b/app/assets/urls/riseup.url index 4c565076c36f2c84cd5b9926244b98697a8274e1..4548b4332631b34881c053436311570f6cd41c48 100644 --- a/app/assets/urls/riseup.url +++ b/app/assets/urls/riseup.url @@ -1,4 +1,3 @@ { - "main_url" : "https://riseup.net/", - "ca_cert_fingerprint" : "aef7a642d7f8e046770521b354961a95cd4a76a8" + "main_url" : "https://riseup.net/" } diff --git a/app/build.gradle b/app/build.gradle index 9acd5ab13e61faadc166f2a8e7ecac1af6fdcb11..b6bb39ffb7f95cbe2d254f915c7a20c365290bea 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -1,9 +1,9 @@ apply plugin: 'com.android.application' android { - compileSdkVersion 21 - buildToolsVersion "22.0.1" - + compileSdkVersion 23 + buildToolsVersion '25.0.2' +; signingConfigs { release { storeFile project.hasProperty('storeFileProperty') ? file(storeFileProperty) : null @@ -13,26 +13,26 @@ android { } } - productFlavors { - production { + productFlavors { + production { - } - insecure { + } + insecure { - } } + } buildTypes { release { //runProguard true if(signingConfigs.contains(release)) - signingConfig signingConfigs.release.isSigningReady() ? signingConfigs.release : signingConfigs.debug + signingConfig signingConfigs.release.isSigningReady() ? signingConfigs.release : signingConfigs.debug } } - lintOptions { - abortOnError false - } + lintOptions { + abortOnError false + } sourceSets { main { @@ -47,14 +47,16 @@ android { } dependencies { - androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.4.1' + androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.5.4' + testCompile 'junit:junit:4.12' compile 'com.jakewharton:butterknife:6.1.0' provided 'com.squareup.dagger:dagger-compiler:1.2.2' compile 'com.github.pedrovgs:renderers:1.5' compile 'com.intellij:annotations:12.0' - compile 'com.google.code.gson:gson:2.3.1' + compile 'com.google.code.gson:gson:2.4' compile 'org.thoughtcrime.ssl.pinning:AndroidPinning:1.0.0' compile 'mbanje.kurt:fabbutton:1.1.4' + compile 'com.android.support:support-annotations:23.2.1' } def processFileInplace(file, Closure processText) { @@ -81,16 +83,17 @@ task copyIcsOpenVPNClasses( type: Copy ) { include '**/dimens.xml' include '**/logmenu.xml' include '**/core/**.java' + include '**/activities/BaseActivity.java' includeEmptyDirs = false - + filter { line -> line.replaceAll('de.blinkt.openvpn.R', 'se.leap.bitmaskclient.R') } filter { line -> line.replaceAll('de.blinkt.openvpn.BuildConfig', 'se.leap.bitmaskclient.BuildConfig') } - filter { + filter { line -> line.replace('package de.blinkt.openvpn;', 'package de.blinkt.openvpn;\n\nimport se.leap.bitmaskclient.R;') } } into '.' @@ -105,11 +108,11 @@ task copyIcsOpenVPNXml( type: Copy ) { include '**/styles.xml' include '**/dimens.xml' include '**/refs.xml' - include '**/colours.xml' + include '**/colours.xml' include '**/logmenu.xml' include '**/white_rect.xml' includeEmptyDirs = false - + rename 'strings.xml', 'strings-icsopenvpn.xml' filter { line -> line.replaceAll('.*name="app".*', '') @@ -126,7 +129,8 @@ task copyIcsOpenVPNImages( type: Copy ) { include '**/ic_close*.png' include '**/ic_edit*.png' include '**/ic_check*.png' - + include '**/ic_pause*.png' + include '**/ic_play*.png' includeEmptyDirs = false } into '.' } @@ -138,14 +142,14 @@ task removeDuplicatedStrings() { if(it.name.equals('strings.xml')) { def ics_openvpn_file = file(it.absolutePath.replace('strings.xml', 'strings-icsopenvpn.xml')) if(ics_openvpn_file.exists()) { - def ics_openvpn_strings_names = (new XmlParser()).parse(ics_openvpn_file) - def current_file = it - - ics_openvpn_strings_names.string.each { - processFileInplace(current_file) { text -> - text.replaceAll('.*name=\"' + it.attribute('name') + '\".*(\n)*.*string>.*\n+', '') - } - } + def ics_openvpn_strings_names = (new XmlParser()).parse(ics_openvpn_file) + def current_file = it + + ics_openvpn_strings_names.string.each { + processFileInplace(current_file) { text -> + text.replaceAll('.*name=\"' + it.attribute('name') + '\".*(\n)*.*string>.*\n+', '') + } + } } } } @@ -164,20 +168,20 @@ task mergeUntranslatable( type: Copy ) { ics_openvpn_untranslatable.eachLine { text -> if(text.contains('string name=')) { if(!bitmask_untranslatable.text.contains(text)) - bitmask_untranslatable << text - if(text.contains('')) - string_continuation = true + bitmask_untranslatable << text + if(text.contains('')) + string_continuation = true } else if(string_continuation) { bitmask_untranslatable << text } - + if(text.contains('')) { string_continuation = false bitmask_untranslatable << System.getProperty("line.separator") } } - + bitmask_untranslatable.write(bitmask_untranslatable.text.replaceAll("", "")) bitmask_untranslatable << "" diff --git a/app/snappy b/app/snappy deleted file mode 120000 index c44d7d0fd40379f9ad409b597a5a1a271ab7ba32..0000000000000000000000000000000000000000 --- a/app/snappy +++ /dev/null @@ -1 +0,0 @@ -../ics-openvpn/main/snappy \ No newline at end of file diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java similarity index 87% rename from app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java rename to app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java index 9a9131fdafbb5d2185f16a165bc7223bb31a2e0e..aef968b8d7f61350d3902bfe3963728d6462c33c 100644 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java @@ -9,20 +9,21 @@ import com.robotium.solo.*; import se.leap.bitmaskclient.*; -public abstract class BaseTestDashboard extends ActivityInstrumentationTestCase2 { +public abstract class BaseTestDashboardFragment extends ActivityInstrumentationTestCase2 { Solo solo; Context context; UserStatusTestController user_status_controller; VpnTestController vpn_controller; - public BaseTestDashboard() { super(Dashboard.class); } + public BaseTestDashboardFragment() { super(Dashboard.class); } @Override protected void setUp() throws Exception { super.setUp(); context = getInstrumentation().getContext(); solo = new Solo(getInstrumentation(), getActivity()); + Screenshot.initialize(solo); user_status_controller = new UserStatusTestController(solo); vpn_controller = new VpnTestController(solo); ConnectionManager.setMobileDataEnabled(true, context); @@ -43,6 +44,7 @@ public abstract class BaseTestDashboard extends ActivityInstrumentationTestCase2 } private void useRegistered() { + solo.waitForFragmentById(R.id.provider_detail_fragment); String text = solo.getString(R.string.signup_or_login_button); clickAndWaitForDashboard(text); user_status_controller.logIn("parmegvtest10", "holahola2"); diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java index 91d51402493445edfb58956fa332ceeafac0ffff..ade28b73a86178c93bf5eb25922e053e97b306d3 100644 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java @@ -26,8 +26,7 @@ public class Screenshot { } public static void take() { - sleepBefore(); - solo.takeScreenshot(default_name + "_" + getTimeStamp()); + take(default_name + "_" + getTimeStamp()); } public static void takeWithSleep() { diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java index 25d81da10080b8c075f986efe2b531749334b533..39ab37ddcf56e663ebeabfda484b0db14474d31f 100644 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java @@ -79,7 +79,7 @@ public class VpnTestController { a = whole_icon != null ? (ProgressRingView) getVpnWholeIcon().findViewById(R.id.fabbutton_ring) : new ProgressRingView(solo.getCurrentActivity()); - BaseTestDashboard.isShownWithinConfinesOfVisibleScreen(a); + BaseTestDashboardFragment.isShownWithinConfinesOfVisibleScreen(a); } private boolean iconShowsConnected() { diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java index 931457eed0f7cda6e552804cdab23558c19bb909..8b897b9602641b8ea1f9bd5a41261b0beccb80ea 100644 --- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java +++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java @@ -29,6 +29,7 @@ public class testConfigurationWizard extends ActivityInstrumentationTestCase2 + android:versionCode="128" + android:versionName="0.9.6Beta" > + android:maxSdkVersion="18"/> + android:targetSdkVersion="24"/> + android:theme="@android:style/Theme.Translucent.NoTitleBar" /> diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java index 90216a7083c464a269b62fe0d7a9b0d01f06cf7f..16f986ae95da8413e623f817d85db1fd00388f1b 100644 --- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -35,196 +35,179 @@ import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus; /** * This Activity actually handles two stages of a launcher shortcut's life cycle. - * + *

* 1. Your application offers to provide shortcuts to the launcher. When - * the user installs a shortcut, an activity within your application - * generates the actual shortcut and returns it to the launcher, where it - * is shown to the user as an icon. - * + * the user installs a shortcut, an activity within your application + * generates the actual shortcut and returns it to the launcher, where it + * is shown to the user as an icon. + *

* 2. Any time the user clicks on an installed shortcut, an intent is sent. - * Typically this would then be handled as necessary by an activity within - * your application. - * + * Typically this would then be handled as necessary by an activity within + * your application. + *

* We handle stage 1 (creating a shortcut) by simply sending back the information (in the form * of an {@link android.content.Intent} that the launcher will use to create the shortcut. - * + *

* You can also implement this in an interactive way, by having your activity actually present * UI for the user to select the specific nature of the shortcut, such as a contact, picture, URL, * media item, or action. - * + *

* We handle stage 2 (responding to a shortcut) in this sample by simply displaying the contents * of the incoming {@link android.content.Intent}. - * + *

* In a real application, you would probably use the shortcut intent to display specific content * or start a particular operation. */ public class LaunchVPN extends Activity { - public static final String EXTRA_KEY = "de.blinkt.openvpn.shortcutProfileUUID"; - public static final String EXTRA_NAME = "de.blinkt.openvpn.shortcutProfileName"; - public static final String EXTRA_HIDELOG = "de.blinkt.openvpn.showNoLogWindow"; + public static final String EXTRA_KEY = "de.blinkt.openvpn.shortcutProfileUUID"; + public static final String EXTRA_NAME = "de.blinkt.openvpn.shortcutProfileName"; + public static final String EXTRA_HIDELOG = "de.blinkt.openvpn.showNoLogWindow"; + public static final String CLEARLOG = "clearlogconnect"; - private static final int START_VPN_PROFILE= 70; + private static final int START_VPN_PROFILE = 70; - private ProfileManager mPM; - private VpnProfile mSelectedProfile; - private boolean mhideLog=false; - private boolean mCmfixed=false; + private VpnProfile mSelectedProfile; + private boolean mhideLog = false; - @Override - public void onCreate(Bundle icicle) { - super.onCreate(icicle); + private boolean mCmfixed = false; - mPM =ProfileManager.getInstance(this); + @Override + public void onCreate(Bundle icicle) { + super.onCreate(icicle); - } + startVpnFromIntent(); + } - @Override - protected void onStart() { - super.onStart(); - // Resolve the intent + protected void startVpnFromIntent() { + // Resolve the intent - final Intent intent = getIntent(); - final String action = intent.getAction(); + final Intent intent = getIntent(); + final String action = intent.getAction(); - // If the intent is a request to create a shortcut, we'll do that and exit + // If the intent is a request to create a shortcut, we'll do that and exit - if(Intent.ACTION_MAIN.equals(action)) { - // we got called to be the starting point, most likely a shortcut - String shortcutUUID = intent.getStringExtra( EXTRA_KEY); - String shortcutName = intent.getStringExtra( EXTRA_NAME); - mhideLog = intent.getBooleanExtra(EXTRA_HIDELOG, false); + if (Intent.ACTION_MAIN.equals(action)) { + // Check if we need to clear the log + if (PreferenceManager.getDefaultSharedPreferences(this).getBoolean(CLEARLOG, true)) + VpnStatus.clearLog(); - VpnProfile profileToConnect = ProfileManager.get(this,shortcutUUID); - if(shortcutName != null && profileToConnect ==null) - profileToConnect = ProfileManager.getInstance(this).getProfileByName(shortcutName); + // we got called to be the starting point, most likely a shortcut + String shortcutUUID = intent.getStringExtra(EXTRA_KEY); + String shortcutName = intent.getStringExtra(EXTRA_NAME); + mhideLog = intent.getBooleanExtra(EXTRA_HIDELOG, false); - if(profileToConnect ==null) { - VpnStatus.logError(R.string.shortcut_profile_notfound); - // show Log window to display error - showLogWindow(); - finish(); - return; - } + VpnProfile profileToConnect = ProfileManager.get(this, shortcutUUID); + if (shortcutName != null && profileToConnect == null) + profileToConnect = ProfileManager.getInstance(this).getProfileByName(shortcutName); - mSelectedProfile = profileToConnect; - launchVPN(); + if (profileToConnect == null) { + VpnStatus.logError(R.string.shortcut_profile_notfound); + // show Log window to display error + showLogWindow(); + finish(); + } else { + mSelectedProfile = profileToConnect; + launchVPN(); + } + } + } - } - } - - @Override - protected void onActivityResult (int requestCode, int resultCode, Intent data) { - super.onActivityResult(requestCode, resultCode, data); - - if(requestCode==START_VPN_PROFILE) { - if(resultCode == Activity.RESULT_OK) { - SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); - boolean showLogWindow = prefs.getBoolean("showlogwindow", true); - - if(!mhideLog && showLogWindow) - showLogWindow(); - new startOpenVpnThread().start(); - } else if (resultCode == Activity.RESULT_CANCELED) { - // User does not want us to start, so we just vanish - VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled, - ConnectionStatus.LEVEL_NOTCONNECTED); - - finish(); - } - } - } - - void showLogWindow() { + @Override + protected void onActivityResult (int requestCode, int resultCode, Intent data) { + super.onActivityResult(requestCode, resultCode, data); - Intent startLW = new Intent(getBaseContext(),LogWindow.class); - startLW.addFlags(Intent.FLAG_ACTIVITY_REORDER_TO_FRONT); - startActivity(startLW); - - } + if(requestCode==START_VPN_PROFILE) { + SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); + boolean showLogWindow = prefs.getBoolean("showlogwindow", true); - void showConfigErrorDialog(int vpnok) { - AlertDialog.Builder d = new AlertDialog.Builder(this); - d.setTitle(R.string.config_error_found); - d.setMessage(vpnok); - d.setPositiveButton(android.R.string.ok, new OnClickListener() { + if(!mhideLog && showLogWindow) + showLogWindow(); - @Override - public void onClick(DialogInterface dialog, int which) { - finish(); + VPNLaunchHelper.startOpenVpn(mSelectedProfile, getBaseContext()); + finish(); + } else if (resultCode == Activity.RESULT_CANCELED) { + // User does not want us to start, so we just vanish + VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled, + ConnectionStatus.LEVEL_NOTCONNECTED); - } - }); - d.show(); + finish(); } + } - void launchVPN () { - int vpnok = mSelectedProfile.checkProfile(this); - if(vpnok!= R.string.no_error_found) { - showConfigErrorDialog(vpnok); - return; - } + void showLogWindow() { - Intent intent = VpnService.prepare(this); - // Check if we want to fix /dev/tun - SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); - boolean usecm9fix = prefs.getBoolean("useCM9Fix", false); - boolean loadTunModule = prefs.getBoolean("loadTunModule", false); + Intent startLW = new Intent(getBaseContext(), LogWindow.class); + startLW.addFlags(Intent.FLAG_ACTIVITY_REORDER_TO_FRONT); + startActivity(startLW); - if(loadTunModule) - execeuteSUcmd("insmod /system/lib/modules/tun.ko"); + } - if(usecm9fix && !mCmfixed ) { - execeuteSUcmd("chown system /dev/tun"); - } + void showConfigErrorDialog(int vpnok) { + AlertDialog.Builder d = new AlertDialog.Builder(this); + d.setTitle(R.string.config_error_found); + d.setMessage(vpnok); + d.setPositiveButton(android.R.string.ok, new OnClickListener() { + @Override + public void onClick(DialogInterface dialog, int which) { + finish(); - if (intent != null) { - VpnStatus.updateStateString("USER_VPN_PERMISSION", "", R.string.state_user_vpn_permission, - ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT); - // Start the query - try { - startActivityForResult(intent, START_VPN_PROFILE); - } catch (ActivityNotFoundException ane) { - // Shame on you Sony! At least one user reported that - // an official Sony Xperia Arc S image triggers this exception - VpnStatus.logError(R.string.no_vpn_support_image); - showLogWindow(); - } - } else { - onActivityResult(START_VPN_PROFILE, Activity.RESULT_OK, null); - } + } + }); + d.show(); + } - } + void launchVPN() { + int vpnok = mSelectedProfile.checkProfile(this); + if (vpnok != R.string.no_error_found) { + showConfigErrorDialog(vpnok); + return; + } - private void execeuteSUcmd(String command) { - ProcessBuilder pb = new ProcessBuilder("su","-c",command); - try { - Process p = pb.start(); - int ret = p.waitFor(); - if(ret ==0) - mCmfixed=true; - } catch (InterruptedException e) { - VpnStatus.logException("SU command", e); + Intent intent = VpnService.prepare(this); + // Check if we want to fix /dev/tun + SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); + boolean usecm9fix = prefs.getBoolean("useCM9Fix", false); + boolean loadTunModule = prefs.getBoolean("loadTunModule", false); - } catch (IOException e) { - VpnStatus.logException("SU command", e); - } - } - - private class startOpenVpnThread extends Thread { - - @Override - public void run() { - VPNLaunchHelper.startOpenVpn(mSelectedProfile, getBaseContext()); - finish(); - - } - - } + if (loadTunModule) + execeuteSUcmd("insmod /system/lib/modules/tun.ko"); + if (usecm9fix && !mCmfixed) { + execeuteSUcmd("chown system /dev/tun"); + } + if (intent != null) { + VpnStatus.updateStateString("USER_VPN_PERMISSION", "", R.string.state_user_vpn_permission, + ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT); + // Start the query + try { + startActivityForResult(intent, START_VPN_PROFILE); + } catch (ActivityNotFoundException ane) { + // Shame on you Sony! At least one user reported that + // an official Sony Xperia Arc S image triggers this exception + VpnStatus.logError(R.string.no_vpn_support_image); + showLogWindow(); + } + } else { + onActivityResult(START_VPN_PROFILE, Activity.RESULT_OK, null); + } + + } + + private void execeuteSUcmd(String command) { + try { + ProcessBuilder pb = new ProcessBuilder("su", "-c", command); + Process p = pb.start(); + int ret = p.waitFor(); + if (ret == 0) + mCmfixed = true; + } catch (InterruptedException | IOException e) { + VpnStatus.logException("SU command", e); + } + } } diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 43e1b57c9ab5b0a3e28fe2de71918332bf426240..38d76f682f884cb31f11a721e140044598b16b47 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -18,6 +18,7 @@ import android.os.Build; import android.preference.PreferenceManager; import android.security.KeyChain; import android.security.KeyChainException; +import android.support.annotation.NonNull; import android.text.TextUtils; import android.util.Base64; @@ -63,7 +64,7 @@ public class VpnProfile implements Serializable, Cloneable { // The Serializable documentation mentions that class name change are possible // but the how is unclear // - transient public static final long MAX_EMBED_FILE_SIZE = 2048*1024; // 2048kB + transient public static final long MAX_EMBED_FILE_SIZE = 2048 * 1024; // 2048kB // Don't change this, not all parts of the program use this constant public static final String EXTRA_PROFILEUUID = "de.blinkt.openvpn.profileUUID"; public static final String INLINE_TAG = "[[INLINE]]"; @@ -71,7 +72,7 @@ public class VpnProfile implements Serializable, Cloneable { private static final long serialVersionUID = 7085688938959334563L; public static final int MAXLOGLEVEL = 4; - public static final int CURRENT_PROFILE_VERSION = 5; + public static final int CURRENT_PROFILE_VERSION = 6; public static final int DEFAULT_MSSFIX_SIZE = 1450; public static String DEFAULT_DNS1 = "8.8.8.8"; public static String DEFAULT_DNS2 = "8.8.4.4"; @@ -149,27 +150,31 @@ public class VpnProfile implements Serializable, Cloneable { private int mProfileVersion; public String mExcludedRoutes; public String mExcludedRoutesv6; - public int mMssFix =0; // -1 is default, + public int mMssFix = 0; // -1 is default, public Connection[] mConnections = new Connection[0]; - public boolean mRemoteRandom=false; - public HashSet mAllowedAppsVpn = new HashSet(); + public boolean mRemoteRandom = false; + public HashSet mAllowedAppsVpn = new HashSet<>(); public boolean mAllowedAppsVpnAreDisallowed = true; + + public String mCrlFilename; public String mProfileCreator; - /* Options no long used in new profiles */ + + public boolean mPushPeerInfo = false; + public static final boolean mIsOpenVPN22 = false; + + /* Options no longer used in new profiles */ public String mServerName = "openvpn.blinkt.de"; public String mServerPort = "1194"; public boolean mUseUdp = true; - - public VpnProfile(String name) { mUuid = UUID.randomUUID(); mName = name; mProfileVersion = CURRENT_PROFILE_VERSION; mConnections = new Connection[1]; - mConnections[0] = new Connection(); + mConnections[0] = new Connection(); } public static String openVpnEscape(String unescaped) { @@ -197,6 +202,7 @@ public class VpnProfile implements Serializable, Cloneable { mCheckRemoteCN = false; mPersistTun = false; mAllowLocalLAN = true; + mPushPeerInfo = false; mMssFix = 0; } @@ -206,27 +212,33 @@ public class VpnProfile implements Serializable, Cloneable { } public String getName() { - if (mName==null) + if (mName == null) return "No profile name"; return mName; } - public void upgradeProfile(){ - if(mProfileVersion< 2) { + public void upgradeProfile() { + if (mProfileVersion < 2) { /* default to the behaviour the OS used */ mAllowLocalLAN = Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT; } if (mProfileVersion < 4) { moveOptionsToConnection(); - mAllowedAppsVpnAreDisallowed=true; + mAllowedAppsVpnAreDisallowed = true; } - if (mAllowedAppsVpn==null) - mAllowedAppsVpn = new HashSet(); - if (mConnections ==null) + if (mAllowedAppsVpn == null) + mAllowedAppsVpn = new HashSet<>(); + if (mConnections == null) mConnections = new Connection[0]; - mProfileVersion= CURRENT_PROFILE_VERSION; + if (mProfileVersion < 6) { + if (TextUtils.isEmpty(mProfileCreator)) + mUserEditable = true; + } + + + mProfileVersion = CURRENT_PROFILE_VERSION; } @@ -260,8 +272,12 @@ public class VpnProfile implements Serializable, Cloneable { cfg += "management-query-passwords\n"; cfg += "management-hold\n\n"; - if (!configForOvpn3) + if (!configForOvpn3) { cfg += String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context))); + String versionString = String.format("%d %s %s %s %s %s", Build.VERSION.SDK_INT, Build.VERSION.RELEASE, + NativeUtils.getNativeAPI(), Build.BRAND, Build.BOARD, Build.MODEL); + cfg += String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString)); + } cfg += "machine-readable-output\n"; @@ -293,7 +309,8 @@ public class VpnProfile implements Serializable, Cloneable { mConnectRetry = "5"; - cfg += "connect-retry " + mConnectRetry + "\n"; + if (!mIsOpenVPN22 || !mUseUdp) + cfg += "connect-retry " + mConnectRetry + "\n"; cfg += "resolv-retry 60\n"; @@ -304,7 +321,7 @@ public class VpnProfile implements Serializable, Cloneable { boolean canUsePlainRemotes = true; - if (mConnections.length==1) { + if (mConnections.length == 1) { cfg += mConnections[0].getConnectionBlock(); } else { for (Connection conn : mConnections) { @@ -312,7 +329,7 @@ public class VpnProfile implements Serializable, Cloneable { } if (mRemoteRandom) - cfg+="remote-random\n"; + cfg += "remote-random\n"; if (canUsePlainRemotes) { for (Connection conn : mConnections) { @@ -367,6 +384,9 @@ public class VpnProfile implements Serializable, Cloneable { cfg += insertFileData("ca", mCaFilename); } + if (!TextUtils.isEmpty(mCrlFilename)) + cfg += insertFileData("crl-verify", mCrlFilename); + if (mUseLzo) { cfg += "comp-lzo\n"; } @@ -400,13 +420,12 @@ public class VpnProfile implements Serializable, Cloneable { if (mUseDefaultRoute) routes += "route 0.0.0.0 0.0.0.0 vpn_gateway\n"; - else - { + else { for (String route : getCustomRoutes(mCustomRoutes)) { routes += "route " + route + " vpn_gateway\n"; } - for (String route: getCustomRoutes(mExcludedRoutes)) { + for (String route : getCustomRoutes(mExcludedRoutes)) { routes += "route " + route + " net_gateway\n"; } } @@ -431,11 +450,11 @@ public class VpnProfile implements Serializable, Cloneable { } - if (mMssFix !=0){ - if (mMssFix!=1450) - cfg+=String.format("mssfix %d\n", mMssFix, Locale.US); - else - cfg+="mssfix\n"; + if (mMssFix != 0) { + if (mMssFix != 1450) { + cfg += String.format("mssfix %d\n", mMssFix, Locale.US); + } else + cfg += "mssfix\n"; } if (mNobind) @@ -495,9 +514,12 @@ public class VpnProfile implements Serializable, Cloneable { cfg += "preresolve\n"; } + if (mPushPeerInfo) + cfg += "push-peer-info\n"; + SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context); boolean usesystemproxy = prefs.getBoolean("usesystemproxy", true); - if (usesystemproxy) { + if (usesystemproxy && !mIsOpenVPN22) { cfg += "# Use system proxy setting\n"; cfg += "management-query-proxy\n"; } @@ -523,8 +545,6 @@ public class VpnProfile implements Serializable, Cloneable { } - - return cfg; } @@ -541,10 +561,9 @@ public class VpnProfile implements Serializable, Cloneable { } //! Put inline data inline and other data as normal escaped filename - private String insertFileData(String cfgentry, String filedata) { + public static String insertFileData(String cfgentry, String filedata) { if (filedata == null) { - // TODO: generate good error - return String.format("%s %s\n", cfgentry, "missing"); + return String.format("%s %s\n", cfgentry, "file missing in config profile"); } else if (isEmbedded(filedata)) { String dataWithOutHeader = getEmbeddedContent(filedata); return String.format(Locale.ENGLISH, "<%s>\n%s\n\n", cfgentry, dataWithOutHeader, cfgentry); @@ -553,8 +572,9 @@ public class VpnProfile implements Serializable, Cloneable { } } + @NonNull private Collection getCustomRoutes(String routes) { - Vector cidrRoutes = new Vector(); + Vector cidrRoutes = new Vector<>(); if (routes == null) { // No routes set, return empty vector return cidrRoutes; @@ -563,7 +583,7 @@ public class VpnProfile implements Serializable, Cloneable { if (!route.equals("")) { String cidrroute = cidrToIPAndNetmask(route); if (cidrroute == null) - return null; + return cidrRoutes; cidrRoutes.add(cidrroute); } @@ -573,7 +593,7 @@ public class VpnProfile implements Serializable, Cloneable { } private Collection getCustomRoutesv6(String routes) { - Vector cidrRoutes = new Vector(); + Vector cidrRoutes = new Vector<>(); if (routes == null) { // No routes set, return empty vector return cidrRoutes; @@ -606,47 +626,40 @@ public class VpnProfile implements Serializable, Cloneable { return null; - long nm = 0xffffffffl; - nm = (nm << (32 - len)) & 0xffffffffl; + long nm = 0xffffffffL; + nm = (nm << (32 - len)) & 0xffffffffL; String netmask = String.format(Locale.ENGLISH, "%d.%d.%d.%d", (nm & 0xff000000) >> 24, (nm & 0xff0000) >> 16, (nm & 0xff00) >> 8, nm & 0xff); return parts[0] + " " + netmask; } - - public Intent prepareStartService(Context context) { Intent intent = getStartServiceIntent(context); + // TODO: Handle this?! +// if (mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) { +// if (getKeyStoreCertificates(context) == null) +// return null; +// } - if (mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) { - if (getKeyStoreCertificates(context) == null) - return null; - } - + return intent; + } - try { - FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context)); - cfg.write(getConfigFile(context, false)); - cfg.flush(); - cfg.close(); - } catch (IOException e) { - VpnStatus.logException(e); - } + public void writeConfigFile(Context context) throws IOException { + FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context)); + cfg.write(getConfigFile(context, false)); + cfg.flush(); + cfg.close(); - return intent; } public Intent getStartServiceIntent(Context context) { String prefix = context.getPackageName(); Intent intent = new Intent(context, OpenVPNService.class); - intent.putExtra(prefix + ".ARGV", VPNLaunchHelper.buildOpenvpnArgv(context)); intent.putExtra(prefix + ".profileUUID", mUuid.toString()); - ApplicationInfo info = context.getApplicationInfo(); - intent.putExtra(prefix + ".nativelib", info.nativeLibraryDir); return intent; } @@ -657,11 +670,10 @@ public class VpnProfile implements Serializable, Cloneable { public static String getDisplayName(String embeddedFile) { int start = DISPLAYNAME_TAG.length(); int end = embeddedFile.indexOf(INLINE_TAG); - return embeddedFile.substring(start,end); + return embeddedFile.substring(start, end); } - public static String getEmbeddedContent(String data) - { + public static String getEmbeddedContent(String data) { if (!data.contains(INLINE_TAG)) return data; @@ -670,7 +682,7 @@ public class VpnProfile implements Serializable, Cloneable { } public static boolean isEmbedded(String data) { - if (data==null) + if (data == null) return false; if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG)) return true; @@ -682,8 +694,8 @@ public class VpnProfile implements Serializable, Cloneable { /* This method is called when OpenVPNService is restarted */ if ((mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) - && mPrivateKey==null) { - new Thread( new Runnable() { + && mPrivateKey == null) { + new Thread(new Runnable() { @Override public void run() { getKeyStoreCertificates(context); @@ -698,9 +710,9 @@ public class VpnProfile implements Serializable, Cloneable { VpnProfile copy = (VpnProfile) super.clone(); copy.mUuid = UUID.randomUUID(); copy.mConnections = new Connection[mConnections.length]; - int i=0; - for (Connection conn: mConnections) { - copy.mConnections[i++]=conn.clone(); + int i = 0; + for (Connection conn : mConnections) { + copy.mConnections[i++] = conn.clone(); } copy.mAllowedAppsVpn = (HashSet) mAllowedAppsVpn.clone(); return copy; @@ -708,7 +720,7 @@ public class VpnProfile implements Serializable, Cloneable { public VpnProfile copy(String name) { try { - VpnProfile copy = (VpnProfile) clone(); + VpnProfile copy = clone(); copy.mName = name; return copy; @@ -720,24 +732,21 @@ public class VpnProfile implements Serializable, Cloneable { class NoCertReturnedException extends Exception { - public NoCertReturnedException (String msg) { + public NoCertReturnedException(String msg) { super(msg); } } - synchronized String[] getKeyStoreCertificates(Context context,int tries) { - PrivateKey privateKey = null; - X509Certificate[] caChain; - Exception exp; + synchronized String[] getKeyStoreCertificates(Context context, int tries) { try { - privateKey = KeyChain.getPrivateKey(context, mAlias); + PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias); mPrivateKey = privateKey; String keystoreChain = null; - caChain = KeyChain.getCertificateChain(context, mAlias); - if(caChain == null) + X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias); + if (caChain == null) throw new NoCertReturnedException("No certificate returned from Keystore"); if (caChain.length <= 1 && TextUtils.isEmpty(mCaFilename)) { @@ -758,13 +767,14 @@ public class VpnProfile implements Serializable, Cloneable { String caout = null; if (!TextUtils.isEmpty(mCaFilename)) { try { - Certificate cacert = X509Utils.getCertificateFromFile(mCaFilename); + Certificate[] cacerts = X509Utils.getCertificatesFromFile(mCaFilename); StringWriter caoutWriter = new StringWriter(); PemWriter pw = new PemWriter(caoutWriter); - pw.writeObject(new PemObject("CERTIFICATE", cacert.getEncoded())); + for (Certificate cert : cacerts) + pw.writeObject(new PemObject("CERTIFICATE", cert.getEncoded())); pw.close(); - caout= caoutWriter.toString(); + caout = caoutWriter.toString(); } catch (Exception e) { VpnStatus.logError("Could not read CA certificate" + e.getLocalizedMessage()); @@ -787,54 +797,43 @@ public class VpnProfile implements Serializable, Cloneable { String ca, extra; - if(caout==null) { - ca =keystoreChain; - extra=null; + if (caout == null) { + ca = keystoreChain; + extra = null; } else { ca = caout; - extra=keystoreChain; + extra = keystoreChain; } return new String[]{ca, extra, user}; - } catch (InterruptedException e) { - exp=e; - } catch (FileNotFoundException e) { - exp=e; - } catch (CertificateException e) { - exp=e; - } catch (IOException e) { - exp=e; - } catch (KeyChainException e) { - exp=e; - } catch (NoCertReturnedException e) { - exp =e; - } catch (IllegalArgumentException e) { - exp =e; + } catch (InterruptedException | IOException | KeyChainException | NoCertReturnedException | IllegalArgumentException + | CertificateException e) { + e.printStackTrace(); + VpnStatus.logError(R.string.keyChainAccessError, e.getLocalizedMessage()); + + VpnStatus.logError(R.string.keychain_access); + if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { + if (!mAlias.matches("^[a-zA-Z0-9]$")) { + VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug); + } + } + return null; + } catch (AssertionError e) { - if (tries ==0) + if (tries == 0) return null; - VpnStatus.logError(String.format("Failure getting Keystore Keys (%s), retrying",e.getLocalizedMessage())); + VpnStatus.logError(String.format("Failure getting Keystore Keys (%s), retrying", e.getLocalizedMessage())); try { Thread.sleep(3000); } catch (InterruptedException e1) { VpnStatus.logException(e1); } - return getKeyStoreCertificates(context, tries-1); + return getKeyStoreCertificates(context, tries - 1); } - exp.printStackTrace(); - VpnStatus.logError(R.string.keyChainAccessError, exp.getLocalizedMessage()); - - VpnStatus.logError(R.string.keychain_access); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { - if (!mAlias.matches("^[a-zA-Z0-9]$")) { - VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug); - } - } - return null; } - //! Return an error if somethign is wrong + //! Return an error if something is wrong public int checkProfile(Context context) { if (mAuthenticationType == TYPE_KEYSTORE || mAuthenticationType == TYPE_USERPASS_KEYSTORE) { if (mAlias == null) @@ -845,15 +844,33 @@ public class VpnProfile implements Serializable, Cloneable { if (mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null) return R.string.ipv4_format_error; } - if (!mUseDefaultRoute && (getCustomRoutes(mCustomRoutes) == null || getCustomRoutes(mExcludedRoutes) ==null)) - return R.string.custom_route_format_error; + if (!mUseDefaultRoute) { + if (!TextUtils.isEmpty(mCustomRoutes) && getCustomRoutes(mCustomRoutes).size() == 0) + return R.string.custom_route_format_error; + + if (!TextUtils.isEmpty(mExcludedRoutes) && getCustomRoutes(mExcludedRoutes).size() == 0) + return R.string.custom_route_format_error; + + } + + if (mUseTLSAuth && TextUtils.isEmpty(mTLSAuthFilename)) + return R.string.missing_tlsauth; + + if ((mAuthenticationType == TYPE_USERPASS_CERTIFICATES || mAuthenticationType == TYPE_CERTIFICATES) + && (TextUtils.isEmpty(mClientCertFilename) || TextUtils.isEmpty(mClientKeyFilename))) + return R.string.missing_certificates; + + if ((mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES) + && TextUtils.isEmpty(mCaFilename)) + return R.string.missing_ca_certificate; + boolean noRemoteEnabled = true; for (Connection c : mConnections) if (c.mEnabled) noRemoteEnabled = false; - if(noRemoteEnabled) + if (noRemoteEnabled) return R.string.remote_no_server_selected; // Everything okay @@ -948,7 +965,7 @@ public class VpnProfile implements Serializable, Cloneable { if (isUserPWAuth() && (TextUtils.isEmpty(mUsername) || - (TextUtils.isEmpty(mPassword) && (mTransientPW == null || ignoreTransient)))) { + (TextUtils.isEmpty(mPassword) && (mTransientPW == null || ignoreTransient)))) { return R.string.password; } return 0; @@ -980,7 +997,6 @@ public class VpnProfile implements Serializable, Cloneable { public String getSignedData(String b64data) { PrivateKey privkey = getKeystoreKey(); - Exception err; byte[] data = Base64.decode(b64data, Base64.DEFAULT); @@ -1004,26 +1020,14 @@ public class VpnProfile implements Serializable, Cloneable { byte[] signed_bytes = rsaSigner.doFinal(data); return Base64.encodeToString(signed_bytes, Base64.NO_WRAP); - } catch (NoSuchAlgorithmException e) { - err = e; - } catch (InvalidKeyException e) { - err = e; - } catch (NoSuchPaddingException e) { - err = e; - } catch (IllegalBlockSizeException e) { - err = e; - } catch (BadPaddingException e) { - err = e; + } catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException + | BadPaddingException | NoSuchPaddingException e) { + VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage()); + return null; } - - VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage()); - - return null; - } private String processSignJellyBeans(PrivateKey privkey, byte[] data) { - Exception err; try { Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey"); getKey.setAccessible(true); @@ -1044,21 +1048,10 @@ public class VpnProfile implements Serializable, Cloneable { byte[] signed_bytes = NativeUtils.rsasign(data, pkey); return Base64.encodeToString(signed_bytes, Base64.NO_WRAP); - } catch (NoSuchMethodException e) { - err = e; - } catch (IllegalArgumentException e) { - err = e; - } catch (IllegalAccessException e) { - err = e; - } catch (InvocationTargetException e) { - err = e; - } catch (InvalidKeyException e) { - err = e; + } catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) { + VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage()); + return null; } - VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage()); - - return null; - } diff --git a/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java b/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java new file mode 100644 index 0000000000000000000000000000000000000000..8cdc1e90c814841640d2543ccd641624a23e05b8 --- /dev/null +++ b/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2012-2015 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + +package de.blinkt.openvpn.activities; + +import android.app.Activity; +import android.app.UiModeManager; +import android.content.res.Configuration; +import android.os.Bundle; +import android.view.Window; + +public class BaseActivity extends Activity { + private boolean isAndroidTV() { + final UiModeManager uiModeManager = (UiModeManager) getSystemService(Activity.UI_MODE_SERVICE); + return uiModeManager.getCurrentModeType() == Configuration.UI_MODE_TYPE_TELEVISION; + } + + @Override + protected void onCreate(Bundle savedInstanceState) { + if (isAndroidTV()) { + requestWindowFeature(Window.FEATURE_OPTIONS_PANEL); + } + super.onCreate(savedInstanceState); + } +} diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java index dfd815e4c95d41b42e9abb913c7c4eb680a5e245..d25bccad0f3bc29b675063558440d281feb4b2fb 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -81,7 +81,7 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi if (which == DialogInterface.BUTTON_POSITIVE) { ProfileManager.setConntectedVpnProfileDisconnected(this); if (mService != null && mService.getManagement() != null) - mService.getManagement().stopVPN(); + mService.getManagement().stopVPN(false); } finish(); } diff --git a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java index 45f09c8e7e83c955cb3ecca448119b101c54e2c1..130084f53c90689e0f89505ae9066a467c578ca3 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -15,7 +15,7 @@ import de.blinkt.openvpn.fragments.LogFragment; /** * Created by arne on 13.10.13. */ -public class LogWindow extends Activity { +public class LogWindow extends BaseActivity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); diff --git a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java index 94ed8a0bd2b6ac60ce44c24ac78e38072777f838..07f2152f7a5323a3d475ccf9b758deea0d5095c1 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java +++ b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java index 232c454b12e1f242079bf9bf90324bfa30d2dc44..d14e643ee15abd4652ba9c85773b627039d575b9 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -32,11 +32,11 @@ public class ConfigParser { private HashMap>> options = new HashMap>>(); private HashMap> meta = new HashMap>(); private String auth_user_pass_file; - private String crl_verify_file; - public void parseConfig(Reader reader) throws IOException, ConfigParseError { + HashMap optionAliases = new HashMap<>(); + optionAliases.put("server-poll-timeout", "timeout-connect"); BufferedReader br = new BufferedReader(reader); @@ -48,9 +48,15 @@ public class ConfigParser { if (line == null) break; - if (lineno == 1 && (line.startsWith("PK\003\004") - || (line.startsWith("PK\007\008")))) - throw new ConfigParseError("Input looks like a ZIP Archive. Import is only possible for OpenVPN config files (.ovpn/.conf)"); + if (lineno == 1) { + if ((line.startsWith("PK\003\004") + || (line.startsWith("PK\007\008")))) { + throw new ConfigParseError("Input looks like a ZIP Archive. Import is only possible for OpenVPN config files (.ovpn/.conf)"); + } + if (line.startsWith("\uFEFF")) { + line = line.substring(1); + } + } // Check for OpenVPN Access Server Meta information if (line.startsWith("# OVPN_ACCESS_SERVER_")) { @@ -70,6 +76,9 @@ public class ConfigParser { checkinlinefile(args, br); String optionname = args.get(0); + if (optionAliases.get(optionname)!=null) + optionname = optionAliases.get(optionname); + if (!options.containsKey(optionname)) { options.put(optionname, new Vector>()); } @@ -121,10 +130,6 @@ public class ConfigParser { return auth_user_pass_file; } - public String getCrlVerifyFile() { - return crl_verify_file; - } - enum linestate { initial, readin_single_quote, reading_quoted, reading_unquoted, done @@ -137,7 +142,7 @@ public class ConfigParser { } - public class ConfigParseError extends Exception { + public static class ConfigParseError extends Exception { private static final long serialVersionUID = -60L; public ConfigParseError(String msg) { @@ -288,7 +293,8 @@ public class ConfigParser { { {"setenv", "IV_GUI_VER"}, {"setenv", "IV_OPENVPN_GUI_VERSION"}, - {"engine", "dynamic"} + {"engine", "dynamic"}, + {"setenv", "CLIENT_CERT"} }; final String[] connectionOptions = { @@ -388,6 +394,10 @@ public class ConfigParser { np.mCustomRoutesv6 = customIPv6Routes; } + Vector routeNoPull = getOption("route-nopull", 1, 1); + if (routeNoPull!=null) + np.mRoutenopull=true; + // Also recognize tls-auth [inline] direction ... Vector> tlsauthoptions = getAllOption("tls-auth", 1, 2); if (tlsauthoptions != null) { @@ -567,6 +577,9 @@ public class ConfigParser { if (getOption("persist-tun", 0, 0) != null) np.mPersistTun = true; + if (getOption("push-peer-info", 0, 0) != null) + np.mPushPeerInfo = true; + Vector connectretry = getOption("connect-retry", 1, 1); if (connectretry != null) np.mConnectRetry = connectretry.get(1); @@ -603,11 +616,12 @@ public class ConfigParser { Vector crlfile = getOption("crl-verify", 1, 2); if (crlfile != null) { // If the 'dir' parameter is present just add it as custom option .. - np.mCustomConfigOptions += TextUtils.join(" ", crlfile) + "\n"; - if (crlfile.size() == 2) { + if (crlfile.size() == 3 && crlfile.get(2).equals("dir")) + np.mCustomConfigOptions += TextUtils.join(" ", crlfile) + "\n"; + else // Save the filename for the config converter to add later - crl_verify_file = crlfile.get(1); - } + np.mCrlFilename = crlfile.get(1); + } @@ -709,8 +723,18 @@ public class ConfigParser { conn.mUseUdp = isUdpProto(proto.get(1)); } + Vector connectTimeout = getOption("connect-timeout", 1, 1); + if (connectTimeout != null) { + try { + conn.mConnectTimeout = Integer.parseInt(connectTimeout.get(1)); + } catch (NumberFormatException nfe) { + throw new ConfigParseError(String.format("Argument to connect-timeout (%s) must to be an integer: %s", + connectTimeout.get(1), nfe.getLocalizedMessage())); + + } + } - // Parse remote config + // Parse remote config Vector> remotes = getAllOption("remote", 1, 3); @@ -785,16 +809,6 @@ public class ConfigParser { } } - public static void removeCRLCustomOption(VpnProfile np) { - String lines[] = np.mCustomConfigOptions.split("\\r?\\n"); - Vector keeplines = new Vector<>(); - for (String l : lines) { - if (!l.startsWith("crl-verify ")) - keeplines.add(l); - } - np.mCustomConfigOptions = TextUtils.join("\n", keeplines); - } - private void checkIgnoreAndInvalidOptions(VpnProfile np) throws ConfigParseError { for (String option : unsupportedOptions) if (options.containsKey(option)) @@ -838,13 +852,21 @@ public class ConfigParser { return false; } + //! Generate options for custom options private String getOptionStrings(Vector> option) { String custom = ""; for (Vector optionsline : option) { if (!ignoreThisOption(optionsline)) { - for (String arg : optionsline) - custom += VpnProfile.openVpnEscape(arg) + " "; - custom += "\n"; + // Check if option had been inlined and inline again + if (optionsline.size() == 2 && "extra-certs".equals(optionsline.get(0)) ) { + custom += VpnProfile.insertFileData(optionsline.get(0), optionsline.get(1)); + + + } else { + for (String arg : optionsline) + custom += VpnProfile.openVpnEscape(arg) + " "; + custom += "\n"; + } } } return custom; diff --git a/app/src/main/java/de/blinkt/openvpn/core/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/Connection.java index b10664ce17d4d7b2af6d0ec7e322011f726fcb67..3455450b6b2ab9628c52a66d93d68635d58bf17f 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/Connection.java +++ b/app/src/main/java/de/blinkt/openvpn/core/Connection.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -16,6 +16,7 @@ public class Connection implements Serializable, Cloneable { public String mCustomConfiguration=""; public boolean mUseCustomConfig=false; public boolean mEnabled=true; + public int mConnectTimeout = 0; private static final long serialVersionUID = 92031902903829089L; @@ -33,6 +34,10 @@ public class Connection implements Serializable, Cloneable { else cfg += " tcp-client\n"; + if (mConnectTimeout!=0) + cfg += String.format(" connect-timeout %d\n" , mConnectTimeout); + + if (!TextUtils.isEmpty(mCustomConfiguration) && mUseCustomConfig) { cfg += mCustomConfiguration; cfg += "\n"; diff --git a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java index 4ccf5472442b3f6a9935eb678ac99fdc93421506..40684af3413af59abb9730459fde84ab1c33dfd6 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java +++ b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -12,15 +12,19 @@ import android.content.SharedPreferences; import android.net.ConnectivityManager; import android.net.NetworkInfo; import android.net.NetworkInfo.State; +import android.os.Handler; import android.preference.PreferenceManager; + import se.leap.bitmaskclient.R; import de.blinkt.openvpn.core.VpnStatus.ByteCountListener; import java.util.LinkedList; +import java.util.Objects; import static de.blinkt.openvpn.core.OpenVPNManagement.pauseReason; -public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountListener { +public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountListener, OpenVPNManagement.PausedStateCallback { + private final Handler mDisconnectHandler; private int lastNetwork = -1; private OpenVPNManagement mManagement; @@ -29,12 +33,36 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL // Data traffic limit in bytes private final long TRAFFIC_LIMIT = 64 * 1024; + // Time to wait after network disconnect to pause the VPN + private final int DISCONNECT_WAIT = 20; + connectState network = connectState.DISCONNECTED; connectState screen = connectState.SHOULDBECONNECTED; connectState userpause = connectState.SHOULDBECONNECTED; private String lastStateMsg = null; + private java.lang.Runnable mDelayDisconnectRunnable = new Runnable() { + @Override + public void run() { + if (!(network == connectState.PENDINGDISCONNECT)) + return; + + network = connectState.DISCONNECTED; + + // Set screen state to be disconnected if disconnect pending + if (screen == connectState.PENDINGDISCONNECT) + screen = connectState.DISCONNECTED; + + mManagement.pause(getPauseReason()); + } + }; + private NetworkInfo lastConnectedNetwork; + + @Override + public boolean shouldBeRunning() { + return shouldBeConnected(); + } enum connectState { SHOULDBECONNECTED, @@ -54,6 +82,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL LinkedList trafficdata = new LinkedList(); + @Override public void updateByteCount(long in, long out, long diffIn, long diffOut) { if (screen != connectState.PENDINGDISCONNECT) @@ -99,6 +128,8 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL public DeviceStateReceiver(OpenVPNManagement magnagement) { super(); mManagement = magnagement; + mManagement.setPauseCallback(this); + mDisconnectHandler = new Handler(); } @@ -113,7 +144,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL boolean screenOffPause = prefs.getBoolean("screenoff", false); if (screenOffPause) { - if (ProfileManager.getLastConnectedVpn()!=null && !ProfileManager.getLastConnectedVpn().mPersistTun) + if (ProfileManager.getLastConnectedVpn() != null && !ProfileManager.getLastConnectedVpn().mPersistTun) VpnStatus.logError(R.string.screen_nopersistenttun); screen = connectState.PENDINGDISCONNECT; @@ -126,6 +157,8 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL boolean connected = shouldBeConnected(); screen = connectState.SHOULDBECONNECTED; + /* We should connect now, cancel any outstanding disconnect timer */ + mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable); /* should be connected has changed because the screen is on now, connect the VPN */ if (shouldBeConnected() != connected) mManagement.resume(); @@ -140,6 +173,10 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL private void fillTrafficData() { trafficdata.add(new Datapoint(System.currentTimeMillis(), TRAFFIC_LIMIT)); } + public static boolean equalsObj(Object a, Object b) { + return (a == null) ? (b == null) : a.equals(b); + } + public void networkStateChange(Context context) { @@ -175,34 +212,49 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL if (networkInfo != null && networkInfo.getState() == State.CONNECTED) { int newnet = networkInfo.getType(); + + boolean pendingDisconnect = (network == connectState.PENDINGDISCONNECT); network = connectState.SHOULDBECONNECTED; - if (lastNetwork != newnet) { + boolean sameNetwork; + if (lastConnectedNetwork == null + || lastConnectedNetwork.getType() != networkInfo.getType() + || !equalsObj(lastConnectedNetwork.getExtraInfo(), networkInfo.getExtraInfo()) + ) + sameNetwork = false; + else + sameNetwork = true; + + /* Same network, connection still 'established' */ + if (pendingDisconnect && sameNetwork) { + mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable); + // Reprotect the sockets just be sure + mManagement.networkChange(true); + } else { + /* Different network or connection not established anymore */ + if (screen == connectState.PENDINGDISCONNECT) screen = connectState.DISCONNECTED; if (shouldBeConnected()) { - if (lastNetwork == -1) { - mManagement.resume(); - } else { - mManagement.networkChange(); + mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable); - } + if (pendingDisconnect || !sameNetwork) + mManagement.networkChange(sameNetwork); + else + mManagement.resume(); } lastNetwork = newnet; + lastConnectedNetwork = networkInfo; } } else if (networkInfo == null) { // Not connected, stop openvpn, set last connected network to no network lastNetwork = -1; if (sendusr1) { - network = connectState.DISCONNECTED; - - // Set screen state to be disconnected if disconnect pending - if (screen == connectState.PENDINGDISCONNECT) - screen = connectState.DISCONNECTED; + network = connectState.PENDINGDISCONNECT; + mDisconnectHandler.postDelayed(mDelayDisconnectRunnable, DISCONNECT_WAIT * 1000); - mManagement.pause(getPauseReason()); } } @@ -213,6 +265,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL } + public boolean isUserPaused() { return userpause == connectState.DISCONNECTED; } diff --git a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java index 6e9e63c5feb8b183b8e944ab1c2d1683c4beee8a..db3ae75115eb8f125ebcabba229d4fa29f624670 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -37,5 +37,7 @@ public class ICSOpenVPNApplication extends Application { if (BuildConfig.DEBUG) { //ACRA.init(this); } + + VpnStatus.initLogCache(getApplicationContext().getCacheDir()); } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java new file mode 100644 index 0000000000000000000000000000000000000000..288c79349082b9961deda5baf498a4c9af48ae5f --- /dev/null +++ b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java @@ -0,0 +1,172 @@ +/* + * Copyright (c) 2012-2015 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + +package de.blinkt.openvpn.core; + +import android.os.Handler; +import android.os.Looper; +import android.os.Message; +import android.os.Parcel; + +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.nio.ByteBuffer; +import java.util.Locale; + +import se.leap.bitmaskclient.R; + +/** + * Created by arne on 23.01.16. + */ +class LogFileHandler extends Handler { + static final int TRIM_LOG_FILE = 100; + static final int FLUSH_TO_DISK = 101; + static final int LOG_INIT = 102; + public static final int LOG_MESSAGE = 103; + private static FileOutputStream mLogFile; + + public static final String LOGFILE_NAME = "logcache.dat"; + + + public LogFileHandler(Looper looper) { + super(looper); + } + + + @Override + public void handleMessage(Message msg) { + try { + if (msg.what == LOG_INIT) { + if (mLogFile != null) + throw new RuntimeException("mLogFile not null"); + readLogCache((File) msg.obj); + openLogFile((File) msg.obj); + } else if (msg.what == LOG_MESSAGE && msg.obj instanceof VpnStatus.LogItem) { + // Ignore log messages if not yet initialized + if (mLogFile == null) + return; + writeLogItemToDisk((VpnStatus.LogItem) msg.obj); + } else if (msg.what == TRIM_LOG_FILE) { + trimLogFile(); + for (VpnStatus.LogItem li : VpnStatus.getlogbuffer()) + writeLogItemToDisk(li); + } else if (msg.what == FLUSH_TO_DISK) { + flushToDisk(); + } + + } catch (IOException e) { + e.printStackTrace(); + VpnStatus.logError("Error during log cache: " + msg.what); + VpnStatus.logException(e); + } + + } + + private void flushToDisk() throws IOException { + mLogFile.flush(); + } + + private static void trimLogFile() { + try { + mLogFile.flush(); + mLogFile.getChannel().truncate(0); + } catch (IOException e) { + e.printStackTrace(); + } + } + + private void writeLogItemToDisk(VpnStatus.LogItem li) throws IOException { + Parcel p = Parcel.obtain(); + li.writeToParcel(p, 0); + // We do not really care if the log cache breaks between Android upgrades, + // write binary format to disc + byte[] liBytes = p.marshall(); + + byte[] lenBytes = ByteBuffer.allocate(4).putInt(liBytes.length).array(); + mLogFile.write(lenBytes); + mLogFile.write(liBytes); + p.recycle(); + } + + private void openLogFile (File cacheDir) throws FileNotFoundException { + File logfile = new File(cacheDir, LOGFILE_NAME); + mLogFile = new FileOutputStream(logfile); + } + + private void readLogCache(File cacheDir) { + File logfile = new File(cacheDir, LOGFILE_NAME); + + + if (!logfile.exists() || !logfile.canRead()) + return; + + + + try { + + BufferedInputStream logFile = new BufferedInputStream(new FileInputStream(logfile)); + + byte[] buf = new byte[8192]; + int read = logFile.read(buf, 0, 4); + int itemsRead=0; + + while (read >= 4) { + int len = ByteBuffer.wrap(buf, 0, 4).asIntBuffer().get(); + + // Marshalled LogItem + read = logFile.read(buf, 0, len); + + Parcel p = Parcel.obtain(); + p.unmarshall(buf, 0, read); + p.setDataPosition(0); + VpnStatus.LogItem li = VpnStatus.LogItem.CREATOR.createFromParcel(p); + if (li.verify()) { + VpnStatus.newLogItem(li, true); + } else { + VpnStatus.logError(String.format(Locale.getDefault(), + "Could not read log item from file: %d/%d: %s", + read, len, bytesToHex(buf, Math.max(read,80)))); + } + p.recycle(); + + //Next item + read = logFile.read(buf, 0, 4); + itemsRead++; + if (itemsRead > 2*VpnStatus.MAXLOGENTRIES) { + VpnStatus.logError("Too many logentries read from cache, aborting."); + read = 0; + } + + } + VpnStatus.logDebug(R.string.reread_log, itemsRead); + + + + } catch (java.io.IOException | java.lang.RuntimeException e) { + VpnStatus.logError("Reading cached logfile failed"); + VpnStatus.logException(e); + e.printStackTrace(); + // ignore reading file error + } + } + + final protected static char[] hexArray = "0123456789ABCDEF".toCharArray(); + public static String bytesToHex(byte[] bytes, int len) { + len = Math.min(bytes.length, len); + char[] hexChars = new char[len * 2]; + for ( int j = 0; j < len; j++ ) { + int v = bytes[j] & 0xFF; + hexChars[j * 2] = hexArray[v >>> 4]; + hexChars[j * 2 + 1] = hexArray[v & 0x0F]; + } + return new String(hexChars); + } + + +} diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogItem.java b/app/src/main/java/de/blinkt/openvpn/core/LogItem.java new file mode 100644 index 0000000000000000000000000000000000000000..6aefbb2e4135f4f103fc3d777bfef454a5ecaddf --- /dev/null +++ b/app/src/main/java/de/blinkt/openvpn/core/LogItem.java @@ -0,0 +1,377 @@ +/* + * Copyright (c) 2012-2016 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ + +package de.blinkt.openvpn.core; + +import android.annotation.SuppressLint; +import android.content.Context; +import android.content.pm.PackageInfo; +import android.content.pm.PackageManager; +import android.content.pm.Signature; +import android.os.Parcel; +import android.os.Parcelable; +import android.text.TextUtils; +import android.util.Log; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.nio.ByteBuffer; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.FormatFlagsConversionMismatchException; +import java.util.Locale; +import java.util.UnknownFormatConversionException; + +import se.leap.bitmaskclient.R; + +/** + * Created by arne on 24.04.16. + */ +public class LogItem implements Parcelable { + private Object[] mArgs = null; + private String mMessage = null; + private int mRessourceId; + // Default log priority + VpnStatus.LogLevel mLevel = VpnStatus.LogLevel.INFO; + private long logtime = System.currentTimeMillis(); + private int mVerbosityLevel = -1; + + private LogItem(int ressourceId, Object[] args) { + mRessourceId = ressourceId; + mArgs = args; + } + + public LogItem(VpnStatus.LogLevel level, int verblevel, String message) { + mMessage = message; + mLevel = level; + mVerbosityLevel = verblevel; + } + + @Override + public int describeContents() { + return 0; + } + + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeArray(mArgs); + dest.writeString(mMessage); + dest.writeInt(mRessourceId); + dest.writeInt(mLevel.getInt()); + dest.writeInt(mVerbosityLevel); + + dest.writeLong(logtime); + } + + @Override + public boolean equals(Object obj) { + if (!(obj instanceof LogItem)) + return obj.equals(this); + LogItem other = (LogItem) obj; + + return Arrays.equals(mArgs, other.mArgs) && + ((other.mMessage == null && mMessage == other.mMessage) || + mMessage.equals(other.mMessage)) && + mRessourceId == other.mRessourceId && + ((mLevel == null && other.mLevel == mLevel) || + other.mLevel.equals(mLevel)) && + mVerbosityLevel == other.mVerbosityLevel && + logtime == other.logtime; + + + } + + public byte[] getMarschaledBytes() throws UnsupportedEncodingException { + ByteBuffer bb = ByteBuffer.allocate(16384); + + + bb.put((byte) 0x0); //version + bb.putLong(logtime); //8 + bb.putInt(mVerbosityLevel); //4 + bb.putInt(mLevel.getInt()); + bb.putInt(mRessourceId); + if (mMessage == null || mMessage.length() == 0) { + bb.putInt(0); + } else { + marschalString(mMessage, bb); + } + if (mArgs == null || mArgs.length == 0) { + bb.putInt(0); + } else { + bb.putInt(mArgs.length); + for (Object o : mArgs) { + if (o instanceof String) { + bb.putChar('s'); + marschalString((String) o, bb); + } else if (o instanceof Integer) { + bb.putChar('i'); + bb.putInt((Integer) o); + } else if (o instanceof Float) { + bb.putChar('f'); + bb.putFloat((Float) o); + } else if (o instanceof Double) { + bb.putChar('d'); + bb.putDouble((Double) o); + } else if (o instanceof Long) { + bb.putChar('l'); + bb.putLong((Long) o); + } else if (o == null) { + bb.putChar('0'); + } else { + VpnStatus.logDebug("Unknown object for LogItem marschaling " + o); + bb.putChar('s'); + marschalString(o.toString(), bb); + } + + } + } + + int pos = bb.position(); + bb.rewind(); + return Arrays.copyOf(bb.array(), pos); + + } + + public LogItem(byte[] in, int length) throws UnsupportedEncodingException { + ByteBuffer bb = ByteBuffer.wrap(in, 0, length); + bb.get(); // ignore version + logtime = bb.getLong(); + mVerbosityLevel = bb.getInt(); + mLevel = VpnStatus.LogLevel.getEnumByValue(bb.getInt()); + mRessourceId = bb.getInt(); + int len = bb.getInt(); + if (len == 0) { + mMessage = null; + } else { + if (len > bb.remaining()) + throw new IndexOutOfBoundsException("String length " + len + " is bigger than remaining bytes " + bb.remaining()); + byte[] utf8bytes = new byte[len]; + bb.get(utf8bytes); + mMessage = new String(utf8bytes, "UTF-8"); + } + int numArgs = bb.getInt(); + if (numArgs > 30) { + throw new IndexOutOfBoundsException("Too many arguments for Logitem to unmarschal"); + } + if (numArgs == 0) { + mArgs = null; + } else { + mArgs = new Object[numArgs]; + for (int i = 0; i < numArgs; i++) { + char type = bb.getChar(); + switch (type) { + case 's': + mArgs[i] = unmarschalString(bb); + break; + case 'i': + mArgs[i] = bb.getInt(); + break; + case 'd': + mArgs[i] = bb.getDouble(); + break; + case 'f': + mArgs[i] = bb.getFloat(); + break; + case 'l': + mArgs[i] = bb.getLong(); + break; + case '0': + mArgs[i] = null; + break; + default: + throw new UnsupportedEncodingException("Unknown format type: " + type); + } + } + } + if (bb.hasRemaining()) + throw new UnsupportedEncodingException(bb.remaining() + " bytes left after unmarshaling everything"); + } + + private void marschalString(String str, ByteBuffer bb) throws UnsupportedEncodingException { + byte[] utf8bytes = str.getBytes("UTF-8"); + bb.putInt(utf8bytes.length); + bb.put(utf8bytes); + } + + private String unmarschalString(ByteBuffer bb) throws UnsupportedEncodingException { + int len = bb.getInt(); + byte[] utf8bytes = new byte[len]; + bb.get(utf8bytes); + return new String(utf8bytes, "UTF-8"); + } + + + public LogItem(Parcel in) { + mArgs = in.readArray(Object.class.getClassLoader()); + mMessage = in.readString(); + mRessourceId = in.readInt(); + mLevel = VpnStatus.LogLevel.getEnumByValue(in.readInt()); + mVerbosityLevel = in.readInt(); + logtime = in.readLong(); + } + + public static final Creator CREATOR + = new Creator() { + public LogItem createFromParcel(Parcel in) { + return new LogItem(in); + } + + public LogItem[] newArray(int size) { + return new LogItem[size]; + } + }; + + public LogItem(VpnStatus.LogLevel loglevel, int ressourceId, Object... args) { + mRessourceId = ressourceId; + mArgs = args; + mLevel = loglevel; + } + + + public LogItem(VpnStatus.LogLevel loglevel, String msg) { + mLevel = loglevel; + mMessage = msg; + } + + + public LogItem(VpnStatus.LogLevel loglevel, int ressourceId) { + mRessourceId = ressourceId; + mLevel = loglevel; + } + + public String getString(Context c) { + try { + if (mMessage != null) { + return mMessage; + } else { + if (c != null) { + if (mRessourceId == R.string.mobile_info) + return getMobileInfoString(c); + if (mArgs == null) + return c.getString(mRessourceId); + else + return c.getString(mRessourceId, mArgs); + } else { + String str = String.format(Locale.ENGLISH, "Log (no context) resid %d", mRessourceId); + if (mArgs != null) + str += join("|", mArgs); + + return str; + } + } + } catch (UnknownFormatConversionException e) { + if (c != null) + throw new UnknownFormatConversionException(e.getLocalizedMessage() + getString(null)); + else + throw e; + } catch (java.util.FormatFlagsConversionMismatchException e) { + if (c != null) + throw new FormatFlagsConversionMismatchException(e.getLocalizedMessage() + getString(null), e.getConversion()); + else + throw e; + } + + } + + + // TextUtils.join will cause not macked exeception in tests .... + public static String join(CharSequence delimiter, Object[] tokens) { + StringBuilder sb = new StringBuilder(); + boolean firstTime = true; + for (Object token : tokens) { + if (firstTime) { + firstTime = false; + } else { + sb.append(delimiter); + } + sb.append(token); + } + return sb.toString(); + } + + + public VpnStatus.LogLevel getLogLevel() { + return mLevel; + } + + + @Override + public String toString() { + return getString(null); + } + + // The lint is wrong here + @SuppressLint("StringFormatMatches") + private String getMobileInfoString(Context c) { + c.getPackageManager(); + String apksign = "error getting package signature"; + + String version = "error getting version"; + try { + @SuppressLint("PackageManagerGetSignatures") + Signature raw = c.getPackageManager().getPackageInfo(c.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0]; + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(raw.toByteArray())); + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] der = cert.getEncoded(); + md.update(der); + byte[] digest = md.digest(); + + if (Arrays.equals(digest, VpnStatus.officalkey)) + apksign = c.getString(R.string.official_build); + else if (Arrays.equals(digest, VpnStatus.officaldebugkey)) + apksign = c.getString(R.string.debug_build); + else if (Arrays.equals(digest, VpnStatus.amazonkey)) + apksign = "amazon version"; + else if (Arrays.equals(digest, VpnStatus.fdroidkey)) + apksign = "F-Droid built and signed version"; + else + apksign = c.getString(R.string.built_by, cert.getSubjectX500Principal().getName()); + + PackageInfo packageinfo = c.getPackageManager().getPackageInfo(c.getPackageName(), 0); + version = packageinfo.versionName; + + } catch (PackageManager.NameNotFoundException | CertificateException | + NoSuchAlgorithmException ignored) { + } + + Object[] argsext = Arrays.copyOf(mArgs, mArgs.length); + argsext[argsext.length - 1] = apksign; + argsext[argsext.length - 2] = version; + + return c.getString(R.string.mobile_info, argsext); + + } + + public long getLogtime() { + return logtime; + } + + + public int getVerbosityLevel() { + if (mVerbosityLevel == -1) { + // Hack: + // For message not from OpenVPN, report the status level as log level + return mLevel.getInt(); + } + return mVerbosityLevel; + } + + public boolean verify() { + if (mLevel == null) + return false; + + if (mMessage == null && mRessourceId == 0) + return false; + + return true; + } +} diff --git a/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java b/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java index 440458e4f9d5b0dc95deff8052bcfece8a0718d0..04e4e8b46bd7b834b9e8e101ab55e3d3ffde8332 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java +++ b/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ diff --git a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java index f67b7730b9afda72a2224c6bba3c86702a02e66a..ea003d41b14225317ec579c2412b1f79b701bd1e 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java @@ -1,19 +1,26 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; +import android.os.Build; + import java.security.InvalidKeyException; public class NativeUtils { - public static native byte[] rsasign(byte[] input,int pkey) throws InvalidKeyException; - public static native String[] getIfconfig() throws IllegalArgumentException; - static native void jniclose(int fdint); - - static { - System.loadLibrary("stlport_shared"); - System.loadLibrary("opvpnutil"); - } + public static native byte[] rsasign(byte[] input, int pkey) throws InvalidKeyException; + + public static native String[] getIfconfig() throws IllegalArgumentException; + + static native void jniclose(int fdint); + + public static native String getNativeAPI(); + + static { + System.loadLibrary("opvpnutil"); + if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) + System.loadLibrary("jbcrypto"); + } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java index c86f9e44344e36b230cae45cb49fd0ee3893a42e..eb6d4d4218e14287a70c8b9e7ab5c861e6cbcbb0 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java +++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java @@ -1,28 +1,28 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; import android.os.Build; +import android.support.annotation.NonNull; import android.text.TextUtils; import junit.framework.Assert; -import org.jetbrains.annotations.NotNull; - import java.math.BigInteger; import java.net.Inet6Address; -import java.util.*; +import java.util.Collection; +import java.util.Locale; +import java.util.PriorityQueue; +import java.util.TreeSet; +import java.util.Vector; import se.leap.bitmaskclient.BuildConfig; public class NetworkSpace { - - - static class ipAddress implements Comparable { private BigInteger netAddress; public int networkMask; @@ -38,7 +38,7 @@ public class NetworkSpace { * 2. smaller networks are returned as smaller */ @Override - public int compareTo(@NotNull ipAddress another) { + public int compareTo(@NonNull ipAddress another) { int comp = getFirstAddress().compareTo(another.getFirstAddress()); if (comp != 0) return comp; @@ -159,16 +159,20 @@ public class NetworkSpace { String getIPv6Address() { if (BuildConfig.DEBUG) Assert.assertTrue (!isV4); BigInteger r = netAddress; - if (r.compareTo(BigInteger.ZERO)==0 && networkMask==0) - return "::"; Vector parts = new Vector(); - while (r.compareTo(BigInteger.ZERO) == 1) { - parts.add(0, String.format(Locale.US, "%x", r.mod(BigInteger.valueOf(0x10000)).longValue())); + while (r.compareTo(BigInteger.ZERO) == 1 || parts.size() <3) { + long part = r.mod(BigInteger.valueOf(0x10000)).longValue(); + if (part!=0) + parts.add(0, String.format(Locale.US, "%x", part)); + else + parts.add(0, ""); r = r.shiftRight(16); } - - return TextUtils.join(":", parts); + String ipv6str = TextUtils.join(":", parts); + while (ipv6str.contains(":::")) + ipv6str = ipv6str.replace(":::", "::"); + return ipv6str; } public boolean containsNet(ipAddress network) { diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java index 1f28c77dc2ce6a77b482ddd01cfba7be6e632c50..2911fb1e34f60e0fb357c92e479699ab36145371 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java @@ -1,29 +1,39 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; public interface OpenVPNManagement { + interface PausedStateCallback { + boolean shouldBeRunning(); + } + enum pauseReason { noNetwork, userPause, screenOff } - int mBytecountInterval =2; + int mBytecountInterval = 2; - void reconnect(); + void reconnect(); - void pause(pauseReason reason); + void pause(pauseReason reason); - void resume(); + void resume(); - boolean stopVPN(); + /** + * @param replaceConnection True if the VPN is connected by a new connection. + * @return true if there was a process that has been send a stop signal + */ + boolean stopVPN(boolean replaceConnection); /* * Rebind the interface */ - void networkChange(); + void networkChange(boolean sameNetwork); + + void setPauseCallback(PausedStateCallback callback); } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index f9cb9a860bfce2bee2e9fccc5b950ecfccc8048d..2917bce1c13ca721756dc5983aaea55a05eb276c 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -10,15 +10,18 @@ import android.annotation.TargetApi; import android.app.Notification; import android.app.NotificationManager; import android.app.PendingIntent; +import android.app.UiModeManager; import android.content.Context; import android.content.Intent; import android.content.IntentFilter; import android.content.SharedPreferences; import android.content.pm.PackageManager; +import android.content.res.Configuration; import android.net.ConnectivityManager; import android.net.VpnService; import android.os.Binder; import android.os.Build; +import android.os.Handler; import android.os.Handler.Callback; import android.os.IBinder; import android.os.Message; @@ -27,7 +30,9 @@ import android.preference.PreferenceManager; import android.system.OsConstants; import android.text.TextUtils; import android.util.Log; +import android.widget.Toast; +import java.io.IOException; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.net.Inet6Address; @@ -81,6 +86,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac private String mLastTunCfg; private String mRemoteGW; private final Object mProcessLock = new Object(); + private Handler guiHandler; + private Toast mlastToast; + private Runnable mOpenVPNThread; // From: http://stackoverflow.com/questions/3758606/how-to-convert-byte-size-into-human-readable-format-in-java public static String humanReadableByteCount(long bytes, boolean mbit) { @@ -109,7 +117,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac @Override public void onRevoke() { - mManagement.stopVPN(); + VpnStatus.logInfo(R.string.permission_revoked); + mManagement.stopVPN(false); endVpnService(); } @@ -125,6 +134,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.removeByteCountListener(this); unregisterDeviceStateReceiver(); ProfileManager.setConntectedVpnProfileDisconnected(this); + mOpenVPNThread = null; if (!mStarting) { stopForeground(!mNotificationAlwaysVisible); @@ -135,7 +145,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } } - private void showNotification(String msg, String tickerText, boolean lowpriority, long when, ConnectionStatus status) { + private void showNotification(final String msg, String tickerText, boolean lowpriority, long when, ConnectionStatus status) { String ns = Context.NOTIFICATION_SERVICE; NotificationManager mNotificationManager = (NotificationManager) getSystemService(ns); @@ -164,6 +174,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) jbNotificationExtras(lowpriority, nbuilder); + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) + lpNotificationExtras(nbuilder); + if (tickerText != null && !tickerText.equals("")) nbuilder.setTicker(tickerText); @@ -172,7 +185,34 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac mNotificationManager.notify(OPENVPN_STATUS, notification); - //startForeground(OPENVPN_STATUS, notification); + // startForeground(OPENVPN_STATUS, notification); + + // Check if running on a TV + if (runningOnAndroidTV() && !lowpriority) + guiHandler.post(new Runnable() { + + @Override + public void run() { + + if (mlastToast != null) + mlastToast.cancel(); + String toastText = String.format(Locale.getDefault(), "%s - %s", mProfile.mName, msg); + mlastToast = Toast.makeText(getBaseContext(), toastText, Toast.LENGTH_SHORT); + mlastToast.show(); + } + }); + } + + @TargetApi(Build.VERSION_CODES.LOLLIPOP) + private void lpNotificationExtras(Notification.Builder nbuilder) { + nbuilder.setCategory(Notification.CATEGORY_SERVICE); + nbuilder.setLocalOnly(true); + + } + + private boolean runningOnAndroidTV() { + UiModeManager uiModeManager = (UiModeManager) getSystemService(UI_MODE_SERVICE); + return uiModeManager.getCurrentModeType() == Configuration.UI_MODE_TYPE_TELEVISION; } private int getIconByConnectionStatus(ConnectionStatus level) { @@ -215,20 +255,20 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac disconnectVPN.setAction(DISCONNECT_VPN); PendingIntent disconnectPendingIntent = PendingIntent.getActivity(this, 0, disconnectVPN, 0); - nbuilder.addAction(android.R.drawable.ic_menu_close_clear_cancel, + nbuilder.addAction(R.drawable.ic_menu_close_clear_cancel, getString(R.string.cancel_connection), disconnectPendingIntent); Intent pauseVPN = new Intent(this, OpenVPNService.class); if (mDeviceStateReceiver == null || !mDeviceStateReceiver.isUserPaused()) { pauseVPN.setAction(PAUSE_VPN); PendingIntent pauseVPNPending = PendingIntent.getService(this, 0, pauseVPN, 0); - nbuilder.addAction(android.R.drawable.ic_media_pause, + nbuilder.addAction(R.drawable.ic_menu_pause, getString(R.string.pauseVPN), pauseVPNPending); } else { pauseVPN.setAction(RESUME_VPN); PendingIntent resumeVPNPending = PendingIntent.getService(this, 0, pauseVPN, 0); - nbuilder.addAction(android.R.drawable.ic_media_play, + nbuilder.addAction(R.drawable.ic_menu_play, getString(R.string.resumevpn), resumeVPNPending); } @@ -297,6 +337,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.addStateListener(this); VpnStatus.addByteCountListener(this); + guiHandler = new Handler(getMainLooper()); + + if (intent != null && PAUSE_VPN.equals(intent.getAction())) { if (mDeviceStateReceiver != null) mDeviceStateReceiver.userPause(true); @@ -338,38 +381,50 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac mProfile = ProfileManager.get(this, profileUUID); } + /* start the OpenVPN process itself in a background thread */ + new Thread(new Runnable() { + @Override + public void run() { + startOpenVPN(); + } + }).start(); + + + ProfileManager.setConnectedVpnProfile(this, mProfile); + /* TODO: At the moment we have no way to handle asynchronous PW input + * Fixing will also allow to handle challenge/response authentication */ + if (mProfile.needUserPWInput(true) != 0) + return START_NOT_STICKY; + + return START_STICKY; + } + + private void startOpenVPN() { + VpnStatus.logInfo(R.string.building_configration); + VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, VpnStatus.ConnectionStatus.LEVEL_START); + + + try { + mProfile.writeConfigFile(this); + } catch (IOException e) { + VpnStatus.logException("Error writing config file", e); + endVpnService(); + return; + } // Extract information from the intent. String prefix = getPackageName(); - String[] argv = intent.getStringArrayExtra(prefix + ".ARGV"); - String nativeLibraryDirectory = intent.getStringExtra(prefix + ".nativelib"); + String nativeLibraryDirectory = getApplicationInfo().nativeLibraryDir; + + // Also writes OpenVPN binary + String[] argv = VPNLaunchHelper.buildOpenvpnArgv(this); - String startTitle = getString(R.string.start_vpn_title, mProfile.mName); - String startTicker = getString(R.string.start_vpn_ticker, mProfile.mName); - showNotification(startTitle, startTicker, - false, 0, LEVEL_CONNECTING_NO_SERVER_REPLY_YET); // Set a flag that we are starting a new VPN mStarting = true; // Stop the previous session by interrupting the thread. - if (mManagement != null && mManagement.stopVPN()) - // an old was asked to exit, wait 1s - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - //ignore - } - synchronized (mProcessLock) { - if (mProcessThread != null) { - mProcessThread.interrupt(); - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - //ignore - } - } - } + stopOldOpenVPNProcess(); // An old running VPN should now be exited mStarting = false; @@ -380,10 +435,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac if (!"ovpn3".equals(BuildConfig.FLAVOR)) mOvpn3 = false; - // Open the Management Interface if (!mOvpn3) { - // start a Thread that handles incoming messages of the managment socket OpenVpnManagementThread ovpnManagementThread = new OpenVpnManagementThread(mProfile, this); if (ovpnManagementThread.openManagementInterface(this)) { @@ -393,13 +446,15 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac mManagement = ovpnManagementThread; VpnStatus.logInfo("started Socket Thread"); } else { - return START_NOT_STICKY; + endVpnService(); + return; } } - Runnable processThread; - if (mOvpn3) { + if (mOvpn3) + + { OpenVPNManagement mOpenVPN3 = instantiateOpenVPN3Core(); processThread = (Runnable) mOpenVPN3; @@ -409,25 +464,53 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } else { HashMap env = new HashMap<>(); processThread = new OpenVPNThread(this, argv, env, nativeLibraryDirectory); + mOpenVPNThread = processThread; } - synchronized (mProcessLock) { + synchronized (mProcessLock) + + { mProcessThread = new Thread(processThread, "OpenVPNProcessThread"); mProcessThread.start(); } - if (mDeviceStateReceiver != null) - unregisterDeviceStateReceiver(); - registerDeviceStateReceiver(mManagement); + new Handler(getMainLooper()).post(new Runnable() { + @Override + public void run() { + if (mDeviceStateReceiver != null) + unregisterDeviceStateReceiver(); + registerDeviceStateReceiver(mManagement); + } + } - ProfileManager.setConnectedVpnProfile(this, mProfile); - /* TODO: At the moment we have no way to handle asynchronous PW input - * Fixing will also allow to handle challenge/response authentication */ - if (mProfile.needUserPWInput(true) != 0) - return START_NOT_STICKY; + ); + } - return START_STICKY; + private void stopOldOpenVPNProcess() { + if (mManagement != null) { + if (mOpenVPNThread!=null) + ((OpenVPNThread) mOpenVPNThread).setReplaceConnection(); + if (mManagement.stopVPN(true)) { + // an old was asked to exit, wait 1s + try { + Thread.sleep(1000); + } catch (InterruptedException e) { + //ignore + } + } + } + + synchronized (mProcessLock) { + if (mProcessThread != null) { + mProcessThread.interrupt(); + try { + Thread.sleep(1000); + } catch (InterruptedException e) { + //ignore + } + } + } } private OpenVPNManagement instantiateOpenVPN3Core() { @@ -435,7 +518,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac Class cl = Class.forName("de.blinkt.openvpn.core.OpenVPNThreadv3"); return (OpenVPNManagement) cl.getConstructor(OpenVPNService.class, VpnProfile.class).newInstance(this, mProfile); } catch (IllegalArgumentException | InstantiationException | InvocationTargetException | - NoSuchMethodException | ClassNotFoundException | IllegalAccessException e ) { + NoSuchMethodException | ClassNotFoundException | IllegalAccessException e) { e.printStackTrace(); } return null; @@ -445,7 +528,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac public void onDestroy() { synchronized (mProcessLock) { if (mProcessThread != null) { - mManagement.stopVPN(); + mManagement.stopVPN(true); } } @@ -454,6 +537,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } // Just in case unregister for state VpnStatus.removeStateListener(this); + VpnStatus.flushLog(); } @@ -536,6 +620,26 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac Collection positiveIPv4Routes = mRoutes.getPositiveIPList(); Collection positiveIPv6Routes = mRoutesv6.getPositiveIPList(); + if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) { + // Check if the first DNS Server is in the VPN range + try { + ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true); + boolean dnsIncluded = false; + for (ipAddress net : positiveIPv4Routes) { + if (net.containsNet(dnsServer)) { + dnsIncluded = true; + } + } + if (!dnsIncluded) { + String samsungwarning = String.format("Warning Samsung Android 5.0+ devices ignore DNS servers outside the VPN range. To enable DNS resolution a route to your DNS Server (%s) has been added.", mDnslist.get(0)); + VpnStatus.logWarning(samsungwarning); + positiveIPv4Routes.add(dnsServer); + } + } catch (Exception e) { + VpnStatus.logError("Error parsing DNS Server IP: " + mDnslist.get(0)); + } + } + ipAddress multicastRange = new ipAddress(new CIDRIP("224.0.0.0", 3), true); for (NetworkSpace.ipAddress route : positiveIPv4Routes) { @@ -558,25 +662,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } } - if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) { - // Check if the first DNS Server is in the VPN range - try { - ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true); - boolean dnsIncluded=false; - for (ipAddress net : positiveIPv4Routes) { - if (net.containsNet(dnsServer)) { - dnsIncluded = true; - } - } - if (!dnsIncluded) { - String samsungwarning = String.format("Warning Samsung Android 5.0+ devices ignore DNS servers outside the VPN range. To enable DNS add a custom route to your DNS Server (%s) or change to a DNS inside your VPN range", mDnslist.get(0)); - VpnStatus.logWarning(samsungwarning); - } - } catch (Exception e) { - VpnStatus.logError("Error parsing DNS Server IP: " + mDnslist.get(0)); - } - } - if (mDomain != null) builder.addSearchDomain(mDomain); @@ -672,12 +757,14 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac @TargetApi(Build.VERSION_CODES.LOLLIPOP) private void setAllowedVpnPackages(Builder builder) { + boolean atLeastOneAllowedApp = false; for (String pkg : mProfile.mAllowedAppsVpn) { try { if (mProfile.mAllowedAppsVpnAreDisallowed) { builder.addDisallowedApplication(pkg); } else { builder.addAllowedApplication(pkg); + atLeastOneAllowedApp = true; } } catch (PackageManager.NameNotFoundException e) { mProfile.mAllowedAppsVpn.remove(pkg); @@ -685,6 +772,15 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } } + if (!mProfile.mAllowedAppsVpnAreDisallowed && !atLeastOneAllowedApp) { + VpnStatus.logDebug(R.string.no_allowed_app, getPackageName()); + try { + builder.addAllowedApplication(getPackageName()); + } catch (PackageManager.NameNotFoundException e) { + VpnStatus.logError("This should not happen: " + e.getLocalizedMessage()); + } + } + if (mProfile.mAllowedAppsVpnAreDisallowed) { VpnStatus.logDebug(R.string.disallowed_vpn_apps_info, TextUtils.join(", ", mProfile.mAllowedAppsVpn)); } else { @@ -839,7 +935,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } else if (level == LEVEL_CONNECTED) { mDisplayBytecount = true; mConnecttime = System.currentTimeMillis(); - lowpriority = true; + if (!runningOnAndroidTV()) + lowpriority = true; + String ns = Context.NOTIFICATION_SERVICE; NotificationManager mNotificationManager = (NotificationManager) getSystemService(ns); mNotificationManager.cancel(OPENVPN_STATUS); @@ -852,7 +950,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac // CONNECTED // Does not work :( String msg = getString(resid); - // showNotification(msg + " " + logmessage, msg, lowpriority, 0, level); + // showNotification(VpnStatus.getLastCleanLogMessage(this), + // msg, lowpriority, 0, level); } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java index d856feb7bf467addab354c8d827a3ea7b016b5d8..e0c39546fb4d4c0a0eb4601f2ca1fe0a615416ff 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -34,51 +34,56 @@ public class OpenVPNThread implements Runnable { @SuppressLint("SdCardPath") private static final String BROKEN_PIE_SUPPORT = "/data/data/de.blinkt.openvpn/cache/pievpn"; private final static String BROKEN_PIE_SUPPORT2 = "syntax error"; - private static final String TAG = "OpenVPN"; + private static final String TAG = "OpenVPN"; public static final int M_FATAL = (1 << 4); public static final int M_NONFATAL = (1 << 5); public static final int M_WARN = (1 << 6); public static final int M_DEBUG = (1 << 7); private String[] mArgv; - private Process mProcess; - private String mNativeDir; - private OpenVPNService mService; - private String mDumpPath; - private Map mProcessEnv; - private boolean mBrokenPie=false; - - public OpenVPNThread(OpenVPNService service,String[] argv, Map processEnv, String nativelibdir) - { - mArgv = argv; - mNativeDir = nativelibdir; - mService = service; - mProcessEnv = processEnv; - } - - public void stopProcess() { - mProcess.destroy(); - } - - @Override - public void run() { - try { - Log.i(TAG, "Starting openvpn"); - startOpenVPNThreadArgs(mArgv, mProcessEnv); - Log.i(TAG, "Giving up"); - } catch (Exception e) { - VpnStatus.logException("Starting OpenVPN Thread" ,e); - Log.e(TAG, "OpenVPNThread Got " + e.toString()); - } finally { - int exitvalue = 0; - try { - if (mProcess!=null) - exitvalue = mProcess.waitFor(); - } catch ( IllegalThreadStateException ite) { - VpnStatus.logError("Illegal Thread state: " + ite.getLocalizedMessage()); - } catch (InterruptedException ie) { - VpnStatus.logError("InterruptedException: " + ie.getLocalizedMessage()); - } - if( exitvalue != 0) { + private Process mProcess; + private String mNativeDir; + private OpenVPNService mService; + private String mDumpPath; + private Map mProcessEnv; + private boolean mBrokenPie = false; + private boolean mNoProcessExitStatus = false; + + public OpenVPNThread(OpenVPNService service, String[] argv, Map processEnv, String nativelibdir) { + mArgv = argv; + mNativeDir = nativelibdir; + mService = service; + mProcessEnv = processEnv; + } + + public void stopProcess() { + mProcess.destroy(); + } + + void setReplaceConnection() + { + mNoProcessExitStatus=true; + } + + @Override + public void run() { + try { + Log.i(TAG, "Starting openvpn"); + startOpenVPNThreadArgs(mArgv, mProcessEnv); + Log.i(TAG, "OpenVPN process exited"); + } catch (Exception e) { + VpnStatus.logException("Starting OpenVPN Thread", e); + Log.e(TAG, "OpenVPNThread Got " + e.toString()); + } finally { + int exitvalue = 0; + try { + if (mProcess != null) + exitvalue = mProcess.waitFor(); + } catch (IllegalThreadStateException ite) { + VpnStatus.logError("Illegal Thread state: " + ite.getLocalizedMessage()); + } catch (InterruptedException ie) { + VpnStatus.logError("InterruptedException: " + ie.getLocalizedMessage()); + } + if (exitvalue != 0) { VpnStatus.logError("Process exited with exit value " + exitvalue); if (mBrokenPie) { /* This will probably fail since the NoPIE binary is probably not written */ @@ -95,70 +100,72 @@ public class OpenVPNThread implements Runnable { } } - - VpnStatus.updateStateString("NOPROCESS", "No process running.", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); - if(mDumpPath!=null) { - try { - BufferedWriter logout = new BufferedWriter(new FileWriter(mDumpPath + ".log")); - SimpleDateFormat timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss",Locale.GERMAN); - for(LogItem li : VpnStatus.getlogbuffer()){ - String time = timeformat.format(new Date(li.getLogtime())); - logout.write(time +" " + li.getString(mService) + "\n"); - } - logout.close(); - VpnStatus.logError(R.string.minidump_generated); - } catch (IOException e) { - VpnStatus.logError("Writing minidump log: " + e.getLocalizedMessage()); - } - } - - mService.processDied(); - Log.i(TAG, "Exiting"); - } - } - - private void startOpenVPNThreadArgs(String[] argv, Map env) { - LinkedList argvlist = new LinkedList(); + + if (!mNoProcessExitStatus) + VpnStatus.updateStateString("NOPROCESS", "No process running.", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); + + if (mDumpPath != null) { + try { + BufferedWriter logout = new BufferedWriter(new FileWriter(mDumpPath + ".log")); + SimpleDateFormat timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.GERMAN); + for (LogItem li : VpnStatus.getlogbuffer()) { + String time = timeformat.format(new Date(li.getLogtime())); + logout.write(time + " " + li.getString(mService) + "\n"); + } + logout.close(); + VpnStatus.logError(R.string.minidump_generated); + } catch (IOException e) { + VpnStatus.logError("Writing minidump log: " + e.getLocalizedMessage()); + } + } + + mService.processDied(); + Log.i(TAG, "Exiting"); + } + } + + private void startOpenVPNThreadArgs(String[] argv, Map env) { + LinkedList argvlist = new LinkedList(); Collections.addAll(argvlist, argv); - - ProcessBuilder pb = new ProcessBuilder(argvlist); - // Hack O rama - - String lbpath = genLibraryPath(argv, pb); - - pb.environment().put("LD_LIBRARY_PATH", lbpath); - - // Add extra variables - for(Entry e:env.entrySet()){ - pb.environment().put(e.getKey(), e.getValue()); - } - pb.redirectErrorStream(true); - try { - mProcess = pb.start(); - // Close the output, since we don't need it - mProcess.getOutputStream().close(); - InputStream in = mProcess.getInputStream(); - BufferedReader br = new BufferedReader(new InputStreamReader(in)); - - while(true) { - String logline = br.readLine(); - if(logline==null) - return; - - if (logline.startsWith(DUMP_PATH_STRING)) - mDumpPath = logline.substring(DUMP_PATH_STRING.length()); + + ProcessBuilder pb = new ProcessBuilder(argvlist); + // Hack O rama + + String lbpath = genLibraryPath(argv, pb); + + pb.environment().put("LD_LIBRARY_PATH", lbpath); + + // Add extra variables + for (Entry e : env.entrySet()) { + pb.environment().put(e.getKey(), e.getValue()); + } + pb.redirectErrorStream(true); + try { + mProcess = pb.start(); + // Close the output, since we don't need it + mProcess.getOutputStream().close(); + InputStream in = mProcess.getInputStream(); + BufferedReader br = new BufferedReader(new InputStreamReader(in)); + + while (true) { + String logline = br.readLine(); + if (logline == null) + return; + + if (logline.startsWith(DUMP_PATH_STRING)) + mDumpPath = logline.substring(DUMP_PATH_STRING.length()); if (logline.startsWith(BROKEN_PIE_SUPPORT) || logline.contains(BROKEN_PIE_SUPPORT2)) mBrokenPie = true; - + // 1380308330.240114 18000002 Send to HTTP proxy: 'X-Online-Host: bla.blabla.com' Pattern p = Pattern.compile("(\\d+).(\\d+) ([0-9a-f])+ (.*)"); Matcher m = p.matcher(logline); - if(m.matches()) { - int flags = Integer.parseInt(m.group(3),16); + if (m.matches()) { + int flags = Integer.parseInt(m.group(3), 16); String msg = m.group(4); int logLevel = flags & 0x0F; @@ -166,45 +173,45 @@ public class OpenVPNThread implements Runnable { if ((flags & M_FATAL) != 0) logStatus = VpnStatus.LogLevel.ERROR; - else if ((flags & M_NONFATAL)!=0) + else if ((flags & M_NONFATAL) != 0) logStatus = VpnStatus.LogLevel.WARNING; - else if ((flags & M_WARN)!=0) + else if ((flags & M_WARN) != 0) logStatus = VpnStatus.LogLevel.WARNING; - else if ((flags & M_DEBUG)!=0) + else if ((flags & M_DEBUG) != 0) logStatus = VpnStatus.LogLevel.VERBOSE; if (msg.startsWith("MANAGEMENT: CMD")) logLevel = Math.max(4, logLevel); - VpnStatus.logMessageOpenVPN(logStatus,logLevel,msg); + VpnStatus.logMessageOpenVPN(logStatus, logLevel, msg); } else { VpnStatus.logInfo("P:" + logline); } - } - - - } catch (IOException e) { - VpnStatus.logException("Error reading from output of OpenVPN process" , e); - stopProcess(); - } - - - } - - private String genLibraryPath(String[] argv, ProcessBuilder pb) { - // Hack until I find a good way to get the real library path - String applibpath = argv[0].replaceFirst("/cache/.*$" , "/lib"); - - String lbpath = pb.environment().get("LD_LIBRARY_PATH"); - if(lbpath==null) - lbpath = applibpath; - else - lbpath = applibpath + ":" + lbpath; - - if (!applibpath.equals(mNativeDir)) { - lbpath = mNativeDir + ":" + lbpath; - } - return lbpath; - } + } + + + } catch (IOException e) { + VpnStatus.logException("Error reading from output of OpenVPN process", e); + stopProcess(); + } + + + } + + private String genLibraryPath(String[] argv, ProcessBuilder pb) { + // Hack until I find a good way to get the real library path + String applibpath = argv[0].replaceFirst("/cache/.*$", "/lib"); + + String lbpath = pb.environment().get("LD_LIBRARY_PATH"); + if (lbpath == null) + lbpath = applibpath; + else + lbpath = applibpath + ":" + lbpath; + + if (!applibpath.equals(mNativeDir)) { + lbpath = mNativeDir + ":" + lbpath; + } + return lbpath; + } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java index 1c3b336262e9c2249dcbac407804350c65e6f106..569a38461f73a4127e0ac458dcfe7e80235ca9eb 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java @@ -1,23 +1,20 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; import android.content.Context; -import android.content.SharedPreferences; import android.net.LocalServerSocket; import android.net.LocalSocket; import android.net.LocalSocketAddress; import android.os.ParcelFileDescriptor; -import android.preference.PreferenceManager; +import android.support.annotation.NonNull; import android.util.Log; import junit.framework.Assert; -import org.jetbrains.annotations.NotNull; - import java.io.FileDescriptor; import java.io.IOException; import java.io.InputStream; @@ -42,30 +39,24 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { private LocalSocket mSocket; private VpnProfile mProfile; private OpenVPNService mOpenVPNService; - private LinkedList mFDList = new LinkedList(); + private LinkedList mFDList = new LinkedList<>(); private LocalServerSocket mServerSocket; - private boolean mReleaseHold = true; private boolean mWaitingForRelease = false; private long mLastHoldRelease = 0; - private static final Vector active = new Vector(); + private static final Vector active = new Vector<>(); private LocalSocket mServerSocketLocal; private pauseReason lastPauseReason = pauseReason.noNetwork; + private PausedStateCallback mPauseCallback; + private boolean mShuttingDown; public OpenVpnManagementThread(VpnProfile profile, OpenVPNService openVpnService) { mProfile = profile; mOpenVPNService = openVpnService; - - - SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(openVpnService); - boolean managemeNetworkState = prefs.getBoolean("netchangereconnect", true); - if (managemeNetworkState) - mReleaseHold = false; - } - public boolean openManagementInterface(@NotNull Context c) { + public boolean openManagementInterface(@NonNull Context c) { // Could take a while to open connection int tries = 8; @@ -74,7 +65,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { mServerSocketLocal = new LocalSocket(); - while (tries > 0 && !mServerSocketLocal.isConnected()) { + while (tries > 0 && !mServerSocketLocal.isBound()) { try { mServerSocketLocal.bind(new LocalSocketAddress(socketName, LocalSocketAddress.Namespace.FILESYSTEM)); @@ -82,7 +73,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { // wait 300 ms before retrying try { Thread.sleep(300); - } catch (InterruptedException e1) { + } catch (InterruptedException ignored) { } } @@ -167,7 +158,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { //! Hack O Rama 2000! private void protectFileDescriptor(FileDescriptor fd) { - Exception exp; try { Method getInt = FileDescriptor.class.getDeclaredMethod("getInt$"); int fdint = (Integer) getInt.invoke(fd); @@ -183,20 +173,12 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { //pfd.close(); NativeUtils.jniclose(fdint); return; - } catch (NoSuchMethodException e) { - exp = e; - } catch (IllegalArgumentException e) { - exp = e; - } catch (IllegalAccessException e) { - exp = e; - } catch (InvocationTargetException e) { - exp = e; - } catch (NullPointerException e) { - exp = e; + } catch (NoSuchMethodException | IllegalArgumentException | InvocationTargetException | IllegalAccessException | NullPointerException e) { + VpnStatus.logException("Failed to retrieve fd from socket (" + fd + ")", e); } Log.d("Openvpn", "Failed to retrieve fd from socket: " + fd); - VpnStatus.logException("Failed to retrieve fd from socket (" + fd + ")", exp); + } private String processInput(String pendingInput) { @@ -225,31 +207,42 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { String argument = parts[1]; - if (cmd.equals("INFO")) { + switch (cmd) { + case "INFO": /* Ignore greeting from management */ - return; - } else if (cmd.equals("PASSWORD")) { - processPWCommand(argument); - } else if (cmd.equals("HOLD")) { - handleHold(); - } else if (cmd.equals("NEED-OK")) { - processNeedCommand(argument); - } else if (cmd.equals("BYTECOUNT")) { - processByteCount(argument); - } else if (cmd.equals("STATE")) { - processState(argument); - } else if (cmd.equals("PROXY")) { - processProxyCMD(argument); - } else if (cmd.equals("LOG")) { - processLogMessage(argument); - } else if (cmd.equals("RSA_SIGN")) { - processSignCommand(argument); - } else { - VpnStatus.logWarning("MGMT: Got unrecognized command" + command); - Log.i(TAG, "Got unrecognized command" + command); + return; + case "PASSWORD": + processPWCommand(argument); + break; + case "HOLD": + handleHold(); + break; + case "NEED-OK": + processNeedCommand(argument); + break; + case "BYTECOUNT": + processByteCount(argument); + break; + case "STATE": + if (!mShuttingDown) + processState(argument); + break; + case "PROXY": + processProxyCMD(argument); + break; + case "LOG": + processLogMessage(argument); + break; + case "RSA_SIGN": + processSignCommand(argument); + break; + default: + VpnStatus.logWarning("MGMT: Got unrecognized command" + command); + Log.i(TAG, "Got unrecognized command" + command); + break; } } else if (command.startsWith("SUCCESS:")) { - /* Ignore this kind of message too */ + /* Ignore this kind of message too */ return; } else if (command.startsWith("PROTECTFD: ")) { FileDescriptor fdtoprotect = mFDList.pollFirst(); @@ -278,16 +271,22 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { Log.d("OpenVPN", argument); VpnStatus.LogLevel level; - if (args[1].equals("I")) { - level = VpnStatus.LogLevel.INFO; - } else if (args[1].equals("W")) { - level = VpnStatus.LogLevel.WARNING; - } else if (args[1].equals("D")) { - level = VpnStatus.LogLevel.VERBOSE; - } else if (args[1].equals("F")) { - level = VpnStatus.LogLevel.ERROR; - } else { - level = VpnStatus.LogLevel.INFO; + switch (args[1]) { + case "I": + level = VpnStatus.LogLevel.INFO; + break; + case "W": + level = VpnStatus.LogLevel.WARNING; + break; + case "D": + level = VpnStatus.LogLevel.VERBOSE; + break; + case "F": + level = VpnStatus.LogLevel.ERROR; + break; + default: + level = VpnStatus.LogLevel.INFO; + break; } int ovpnlevel = Integer.parseInt(args[2]) & 0x0F; @@ -299,8 +298,15 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { VpnStatus.logMessageOpenVPN(level, ovpnlevel, msg); } + boolean shouldBeRunning() { + if (mPauseCallback == null) + return false; + else + return mPauseCallback.shouldBeRunning(); + } + private void handleHold() { - if (mReleaseHold) { + if (shouldBeRunning()) { releaseHoldCmd(); } else { mWaitingForRelease = true; @@ -327,11 +333,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { //managmentCommand("log on all\n"); } + public void releaseHold() { - mReleaseHold = true; if (mWaitingForRelease) releaseHoldCmd(); - } private void processProxyCMD(String argument) { @@ -391,15 +396,19 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { String status = "ok"; - if (needed.equals("PROTECTFD")) { - FileDescriptor fdtoprotect = mFDList.pollFirst(); - protectFileDescriptor(fdtoprotect); - } else if (needed.equals("DNSSERVER")) { - mOpenVPNService.addDNS(extra); - } else if (needed.equals("DNSDOMAIN")) { - mOpenVPNService.setDomain(extra); - } else if (needed.equals("ROUTE")) { - String[] routeparts = extra.split(" "); + switch (needed) { + case "PROTECTFD": + FileDescriptor fdtoprotect = mFDList.pollFirst(); + protectFileDescriptor(fdtoprotect); + break; + case "DNSSERVER": + mOpenVPNService.addDNS(extra); + break; + case "DNSDOMAIN": + mOpenVPNService.setDomain(extra); + break; + case "ROUTE": { + String[] routeparts = extra.split(" "); /* buf_printf (&out, "%s %s %s dev %s", network, netmask, gateway, rgi->iface); @@ -407,38 +416,46 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { buf_printf (&out, "%s %s %s", network, netmask, gateway); */ - if (routeparts.length == 5) { - if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]); - mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]); - } else if (routeparts.length >= 3) { - mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null); - } else { - VpnStatus.logError("Unrecognized ROUTE cmd:" + Arrays.toString(routeparts) + " | " + argument); + if (routeparts.length == 5) { + if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]); + mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]); + } else if (routeparts.length >= 3) { + mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null); + } else { + VpnStatus.logError("Unrecognized ROUTE cmd:" + Arrays.toString(routeparts) + " | " + argument); + } + + break; + } + case "ROUTE6": { + String[] routeparts = extra.split(" "); + mOpenVPNService.addRoutev6(routeparts[0], routeparts[1]); + break; } + case "IFCONFIG": + String[] ifconfigparts = extra.split(" "); + int mtu = Integer.parseInt(ifconfigparts[2]); + mOpenVPNService.setLocalIP(ifconfigparts[0], ifconfigparts[1], mtu, ifconfigparts[3]); + break; + case "IFCONFIG6": + mOpenVPNService.setLocalIPv6(extra); + + break; + case "PERSIST_TUN_ACTION": + // check if tun cfg stayed the same + status = mOpenVPNService.getTunReopenStatus(); + break; + case "OPENTUN": + if (sendTunFD(needed, extra)) + return; + else + status = "cancel"; + // This not nice or anything but setFileDescriptors accepts only FilDescriptor class :( - } else if (needed.equals("ROUTE6")) { - String[] routeparts = extra.split(" "); - mOpenVPNService.addRoutev6(routeparts[0], routeparts[1]); - } else if (needed.equals("IFCONFIG")) { - String[] ifconfigparts = extra.split(" "); - int mtu = Integer.parseInt(ifconfigparts[2]); - mOpenVPNService.setLocalIP(ifconfigparts[0], ifconfigparts[1], mtu, ifconfigparts[3]); - } else if (needed.equals("IFCONFIG6")) { - mOpenVPNService.setLocalIPv6(extra); - - } else if (needed.equals("PERSIST_TUN_ACTION")) { - // check if tun cfg stayed the same - status = mOpenVPNService.getTunReopenStatus(); - } else if (needed.equals("OPENTUN")) { - if (sendTunFD(needed, extra)) + break; + default: + Log.e(TAG, "Unknown needok command " + argument); return; - else - status = "cancel"; - // This not nice or anything but setFileDescriptors accepts only FilDescriptor class :( - - } else { - Log.e(TAG, "Unkown needok command " + argument); - return; } String cmd = String.format("needok '%s' %s\n", needed, status); @@ -446,7 +463,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { } private boolean sendTunFD(String needed, String extra) { - Exception exp; if (!extra.equals("tun")) { // We only support tun VpnStatus.logError(String.format("Device type %s requested, but only tun is possible with the Android API, sorry!", extra)); @@ -480,18 +496,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { pfd.close(); return true; - } catch (NoSuchMethodException e) { - exp = e; - } catch (IllegalArgumentException e) { - exp = e; - } catch (IllegalAccessException e) { - exp = e; - } catch (InvocationTargetException e) { - exp = e; - } catch (IOException e) { - exp = e; + } catch (NoSuchMethodException | IllegalArgumentException | InvocationTargetException | + IOException | IllegalAccessException exp) { + VpnStatus.logException("Could not send fd over socket", exp); } - VpnStatus.logException("Could not send fd over socket", exp); return false; } @@ -559,14 +567,21 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { } @Override - public void networkChange() { - if (!mWaitingForRelease) + public void networkChange(boolean samenetwork) { + if (mWaitingForRelease) + releaseHold(); + else if (samenetwork) + managmentCommand("network-change samenetwork\n"); + else managmentCommand("network-change\n"); } - public void signalusr1() { - mReleaseHold = false; + @Override + public void setPauseCallback(PausedStateCallback callback) { + mPauseCallback = callback; + } + public void signalusr1() { if (!mWaitingForRelease) managmentCommand("signal SIGUSR1\n"); else @@ -608,7 +623,9 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement { } @Override - public boolean stopVPN() { + public boolean stopVPN(boolean replaceConnection) { + mShuttingDown = true; return stopOpenVPN(); } + } diff --git a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java index a788426acd3459110f822dde5f5626eedd454bf8..49a7eaa98364be881dff2bdaecb63d2bf5a70abd 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java +++ b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java index 086cdb4445280ebba22075fa5e35087818ab4b4d..4f9c219bdc3a5c39d0ea7eda14f7b66e655a16a0 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -128,6 +128,11 @@ public class ProfileManager { ProfileManager.tmpprofile = tmp; } + public static boolean isTempProfile() + { + return mLastConnectedVpn == tmpprofile; + } + public void saveProfile(Context context, VpnProfile profile) { ObjectOutputStream vpnfile; diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java index 6e2abb13ae9e1db1bb60134ef89248ddabd6c092..34fb69f8f90a09df2ab7d886325d05af5260fc99 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java +++ b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java index 47cb633c3f7cf18b3e4343ea9a512f7395ab917b..78f462e7cbc293a7c71c70d3e0167e550a5360b9 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -14,30 +14,38 @@ import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.util.Arrays; import java.util.Vector; import se.leap.bitmaskclient.R; import de.blinkt.openvpn.VpnProfile; public class VPNLaunchHelper { - private static final String MININONPIEVPN = "nopievpn"; - private static final String MINIPIEVPN = "pievpn"; + private static final String MININONPIEVPN = "nopie_openvpn"; + private static final String MINIPIEVPN = "pie_openvpn"; private static final String OVPNCONFIGFILE = "android.conf"; - static private String writeMiniVPN(Context context) { + private static String writeMiniVPN(Context context) { String[] abis; if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) - abis = getSupportedAbisLollipop(); + abis = getSupportedABIsLollipop(); else + //noinspection deprecation abis = new String[]{Build.CPU_ABI, Build.CPU_ABI2}; + String nativeAPI = NativeUtils.getNativeAPI(); + if (!nativeAPI.equals(abis[0])) { + VpnStatus.logWarning(R.string.abi_mismatch, Arrays.toString(abis), nativeAPI); + abis = new String[] {nativeAPI}; + } + for (String abi: abis) { - File mvpnout = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi); - if ((mvpnout.exists() && mvpnout.canExecute()) || writeMiniVPNBinary(context, abi, mvpnout)) { - return mvpnout.getPath(); + File vpnExecutable = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi); + if ((vpnExecutable.exists() && vpnExecutable.canExecute()) || writeMiniVPNBinary(context, abi, vpnExecutable)) { + return vpnExecutable.getPath(); } } @@ -45,7 +53,7 @@ public class VPNLaunchHelper { } @TargetApi(Build.VERSION_CODES.LOLLIPOP) - private static String[] getSupportedAbisLollipop() { + private static String[] getSupportedABIsLollipop() { return Build.SUPPORTED_ABIS; } @@ -65,12 +73,18 @@ public class VPNLaunchHelper { } - public static String[] buildOpenvpnArgv(Context c) { + static String[] buildOpenvpnArgv(Context c) { Vector args = new Vector<>(); + String binaryName = writeMiniVPN(c); // Add fixed paramenters //args.add("/data/data/de.blinkt.openvpn/lib/openvpn"); - args.add(writeMiniVPN(c)); + if(binaryName==null) { + VpnStatus.logError("Error writing minivpn binary"); + return null; + } + + args.add(binaryName); args.add("--config"); args.add(getConfigFilePath(c)); @@ -118,13 +132,6 @@ public class VPNLaunchHelper { public static void startOpenVpn(VpnProfile startprofile, Context context) { - if(writeMiniVPN(context)==null) { - VpnStatus.logError("Error writing minivpn binary"); - return; - } - - VpnStatus.logInfo(R.string.building_configration); - Intent startVPN = startprofile.prepareStartService(context); if(startVPN!=null) context.startService(startVPN); diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java index 62a606439ba619b6199e1cd1d724fde8cab66a35..1e2ccba3c144b1ede2ff6fb904b76e8e338cce92 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java @@ -1,24 +1,28 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; import android.annotation.SuppressLint; -import android.app.Activity; import android.content.Context; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.Signature; import android.os.Build; +import android.os.HandlerThread; +import android.os.Message; import android.os.Parcel; import android.os.Parcelable; import android.text.TextUtils; +import android.util.Log; import java.io.ByteArrayInputStream; +import java.io.DataOutputStream; import java.io.File; +import java.io.OutputStream; import java.io.PrintWriter; import java.io.StringWriter; import java.security.MessageDigest; @@ -33,6 +37,7 @@ import java.util.Locale; import java.util.UnknownFormatConversionException; import java.util.Vector; +import se.leap.bitmaskclient.BuildConfig; import se.leap.bitmaskclient.R; public class VpnStatus { @@ -72,7 +77,59 @@ public class VpnStatus { logException(LogLevel.ERROR, context, e); } - private static final int MAXLOGENTRIES = 1000; + static final int MAXLOGENTRIES = 1000; + + + public static String getLastCleanLogMessage(Context c) { + String message = mLaststatemsg; + switch (mLastLevel) { + case LEVEL_CONNECTED: + String[] parts = mLaststatemsg.split(","); + /* + (a) the integer unix date/time, + (b) the state name, + 0 (c) optional descriptive string (used mostly on RECONNECTING + and EXITING to show the reason for the disconnect), + + 1 (d) optional TUN/TAP local IPv4 address + 2 (e) optional address of remote server, + 3 (f) optional port of remote server, + 4 (g) optional local address, + 5 (h) optional local port, and + 6 (i) optional TUN/TAP local IPv6 address. +*/ + // Return only the assigned IP addresses in the UI + if (parts.length >= 7) + message = String.format(Locale.US, "%s %s", parts[1], parts[6]); + break; + } + + while (message.endsWith(",")) + message = message.substring(0, message.length() - 1); + + String status = mLaststate; + if (status.equals("NOPROCESS")) + return message; + + String prefix = c.getString(mLastStateresid); + if (mLastStateresid == R.string.unknown_state) + message = status + message; + if (message.length() > 0) + prefix += ": "; + + return prefix + message; + + } + + public static void initLogCache(File cacheDir) { + Message m = mLogFileHandler.obtainMessage(LogFileHandler.LOG_INIT, cacheDir); + mLogFileHandler.sendMessage(m); + + } + + public static void flushLog() { + mLogFileHandler.sendEmptyMessage(LogFileHandler.FLUSH_TO_DISK); + } public enum ConnectionStatus { LEVEL_CONNECTED, @@ -81,6 +138,7 @@ public class VpnStatus { LEVEL_CONNECTING_NO_SERVER_REPLY_YET, LEVEL_NONETWORK, LEVEL_NOTCONNECTED, + LEVEL_START, LEVEL_AUTH_FAILED, LEVEL_WAITING_FOR_USER_INPUT, UNKNOWN_LEVEL @@ -128,18 +186,24 @@ public class VpnStatus { private static ConnectionStatus mLastLevel = ConnectionStatus.LEVEL_NOTCONNECTED; + private static final LogFileHandler mLogFileHandler; + static { logbuffer = new LinkedList<>(); logListener = new Vector<>(); stateListener = new Vector<>(); byteCountListener = new Vector<>(); + + HandlerThread mHandlerThread = new HandlerThread("LogFileWriter", Thread.MIN_PRIORITY); + mHandlerThread.start(); + mLogFileHandler = new LogFileHandler(mHandlerThread.getLooper()); + logInformation(); + } public static class LogItem implements Parcelable { - - private Object[] mArgs = null; private String mMessage = null; private int mRessourceId; @@ -231,7 +295,6 @@ public class VpnStatus { if (mArgs != null) str += TextUtils.join("|", mArgs); - return str; } } @@ -261,6 +324,7 @@ public class VpnStatus { String version = "error getting version"; try { + @SuppressLint("PackageManagerGetSignatures") Signature raw = c.getPackageManager().getPackageInfo(c.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0]; CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(raw.toByteArray())); @@ -287,11 +351,11 @@ public class VpnStatus { NoSuchAlgorithmException ignored) { } - Object[] argsext = Arrays.copyOf(mArgs, mArgs.length + 2); + Object[] argsext = Arrays.copyOf(mArgs, mArgs.length); argsext[argsext.length - 1] = apksign; argsext[argsext.length - 2] = version; - return c.getString(R.string.mobile_info_extended, argsext); + return c.getString(R.string.mobile_info, argsext); } @@ -308,12 +372,16 @@ public class VpnStatus { } return mVerbosityLevel; } - } - public void saveLogToDisk(Context c) { + public boolean verify() { + if (mLevel == null) + return false; - File logOut = new File(c.getCacheDir(), "log.xml"); + if (mMessage == null && mRessourceId == 0) + return false; + return true; + } } public interface LogListener { @@ -336,10 +404,12 @@ public class VpnStatus { public synchronized static void clearLog() { logbuffer.clear(); logInformation(); + mLogFileHandler.sendEmptyMessage(LogFileHandler.TRIM_LOG_FILE); } private static void logInformation() { - logInfo(R.string.mobile_info, Build.MODEL, Build.BOARD, Build.BRAND, Build.VERSION.SDK_INT); + logInfo(R.string.mobile_info, Build.MODEL, Build.BOARD, Build.BRAND, Build.VERSION.SDK_INT, + NativeUtils.getNativeAPI(), Build.VERSION.RELEASE, Build.ID, Build.FINGERPRINT, "", ""); } public synchronized static void addLogListener(LogListener ll) { @@ -369,32 +439,34 @@ public class VpnStatus { } private static int getLocalizedState(String state) { - if (state.equals("CONNECTING")) - return R.string.state_connecting; - else if (state.equals("WAIT")) - return R.string.state_wait; - else if (state.equals("AUTH")) - return R.string.state_auth; - else if (state.equals("GET_CONFIG")) - return R.string.state_get_config; - else if (state.equals("ASSIGN_IP")) - return R.string.state_assign_ip; - else if (state.equals("ADD_ROUTES")) - return R.string.state_add_routes; - else if (state.equals("CONNECTED")) - return R.string.state_connected; - else if (state.equals("DISCONNECTED")) - return R.string.state_disconnected; - else if (state.equals("RECONNECTING")) - return R.string.state_reconnecting; - else if (state.equals("EXITING")) - return R.string.state_exiting; - else if (state.equals("RESOLVE")) - return R.string.state_resolve; - else if (state.equals("TCP_CONNECT")) - return R.string.state_tcp_connect; - else - return R.string.unknown_state; + switch (state) { + case "CONNECTING": + return R.string.state_connecting; + case "WAIT": + return R.string.state_wait; + case "AUTH": + return R.string.state_auth; + case "GET_CONFIG": + return R.string.state_get_config; + case "ASSIGN_IP": + return R.string.state_assign_ip; + case "ADD_ROUTES": + return R.string.state_add_routes; + case "CONNECTED": + return R.string.state_connected; + case "DISCONNECTED": + return R.string.state_disconnected; + case "RECONNECTING": + return R.string.state_reconnecting; + case "EXITING": + return R.string.state_exiting; + case "RESOLVE": + return R.string.state_resolve; + case "TCP_CONNECT": + return R.string.state_tcp_connect; + default: + return R.string.unknown_state; + } } @@ -496,17 +568,36 @@ public class VpnStatus { newLogItem(new LogItem(LogLevel.DEBUG, resourceId, args)); } + private static void newLogItem(LogItem logItem) { + newLogItem(logItem, false); + } + + + synchronized static void newLogItem(LogItem logItem, boolean cachedLine) { + if (cachedLine) { + logbuffer.addFirst(logItem); + } else { + logbuffer.addLast(logItem); + Message m = mLogFileHandler.obtainMessage(LogFileHandler.LOG_MESSAGE, logItem); + mLogFileHandler.sendMessage(m); + } + + if (logbuffer.size() > MAXLOGENTRIES + MAXLOGENTRIES / 2) { + while (logbuffer.size() > MAXLOGENTRIES) + logbuffer.removeFirst(); + mLogFileHandler.sendMessage(mLogFileHandler.obtainMessage(LogFileHandler.TRIM_LOG_FILE)); + } + + if (BuildConfig.DEBUG && !cachedLine) + Log.d("OpenVPN", logItem.getString(null)); - private synchronized static void newLogItem(LogItem logItem) { - logbuffer.addLast(logItem); - if (logbuffer.size() > MAXLOGENTRIES) - logbuffer.removeFirst(); for (LogListener ll : logListener) { ll.newLog(logItem); } } + public static void logError(String msg) { newLogItem(new LogItem(LogLevel.ERROR, msg)); @@ -538,8 +629,8 @@ public class VpnStatus { public static synchronized void updateByteCount(long in, long out) { long lastIn = mlastByteCount[0]; long lastOut = mlastByteCount[1]; - long diffIn = mlastByteCount[2] = in - lastIn; - long diffOut = mlastByteCount[3] = out - lastOut; + long diffIn = mlastByteCount[2] = Math.max(0, in - lastIn); + long diffOut = mlastByteCount[3] = Math.max(0, out - lastOut); mlastByteCount = new long[]{in, out, diffIn, diffOut}; diff --git a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java index 0786967b9023effef360e3c6cf4dbb953c0d2ff9..4048f0e0e309c5e081121a796dca07ac2c1fd69a 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java +++ b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java @@ -1,11 +1,12 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ package de.blinkt.openvpn.core; import android.content.Context; +import android.content.res.Resources; import android.text.TextUtils; import se.leap.bitmaskclient.R; @@ -20,30 +21,39 @@ import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.security.cert.Certificate; import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; import java.security.cert.CertificateFactory; +import java.security.cert.CertificateNotYetValidException; import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Date; import java.util.Hashtable; +import java.util.Vector; public class X509Utils { - public static Certificate getCertificateFromFile(String certfilename) throws FileNotFoundException, CertificateException { + public static Certificate[] getCertificatesFromFile(String certfilename) throws FileNotFoundException, CertificateException { CertificateFactory certFact = CertificateFactory.getInstance("X.509"); - InputStream inStream; - + Vector certificates = new Vector<>(); if(VpnProfile.isEmbedded(certfilename)) { - // The java certifcate reader is ... kind of stupid - // It does NOT ignore chars before the --BEGIN ... int subIndex = certfilename.indexOf("-----BEGIN CERTIFICATE-----"); - subIndex = Math.max(0,subIndex); - inStream = new ByteArrayInputStream(certfilename.substring(subIndex).getBytes()); + do { + // The java certifcate reader is ... kind of stupid + // It does NOT ignore chars before the --BEGIN ... + subIndex = Math.max(0, subIndex); + InputStream inStream = new ByteArrayInputStream(certfilename.substring(subIndex).getBytes()); + certificates.add(certFact.generateCertificate(inStream)); + subIndex = certfilename.indexOf("-----BEGIN CERTIFICATE-----", subIndex+1); + } while (subIndex > 0); + return certificates.toArray(new Certificate[certificates.size()]); } else { - inStream = new FileInputStream(certfilename); + InputStream inStream = new FileInputStream(certfilename); + return new Certificate[] {certFact.generateCertificate(inStream)}; } - return certFact.generateCertificate(inStream); } public static PemObject readPemObjectFromFile (String keyfilename) throws IOException { @@ -67,9 +77,10 @@ public class X509Utils { public static String getCertificateFriendlyName (Context c, String filename) { if(!TextUtils.isEmpty(filename)) { try { - X509Certificate cert = (X509Certificate) getCertificateFromFile(filename); - - return getCertificateFriendlyName(cert); + X509Certificate cert = (X509Certificate) getCertificatesFromFile(filename)[0]; + String friendlycn = getCertificateFriendlyName(cert); + friendlycn = getCertificateValidityString(cert, c.getResources()) + friendlycn; + return friendlycn; } catch (Exception e) { VpnStatus.logError("Could not read certificate" + e.getLocalizedMessage()); @@ -78,6 +89,40 @@ public class X509Utils { return c.getString(R.string.cannotparsecert); } + public static String getCertificateValidityString(X509Certificate cert, Resources res) { + try { + cert.checkValidity(); + } catch (CertificateExpiredException ce) { + return "EXPIRED: "; + } catch (CertificateNotYetValidException cny) { + return "NOT YET VALID: "; + } + + Date certNotAfter = cert.getNotAfter(); + Date now = new Date(); + long timeLeft = certNotAfter.getTime() - now.getTime(); // Time left in ms + + // More than 72h left, display days + // More than 3 months display months + if (timeLeft > 90l* 24 * 3600 * 1000) { + long months = getMonthsDifference(now, certNotAfter); + return res.getString(R.string.months_left, months); + } else if (timeLeft > 72 * 3600 * 1000) { + long days = timeLeft / (24 * 3600 * 1000); + return res.getString(R.string.days_left, days); + } else { + long hours = timeLeft / (3600 * 1000); + + return res.getString(R.string.hours_left, hours); + } + } + + public static int getMonthsDifference(Date date1, Date date2) { + int m1 = date1.getYear() * 12 + date1.getMonth(); + int m2 = date2.getYear() * 12 + date2.getMonth(); + return m2 - m1 + 1; + } + public static String getCertificateFriendlyName(X509Certificate cert) { X500Principal principal = cert.getSubjectX500Principal(); byte[] encodedSubject = principal.getEncoded(); diff --git a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java index 2a75c15ee970187097d0d9ac34bfdaf91e13785d..bbd52a34b2ba13978ed14aed46fb339e21d8cf97 100644 --- a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java +++ b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2014 Arne Schwabe + * Copyright (c) 2012-2016 Arne Schwabe * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt */ @@ -22,6 +22,9 @@ import android.os.Bundle; import android.os.Handler; import android.os.Handler.Callback; import android.os.Message; +import android.preference.Preference; +import android.preference.PreferenceManager; +import android.support.annotation.Nullable; import android.text.SpannableString; import android.text.format.DateFormat; import android.text.style.ImageSpan; @@ -33,6 +36,8 @@ import android.view.View; import android.view.ViewGroup; import android.widget.AdapterView; import android.widget.AdapterView.OnItemLongClickListener; +import android.widget.CheckBox; +import android.widget.CompoundButton; import android.widget.LinearLayout; import android.widget.ListAdapter; import android.widget.ListView; @@ -41,8 +46,6 @@ import android.widget.SeekBar; import android.widget.TextView; import android.widget.Toast; -import org.jetbrains.annotations.Nullable; - import java.text.SimpleDateFormat; import java.util.Collections; import java.util.Date; @@ -67,11 +70,12 @@ import static de.blinkt.openvpn.core.OpenVPNService.humanReadableByteCount; import se.leap.bitmaskclient.Dashboard; public class LogFragment extends ListFragment implements StateListener, SeekBar.OnSeekBarChangeListener, RadioGroup.OnCheckedChangeListener, VpnStatus.ByteCountListener { - private static final String LOGTIMEFORMAT = "logtimeformat"; - private static final int START_VPN_CONFIG = 0; + private static final String LOGTIMEFORMAT = "logtimeformat"; + private static final int START_VPN_CONFIG = 0; private static final String VERBOSITYLEVEL = "verbositylevel"; + private SeekBar mLogLevelSlider; private LinearLayout mOptionsLayout; private RadioGroup mTimeRadioGroup; @@ -79,10 +83,11 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. private TextView mDownStatus; private TextView mConnectStatus; private boolean mShowOptionsLayout; + private CheckBox mClearLogCheckBox; @Override public void onProgressChanged(SeekBar seekBar, int progress, boolean fromUser) { - ladapter.setLogLevel(progress+1); + ladapter.setLogLevel(progress + 1); } @Override @@ -134,7 +139,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. private static final int MESSAGE_NEWLOG = 0; - private static final int MESSAGE_CLEARLOG = 1; + private static final int MESSAGE_CLEARLOG = 1; private static final int MESSAGE_NEWTS = 2; private static final int MESSAGE_NEWLOGLEVEL = 3; @@ -144,110 +149,109 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. public static final int TIME_FORMAT_ISO = 2; private static final int MAX_STORED_LOG_ENTRIES = 1000; - private Vector allEntries=new Vector(); + private Vector allEntries = new Vector<>(); - private Vector currentLevelEntries=new Vector(); + private Vector currentLevelEntries = new Vector(); - private Handler mHandler; + private Handler mHandler; - private Vector observers=new Vector(); + private Vector observers = new Vector(); - private int mTimeFormat=0; - private int mLogLevel=3; + private int mTimeFormat = 0; + private int mLogLevel = 3; public LogWindowListAdapter() { - initLogBuffer(); - if (mHandler == null) { - mHandler = new Handler(this); - } - - VpnStatus.addLogListener(this); - } + initLogBuffer(); + if (mHandler == null) { + mHandler = new Handler(this); + } + VpnStatus.addLogListener(this); + } - private void initLogBuffer() { - allEntries.clear(); + private void initLogBuffer() { + allEntries.clear(); Collections.addAll(allEntries, VpnStatus.getlogbuffer()); initCurrentMessages(); - } - - String getLogStr() { - String str = ""; - for(LogItem entry:allEntries) { - str+=getTime(entry, TIME_FORMAT_ISO) + entry.getString(getActivity()) + '\n'; - } - return str; - } - - - private void shareLog() { - Intent shareIntent = new Intent(Intent.ACTION_SEND); - shareIntent.putExtra(Intent.EXTRA_TEXT, getLogStr()); - shareIntent.putExtra(Intent.EXTRA_SUBJECT, getString(R.string.ics_openvpn_log_file)); - shareIntent.setType("text/plain"); - startActivity(Intent.createChooser(shareIntent, "Send Logfile")); - } - - @Override - public void registerDataSetObserver(DataSetObserver observer) { - observers.add(observer); - - } - - @Override - public void unregisterDataSetObserver(DataSetObserver observer) { - observers.remove(observer); - } - - @Override - public int getCount() { - return currentLevelEntries.size(); - } - - @Override - public Object getItem(int position) { - return currentLevelEntries.get(position); - } - - @Override - public long getItemId(int position) { - return ((Object)currentLevelEntries.get(position)).hashCode(); - } - - @Override - public boolean hasStableIds() { - return true; - } - - @Override - public View getView(int position, View convertView, ViewGroup parent) { - TextView v; - if(convertView==null) - v = new TextView(getActivity()); - else - v = (TextView) convertView; - - LogItem le = currentLevelEntries.get(position); - String msg = le.getString(getActivity()); + } + + String getLogStr() { + String str = ""; + for (LogItem entry : allEntries) { + str += getTime(entry, TIME_FORMAT_ISO) + entry.getString(getActivity()) + '\n'; + } + return str; + } + + + private void shareLog() { + Intent shareIntent = new Intent(Intent.ACTION_SEND); + shareIntent.putExtra(Intent.EXTRA_TEXT, getLogStr()); + shareIntent.putExtra(Intent.EXTRA_SUBJECT, getString(R.string.ics_openvpn_log_file)); + shareIntent.setType("text/plain"); + startActivity(Intent.createChooser(shareIntent, "Send Logfile")); + } + + @Override + public void registerDataSetObserver(DataSetObserver observer) { + observers.add(observer); + + } + + @Override + public void unregisterDataSetObserver(DataSetObserver observer) { + observers.remove(observer); + } + + @Override + public int getCount() { + return currentLevelEntries.size(); + } + + @Override + public Object getItem(int position) { + return currentLevelEntries.get(position); + } + + @Override + public long getItemId(int position) { + return ((Object) currentLevelEntries.get(position)).hashCode(); + } + + @Override + public boolean hasStableIds() { + return true; + } + + @Override + public View getView(int position, View convertView, ViewGroup parent) { + TextView v; + if (convertView == null) + v = new TextView(getActivity()); + else + v = (TextView) convertView; + + LogItem le = currentLevelEntries.get(position); + String msg = le.getString(getActivity()); String time = getTime(le, mTimeFormat); - msg = time + msg; + msg = time + msg; int spanStart = time.length(); SpannableString t = new SpannableString(msg); //t.setSpan(getSpanImage(le,(int)v.getTextSize()),spanStart,spanStart+1, Spanned.SPAN_INCLUSIVE_INCLUSIVE); - v.setText(t); - return v; - } + v.setText(t); + return v; + } private String getTime(LogItem le, int time) { if (time != TIME_FORMAT_NONE) { Date d = new Date(le.getLogtime()); java.text.DateFormat timeformat; - if (time== TIME_FORMAT_ISO) + if (time == TIME_FORMAT_ISO) timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.getDefault()); else timeformat = DateFormat.getTimeFormat(getActivity()); @@ -289,49 +293,49 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. } @Override - public int getItemViewType(int position) { - return 0; - } - - @Override - public int getViewTypeCount() { - return 1; - } - - @Override - public boolean isEmpty() { - return currentLevelEntries.isEmpty(); - - } - - @Override - public boolean areAllItemsEnabled() { - return true; - } - - @Override - public boolean isEnabled(int position) { - return true; - } - - @Override - public void newLog(LogItem logMessage) { - Message msg = Message.obtain(); - assert (msg!=null); - msg.what=MESSAGE_NEWLOG; - Bundle bundle=new Bundle(); - bundle.putParcelable("logmessage", logMessage); - msg.setData(bundle); - mHandler.sendMessage(msg); - } - - @Override - public boolean handleMessage(Message msg) { - // We have been called - if(msg.what==MESSAGE_NEWLOG) { - - LogItem logMessage = msg.getData().getParcelable("logmessage"); - if(addLogMessage(logMessage)) + public int getItemViewType(int position) { + return 0; + } + + @Override + public int getViewTypeCount() { + return 1; + } + + @Override + public boolean isEmpty() { + return currentLevelEntries.isEmpty(); + + } + + @Override + public boolean areAllItemsEnabled() { + return true; + } + + @Override + public boolean isEnabled(int position) { + return true; + } + + @Override + public void newLog(LogItem logMessage) { + Message msg = Message.obtain(); + assert (msg != null); + msg.what = MESSAGE_NEWLOG; + Bundle bundle = new Bundle(); + bundle.putParcelable("logmessage", logMessage); + msg.setData(bundle); + mHandler.sendMessage(msg); + } + + @Override + public boolean handleMessage(Message msg) { + // We have been called + if (msg.what == MESSAGE_NEWLOG) { + + LogItem logMessage = msg.getData().getParcelable("logmessage"); + if (addLogMessage(logMessage)) for (DataSetObserver observer : observers) { observer.onChanged(); } @@ -340,25 +344,25 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. observer.onInvalidated(); } initLogBuffer(); - } else if (msg.what == MESSAGE_NEWTS) { - for (DataSetObserver observer : observers) { - observer.onInvalidated(); - } - } else if (msg.what == MESSAGE_NEWLOGLEVEL) { + } else if (msg.what == MESSAGE_NEWTS) { + for (DataSetObserver observer : observers) { + observer.onInvalidated(); + } + } else if (msg.what == MESSAGE_NEWLOGLEVEL) { initCurrentMessages(); - for (DataSetObserver observer: observers) { + for (DataSetObserver observer : observers) { observer.onChanged(); } } - return true; - } + return true; + } private void initCurrentMessages() { currentLevelEntries.clear(); - for(LogItem li: allEntries) { + for (LogItem li : allEntries) { if (li.getVerbosityLevel() <= mLogLevel || mLogLevel == VpnProfile.MAXLOGLEVEL) currentLevelEntries.add(li); @@ -366,7 +370,6 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. } /** - * * @param logmessage * @return True if the current entries have changed */ @@ -376,7 +379,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar. if (allEntries.size() > MAX_STORED_LOG_ENTRIES) { Vector oldAllEntries = allEntries; allEntries = new Vector(allEntries.size()); - for (int i=50;i. + */ /** * Copyright (c) 2013 LEAP Encryption Access Project and contributers * @@ -31,6 +47,7 @@ import org.json.*; import java.net.*; import butterknife.*; +import de.blinkt.openvpn.core.VpnStatus; import se.leap.bitmaskclient.eip.*; import se.leap.bitmaskclient.userstatus.*; @@ -71,35 +88,55 @@ public class Dashboard extends Activity implements ProviderAPIResultReceiver.Rec @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); - - app = this; - - PRNGFixes.apply(); - preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - handleVersion(); - User.init(getString(R.string.default_username)); ProviderAPICommand.initialize(this); providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler(), this); - restoreProvider(savedInstanceState); - if (!provider.isConfigured()) + if (app == null) { + app = this; + + PRNGFixes.apply(); + VpnStatus.initLogCache(getApplicationContext().getCacheDir()); + handleVersion(); + User.init(getString(R.string.default_username)); + } + boolean provider_exists = previousProviderExists(savedInstanceState); + if (provider_exists) { + provider = getProvider(savedInstanceState); + if(!provider.isConfigured()) + startActivityForResult(new Intent(this, ConfigurationWizard.class), CONFIGURE_LEAP); + else { + buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); + user_status_fragment.restoreSessionStatus(savedInstanceState); + } + } else { startActivityForResult(new Intent(this, ConfigurationWizard.class), CONFIGURE_LEAP); - else { - buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); - user_status_fragment.restoreSessionStatus(savedInstanceState); } } - private void restoreProvider(Bundle savedInstanceState) { - if (savedInstanceState != null) { - if (savedInstanceState.containsKey(Provider.KEY)) - provider = savedInstanceState.getParcelable(Provider.KEY); - } - if (!provider.isConfigured() && preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) + private boolean previousProviderExists(Bundle savedInstanceState) { + return providerInSavedInstance(savedInstanceState) || providerInSharedPreferences(); + } + + private Provider getProvider(Bundle savedInstanceState) { + if(providerInSavedInstance(savedInstanceState)) + provider = savedInstanceState.getParcelable(Provider.KEY); + else if (providerInSharedPreferences()) provider = getSavedProviderFromSharedPreferences(); + return provider; + } + + private boolean providerInSavedInstance(Bundle savedInstanceState) { + return savedInstanceState != null && + savedInstanceState.containsKey(Provider.KEY); + } + + private boolean providerInSharedPreferences() { + return preferences != null && + preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false); + } @Override diff --git a/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java b/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java index 2e3d752470858e573702532de44836cfe14acf5a..9210c6ecb22e856d17595d2259cc666d3664450f 100644 --- a/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java @@ -244,10 +244,7 @@ public class VpnFragment extends Fragment implements Observer { Context context = dashboard.getApplicationContext(); String error = eip_status.lastError(5, context); - if (!error.isEmpty()) { - dashboard.showLog(); - VoidVpnService.stop(); - } + if (!error.isEmpty()) VoidVpnService.stop(); updateIcon(); updateButton(); } diff --git a/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png index 0fd15563a263e138b1f419e02a807ff8c40f2554..ceb1a1eebf2b2cc9a008f42010e144f4dab968de 100644 Binary files a/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png differ diff --git a/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..4d2ea05c462291e4a4f8bd30856a25ad33fd420f Binary files /dev/null and b/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png differ diff --git a/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..57c9fa5460323823edb0289c1d15f0f561e0c06e Binary files /dev/null and b/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png differ diff --git a/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png index e80681aeb7305ab08c1f55df7edd35fc9d0eb171..af7f8288da6854204dcc4e6678b9053cd72032c4 100644 Binary files a/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png differ diff --git a/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..2272d478c38ddb2a4b3c592b2eadee8d4e296432 Binary files /dev/null and b/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png differ diff --git a/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..c61e948bbf7441fd3825bdeffd615dfe30964dc8 Binary files /dev/null and b/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png differ diff --git a/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png index 76e07f0970ac317b1bddfb265c5b3b57079dc4fc..b7c7ffd0e795ba76ed3a062566c9016448795f7a 100644 Binary files a/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png differ diff --git a/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..f49aed757118a941b567629ec217cde1aaf257e8 Binary files /dev/null and b/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png differ diff --git a/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..a3c80e73daa9dc4b85cddf9421b7127a4e18ac5d Binary files /dev/null and b/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png index 0eb9d8b083f0e23cad450e6b81e6e31c06e730e5..6b717e0dda8649aa3b5f1d6851ba0dd20cc4ea66 100644 Binary files a/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..7192ad487eacb4f8f530ebe2878760e2528fbc5f Binary files /dev/null and b/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..547ef30aacdebbd5bc27a3831971aa49be8813f7 Binary files /dev/null and b/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png index 7b2a480a02138f7e1627c47c7810769c07d02987..39641921925f090e33df2767a4ee5e6d5911194f 100644 Binary files a/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..660ac658589240d14b259e91e6864dc8a8f3665d Binary files /dev/null and b/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png differ diff --git a/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png new file mode 100644 index 0000000000000000000000000000000000000000..be5c062b5feeba5eff766b2fdae6dccb60cb4b0e Binary files /dev/null and b/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png differ diff --git a/app/src/main/res/drawable/white_rect.xml b/app/src/main/res/drawable/white_rect.xml index 5ead4b9b77320adfdea56a6edfaabe7bdc97ff6a..36df6913264e41ebac79da8475054da34338b37a 100644 --- a/app/src/main/res/drawable/white_rect.xml +++ b/app/src/main/res/drawable/white_rect.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/layout-sw600dp-port/log_fragment.xml b/app/src/main/res/layout-sw600dp-port/log_fragment.xml index 1fb9fa543c71167c8982f20b3277408ef77ebb19..7a4b60fe471128008795204c6d9506e8c2dd72e0 100644 --- a/app/src/main/res/layout-sw600dp-port/log_fragment.xml +++ b/app/src/main/res/layout-sw600dp-port/log_fragment.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/layout-sw600dp/log_fragment.xml b/app/src/main/res/layout-sw600dp/log_fragment.xml index 0bd3f99161c8e850ce03c502cf72378808b1ddb7..26f63df407b955766a3c1d4a752556f7af9b723b 100644 --- a/app/src/main/res/layout-sw600dp/log_fragment.xml +++ b/app/src/main/res/layout-sw600dp/log_fragment.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/layout/log_fragment.xml b/app/src/main/res/layout/log_fragment.xml index 491882a94ed654b708ab80f160e30866e5d16fb8..ab070117b3d2b8bc548b39f41e3b3021923ffc04 100644 --- a/app/src/main/res/layout/log_fragment.xml +++ b/app/src/main/res/layout/log_fragment.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/layout/log_silders.xml b/app/src/main/res/layout/log_silders.xml index 152407f90324efcf6fa74626dc0787aa900afb73..4196e2431a21902934ad2ced8c72f59e35b58fbe 100644 --- a/app/src/main/res/layout/log_silders.xml +++ b/app/src/main/res/layout/log_silders.xml @@ -2,7 +2,7 @@ @@ -63,4 +63,11 @@ + + \ No newline at end of file diff --git a/app/src/main/res/layout/log_window.xml b/app/src/main/res/layout/log_window.xml index fcc7aa7a2b777308a8b0bb5480e73cd2e9331764..7c25dcfa8a720ee474ae032e4b93bf244036e5ff 100644 --- a/app/src/main/res/layout/log_window.xml +++ b/app/src/main/res/layout/log_window.xml @@ -1,5 +1,5 @@ diff --git a/app/src/main/res/layout/vpnstatus.xml b/app/src/main/res/layout/vpnstatus.xml index 2d77bbabadfbd0891dc3499353254e11e69ec07b..b304ad101c8f6dbde5ea39a11f3782957a132067 100644 --- a/app/src/main/res/layout/vpnstatus.xml +++ b/app/src/main/res/layout/vpnstatus.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml index 2df53141165ade8794e6ba8c89eb2515d62635cd..4c8daf3591426c7a666fb152c012b792911217a6 100644 --- a/app/src/main/res/menu/logmenu.xml +++ b/app/src/main/res/menu/logmenu.xml @@ -1,6 +1,6 @@ @@ -11,26 +11,26 @@ android:id="@+id/toggle_time" android:alphabeticShortcut="t" android:icon="@drawable/ic_menu_view" - android:showAsAction="withText|ifRoom" + android:showAsAction="ifRoom" android:title="@string/logview_options" /> diff --git a/app/src/main/res/values-cs/strings-icsopenvpn.xml b/app/src/main/res/values-cs/strings-icsopenvpn.xml index 12837f132a38e7fcacd27d5e77e19f2b85b9e06c..f5e4db608f9f75fbb22375e4d86d9a81272b7d55 100755 --- a/app/src/main/res/values-cs/strings-icsopenvpn.xml +++ b/app/src/main/res/values-cs/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,6 @@ Žádný CA certifikát nebyl získán z úložiště, autentikace pravděpodobně selže. Zobrazit okno s logem při připojování. okno lze vždy otevřít z notifikace. Zobrazit okno s logem - Spuštěno na %1$s (%2$s) %3$s, Android API %4$d Chyba při podepisování klíčem %1$s: %2$s VPN varování při připojování oznamující o možnosti přesměrování veškerého provozu je vynuceno systémem, aby se zabránilo zneužití VPNService API.\nNotifikace (symbol s klíčem) je také vynucena systémem, aby signalizovala odchozí VPN spojení. Na některých systémech přehrává notifikace i zvuk.\nAndroid zavedl tyto dialogy pro tvoji osobní bezpečnost a ujistil se, že nejdou obejít. (Někdu to bohužel zahrnuje i zvuk notifikace.) Varování při připojení a zvuková notifikace @@ -260,7 +259,6 @@ Šifrovací algoritmus Ověřování paketů Zadej způsob ověřování paketů - Běží na %1$s (%2$s) %3$s, Android API %4$d, verze %5$s, %6$s sestaveno od %s ladící verze oficiální verze diff --git a/app/src/main/res/values-de/strings-icsopenvpn.xml b/app/src/main/res/values-de/strings-icsopenvpn.xml index bb22c37378917a60f70377ceee4cf55da1350111..c78c003931ce20774d68e5d6591b41825be78a9e 100755 --- a/app/src/main/res/values-de/strings-icsopenvpn.xml +++ b/app/src/main/res/values-de/strings-icsopenvpn.xml @@ -1,43 +1,43 @@ Server: - Server Port: + Port: Ort Verzeichnis kann nicht gelesen werden Auswählen Abbrechen Keine Daten - LZO Komprimierung + LZO-Komprimierung Kein Zertifikat Clientzertifikat Clientzertifikatsschlüssel - PKCS12 Datei - CA Zertifikat + PKCS12-Datei + CA-Zertifikat Kein Zertifikat ausgewählt - Quellcode und Issue Tracker sind verfügbar unter http://code.google.com/p/ics-openvpn/ + Quellcode und Issue-Tracker sind verfügbar unter https://github.com/schwabe/ics-openvpn Dieses Programm nutzt die folgenden Komponenten. Die kompletten Lizenzdetails sind im Quelltext verfügbar. Über Profile Typ - PKCS12 Passwort + PKCS12-Passwort Auswählen… Nichts ausgewählt - Benutze TLS Authentifizierung - TLS Richtung - Tragen Sie die IPv6 Adresse und Netzmaske im CIDR Format ein (z.B. 2000:dd::23/64) - Tragen Sie die IPv4 Adresse und Netzmaske im CIDR Format ein (z.B. 1.2.3.4/24) - IPv4 Adresse - IPv6 Adresse - Tragen Sie eigene OpenVPN Optionen ein. Beachten Sie, dass einige (vor allem tun spezifische) Optionen von der Android Version nicht unterstützt werden können. Wenn Sie denken, dass eine wichtige Option fehlt, kontaktieren Sie den Autor + TLS-Authentifizierung verwenden + TLS-Richtung + Tragen Sie die IPv6-Adresse und Netzmaske im CIDR-Format ein (z.B. 2000:dd::23/64) + Tragen Sie die IPv4-Adresse und Netzmaske im CIDR-Format ein (z.B. 1.2.3.4/24) + IPv4-Adresse + IPv6-Adresse + Tragen Sie eigene OpenVPN-Optionen ein. Beachten Sie, dass einige (vor allem tun-spezifische) Optionen von der Android-API nicht unterstützt werden. Wenn Sie denken, dass eine wichtige Option fehlt, kontaktieren Sie den Autor Benutzername Passwort - Für die statische Konfiguration werden die TLS Auth Schlüssel als statische Schlüssel benutzt + Für die statische Konfiguration werden die TLS-Authentifizierungsschlüssel als statische Schlüssel benutzt VPN konfigurieren Profil hinzufügen Geben Sie einen Namen für das neue Profil an @@ -47,193 +47,193 @@ Kein Fehler. Fehler in der Konfiguration Fehler beim Auflösen der IPv4-Adresse - Kann die manuell angegeben Routen nicht parsen - (Leer lassen um nicht zu speichern) - OpenVPN Verknüpfung + Kann die manuell angegeben Routen nicht verarbeiten + (Leer lassen, um nicht zu speichern) + OpenVPN-Verknüpfung VPN verbinden Von der Verknüpfung referenziertes Profil konnte nicht gefunden werden - Random Host Präfix - Verwürfelt den Hostnamen mit zufälligen Präfix + Zufälliger Host-Präfix + Fügt 6 zufällige Zeichen am Anfang des Hostnamens hinzu Eigene Konfigurationsoptionen - Geben Sie eigene Konfigurationsoptionen an. Seien Sie vorsichtig! - Route von Android zurückgewiesen. + Hier können Sie eigene Konfigurationsoptionen angeben. Seien Sie vorsichtig! + Route von Android zurückgewiesen Trennen - VPN Verbindung trennen - Log löschen. - Trennungsbestätigung + VPN-Verbindung trennen + Protokoll löschen + Trennen bestätigen Möchten Sie das VPN trennen bzw. den Verbindungsversuch abbrechen? VPN löschen - Überprüfe, ob der Server ein Zertifikat mit TLS-Servererweiterungen verwendet (--remote-cert-tls server) + Überprüfen, ob der Server ein Zertifikat mit TLS-Servererweiterungen verwendet (--remote-cert-tls server) TLS-Serverzertifikat erwarten - Server Zertifikatssubjekt DN überprüfen - Zertifikat Namen überprüfen - Spezifizieren Sie die Methode mit welcher der DN des Serverzertifikates (z. B. C=DE, L=Paderborn, OU=Avian IP-Carrier, CN=openvpn.blinkt.de) überprüft wird.\n\nSie können den vollständigen DN oder den RDN (openvpn.blinkt.de im Beispiel) oder ein RDN-Präfix angeben.\n\nDer RDN Präfix \"Server\" erlaubt z.B. \"Server-1\" und \"Server-2\" \n\nWenn Sie das Eingabefeld leer lassen, wird der RDN gegen den Servernamen geprüft.\n\n Für weitere Details sehen Sie die Manpage von OpenVPN 2.3.1+ unter —verify-x509-name - Serverzertifikat Subject - Benutzte TLS Schlüssel Authentifizierung - TLS Auth Datei - Fordert IP Adressen, Routen und andere Optionen vom Server an. - Keine Informationen werden vom Server bezogen. Geben Sie manuell die Optionen an. - Pull Settings + Subjekt-DN des Serverzertifikats überprüfen + Hostnamen überprüfen + Geben Sie hier die Methode an, mit welcher der DN des Serverzertifikates (z. B. C=DE, L=Paderborn, OU=Avian IP-Carrier, CN=openvpn.blinkt.de) überprüft wird.\n\nSie können den vollständigen DN, den RDN (openvpn.blinkt.de im Beispiel) oder ein RDN-Präfix angeben.\n\nDer RDN-Präfix \"Server\" erlaubt z.B. \"Server-1\" und \"Server-2\".\n\nWenn Sie das Eingabefeld leer lassen, wird der RDN gegen den Servernamen geprüft.\n\n Weitere Details finden Sie in der Manpage von OpenVPN 2.3.1+ unter —verify-x509-name + Subject des Serverzertifikats + TLS-Schlüssel-Authentifizierung verwenden + Schlüssel-Datei + IP-Adressen, Routen und andere Optionen vom Server anfordern. + Keine Informationen werden vom Server bezogen. Alle Einstellungen müssen unten manuell getätigt werden. + Informationen abrufen DNS - Eigene DNS Server. - Eigene DNS Server benutzen. - DNS Such Domäne - Primärer DNS Server - DNS Server - Sekundärer DNS Server. Wird genutzt falls der normale DNS Server nicht erreicht werden kann - Backup DNS Server - Ignoriere gepushte Routen - Ignoriere die Routen, die der Server dem Client sendet. - Leitet allen Internet Verkehr über das VPN - Benutze Default Route - Benutze eigene Routen. Geben Sie Zielnetzwerk im CIDR Format an. Z.b. \"10.0.0.0/8 2002::/16\" würde die Netzwerke 10.0.0.0/8 und 2002::/16 über das VPN routen. + Eigene DNS-Server + Eigene DNS-Server an Stelle der vom Server gesendeten verwenden + Such-Domäne + Primärer DNS-Server + DNS-Server + Sekundärer DNS-Server, der genutzt wird, falls der normale DNS Server nicht erreicht werden kann. + Backup-DNS-Server + Gepushte Routen ignorieren + Vom Server gesendete Routen ignorieren + Sämtlichen Internetverkehr über das VPN leiten + Default-Route verwenden + Geben Sie hier eigene Routen an. Geben Sie dabei nur das Zielnetz im CIDR-Format an; zum Beispiel würde \"10.0.0.0/8 2002::/16\" die Netze 10.0.0.0/8 und 2002::/16 über das VPN routen. Routen, die NICHT über das VPN geleitet werden sollen. Verwendet die gleiche Syntax wie bei den eigenen Routen. Eigene Routen Ausgeschlossene Netze - Log Detail Level - Erlaube authentifizierte Pakete von jeder IP - Erlaube floating Server + Protokollumfang + Authentifizierte Pakete von jeder IP zulassen + Floating Server zulassen Eigene Optionen - Ändere VPN Einstellungen - VPN Profile \'%s\' löschen? - Auf manchen ROM Version sind eventuell die Zugriffsrechte von /dev/tun falsch oder das tun Kernel Modul fehlt. Für Cyanogenmod 9 ROMs mit root gibt einen provisorischen Fix in den generellen Einstellungen. - Das Öffnen des tun Interfaces ist katastrophal gescheitert + VPN-Einstellungen ändern + VPN-Profil \'%s\' löschen? + Auf manchen Custom-ROM-Version sind eventuell die Zugriffsrechte von /dev/tun falsch oder das tun-Kernelmodul fehlt. Für Cyanogenmod 9-ROMs mit Root finden Sie einen provisorischen Fix in den allgemeinen Einstellungen. + Die tun-Schnittstelle konnte nicht geöffnet werden "Fehler: " - Clear - Öffne tun Netzwerkinterface: + Entfernen + Tun-Netzwerkinterface wird geöffnet: Lokale IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d DNS-Server: %1$s, Domäne: %2$s Routen: %1$s %2$s - ausgeschlossene Routen: %1$s %2$s - Installierte Routen (VpnService): %1$s %2$s - Interface Information %1$s und %2$s, nehme an, die zweite Adresse ist die Peer Adresse. Benutze /32 Netzmaske für die lokale IP Adresse. Interface Modus spezifiziert von OpenVPN ist \"%3$s\". - Die Route %1$s mit der Netzmaske %2$s ist keine Route mit einer CIDR Netzmaske, benutze /32 als Netzmaske. + Ausgeschlossene Routen: %1$s %2$s + Installierte VpnService-Routen: %1$s %2$s + Interface Information %1$s und %2$s: verwende die zweite Adresse als Peer-Adresse. Benutze /32-Netzmaske für die lokale IP-Adresse. Von OpenVPN gesetzter Interface-Modus ist \"%3$s\". + Die Route %1$s mit der Netzmaske %2$s ist keine Route mit einer CIDR-Netzmaske; verwende /32 als Netzmaske. Route %1$s/%2$s korrigiert zu %3$s/%2$s - Kann nicht auf die Android Keychain Zertifikate zugreifen (dies kann durch ein System Update oder durch Zurücksichern der Anwendung aus einem Backup hervorgerufen werden). Bitte editieren Sie das VPN und wählen Sie erneut das Zertifikat in dem Grundeinstellungen aus, um die Zugriffsberechtigung für das Zertifikat wieder herzustellen. + Kann nicht auf die Zertifikate im Android-Zertifikatsspeicher zugreifen. Dies kann durch ein Systemupdate oder durch Zurückspielen der App oder ihrer Einstellungen aus einem Backup hervorgerufen werden. Bitte bearbeiten Sie das VPN und wählen Sie das Zertifikat erneut in den Grundeinstellungen aus, um die Zugriffsberechtigung für das Zertifikat wieder herzustellen. %1$s %2$s - Sende Logdatei - Sende - ICS OpenVPN log Datei - Log Eintrag in die Zwischenablage kopiert - Tap Mode - Die VPN API von Android, die ohne rooten des Telefons funktioniert, unterstützt nur den tun Modus. Das Unterstützen des Tap Modus ist daher nicht möglich. - Die gleiche Frage nochmal? Meinen Sie das ernst? Ohne root kann tap wirklich nicht unterstützt werden. Emails an mich, mit der Frage, wann tap unterstützt wird, helfen hier kein Stück. - Ein drittes Mal? Nun gut, theoretisch kann tap mit einem tun Gerät emuliert werden. Dieser tap Emulator müsste die Layer 2 Informationen beim Senden hinzufügen und beim Empfangen wieder entfernen. Zusätzlich muss noch ARP und sinnvollerweise auch ein DHCP Client implementiert werden. Mir ist niemand bekannt, der etwas in dieser Richtung unternimmt. Kontaktieren Sie mich, falls Sie so etwas implementieren möchten. + Protokoll senden + Senden + ICS-OpenVPN-Protokolldatei + Protokolleintrag in die Zwischenablage kopiert + Tap-Modus + Da der Tap-Modus von der Android-VPN-API nicht unterstützt wird, kann in dieser App nur der Tun-Modus verwendet werden. + Die gleiche Frage nochmal? Meinen Sie das ernst? Ohne Root kann tap wirklich nicht unterstützt werden. Es hilft dabei auch nicht, mir Emails mit der Frage, wann tap unterstützt wird, zu senden. + Ein drittes Mal? Nun gut, theoretisch kann tap mit einem tun-Gerät emuliert werden. Dieser tap-Emulator müsste die Layer 2-Informationen beim Senden hinzufügen und beim Empfangen wieder entfernen. Zusätzlich muss noch ARP und sinnvollerweise auch ein DHCP-Client implementiert werden. Mir ist niemand bekannt, der etwas in dieser Richtung unternimmt. Kontaktieren Sie mich, falls Sie so etwas implementieren möchten. FAQ - Kopieren von Log Einträgen - Um einen einzelnen Log Eintrag zu kopieren berühren Sie den Log Eintrag und halten Sie gedrückt. Um das ganze Log zu Kopieren/Versenden benutzen Sie die \"Sende Log\" Option. Falls Sie Option nicht im in der GUI sehen, drücken Sie die Menü Taste am Gerät. + Kopieren von Protokolleinträgen + Um einen einzelnen Protokolleintrag zu kopieren, berühren Sie den Eintrag und halten Sie ihn gedrückt. Verwenden Sie die Option \"Protokoll versenden\", um das ganze Protokoll zu kopieren oder versenden. Falls Sie Option nicht in der Titelzeile sehen, drücken Sie die Menütaste des Gerätes. Verknüpfung zu einem VPN - Sie können ein Shortcut zum Starten des VPN auf Ihren Startbildschirm ablegen. Abhängig von der verwendeten Benutzeroberfläche müssen Sie ein Widget, einen Shortcut oder eine Verknüpfung hinzufügen. - Dieses Android ROM enthält keine VPNService API. Sorry :( + Sie können eine Verknüpfung zum Starten des VPN auf Ihren Startbildschirm ablegen. Abhängig von der verwendeten Benutzeroberfläche müssen Sie entweder ein Widget oder eine Verknüpfung hinzufügen. + Ihre Gerätefirmwäre unterstützt die VPNService-API nicht. Tut uns leid :( Verschlüsselung - Geben Sie die Verschlüsslungsmethode an + Geben Sie die Verschlüsselungsmethode an Geben sie den Verschlüsslungsalgorithmus an, der von OpenVPN genutzt werden soll. Lassen sie das Feld frei, um den Standardalgorithmus zu verwenden. - Geben Sie den Hashalgorithmus der zur Nachrichtenauthentifizierung benutzt wird an. Leer lassen um den Standard Algorithmus zu nutzen. + Geben Sie den Hashalgorithmus, der zur Nachrichtenauthentifizierung benutzt wird, an. Lassen Sie das Feld frei, um den Standard-Algorithmus zu nutzen. Authentifizierung/Verschlüsselung Datei auswählen… Eingebettete Datei - Fehler beim importieren der Datei + Fehler beim Import der Datei Konnte Datei nicht vom Dateisystem importieren [[Eingebettete Datei]] - Verweigere tun Gerät zu öffnen ohne IP Information - Importiere Profil von .ovpn Datei + Verweigere, das tun-Gerät ohne IP-Informationen zu öffnen + Profil aus .ovpn-Datei importieren Import Konnte zu importierendes Profil nicht lesen Fehler beim Lesen der Konfigurationsdatei Profil hinzufügen - Konnte die Datei %1$s, die in der importierten Konfiguration angeben war, nicht finden + Konnte die Datei %1$s, die in der importierten Konfiguration angegeben war, nicht finden Importiere Konfigurationsdatei aus %1$s - Ihre Konfiguration hatte ein paar Konfigurationsoptionen, die nicht direkt mit der GUI konfigurierbar sind. Diese Optionen wurden als benutzerdefinierte Konfigurationsoptionen hinzugefügt. Dies sind: - Konfigurationsdatei lesen abgeschlossen. - Binde nicht an lokalen Port und IP Adresse + In Ihren Konfiguration waren Konfigurationsoptionen enthalten, die nicht direkt mit der GUI konfigurierbar sind. Diese Optionen wurden als benutzerdefinierte Konfigurationsoptionen hinzugefügt. Dies sind: + Lesen der Konfigurationsdatei abgeschlossen. + Nicht an lokalen Port und IP-Adresse binden Kein lokales Binden - Importiere Konfigurationsdatei + Zu importierende Konfigurationsdatei Bemerkungen zur Sicherheit - Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD Karte befinden sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Diese Anwendung braucht zum Beispiel keine SD Karten Berechtigung). Die restlichen Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN Profil gespeichert. Die VPN Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD Karte zu löschen). Die Daten die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit diese mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellend diese Daten auszulesen. Gespeicherte Passwörter werden auch im Klartext gespeichert. Es wird dringend empfohlen die Zertifikate in dem Android Keystore zu speichern.\" + Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD-Karte befinden, sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Auch diese Anwendung braucht zum Beispiel keine Berechtigung für SD-Karten-Zugriff). Die restliche Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN-Profil gespeichert. Die VPN-Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD-Karte zu löschen). Die Daten, die die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit, diese Daten mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellen auszulesen. Auch gespeicherte Passwörter werden im Klartext gespeichert. Es wird daher dringend empfohlen, die Zertifikate im Android-Zertifikatsspeicher zu speichern. Importieren Fehler beim Anzeigen des Zertifikatsauswahlbildschirmes - Android hat einen Fehler beim Anzeigen des Zertifikat Dialog gemeldet. Dies sollte nie passieren, da dies ein Standard Feature von Android 4.0+ ist. Eventuell ist Unterstützung von Zertifikaten in Ihrer Firmware fehlerhaft + Konnte den Zertifikatsdialog nicht öffnen. Dies sollte nie passieren, da dies eine Standardfunktion von Android 4.0+ ist. Eventuell ist die Unterstützung von Zertifikaten in der Firmware Ihres Gerätes fehlerhaft IPv4 IPv6 - Warte auf OpenVPN Status Nachricht… + Warte auf OpenVPN-Status-Nachricht… Importiertes Profil Importiertes Profil %d - Fehlerhafte Images - <p>Von offiziellen HTC Firmwares ist bekannt, dass diese teilweise merkwürdige Routing Probleme haben, die dafür sorgen, dass der Verkehr nicht durch den Tunnel fließt. (Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\">Issue 18</a> im Bug Tracker.)</p><p>Bei älteren Version der offiziellen SONY Firmwares für das Xperia arc S and Xperia Ray scheint der VPNService Support komplett zu fehlen. (Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\">Issue 29</a> im Bug Tracker.)</p><p>Auf anderen (insbesondere Custom ROMS) fehlt teilweise das tun Kernel Modul oder die Rechte von /dev/tun sind falsch gesetzt. Auf einigen CM9 Firmware wird die \"/dev/tun Eigentümer setzen\" Option in den Allgemeinen Einstellungen benötigt.</p><p>Am wichtigsten ist aber, falls Sie eine fehlerhafte Firmware haben, melden Sie dies Ihrem Hersteller. Je mehr Leute den Fehler dem Hersteller melden, desto wahrscheinlicher werden Sie eine Fehlerkorrektur bekommen.</p> - PKCS12 Veschlüsslungspassword - Passphrase privater Schlüssel + Fehlerhafte Firmwares + <p>Von offiziellen HTC-Firmwares ist bekannt, dass diese teilweise merkwürdige Routingprobleme haben, die dafür sorgen, dass der Verkehr nicht durch den Tunnel fließt. (Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\">Issue 18</a> im Bugtracker.)</p><p>Bei älteren Version der offiziellen Sony-Firmwares für das Xperia arc S and Xperia Ray scheint der VPNService-Support komplett zu fehlen. (Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\">Issue 29</a> im Bugtracker.)</p><p>Auf anderen (insbesondere Custom ROMs) fehlt teilweise das tun-Kernelmodul oder die Rechte von /dev/tun sind falsch gesetzt. Auf einigen CM9-Firmwares wird die Option \"Eigentümer von /dev/tun setzen\" in den Allgemeinen Einstellungen benötigt.</p><p>Am wichtigsten ist aber: falls Sie eine fehlerhafte Firmware haben, melden Sie dies Ihrem Hersteller. Je mehr Nutzer dem Hersteller den Fehler melden, desto wahrscheinlicher werden Sie eine Fehlerkorrektur bekommen.</p> + PKCS12-Verschlüsselungs-Passwort + Passphrase des privaten Schlüssels Passwort - Datei Symbol - TLS Authentifizierung + Dateisymbol + TLS-Authentifizierung Generierte Konfiguration Einstellungen - Versucht den Eigentümer von /dev/tun auf system zu ändern. Einige Cyanogenmod 9 ROM Versionen benötigen diese Option, damit die VPN API funktioniert. Benötigt root. - /dev/tun Eigentümer setzen. - Zeigt die generierte Konfigurationsdatei - Editiere \"%s\" - Generiere OpenVPN Konfiguration… - Aktivieren dieser Option zwingt OpenVPN dazu, beim Wechsel des Netzwerkes (WLAN zu Mobilfunk und umgekehrt), neu zu verbinden + Versucht, den Eigentümer von /dev/tun auf system zu ändern. Einige Cyanogenmod 9-ROM-Versionen benötigen diese Option, damit die VPN-API funktioniert. Benötigt root. + Eigentümer von /dev/tun setzen + Generierte Konfigurationsdatei anzeigen + Bearbeiten von \"%s\" + Generiere OpenVPN-Konfiguration… + VPN bei jedem Wechsel des verwendeten Netzwerktyps (WLAN zu Mobilfunk und umgekehrt) neu verbinden Netzwerkänderungen beachten Netzwerkstatus: %s - Das CA Zertifikat wird meist aus dem Zertifikatsspeicher automatisch ausgewählt. Sollte dies nicht funktionieren und Sie Verifizierungsprobleme erhalten(self signed certificate), wählen Sie manuell ein Zertifikat aus. + Das CA-Zertifikat wird meist automatisch aus dem Zertifikatsspeicher ausgewählt. Sollte dies nicht funktionieren und Sie Verifizierungsprobleme haben (self signed certificate), wählen Sie manuell ein Zertifikat aus. Auswählen - Beim Abfragen des Android KeyStore wurde kein CA Zertifikat zurückgegeben. Überprüfen des Serverzertifikat wird wahrscheinlich fehlschlagen. Geben Sie manuell ein CA Zertifikat an. - Zeigt das Status Log, wenn ein VPN verbunden wird. Das Status log kann immer über die Benachrichtigung aufgerufen werden. - Zeige Log - Modell %1$s (%2$s) %3$s, Android API %4$d - Fehler beim Zugriff auf den Android Keystore %1$s: %2$s - Die Meldung, dass OpenVPN versucht eine VPN-Verbindung aufzubauen und dabei den gesamten Netzwerkverkehr abhören kann, wird vom Android System selbst erzeugt. Diese wird vom System erzwungen, damit keine Anwendung vom Benutzer unbemerkt eine VPN Verbindung aufbauen kann\Die VPN Benachrichtigung (Das Schlüssel Symbol) wird genauso vom Android System angezeigt um eine bestehende VPN anzuzeigen.\nDiese beiden Features wurden in Android für die Sicherheit des Nutzers implementiert und können nicht umgangen werden. (Auf machen Telefon/Tablets wird die Benachrichtigung leider mit einem Ton signalisiert.) + Beim Abfragen des Android-Zertifikatsspeichers wurde kein CA-Zertifikat zurückgegeben. Die Überprüfung des Serverzertifikats wird wahrscheinlich fehlschlagen. Geben Sie manuell ein CA-Zertifikat an. + Verbindungsprotokoll beim Start einer VPN-Verbindung anzeigen. Das Protokoll kann unabhängig von dieser Einstellung immer über die Benachrichtigung aufgerufen werden. + Protokoll anzeigen + %10$s %9$s läuft auf %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) + Fehler beim Zugriff auf den Schlüssel %1$s im Android-Zertifikatsspeicher: %2$s + Die Meldung, dass OpenVPN versucht, eine VPN-Verbindung aufzubauen und dabei den gesamten Netzwerkverkehr abhören kann, wird vom Android-System erzwungen, damit keine Anwendung vom Benutzer unbemerkt eine VPN-Verbindung aufbauen kann.\Die VPN-Benachrichtigung (das Schlüsselsymbol) wird ebenso vom Android-System angezeigt, um eine bestehende VPN-Verbindung zu signalisieren.\nDiese beiden Features wurden in Android für die Sicherheit des Nutzers implementiert und können nicht umgangen werden. (Auf machen Telefon/Tablets wird die Benachrichtigung leider mit einem Ton signalisiert.) Warnung beim Verbinden und Benachrichtigungston - Deutsche Übersetzung von Arne Schwabe <arne@rfc2549.org> + Deutsche Übersetzung von Arne Schwabe <arne@rfc2549.org> und Danny Baumann <dannybaumann@web.de> IP und DNS Grundeinstellungen Routing Obskure OpenVPN Einstellungen, die normalerweise nicht benötigt werden. Erweitert - ICS OpenVPN Konfiguration - Es werden keine DNS Server für die VPN Verbindung genutzt. Die Namensauflösung wird möglicherweise nicht funktionieren. Ziehen Sie in Erwähung selbst DNS Server in den Optionen zu setzen. Beachten Sie weiterhin, dass Android die Proxyeinstellungen für Handy/WLAN weiterhin benutzt, falls keine DNS Server für das VPN festgelegt sind. - Konnte den DNS Server \"%1$s\" nicht hinzufügen, da das System ihn zurückweist mit %2$s - Konnte die IP Adresse \"%1$s\" nicht setzen, abgelehnt vom System: %2$s - <p>Benutzen Sie eine funktionierende Konfiguration (getestet auf einem Computer, oder von Ihrer Organisation/Ihrem Provider bereitgestellt)</p><p>Falls Sie nur eine einzelne Datei benötigen, können Sie sich diese als Email-Anhang zuschicken. Falls Ihre OpenVPN Konfiguration aus mehreren Dateien besteht, müssen Sie alle Dateien auf die SD Karte kopieren.</p><p>Klicken Sie auf den Email Anhang im Android Mail Programm bzw. benutzen Sie das Ordner Symbol in der VPN Liste und wählen Sie die .ovpn bzw. .conf Konfigurationsdatei aus.</p><p>Falls der Import fehlende Dateien anmerkt, kopieren Sie diese auf die SD Karte und starten den Import erneut.</p><p>Benutzen Sie anschließend das Speichern Symbol um das VPN zur VPN Liste hinzuzufügen</p><p>Tippen Sie den Namen des VPNs an, um das VPN zu starten</p><p>Achten Sie auf Fehler und Warnungen im Verbindungslog.</p> + ICS-OpenVPN-Konfiguration + Es werden keine DNS-Server für die VPN-Verbindung genutzt. Die Namensauflösung wird möglicherweise nicht funktionieren. Ziehen Sie in Erwägung, selbst DNS-Server in den Einstellungen zu setzen. Beachten Sie weiterhin, dass Android die Proxyeinstellungen für Handy/WLAN weiterhin benutzt, falls keine DNS-Server für das VPN festgelegt sind. + Konnte den DNS-Server \"%1$s\" nicht hinzufügen, da das System ihn zurückweist: %2$s + Das Setzen der IP-Adresse \"%1$s\" wurde vom System abgewiesen %2$s + <p>Verwenden Sie eine funktionierende Konfiguration (auf einem Computer getestet, oder von Ihrer Organisation/Ihrem Provider bereitgestellt).</p><p>Falls Sie nur eine einzelne Datei benötigen, können Sie sich diese als Email-Anhang zuschicken. Falls Ihre OpenVPN-Konfiguration aus mehreren Dateien besteht, müssen Sie alle Dateien auf die SD-Karte kopieren.</p><p>Klicken Sie auf den Email-Anhang im Android-Mail-Programm bzw. verwenden Sie das Ordnersymbol in der VPN-Liste und wählen Sie die .ovpn- bzw. .conf-Konfigurationsdatei aus.</p><p>Falls der Import fehlende Dateien anmerkt, kopieren Sie diese auf die SD-Karte und starten den Import erneut.</p><p>Verwenden Sie anschließend das \"Speichern\"-Symbol, um das VPN zur VPN-Liste hinzuzufügen.</p><p>Tippen Sie den Namen des VPNs an, um das VPN zu starten</p><p>Achten Sie auf Fehler und Warnungen im Verbindungsprotokoll.</p> Schnellstart - Versuche das tun.ko Kernel Modul zu laden. Benötigt root. - Lade tun Modul - Importiere die PKCS12 Datei, die in der Konfiguration angegeben ist, in den Android Keystore - Fehler beim Ermitteln der Proxy Einstellungen: %s - Benutzt Proxy %1$s %2$d - Benutze System Proxys - Benutze die System weiten Einstellungen für HTTP/HTTPS Proxys beim Verbinden. + Versuchen das Kernelmodul tun.ko zu laden. Benötigt Root. + Tun-Modul laden + In der Konfiguration angegebene PKCS12-Datei in den Android-Zertifikatsspeicher importieren + Fehler beim Ermitteln der Proxy-Einstellungen: %s + Verwende Proxy %1$s %2$d + System-Proxys verwenden + Systemweite Einstellungen für HTTP- und HTTPS-Proxys beim Verbinden verwenden. <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">Spenden mit PayPal</a> - OpenVPN wird bei einem Neustart des Telefon das beim herunterfahren/neu starten aktive VPN wieder verbinden. Bitte lesen Sie die FAQ \"Warnung beim Verbinden\" FAQ bevor Sie diese Option verwenden. + OpenVPN wird bei einem Neustart des Telefons das beim Herunterfahren aktive VPN wieder verbinden. Bitte lesen Sie die FAQ \"Warnung beim Verbinden\", bevor Sie diese Option verwenden. Nach Neustart verbinden Ignorieren Neu verbinden - Konfigurationsänderungen werden erst nach einem VPN Neustart aktiv. Jetzt neu verbinden? + Konfigurationsänderungen werden erst nach einem Neustart des VPNs aktiv. Jetzt neu verbinden? Konfiguration geändert - Konnte das zuletzt verbundene Profile beim Versuch des Editieren nicht ermitteln. + Konnte das zuletzt verbundene Profil beim Versuch des Editierens nicht ermitteln Doppelte Benachrichtigungen - Android beendet automatisch Anwendungen und Dienste, die im Hintergrund laufen, wenn der Arbeitsspeicher knapp wird. Wird dabei OpenVPN beendet, bricht die VPN Verbindung ab. Um dies zu vermeiden, läuft der VPN Prozess mit einer höheren Priorität. Um eine höhere Priorität nutzen zu können, muss die Anwesenheit des Prozesses dem Benutzer im Form einer Benachrichtigung mitgeteilt werden. Daher zeigt OpenVPN für Android immer seine eigene Benachrichtigung an. Die Schlüssel Benachrichtigung, die auch im letzten Eintrag erklärt wird, zählt leider nicht als Benachrichtigung, die der Anwendung erlaubt mit höherer Priorität zu arbeiten. - Keine VPN Profile definiert. - Benutzen Sie <img src=\"ic_menu_add\"/> um ein neues VPN anzulegen - Benutzen Sie <img src=\"ic_menu_archive\"/> um ein vorhandenes (.ovpn oder .conf) Profil von Ihrer SD Karte zu importieren - Lesen Sie auch die FAQ. Dort befindet sich eine Schnellstart Anleitung - Routing/Netzwerk Konfiguration - In dieser Anwendung wird die Routing und Netzwerkkonfiguration nicht mit den traditionellen ifconfig/route Kommandos konfiguriert sondern mittels der VPNService API. Diese erwartet eine Tunnel IP Adresse und die Netzwerke, die über den Tunnel geroutet werden sollen. Insbesondere wird keine Gateway oder Peer IP Adresse benötigt. Die Anwendung ignoriert diese daher auch beim Import. Dass die Verbindung zum VPN Server nicht über den Tunnel geroutet wird, wird auch über die VPNService API sichergestellt ohne dass hierfür spezielle Routen nötig sind. Da nur Netzwerke, die über den Tunnel geroutet werden sollen, angeben werden können, ist es nicht möglich andere Routen zu unterstützen. Die Anwendung versucht daher andere Routen (wie z.B. route x.x.x.x y.y.y.y net_gateway)\" die nicht über den Tunnel geroutet werden sollen zu erkken und eine Menge von Routen zu berechnen die das Verhalten auf anderen Plattformen emulieren. Das Verbindungslog zeigt die genaue Konfiguration und die errechneten Routen beim Verbinden an. + Android beendet automatisch Anwendungen und Dienste, die im Hintergrund laufen, wenn der Arbeitsspeicher knapp wird. Wird dabei OpenVPN beendet, bricht die VPN-Verbindung ab. Um dies zu vermeiden, läuft der VPN-Prozess mit einer höheren Priorität. Um eine höhere Priorität nutzen zu können, muss dem Benutzer die Anwesenheit des Prozesses in Form einer Benachrichtigung mitgeteilt werden. Daher zeigt OpenVPN für Android immer seine eigene Benachrichtigung an. Die Schlüssel-Benachrichtigung, die auch im letzten Eintrag erklärt wird, zählt leider nicht als Benachrichtigung, die der Anwendung erlaubt, mit höherer Priorität zu arbeiten. + Keine VPN-Profile definiert. + Durch Berühren von <img src=\"ic_menu_add\"/> können Sie ein neues VPN anlegen + Berühren Sie <img src=\"ic_menu_archive\"/>, um ein vorhandenes Profil von Ihrer SD-Karte zu importieren + Werfen Sie auch einen Blick in die FAQ. Dort befindet sich eine Schnellstart-Anleitung. + Routing-/Netzwerk-Konfiguration + In dieser App wird die Routing- und Netzwerkkonfiguration nicht mit den traditionellen ifconfig-/route-Kommandos konfiguriert, sondern mittels der VPNService-API. Diese erwartet eine Tunnel-IP-Adresse und die Netze, die über den Tunnel geroutet werden sollen. Insbesondere wird keine Gateway- oder Peer-IP-Adresse benötigt. Die Anwendung ignoriert diese daher auch beim Import. Die VPNService-API stellt weiterhin sicher, dass die Verbindung zum VPN-Server nicht über den Tunnel geroutet wird, ohne dass hierfür spezielle Routen nötig sind. Da nur Netze, die über den Tunnel geroutet werden sollen, angeben werden können, ist es nicht möglich andere Routen zu unterstützen. Die Anwendung versucht daher andere Routen (wie z.B. route x.x.x.x y.y.y.y net_gateway), die nicht über den Tunnel geroutet werden sollen, zu erkennen, und eine Menge von Routen zu berechnen, die das Verhalten auf anderen Plattformen emulieren. Das Verbindungsprotokoll zeigt die genaue Konfiguration und die errechneten Routen beim Verbinden an. Verhindere Zurückfallen auf nicht VPN Verbindungen während OpenVPN neu verbindet. - Persistentes tun Device - OpenVPN-Log - OpenVPN Konfiguration importieren + Persistentes tun-Device + OpenVPN-Protokoll + OpenVPN-Konfiguration importieren Energieverbrauch - In meinen eigenen Tests ist der Hauptgrund für den hohen Stromverbrauch von OpenVPN das Senden und Empfangen der Keepalive-Pakete. Die meisten OpenVPN-Server haben eine Konfigurationsoption wie \'keepalive 10 60\', was bedeutet, dass vom Client an den Server und vom Server an den Client alle zehn Sekunden ein Paket geschickt wird. <p> Diese Pakete sind klein und erzeugen keine große Datenmenge. Sie sorgen allerdings dafür, dass permanent Daten übertragen werden und somit auch die Mobilfunk- bzw. WLAN Einheit aktiv ist und steigern damit den Energieverbrauch. (Siehe auch <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Android Developers</a>)<p> Diese keepalive Einstellung kann nicht auf dem Client geändert werden. Nur der Systemadministrator des VPN Servers kann die Einstellung ändern. lt;pgt; Leider hat eine keepalive Einstellung von mehr als 60 Sekunden unter udp Probleme mit einigen NAT-Gateways, die für inaktive Verbindungen nur eine sehr kurze Haltzeit haben und danach verwerfen (60s in meinen Tests). Benutzen von TCP mit langen Keep-Alive-Timeouts funktioniert, hat aber das TCP über TCP Problem. (Siehe <a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" > Why TCP Over TCP Is A Bad Idea </a>) - Die Funktion \"Anbindung & mobiler WLAN-Hotspot\" und die VPNService-API, die von diesem Programm verwendet wird, funktionieren nicht zusammen. Für weitere Details siehe <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"> Issue #34 </a> + Nach meinen eigenen Tests ist der Hauptgrund für den hohen Stromverbrauch von OpenVPN das Senden und Empfangen der Keep-Alive-Pakete. Die meisten OpenVPN-Server haben eine Konfigurationsoption wie \'keepalive 10 60\', was bedeutet, dass vom Client an den Server und vom Server an den Client alle zehn Sekunden ein Paket geschickt wird. <p> Diese Pakete sind klein und erzeugen keine große Datenmenge. Sie sorgen allerdings dafür, dass permanent Daten übertragen werden und somit auch die Mobilfunk- bzw. WLAN-Einheit aktiv ist und steigern damit den Energieverbrauch. (Siehe auch <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Android Developers</a>)<p> Diese Keep-Alive-Einstellung kann nicht auf dem Client geändert werden. Nur der Systemadministrator des VPN-Servers kann die Einstellung ändern. <p> Leider hat eine Keep-Alive-Einstellung von mehr als 60 Sekunden unter UDP Probleme mit einigen NAT-Gateways, die für inaktive Verbindungen nur eine sehr kurze Haltezeit haben und danach verwerfen (60s in meinen Tests). Benutzen von TCP mit langen Keep-Alive-Timeouts funktioniert, hat aber das TCP-über-TCP-Problem. (Siehe <a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" > Why TCP Over TCP Is A Bad Idea </a>) + Die Funktion \"Anbindung & mobiler WLAN-Hotspot\" und die VPNService-API, die von dieser App verwendet wird, funktionieren nicht zusammen. Für weitere Details siehe <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"> Issue #34 </a> VPN und \"Anbindung & mobiler WLAN-Hotspot\" - Anzahl Verbindungsversuche - Einstellungen für das Neuverbinden - Anzahl von Sekunden zwischen Verbindungsversuchen. - Sekunden zwischen Verbindungsversuchen - Der OpenVPN Prozess ist unerwartet abgestürzt. Bitte erwägen Sie die Option \"Minidump senden\" im Hauptmenü + Verbindungsversuche + Verbindungseinstellungen + Zeit, die zwischen zwei Verbindungsversuchen gewartet wird. + Zeit zwischen Verbindungsversuchen + Der OpenVPN-Prozess ist unerwartet abgestürzt. Bitte erwägen Sie die Option \"Minidump an Entwickler senden\" im Hauptmenü Minidump an Entwickler senden - Sendet Debugging Informationen des letzten Absturzes an den Entwickler + Informationen über den letzten Absturz zur Fehlersuche an den Entwickler senden OpenVPN - %s %1$s - %2$s %1$s - %3$s, %2$s @@ -241,13 +241,13 @@ Warte auf Serverantwort Authentifiziere Warte auf Clientkonfiguration - Weise IP Adressen zu - Hinzufügen von Routen + Weise IP-Adressen zu + Lege Routen an Verbunden Trennen Wiederverbinden Beende - Kein OpenVPN Prozess + OpenVPN läuft nicht Löse Hostnamen auf Verbinde (TCP) Authentifizierung fehlgeschlagen @@ -256,54 +256,53 @@ Nicht verbunden Verbinde mit VPN %s Verbinde mit VPN %s - Einige Versionen von Android 4.1 haben Probleme, wenn der Name des im Zertifikat Keystore gespeicherten Zertifikates nicht alphanumerische Zeichen (wie Leerzeichen, Unterstriche oder Bindestriche) enthält. Probieren Sie das Sie das Zertifikat mit einem Namen ohne Sonderzeichen zu importieren. + Einige Versionen von Android 4.1 haben Probleme, wenn der Name des im Zertifikatsspeicher gespeicherten Zertifikates nicht alphanumerische Zeichen (wie Leerzeichen, Unterstriche oder Bindestriche) enthält. Probieren Sie, das Zertifikat mit einem Namen ohne Sonderzeichen zu importieren Verschlüsselungsalgorithmus - Packetauthentifizierung + Paket-Authentifizierung Geben Sie den Authentifizierungsalgorithmus an - Modell %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s compiliert von %s Testversion offizielle Version - Ins Profil einbetten - Crashlog + In das Profil einbetten + Absturzinformationen Hinzufügen Konfigurationsdatei senden Völlständiger DN Ihre importierte Konfiguration verwendete die alte VERALTETE tls-remote-Option, die ein anderes DN-Format verwendet. - RDN (common name) - RDN Präfix + RDN (Common Name) + RDN-Präfix tls-remote (VERALTET) - Sie können helfen die Übersetzung zu verbessern auf der Website http://crowdin.net/project/ics-openvpn/invite - %1$s versucht %2$s zu steuern - Wenn Sie fortfahren, gestatten Sie der App OpenVPN für Android komplett zu kontrollieren und den gesamten Netzwerkverkehr abzufangen. Akzeptieren Sie nur, wenn Sie der App vertrauen. Anderenfalls riskieren Sie, dass Ihre Daten von schädlicher Software manipuliert werden + Sie können helfen, die Übersetzung zu verbessern: Besuchen Sie http://crowdin.net/project/ics-openvpn/invite + %1$s versucht, %2$s zu steuern + Wenn Sie fortfahren, gestatten Sie der App, OpenVPN für Android komplett zu kontrollieren und den gesamten Netzwerkverkehr abzufangen.Akzeptieren Sie nur, wenn Sie der App vertrauen.Anderenfalls riskieren Sie, dass Ihre Daten von schädlicher Software manipuliert werden. Ich vertraue dieser App. Keine App für die Verwendung der API freigegeben - Freigegebene Apps: %s + Zugelassene Apps: %s Liste der freigegeben externen Apps löschen? \nAktuelle Liste der freigegebenen Apps:\n\n%s - Pausiert das VPN, wenn der Bildschirm aus ist und weniger als 64 kB in 60 Sekunden übertragen wurden. Falls die Option \"Persistentes tun Device\" ausgewählt ist, wird durch das Pausieren des VPNs das Gerät KEINE Netzwerkverbindung haben. Ohne die \"Persistentes tun Device\" Option, benutzt das Gerät die normal (ungesicherte) Internetverbindung, wenn das VPN pausiert wird. - Bei ausgeschalteten Bildschirm VPN Verbindung pausieren - Pausiere VPN Verbindung da weniger als %1$s in %2$ss. - Warnung: Persistentes tun Device für dieses VPN nicht aktiviert. Der Netzwerkverkehr nutzt die normale Internet Verbindung, wenn der Bildschirm aus ist. - Passwort merken - VPN pausieren + VPN anhalten, wenn der Bildschirm ausgeschaltet ist und weniger als 64 kB in 60 Sekunden übertragen wurden. Falls die Option \"Persistentes tun-Device\" ausgewählt ist, wird durch das Gerät nach dem Anhalten des VPNs KEINE Netzwerkverbindung haben. Ohne die Option \"Persistentes tun-Device\" benutzt das Gerät die normale (ungesicherte) Internetverbindung, wenn das VPN angehalten wird. + Anhalten bei Inaktivität + VPN-Verbindung wird angehalten, da weniger als %1$s in %2$ss + Warnung: Persistentes tun-Device für dieses VPN nicht aktiviert. Der Netzwerkverkehr nutzt die normale Internetverbindung, wenn der Bildschirm ausgeschaltet ist. + Passwort speichern + VPN anhalten VPN fortsetzen - VPN Verbindung durch Benutzer pausiert - VPN pausiert wegen Inaktitvität pausiert (Bildschirm aus) - Geräte spezifische Hacks - Kann Zertifikatsinformationen nicht anzeigen. + VPN-Verbindung durch Benutzer angehalten + VPN auf Grund von Inaktitvität angehalten (Bildschirm ausgeschaltet) + Gerätespezifische Hacks + Zertifikatsinformationen können nicht angezeigt werden Anwendung VPN - Änderungen an VPN-profilen zulassen - Im Hardware Keystore gespeichert: - Symbol der Anwendung, die versucht OpenVPN für Android zu kontrollieren - Beginnend mit Android 4.3 wird der VPN-Bestätigungsdialog vor \"überlappenden Anwendungen\" geschützt. Dadurch kann es vorkommen, dass der Dialog nicht auf Eingaben reagiert. Eine Anwendung benutzen, die Overlays verwendet, kann dieses Verhalten verursachen. Sollten Sie solch eine verursachende Anwendung finden, kontaktieren Sie dessen Entwickler. Dieses Problem betrifft alle VPN-Anwendungen ab Android 4.3. Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" > Issue 185 <a> für zusätzliche Details \" + Änderungen an VPN-Profilen zulassen + Im Hardware-Zertifikatsspeicher gespeichert: + Symbol der App, die versucht, OpenVPN für Android zu steuern + Beginnend mit Android 4.3 wird der VPN-Bestätigungsdialog vor \"überlappenden Anwendungen\" geschützt. Dadurch kann es vorkommen, dass der Dialog nicht auf Eingaben reagiert. Die Verwendung von Apps, die Overlays verwenden, kann dieses Verhalten verursachen. Sollten Sie solch eine verursachende App finden, kontaktieren Sie dessen Entwickler. Dieses Problem betrifft alle VPN-Anwendungen ab Android 4.3. Siehe auch <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" > Issue 185 <a> für zusätzliche Details VPN-Bestätigungsdialog ab Android 4.3 Alternativ können Sie mir per Play Store Geld zukommen lassen: Vielen Dank für die %s Spende! Protokoll gelöscht. Passwort anzeigen - KeyChain Zugriffsfehler: %s - Kurze + Fehler beim Zugriff auf den Zertifikatsspeicher: %s + Kurz ISO Zeitstempel Keine @@ -313,28 +312,28 @@ Ansichtsoptionen Unbehandelte Ausnahme: %1$s\n\n%2$s %3$s: %1$s\n\n%2$s - Wenn Sie ihr Gerät gerootet haben können Sie das <a href=\"http://xposed.info/\">Xposed Framework</a> und das <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN Dialog confirm Modul</a> auf eigene Gefahr installieren. - Komplette Lizenzen - Netze, die direkt über ein lokales Interfaces erreicht werden können werden nicht über das VPN geroutet. Deaktivieren dieser Option leitet allen Verkehr, der für lokale Netzwerke bestimmt ist, über das VPN. - VPN für lokale Netzwerke umgehen + Wenn Sie ihr Gerät gerootet haben, können Sie das <a href=\"http://xposed.info/\">Xposed Framework</a> und das <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN Dialog confirm-Modul</a> auf eigene Gefahr installieren + Vollständige Lizenzen + Netze, die direkt über ein lokales Interface erreicht werden können, werden nicht über das VPN geroutet. Deaktivieren dieser Option leitet allen Verkehr, der für lokale Netze bestimmt ist, über das VPN. + VPN für lokale Netze umgehen Datei mit Benutzername und Passwort [Importiert aus %s] Einige Dateien konnten nicht gefunden werden. Bitte wählen Sie diese manuell aus: - Um diese Anwendung nutzen zu können brauchen Sie einen OpenVPN fähigen Server. Diese werden häufig von Ihrer Firma oder Universität bereitgestellt. Besuchen Sie http://community.openvpn.net/ um mehr über OpenVPN zu erfahren und wie Sie Ihren eigenen Server aufsetzen können. + Um diese Anwendung nutzen zu können, benötigen Sie einen OpenVPN-fähigen Server. Diese werden häufig von Firmen oder Universitäten bereitgestellt. Besuchen Sie http://community.openvpn.net/ für weitere Informationen über OpenVPN und das Einrichten eines eigenen Servers. Import-Protokoll: - VPN-Topologie \"%3$s\" wurde angegeben, die Interface Konfiguration \'ifconfig %1$s %2$s sieht wie eine IP-Adresse mit einer Netzwerkmaske. Topologie \"subnet\" wird angenommen. - mssfix Wert muss eine Zahl zwischen 0 und 9000 sein - Ändere TCP-Verbindungen, die über den Tunnel laufen, so dass die resultierende UDP-Paketgröße nach der Enkapsulierung durch OpenVPN auf diesen Wert beschränkt bleibt. (Standardwert ist 1450) - Überschreiben des MSS-Wert von TCP-Nutzlast - Setze MSS von TCP-Nutzlast + VPN-Topologie \"%3$s\" wurde angegeben, die Interface-Konfiguration \'ifconfig %1$s %2$s sieht allerdings wie eine IP-Adresse mit einer Netzwerkmaske aus. Topologie \"subnet\" wird angenommen. + Wert muss eine Zahl zwischen 0 und 9000 sein + TCP-Verbindungen, die über den Tunnel laufen, anweisen, ihre maximale Paketgröße so einzustellen, dass die resultierende UDP-Paketgröße nach der Enkapsulierung durch OpenVPN auf den hier eingestellten Wert beschränkt bleibt. (Standardwert ist 1450) + MSS-Wert der TCP-Nutzlast überschreiben + MSS der TCP-Nutzlast Client-Verhalten - Widerrufe Berechtigungen OpenVPN zu steuern + Berechtigungen für die Steuerung von OpenVPN widerrufen Wird geladen… - Erlaubte Apps für das VPN: %1$s - Verbotene Apps für das VPN: %1$s - Anwendung mit Paketnamen \'%s\' ist nicht mehr installiert, wird von der Liste der erlaubten/nicht erlaubten VPN Anwendungen gelöscht. - VPN für alle Anwendung ausgenommen den ausgewählten - VPN nur für die ausgewählten Anwendungen + Zugelassene Apps für das VPN: %1$s + Nicht zugelassene Apps für das VPN: %1$s + Die App \'%s\' ist nicht mehr installiert und wird daher von der Liste der erlaubten/nicht erlaubten VPN-Anwendungen entfernt + VPN wird für alle Apps mit Ausnahme der ausgewählten verwendet + VPN wird nur für die ausgewählten Apps verwendet Servereintrag entfernen? Behalten Entfernen @@ -342,35 +341,64 @@ Beim Verbinden Servereinträge in zufälliger Reihenfolge verwenden Sie müssen mindestens einen Server definieren und aktivieren. Serverliste - Erlaubte Anwendungen + Zugelassene Apps Erweiterte Einstellungen Nutzlast-Optionen TLS-Einstellungen Keine Server definiert - VPN Profil duplizieren - VPN Profil duplizieren: %s - Log anzeigen - Es gibt es mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. <p> Die Clients in zwei Gruppen eingeteilt werden können: OpenVPN für Android und OpenVPN Connect verwenden die offizielle VPNService-API (Android 4.0+) und erfordern keine Rootrechte und OpenVPN-Settings, das Rootrechte benötigt. < p > OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client. Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterete Einstellungen sowie die Möglichkeit, Profile aus Dateien zu importieren und das konfigurieren und ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von OpenVPN 2.x und kann als semioffizieller Client der community angesehen werden. <p> OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet werden und ermöglicht den Import von OpenVPN-Profilen ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN C++ Neuimplementierung des OpenVPN-Protokolls (Diese war erforderlich, damit OpenVPN Technologies, Inc, eine iOS-app von OpenVPN veröffentlichen onnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. < p> OpenVPN Settings ist der älteste von den Clients und auch eine Benutzeroberfläche für das Open-Source OpenVPN. Im Gegensatz zu OpenVPN für Android es erfordert es Rootrechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0+ - Unterschiede zwischen Android OpenVPN Apps - Ignoriere Multicastroute: %s - Android unterstützt nur CIDR Routen. Da Routen, die nicht CIDR sind, fast nie verwendet werden, wird OpenVPN für Android eine /32 Route für nicht konforme Routen verwenden und eine Warnung ausgegeben. - Verbindungsfreigabe (WiFi-Hotspot/Tethering) funktioniert, während ein VPN aktiv ist, nutzt aber NICHT die VPN Verbindung. - Frühe KitKat-Version setzen einen falschen MSS-Wert für TCP-Verbindungen (#61948). Versuchen Sie die mssfix-Option zu aktivieren, um dieses Problem zu umgehen. - Android wird ihre Proxy-Einstellungen für die WLan-Verbindung beibehalten wenn keine DNS-Servereinstellungen vorhanden sind. OpenVPN für Android gibt einen entsprechenden Warnhinweis in der Log-Datei aus.

Wenn eine VPN-Verbindung einen DNS-Server vorgibt kann kein Proxy genutzt werden. Es gibt keine API um einen Proxy-Server für eine VPN-Verbindung zu nutzen.

- Ihre VPN-Anwendung funktioniert möglicherweise nicht mehr wenn diese erst de- und später neu installiert wird. Für Details siehe #80074 - Die konfigurierte Klient-IP-Adresse und die IP-Adressen in die Netzwerkmaske sind nicht in das VPN geroutet. OpenVPN umgeht diesen Fehler, indem eine Route hinzugefügt wird, die zu der Client-IP-Adresse und deren Netzmaske passt. + VPN Profil kopieren + VPN Profil kopieren: %s + Protokoll anzeigen + Es gibt mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. <p> Die Clients können in zwei Gruppen eingeteilt werden: einerseits OpenVPN für Android und OpenVPN Connect, die die offizielle VPNService-API (Android 4.0+) verwenden und daher keine Root-Rechte erfordern, und andererseits OpenVPN Settings, das Root-Rechte benötigt. <p> OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client. Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterte Einstellungen: zum Beispiel die Möglichkeit, Profile aus Dateien zu importieren, oder das Konfigurieren und Ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von OpenVPN 2.x und kann als \"semioffizieller\" Client der Community angesehen werden. <p> OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet und ermöglicht den Import von OpenVPN-Profilen, ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN-C++-Neuimplementierung des OpenVPN-Protokolls (welche hauptsächlich dafür entwickelt wurde, dass OpenVPN Technologies, Inc. eine OpenVPN-App für iOS veröffentlichen konnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. <p> OpenVPN Settings ist der älteste der Clients und auch eine Benutzeroberfläche für das Open-Source-OpenVPN. Im Gegensatz zu OpenVPN für Android erfordert es Root-Rechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0+. + Unterschiede zwischen den Android-OpenVPN-Apps + Ignoriere Multicast-Route: %s + Android unterstützt nur CIDR-Routen. Da Routen, die nicht CIDR sind, fast nie verwendet werden, wird OpenVPN für Android eine /32 Route für nicht konforme Routen verwenden und eine Warnung ausgegeben. + Verbindungsfreigabe (WiFi-Hotspot/Tethering) funktioniert, während ein VPN aktiv ist, nutzt aber NICHT die VPN-Verbindung. + Frühe KitKat-Version setzen einen falschen MSS-Wert für TCP-Verbindungen (#61948). Versuchen Sie, die mssfix-Option zu aktivieren, um dieses Problem zu umgehen. + Android wird ihre Proxy-Einstellungen für die WLAN-Verbindung beibehalten, wenn keine DNS-Servereinstellungen vorhanden sind. OpenVPN für Android gibt einen entsprechenden Warnhinweis in der Protokolldatei aus.

Wenn eine VPN-Verbindung einen DNS-Server vorgibt, kann kein Proxy genutzt werden. Es gibt keine API für die Nutzungs eines Proxy-Servers für eine VPN-Verbindung.

 + Ihre VPN-App funktioniert möglicherweise nicht mehr, wenn diese erst de- und später neu installiert wird. Für Details siehe #80074 + Die konfigurierte Client-IP-Adresse und die IP-Adressen in deren Netzwerkmaske sind nicht in das VPN geroutet. OpenVPN umgeht diesen Fehler, indem eine Route hinzugefügt wird, die zu der Client-IP-Adresse und deren Netzmaske passt. + Das Öffnen eines neuen tun-Devices, während ein weiteres bereits für persist-tun-Unterstützung geöffnet ist, führt zum Absturz des VPN-Dienstes, der nur durch einen Neustart behoben werden kann. OpenVPN für Android versucht daher, dieses erneute Öffnen zu vermeiden. Wenn ein erneutes Öffnen zwingend notwendig ist, wird zunächst das alte Device geschlossen, bevor ein neues geöffnet wird. Dies kann dazu führen, dass teilweise Pakete unverschlüsselt über die normal Internetverbindung gesendet werden. Auch mit diesem Workaround stürzt der VPN-Dienst möglicherweise ab, was einen Neustart des Gerätes erfordert. VPN funktioniert überhaupt nicht für die Sekundärnutzer. - Mehrere Benutzer berichten, dass die mobile Verbindung/Mobile Datenverbindung häufig getrennt wird, wenn ein VPN aktiv. Das Verhalten scheint nur einige Anbieter/Mobilgerät-Kombination beeinflussen und bisher konnte weder Ursache noch Lösung für den Bug identifiziert werden. - Nur Ziele, die ohne VPN erreichbar sind, sind auch mit VPN erreichbar. IPv6 VPNs funktionieren überhaupt nicht. - Nicht CIDR konforme Routen + Mehrere Benutzer berichten, dass die mobile Datenverbindung bei Verwendund eines VPNs häufig getrennt wird. Das Verhalten scheint nur einige Anbieter/Mobilgerät-Kombination zu beeinflussen und bisher konnte weder eine Ursache noch eine Lösung für dieses Problem identifiziert werden. + Nur Ziele, die ohne VPN erreichbar sind, sind auch mit VPN erreichbar. IPv6-VPNs funktionieren überhaupt nicht. + Nicht CIDR-konforme Routen Proxy-Verhalten für VPNs - Neuinstallation von VPN-apps + Neuinstallation von VPN-Apps %s und früher Kopie von %s - Route zur der konfigurierten VPN IP Adresse + Route zur konfigurierten VPN-IP-Adresse Falscher MSS-Wert für VPN-Verbindung Sekundäre Tablet-Nutzer - Definieren Sie benutzerdefinierte verbindungsspezifische Optionen. Seien Sie vorsichtig! - Benutzerdefinierte Optionen + Hier können Sie eigene verbindungsspezifische Optionen festlegen. Seien Sie vorsichtig! + Eigene Optionen Verbindung entfernen + Sporadischer Verlust der Verbindung mit dem Mobilfunknetz + Entfernte Netzwerkressourcen nicht erreichbar + Persistenter tun-Modus + %s und neuer + Verbindung schlägt mit \"SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure\" fehl + OpenVPN für Android verwendet seit Version 0.6.29 (März 2015) einen sicheren Standardwert für die zulässigen TLS-Chiffren (\"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Leider hat das Weglassen der weniger sicheren Verschlüsselungschiffren und Exportchiffren, vor allem aber der Wegfall der Cipher Suites ohne Unterstützung für Perfect-Forward-Secrecy (Diffie-Hellman), einige Probleme verursacht. Diese Probleme werden in der Regel durch gut gemeinte, aber schlecht ausgeführte Versuche, die TLS-Sicherheit durch eine händische Wahl zu verbessern oder durch einige eingebettete Betriebssysteme mit abgespecktem OpenSSL (z.B. MikroTik) verursacht.\n Um dieses Problem zu lösen, setzen Sie die TLS-Verschlüsselungs-Einstellungen auf dem Server auf einen sinnvollen Standardwert wie z.B. tls-cipher \"DEFAULT: EXP: PSK: SRP: KRSA\". Falls diese nicht möglich ist, können Sie als clientseitigen Workaround dem VPN-Profil die benutzerdefinierte Option tls-cipher DEFAULT hinzufügen, um die weniger sicheren Chiffren wieder zuzulassen. + Dieses Profil wurde von einer externen Anwendung (%s) hinzugefügt und als nicht vom Benutzer bearbeitbar markiert. + Zertifikats-Sperrliste + OpenVPN-Dienst wird neu gestartet (App vermutlich abgestürzt oder wegen Speichermangels beendet) + Importieren der Konfiguration ergab einen Fehler, kann diese nicht speichern + Suche + (Letzter Absturz war vor %1$d:%2$dh (%3$s)) + Protokoll bei neuer Verbindung leeren + Verbindungstimeout + Keine erlaubte App hinzugefügt. Füge unsere eigene App (%s) hinzu, um zumindest eine App in der Liste der nicht erlaubten Anwendungen zu haben + OpenVPN für Android kann versuchen, die fehlende(n) Datei(en) auf der SD-Karte automatisch zu finden. Tippen Sie auf diese Meldung, um die Berechtigungsanfrage zu starten. + Protokoll + Aktiviert + Bevorzugte native ABI-Reihenfolge dieses Gerätes (%1$s) und die installierten nativen Bibliotheken (%2$s) unterscheiden sich + Noch %d Monate gültig + Noch %d Tage gültig + Noch %d Stunden gültig + VPN-Berechtigung wurde vom Betriebssytem widerrufen (z.B. weil ein anderes VPN gestartet wurde); VPN wird gestoppt + Peer-Informationen senden + Weitere Informationen, wie z.B. SSL- und Android-Version, an den Server senden + %1$s benötigt + Geben Sie bitte das Passwort für das Profil %1$s ein + Inline-Daten verwenden diff --git a/app/src/main/res/values-es/strings-icsopenvpn.xml b/app/src/main/res/values-es/strings-icsopenvpn.xml index f7ce4bf0284eed28fb419f384e2b1e1338de5f50..324742def34a9d082987f5bcebcd90fdc3227500 100755 --- a/app/src/main/res/values-es/strings-icsopenvpn.xml +++ b/app/src/main/res/values-es/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -181,7 +181,6 @@ hacia/de Móvil) No se obtuvo ningún certificado de CA al leer el almacén de claves de Android. La autenticación probablemente fallará. Muestra la ventana de registro el conectarse. La ventana de registro siempre puede accederse desde el estado de la notificación. Mostrar ventana de registro - Ejecutándose en %1$s (%2$s) %3$s, API de Android %4$d Error al firmar con la llave del almacén de llaves de Android %1$s: %2$s El aviso de conectividad VPN que esta aplicación puede interceptar todo el trafico esta impuesta por el sistema para evitar abusos de la API VPNService.\nLa notificación de conectividad (El símbolo de llave) también esta impuesta por el sistema Android para notificar una conexión VPN en curso. En algunas imágenes, esta notificación también emite un sonido.\nAndroid ha introducido estos diálogos de sistema para su seguridad e se ha asegurado que no pueden ser evitados. (En algunas imágenes, esto incluye la notificación sonora) Advertencia de conexión y sonido de notificación @@ -261,7 +260,6 @@ hacia/de Móvil) Algoritmo de encriptación Autenticación de paquetes Introduzca método de autenticación de paquetes - Corriendo sobre %1$s (%2$s) %3$s, API Android %4$d, versión %5$s, %6$s compilado por %s versión de depuración versión oficial @@ -351,7 +349,7 @@ hacia/de Móvil) Duplicar perfil VPN Duplicando Perfil: %s Mostrar registro - Existen múltiples clientes OpenVPN para Android. Los más comunes son OpenVPN para Android (este cliente), OpenVPN Connect y Configuración de OpenVPN<p>Los clientes se pueden agrupar en dos grupos:. OpenVPN para Android y OpenVPN Conectar utilizar la API VPNService oficial (Android 4.0+) y requieren ninguna raíz y Configuración de OpenVPN que utiliza la raíz.<p>OpenVPN para Android es un cliente de código abierto y desarrollado por Arne Schwabe. Está dirigido a los usuarios más avanzados y ofrece muchas opciones y la posibilidad de importar los perfiles de los archivos y configurar perfiles / cambio dentro de la aplicación. El cliente se basa en la versión de la comunidad de OpenVPN. Se basa en el código fuente 2.x OpenVPN. Este cliente puede ser visto como el semi oficialmente cliente de la comunidad.<p>OpenVPN Connect es cliente de código abierto no que es desarrollado por OpenVPN Technologies, Inc. El cliente tiene sangría para ser cliente de uso general y moree dirigido al usuario medio y permite la importación de perfiles de OpenVPN. Este cliente se basa en la reimplementación OpenVPN C ++ del protocolo OpenVPN (Esto fue necesario para permitir Tecnologías OpenVPN, Inc para publicar una aplicación para iOS OpenVPN). Este cliente es el cliente oficial de las tecnologías deO penVPN<p> OpenVPN Ajustes es el más antiguo de los clientes y también una interfaz de usuario para el software libre OpenVPN. En contraste con OpenVPN para Android requiere raíz y no utiliza el API VPNService. No depende de Android 4.0+ + Existen múltiples clientes OpenVPN para Android. Los más comunes son OpenVPN para Android (este cliente), OpenVPN Connect y Configuración de OpenVPN<p>Los clientes se pueden agrupar en dos grupos:. OpenVPN para Android y OpenVPN Conectar utilizar la API VPNService oficial (Android 4.0+) y requieren ninguna raíz y Configuración de OpenVPN que utiliza la raíz.<p>OpenVPN para Android es un cliente de código abierto y desarrollado por Arne Schwabe. Está dirigido a los usuarios más avanzados y ofrece muchas opciones y la posibilidad de importar los perfiles de los archivos y configurar perfiles / cambio dentro de la aplicación. El cliente se basa en la versión de la comunidad de OpenVPN. Se basa en el código fuente 2.x OpenVPN. Este cliente puede ser visto como el semi oficialmente cliente de la comunidad.<p>OpenVPN Connect es cliente de código abierto no que es desarrollado por OpenVPN Technologies, Inc. El cliente tiene sangría para ser cliente de uso general y moree dirigido al usuario medio y permite la importación de perfiles de OpenVPN. Este cliente se basa en la reimplementación OpenVPN C ++ del protocolo OpenVPN (Esto fue necesario para permitir Tecnologías OpenVPN, Inc para publicar una aplicación para iOS OpenVPN). Este cliente es el cliente oficial de las tecnologías de OpenVPN<p> OpenVPN Ajustes es el más antiguo de los clientes y también una interfaz de usuario para el software libre OpenVPN. En contraste con OpenVPN para Android requiere raíz y no utiliza el API VPNService. No depende de Android 4.0+ Differences between the OpenVPN Android clients Haciendo caso omiso de ruta multidifusión: %s Android sólo admite rutas CIDR a la VPN. Desde rutas no CIDR casi nunca se usan, OpenVPN para Android utilizará un / 32 para las rutas que no son CIDR y emitir una advertencia. diff --git a/app/src/main/res/values-et/strings-icsopenvpn.xml b/app/src/main/res/values-et/strings-icsopenvpn.xml index a132ed7ab97a2ae89ffd75727b7ccce725d0c698..0a28199f0a088b5b59780b5dce073744934947a3 100755 --- a/app/src/main/res/values-et/strings-icsopenvpn.xml +++ b/app/src/main/res/values-et/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,7 @@ Androidi võtmehoidlast lugemine ei andnud ühtegi CA sertifikaati. Suure tõenäosusega autentimine ebaõnnestub. Näitab ühendumisel logiakent. Logiakna saab alati ette manada VPN teatisealast. Näita logiakent - Töötamas %1$s (%2$s) %3$s peal, Android API %4$d + %10$s %9$s töötab seadmel %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Viga allkirjastamisel Androidi võtmehoidla võtmega %1$s: %2$s VPN ühendumisel ilmub ekraanile hoiatus et see programm võib pealt kuulata kogu võrguliiklust. Tegemist on VPNService API süsteemse hoiatusega et hoida ära väärkasutust.\nVPN ühenduse teatis (Võtme sümbol) on samuti VPNService API poolt kuvatav aktiivse VPN ühenduse indikaator. Mõne süsteemitarkvara puhul võib see indikaator anda märku ka heliga.\nNeed teatised on Androidi süsteemile lisatud teie turvalisuse tagamiseks ja samuti on välistatud nende kasutamisest mööda minemine. (Kahjuks tähendab see seda et mõne süsteemitarkvara puhul kaasneb ühendusega alati ka heliteade) Hoiatused ja helimärguanded ühenduse loomisel @@ -260,7 +260,6 @@ Krüptošiffer Pakettide autentimine Sisestage pakettide autentimismeetod - Töötab seadmel %1$s (%2$s) %3$s, Android API %4$d, versioon %5$s, %6$s Kompileerija: %s Silumisversioon Ametlik versioon @@ -374,4 +373,26 @@ Seadista kohandatavad ühendusespetsiifilised valikud. Kasuta ettevaatlikult Kohandatavad valikud Eemalda ühenduse kirje + Pistelised mobiilivõrgu katkestused + Kaugvõrgud on väljaspool ulatust + Püsiv tun režiim + %s ja hilisem + Ühendused nurjuvad teatega SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure + Uuemad OpenVPN for Android versioonid (0.6.29/Märts 2015) kasutavad turvalisemat vaikešifrikoplekti (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Paraku tekitab nõrgemate šifri- ning eksportšifrikomplektide vältimine, eriti nende šifrikomplektide mis ei toeta Täiuslikku Edastussaladust (Diffie-Hellman), mõningaid probleeme. Probleemid esinevad tavaliselt heade kavatsustega, kuid viletsa teostusega TLS tugevdamise katsetel, valides serveris tls-šifri mõnede kärbitud SSL algoritmiga põim-operatsioonisüsteemidel (n.n. MkroTik).\nProbleemi lahendamiseks seadke serveri tls-šifri parameetrid mõistlikule vaikeväärtusele nagu \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Kliendipoolseks lahenduseks lisage Androidi klientseadme tls-šifri kohandatud parameetriks DEFAULT. + Selle profiili lisas väline programm (%s) ning see on tähistatud kui kasutajale muudetamatu. + Sertifikaadi tühistusnimekiri + OpenVPN teenuse taaskäivitamine (Programm jooksis tõenäoliselt kokku või suleti mälusurve tõttu) + Seadistuse importimine lõppes veaga, salvestamine ebaõnnestus + Otsing + (Viimne tõmmis on %1$d:%2$dh vana (%3$s)) + Järgmisel ühendumisel tühjenda logi + Ühenduse ajalõpp + Lisati lubamatu programm. Lisame ennast (%s) et lubatud programmide seas oleks vähemalt üks ja ei lubataks kõiki programme + OpenVPN for Android võib üritada leida automaatselt sd-kaardi puuduvad failid. Koputa seda teadet et algatada õiguste tellimine. + Protokoll + Lubatud + Selle seadme eelistatud ABI eelisjärjekord (%1$s) ja seadme kaasnevate teekide teatatud ABI (%2$s) ei ühildu + Jäänud on %d kuud + jäänud on %d päeva + Jäänud on %d tundi diff --git a/app/src/main/res/values-fr/strings-icsopenvpn.xml b/app/src/main/res/values-fr/strings-icsopenvpn.xml index d5ab917cf1a654c7e8ca255803811c66f58ed61e..43737f3d0e3f7bf7bee2d6ac9f8e19a081c81cfe 100755 --- a/app/src/main/res/values-fr/strings-icsopenvpn.xml +++ b/app/src/main/res/values-fr/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,7 @@ "Aucun certificat CA renvoyée lors de la lecture depuis le gestionnaire de clés. L\'authentification échouera probablement." "Affiche la fenêtre de log à la connexion. Cette fenêtre peut toujours être consultée à partir de la notification d\'état." "Afficher la fenêtre de log" - "Fonctionnant sur %1$s (%2$s) %3$s , Android API %4$d" + %10$s %9$s courir sur %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) "Erreur de signature de la clé %1$s : %2$s par le gestionnaire d\'Android" \"L\'avertissement de connexion au VPN qui vous informe que cette application peut intercepter tout le trafic est imposé par le système pour éviter les abus de l\'API du service VPN.\nLa notification de connexion au VPN (Le symbole qui ressemble à une clé) est aussi imposé par le système Android pour signaler une connexion VPN en cours de fonctionnement. Sur certaines images, cette notification joue un son.\nAndroid à introduit ces dialogues système pour votre propre sécurité et à fait en sorte d\'être impossible à contourner. (Cela peut inclure en plus une notification sonore pour certaines images)\" @@ -261,7 +261,6 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces Chiffrement de cryptage Authentification des paquets Méthode d\'authentification des paquets - Environnement: %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s compilé par %s version de debug version officielle @@ -317,7 +316,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces Si vous avez \"rooté\" votre Android vous pouvez installer <a href=\"http://xposed.info/\">Xposed framework</a> et <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">le module de confirmation VPN</a> à vos risques et périls\" Licences complètes Les réseaux directement connectés aux interfaces locales ne seront pas routés via le VPN. Décochez cette option pour rediriger tout le trafic local vers le VPN. - Ne pas utiliser le VPN pour les réseaux locaux + Bypass VPN pour les réseaux locaux Fichier Nom d\'utilisateur/Mot de passe [Importé de : %s] Certains fichiers sont introuvables. Sélectionner les fichiers pour importer le profil : @@ -350,4 +349,6 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces No remote defined Dupliquer le profil VPN Duplicating profile: %s + Afficher le journal + Il existe plusieurs clients OpenVPN pour Android. Les plus communs sont OpenVPN for Android (ce client), OpenVPN Connect, et OpenVPN Settings..<p>Les clients peuvent êtres regroupés en 2 groupes : OpenVPN for Android et OpenVPN Connect utilisent le service API officiel de VPNService (Android 4.0+) et ne nécessitent pas une élévation des privilèges (rootage), puis OpenVPN Settings qui nécessite le rootage.<p>OpenVPN for Android et un client « open source » développé par Arne Schwabe. Il est destiné aux utilisateurs avancés et comprend plusieurs paramètres, ainsi que la possibilité d\'importer les profils depuis des fichiers et de les configurer/changer à partir de l\'application. Le client est basé sur la version communautaire d\'OpenVPN. Il est basé sur le code source d\'OpenVPN 2.x. Ce client peut-être considérer en étant la version semi-officielle de la communauté.<p>OpenVPN Connect est un logiciel propriétaire développé par OpenVPN Technologies, Inc. Le client est destiné aux utilisateurs avec une connaissance moyenne et offre la possibilité d\'importer les profils OpenVPN. Ce client est basé sur une nouvelle réalisation du protocole OpenVPN C++ (ceci était nécessaire afin de permettre à OpenVPN Technologies, Inc. de publier une version iOS de l\'application OpenVPN). Ce client est le client officiel des technologies OpenVPN<p>OpenVPN Settings est le client le plus ancien et agit comme l\'interface utilisateur de la version « open source » d\'OpenVPN. Contrairement à OpenVPN for Android il ne nécessite pas le rootage et ne se sert pas du service API de VPNService. Il ne dépend pas sur Android 4.0+ diff --git a/app/src/main/res/values-hu/strings-icsopenvpn.xml b/app/src/main/res/values-hu/strings-icsopenvpn.xml index 5be8bbc4c196e3ab7200e4752647aa45f7e527b7..dd07abdb0b031e475b3778591d51c9dfcee59489 100755 --- a/app/src/main/res/values-hu/strings-icsopenvpn.xml +++ b/app/src/main/res/values-hu/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -60,7 +60,7 @@ Szétkapcsolás VPN kapcsolat szétkapcsolása napló törlése - jóváhagyás törlése + Megszakítás jóváhagyása VPN kapcsolat/kapcsolódás megszakítása? VPN kapcsolat eltávolítása Ellenőrzi, hogy a kiszolgáló használ-e tanúsitványt TLS Server kiterjesztéssel (--remote-cert-tls server) @@ -111,7 +111,7 @@ Az %1$s/%2$s útvonal javítva: %3$s/%2$s Nem sikerült hozzáférni az Android Keychain Tanúsivànyokhoz. Ezt egy firmware frissítés vagy az alkalmazás/beállításainak visszaállítása okozhatja. Kérem szerkessze meg a VPN-t, és újra válassza ki a tanúsítványokat az alapvető beállításoknál, hogy visszaálljanak a tanúsítványok hozzáférési jogai. %1$s %2$s - naplófájl küldése + Naplófájl küldése küld ICS OpenVPN naplófájl Naplóbejegyzés másolva a vágólapra @@ -178,7 +178,6 @@ Nem jött vissza CA tanúsítvány az Android keystore olvasása során. A hitelesítés valószínűleg sikertelen lesz. Napló ablak mutatása a csatlakozás alatt. A napló ablak mindig elérető a rolóról is. Naplózási ablak mutatása - %1$s (%2$s) %3$s, Android API %4$d Hiba az Android keystore %1$s: %2$s kulccsal való belépéskor Kapcsolat figyelmeztetés és értesítés hang A magyar fordítást készítette Juhász Sándor <msc@digitaltrip.hu> @@ -251,7 +250,6 @@ Titkosítás Csomag hitelesítés Adja meg a csomaghitelesítési metódust - %1$s (%2$s) %3$s, Android API %4$d, %5$s, %6$s verzió %s fordítóval hibakeresési fordítás hivatalos build @@ -274,6 +272,8 @@ Kapcsolat szüneteltetése a képernyő kikapcsolt állapotában: kevesebb mint %1$s %2$ss alatt Figyelmeztetés: Megmaradó tun nem engedélyezett ehhez a VPN-hez. A forgalom a normál internetcsatlakozáson megy amikor a képernyő ki van kapcsolva. Jelszó mentése + Napló törölve. + Jelszó mutatása Rövid ISO Időbélyegzők @@ -284,4 +284,24 @@ Nézet beállításai Nem kezelt kivétel: %1$s\n\n%2$s Teljes engedélyek + Felhasználónév/Jelszó fájl + [Innen importálva: %s] + Néhány fájl nem található. Kérlek válaszd ki a fájlokat a profil importálásához: + Importálási napló: + Betöltés… + Engedélyezett VPN programok: %1$s + Letiltott VPN programok: %1$s + %s csomag már nincs telepítve, eltávolítás a program engedélyező/letiltó listáról + Megtartás + Törlés + Szerver lista + Napló mutatása + Egyéni beállítások + %s és később + Keresés + Protokoll + Engedélyezett + %d hónap van hátra + %d nap van hátra + %d óra van hátra diff --git a/app/src/main/res/values-in/strings-icsopenvpn.xml b/app/src/main/res/values-in/strings-icsopenvpn.xml index 0733143351dfbf4e7130fcf70e0fc5de6df9dbf7..132f25a17a7c70e9a450418170441debcb941e1b 100755 --- a/app/src/main/res/values-in/strings-icsopenvpn.xml +++ b/app/src/main/res/values-in/strings-icsopenvpn.xml @@ -1,15 +1,15 @@ Alamat Server: - Port server: + Server Port: Lokasi - Gagal membaca direktori + Gagal membaca direktori: Pilih Batal Tak ada data @@ -20,33 +20,33 @@ Berkas PKCS12 Sertifikat CA Anda harus memilih sertifikat - Kode program dan perekam masalah tersedia di - Aplikasi memakai komponen berikut; lihat kode program untuk lebih jelas mengenai lisensi - Tentang… + Kode sumber dan pelacak masalah tersedia di http://code.google.com/p/ics-openvpn/ + Program ini menggunakan komponen-komponen berikut ini; lihat kode sumber penjelasan lengkap mengenai lisensi + Tentang Profil - Tipe + Jenis Password PKCS12 Pilih… - Anda harus memilih berkas (file) - Pakai otentikasi TLS + Anda harus memilih setidaknya satu berkas + Gunakan Autentikasi TLS Pengarah TLS - Masukkan IPv6 Address/Netmask dalam format CIDR (contoh: 2000:dd::23/64) + Masukkan Alamat IPv6/Netmask dalam Format CIDR (contoh: 2000:dd::23/64) Masukkan IPv4 Address/Netmask dalam format CIDR (contoh: 1.2.3.4/24) Alamat IPv4 Alamat IPv6 - Masukan seting openvpn. Gunakan dengan hati-hati. Harap dicatat, TUN yanng terkait seting OpenVPN tidak didukung oleh VPNsettings. Jika anda berpikir ada hal penting belum tersedia, hubungi pembuatnya + Masukan pengaturan kustom OpenVPN. Harap gunakan dengan hati-hati. Perlu dicatat bahwa pengaturan yang terkait dengan TUN OpenVPN tidak didukung oleh disain VPNSettings. Jika anda fikir ada hal penting yang belum tersedia segera hubungi pembuatnya Nama Penguna - Password - Untuk konfigurasi statis, kunci otentifikasi TLS akan digunakan sebagai kunci konfigurasi statis + Kata Sandi + Untuk pengaturan tetap, kunci otentifikasi TLS akan digunakan sebagai kunci statis Konfigurasi VPN Tambah Profil Masukkan nama profil yang baru - Silakan masukan UPN (Unique Profile Name) + Silakan masukan nama profil yang berbeda Nama profil Anda harus memilih sertifikat pengguna Tidak ada kesalahan Konfigurasi Salah - Gagal menganalisa alamat IPV4 + Kesalahan penulisan alamat IPV4 Gagal menganalisa rute buatan (biarkan kosong untuk antrian permintaan) Jalan Pintas OpenVPN @@ -55,7 +55,7 @@ Acak awalan Host Tambah 6 karakter acak di depan nama host Aktifkan pilihan buatan - Tentukan seting buatan. Gunakan hati-hati + Tentukan seting buatan. Gunakan hati-hati! Rute ditolak Android Putus Memutuskan sambungan VPN @@ -77,7 +77,7 @@ DNS Menimpa pengaturan DNS oleh Server Gunakan server DNS pribadi - Cari domain + cari domain Server DNS yang akan digunakan Server DNS Server DNS sekunder digunakan jika Server DNS yang normal tidak dapat dicapai. @@ -100,22 +100,24 @@ Gagal membuka layanan antarmuka TUN "Kesalahan: " Bersihkan - Membuka interface tun : - IPv4 lokal : %1$s/%2$d IPv6: %3$s MTU: %4$d + Membuka interface tun: + IPv4 lokal: %1$s/%2$d IPv6: %3$s MTU: %4$d DNS Server: %1$s, Domain: %2$s Rute: %1$s %2$s + Rute terkecualikan: %1$s %2$s + Rute LayananVpn telah terpasang: %1$s %2$s Memilki informasi antarmuka %1$s dan %2$s, asumsi alamat kedua adalah alamat remote. Menggunakan netmask /32 untuk IP lokal. Mode yang diberikan oleh OpenVPN adalah \"%3$s\". Tidak masuk akal membuat %1$s dan %2$s sebagai rute IP dengan netmask CIDR, Gunakan /32 sebagai netmask. - rute yang diperbaiki %1$s/%2$s hingga %3$s/%2$s + Rute yang diperbaiki %1$s/%2$s hingga %3$s/%2$s Tidak dapat mengakses sertifikat Keychain Android. Dapat disebabkan karena upgrade firmware atau pengembalian backup pengaturan app. Mohon ubah VPN, dan pilih ulang sertifikat berbasis pengaturan dasar agar izin mengakses sertifikat dapat dibuat ulang. %1$s %2$s Kirim berkas catatan Kirim Berkas catatan ICS OpenVPN Salin catatan masuk ke clipboard - Mode TAP + Mode Tap Mode TAP tidak diijinkan tanpa VPN API non admin/root. Karena itu aplikasi ini tidak dapat memberikan dukungan mode TAP - Lagi ? Becanda ? mode TAP benar-benar tidak didukung dan mengirim email menanyakan apakah akan ada dukungan TAP, tidak akan membantu + Lagi? Becanda? mode Tap benar-benar tidak didukung dan mengirim email menanyakan apakah akan ada dukungan Tap, tidak akan membantu. Untuk ketiga kalinya? Sebenarnya, seseorang bisa menulis emulator TAP berdasarkan tun yang akan menambahkan lapisan2 informasi pengiriman dan lapisan2 informasi penerimaan. Tapi emulator TAP ini juga harus menerapkan ARP dan mungkin klien DHCP. Saya tidak tau apakah ada yang bekerja ke arah ini. Hubungi saya jika Anda ingin memulai menulis kode2 emulator TAP ini. FAQ Menyalin catatan @@ -138,11 +140,11 @@ Ambil Tidak dapat membaca profil yang akan diambil Kesalahan membaca berkas konfigurasi - Tambah Profil + tambah Profil Tidak dapat menemukan berkas %1$s yang disebut dalam berkas konfigurasi Mengambil berkas konfigurasi dari sumber %1$s Konfigurasi Anda memiliki beberapa pilihan konfigurasi yang tidak dipetakan ke konfigurasi UI. Pilihan ini ditambahkan sebagai opsi konfigurasi kustom. Konfigurasi kustom ditampilkan di bawah ini: - Berkas konfigurasi selesai dibaca + Berkas konfigurasi selesai dibaca. Jangan kaitkan ke alamat dan port lokal Tidak ada ikatan lokal Ambil berkas konfigurasi @@ -178,7 +180,7 @@ Tidak ada sertifikat CA yang didapat saat membaca dari Android Keystore. Otentifikasi mungkin gagal Tampilkan jendela catatan saat terkoneksi. Jendela catatan juga dapat diakses melalui status notifikasi Tampilkan jendela catatan - Berjalan di %1$s (%2$s) %3$s, Android API %4$d + %10$s %9$s berjalan pada %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Kesalahan masuk dengan kunci Android keystore %1$s: %2$s Peringatan sambungan VPN yang memberitahukan Anda bahwa aplikasi ini dapat mencegat semua lalu lintas dikeluarkan oleh sistem untuk mencegah penyalahgunaan dari sambungan VPNService API.\nPemberitahuan sambungan VPN (simbol kunci) juga dikeluarkan oleh sistem Android untuk memberitahu VPN yang sedang berlangsung. Pada beberapa gambar pemberitahuan ini memainkan suara. \nAndroid memperkenalkan sistem dialog ini untuk keselamatan Anda sendiri dan memastikan bahwa mereka tidak membuat masalah. (Pada beberapa gambar sayangnya ini termasuk peringatan suara) Peringatan sambungan dan pemberitahuan melalui suara @@ -191,6 +193,7 @@ Konfigurasi ICS Openvpn Tidak DNS server yang digunakan. Name Resolution mungkin akan gagal bekerja. Pertimbangkan pengaturan server DNS. Harap dicatat Android akan terus memakai pengaturan proxy untuk koneksi mobile/wifi saat tidak ada server DNS diatur. Tak bisa menambahkan Server DNS \"%1$s\", ditolak oleh sistem: %2$s + Tidak bisa mengkonfigurasi IP Address \"%1$s\", ditolak oleh sistem: %2$s <p> Ambil konfigurasi yang dapat berjalan (diuji pada komputer Anda atau download dari penyedia/organisasi) </p> <p> Satu file(berkas) saja tanpa tambahan berkas pem/pks12. Anda dapat kirim imel berkas dan membuka lampirannya. Jika Anda memiliki beberapa berkas, salin ke sd-card </p> <p> klik pada lampiran imel atau gunakan ikon folder dalam daftar vpn untuk mengimpor berkas konfigurasi </p> <p> jika ada berkas yang kurang, salin file hilang ke sd-card. </p> <p> klik pada simbol Simpan untuk menambahkan VPN yang diimpor ke daftar VPN </p> <p > Connect VPN dengan mengklik nama VPN </p> <p> jika ada kesalahan atau peringatan di catatan, coba pahami peringatannya dan coba untuk memperbaikinya </p> Mulai Cepat Coba pakai tun.ko kernel sebelum mencoba koneksi. Membutuhkan perangkat yang sudah diroot. Google: android superuser @@ -215,6 +218,7 @@ Gunakan ikon < img src = \"ic_menu_archive\" / > untuk mengimpor profil (.ovpn atau .conf) yang ada dari sdcard Anda. Pastikan untuk juga memeriksa FAQ. Ada petunjuk untuk memudahkan anda. Konfigurasi rute\antarmuka + Konfigurasi Routing dan antarmuka tidak dilakukan melalui perintah ifconfig/rute tradisional tetapi dengan menggunakan VPNService API. Ini hasil dalam konfigurasi perutean berbeda daripada pada OS lain. \nThe konfigurasi VPN terowongan terdiri dari alamat IP dan jaringan yang harus dialihkan melalui antarmuka ini. Terutama, tidak ada rekan mitra alamat atau alamat gateway adalah diperlukan atau diperlukan. Khusus rute untuk mencapai VPN Server (misalnya ditambahkan dengan menggunakan redirect-gateway) tidak diperlukan baik. Aplikasi akibatnya akan mengabaikan pengaturan ini ketika mengimpor konfigurasi. App menjamin dengan VPNService API bahwa koneksi ke server tidak diarahkan melalui VPN terowongan. \nThe VPNService API tidak memungkinkan menentukan jaringan yang tidak dapat diteruskan melalui VPN. Sebagai solusi app mencoba untuk mendeteksi jaringan yang tidak dapat diteruskan melalui terowongan (misalnya rute x.x.x.x y.y.y.y net_gateway) dan menghitung seperangkat rute yang mengecualikan ini rute untuk meniru perilaku platform lainnya. Jendela log menunjukkan konfigurasi VPNService berdasarkan membangun koneksi. \nBehind adegan: Android 4,4 + menggunakan kebijakan routing. Menggunakan rute ifconfig tidak akan menunjukkan rute yang diinstal. Alih-alih menggunakan aturan ip, iptables -t mangle -L Jangan kembali ke status tidak ada koneksi VPN ketika OpenVPN mencoba terhubung kembali. Paksa mode TUN Catatan OpenVPN @@ -256,7 +260,6 @@ Enkripsi sandi Otentikasi paket Masukkan metode otentikasi paket - Berjalan pada Android API %4$d, versi %5$s %1$s (%2$s) %3$s, %6$s dibangun oleh %s Pengembangan debug Build Resmi @@ -271,6 +274,7 @@ TLS-remote (DEPRECATED) Anda dapat membantu menerjemahkan dengan mengunjungi http://crowdin.net/project/ics-openvpn/invite %1$s berusaha mengendalikan %2$s + Dengan melanjutkan, Anda memberi izin aplikasi untuk sepenuhnya mengontrol OpenVPN untuk Android dan untuk mencegat semua lalu lintas jaringan. Jangan terima kecuali Anda mempercayai aplikasi. Jika tidak, data Anda beresiko diambil oleh perangkat lunak jahat.\" Saya percaya aplikasi ini. App tidak diizinkan untuk menggunakan API eksternal apps yang diijinkan : %s @@ -288,4 +292,90 @@ Tidak dapat menampilkan informasi sertifikat Prilaku Aplikasi Prilaku VPN + Memungkinkan perubahan Profil VPN + Hardware Keystore: + Ikon aplikasi mencoba menggunakan OpenVPN untuk Android + "Dimulai dengan Android 4.3 konfirmasi VPN dijaga terhadap\" overlay apps \". Hal ini menyebabkan dialog tidak bereaksi menyentuh input. Jika Anda memiliki sebuah aplikasi yang menggunakan lapisan itu dapat menyebabkan perilaku ini. Jika Anda menemukan kontak aplikasi menyinggung penulis app. Masalah ini mempengaruhi semua aplikasi VPN di Android 4.3 dan kemudian. Lihat juga <a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"> Issue 185 <a> untuk rincian tambahan " + VPN Konfirmasi Dialog + Atau Anda dapat mengirimkan saya donasi dengan Play Store: + Terima kasih untuk menyumbangkan %s! + Log dibersihkan. + Tampilkan sandi + Keychain Akses error: %s + Pendek + ISO + Cap waktu + Tak satupun + Upload + Unduh + Vpn Status + Lihat pilihan + Tertangani pengecualian: %1$s \ n \ n%2$s + %3$s: %1$s \ n \ n%2$s + Jika Anda telah berakar perangkat Android Anda Anda dapat menginstal Xposed kerangka dan VPN Dialog mengkonfirmasi modul risiko Anda sendiri\" + Lisensi penuh + Jaringan langsung terhubung ke antarmuka lokal tidak akan diarahkan melalui VPN. Tidak memilih opsi ini akan mengarahkan semua lalu lintas menjorok untuk jaringan lokal ke VPN. + Bypass VPN for local networks + Username Password File / + [Impor dari: %s] + Beberapa file tidak dapat ditemukan. Silakan pilih file untuk mengimpor profil: + Untuk menggunakan aplikasi ini Anda membutuhkan penyedia VPN / gateway VPN mendukung OpenVPN (sering disediakan oleh majikan Anda). Periksa http://community.openvpn.net/ untuk informasi lebih lanjut tentang OpenVPN dan cara men-setup OpenVPN server Anda sendiri. + Log impor: + Vpn topologi \"%3$s\" ditentukan tapi ifconfig %1$s %2$s terlihat lebih seperti alamat IP dengan mask jaringan. Dengan asumsi \"subnet\" topologi. + Nilai menimpa MSS telah menjadi bulat antara 0 dan 9000 + Mengumumkan kepada sesi TCP berjalan di atas terowongan bahwa mereka harus membatasi kirim ukuran paket mereka seperti bahwa setelah OpenVPN telah dikemas mereka, sehingga UDP ukuran paket yang OpenVPN mengirim ke rekan-nya tidak akan melebihi jumlah ini byte. (default adalah 1450) + Mengganti nilai MSS TCP muatan + Mengatur muatan MSS TCP + Perilaku klien + Menghapus aplikasi eksternal diizinkan + Memuat… + Yang diizinkan aplikasi VPN: %1$s + Batasan VPN apps: %1$s + Paket %s tidak lagi diinstall, menghapus itu dari app memungkinkan/melarang daftar + VPN digunakan untuk semua aplikasi tapi mengecualikan yang dipilih + VPN digunakan untuk hanya untuk aplikasi yang dipilih + Hapus entri server jauh? + Biarkan + Hapus + Menambahkan baru remote + Gunakan entri koneksi secara acak pada koneksi + Anda harus menentukan dan memungkinkan setidaknya satu server jauh. + Daftar Server + Diizinkan Apps + Pengaturan lanjutan + Muatan pilihan + Pengaturan TLS + Didefinisikan Tidak ada remote + Profil duplikat VPN + Duplikasi profil: %s + Tampilkan log + Ada beberapa klien OpenVPN untuk Android. Yang paling umum adalah OpenVPN untuk Android (ini klien), OpenVPN Connect dan OpenVPN pengaturan. < p > klien dapat dikelompokkan menjadi dua kelompok: OpenVPN untuk Android dan OpenVPN Connect menggunakan API VPNService resmi (Android 4.0 +) dan memerlukan tanpa akar dan pengaturan OpenVPN yang menggunakan akar. < p > OpenVPN untuk Android adalah klien sumber terbuka dan dikembangkan oleh Arne Schwabe. Ini ditargetkan untuk pengguna yang lebih maju dan menawarkan banyak pengaturan dan kemampuan untuk mengimpor profil dari file dan mengkonfigurasi/Ubah profil di dalam app. Klien didasarkan pada versi komunitas OpenVPN. Hal ini didasarkan pada kode sumber 2.x OpenVPN. Klien ini dapat dilihat sebagai semi resmi klien masyarakat. < p > OpenVPN Connect adalah klien sumber terbuka bebas yang dikembangkan oleh OpenVPN Technologies, Inc Klien indentasi untuk penggunaan umum klien dan moree ditargetkan untuk pengguna rata-rata dan memungkinkan impor OpenVPN profil. Klien ini didasarkan pada reimplementation OpenVPN C++ OpenVPN Protokol (ini diperlukan untuk memungkinkan OpenVPN Technologies, Inc untuk menerbitkan sebuah aplikasi OpenVPN iOS). Klien ini adalah resmi klien OpenVPN teknologi < p > OpenVPN pengaturan tertua klien dan juga UI untuk open source OpenVPN. Berbeda dengan OpenVPN untuk Android itu memerlukan akar dan tidak menggunakan VPNService API. Tidak tergantung pada Android 4.0 + + Perbedaan antara klien OpenVPN Android + Mengabaikan rute multicast: %s + Android hanya mendukung rute CIDR ke VPN. Sejak non-CIDR rute yang hampir tidak pernah digunakan, OpenVPN untuk Android akan menggunakan / 32 untuk rute yang tidak CIDR dan mengeluarkan peringatan. + Penarikan bekerja sementara VPN aktif. Ditambatkan sambungan tidak akan menggunakan VPN. + Versi KitKat awal menetapkan nilai MSS salah pada TCP koneksi (# 61948). OpenVPN untuk secara otomatis mengaktifkan mssfix pilihan untuk solusi bug ini. + Android akan tetap menggunakan pengaturan proxy Anda ditentukan untuk mobile koneksi / Wi-Fi ketika tidak ada server DNS diatur. OpenVPN untuk Android akan memperingatkan Anda tentang hal ini dalam log.

Ketika VPN menetapkan server DNS Android tidak akan proxy. Tidak ada API untuk mengatur proxy untuk koneksi VPN.

+ Aplikasi VPN dapat berhenti bekerja ketika dihapus dan diinstal ulang lagi. Untuk jelasnya lihat # 80074 + IP klien dikonfigurasi dan IP di topeng jaringan tidak diteruskan ke VPN. OpenVPN bekerja di sekitar bug ini dengan secara eksplisit menambahkan rute yang corrosponds ke IP klien dan netmask nya + Membuka perangkat tun saat perangkat tun lain sedang aktif, yang digunakan untuk dukungan bertahan-tun, crash VPNServices pada perangkat. A reboot diperlukan untuk membuat pekerjaan VPN lagi. OpenVPN untuk Android mencoba untuk menghindari membuka kembali perangkat tun dan jika benar-benar diperlukan pertama menutup TUN saat sebelum membuka perangkat TUN baru untuk menghindari crash. Hal ini dapat menyebabkan jendela pendek di mana paket dikirim melalui koneksi non-VPN. Bahkan dengan solusi ini VPNServices kadang-kadang crash dan memerlukan reboot perangkat. + VPN tidak bekerja sama sekali bagi pengguna sekunder. + "Beberapa pengguna melaporkan bahwa koneksi mobile / koneksi data mobile sering menjatuhkan saat menggunakan aplikasi VPN. Perilaku tampaknya hanya mempengaruhi beberapa kombinasi perangkat mobile provider / dan sejauh ini tidak ada penyebab / solusi untuk bug dapat diidentifikasi." + Hanya tujuan yang bisa dicapai melalui VPN yang bisa dijangkau tanpa VPN. VPN IPv6 tidak bekerja sama sekali. + Rute non CIDR + Tindakan Proxy untuk VPN + Menginstal ulang aplikasi VPN + %s dan sebelumnya + Salinan dari %s + Alihkan ke alamat IP yang telah ditentukan + Nilai MSS yang salah untuk koneksi VPN + Pengguna tablet sekunder + Tentukan pengaturan untuk koneksi khusus . Gunakan dengan hati-hati + Pilihan buatan + Hapus entri koneksi + Terputus acak dari jaringan selular + Rangkaian remote tak terjangkau + Modus terowongan bertahan + %s dan yang lebih baru + Sambungan gagal dengan peringatan kegagalan jabat tangan SSL23_GET_SERVER_HELLO:sslv3 diff --git a/app/src/main/res/values-it/strings-icsopenvpn.xml b/app/src/main/res/values-it/strings-icsopenvpn.xml index f35a4b660eb2f1ee8451d591fddebddef71e85a9..feb61f0d22ac702449418dc3e4dae5896ac21af7 100755 --- a/app/src/main/res/values-it/strings-icsopenvpn.xml +++ b/app/src/main/res/values-it/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -182,7 +182,6 @@ Effettuata la lettura del file di configurazione Nessun certificato della CA è stato prelevato dal Keystore di Android. E\' probabile che l\'autenticazione fallisca. Mostra la finestra dei log della connessione. Si può sempre accedere alla finestra dei log tramite la barra delle notifiche. Visualizza la finestra dei log - In esecuzione su %1$s (%2$s) %3$s, Android API %4$d Errore di firma con la chiave %1$s: %2$s del Keystore di Android. L\'avvertimento durante la connessione VPN, in cui si informa che questo programma può intercettare tutto il traffico del sistema, serve a prevenire un uso fraudolento delle API del servizio VPN.\nL\'icona di notifica a forma di chiave è altresì imposta dal sistema Android per avvertire che si è connessi ad una VPN. Su alcuni apparecchi questa notifica è accompagnata da un suono.\nAndroid utilizza questi sistemi per la tua sicurezza e per assicurarsi che questi non vengano aggirati (in alcuni firmware questo sfortunamente è accompagnato da un suono di avvertimento). Avviso di connessione e notifica sonora @@ -262,7 +261,6 @@ Effettuata la lettura del file di configurazione Algoritmo di crittografia Autenticazione pacchetti Seleziona il metodo di autenticazione dei pacchetti - In esecuzione su %1$s (%2$s) %3$s, Android API %4$d, versione %5$s, %6$s compilato da %s versione di debug versione ufficiale @@ -346,6 +344,7 @@ Effettuata la lettura del file di configurazione Impostazioni TLS Profilo VPN duplicato Duplicazione del profilo: %s + Mostra il log %s e precedenti Copia di %s diff --git a/app/src/main/res/values-ja/strings-icsopenvpn.xml b/app/src/main/res/values-ja/strings-icsopenvpn.xml index f12d149b96fa121558f805056b87a353e2671488..7e8be056f5b8f6c433cef25eb883fb8feaaf2636 100755 --- a/app/src/main/res/values-ja/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ja/strings-icsopenvpn.xml @@ -1,26 +1,26 @@ - サーバアドレス - ポート番号 + サーバーアドレス: + ポート番号: 場所 ディレクトリが読み取れません 選択 キャンセル データなし - LZO 圧縮 + LZO圧縮 証明書がありません。 クライアント証明書 クライアント証明書のキー PKCS12ファイル CA 証明書 証明書を選択する必要があります。 - ソースコードと問題管理はここにあります: http://code.google.com/p/ics-openvpn/ + ソースコードと問題管理はこちら: https://github.com/schwabe/ics-openvpn/ プログラムは、次のコンポーネントを使用します。完全な詳細についてはソース上のライセンスを参照してください。 バージョン情報 プロファイル @@ -28,7 +28,7 @@ PKCS12のパスワード 選択… ファイルを選択する必要があります。 - TLS認証を使用します。 + TLS認証を使用する TLS Direction IPv6アドレスをCIDR形式で入力(例:2000:dd::23/64) IPv4アドレスをCIDR形式で入力(例:1.2.3.4/24) @@ -55,7 +55,7 @@ ランダムなホスト プレフィックス ランダムな6文字をホスト名の前に付加します。 カスタム オプションを使用する - カスタムオプションを指定します。注意を要します。 + カスタムオプションを指定します。注意して使用してください! 経路がAndroidにより拒否されました。 切断 VPNを切断します @@ -63,6 +63,8 @@ キャンセルの確認 接続中または試行中の接続をキャンセルしますか? VPN を削除 + サーバが証明書とともにTLS拡張(--remote-cert-tls server)を使用しているか確認する + TLSサーバー証明書を要求する リモートサーバー証明書の所有者識別子(Subject DN)を確認します。 証明書のホスト名を確認する リモート証明書の照合に使用する識別名(DN)を指定します。(例: C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\n完全な識別名(DN)または相対識別名(RDN)、あるいは相対識別名のプリフィクスを指定します。\n\nたとえば相対識別名のプリフィクスとして\"Server\"を指定すると、\"Server-1\"と\"Server-2\"にマッチします。\n\n空欄にした場合は相対識別名とサーバのホスト名をチェックします。\n\n詳細についてはOpenVPN 2.3.1以降のマニュアルの「--verify-x509-name」の項を参照してください。 @@ -73,7 +75,7 @@ サーバからは何も情報が取得できません。指定が必要な設定は以下の通りです。 情報取得の設定 DNS - サーバ指定のDNSサーバ設定をオーバーライドします。 + DNSを手動設定する DNSをユーザ側で指定します。 検索ドメイン 使用する DNS サーバー @@ -85,12 +87,13 @@ すべての通信をVPN経由にします 既定の経路に使用 カスタム経路を入力します。宛先のみをCIDR形式で指定します。例えば \"10.0.0.0/8 2002::/16\"と指定すれば10.0.0.0/8と2002::/16への通信はVPNに向けられます。 + VPNを経由しないネットワークを指定します。カスタム経路と同じ書式を使用します。 カスタム経路情報 除外されたネットワーク ログの詳細度 認証済みパケットをどのIPからでも受け付けます。 フローティング サーバーを許可 - カスタム オプション + カスタムオプション VPN 設定の編集 VPN プロファイル %s を削除しますか? いくつかのカスタムICSイメージは、/dev/tunのパーミッションが異常か、TUNモジュールが含まれていません。CM9イメージの場合は全般設定で所有権設定を修正してください。 @@ -102,12 +105,13 @@ DNSサーバ: %1$s, ドメイン: %2$s 経路: %1$s %2$s 除外された経路: %1$s %2$s + VpnServiceの経路を設定しました: %1$s %2$s インターフェース情報として %1$s と %2$s を取得しました。2つ目のアドレスはリモート側のピアアドレスです。32ビットマスクをローカルIPに使用します。 OpenVPNのモードは \"%3$s\" です。 %1$sと%2$sではCIDR形式のIP経路情報として意味をなしません。32ビットマスクを使用します。 経路情報%1$s/%2$sを%3$s/%2$sに修正しました。 Androidの証明書管理にアクセスできません。(ファームウェアの更新、アプリケーションまたはその設定のリストアによって発生する場合があります)。VPNの設定で証明書の選択を再度行ってください。 %1$s %2$s - ログ ファイルを送信します。 + ログファイルを送信 送信 ICS OpenVPN ログ ファイル ログ エントリをクリップボードにコピーしました @@ -159,7 +163,9 @@ SDカード上のデータは本質的に無防備です。すべてのアプリ 状態メッセージを待っています。 インポートされたプロファイル インポートされたプロファイル %d - 壊れたイメージ + 壊れたファームウェア + <p>HTCの公式ファームウェアにはトンネルにトラフィックを流すことができない奇妙なルーティングの問題を抱えています。 (バグトラッカーを参照 <a href=\"https://github.com/schwabe/ics-openvpn/issues/18\">Issue 18</a>)</p><p>古いSONY、Xperia Arc SとXperia RayのファームウェアはVPNServiceが完全に欠落していると報告されています。(バグトラッカーを参照 <a href=\"https://github.com/schwabe/ics-openvpn/issues/29\">Issue 29</a>)</p><p>カスタムビルドされたファームウェアにおいてtunモジュールがなかったり、あるいは権限が間違っている場合があります。いくつかのCM9では +\"Device specific hacks(デバイス固有のhack)\"を有効にして\"Fix ownership(所有権を修正)\"オプションを使用する必要があります。</p><p>とても重要なこと: もしあなたがファームウェアの不完全なAndroidデバイスを所有していたら、メーカーに報告してください。より多くの人が問題を報告すれば、彼らが修正することでしょう。</p> PKCS12ファイルの暗号化キー 秘密鍵のパスワード パスワード @@ -180,7 +186,7 @@ SDカード上のデータは本質的に無防備です。すべてのアプリ 認証局証明書(CA Cert)がAndroidのキーストアから取得できませんでした。認証はおそらく失敗します。 接続時にログウィンドウを表示します。ログウィンドウは常に状態通知からアクセスできます。 ログウィンドウを表示 - 実行中:%1$s (%2$s)%3$s Android API %4$d + %10$s %9$s は次の環境で実行中です %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Androidキーストアに保存されたキー %1$s: %2$sの署名エラーです VPN接続の警告は、このアプリケーションがVPNService APIを悪用してすべての通信を傍受できることを、システムがあなたに知らせるものです。\n VPN接続通知(鍵の形)は、VPN接続が稼働中であることをAndroidが知らせています。いくつかのシステムではこの通知で音を鳴らします。\n @@ -231,11 +237,30 @@ OpenVPNの接続を保証するためには、アプリケーションを高い SDカードからプロファイル(.ovpnや.conf)をインポートするには <img src=\"ic_menu_archive\"/> のアイコンを使用します。 FAQを確認してください。クイックスタートガイドがあります。 経路情報/インターフェース設定 + 経路とインターフェースの設定は従来のifconfig/routeコマンドではなくVPNService APIを使用して行われます。 +その結果、経路の設定はほかのOSとは異なります。\n + +VPNトンネルの設定は、IPアドレスとこのインターフェースを経由すべきネットワークで構成されます。 +特に、対向側のアドレスやゲートウェイアドレスは必要とされません。 +VPNサーバに到達するための特別な経路(たとえばredirect-gatewayディレクティブを使用したとき)も必要ありません。 +従ってこのアプリが設定をインポートした際は、これらの設定を無視します。 +アプリは、VPNトンネルを経由しないサーバへの接続をVPNService APIによって保証されます。\n + +VPNService APIはVPNを経由すべきでないネットワークの指定を許可しません。 +回避策として、アプリはトンネルを経由すべきでないネットワーク(例 route x.x.x.x y.y.y.y net_gateway)を検知を試み、ほかのプラットフォームの挙動を再現するために除外すべき経路を計算します。ログウィンドウは成立した接続のVPNServiceの設定を表示します。\n + + + +こっそり: +Android 4.4以上はポリシールーティングを使用します。route/ifconfigコマンドは設定された経路を表示しません。代わりにip ruleまたはiptables -t mangle -Lを使用します。 OpenVPNが再接続試行中は、VPNなし状態を報告しません。 永続的なTUNデバイス OpenVPN のログ OpenVPN の構成のインポート バッテリー消費量 + 個人的な検証では、OpenVPNがバッテリを多く消費する主な原因はkeepaliveパケットです。 +大部分のOpenVPNサーバは\'keepalive 10 60\'のような設定を持っており、これは10秒ごとにサーバとクライアントで相互にkeepaliveパケットを送信しあうことを意味します。 <p>これらのパケットは小さく多くの帯域は使用しませんが、モバイル回線機能を常に稼動させ続け電力消費を増大させます。 <p> +(参考 <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Android Developers</a>)<p>このkeepalive設定はクライアント側からは変更できません。OpenVPNのシステム管理者のみが変更可能です。 <p> 残念なことに、60秒より大きな間隔のUDP keepaliveはいくつかのNATゲートウェイにおいては接続状態が維持できず、それより短い時間でタイムアウトします(検証では60秒)。 TCP keepaliveと長いタイムアウト時間の使用は、動作はしますがTCP over TCP問題を引き起こします。(詳細は<a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\">なぜTCP over TCPは悪いアイディアなのか</a>を参照) Androidのテザリング機能(WiFi, USB, Bluetooth経由)とVPNService API(このプログラムから使用する機能)は同時に利用できません。詳細については<a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\">issue #34</a>を参照 VPN とテザリング 接続の再試行回数 @@ -271,7 +296,6 @@ OpenVPNの接続を保証するためには、アプリケーションを高い 暗号化方式 パケット認証 パケット認証方式を入力してください。 - %1$s (%2$s) %3$s、Android API %4$d、バージョン %5$s %6$s において実行中 %s によりビルド デバッグ ビルド 正式ビルド @@ -293,25 +317,28 @@ OpenVPNの接続を保証するためには、アプリケーションを高い 許可アプリの一覧をクリアしますか?\n現在の許可アプリ一覧:\n\n%s スクリーンがオフかつ60秒で64kB以下のデータ転送量の場合、VPN通信を中断します。「永続的なTUN」設定が有効な場合、VPN接続が中断されると通信ができなくなります。「永続的なTUN」を無効にすると、VPNによる接続保護は行われなくなります。 画面オフ後にVPN接続を中断 - 警告: このVPN接続には永続的なTUNが設定されていません。スクリーンオフ後の通信は通常のインターネット接続を使用します。 + 画面オフにより接続を中断しています: %2$s秒で%1$s 以下 + 警告: このVPN接続には永続的なTUNデバイスが設定されていません。スクリーンオフ後の通信は通常のインターネット接続を使用します。 パスワードを保存 - VPN一時停止 + VPNを中断 VPN再開 - ユーザによってVPN一時停止が要求されました - VPN一時停止中 - screenオフ - デバイス固有のhacks + ユーザによってVPNの中断が要求されました + VPN中断中 - 画面オフ + デバイス固有のハック 証明書の情報が表示できません。 アプリケーションの挙動 VPN の挙動 VPNプロファイルの変更を許可する ハードウェアのキーストア: OpenVPN for Androidを使用しようと試みるアプリのアイコン - Android 4.3以降用VPN確認ダイアログ + Android 4.3で使用した場合、VPN確認画面はオーバーレイ(常に画面全体を覆う表示)を使用するアプリから保護されます。この結果、ダイアログはタッチ操作に反応しなくなります。もしあなたがオーバーレイを使用したアプリを使っていたらこの挙動に遭遇するでしょう。もしあなたがこういった無作法なアプリを見つけたら、そのアプリの作者に連絡しましょう。この問題はAndroid 4.3以降でVPNアプリケーションすべてに影響します。詳細は <a href=\"https://github.com/schwabe/ics-openvpn/issues/185\">Issue 185<a> を参照してください。 + VPN確認ダイアログ ほかの手段として、Play Storeで私に寄付できます。 %s の寄付をお寄せいただきありがとうございます! ログがクリアされました。 パスワードを表示する キーチェーン アクセス エラー: %s + 短め ISO タイムスタンプ なし @@ -331,4 +358,84 @@ OpenVPNの接続を保証するためには、アプリケーションを高い いくつかのファイルが見つかりませんでした。プロファイルをインポートするファイルを選択してください: このアプリを使用するには、(多くの場合、あなたの雇用者によって提供される)OpenVPNをサポートするVPNプロバイダ/ VPNゲートウェイが必要です。あなた独自のOpenVPNサーバーをセットアップするためにはhttp://community.openvpn.net/ をチェックしてください。 インポートログ: + VPNトポロジ \"%3$s\" が設定されていますが ifconfig %1$s %2$s はIPアドレスとネットマスクのように見えます。\"サブネット\"トポロジを仮定します。 + MSSに指定できる値は0~9000の整数です + OpenVPNがカプセル化したあとのパケットサイズで制限するようトンネル越しのTCPセッションに通知します。結果、OpenVPNが相手に送信するUDPパケットサイズはこのバイト数を超えなくなります。(デフォルトは1450) + TCPペイロードのMSSを指定する + TCPペイロードのMSSを設定 + クライアント動作 + 許可された外部アプリをクリア + 読み込み中... + 許可されたVPNアプリケーション:%1$s + 許可されていないVPNアプリ:%1$s + パッケージ %s はインストールされていないため、許可/不許可アプリリストから削除します + VPNは選択したアプリ以外のすべてのアプリから使用されます + VPNは選択されたアプリのみで使用できます + 接続先設定を削除しますか? + 保持 + 削除 + 新しい接続先を追加 + 接続時に接続先をランダムに使用する + 少なくとも一つ以上の接続先を設定し有効化する必要があります + 接続先リスト + 許可されたアプリ + 詳細設定 + ペイロードオプション + TLSの設定 + 接続先が設定されていません + VPNプロファイルを複製 + プロファイルの複製:%s + ログを表示 + Android用のOpenVPNクライアントは複数あります。主なものとしては「OpenVPN for Android」(このアプリ)「OpenVPN Connect」「OpenVPN Settings」があります。<p>クライアントは大きく2種類に分けられます。「OpenVPN for Android」「OpenVPN Connect」は公式なVPNService API (Android 4.0以降)を使用しroot権限は不要です。「OpenVPN Settings」はroot権限が必要です。<p>「OpenVPN for Android」はオープンソースのクライアントでArne Schwabeにより開発されています。詳しい人をターゲットとして、多くの設定とファイルからのプロファイルインポート、アプリ内でのプロファイル設定変更ができるようになっています。コミュニティ版のOpenVPN 2.xのソースコードをベースとしています。コミュニティの準公式クライアントとみなせます。<p>「OpenVPN Connect」はOpenVPN Technologies, Incにより開発されておりオープンソースではありません。より一般的な使い方と平均的なユーザをターゲットとしており、OpenVPNプロファイルのインポートができます。OpenVPNプロトコルのC++による再実装コードをベースとしています(これはOpenVPN Technologies, IncがiOS版を公開するために必要でした)。OpenVPN Technologies, Incの公式クライアントです。<p> 「OpenVPN Settings」は最も古いクライアントであり、オープンソースのOpenVPN用のUIです。「OpenVPN for Android」との大きな違いはroot権限を必要とし、かつVPNService APIを使用しないことです。Android 4.0以降に依存しません。 + Android用OpenVPNクライアント間の違い + マルチキャストされた経路を無視します: %s + AndroidはVPNへの経路としてCIDRのみサポートします。非CIDR経路はほとんど使用されないため、OpenVPN for Androidは非CIDR経路に/32を使用し、警告を発します。 + テザリングはVPNが接続中でも有効です。ただしテザリングした通信はVPNを使用できません。 + 初期のKitKatはTCP接続において間違ったMSS値を使用します。(#61948). このバグを回避するにはmssfixオプションの有効化を試してください。 + AndroidはDNSサーバの設定がされていない場合、モバイル/WiFiのプロキシ設定を使用し続けます。OpenVPN for Androidはこれについてログにて警告します。

VPNがDNSサーバを設定した場合、Androidはプロキシを使用しなくなります。VPNでプロキシを使用するよう設定するAPIは存在しません。

 + VPNアプリはアンインストール/再インストール時に正常に動作しなくなることがあります。詳細は#80074を参照してください。 + 設定されたクライアントIPとネットマスクに含まれるIPアドレスはVPNを経由しません。OpenVPNは明示的に経路を追加することでこのバグを回避します。 + ほかのTUNデバイスが使用されている間に、永続的なTUNデバイス機能のためにTUNデバイスを開こうとするとデバイス上のVPNServiceがクラッシュします。VPNが再び動作するためにはデバイスの再起動が必要です。OpenVPN for Androidはクラッシュを避けるため、新しいTUNデバイスを開く前に現在のTUNデバイスを閉じます。これは短期間、パケットが非VPN接続に送信される原因になります。この回避策があっても、VPNServiceは時々クラッシュし、デバイスの再起動が必要になります。 + VPNはほかのユーザーに対しては動作しません。 + "複数のユーザが、VPNアプリ使用中にモバイル接続が頻繁に欠落すると報告しています。この挙動は特定のプロバイダ/デバイスの組み合わせでのみ発生すると思われ、これまでのところこのバグに対する原因や回避策は特定されていません。" + VPNなしでも到達可能なネットワークにのみVPN経由で到達できる場合。IPv6 VPN は動作しません。 + 非CIDRルート + VPNのプロキシ動作 + VPNアプリを再インストールする場合 + %sおよびそれ以前 + %sのコピー + 設定されたIPアドレスへの経路 + VPN接続に不正なMSS値 + タブレットの複数ユーザー + カスタム指定の接続オプションを設定します。慎重に利用してください + カスタムオプション + 接続エントリを削除します + モバイルネットワークが突発的に切断される + リモートネットワークに到達できません + 持続的なTUNモード + %s以降 + SSL23_GET_SERVER_HELLO:sslv3 alert handshake failureで接続が失敗する + OpenVPN for Androidの新しいバージョン(0.6.29/March 2015)は、暗号化スイートが許す限りよりセキュアなデフォルトを使用します(tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\")。 残念なことに、欠陥のある暗号化スイートあるいは輸出用暗号化スイート、特にPerfect Forward Secrecy (Diffie-Hellman)に欠陥がある暗号化スイートでは問題を生じます。これらは通常、サーバのtls-cipherの設定や最小限のSSLを実装した組み込みOS(例えば MikroTik)で、よりTLSセキュリティを強化しようとした善意での、しかし不完全な試みにより生じます\nこの問題を解決するには、サーバ側で tls-cipher に \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\" のような妥当なデフォルトを設定します。この問題のクライアント側の回避策としては、カスタムオプションに tls-cipher DEFAULT を追加します。 + このプロファイルは外部のアプリ(%s)より追加され、ユーザによる編集が無効化されています + 証明書失効リスト + OpenVPNを再起動しています(クラッシュしたか、メモリ不足により停止させられたため) + 設定のインポートでエラーが発生したため、保存できません。 + 検索 + (最後のダンプ %1$d:%2$d 経過 (%3$s)) + 新規接続時にログをクリアする + 接続タイムアウト + 許可されたアプリがありません。すべてのアプリを不許可にする場合は最低でも1つのアプリを許可する必要があるため、このアプリ (%s) を追加します。 + OpenVPN for Androidは見失ったファイルを自動でSDカードから再探索することができます。このメッセージをタップして権限のリクエストを行ってください。 + プロトコル + 有効 + Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch + 残り %dヵ月 + 残り %d日 + 残り %d時間 + OSによりVPNの権限が取り消されました (ほかのVPNプログラムが動作した場合など)。VPNを停止します + ピア情報を送信する + 追加の情報をサーバに送信する (SSLやAndroidのバージョン等) + %1$s + プロファイル %1$s のパスワードを入力してください + インラインデータを使用する diff --git a/app/src/main/res/values-ko/strings-icsopenvpn.xml b/app/src/main/res/values-ko/strings-icsopenvpn.xml index 4a4273d8f1f10dd1257db6b24fbcb6e6f1fe5a06..640ee0f1049e87628d51442c1a145c3ea313ceda 100755 --- a/app/src/main/res/values-ko/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ko/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -34,15 +34,15 @@ CIDR 형식의 IPv4 주소/넷마스크를 입력 (예: 1.2.3.4/24) IPv4 주소 IPv6 주소 - 사용자 정의 OpenVPN 옵션을 입력하세요. 매우 조심하세요. 또한 많은 tun과 연관된 OpenVPN 설정은 VPN 설정의 설계로 인하여 지원 되지 않습니다. 중요한 옵션이 누락됐다고 생각되면 저자에게 연락하십시오 + 사용자 정의 OpenVPN 옵션을 입력하십시오. 사용 시 유의하십시오. 또한 TUN과 연관된 많은 OpenVPN 설정은 안드로이드에서 지원하는 VPN 설정의 한계로 지원되지 않습니다. 중요한 옵션이 누락됐다고 생각되면 개발자에게 연락주십시오. 계정 암호 고정설정에는 TLS인증 키가 고정키로 사용됩니다 VPN 설정 프로파일 추가 - 새 프로 파일을 식별 하는 이름을 입력 하십시오 + 새 프로파일에 사용할 이름을 입력하세요. 고유 프로필 이름을 입력 하십시오 - 프로 파일 이름 + 프로파일 이름 사용자 인증서를 선택 해야 합니다 오류 없음 설정 오류 @@ -51,7 +51,7 @@ (비워두면 요청시 쿼리됨) OpenVPN 바로 가기 VPN에 연결 하기 - 바로 가기에 지정 된 프로파일을 찾을 수 없습니다. + 바로가기에 지정 된 프로파일을 찾을 수 없습니다. 임의의 호스트 접두사 6개 임의의 문자를 호스트 이름 앞에 추가 사용자 지정 옵션을 사용 하도록 설정 @@ -72,7 +72,7 @@ TLS Key 인증 활성화 TLS 인증 파일 서버로부터 IP 주소, 라우트와 타이밍 옵션을 요구합니다. - 서버로부터 정보를 요구하지 않습니다. 설정은 아래에 지정되야 합니다. + 서버는 어떤 정보도 요구하지 않습니다. 아래에 세부 설정을 지정하십시오. 설정 받기 DNS 서버에서 DNS 설정을 재정의합니다 @@ -87,15 +87,15 @@ VPN을 통해 모든 트래픽을 보냅니다. 기본 라우트 사용하기 사용자 지정 라우트를 입력하십시오. 목적지는 CIDR 형식으로만 입력하십시오. \"10.0.0.0/8 2002::/16\"은 10.0.0.0/8 과 2002::/16 네트워크를 VPN으로 보냅니다. - VPN을 통해 라우팅하지 말아 경로. 포함 경로와 동일한 구문을 사용합니다. + VPN을 통해 라우팅되면 안되는 경로(라우트). 포함된 경로와 동일한 구문을 사용합니다. 사용자 지정 라우트 - 123456 + 제외된 네트워크 로그의 자세한 정도 인증된 패킷은 IP와 상관없이 허용 플로팅 서버 허용 사용자 지정 옵션 VPN 설정 편집 - VPN 프로 파일 \'%s\' 제거? + VPN 프로파일 \'%s\'을 삭제할까요? 일부 사용자 지정 ICS 이미지에서는 /dev/tun에 대한 권한이 잘못 되어 있거나 tun 모듈 자체가 누락 될 수 있습니다. CM9 이미지는 일반 설정에 있는 소유권 고치기 옵션을 사용해 보십시오. Tun 인터페이스를 열지 못했습니다 "오류:" @@ -103,6 +103,8 @@ TUN 인터페이스 열기: 로컬 IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d DNS 서버: %1$s, 도메인: %2$s + 경로: %1$s %2$s + 제외된 경로: %1$s %2$s 인터페이스 정보 %1$s와 %2$s에 있어, 두 번째 주소를 원격 피어 주소로 가정 하겠습니다. 로컬 IP의 넷마스크로는 /32를 사용하겠습니다. OpenVPN에 의해 주어진 모드는 \"%3$s\" 입니다. CIDR 넷마스크가 있는 IP 라우트 %1$s 와 %2$s 에 있어서 처리가 불가능합니다. /32를 넷마스크로 사용하겠습니다. %1$s/%2$s 에서 %3$s/%2$s로 라우트 수정 @@ -133,9 +135,9 @@ 파일 시스템에서 파일을 가져올 수 없습니다. [[인라인 파일 데이터]] IP 정보가 없는 tun 장치 열기를 거부합니다 - Ovpn 파일에서 프로파일 가져오기 + ovpn 파일에서 프로파일 가져오기 가져오기 - 가져올 프로 파일을 읽을 수 없습니다. + 가져올 프로파일을 읽을 수 없습니다. 설정 파일 읽기 오류 프로파일 추가 가져온된 설정 파일에 언급 된 파일 %1$s를 찾을 수 없습니다. @@ -146,7 +148,7 @@ 로컬 바인딩 안함 구성 파일 가져오기 보안 고려 사항 - "OpenVPN은 보안에 민감하기 때문에 보안에 관련된 부분을 알고가는것이 현명합니다. SD카드의 있는 데이터는 기본적으로 보안이 취약합니다. 모든 앱이 읽을 수 있기 때문입니다 (예로 이 프로그램 또한 SD카드의 읽기 권한이 필요없습니다). 본앱의 데이터는 본앱만이 읽을 수 있습니다. cacert/cert/key를 파일 탐색기의 가져오기 옵션을 사용하면 데이터는 VPN 프로파일 내에 저장됩니다. VPN 프로파일은 본앱만이 접근할 수 있습니다. (잊지말고 SD카드에 있는 것을 삭제하세요). 접근은 본앱만이 가능하더라도 데이터는 암호화가 되어있지 않습니다. 루팅을 비롯한 다른 방법을 악용하여 데이터를 빼낼 수 있습니다. 암호 또한 일반 텍스트로 저장되어 있습니다. pkcs12 파일은 안드로이드 keystore에 보관할것을 강력하게 추천합니다." + "OpenVPN은 보안에 민감하기 때문에 보안에 관련된 부분을 알고가는것이 현명합니다. SD 카드에 있는 데이터는 모든 앱이 읽을 수 있기 때문에 보안이 취약합니다. (이 OpenVPN 앱은 SD 카드 읽기 권한이 필요없습니다) 이 OpenVPN 앱의 데이터는 이 OpenVPN 앱만이 읽을 수 있습니다. cacert/cert/key를 파일 탐색기의 가져오기 옵션을 사용하면 데이터는 VPN 프로파일 내에 저장됩니다. 이 VPN 프로파일은 이 OpenVPN 앱만이 접근할 수 있습니다. (잊지 말고 SD 카드에 남아있는 파일들을 삭제하세요.) 접근은 이 OpenVPN 앱만 가능하더라도 데이터는 암호화가 되어 있지 않습니다. 루팅을 비롯한 다른 악의적인 방법으로 데이터를 빼낼 수 있습니다. 암호 또한 일반 텍스트로 저장되어 있습니다. pkcs12 파일은 안드로이드 keystore에 보관할 것을 강력하게 추천합니다." 가져오기 인증서 선택 표시 오류 안드로이드 4.0+의 인증서 선택창을 보여주려는 과정에서 예외가 발생됐습니다. 안드로이드 4.0+의 표준 기능임으로 이 같은 일은 일어나면 안됩니다. 어쩌면 인증서 저장소에 대한 귀하의 안드로이드 ROM 지원이 깨졌습니다. @@ -177,11 +179,10 @@ 안드로이드 keystore에서 CA 인증서를 찾지 못했습니다. Auhtentication은 실패할 것 입니다. 연결시 로그 윈도우를 보여드립니다. 로그 윈도우는 항상 notification status에서 접근이 가능합니다. 로그 윈도우 보기 - %1$s (%2$s) %3$s, 안드로이드 API %4$d 에서 실행 안드로이드 keystore 키 %1$s: %2$s과 싸이닝 오류 시스템에서는 VPN연결 경고를 통해 당신에게 본앱이 모든 트래픽을 가로챌수있다는 점을 알리게 되어 있는데 이는 VPNService API가 남용하는것을 막기 위함입니다.\nVPN 연결 알림 (키 아이콘) 또한 안드로이드 시스템에서 부과하는 부분이며 이는 VPN연결을 알리는 신호입니다. 어떤 버전에서는 소리를 알림으로 사용하는 경우도 있습니다.\n안드로이드는 이같은 방법을 당신의 안전을 위해 도입하였으며 사용은 필수적입니다. (어떤 버전에서는 유감스럽게도 소리 알림 또한 포함됩니다.) 연결 경고 및 알림 소리 - 한국어 번역 (주)기가드 안규태<ktdann@gmail.com> + 우리말 번역에 참여해주세요. IP 와 DNS 기본 라우팅 @@ -200,9 +201,9 @@ 프록시 %1$s %2$d 을 사용 시스템 프록시를 사용 연결시 전 시스템 설정에 있는 HTTP/HTTPS 프록시를 사용합니다. - 당신은 <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPal을 사용하여 기부할 수 있습니다.</a> + 당신은 <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPal을 통해 기부할 수 있습니다.</a> OpenVPN은 시스템 재부팅/종료에 활성화 되었으면 VPN을 다시 연결합니다. 이 옵션을 사용 하기 전에 연결 경고 FAQ를 읽어 보시기 바랍니다. - 재부팅시 다시 연결 + 재시작 후 다시 연결 무시 다시 시작 VPN을 다시 시작한 후 설정 변경 내용이 적용 됩니다. VPN을 지금 (재)시작? @@ -210,13 +211,13 @@ 편집을 위해 마지막으로 연결 된 프로파일을 확인할 수 없습니다. 중복 알림 안드로이드는 시스템의 메모리 (RAM) 가 부족한 경우, 현재 필요하지 않는 앱들과 서비스들을 활성화 메모리에서 삭제합니다. 이 과정에서 진행중인 VPN 연결이 끊어 집니다. 이렇게 되지 않기 위해서 OpenVPN 서비스는 우선순위가 높게 되어 실행됩니다. 높은 우선 순위로 실행되기 위해서는 응용프로그램에서 이를 알림으로 표시해야 합니다. 키 알림 아이콘은 이전 FAQ에서 설명된 대로 시스템에서 강요하기 때문입니다. 이것은 우선 순위가 높이 실행된다는 알림에 대한 알림이 아닙니다. - VPN 프로파일이 정의 않됐습니다. + VPN 프로파일이 없습니다. 이 <img src=\"ic_menu_add\"/> 아이콘을 사용하여 VPN을 추가 하세요 이 <img src=\"ic_menu_archive\"/> 아이콘을 사용하여 귀하의 sdcard에서 기존 (.ovpn 또는 .conf) 프로파일을 가져오세요. 꼭 FAQ를 확인 하세요. 빠른 시작 가이드가 있습니다. 라우팅/인터페이스 설정 OpenVPN을 다시 연결 하는 경우 VPN 연결 없음으로 표기하지 마십시오. - tun 유지 + 지속적인 TUN OpenVPN 로그 OpenVPN 설정 가져오기 배터리 소모 @@ -256,7 +257,6 @@ 암호화 암호 패킷 인증 패킷 인증 방법을 입력한다 - %1$s (%2$s) %3$s, 안드로이드 API %4$d, 버전 %5$s, %6$s에서 실행 개발자 %s 디버그 빌드 공식 빌드 @@ -282,6 +282,7 @@ 경고: 이 VPN은 persistent tun이 비활성화 되어있습니다. 화면이 꺼졌을 때 트래픽은 터널을 사용하지 않고 인터넷을 바로 사용합니다. 암호 저장 VPN 일시중지 + VPN 재개하기 VPN 일시 정지 사용자의 요청 VPN 일시정지됨 - 화면 끄기 장치 관련 Hacks @@ -309,4 +310,15 @@ 처리 되지 않은 예외: %1$s\n\n%2$s %3$s: %1$s\n\n%2$s 전체 라이센스 + 사용자 이름/암호 파일 + %s 에서 가져옴 + MSS override의 값은 0과 9000 사이의 정수이어야합니다 + 로드 중... + VPN을 사용할 앱들: %1$s + VPN을 사용하지 않을 앱들: %1$s + 유지 + 삭제 + 페이로드 옵션 + TLS 설정 + 안드로이드 OpenVPN 클라이언트 간의 차이 diff --git a/app/src/main/res/values-nl/strings-icsopenvpn.xml b/app/src/main/res/values-nl/strings-icsopenvpn.xml index 2b3468e373af9c56be0db830ea3fc8d451e7b6f0..da57e5e02f3a5aa219b2f10e8ae3dcab341625ab 100755 --- a/app/src/main/res/values-nl/strings-icsopenvpn.xml +++ b/app/src/main/res/values-nl/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -20,7 +20,7 @@ PKCS12 Bestand CA Certificaat Je moet een certificaat selecteren - De broncode en bugs zijn te vinden op http://code.google.com/p/ics-openvpn/ + De broncode en bugs zijn te vinden op https://github.com/schwabe/ics-openvpn/ Het programma gebruikt de volgende componenten. Zie de broncode voor volledige details over de licenties. Over Profielen @@ -30,9 +30,9 @@ Je moet een bestand selecteren Gebruik TLS autentificatie TLS Richting - Voer een IPv6 Adres/Netmask in met het CIDR Formaat (v.b. 2000:dd::23/64) - Voer een IPv4 Adres/Netmask in met het CIDR Formaat (v.b. 1.2.3.4/24) - IPv4 Adres + Voer een IPv6 Adres/Netmask in met het CIDR Formaat (b.v. 2000:dd::23/64) + Voer een IPv4 Adres/Netmask in met het CIDR Formaat (b.v. 1.2.3.4/24) + IPv6 Adres IPv4 Adres Geavanceerde OpenVPN opties. Veel van de tun gerelateerde OpenVPN instellingen worden niet ondersteund. Als u denkt dat een belangrijke optie ontbreekt, neem dan contact op met de auteur. Gebruikersnaam @@ -106,8 +106,10 @@ %1$s %2$s Logboek verzenden Verzenden + Kopiëer de log ingave naar het clip bord Tap mode De VPN API van Android werkt zonder rooten van de telefoon en ondersteunt alleen de tun modus. Daarom is de tap modus niet mogelijk met deze app. + Alweer? Maak je een grapje? Nee, tap mode wordt echt niet ondersteund en meer mails sturen met het verzoek of het ondersteund kan worden zal echt niet helpen, dus Neen. Veelgestelde vragen Codering Codering methode diff --git a/app/src/main/res/values-no/strings-icsopenvpn.xml b/app/src/main/res/values-no/strings-icsopenvpn.xml index bd71a77cf1e147f419f17fae5e12387bc9b218e6..b227c4b6f0e1fbe8d939f391455d49a6a4c89447 100755 --- a/app/src/main/res/values-no/strings-icsopenvpn.xml +++ b/app/src/main/res/values-no/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -125,7 +125,6 @@ Nettverksstatus: %s Velg Vis logg-vindu - Kjører på %1$s (%2$s) %3$s, Android API %4$d Norsk oversettelse av Jonny IP og DNS Grunnleggende diff --git a/app/src/main/res/values-pl/strings-icsopenvpn.xml b/app/src/main/res/values-pl/strings-icsopenvpn.xml index dece207b36fe497780c744f9ba200694c59e5480..04b8f56c402d80ce0d9d2fb842e6b84190e1a0c9 100755 --- a/app/src/main/res/values-pl/strings-icsopenvpn.xml +++ b/app/src/main/res/values-pl/strings-icsopenvpn.xml @@ -1,15 +1,15 @@ Adres serwera: Port serwera: - Lokalizacja - Nie można odczytać katalogu + Ścieżka + Nie mogę odczytać katalogu Wybierz Anuluj Brak danych @@ -18,11 +18,11 @@ Certyfikat klienta Klucz certyfikatu klienta Plik PKCS12 - Certyfikat urzędu certyfikacji + Certyfikat CA Musisz wybrać certyfikat - Kod źródłowy i formularz zgłoszeniowy błędów dostępny pod http://code.google.com/p/ics-openvpn/ + Kod źródłowy i formularz zgłoszeniowy błędów dostępny pod https://github.com/schwabe/ics-openvpn/ Program ten wykorzystuje następujące składniki; Szczegółowe informacje o licencjach w kodzie źródłowym - O + O programie Profile Typ Hasło PKCS12 @@ -46,8 +46,8 @@ Musisz wybrać certyfikat użytkownika Brak błędów Błąd w konfiguracji - Błąd parsowania adresu IPv4 - Błąd parsowania niestandardowych tras + Błąd analizowania adresu IPv4 + Błąd analizowania niestandardowych tras (Pozostaw puste, aby wywołać na żądanie) Skrót OpenVPN Połącz się z siecią VPN @@ -63,15 +63,21 @@ Anuluj potwierdzenie Odłącz podłączone VPN / zrezygnować z próby połączenia? Usuń VPN + Sprawdza, czy serwer używa certyfikatu z rozszerzeniami serwera TLS (--remote-cert-tls server) Oczekiwanie na certyfikat TLS z serwera + Sprawdza podmiot DN certyfikatu zdalnego Weryfikuj nazwę domenową zawartą w certyfikacie - Temat zdalnego certyfikatu + Określ czynność weryfikującą DN zdalnego certyfikatu (np. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\nUżyj pełnego DN lub RDN (przykładowo penvpn.blinkt.de), lub prefiks RDN w celu weryfikacji\n\nUżywając prefiksu \"Serwer\", RDN będzie prawidłowy dla \"Serwer-1\" lub \"Serwer-Agaty\"\n\nPozostawiając pole puste RDN będzie sprawdzany pod kątem nazwy serwera.\n\nAby uzyskać więcej informacji, spójrz do podręcznika OpenVPN 2.3.1 w dziale —verify-x509-name + Podmiot zdalnego certyfikatu Włącza uwierzytelnianie kluczem TLS Plik TLS + Pobierz z serwera adresy IP, trasy oraz inne opcje. + Żadne opcje nie będą pobierane z serwera, należy je ustawić poniżej. Pobierz ustawienia DNS Nadpisz DNS z serwera Użyj własnych serwerów DNS + searchDomain Używany serwer DNS. Serwer DNS Pomocniczy serwer DNS używany, jeśli normalny serwer DNS jest nieosiągalny. @@ -80,9 +86,13 @@ Ignoruj trasy serwera. Przekieruj cały ruch przez tunel VPN Użyj domyślnej trasy + Wprowadź własne trasy. Muszą być wprwadzone w formacie CIDR. \"10.0.0.0/8 2002::/16\" przekieruje ruch z 10.0.0.0/8 i 2002::/16 przez VPN. + Trasy, które NIE powinny być kierowane przez VPN. Użyj tej samej składni, jak w trasach opcjonalnych. Opcjonalne trasy + Wykluczone Sieci Poziom logowania Zezwalaj uwierzytelnionym pakietom z każdego IP + Zezwól na \"pływający\" serwer. Opcje użytkownika Edytuj ustawienia VPN Usunąć profil VPN \'%s\'? @@ -93,14 +103,22 @@ Otwieram interfejs tun: Lokalne IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d Serwer DNS: %1$s, Domena: %2$s + Trasy: %1$s %2$s + Wykluczone trasy: %1$s %2$s + VpnService dodano trasy: %1$s %2$s + Interfejs uzyskał %1$s oraz %2$s, zakładam, że drugi adres jest adresem zdalnym - peer. Użyto maski /32 dla lokalnego IP. Tryb OpenVPN to \"%3$s\". + %1$s i %2$s, nie są trasami IP w formacie CIDR, używam /32 jako maski sieci. + Poprawiłem trasę %1$s/%2$s na %3$s/%2$s + Nie mam dostępu do pęku kluczy Androida. Może być to spowodowane aktualizacją systemu lub przywróceniem kopii aplikacji lub jej opcji. Proszę, edytuj połączenie VPN i wybierz ponownie certyfikat w opcjach, w celu odtworzenia pozwoleń dostępu do certyfikatu. %1$s %2$s Wyślij loga Wyślij Plik logów ICS OpenVPN Skopiowano log do schowka Tryb TAP - Tryb TAP nie jest możliwy z nierootwanym API VPN. Dlatego ta aplikacja nie zapewnia wsparcia TAP - Znowu. Żartujesz sobie? Tryb tap jest naprawdę nie wspierany, a wysyłanie więcej maili o to czy będzie wsparcie wcale nie pomoże. + Tryb tap nie jest możliwy z API VPN bez użycia root-a. W związku z powyższym ta aplikacja nie wspiera tap + Jeszcze raz?! Raczysz sobie żartować... Tryb tap naprawdę nie jest wspierany, a zasypywanie mnie wiadomościami z tego typu pytaniami naprawdę, ale to naprawdę nie pomaga... + Trzeci raz?! Właściwie można by napisać emulator tap bazując na tun, który dodawałby informacje layer2 przy wysyłaniu oraz ucinał opcje L2 przy odbiorze. No, ale wymagałoby to zaimplementowania ARP - i pewnie klienta DHCP. Pierwsze słyszę, by ktoś w ogóle to robił - skontaktuj się ze mną, jeśli masz plan pomocy przy współtworzeniu wspomnianego emulatora. FAQ Kopiowanie wpisów dziennika Aby skopiować pojedynczy wpis dziennika, naciśnij i przytrzymaj interesującą Cię pozycję. Celem skopiowania całego dziennika, należy użyć opcji Wyślij Log - jeżeli nie jest widoczna, użyj klawisza menu na obudowie urządzenia. @@ -110,75 +128,104 @@ Szyfrowanie Wprowadź metodę szyfrowania Wybierz algorytm szyfrowania wykorzystywany przez OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych. - Wprowadź dane logowania użyte do OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych. + Wprowadź tryb autoryzacji używany z OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych. Uwierzytelnianie/Szyfrowanie - Manager plików + Przeglądanie plików + Zawarte w pliku Błąd importu pliku Nie można zaimportować pliku z systemu [[Inline file data]] + Odmowa otwarcia urządzenia tun bez informacji o IP Wczytaj profil z pliku ovpn - Wczytaj + Importuj Nie można odczytać Profilu do importu Błąd podczas czytania pliku konfiguracyjnego Dodaj profil Nie można znaleźć pliku %1$s zawartego w zaimportowanym pliku Importowanie pliku konfiguracyjnego ze źródła %1$s - Skończono czytać plik konfiguracyjny. + Importowana konfiguracja zawierała kilka opcji, które nie są przypisane w interfejsie graficznym. Opcje te zostały dodane jako opcje dodatkowe. Opcje te wyświetlono poniżej: + Pomyślnie przeczytano plik konfiguracyjny. Nie przypisuj do lokalnego adresu i portu + Nie wiąż lokalnie Importuj plik konfiguracji + Zagadnienia dotyczące bezpieczeństwa + "Jako, że OpenVPN jest wrażliwe na bezpieczeństwo, kilka rozsądnych zdań na ten temat. Wszystke dane na karcie SD z zasady nie są bezpieczne. Każda aplikacja może je odczytać - dla przykładu, ten program nie wymaga żadnych specjalnych uprawnień do odczytu karty SD. Dane tej aplikacji mogą być odczytywane tylko przez nią samą. Używając opcji importu certyfikatów/CA lub kluczy, dane przechowywane są w profilu VPN. Profile VPN odczytywalne są tylko przez tę aplikację. (Nie zapomnij usunąc kopii z karty SD po imporcie). Rootując telefon, lub używając innych exploitów istnieje pradopodobieństwo odczytu tych danych. Zapisane hasła przechowywane są w postaci czystego tekstu. W przypadku plików PKCS12, jest wysoce zalecane, aby zaimportować je do magazynu kluczy Android." Importuj + Błąd przy wyświetlaniu wyboru certyfikatu + Wystąpił wyjątek w trakcie próby wyświetlenia okna z wyborem certyfikatu. To w ogóle nie powinno się zdarzyć, gdyż jest to standardowa opcja Androida 4.0+. Być może wsparcie dla magazynu certyfikatów w Twoim ROMie jest źle zaimplementowane IPv4 IPv6 Oczekiwanie na wiadomość powitalną… + profil zaimportowany + zaimportowano profil %d Uszkodzone obrazy + <p> Oficjalne obrazy HTC są znane z posiadania dziwnych problemów z routingiem powodując, że dane nie przepływają przez tunel (sprawdź także <a href=\"https://github.com/schwabe/ics-openvpn/issues/18\">Issue 18</a> w śledzeniu błędów). </p><p> Starsze oficjalne obrazy SONY dla Xperia Arc S oraz Xperia Ray są znane z całkowitego braku VPNService w obrazie. (Sprawdź także <a href=\"https://github.com/schwabe/ics-openvpn/issues/29\">Issue 29</a> w śledzeniu błędów). </p><p> We własnoręcznie kompilowanych obrazach może brakować modułu TUN, lub prawa dostępu do /dev/tun mogą być nieprawidłowe. Niektóre obrazy CM9 mogą wymagać opcji \"Popraw prawa dostępu\" w zakładce \"Dodatkowe opcje urządzenia\". </p><p>Co najważniejsze: jeśli Twoje urządzenie ma błędy w Android, zgłoś to producentowi. Im więcej osób zgłasza problemy, tym większe prawdopodobieństwo ich poprawy. </p> Klucz pliku PKCS12 Hasło klucza prywatnego Hasło plik ikony Uwierzytelnianie TLS - Wygenerowana konfiguracja + Utworzona konfiguracja Ustawienia + Stara się ustawić właściciela /dev/tun na system. Niektóre obrazy CM9 wymagają tego, aby API VPNService zaczęło działać. Wymaga root-a. Popraw uprawnienia do /dev/tun Pokazuje wygenerowany plik konfiguracji OpenVPN - Edycja \"%s\" + Edytujesz \"%s\" Tworzenie konfiguracji… Włączenie tej opcji spowoduje ponowne połączenie jeśli stan sieci się zmienił (np. z WiFi na GSM) Połącz ponownie przy zmianie sieci - Status sieci: %s + Stan sieci: %s + Certyfikat CA z reguły zwracany jest z pęku kluczy Androida. Wybierz zewnętrzny certyfikat, jeśli występują błędy w weryfikacji. Wybierz + Brak certyfikatu CA zwróconego z pęku kluczy Androida. Autoryzacja najprawdopodobniej nie powiedzie się. + Pokazuje okno dziennika przy łączeniu. Do okna dziennika można dostać się zawsze z paska powiadomień. Pokaż okno loga + %10$s %9$s na %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) + Błąd podpisania kluczem z pęku kluczy Androida %1$s: %2$s + Ostrzeżenie przy połączeniu VPN informuje Cię, że ta aplikacja przekierowuje cały ruch jest narzucona przez system w celu zapobieżenia nadużyciom API VPNService.\nPowiadomienie połączenia VPN (znak klucza) jest także narzucone przez Android, aby zasygnalizować połączenie z siecią VPN. Na niektórych obrazach Android to powiadomienie odtwarza dźwięk.\nAndroid wprowadził te dialogi systemowe dla Twojego bezpieczeństwa i aby upewnić się, że nie można ich obejść. (Niestety, na niektórych obrazach to także implikuje wydanie dźwięku) Ostrzeżenie połączeń oraz dźwięki powiadomień Angielskie tłumaczenie Arne Schwabe<arne@rfc2549.org> IP i DNS Podstawowe Routing + Niejasne ustawienia OpenVPN. Zazwyczaj nie są potrzebne. Zaawansowane - Konfiguracja ICS Openvpn + Konfiguracja Openvpn ICS + Nie są używane żadne serwery DNS. Rozpoznawanie nazw może nie działać. Rozważ ustawienie własnych serwerów DNS. Miej również na uwadze, że Android nadal będzie korzystać z ustawień proxy Twojego połączenia mobilnego/Wi-Fi, nawet gdy opcje DNS nie są ustawione. Nie można dodać serwera DNS \"%1$s\", odrzucone przez system: %2$s + Nie można skonfigurować adresu IP \"%1$s\", odrzucone przez system: %2$s + <p>Przygotuj działającą konfigurację (sprawdzoną na Twoim komputerze lub pobraną od Twojego dostawcy/pracodawcy)</p><p>Jeśli, jest to jeden plik - bez dodatkowych plików pem/pkcs12 - możesz taki plik wysłać do siebie e-mailem i otworzyć załącznik. Jeśli masz więcej, niż jeden plik - pobierz je na kartę SD.</p><p>Kliknij na załącznik w e-mailu/użyj ikony folderu na liście VPN, aby zaimportować plik konfiguracyjny.</p><p>Jeśli występują błędy brakującego pliku - umieść je na karcie SD.</p><p>Kliknij na ikonę zapisu, aby dodać zaimportowaną konfigurację do Twojej listy.</p><p>Połącz się z VPN klikając na nazwę połączenia VPN</p><p>Jeśli występują błędy/ostrzeżenia w logu, spróbuj je namierzyć i poprawić</p> Szybki start Próba załadowania modułu tun.ko kernel przez próbą połączenia. Potrzeba rootowanych urządzeń. Załaduj moduł tun - Importuj PKCS12 z konfiguracji do slepu kluczy Androida - Błąd ustawień proxy: %s - Użycie proxy %1$s%2$d + Importuj PKCS12 z konfiguracji do pęku kluczy Androida + Błąd pobierania ustawień proxy: %s + Używam proxy %1$s%2$d Użyj proxy systemowego - Użyj konfiguracji systemowej dla HTTP/HTTPS proxy w celu połączenia. + Połącz używając systemowej konfiguracji proxy HTTP/HTTPS. Możesz <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">wspomóc przez PayPal</a> - OpenVPN połączy VPN jeśli był aktywny przy restarcie/zamknięciu systemu. Proszę przeczytać FAQ ostrzeżenia połączenia przez użyciem tej opcji. - Połącz przy reboocie + OpenVPN połączy ponownie z VPN jeśli połączenie było aktywne przy restarcie/zamknięciu systemu. Przeczytaj proszę FAQ z ostrzeżeniami przed użyciem tej opcji. + Połącz po restarcie Ignoruj - Restartuj + Uruchom ponownie Zmiany konfiguracji będą zatwierdzone po restarcie VPN. Uruchomić ponowie teraz? Zmieniono konfigurację Nie można ustalić ostatnio połączonego profilu do edycji Podwójne powiadomienia - Nie zdefiniowano żadnego profilu. + Jeśli Android ma obciążoną pamięć (RAM), aplikacje i usługi, które nie są aktualnie potrzebne są usuwane z pamięci. To potrafi zakończyć aktualne połączenie VPN. Aby upewnić się, że połączenie/OpenVPN przetrwa usługa uruchomiona jest z wyższym priorytetem. Aby działać z wyższym priorytetem ta aplikacja musi wyświetlać powiadomienie. Ikona klucza jest narzucona przez system w sposób opisany w poprzednim wpisie FAQ. To nie liczy się jako powiadomienie w celu działania z wyższym priorytetem. + Brak połączeń VPN. + Użyj ikony <img src=\"ic_menu_add\"/> aby dodać nowe połączenie VPN + Użyj ikony <img src=\"ic_menu_archive\"/> aby zaimportować istniejący profil (.ovpn lub .conf) z karty SD. Sprawdź także nasze FAQ. Znajdziesz tam krótki poradnik dla początkujących. Konfiguracja trasy/interfejsu + Konfiguracja routingu i interfejsów nie odbywa się za pomocą tradycyjnych komend ifconfig/route, lecz za pomocą API VPNService. Powoduje to inną konfigurację trasowania, niż ma to miejsce w innych systemach operacyjnych.\nKonfiguracja tunelu VPN składa się z listy adresów IP oraz sieci, które powinny być trasowane przez interfejs. Dzięki temu nie jest potrzebny ani wymagany adres peer\'a lub bramy. Trasy specjalne wymagane do połączenia z serwerem VPN także nie są wymagane (np. te dodawane w przypadku użycia redirect-gateway). Aplikacja podczas importu konsekwentnie ignoruje te ustawienia. Aplikacja poprzez API VPNService upewnia się, że połączenie do serwera nie jest realizowane przez tunel VPN.\nAPI VPNService nie zezwala na ustawianie sieci, które NIE powinny być trasowane przez VPN, jako obejście aplikacja stara się wykryć te sieci, które nie powinny być trasowane przez tunel (np. route x.x.x.x y.y.y.y net_gateway) i oblicza zestaw tras, które wyklucza emulując zachowanie na innych platformach. Okno dziennika pokazuje konfigurację VPNService podczas wykonywania połączenia.\nZa kulisami: Android 4.4+ używa polityki trasowania. Użycie route/ifconfig nie pokaże aktualnie zainstalowanych tras. Zamiast tego użyj ip rule, iptables -t -mangle -L + Nie używaj sieci niezabezpieczonych VPN podczas ponownego łączenia przez OpenVPN. Persistent tun Log OpenVPN Importuj konfigurację OpenVPN Zużycie baterii + Podczas osobistych testów odkryłem, iż głównym powodem sporego zużycia baterii przez OpenVPN są pakiety keepalive. Większość serwerów OpenVPN ma ustawienie \'keepalive 10 60\', które narzuca klientowi oraz serwerowi wymianę pakietów keepalive co 10 sekund. <p> Podczas, gdy te pakiety są małe i nie zużywają wiele pasma, utrzymują one radio komórkowe w trybie pracy i zwiększają zużycie energii. (Sprawdź także <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Android Developers</a>) <p> Ustawienie keepalive nie może być zmienione po stronie klienta. Tylko administrator serwera OpenVPN jest w stanie zmienić to ustawienie. <p> Niestety, w przypadku UDP niektóre konfiguracje NAT źle tolerują ustawienie keepalive większe niż 60 sekund powodując odrzucanie pakietów z powodu nieaktywności połączenia. Używanie protokółu TCP z większym timeout działa, jednak tunelowanie TCP-po-TCP bardzo źle się sprawuje przy połączeniach z dużą stratnością pakietów. (See <a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\">Why TCP Over TCP Is A Bad Idea</a>) + Funkcja Android Tethering (przez WiFi, USB lub Bluetooth) i interfejs API VPNService (stosowany przez ten program) nie działają razem. Aby uzyskać więcej informacji zobacz <href=\"https://github.com/schwabe/ics-openvpn/issues/34\"> problem #34 </a> VPN i Tethering Próby połączenia Ustawienia ponownego połączenia @@ -210,9 +257,9 @@ Łączę z VPN %s Łączę z VPN %s Niektóre wersje Androida 4.1 mają problemy, jeśli nazwa certyfikatu zawiera niealfanumeryczne znaki (spacje, podkreślenia, myślniki). Spróbuj zaimportować certyfikat bez znaków specjalnych + Szyfr kodujący Pakiety uwierzytelniania Wpisz metodę uwierzytelniania pakietów - Działa na %1$s (%2$s) %3$s, Android API %4$d, wersja %5$s, %6$s zbudowany przez %s Kompilacja z debugiem Oficjalna kompilacja @@ -227,6 +274,7 @@ tls-remote (PRZESTARZAŁE) Możesz pomóc w tłumaczeniu odwiedzająć http://crowdin.net/project/ics-openvpn/invite %1$s próby kontroli %2$s + Akceptując, dajesz aplikacji uprawnienia do pełnego kontrolowania przez OpenVPN całego ruchu sieciowego. Nie akceptuj, jeżeli nie ufasz aplikacji w pełni. W przeciwnym razie istnieje ryzyko przejęcia danych przez złośliwe oprogramowanie Ufam tej aplikacji. Żadna aplikacja nie ma pozwolenia do używania zewnętrznego API Dozwolone aplikacje: %s @@ -260,4 +308,81 @@ Wysyłanie Pobieranie Status VPN + Opcje widoku + Nieobsługiwany wyjątek: %1$s\n\n%2$s + %3$s: %1$s\n\n%2$s + Pełne licencje + Sieci połączone bezpośrednio do lokalnych interfejsów nie będą kierowane przez VPN. Odznaczając tę opcję przeniesiesz cały ruch przeznaczony dla sieci lokalnych przez VPN. + Obejdź VPN dla sieci lokalnych + Plik użytkowników/haseł + [Importowane z: %s] + Nie mogę odnaleźć niektórych plików. Wybierz je, aby zaimportować profil: + Aby skorzystać z tej aplikacji potrzebujesz dostawcy lub bramy VPN obsługującej OpenVPN (często świadczonych przez pracodawcę). Aby uzyskać więcej informacji o OpenVPN i dowiedzieć się jak stworzyć własny serwer zajrzyj na http://community.openvpn.net/ + Dziennik importu: + Określono topologię \"%3$s\", jednak ifconfig %1$s %2$s wygląda bardziej na adres IP z maską. Zakładam, że chodzi o topologię \"subnet\". + Wartość nadpisywania MSS musi być liczbą całkowitą pomiędzy 0 i 9000 + Ogłasza sesjom TCP przekazywanym przez tunel, że powinny ograniczyć wielkość pakietu tak, aby po enkapsulacji przez OpenVPN wynikowy rozmiar pakietu UDP wysyłanego przez VPN do peer\'a nie przekraczał tej liczby bajtów (domyślnie 1450) + Zastępuje wartość MSS pakietu TCP + Ustaw wartość MSS pakietu TCP + Zachowanie klienta + Wyczyść dozwolone aplikacje + Trwa ładowanie… + Dozwolone aplikacje VPN: %1$s + Niedozwolone aplikacje VPN: %1$s + Aplikacja %s nie jest już zainstalowana, usuwam ją z listy dozwolonych/zabronionych + VPN jest używany dla wszystkich aplikacji, ale wyklucza wybrane + VPN jest używany tylko dla wybranych aplikacji + Usunąć wpis serwera? + Zachowaj + Usuń + Dodaj nowy + Użyj wpisów w losowej kolejności przy próbie połączenia + Musisz zdefiniować i włączyć co najmniej jeden serwer. + Lista serwerów + Dozwolone aplikacje + Opcje zaawansowane + Opcje ładunku + Ustawienia TLS + Nie ustawiono zdalnego + Powiel profil VPN + Powielam profil: %s + Pokaż dziennik + Różnice pomiędzy klientami OpenVPN dla Androida + Ignoruj trasę multicast: %s + Android wspiera tylko trasy CIDR w sieci VPN. Jako, że trasy nie-CIDR nie są powszechnie używane, OpenVPN dla Androida użyje /32 dla tras w formacie nie-CIDR i wyświetli błąd. + Tethering działa podczas połączenia z VPN. Udostępnione połączenie NIE będzie używało VPN. + Wczesne wersje KitKat ustawiają złą wartość MSS połączeń TCP (#61948). Spróbuj ustawić opcję mssfix w celu obejścia tego problemu. + Aplikacje VPN mogą przestać działać po odinstalowaniu i ponownej instalacji. W celu uzyskania szczegółów zobacz #80074 + VPN absolutnie nie działa dla dodatkowych użytkowników. + "Jest grono użytkowników, którzy donoszą, iż podczas używania aplikacji VPN połączenie danych/komórkowe jest często zrywane. Zachowanie to wydaje się dotykać niewielkiej liczby urządzeń/dostawców danych komórkowych - na tę chwilę nieznana jest przyczyna, ani rozwiązanie problemu." + Trasy nie-CIDR + Zachowanie Proxy w sieci VPN + Ponowna instalacja aplikacji VPN + %s i wcześniejsze + Kopia %s + Trasa do skonfigurowanego adresu IP + Błędna wartość MSS dla połączenia VPN + Dodatkowi użytkownicy tabletu + Określ własne opcje dla połączenia. Używaj z rozwagą + Opcje niestandardowe + Usuń wpis połączenia + Losowe rozłączenia z sieci komórkowej + Zdalne sieci nie są osiągalne + Tryb persist tun + %s i późniejsze + Ten profil został dodany przez zewnętrzną aplikację (%s) i został oznaczony jako nie edytowalny przez użytkownika. + Listy odwoławcze CRL + Restartuję usługę OpenVPN (Aplikacja wywaliła się lub zabito ją z powodu braku pamięci) + Importowanie konfiguracji wyrzuciło błąd, nie mogę tego zapisać + Szukaj + (Ostatni zrzut sprzed %1$d:%2$dh, (%3$s)) + Wyczyść dziennik przy nowym połączeniu + Limit czasu połączenia + Dodano niedozwoloną aplikację. Dodaję siebie (%s), żeby mieć przynajmniej jedną aplikację w liście dozwolonych aplikacji, aby nie pozwolić wszystkim aplikacjom + OpenVPN dla Android spróbuje automatycznie wykryć brakujące pliki na karcie SD. Dotknij tego komunikatu, aby żądać uprawnień. + Protokół + Włączony + pozostało %d miesięcy + pozostało %d dni + pozostało %d godzin diff --git a/app/src/main/res/values-pt/strings-icsopenvpn.xml b/app/src/main/res/values-pt/strings-icsopenvpn.xml index 155f9c8ae86a61e9a4cffe13e6b7b83507754ce3..994c8cc2ea3a0202f4a7d63c4f3cb718247b34cc 100755 --- a/app/src/main/res/values-pt/strings-icsopenvpn.xml +++ b/app/src/main/res/values-pt/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ diff --git a/app/src/main/res/values-ro/strings-icsopenvpn.xml b/app/src/main/res/values-ro/strings-icsopenvpn.xml index b368995dc129a7430cc077fb604c06dd59e79c42..856ffb06a921fd6cd6bd60f3b4f25caf0319d6b9 100755 --- a/app/src/main/res/values-ro/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ro/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -174,7 +174,6 @@ Nici un certificat CA nu a fost returnat la citirea din keystore-ul Android. Autentificarea probabil va eşua. Afişează fereastra jurnal la conectare. Fereastra jurnal poate fi accesată oricând din statusul notificare. Arată fereastra Jurnal - Rulează pe %1$s (%2$s) %3$s, Android API %4$d Eroare semnare cu Android keystore key %1$s: %2$s Avertizarea la conexiunea VPN ce vă spune că această aplicaţie poate intercepta întreg traficul este impusă de sistem pentru a preveni abuzul funcţiei API VPNService.\nNotificarea de conexiune VPN(simbolul cheie)este de asemenea impusă de sistemul Android pentru a semnala o conexiune VPN în derulare. În cadrul unor imagini această notificare face şi un sunet.\nAndroid a introdus aceste notificări pentru siguranţa dvs. şi este asigurat că nu pot fi evitate. (Din păcate în anumite imagini acestea includ şi un sunet de notificare) Alertă conexiune şi sunet notificare @@ -252,7 +251,6 @@ Cifru criptare Autentificare pachete Introduceţi metoda de autentificare de pachete - Rulează pe %1$s (%2$s) %3$s, Android API %4$d, versiunea %5$s, %6$s compilat de %s versiune debug versiune oficială diff --git a/app/src/main/res/values-ru/strings-icsopenvpn.xml b/app/src/main/res/values-ru/strings-icsopenvpn.xml index 4af9e15cf7c9581335adc92ac8d34c263c5aac67..f7419e2c4ff8cd17aa8ee39bbd234c43f4a716aa 100755 --- a/app/src/main/res/values-ru/strings-icsopenvpn.xml +++ b/app/src/main/res/values-ru/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,7 @@ Не удалось получить CA из хранилища ключей Android. Аутентификация не удалась. Показывает окно журнала при подключении. Окно журнала всегда может быть доступно из панели уведомлений. Показать окно журнала - Работает на %1$s (%2$s) %3$s, Android API %4$d + %10$s %9$s работает на %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Ошибка подписи с использованием ключа из хранилища Android %1$s: %2$s Предупреждение VPN соединения сообщает вам, что это приложение может перехватывать весь сетевой трафик, и сообщается системой предупреждений VPNService API.\nИзвещение о VPN соединении (символ \"Ключа\") также формируется системой Android для сигнализации исходящего VPN соединения. В некоторых прошивках это оповещение сопровождается сигналом.\nAndroid использует эти оповещения для вашей собственной безопасности и из нельзя обойти. (К сожалению, на некоторых прошивках также издается оповещение звуком) Сообщение о подключении и звук уведомления @@ -260,7 +260,6 @@ Алгоритм шифрования Проверка подлинности пакетов Укажите метод проверки подлинности пакетов - Запущен на %1$s (%2$s) %3$s, Android API %4$d, версии %5$s, %6$s создан %s сборка для отладки официальная сборка @@ -323,4 +322,70 @@ Для использования данного приложения Вам необходим VPN провайдер/шлюз поддерживающий OpenVPN. Для получения информации по настройке собственного OpenVPN сервера: http://community.openvpn.net/ Лог импорта: VPN топологии «%3$s» указан но ifconfig %1$s %2$s выглядит больше как IP-адрес с маской сети. Если топология «подсеть». + Значение, перезаписывающее MSS, должно быть целым числом от 0 до 9000 + Объявить TCP сессиям, работающим через туннель, что они должны ограниччить размер своих пакетов так, чтобы после их инкапсуляции OpenVPN, результирующий размер UDP пакета, который OpenVPN посылает своим пирам, не превышал это число байт. (1450 по умолчанию) + Переписать значение MSS для TCP нагрузки + Задать MSS для TCP нагрузки + Поведение клиента-программы + Очистить разрешенные внешние приложения + Загружается… + Разрешенные VPN приложения: %1$s + Запрещенные VPN приложения: %1$s + Пакет %s больше не установлен, происходит его удаление из списка разрешенных/запрещенных приложений + Использовать VPN для всех приложений, кроме выбранных + Использовать VPN только для выбранных приложений + Убрать запись удаленного сервера? + Сохранить + Удалить + Добавить новую удаленку + Использовать список подключений в случайном порядке при соединении + Вы должны определить и включить как минумум один удаленный сервер. + Список серверов + Разрешенные Приложения + Расширенные настройки + Опции нагрузки + Настройки TLS + Нет заданной удаленки + Дублировать VPN профиль + Дублирование профиля: %s + Показать журнал + Существуют различные OpenVPN клиенты для Android. Самые распространенные - OpenVPN for Android (этот клиент), OpenVPN Connect и OpenVPN Settings.<p>Клиенты можно разделить на две группы: OpenVPN for Android и OpenVPN Connect используют официальный VPNService API (Android 4.0+) и не трубуют root-доступ, и OpenVPN Settings, который требует root.<p>OpenVPN for Android - клиент с открытым исходным кодом, который разработал Arne Schwabe. Он предназначен для более опытных пользователей и предоставляет много настроек и возможность испорта профилей из файлов и настраивать/изменять профили внутри приложения. Этот клиент основан на общественной версии OpenVPN. На исходном коде OpenVPN 2.x. Этот клиент может быть представлен как полуофициальный клиент сообщества. <p>OpenVPN Connect - клиент с закрытым исходным кодом, который разработан OpenVPN Technologies, Inc. Он призван для обычного использования и предназначен для средних пользователей, и позволяет импортировать профили из OpenVPN. Этот клиент основан на OpenVPN C++ и написал с использванием протокола OpenVPN (Это требовалось для разрешения OpenVPN Technologies, Inc опубликовать приложение OpenVPN на iOS). Этот клиент - официальный клиент OpenVPN technologies <p> OpenVPN Settings - старейший из клиентов, а также UI для OpenVPN с открытым исходным кодом. В отличие от OpenVPN for Android, он требует root-прав и не использует VPNService API. Он не зависит от Android 4.0+ + Различия между OpenVPN Android клиентами + Игнорируется мультиадресный маршрут: %s + Android поддерживет только CIDR маршруты к VPN. Поскольку не CIDR маршруты почти никогда не используются, OpenVPN for Android будет использовать /32 для не CIDR маршрутов и выдавать предупреждение. + Тетеринг/раздача интернета работает, когда активен VPN. Модемное соединение (тетеринг) НЕ БУДЕТ использовать VPN. + Ранние версии KitKat устанавливают неверное значение MSS для TCP соединений (#61948). OpenVPN for Android автоматически включает опцию mssfix, чтобы обойти этот баг. + Android будет продолжать использовать ваши настройки прокси, указанные для мобильного/Wi-Fi соединения, когда не установлен DNS сервер. OpenVPN for Android предупредит вас об этом в журнале.

Когда VPN устанавливает DNS сервер Android не использует прокси. Для установки прокси для VPN соединения нет API.

 + VPN приложения могут перестать работать после удаления и повторной установки. Подробности см. #80074 + IP сконфигурированного клиента и IPs в его сетевой маске немаршрутизированны к VPN. OpenVPN обходит этот баг, явно добавляя маршрут, который соответствует клиентскому IP и его сетевой маске + Открытие туннеля, когда туннель уже активен, для его постоянного удержания, может привести к ошибке и VPNServices закроется на устройстве. Для возобновления работы VPN требуется перезагрузка. OpenVPN for Android пытается избежать установки второго туннеля, и если действительно нужно - сначала закрывает текущий туннель, перед открытием нового, чтобы избежать краха программы. Это может привести к маленькому интервалу, в котором передача пакетов происходит по обычному (не VPN) соединению. Даже с этими ухищрениями VPNServices иногда крашится и требует перезагрузки устройства. + VPN не работает совсем для вторичных пользователей. + "Различные пользователи сообщают, что мобильная связь/мобильная передача данных часто обрывается, когда используется VPN приложение. Такое поведение, кажется, затрагивает только некторые комбинации провайдеров/устройств, и пока что не выявлена причина/нет обхода этого бага." + Адреса могут работать через VPN только те, которые доступны без VPN. IPv6 VPN не работают вообще. + Не CIDR маршруты + Поведение прокси для VPN + Переустанавливаются приложения VPN + %s и ранее + Копия %s + Маршрутизация к установленному IP адресу + Неверное значение MSS для VPN соединения + Дополнительные пользователи устройства + Укажите особые пользовательские параметры подключения. Используйте с осторожностью + Пользовательские Параметры + Удалить запись подключения + Случайные разъединения от мобильной сети + Удаленные сети недоступны + Принудительный режим tun + %s и выше + Неудачное соединение с SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure + Новые версии OpenVPN для Android (0.6.29/Март 2015) используют более безопасные настройки по умолчанию для разрешенных наборов шифров (tls-шифрование \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). К сожалению, прекращение использования менее безопасных наборов шифров и экспортирование наборов шифров, а особенно прекращение использования наборов шифров, которые не поддерживают Perfect Forward Secrecy (Diffie-Hellman), приводит к возникновению некоторых проблем. Обычно это происходит из-за изначально полезной, но плохо реализованной попытки усиления безопасности TLS путем установки tls-шифрования на сервере или некоторых встроенных ОС с урезанным SSL (например, MikroTik).\nЧтобы решить эту проблему, установите настройки tls-шифрования на сервере на разумные по умолчанию, такие как tls-шифрование \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Чтобы обойти проблему на клиенте, добавьте отдельную настройку tls-шифрования tls-cipher DEFAULT в Android-клиент. + Поиск + (Последний дамп создан %1$d ч. и %2$d м. назад (%3$s)) + Очищать журнал при новом соединении + Время ожидания соединения + Протокол + Включено + %d мес. осталось + %d д. осталось + %d ч. осталось diff --git a/app/src/main/res/values-sl/strings-icsopenvpn.xml b/app/src/main/res/values-sl/strings-icsopenvpn.xml new file mode 100755 index 0000000000000000000000000000000000000000..286346683d665807c0911d90ae4ec7a5913f048c --- /dev/null +++ b/app/src/main/res/values-sl/strings-icsopenvpn.xml @@ -0,0 +1,404 @@ + + + + + + Naslov strežnika: + Vrata strežnika: + Mesto + Branje mape ni mogoče + Izberi + Prekliči + Ni podatkov + Stiskanje LZO + Ni potrdil + Potrdilo odjemalca + Ključ potrdila odjemalca + Datoteka PKCS12 + Potrdilo CA + Izbrati morate potrdilo + Izvorna koda in sledilnik težav sta na voljo na http://code.google.com/p/ics-openvpn/ + Ta program uporablja naslednje sestavne dele; za vse podrobnosti o dovoljenjih glejte izvorno kodo + O programu + Profili + Vrsta + Geslo PKCS12 + Izberi … + Izbrati morate datoteko + Uporabi overitev TLS + Smer TLS + Vnesite naslov IPv6/masko omrežja v obliki CIDR (npr. 2000:dd::23/64) + Vnesite naslov IPv4/masko omrežja v obliki CIDR (npr. 1.2.3.4/24) + Naslov IPv4 + Naslov IPv6 + Vnesite možnosti OpenVPN po meri. Uporabljajte previdno. Upoštevajte tudi, da veliko nastavitev OpenVPN povezanih z napravami TUN ni mogoče podpreti z zasnovo nastavitev VPN. Če mislite, da manjka pomembna možnost, navežite stik z avtorjem. + Uporabniško ime + Geslo + Za statično nastavitev bodo ključi overitve TLS uporabljeni kot statični ključi + Nastavi VPN + Dodaj profil + Vnesite ime, ki bo označevalo nov profil + Vnesite edinstveno ime profila + Ime profila + Izbrati morate uporabniško potrdilo + Nobene napake ni bilo najdene + Napaka v nastavitvah + Napaka pri razčlenjevanju naslova IPv4 + Napaka pri razčlenjevanju poti po meri + (pustite prazno za poizvedbo na zahtevo) + Bližnjica OpenVPN + Poveži se v VPN + Profila, določenega v bližnjici, ni bilo mogoče najti + Predpona naklj. gostitelja + Doda 6 naključnih znakov pred ime gostitelja + Omogoči možnosti po meri + Določite možnosti po meri. Uporabljajte previdno! + Android je pot zavrnil + Prekini + Prekini VPN + Počisti dnevnik + Prekliči potrditev + Prekini povezan VPN/Prekliči poizkus povezave? + Odstrani VPN + Preveri, ali strežnik uporablja potrdilo s strežniškimi končnicami (--remote-cert-tls strežnik) + Pričakuj potrdilo str. TLS + Preveri DN zadeve potrdila oddaljenega strežnika + Preveri ime gost. potrdila + Določite preverjanje, ki naj se uporabi za preverjanje DN-a oddaljenega potrdila (npr. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de).\n\nDoločite celoten DN ali RDN (npr. openvpn.blinkt.de) ali predpono RDN-a za preverjanje.\n\nKadar uporabljate predpono RDN, se \"Strežnik\" primerja s \"Strežnik-1\" in \"Strežnik-2\".\n\nČe pustite besedilno polje prazno, bo RDN preverjen z imenom gostitelja.\n\nZa več podatkov glejte OpenVPN 2.3.1 + stran man v —verify-x509-name. + Zadeva oddaljenega potrdila + Omogoči overitev ključa TLS + Datoteka overitve TLS + Zahteva naslove IP, poti in časovne možnosti od strežnika. + Nobeni podatki niso zahtevani od strežnika. Nastavitve morate določiti spodaj. + Dobi nast. + DNS + Preglasi nast. DNS str. + Uporabi moje strežnike DNS + Išči po domeni + Strežnik DNS, ki naj se uporabi. + Strežnik DNS + Dodatni strežnik DNS, ki naj se uporabi, če običajni strežnik DNS ni dosegljiv. + Pomožni strežnik DNS + Prezri potisnjene poti + Prezri poti, ki jih je potisnil strežnik. + Preusmeri ves promet preko VPN-a + Uporabi privzeto pot + Vnesite poti po meri. Cilje vnesite v obliki CIDR. \"10.0.0.0/8 2002::/16\" bo usmeril omrežja 10.0.0.0/8 in 2002::/16 preko VPN-a. + Poti, ki ne smejo biti usmerjene preko VPN-a. Uporabite isto skladnost, kot za vključene poti. + Poti po meri + Izključena omrežja + Raven podrobnosti dnevnika + Omogoča overjene pakete iz vseh IP-jev + Omogoči lebdeči strežnik + Možnosti po meri + Uredi nastavitve VPN + Odstrani profil VPN \'%s\'? + Na nekaterih odtisih ICS je lahko dovoljenje za /dev/tun napačno ali modul TUN v celoti manjka. Za odtise CM9 poizkusite popraviti možnost lastništva v splošnih možnostih. + Odpiranje vmesnika TUN je spodletelo + "Napaka: " + Počisti + Odpiranje vmesnika TUN: + Krajevni IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d + Strežnik DNS: %1$s, domena: %2$s + Poti: %1$s %2$s + Izključene poti: %1$s %2$s + Nameščene poti storitve VPN: %1$s %2$s + Dobljeni podatki vmesnika %1$s in %2$s, predpostavlja se, da je drugi naslov naslov oddaljenega soležnika. Za krajevni IP bo uporabljena maska omrežja /32. Način, ki ga dobavi OpenVPN, je \"%3$s\". + %1$s in %2$s kot poti IP z masko omrežja CIDR ni mogoče razumeti, kot masko omrežja se bo uporabil /32. + Popravljena pot %1$s/%2$s v %3$s/%2$s + Dostop do potrdil verige ključev Android ni mogoč. To lahko povzroči nadgradnja strojne programske opreme ali obnovitev var. kopije programov/nastavitev programov. Uredite VPN in ponovno izberite potrdilo v osnovnih nastavitvah, da poustvarite dovoljenje za dostop do potrdila. + %1$s %2$s + Pošlji dnevniško datoteko + Pošlji + Dnevniška datoteka OpenVPN ICS + Vnos dnevnika kopiran na odložišče + Način tapanja + Način tapanja ni mogoč z API-jem VPN brez skrbniškega dostopa. Zato ta program ne more omogočiti podpore za tapanje. + Spet? Ali se hecate? Ne, način tapanja resnično ni podprt in pošiljanje še več pošte z vprašanji, ali bo podprt, ne bo pomagalo. + Tretjič? V bistvu bi nekdo lahko napisal posnemovalnik tapanja temelječ na TUN-u, ki bi dodal podatke 2. plasti ob pošiljanju in odstranil podatke 2. plasti ob prejemanju. Vendar bi ta posnemovalnik moral imeti izveden ARP in morda odjemalca DHCP. Nisem še slišal, da bi kdo delal na tem. Navežite stik z mano, če bi radi začeli pisati program o tem. + Pogosta vprašanja + Kopiranje dnevniških vnosov + Za kopiranje posameznega dnevniškega vnosa pritisnite in pridržite dnevniški vnos. Za kopiranje/pošiljanje celega dnevnika uporabite možnost Pošlji dnevnik. Če v vmesniku gumb ni viden, uporabite menijski gumb naprave. + Bližnjica za zagon + Za zagon OpenVPN-a lahko na namizje vstavite bližnjico. Odvisno od vašega programa za domači zaslon boste morali dodati ali bližnjico ali pripomoček. + Vaš odtis žal ne podpira API-ja storitve VPN :( + Šifriranje + Vnesite način šifriranja + Vnesite šifrirni algoritem, ki naj ga uporabi OpenVPN. Za uporabo privzete šifre pustite prazno. + Vnesite izvleček overitve, ki naj se uporabi za OpenVPN. Za privzetega pustite prazno. + Overitev/Šifriranje + Raziskovalec datotek + Datoteka v besedilu + Napaka pri uvažanju datoteke + Datoteke iz datotečnega sistema ni bilo mogoče uvoziti + [[podatki datoteke v besedilu]] + Zavračanje odpiranja naprave TUN brez podatkov IP + Uvozi profil iz datoteke ovpn + Uvozi + Profila za uvoz ni bilo mogoče brati + Napaka pri branju nastavitvene datoteke + dodaj profil + Datoteke %1$s, omenjene v uvoženi nastavitveni datoteki, ni bilo mogoče najti + Uvažanje nastavitvene datoteke iz vira %1$s + Vaše nastavitve so imele nekaj možnosti, ki niso bile preslikane v nastavitve uporabniškega vmesnika. Te možnosti so bile dodane kot nastavitvene možnosti po meri. Nastavitve po meri so prikazane spodaj: + Branje nastavitvene datoteke je končano. + Ne veži na krajevni naslov in vrata + Brez krajevne vezave + Uvozi nastavitveno datoteko + Varnostne zahteve + "Ker je OpenVPN občutljiv na varnost, je smiselno povedati nekaj opomb o varnosti. Vsi podatki na kartici SD po svoji naravi niso varni. Vsak program jih lahko bere (npr. ta program ne zahteva posebnih dovoljenj za kartico SD). Podatke tega programa lahko bere samo program sam. Z uporabo možnosti uvoza za potrdila CA/potrdila/ključe v pogovornem oknu datoteke se podatki shranijo v profilu VPN. Do profilov VPN ima dostop samo ta program (ne pozabite potem izbrisati kopij na kartici SD). Čeprav ima do podatkov dostop samo ta program, so ti še vedno nešifrirani. Z omogočanjem skrbniškega dostopa do telefona ali izkoriščanjem drugih varnostnih ranljivosti je možno pridobiti te podatke. Poleg tega so gesla shranjena v golem besedilu. Za datoteke pkcs12 je zelo priporočljivo, da jih uvozite v Androidovo shrambo ključev." + Uvozi + Napaka pri prikazu izbire potrdila + Pri poizkusu prikaza pogovornega okna izbire potrdila Android 4.0+ je prišlo do izjeme. To se ne bi smelo zgoditi, ker je to standardna značilnost Androida 4.0+. Morda je podpora Android ROM za shranjevanje potrdil pokvarjena. + IPv4 + IPv6 + Čakanje na sporočilo stanja … + uvoženi profil + uvoženi profil %d + Pokvarjeni odtisi + <p>Uradni HTC-jevi odtisi imajo znano čudno težavo pri usmerjanju, ki povzroča, da promet ne teče skozi tunel (glejte <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\">Težavo 18</a> v sledilniku hroščev.)</p><p>Za starejše uradne Sonyjeve odtise iz Xperie Arc S in Xperie Ray je bilo sporočeno, da jim v celoti manjka storitev VPN (glejte <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\">Težavo 18</a> v sledilniku hroščev.)</p><p>V odtisih izgrajenih po meri lahko manjka modul TUN ali so dovoljenja za /dev/tun napačna. Nekateri odtisi CM9 potrebujejo omogočeno možnost \"Popravi lastništvo\" v \"Prilagoditvah za naprave\".</p><p>Najbolj pomembno: če ima vaša naprava pokvarjen odtis Android, ga prijavite svojemu proizvajalcu. Več ljudi kot prijavi težavo proizvajalcu, bolj verjetno je, da jo bodo popravili.</p> + Ključ za šifriranje datoteke PKCS12 + Geslo zasebnega ključa + Geslo + ikona datoteke + Overitev TLS + Ustvarjene nastavitve + Nastavitve + Poizkusi nastaviti lastnika mape /dev/tun na sistem. Nekateri odtisi CM9 to potrebujejo za delovanje API-ja storitve VPN. Zahteva skrbniški dostop. + Popravi lastništvo mape /dev/tun + Prikaže ustvarjeno nastavitveno datoteko OpenVPN + Urejanje \"%s\" + Izgrajevanje nastavitev … + Vklop te storitve bo vsilil ponovno povezavo, če se stanje omrežja spremeni (npr. Wi-Fi v/iz mobilnega omrežja) + Pon. povez. ob spr. omr. + Stanje omrežja: %s + Potrdilo CA običajno vrne Androidova shramba ključev. Določite ločeno potrdilo, če dobite napake pri preverjanju potrdil. + Izberi + Nobeno potrdilo ni bilo vrnjeno med branjem Androidove shrambe ključev. Overitev bo verjetno spodletela. + Prikaže okno dnevnika ob povezavi. Dostop do okna dnevnika je vedno možen iz stanja obvestila. + Prikaži okno dnevnika + %10$s %9$s se izvaja na %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) + Napaka pri podpisu s ključem Androidove shrambe ključev %1$s: %2$s + Opozorilo o povezavi VPN, ki vam sporoča, da lahko ta naprava prestreže ves promet, vsili sistem, da prepreči zlorabo API-ja storitve VPN.\nObvestilo o povezavi VPN (simbol ključa) tudi vsili sistem Android, da nakaže tekočo povezavo VPN. V nekaterih odtisih to obvestilo predvaja zvok.\nAndroid je vpeljal ta sistemska pogovorna okna zaradi vaše varnosti in je poskrbel, da se jih ne da zaobiti (v nekaterih odtisih to na žalost vključuje zvok obvestila). + Opozorilo o povezavi in zvok obvestila + Angleški prevod: Arne Schwabe<arne@rfc2549.org> + IP in DNS + Osnovno + Usmerjanje + Zamegli OpenVPN Settings. Običajno ni potrebno. + Napredno + Nastavitve OpenVPN ICS + Noben strežnik DNS se ne uporablja. Razrešitev imen morda ne bo delovala. Razmislite o nastavitvi strežnikov DNS po meri. Upoštevajte tudi, da bo Android še naprej uporabljal vaše nastavitve posredniškega strežnika določene za vašo mobilno povezavo/Wi-Fi, ko ni nastavljen noben strežnik DNS. + Strežnika DNS \"%1$s\" ni bilo mogoče dodati, zavrnil ga je sistem: %2$s + Naslova IP \"%1$s\" ni bilo mogoče nastaviti, zavrnil ga je sistem: %2$s + <p>Dobite delujoče nastavitve (preizkušene na vašem računalniku ali jih prejmite od vašega ponudnika/organizacije)</p><p>Če je to ena sama datoteka brez dodatnih datotek pem/pks12, jo lahko sami pošljete in odprete prilogo. Če imate več datotek, jih prestavite na svojo kartico SD.</p><p>Kliknite na e-poštno prilogo/uporabite ikono mape na seznamu VPN-ov, da uvozite nastavitveno datoteko.</p><p>Če se pojavijo napake o manjkajočih datotekah, jih vstavite na kartico SD.</p><p>Kliknite na simbol za shranjevanje, da dodate uvoženi VPN na svoj seznam VPN-ov.</p><p>Povežite VPN s klikom na ime VPN-a.</p><p>Če so v dnevniku napake ali opozorila, jih poizkusite razumeti in popraviti.</p> + Hitri zagon + Poizkusite naložiti jedro tun.ko pred poizkusom povezave. Zahteva skrbniški dostop. + Naloži modul TUN + Uvozi PKCS12 iz nastavitev v Androidovo shrambo ključev + Napaka pri dobivanju nastavitev posredniškega strežnika: %s + Uporaba posredniškega strežnika %1$s %2$d + Uporabi sis. pos. str. + Za povezavo uporabi nastavitve celega sistema za posredniške strežnike HTTP/HTTPS. + Darujete lahko s <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPalom</a> + OpenVPN bo ponovno povezal VPN, če je bil dejaven ob zaustavitvi/ponovnem zagonu sistema. Preberite pogosta vprašanja opozoril o povezavi pred uporabo te možnosti. + Pon. povez. ob pon. zag. + Prezri + Ponovno zaženi + Spremembe nastavitev se bodo uporabile po ponovnem zagonu VPN-a. (Ponovno) zaženi VPN zdaj? + Nastavitve so bile spremenjene + Nazadnje povezanega profila ni bilo mogoče določiti za urejanje + Podvojena obvestila + Če Androidu primanjkuje sistemskega pomnilnika (RAM-a), se programi in storitve, ki trenutno niso potrebne, odstranijo iz dejavnega pomnilnika. To uniči delujočo povezavo VPN. Zaradi zagotovitve, da povezava/OpenVPN preživi, se storitev izvaja z višjo prednostjo. Za izvajanje z višjo prednostjo mora program prikazati obvestilo. Ikono obvestila ključa vsili sistem, kot je to opisano v prejšnjem vnosu pogostih vprašanj. Ne šteje kot obvestilo programa za namen izvajanja z višjo prednostjo. + Noben profil VPN ni določen. + Uporabite ikono <img src=\"ic_menu_add\"/>, da dodate nov VPN. + Uporabite ikono <img src=\"ic_menu_archive\"/>, da uvozite obstoječi profil (.ovpn ali .conf) iz svoje kartice SD. + Prepričajte se, da preverite pogosta vprašanja. Tam je vodnik za hitri začetek. + Nastavitve usmerjanja/vmesnika + Nastavitve usmerjanja in vmesnika se ne opravijo preko tradicionalnih ukazov ifconfig/route, toda z uporabo API-ja storitve VPN. To se pokaže v drugačnih nastavitvah usmerjanja, kot v drugih OS-ih.\nNastavitve tunela IP so sestavljene iz naslova IP in omrežij, ki jih je treba usmeriti preko tega vmesnika. Pri tem ni potreben ali zahtevan noben družabniški naslov soležnika ali naslov vrat. Posebne poti za doseganje strežnika VPN (npr. dodane med uporabo ukaza redirect-gateway) tudi niso potrebne. Program po zaradi tega ob uvozu nastavitev prezrl te nastavitve. Program z API-jem storitve VPN zagotovi, da povezava s strežnikom ni usmerjena preko tunela VPN.\nAPI storitve VPN ne dovoli določanje omrežij, ki se ne smejo usmeriti preko tunela (npr. pot x.x.x.x y.y.y.y net_gateway) in izračuna nabor poti, ki izključijo te poti, da posnema vedenje drugih okolij. Okno dnevnika prikazuje nastavitve API-ja storitve VPN, ko se povezava vzpostavi.\nNeuradno: Android 4.4+ uporablja pravilnik usmerjanja. Uporaba ukazov route/ifconfig ne bo prikazala nameščene poti. Namesto tega uporabite pravilo IP iptables -t mangle -L. + Ne preidi v stanje brez povezave VPN, ko se OpenVPN povezuje. + Vztrajni TUN + Dnevnik OpenVPN + Uvozi nastavitve OpenVPN + Poraba baterije + V mojih osebnih preizkusih so bili glaven vzrok za visoko porabo baterije OpenVPN-a dejavni paketi. Večina strežnikov OpenVPN ima smernico nastavitev, kot je \'ohrani dejavnost 10 60\', ki povzroči, da si odjemalec in strežnik izmenjata dejavne pakete vsakih 10 sekund. <p>Medtem, ko so ti paketi majhni in ne uporabijo veliko prometa, ohranijo mobilno radijsko omrežje dejavno in povečajo porabo energije (glejte tudi <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Razvijalci Androida</a>).<p> Te nastavitve ohranjanja dejavnosti odjemalec ne more spremeniti. Spremeni jo lahko samo sistemski skrbnik OpenVPN-a.<p> Na žalost uporaba ohranjanja dejavnosti večje od 60-ih sekund z UDP-jem lahko povzroči, da nekatera vrata NAT prekinejo povezavo zaradi časovne omejitve nedejavnosti. Uporaba TCP-ja z dolgo časovno omejitvijo ohranjanja dejavnosti deluje, vendar se tuneliranje TCP-ja preko TCP-ja izkaže za zelo neučinkovito ob povezavah z visoko izgubo paketov (glejte <a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\">Why TCP Over TCP Is A Bad Idea</a>). + Androidova značilnost deljenja mobilnega interneta (preko omrežja Wi-Fi, USB-ja ali Bluetootha) in API storitve VPN (ki ga uporablja ta program) skupaj ne delujeta. Za več podrobnosti glejte <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\">Težavo 34</a>. + VPN in deljenje mobilnega interneta + Ponovni poizkusi povezave + Nastavitve ponovne povezave + Št. sekund čakanja med poizkusi povezave. + Sekunde med povezavami + OpenVPN se je nepričakovano sesul. Razmislite o uporabi možnosti pošiljanja mini izpisa v glavnem meniju. + Pošlji mini izpis razvijalcu + Pošlje podatke razhroščevanja o zadnjem sesutju razvijalcu + OpenVPN - %s + %1$s - %2$s + %1$s - %3$s, %2$s + Povezovanje + Čakanje na odgovor strežnika + Overjanje + Dobivanje nastavitev odjemalca + Dodeljevanje naslovov IP + Dodajanje poti + Povezan + Prekini + Ponovno povezovanje + Izhod + Se ne izvaja + Razreševanje imen gostiteljev + Povezovanje (TCP) + Overitev je spodletela + Čakanje na uporabno omrežje + ↓%2$s/s %1$s - ↑%4$s/s %3$s + Ni povezan + Povezovanje v VPN %s + Povezovanje v VPN %s + Nekatere različice Androida 4.1 imajo težave, če ime potrdila shrambe ključev vsebuje posebne znake (presledke, podčrtaje ali pomišljaje). Poizkusite ponovno uvoziti potrdilo brez posebnih znakov. + Šifra + Overitev paketov + Vnesite način overitve paketov + izgradil %s + razhroščevalna izgradnja + uradna izgradnja + Kopiraj v profil + Izpis sesutja + Dodaj + Pošlji nastavitveno datoteko + Celoten DN + Vaše uvožene nastavitve uporabljajo staro OPUŠČENO možnost tls-remote, ki uporablja drugo obliko DN. + RDN (splošno ime) + Predpona RDN + tls-remote (OPUŠČENO) + Prevajati lahko pomagate z obiskom http://crowdin.net/project/ics-openvpn/invite + %1$s poizkuša nadzirati %2$s + Z nadaljevanjem dajete programu dovoljenje za popoln nadzor OpenVPN-a za Android in prestrezanje vsega omrežnega prometa. NE sprejmite, razen če zaupate programu. V nasprotnem primeru lahko vaši podatki postanejo tarča zlonamerne programske opreme. + Zaupam temu programu. + Noben program ne sme uporabiti zunanjega API-ja + Programi z dovoljenjem: %s + Počisti seznam zunanjih programov z dovoljenjem?\nTrenutni seznam:\n\n%s + \"Premor VPN-a, ko je zaslon izklopljen in je v 60 s preneseno manj kot 64 kB. Ko je omogočena možnost \"Vztrajni TUN\", bo premor VPN-a odstranil VSO povezljivost naprave. Brez te možnosti naprava ne bo imela povezave VPN/zaščite. + Premor VPN-a po izk. zas. + Premor povezave v stanju izklopljenega zaslona: manj kot %1$s v %2$s s + Opozorilo: Vztrajni TUN za ta VPN ni mogočen. Promet bo uporabil običajno internetno povezavo, ko je zaslon izklopljen. + Shrani geslo + Premor VPN-a + Obnovi VPN + Premor VPN-a je zahteval uporabnik + Premor VPN-a - zaslon izklopljen + Prilagoditve za naprave + Podatkov potrdila ni mogoče prikazati + Vedenje programa + Vedenje VPN-a + Dovoli spremembe profilov VPN + Strojna shramba ključev: + Ikona programa poizkuša uporabiti OpenVPN za Android + \"Z začetkom v Androidu 4.3 je potrditev VPN zaščitena proti \"prekrivajočimi programi\". To povzroči, da se pogovorna okna ne odzovejo na vnos z dotikom. Če imate program, ki uporablja prekrivanja, lahko povzroči to vedenje. Če najdete tak program, navežite stik z avtorjem programa. Ta težava vpliva na vse programe VPN na Androidu 4.3 ali kasnejših. Za dodatne podrobnosti glejte tudi <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\">Težavo 185<a>\". + Potrditev pogovornega okna VPN + Lahko pa mi darujete s trgovino Play: + Hvala, da ste darovali %s! + Dnevnik počiščen. + Prikaži geslo + Napaka dostopa do verige ključev: %s + Kratko + ISO + Časovni žigi + Brez + Pošlji + Prejmi + Stanje VPN-a + Možnosti pogleda + Neobravnavana izjema: %1$s\n\n%2$s + %3$s: %1$s\n\n%2$s + Če imate na svoji napravi skrbniški dostop, lahko na svojo odgovornost namestite <a href=\"http://xposed.info/\">ogrodje Xposed</a> in <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">Modul za potrditev pog. okna VPN</a>. + Polna dovoljenja + Omrežja, ki so neposredno povezana s krajevnimi vmesniki, ne bodo usmerjena preko VPN-a. Odstranitev izbire te možnosti bo preusmerila ves promet namenjen krajevnim omrežjem v VPN. + Zaobidi VPN za kraj. omr. + Datoteka uporabniškega imena/gesla + [Uvoženo iz: %s] + Nekaterih datotek ni bilo mogoče najti. Izberite datoteke za uvoz profila: + Za uporabo tega programa potrebujete ponudnika VPN/vrata VPN, ki podpira OpenVPN (pogosto jih dobavi vaš delodajalec). Za več podatkov o OpenVPN-u in kako nastaviti svoj lasten strežnik OpenVPN preverite http://community.openvpn.net/. + Dnevnik uvoza: + Topologija VPN-a \"%3$s\" je določena, vendar je ifconfig %1$s %2$s videti bolj kot naslov IP z masko omrežja. Uporaba topologije \"podomrežja\". + Vrednost preglasitve MSS mora biti celo število med 0 in 9000. + Najavi sejam TCP, ki se izvajajo preko tunela, da morajo omejiti velikosti svojih paketov, tako da ko jih je OpenVPN zaobjel, nastala velikost paketov UDP, ki jo OpenVPN pošlje svojemu soležniku, ne bo presegla tega števila bajtov (privzeto je 1450). + Preglasi vrednost MSS vsebine TCP + Nastavi MSS vsebine TCP + Vedenje odjemalca + Počisti zun. prog. z dov. + Nalaganje … + Programi VPN z dovoljenjem: %1$s + Programi VPN brez dovoljenja: %1$s + Paket %s ni več nameščen, odstranjevanje paketa s seznama programov z/brez dovoljenja. + VPN se uporablja za vse programe, vendar izključi izbrane + VPN se uporablja samo za izbrane programe + Odstrani vnos oddaljenega strežnika? + Ohrani + Izbriši + Dodaj nov oddaljeni strežnik + Uporabi vnose povezave v naključnem vrstnem redu ob povezavi + Določiti in omogočiti morate vsaj en oddaljeni strežnik. + Seznam strežnikov + Programi z dovoljenjem + Napredne nastavitve + Možnosti vsebine + Nastavitve TLS + Noben oddaljeni strežnik ni določen + Podvojeni profil VPN + Podvajanje profila: %s + Prikaži dnevnik + Obstaja več odjemalcev OpenVPN za Android. Najbolj pogosti so OpenVPN za Andorid (ta odjemalec), OpenVPN Connect in OpenVPN Settings.<p>Odjemalce lahko združite v dve skupini: OpenVPN za Android in OpenVPN Connect uporabljata uraden API storitve VPN (Android 4.0+) in ne zahtevata skrbniškega dostopa, in OpenVPN Settings, ki ga zahteva.<p> OpenVPN za Android je odprtokodni odjemalec, ki ga razvija Arne Schwabe. Cilja na bolj napredene uporabnike, in ponuja veliko nastavitev, zmožnost uvoza profilov iz datotek in nastavitev/spreminjanje profilov v programu. Odjemalec temelji na skupnostni različici OpenVPN-a in na izvorni kodi OpenVPN 2.x. Tega odjemalca je mogoče razumeti kot poluradnega odjemalca skupnosti. <p>OpenVPN Connect ni odprtokodni odjemalec in ga razvija OpenVPN Technologies, Inc. Namenjen je za splošno uporabo, cilja na povprečnega uporabnika in omogoča uvoz profilov OpenVPN. Temelji na ponovni izvedbi C++ OpenVPN protokola OpenVPN (to je bilo zahtevano, da je OpenVPN Technologies, Inc lahko izdal program OpenVPN za iOS). Je uradni odjemalec podjetja OpenVPN Technologies. <p> OpenVPN Settings je najstarejši od teh in tudi uporabniški vmesnik za odprtokodni OpenVPN. V nasprotju z OpenVPN-om za Android zahteva skrbniški dostop in ne uporablja API-ja storitve VPN. Ni odvisen od Androida 4.0+. + Razlike med Androidovimi odjemalci OpenVPN + Preziranje poti večsmernega oddajanja: %s + Android podpira samo poti CIDR v VPN. Ker se druge poti skoraj nikoli ne uporabljajo, bo OpenVPN za Android za te poti uporabil /32 in izdal opozorilo. + Deljenje mobilnega interneta deluje, ko je VPN dejaven. Deljena povezava NE bo uporabila VPN-a. + Zgodnja različica KitKata je nastavila napačno vrednost MSS ob povezavah TCP (#61948). OpenVPN bo samodejno omogočil možnost mssfix, da zaobide ta hrošč. + Android bo še naprej uporabljal nastavitve posredniškega strežnika, ki so določene za mobilno povezavo/Wi-Fi, ko ni nastavljenih strežnikov DNS. OpenVPN za Android vas bo o tem opozoril v dnevniku.

Ko VPN nastavi strežnik DNS, Android ne bo uporabil posredniškega strežnika. API, ki nastavi posredniški strežnik za povezavo VPN, ne obstaja.

 + Programi VPN lahko prenehajo delovati, ko se jih odstrani in ponovno namesti. Za podrobnosti glejte #80074. + IP nastavljenega odjemalca in IP-ji v njegovi maski omrežja se ne usmerijo v VPN. OpenVPN zaobide tega hrošča z izrecnim dodajanjem poti, ki ustreza IP-ju odjemalca in njegovi maski omrežja. + Odpiranje naprave TUN, ko je dejavna druga naprava, kar se uporablja za podporo vztrajnega TUN-a, sesuje storitve VPN na napravi. Za ponovno delovanje VPN-a je zahtevan ponovni zagon. OpenVPN za Android bo poizkusil ponovno odpreti napravo TUN in če je zelo potrebno, pred tem zaprl trenutni TUN, da se izogne sesutju. To lahko privede do kratkega postanka, kjer se paketi pošljejo preko običajne povezave. Tudi pri tem zaobidenju se storitve VPN včasih sesujejo in je zahtevan ponovni zagon naprave. + VPN sploh ne deluje za sekundarne uporabnike. + "Več uporabnikov poroča, da se ob uporabi programa VPN mobilna povezava/podatki pogosto prekinejo. Videti je, da se to nanaša samo na nekatere kombinacije mobilnih ponudnikov/naprav in do sedaj za ta hrošč še ni bilo odkritega vzroka/zaobidenja." + Preko VPN-a so dosegljivi samo cilji, ki so dosegljivi tudi brez njega. VPN-i IPv6 sploh ne delujejo. + Poti brez načina CIDR + Vedenje posredniškega strežnika za VPN-e + Ponovno nameščenje programov VPN + %s in prejšnji + Kopija %s + Pot do nastavljenega naslova IP + Napačna vrednost MSS za povezavo VPN + Sekundarni uporabniki tabilc + Določite možnosti za povezave po meri. Uporabljajte previdno. + Možnosti po meri + Odstrani vnos povezave + Naključne prekinitve mobilnega omrežja + Oddaljena omrežja niso dosegljiva + Vztrajaj v načinu TUN + %s in kasnejši + Povezava je spodletela z opozorilom izmenjave signalov SSL23_GET_SERVER_HELLO:sslv3 + Novejše različice OpenVPN-a za Android (0.6.29/marec 2015) uporabljajo bolj varne privzete vrednosti za dovoljene šifrirne pakete (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Na žalost izpuščanje manj varnih šifrirnih paketov in šifrirnih paketov za izvoz, posebno izpuščanje šifrirnih paketov, ki ne podpirajo vnaprejšnje varnosti (Diffie-Hellman), povzroča težave. To običajno povzroči dobronamerni vendar slabo izvedeni poizkus ojačanja varnosti TLS-a z nastavljanjem možnosti tls-cipher na strežniku ali vstavljenih OS-ih z okrnjenim SSL-om (npr. MikroTik).\nZa razrešitev te težave na strežniku nastavite možnosti tls-cipher na razumljive privzete vrednosti, kot je tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Za zaobidenje te težave na odjemalcu dodajte možnost po meri tls-cipher DEFAULT na odjemalcu Android. + Ta profil je bil dodan iz zunanjega programa (%s) in je bil označen kot uporabniško neuredljiv. + Seznam preklicanih potrdil + Ponovno zaganjanje storitve OpenVPN (program se je verjetno sesul ali je bil uničen zaradi pomanjkanja pomnilnika) + Pri uvozu nastavitev je prišlo do napake, nastavitev ni mogoče shraniti + Išči + (zadnji izpis je star %1$d:%2$d ur (%3$s)) + Počisti dnevnik ob novi povezavi + Časovna omejitev povezave + Noben program z dovoljenjem ni bil dodan. Samodejno dodajanje (%s), da se na seznamu programov z dovoljenjem nahaja vsaj en program, da ostali ne dobijo dovoljenja. + OpenVPN za Android lahko samodejno poizkusi odkriti manjkajoče datoteke na kartici SD. Tapnite na to sporočilo, da zahtevate dovoljenje. + Protokol + Omogočeno + Prednostna izvirna predhodnost ABI (%1$s) in ABI, ki ga sporočajo izvirne knjižnice (%2$s), se ne ujemata. + Preostalih še %d mesecev + Preostalih še %d dni + Preostalih še %d ur + OS je preklical dovoljenje VPN (npr. zagnan je bil drug program VPN), ustavljanje VPN-a + Potisni podatke o soležniku + Pošlji dodatne podatke na strežnik, npr. različico SSL in Android + Zahtevano %1$s + Vnesite geslo za profil %1$s + Uporabi podatke v besedilu + diff --git a/app/src/main/res/values-sv/strings-icsopenvpn.xml b/app/src/main/res/values-sv/strings-icsopenvpn.xml index 6ef522c407eab896cb89eb405a1e3c26b386fadb..075de9080de3f05c14e006d026e69062aea2b721 100755 --- a/app/src/main/res/values-sv/strings-icsopenvpn.xml +++ b/app/src/main/res/values-sv/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -87,7 +87,9 @@ Omdirigerar all trafik över VPN-anslutningen Använd standardrutt Ange anpassade rutter. Skriv destination i CIDR-format. \"10.0.0.0/8 2002:: / 16\" dirigerar nätverk 10.0.0.0/8 och 2002:: / 16 över VPN. + Rutter som INTE bör dirigeras över VPN. Använd samma syntax som för ingående rutter. Anpassade rutter + Exkluderade nätverk Utförlighetsnivå för log Tillåter autentiserade paket från alla IP-adresser Tillåt flytande server @@ -101,6 +103,9 @@ Öppnar tun gränssnittet: Lokal IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d DNS-Server: %1$s, Domän: %2$s + Rutter: %1$s %2$s + Rutter uteslutna: %1$s %2$s + VpnService rutter installerade: %1$s %2$s Fick gränssnitts informationen %1$s och %2$s, förutsätter att andra adressen är peer adressen på fjärrservern. Använder nätmask /32 för lokal IP. Satus på OpenVPN är \"%3$s\". Förstår inte %1$s och %2$s som IP rutt med CIDR netmask, där /32 används som nätmask. Korrigerad rutt %1$s/%2$s till %3$s/%2$s @@ -122,6 +127,7 @@ Din ROM stöder inte VPNService API, ledsen :( Kryptering Ange krypteringsmetod + Ange den krypteringsalogritm som skall användas av OpenVPN. Lämna tomt för att använda standardalgoritm. Ange den autentiserings digest som används för OpenVPN. Lämna tom för att använda standard digest. Autentisering/kryptering Filutforskare @@ -174,7 +180,7 @@ Inget CA certifikat returnerades från Android Keystore. Autenticering kommer troligen att misslyckas. Visar loggfönstret vid anslutning. Loggfönstret kan alltid nås från statusgardinen. Visa loggfönstret - Kör på %1$s (%2$s) %3$s, Android API %4$d + %10$s %9$s körs på %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Fel vid signering med Android keystore nyckeln %1$s: %2$s Varningen vid VPN-anslutning som berättar att denna app kan avlyssna all trafik utfärdas av systemet för att förhindra missbruk av VPNService API.\nNotifieringen om VPN-anslutning (nyckelsymbolen) tillhandahålles också av Android-systemet för att signalera en pågående VPN-anslutning. På vissa ROM spelar denna notifiering ett ljud.\nAndroid har infört dessa dialogrutor och notifieringar för din egen säkerhet och kan inte undvikas. (På vissa ROM innehåller dessa tyvärr ljud) Anslutnings varning och ljud @@ -187,6 +193,7 @@ ICS OpenVPN konfiguration Inga DNS-servrar används. Namnuppslag kommer kanske inte fungera. Överväg att namnge egna DNS-servrar. Observera även att Android kommer att fortsätta att använda dina proxyinställningar som anges för din mobildata/Wi-Fi-anslutning när inga DNS-servrar är konfigurerade. Kunde inte lägga till DNS-servern \"%1$s\", förkastades av systemet: %2$s + Det gick inte att konfigurera IP-adress \"%1$s\", avvisades av systemet: %2$s <p>Hämta en fungerande konfiguration (testad på din dator eller nerladdad från din leverantör/organisation)</p><p>Om det är en enda fil utan extra pem/pks12 filer kan du maila den till dig själv och öppna den bifogade filen. Om du har flera filer lägg dem på ditt sd-kort.</p><p>Klicka på den i mailet bifogade filen/Användning mappikonen i VPN-listan för att importera konfigurationsfilen</p><p>Om det ger fel ang. saknade filer lägg dessa på ditt sd-kort.</p><p>Klicka på spara symbolen för att lägga till den importerade konfigurationen i VPN-listan</p><p>Anslut din VPN genom att klicka på konfigurationsnamnet</p><p>Om det finns fel eller varningar i loggen försöka förstå dessa varningar/fel och försök att åtgärda dem</p> Snabbstart Prova att ladda kärnmodulen tun.ko innan du försöker ansluta. Kräver root. @@ -251,7 +258,6 @@ Krypteringschiffer Paketautentisering Ange autentiseringsmetod för paket - Kör på %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s byggd av %s felsöknings bygge officiellt bygge @@ -266,12 +272,60 @@ TLS-remote (ej längre i bruk) Du kan hjälpa till med översättningen genom att besöka http://crowdin.net/project/ics-openvpn/invite %1$s försöker styra %2$s + Genom att fortsätta ger du applikationen tilstånd att fullständigt styra OpenVPM för Android och att avlyssna all nätverkstrafik. Acceptera INTE om du inte litar på applikationen. Annars riskerar du att din data äventyras av skadlig programvara.\" Jag litar på denna applikation. Ingen app får använda externa API Tillåtna apps: %s Rensa lista över tillåtna externa apps? \nNuvarande lista över tillåtna apps:\n\n%s + \"Pause VPN när skärmen är avstängd och mindre än 64 kB överförda data i 60s. När \"Ihållande Tun\" är aktiverat kommer pausning av VPN att lämna enheten UTAN nätverksanslutning. Utan \"Ihållande Tun\" alternativet kommer enheten inte att ha någon VPN-anslutning / skydd. Pausa VPN-anslutningen efter att skärmen stängts av Pausa anslutning när skärmen är avstängd: mindre än %1$s i %2$ss Varning: Permanent tun är inte aktiverat för denna VPN. Trafiken kommer att använda den normala Internet-anslutning när skärmen är avstängd. Spara lösenord + Pausa VPN + Återuppta VPN + VPN paus begärs av användaren + VPN paus - skärmen av + Kan inte visa certifikatinformation + Ansökan beteende + VPN beteende + Tillåta ändringar av VPN profiler + Hårdvara Keystore: + Ikonen för appen försöker använda OpenVPN för Android + Vpn Bekräftelse Dialog + Alternativt kan du skicka mig en donation med Play Store: + Log rensas. + Visa lösenord + Kort + ISO + Tidsstämplar + Ingen + Ladda upp + Hämta + Visa alternativ + %3$s: %1$s\n\n%2$s + Kringgå VPN för lokala nätverk + Användarnamn / lösenord fil + [Importerad från: %s] + Importloggen: + Klientens beteende + Laddar... + Ha kvar + Radera + Serverlista + Tillåtna appar + Visa logg + Skillnader mellan OpenVPN Android klienterna + Ignorera multicast rutt: %s + Tidigt KitKat version anger fel MSS värdet på TCP-anslutningar (# 61.948). Försök att göra det möjligt för mssfix möjlighet att kringgå denna bugg. + VPN appar kan sluta fungera när avinstalleras och installeras igen. För mer information se # 80074 + Icke CIDR rutter + Installera om VPN appar + %s och tidigare + Kopia av %s + Sök + Protokoll + Aktiverad + %d dagar kvar + %d timmar kvar diff --git a/app/src/main/res/values-sw600dp/dimens.xml b/app/src/main/res/values-sw600dp/dimens.xml index 94a120d14571c6142fa06357518322150bb769d6..100861fc8ebd9ae3e0624814394c46cd875c7c6e 100644 --- a/app/src/main/res/values-sw600dp/dimens.xml +++ b/app/src/main/res/values-sw600dp/dimens.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/values-sw600dp/styles.xml b/app/src/main/res/values-sw600dp/styles.xml index c320388d3cf8d0ee28ff3e47a1ec9f6fbee127d2..387b2a814784fdf8713e23368094a6d163af0a9b 100644 --- a/app/src/main/res/values-sw600dp/styles.xml +++ b/app/src/main/res/values-sw600dp/styles.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/values-tr/strings-icsopenvpn.xml b/app/src/main/res/values-tr/strings-icsopenvpn.xml index 106f407feeff84eedde851eda9f8799922ab2cf7..9c88acf03b10629bde5d0d9e66ac5545fd5b37c6 100755 --- a/app/src/main/res/values-tr/strings-icsopenvpn.xml +++ b/app/src/main/res/values-tr/strings-icsopenvpn.xml @@ -1,312 +1,310 @@ - Sunucu adresi: - Sunucu Portu: + Sunucu Adresi: + Sunucu Bağlantı Noktası: Konum - Dizin Okunamıyor + Dizin okunamıyor Seç İptal Veri Yok - LZO sıkıştırma - Sertifika yok - İstemci sertifikası + LZO Sıkıştırma + Sertifika Yok + İstemci Sertifikası İstemci Sertifika Anahtarı PCKCS12 Dosyası CA Sertifikası Bir sertifika seçmelisiniz - Kaynak kodu ve sorun izcisine http://code.google.com/p/ics-openvpn/ buradan ulaşablirsiniz - Bu program, aşağıdaki bileşenleri kullanır; tam bilgi için lisanslardaki kaynak koduna bakınız - Hakkında - + Kaynak kodu ve sorun takipçisine http://code.google.com/p/ics-openvpn/ adresinden ulaşabilirsiniz + Bu program, aşağıdaki bileşenleri kullanır; tam bilgi için lisanslardaki kaynak koduna bakın + Hakkında Profiller Tür - PKCS12 Şifresi - Seçiniz… + PKCS12 Parolası + Seç… Bir dosya seçmelisiniz TLS Kimlik Doğrulamasını Kullan - TLS yönü - CIDR formatında IPv6 Adresi/Ağ maskesi girin (örneğin 2000:dd::23/64) - IPv4 adresi/ağ maskesi CIDR biçimi (örneğin 1.2.3.4/24) girin + TLS Yönü + CIDR biçiminde IPv6 adresi/ağ maskesi girin (örneğin 2000:dd::23 / 64) + CIDR biçiminde IPv4 Adresi/Ağ Maskesi girin (örneğin 1.2.3.4/24) IPv4 Adresi - IPv6 adresi - Özel OpenVPN seçenekleri girin.Dikkatli kullanın.Ayrıca tun kullanan VPN ler tasarlanan bu program tarafından desteklenmiyor.Eğer özel bir seçenek eksikliği olduğunu düşünüyorsanız geliştirici ile iletişime geçin + IPv6 Adresi + Özel OpenVPN seçeneklerini girin. Dikkatli kullanın. Ayrıca tun ile ilgili OpenVPN ayarları VPNSettings tasarımı nedeniyle program tarafından desteklenmiyor. Önemli bir seçeneğin eksik olduğunu düşünüyorsanız geliştirici ile iletişime geçin Kullanıcı Adı - Şifre - Statik yapılandırma için TLS Auth Keys statik anahtar olarak kullanılacak - VPN\'i Yapılandırın + Parola + Statik yapılandırma için TLS Kimlik Doğrulama Anahtarları statik anahtar olarak kullanılacak + VPN\'i Yapılandır Profil Ekle Yeni profili tanımlayan bir isim girin Benzersiz bir profil adı girin Profil Adı - Kullanıcı sertifikası seçmelisiniz + Bir kullanıcı sertifikası seçmelisiniz Hiçbir hata bulunamadı - Yapılandırma hatası + Yapılandırmada Hata IPv4 adresi ayrıştırma hatası Özel yolları ayrıştırma hatası - (Talep üzerine sorgulamak için boş bırakın) + (talep üzerine sorgulamak için boş bırakın) OpenVPN Kısayolu VPN\'e Bağlan Kısayolu belirtilen profil bulunamadı - Rastgele host ön eki - Host ismine 6 rasgele karakter ekler - Özel seçenekleri etkinleştir - Özel seçenekleri belirleyin.Dikkatli kullanın! + Rastgele Ana Makine Ön Eki + Makine ismine 6 rastgele karakter ekler + Özel Seçenekleri Etkinleştir + Özel seçenekleri belirleyin. Dikkatli kullanın! Yol Android tarafından reddedildi - Bağlantıyı kes - VPN bağlantısını kes - Kayıtları temizle - Onayı İptal et - Bağlı VPN bağlantısını keseyim / bağlantı girişimini iptal edeyim mi? - VPN kaldırın - (- Uzak-CERT-tls sunucu) sunucu TLS Sunucu uzantıları ile bir sertifika kullanır olmadığını kontrol eder - TLS sunucu sertifikasını bekleyin - Uzak sunucu sertifika konusunu DN kontrol eder - Sertifika sunucu adı kontrol - Uzaktan sertifika DN doğrulamak için kullanılan onay belirtin (örneğin C = DE, L = Paderborn, OU = Kuş IP Taşıyıcılar, CN = openvpn.blinkt.de) \ n \ tam DN veya RDN (openvpn.blinkt.de nBuörnek) ya da doğrulama için bir RDN önek. \ n \ nWhen RDN önek \"Sunucu\" ile \"Sunucu-1\" ve \"Sunucu-2\" ile eşleşir \ n \ boş metin alanına ana bilgisayar adı, sunucu karşı RDN kontrol edecektir nLeaving. \ n \ nBu daha fazla bilgi OpenVPN 2.3.1 + man sayfasına altında-kontrol-x509-adını görmek + Bağlantıyı Kes + VPN Bağlantısını Kes + kayıtları temizle + İptal Onayı + Bağlı VPN bağlantısını kesilsin veya bağlantı girişimini iptal edilsin mi? + VPN\'i Kaldır + Sunucunun TLS Sunucu uzantıları ile bir sertifika kullanıp kullanmadığını denetler (--remote-cert-tls server) + TLS sunucu sertifikası bekle + Uzak Sunucu Sertifika Konu DN\'sini denetler + Sertifika Makine Adı Denetimi + Uzak sertifika DN\'sini doğrulamak için kullanılan denetimi belirtin (örn. C=TR, L=Ankara, OU=IP Sağlayıcı, CN=openvpn.blinkt.de)\n\nTam DN veya RDN\'yi belirtin (örnekte openvpn.blinkt.de) veya doğrulama için bir RDP ön eki.\n\nRDN ön eki kullanıldığında \"Sunucu\" \"Sunucu-1\" ve \"Sunucu-2\" ile eşleşir\n\nMetin alanını boş bırakmak, RDN\'i sunucu makine adına karşı denetleyecektir.\n\nDaha fazla bilgi için bkz. OpenVPN 2.3.1+ man sayfası konusu —verify-x509-name Uzak sertifika konusu - TLS Anahtar Kimlik Doğrulaması sağlar + TLS Anahtar Kimlik Doğrulamasını etkinleştirir TLS Kimlik Doğrulama Dosyası - İstekler IP adresleri, sunucudan yolları ve zamanlama seçenekleri. - Herhangi bir bilgi sunucudan istenir. Ayarlar aşağıda belirtildiği gibidir. - Ayarlarını çekin + Sunucudan IP adresleri, rotalar ve zamanlama seçeneklerini talep eder. + Sunucudan hiçbir bilgi talep edilmez. Ayarlar aşağıda belirtilmelidir. + Ayarları Çek DNS - Sunucusu tarafından DNS ayarları geçersiz - Kendi DNS Sunucularını kullanın - Arama Etki Alanı - DNS Sunucusu kullanılacak. - DNS Serveri - Ikinci DNS Serveri Kullan Normal DNS Serveri Erişilmezse. - DNS Sunucusunu Yedekle - Itilmiş rotalar göz ardı - Yoksay sunucu tarafından itti yönlendirilir. - Tüm trafiği VPN üzerinden kullan + Sunucusu DNS ayarlarını geçersiz kıl + Kendi DNS Sunucularınızı kullanın + aramaEtkiAlanı + Kullanılacak DNS Sunucusu. + DNS Sunucusu + Normal DNS Sunucusu erişimi yapılamazsa ikincil DNS Sunucusunu kullan. + Yedek DNS sunucusu + İtilmiş rotaları göz ardı et + Sunucu tarafından itilmiş yolları yoksay. + Tüm trafiği VPN üzerinden yönlendirir Varsayılan Yolu kullan - Özel yolları girin. CIDR biçimde tek hedef girin. \"10.0.0.0 / 8 2002 :: / 16\" ağlar VPN üzerinden 10.0.0.0 / 8 ve 2002 :: / 16 doğrudan. - VPN üzerinden yönlendirilir olmaMAlıdır Yolları. Dahil rotalar için aynı sözdizimini kullanın. + Özel yolları girin. Sadece CIDR biçimde hedef girin. \"10.0.0.0/8 2002::/16\", 10.0.0.0/8 ve 2002::/16 ağlarını VPN üzerinden yönlendirecek. + Rotalar VPN üzerinden YÖNLENDİRİLMEMELİDİR. Dahil edilen rotalarda olduğu gibi sözdizimi kullanın. Özel Yollar Dışlanan Ağlar - Ayrıntı düzeyi Log - Herhangi bir IP kimlik doğrulaması paketlerini sağlar - Herhangi bir IP kimlik doğrulaması paketlerini sağlar + Günlük ayrıntı düzeyi + Herhangi bir IP\'den doğrulanmış paketlere izin verir + Yüzen sunucuya izin ver Özel Seçenekler - VPN Ayarlarını düzenle - VPN profilleri kaldırılsın mı \'%s\'? - Bazı özel ICS görüntülerde / dev / tun üzerinde izni yanlış olabilir, ya da tun modülünü tamamen eksik olabilir. CM9 görüntüleri genel ayarlar altında düzeltme mülkiyet seçeneğini deneyin + VPN Ayarlarını Düzenle + VPN profili \'%s\' kaldırılsın mı? + Bazı özel ICS kalıplarında /dev/tun izni yanlış ya da tun modülü tamamen eksik olabilir. CM9 görüntüleri için genel ayarlar altında sahipliği düzeltme seçeneğini deneyin Tun arayüzü açılamadı - "Hata:" + "Hata: " Temizle - Açılış tun arabirimi: + Açılan tun arayüzü: Yerel IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d - DNS sunucusu: %1$s, etki alanı: %2$s - Routes: %1$s %2$s - Routes excluded: %1$s %2$s - VPN Servis Yolları Yüklendi: %1$s %2$s - Arabirim bilgileri %1$s ve %2$s var, tabii ikinci eş adresi uzaktan adresidir. /32 Kullanarak için yerel IP ağ maskesi. OpenVPN tarafından verilen \"%3$s\" modudur. - %1$s ve %2$s olarak IP yolu ile CIDR ağ maskesi, ağ maskesi /32 kullanarak yapamazsınız. - Rota %1$s/%2$s %3$s/%2$s için düzeltilmiş - Android Anahtarlık sertifika erişemiyor. Bu bir yazılım yükseltmesi veya app/app ayarları bir yedeğini geri yükleme tarafından kaynaklanabilir. Lütfen VPN düzenlemek ve sertifikanın sertifika erişim izni yeniden oluşturmak için temel ayarları altında yeniden seçin. + DNS sunucusu: %1$s, Etki alanı: %2$s + Yollar: %1$s %2$s + Dışlanan yollar: %1$s %2$s + Yüklenen Vpn Hizmet yolları: %1$s %2$s + Arayüz bilgisi %1$s ve %2$s alındı. İkinci adresin uzak adres eşi olduğu varsayılıyor. Yerel IP için /32 ağ maskesi kullanılıyor. OpenVPN tarafından belirtilmiş kip \"%3$s\". + CIDR ağ maskesi ile %1$s ve %2$s IP rotası olarak anlam ifade etmiyor, ağ maskesi olarak /32 kullanılıyor. + Rota %1$s/%2$s, %3$s/%2$s olarak düzeltildi + Android Anahtarlık Sertifikalarına erişemiyor. Bu bir donanım yazılım yükseltmesi veya bir uygulama/uygulama ayarlarının yedeğinin geri yüklenmesinden dolayı kaynaklanabilir. Lütfen VPN\'i düzenleyin ve sertifikanın sertifika erişim iznini yeniden oluşturmak üzere temel ayarları altında yeniden seçin. %1$s %2$s Günlük dosyasını gönder Gönder ICS OpenVPN günlük dosyası - Panoya kopyalanan günlük girdisi - Moda dokunun - Dokunun modu olmayan kök VPN API ile mümkün değildir. Bu nedenle bu uygulama dokunun destek sağlayamaz - Yine? Dalga mı geçiyorsun? Hayır, dokunun modu gerçekten desteklenmez ve bu desteklenecektir soran daha fazla posta gönderme değil yardımcı olacaktır. - Üçüncü kez? Aslında, bir yazabilirsiniz bir Katman2 bilgi göndermek eklemek ve şerit Katman2 bilgi tun dayalı bir dokunun emülatör alırsınız. Ama bu dokunun emülatör da ARP ve muhtemelen bir DHCP istemci uygulamak gerekir. Herkes bu yönde herhangi bir işi farkında değilim. Bu konuda kodlama başlatmak istiyorsanız bana ulaşın. - Sık Sorulan Sorular - Günlük girdisi kopyalama - Bir tek günlük girişi basın kopyalamak ve günlük girdisi üzerinde tutun. Tüm günlük kopyala ve gönderme göndermek günlük seçeneğini kullanın. Görünür değil Eğer GUI donanım menü düğmesini kullanın. - Kısayolları başlatmak için - Masaüstünüzde OpenVPN başlatmak için bir kısayol yerleştirebilirsiniz. Homescreen programınıza bağlı olarak bir kısayol ya da bir widget eklemeniz gerekecek. - Görüntü VPNService API desteklemiyor, özür :( + Günlük girdisi panoya kopyalandı + Tap Kipi + Tap Kipi kök olmayan VPN API\'si ile mümkün değil. Bu nedenle bu uygulama tap desteği sağlayamaz + Yine mi? Dalga mı geçiyorsun? Hayır, tap kipi gerçekten desteklenmiyor ve fazla posta göndererek desteklenip desteklenmeyeceğini sormak bir şeyi değiştirmeyecek. + Üçüncü kez? Aslında, biri tun tabanlı bir tap öykünücüsü yazabilir. Bu gönderirken layer2 bilgisi ekleyip, alırken layer2 bilgisini ayıklayabilir. Ancak bu tap öykünücüsü ARP\'yi ve muhtemelen DHCP istemcisini de sağlamalı. Bu yönde bir çalışma yapan birini tanımıyorum. Bu konuda kodlamaya başlamak istiyorsanız bana ulaşın. + SSS + Günlük girdilerini kopyalama + Bir tek günlük girişi kopyalamak için günlük girdisine basın ve tutun. Tüm günlüğü kopyalamak ve göndermek için Günlük Gönder seçeneğini kullanın. Bu menü arayüzde görünmüyorsa donanım menü tuşunu kullanın. + Başlatma kısayolu + Masaüstünüzde OpenVPN başlatmak için bir kısayol yerleştirebilirsiniz. Ana sayfa programınıza bağlı olarak bir kısayol ya da bir widget eklemeniz gerekecek. + Kalıbınız VPNService API\'sini desteklemiyor, üzgünüm :( Şifreleme - Şifreleme yöntemi girin + Şifreleme yöntemini gir OpenVPN tarafından kullanılan şifreleme algoritmasını girin. Varsayılan şifrelemeyi kullanmak için boş bırakın. - OpenVPN için kullanılan kimlik doğrulamasını özet girin. Varsayılan özeti kullanmak için boş bırakın. - Kimlik doğrulama/şifreleme + OpenVPN için kullanılan kimlik doğrulama özetini girin. Varsayılan özeti kullanmak için boş bırakın. + Kimlik Doğrulama/Şifreleme Dosya Gezgini - Satır içi dosya + Satır İçi Dosya Dosya alınırken hata oluştu Dosya sistemindeki dosya içe aktarılamadı - [[Satır içi dosya veri]] + [[Satır içi dosya verisi]] IP bilgisi olmadan tun cihazı açmayı reddediyor - Ovpn dosyası alma profili - Alma - Profil alma için okunamadı + Profili ovpn dosyasından içe aktar + İçe Aktar + Profil içe aktarmak için okunamadı Yapılandırma dosyası okuma hatası Profil ekle - Alınan yapılandırma dosyasında belirtilen dosya %1$s bulunamadı - Kaynak %1$s yapılandırma dosyası alma - Senin yapılandırma kullanıcı arabirimi yapılandırmaları için eşleştirilmemiş birkaç yapılandırma seçenekleri vardı. Bu seçenekler özel yapılandırma seçenekleri eklenmiştir. Özel yapılandırma aşağıda görüntülenir: - Yapılandırma dosyası okuması bitmiş. - Yerel adresi ve bağlantı noktası için bağlama yapmak - Hiçbir yerel bağlama + Alınan yapılandırma dosyasında belirtilen %1$s dosyası bulunamadı + %1$s kaynağından yapılandırma dosyası alınıyor + Yapılandırmanızın arayüz yapılandırmalarına eşlenmemiş birkaç ayarı bulunuyordu. Bu seçenekler özel yapılandırma seçenekleri olarak eklendi. Özel yapılandırma aşağıda görüntüleniyor: + Yapılandırma dosyası okuması bitti. + Yerel adrese ve bağlantı noktasına bağlama + Hiçbir yerel bağlama yok Yapılandırma dosyası al Güvenlik konuları - OpenVPN güvenlik duyarlı olduğu gibi güvenlik hakkında birkaç not mantıklı bulunmaktadır. Sdcard üzerindeki tüm verileri doğal olarak güvensiz. Her app (örneğin bu program herhangi özel bir sd kartı hak gerektirir) okuyabilirsiniz. Bu uygulama verileri yalnızca uygulama tarafından okunabilir. Cacert/cert/anahtarında dosya iletişim kutusu için içe aktarma seçeneğini kullanarak verileri VPN profilinizde saklanır. VPN profilleri yalnızca bu uygulama tarafından erişilebilir. (Daha sonra sd kartta kopyaları sil unutmayın). Bile erişilebilir rağmen bu uygulama tarafından yalnızca verileri hala şifreli değildir. Telefon veya diğer olağanüstü köklenme tarafından veri almak mümkün olabilir. Kurtarmak parola düz metin olarak depolanır. Pkcs12 dosyaları için onları android deposunun almak önerilir. - Alma + "OpenVPN\'de güvenlik hassas bir konu olduğundan, güvenlikle ilgili birkaç not yerinde olacak. SD kart üzerindeki tüm veriler başlangıcından beri güvensizdir. Her uygulama okuyabilir (örneğin bu uygulama özel SD kart hakları gerektirmiyor). Bu uygulamanın verisi sadece uygulama tarafından okunabilir. cacert/cert/key için içe aktarma seçeneğini kullanmak, veriyi VPN profilinde saklar. VPN profilleri sadece bu uygulama tarafından okunabilir (ardından SD karttaki kopyalarını silmeyi unutmayın). Sadece bu uygulama tarafından erişilebilir olmasına rağmen, veri hala şifrelenmeden saklanır. Telefonu root\'lamak veya diğer açıklar verinin ele geçirilmesine yol açabilir. Kaydedilen parolalar da düz metin olarak saklanır. PKCS12 dosyalarını Android anahtar deposuna içe aktarmanız şiddetle önerilir." + İçe Aktar Hata gösteren sertifika seçimi - Android 4.0 + göstermeye çalışıyor bir istisna var sertifika seçimi iletişim. Bu hiç bu kadar standart bir özellik olarak Android 4.0 + gerçekleşmesi gerekir. Belki sertifika depolama ortamı için Android ROM destek bozuldu + Android 4.0+ sertifika seçim penceresi göstermeye çalışılırken bir istisna durum oluştu. Bu durum, Android 4.0+ sürümlerinde standart bir özellik olduğundan asla olmamalı. Sertifika depolamasını destekleyen Android ROM\'unuz bozuk olabilir IPv4 IPv6 Durum iletisi bekleniyor… içe aktarılan profil - İçe aktarılan profil %d - Kırık görüntüleri - <p> Resmi HTC görüntüleri tünelden değil trafiğe neden garip bir yönlendirme sorunu var için bilinen (Ayrıca bkz: < bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\" > sorunu 18 </a> hata izci içinde.)</p> <p> büyük resmi SONY Xperia Arc S ve görüntüleri Xperia Ray VPNService tamamen görüntüden eksik bildirilmiştir. (Ayrıca bkz: < bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\" > sayı 29 </a> hata izci içinde.)</p> <p> ya da eksik/dev haklarını tun modülü olabilir görüntüleri üzerinde özel yapı/tun-ebilmek var olmak yanlış. Bazı CM9 görüntü \"etkin aygıt belirli kesmek\" altında \"mülkiyet saptamak\" seçeneği gerek. </p> <p> en önemlisi: cihazınızda kopuk Android resmi varsa, senin satıcısına bildirin. Daha fazla kişi kim daha onlar bunu </p> düzeltmek için olabilir satıcıya, sorun bildir - PKCS12 Dosya şifreleme anahtarı - Özel Anahtar Şifresi - Şifre - Dosya simgesi - TLS kimlik doğrulama - Oluşturulan yapılandırma + %d profili içe aktarıldı + Bozuk Kalıplar + <p>Resmi HTC kalıpları, trafiğin tünelden geçmesini engelleyen garip yönlendirme sorunlarına sahip (Ayrıca hata izleyicisinde bkz. <a href=\"https://github.com/schwabe/ics-openvpn/issues/18\">Issue 18</a>.)</p><p>Daha eski resmi Xperia Arc S ve Xperia Ray SONY kalıpları, VPNService\'in kalıplardan tamamen kaldırdığı bildirildi (Ayrıca hata izleyicisinde bkz. <a href=\"https://github.com/schwabe/ics-openvpn/issues/29\">Issue 29</a>.)</p><p>Özel derleme kalıplarında, tun modülü eksik veya /dev/tun yetkileri hatalı olabilir. Bazı CM9 kalıplarının \"Aygıta bağlı ayarlar (Device specific hacks)\" altında \"İzinleri düzelt (Fix ownership)\" seçeneğini kullanmaları gereklidir.</p><p>En önemlisi: Cihazınızda bozuk bir Android kalıbı varsa, üreticinize bildirin. Ne kadar çok kişi bu sorunu üreticiye bildirirse, o kadar düzeltilme şansı olur.</p> + PKCS12 Dosya Şifreleme Anahtarı + Özel Anahtar Parolası + Parola + dosya simgesi + TLS Kimlik Doğrulama + Oluşturulan Yapılandırma Ayarlar - Sisteme /dev/tun sahibi çalışır. Bazı CM9 görüntüleri bu işe VPNService API yapmak gerekir. Kök gerektirir. - / Dev / tun sahipliğini düzeltmek - Oluşturulan OpenVPN yapılandırma dosyası göster + /dev/tun sahipliğini sisteme vermeye çalışır. Bazı CM9 kalıpları VPNService API\'sinin çalışabilmesi için buna ihtiyaç duyar. Root gerektirir. + /dev/tun sahipliğini düzeltmek + Oluşturulan OpenVPN Yapılandırma Dosyasını gösterir \"%s\" düzenleme - Yapılandırma binası… - Ağ durumu (örneğin WiFi üzerinden cep telefonlarına/cep) değiştirdiyseniz bu seçeneği açmak yeniden bağlantı zorlar - Ağ değişikliği üzerinde yeniden bağlan + Yapılandırma derleniyor… + Bu seçeneği açmak, bir ağ durumu değiştiğinde yeniden bağlanmaya zorlayacaktır (örn. Kablosuz / Mobil ağ geçişi) + Ağ değişikliği durumunda yeniden bağlan Ağ Durumu: %s - Sertifika yetkilisi sertifikası genellikle Android deposunun döndürülür. Sertifika doğrulama hataları alırsanız ayrı bir sertifika belirtin. - Seçin - Hayır CA sertifikasını okurken Android deposunu döndürdü. Kimlik doğrulama muhtemelen başarısız olur. - Bağlama kütüğü penceresi üzerinde gösterir. Kütüğü penceresi her zaman bildirim durumu erişilebilir. - Günlüğü penceresini göster - %1$s (%2$s) %3$s, Android API %4$d d\'çalışması - Android deposunun anahtarı %1$s %2$s ile imzalama hatası - Bu app tüm trafiği geçirebilir belirten VPN bağlantısı uyarı dayatılan VPNService API.\nThe VPN bağlantısının istismarını önlemek için sistem tarafından bildirim (anahtar simgesi) da devam eden bir VPN bağlantısı sinyal için Android sistem tarafından uygulanmaktadır. Bu bildirim çalış bazı görüntülerde ses. \nAndroid kendi güvenliğiniz için bu sistem diyaloglar tanıttı ve circumenvented olamaz emin oldum. (Bazı görüntülerde bu unfortunely notifciation ses içerir) - Bağlantı uyarı ve bildirim sesi - İngilizce Çeviri: Arne + Sertifika yetkilisi sertifikası genellikle Android anahtar deposundan döndürülür. Sertifika doğrulama hataları alırsanız ayrı bir sertifika belirtin. + Seç + Android anahtar deposundan okunurken hiçbir CA Sertifikası döndürülmedi. Kimlik doğrulama muhtemelen başarısız olacak. + Bağlantıda günlük penceresini gösterir. Günlük, her zaman bildirim durumundan erişilebilir. + Günlük penceresini göster + %10$s %9$s %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) üzerinde çalışıyor + Android deposu anahtarını %1$s %2$s ile imzalama hatası + VPN bağlantı uyarısı, VPNService API\'sinin kötüye kullanımını önlemek için bu uygulamanın sistem tarafından oluşturulan tüm trafiği izleyebileceğini söylüyor.\nVPN bağlantı bildirimi (anahtar simgesi) ayrıca giden bir VPN bağlantısı olduğunu belirtmek için Android sistemi tarafından gösteriliyor. Bazı kalıplarda bu bildirim bir ses çalar.\nAndroid bu sistem pencerelerini kendi güvenliğiniz için koydu ve aşılmasını engelledi. + Bağlantı uyarısı ve bildirim sesi + Türkçe Çeviri: Volkan Gezer <volkangezer@gmail.com> IP ve DNS Temel - Yönlendiriliyor - OpenVPN ayarları belirsiz. Normalde gerekmez. + Yönlendirme + Belirsiz OpenVPN ayarları. Normalde gerekmez. Gelişmiş - ICS Opnvpn Yapılandırma - Kullanılan DNS sunucusu yok. Ad çözümlemesi çalışmıyor olabilir. Özel DNS sunucularını ayarlamayı düşünün. Ayrıca Android cep/Wi-Fi bağlantınız için DNS sunucusu ayarlandığında belirtilen proxy ayarlarını kullanmaya devam unutmayın. - DNS sunucusu sistem tarafından reddedilen %1$s, eklenemedi: %2$s - IP adresi \"%1$s\"yapılandırılamadı ,sistem tarafından reddedildi: %2$s - (bilgisayarınızdaki veya sağlayıcı/organizasyon yüklenebilir test) bir çalışma config <p> olsun </p> <p> Hayır hiçbir ilave pem/pks12 ile tek bir dosya dosyaları ise dosyayı kendiniz e-posta ve eki açın. Birden çok dosya varsa koymak onları üstünde senin sd kartı </p> <p> e-posta eki/kullanım üzerinde klasör simgesini tıklatın, sd eksik dosyaları koyun dosyaları eksik hakkında hatalar varsa config dosyasının </p> <p> almak için vpn listedeki kayıt tıklayın kartı </p> <p> sembol alınan VPN </p> VPN listenize eklemek için <p > VPN varsa hata veya uyarılar günlüğüne uyarı/hata anlamak ve onları </p> gidermek çalışın VPN </p> <p> adını tıklatarak bağlanmak  + ICS Opnvpn Yapılandırması + Kullanılan DNS sunucusu yok. Ad çözümlemesi çalışmıyor olabilir. Özel DNS sunucularını ayarlamayı düşünün. Ayrıca Android mobil/kablosuz bağlantınız için DNS sunucusu ayarlanmadığında belirtilen vekil sunucu ayarlarını kullanmaya devam ettiğini unutmayın. + DNS sunucusu \"%1$s\" sistem tarafından reddedildi, eklenemedi: %2$s + IP adresi \"%1$s\" sistem tarafından reddedildi, yapılandırılamadı: %2$s + <p>Çalışan bir yapılandırma edinin (bilgisayarınızda test edilmiş veya kurumunuzdan alınmış)</p><p>Ek pem/pkcs12 dosyaları bulunmayan tek bir dosya ise, dosyayı kendinize e-posta olarak gönderebilir ve eki açabilirsiniz. Birden fazla dosya varsa, SD kartınıza koyun.</p><p>Yapılandırma dosyasını içe aktarmak için e-posta ekine tıklayın/VPN listesindeki klasör simgesini kullanın</p><p>Eksik dosyalar ile ilgili hata mesajı varsa, eksik dosyaları SD kartınıza koyun.</p><p>İçe aktarılan VPN\'yi VPN listenize eklemek için kaydet simgesine tıklayın.</p><p>VPN\'ye, adına tıklayarak bağlanın</p><p>Günlükte hata veya uyarı varsa, uyarı/hataları anlamaya ve düzeltmeye çalışın</p> Hızlı Başlangıç - Bağlanmadan önce tun.ko yüklemeyi deneyin.Root edilmiş cihazlar gerekli. + Bağlanmadan önce tun.ko çekirek modülünü yüklemeyi deneyin. Root edilmiş cihazlar gerekli. Tun modülünü yükle - PKCS12 yapılandırma Android deposunun içine alma - Proxy ayarları alınırken hata oluştu: %s - Proxy %1$s %2$d kullanarak - Sistem proxy kullan - Sistem geniş yapılandırma HTTP/HTTPS proxy için bağlanmak için kullanın. - Şunları yapabilirsiniz <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPal ile bağış </a> - Sistem yeniden başlatma/kapatma üzerinde etkin OpenVPN bir VPN yeniden bağlanır. Bu seçeneği kullanmadan önce bağlantı uyarı SSS okuyun. + PKCS12 yapılandırmasını Android anahtar deposuna alma + Vekil sunucu ayarları alınırken hata oluştu: %s + %1$s %2$d vekil sunucusu kullanarak + Sistem vekil sunucusunu kullan + Bağlanmak için sistem çapındaki HTTP/HTTPS vekil sunucularını kullan. + <a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;cmd=_s-xclick\">PayPal ile bağış</a> yapabilirsiniz; + OpenVPN, sistem yeniden başlatma/kapatma sırasında etkinse, tekrar bir VPN\'ye bağlanacak. Lütfen bu seçeneği kullanmadan önce Bağlantı uyarı SSS\'sini okuyun. Yeniden başlatmada tekrar bağlan Yoksay Yeniden Başlat - Yapılandırma değişiklikleri, VPN yeniden başlattıktan sonra geçerli olur. (Yeniden) VPN şimdi başlıyorsun? + Yapılandırma değişiklikleri, VPN yeniden başlattıktan sonra geçerli olur. VPN (yeniden) başlatılsın mı? Yapılandırma değişti Düzenleme için son bağlı profil belirlenemedi Yinelenen bildirimler - Android sistem belleği (RAM) basınç altında ise, apps ve hizmet hangi anda gerekli değildir aktif bellekten kaldırılır. Bu devam eden bir VPN bağlantısını sonlandırır. Bağlantı/OpenVPN ile daha yüksek öncelikli hizmet çalışır hayatta emin olmak için. Daha yüksek öncelik ile çalıştırmak için uygulama bir bildirim görüntülemeniz gerekir. Anahtar bildirim simgesini, önceki SSS girdisi içinde açıklandığı gibi sistem tarafından uygulanmaktadır. Daha yüksek öncelik ile çalışan amaç için app bildirim olarak sayılmaz. + Android sistem belleği (RAM) altında ise, o anda gerekli olmayan uygulama ve hizmetler etkin bellekten kaldırılır. Bu, süregelen bir VPN bağlantısını durdurur. Bağlantının/OpenVPN\'nin hayatta kalabilmesi için daha yüksek öncelik gerekir. Daha yüksek öncelikte çalışabilmesi için, uygulama bir bildirim görüntülemelidir. Bir önceki SSS girdisinde belirtilen anahtar bildirim simgesi, sistem tarafından gösterilmektedir. Bu, uygulamanın daha yüksek öncelikte çalışmasını sağlayan bildirim niteliği taşımaz. Tanımlanan VPN profili yok. - Kullanım < img src = \"ic_menu_add\" / > yeni bir VPN eklemek için simge - Kullanım < img src = \"ic_menu_archive\" / > simgesi sdcard (.ovpn veya .conf) bir profili almak için. - Ayrıca SSS kontrol etmeyi unutmayın. Hızlı Başlangıç Kılavuzu vardır. - Yönlendirme/arabirimi yapılandırması - OpenVPN yeniden bağlamadan zaman VPN bağlantısı değil geri dönüş yap + Yeni VPN eklemek için <img src=\"ic_menu_add\"/> simgesini kullanın + SD kartınızdan mevcut bir (.ovpn veya .conf) profili almak için <img src=\"ic_menu_archive\"/> simgesini kullanın. + Ayrıca SSS\'yi kontrol etmeyi unutmayın. Hızlı Başlangıç Kılavuzu içerir. + Yönlendirme/Arayüz Yapılandırması + Yönlendirme ve arayüz yapılandırması klasik ifconfig/rota komutlarıyla değil VPNService API kullanarak yapılmaktadır. Bu, diğer işletim sistemlerindekinden farklı bir yönlendirme yapılandırması gerektirmektedir.\nVPN tünelinin yapılandırması, IP adresleri ve bu adreslerin bu arayüz üstünden yönlendirileceği ağlardan oluşur. Özellikle hiçbir eş ortak adresi ya da ağ geçidi adresi gerekli degildir. VPN sunucusuna ulaşmak için özel yollar (redirect-gateway kullanıldığında eklenenler gibi) da gerekli değildir. Bu sebepten dolayı uygulama, bir yapılandırma alırken bu ayarları yoksayar. Uygulama, VPN Servis API\'si ile sunucuyla olan bağlantının VPN tüneline yönlendirilmesini engeller.\nVPNService API\'si VPN üstünden yönlendirilmemesi gereken ağların belirtilmesine izin vermemektedir. Geçici çözüm olarak program, tünel üstünden yönlendirilmemesi gereken ağları (örneğin x.x.x.x y.y.y.y net_gateway rotası) bulmaya çalışıp bu rotaları içermeyen bir rota grubu oluşturarak diğer işletim sistemlerindeki davranışı oluşturur. Günlük penceresi VPNService\'in bağlantı sonucu oluşan yapılandırmasını gösterir.\nKamera Arkası: Android 4.4+ kural tabanlı yönlendirme kullanır. route/ifconfig komutları kullanılan rotaları göstermeyecektir. Bu komutlar yerine ip rule, iptables -t mangle -L komutlarını kullanın + OpenVPN yeniden bağlanırken \"VPN bağlantısı yok\" durumuna dönme. Kalıcı tun - OpenVPN kayıtları - OpenVPN yapılandırması aktar + OpenVPN Günlüğü + OpenVPN yapılandırmasını içe aktar Pil tüketimi - Benim kişisel testlerinde yüksek pil tüketimi OpenVPN ana sebebi canlı tutma paketleri var. Bir yapılandırma yönergesi gibi çoğu OpenVPN sunucusu var \' keepalive 10 60 istemci ve sunucu 10 saniyede canlı tutma paketleri alışverişi neden \'. <p> Bunlar süre paketleri küçük ve çok trafik kullanmayın, mobil radyo ağ meşgul ve enerji tüketimini artırır. (Ayrıca bkz: < bir href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\" > Radyo durum makinesi | Android geliştiriciler </a>) <p> Bu canlı tutma ayarı istemcide değiştirilemez. Yalnızca sistem yöneticisinin OpenVPN in ayarı değiştirebilirsiniz. <p> Ne yazık ki 60 saniyeden daha büyük bir canlı tutma ile UDP kullanarak bazı NAT ağ geçitleri işlem zaman aşımı nedeniyle bağlantıyı kesmek neden olabilir. TCP kullanarak uzun canlı tutma zaman aşımı ile çalışır, ancak TCP TCP üzerinden tünel son derece kötü bağlantılarında yüksek paket kaybı ile gerçekleştirir. (Bkz: < bir href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" > neden TCP üzerinden TCP A kötü düşünce </a>) - Android hayvan zinciri özelliğin (üzerindeki, WiFi, USB veya Bluetooth) ve VPNService (Bu program tarafından kullanılan) API birlikte çalışmayabilir. Daha fazla ayrıntı için bkz: < bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\" > #34 </a> yayın + Şahsi testlerimde, OpenVPN\'in yüksek pil tüketiminin sebebi canlı tutma (keepalive) paketleri. Çoğu OpenVPN sunucuları, istemci ve sunucu arasında canlı tutma paketlerini her on saniyede değiştiren \'keepalive 10 60\' benzeri yönergeler bulundurur.<p> Bu paketler çok küçük olduğundan ve çok trafik kullanmadıklarından mobil anten ağını meşgul tutar ve enerji tüketimini arttırırlar. (ayrıca bkz. <a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\">The Radio State Machine | Android Developers</a>) <p> Bu canlı tutma ayarı istemci tarafından değiştirilemez. Ayarı sadece OpenVPN sistem yöneticisi değiştirebilir. <p> Ne yazık ki, canlı tutma ayarını 60 saniyeden daha fazla tutmak UDP\'nin durağan durum zaman aşımına takıldığından bazı NAT ağ geçitlerinde bağlantıyı bırakmalarına sebep olmaktadır. Uzun canlı tutma zaman aşımları TCP kullanarak mümkün, ancak TCP üzerinden TCP tünelleme, yüksek paket kaybı ile bağlantılarda düşük kalitededir (Bkz. <a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\">Why TCP Over TCP Is A Bad Idea</a>) + Android Bağlantı Paylaşma özelliği (WiFi, USB veya Bluetooth üzerinden) ve VPNService API\'si (bu program tarafından kullanılan) birlikte çalışamaz. Daha fazla bilgi için bkz. <a href=\"https://github.com/schwabe/ics-openvpn/issues/34\">issue #34</a> VPN ve Paylaşım Yeniden bağlantı denemesi - Yeniden Bağlanma ayarları + Yeniden bağlanma ayarları Bağlantı girişimleri arasında beklenecek saniye sayısı. - Bağlantılar arasındaki Saniye - OpenVPN beklenmedik biçimde düştü. Lütfen ana menüde gönder mini döküm seçeneği kullanmayı düşünün + Bağlantılar arasındaki saniye + OpenVPN beklenmedik biçimde çöktü. Lütfen ana menüdedeki mini döküm gönder seçeneğini kullanmayı düşünün Geliştiriciye mini döküm gönder - Hata ayıklama bilgisini son hatayı geliştiriciye gönder + Son çökme hakkındaki hata ayıklama bilgisini geliştiriciye gönder OpenVPN - %s %1$s - %2$s %1$s - %3$s, %2$s Bağlanıyor Sunucudan yanıt bekleniyor Kimlik Doğrulanıyor - İstemci yapılandırma alınıyor - IP Adresleri Atanıyor + İstemci yapılandırması alınıyor + IP adresleri atanıyor Yollar ekleniyor Bağlanıldı - Bağlantıyı kes + Bağlantıyı Kes Yeniden bağlanıyor Çıkılıyor Çalışmıyor Ana bilgisayar adları çözümleniyor - (TCP) Bağlanıyor + Bağlanıyor (TCP) Kimlik doğrulaması başarısız Kullanılabilir ağ için bekleniyor ↓%2$s/s %1$s - ↑%4$s/s %3$s Bağlı değil - %s VPN bağlanıyor - %s VPN bağlanıyor - Sertifika deposunun adını (gibi alanlarda, alt çizgi veya tire) sigara alfasayısal karakterler içeriyorsa, bazı yorum-in Android 4.1 sorunları var. Özel karakter içermeyen sertifika yeniden ithalat çalışın + VPN %s bağlanıyor + VPN %s bağlanıyor + Android 4.1\'in bazı sürümleri anahtar deposu alfanümerik olmayan karakterler içeriyorsa (boşluk, alt çizgi veya eksi işareti) sorunlar yaşamaktadır. Sertifikayı özel karakterler olmadan yeniden içe aktarmayı deneyin Şifre şifresi - Paket kimlik doğrulama + Paket kimlik doğrulaması Paket kimlik doğrulama yöntemini girin - Çalışan %1$s (%2$s) %3$s, Android API %4$d, sürüm %5$s, %6$s - %s tarafından inşa - hata ayıklama yapı + %s tarafından derlendi + hata ayıklama yapısı resmi yapı - Profili kopyalayın - Crashdump + Profile kopyala + Çökme dökümü Ekle - Yapılandırma dosyasını gönderin + Yapılandırma dosyasını gönder Tam DN - Alınan yapılandırmanızı farklı bir DN biçimini kullanan eski kullanım dışı tls-uzaktan seçeneği kullanılır. + İçe aktardığınız yapılandırma, farklı bir DN biçimi kullanan KULLANIM DIŞI bir tls-remote seçeneği kullanıyor. RDN (ortak ad) RDN öneki - TLS-uzaktan (kullanım dışı) - Http://crowdin.net/project/ics-openvpn/invite ziyaret ederek çeviri yardımcı olabilir - %2$s denetlemek %1$s çalışır - Devam, tamamen OpenVPN Android için kontrol etmek ve tüm ağ trafiğini kesişmek üzere uygulama izin veriyorsunuz. Yapmak değil uygulama güvenmediğiniz sürece kabul. Aksi takdirde, verilerinizi kötü amaçlı yazılım tarafından tehlikeye sahip riski çalıştırılır.\" + tls-remote (KULLANIM DIŞI) + http://crowdin.net/project/ics-openvpn/invite ziyaret ederek çevirilere yardımcı olabilirsiniz + %1$s, %2$s kontrolünü almaya çalışıyor + Devam ederek, uygulamaya tamamen Android için OpenVPN üzerinde denetleme ve tüm ağ trafiğini izleme yetkisini veriyorsunuz. Uygulamaya güvenmiyorsanız kabul ETMEYİN. Aksi takdirde, verilerinizin zararlı bir yazılım tarafından ele geçirilme riskini taşıyorsunuz.\" Bu uygulamaya güveniyorum. - Harici API\'yi kullanma izniniz yok - Uygulamalar izni: %s - Açıkça izin verilen dış uygulamalar listesini? \nCurrent listesi izin verilen apps:\n\n%s - \"Ekran kapalı iken VPN ve 60\'lar daha az 64 kB transfer verilerde duraklatın. VPN duraklatma \"Kalıcı Tun\" seçeneği etkinleştirildiğinde aygıtınız ağ bağlantısı sayesinde bırakacaktır. \"Kalıcı Tun\" seçeneği olmadan aygıt yok VPN bağlantısı/koruma olacak. + Hiçbir uygulamanın harici API\'yi kullanma izni yok + İzin verilen uygulamalar: %s + İzin verilen harici uygulama listesi temizlensin mi?\nİzin verilen uygulamaların geçerli listesi:\n\n%s + Ekran kapalıyken ve 60 sn.\'de 64 kB\'dan daha az veri aktarılmışsa VPN\'i duraklat. \"Kalıcı Tun\" seçeneği etkin iken, VPN\'i duraklatmak cihazınızı SIFIR ağ bağlanabilirliğiyle bırakacak. \"Kalıcı Tun\" seçeneği olmadığında, cihaz VPN bağlantısı/koruması almayacak. Ekran kapandıktan sonra VPN bağlantısını duraklat - Duraklatma bağlantı durumu devre dışı ekran: %1$s %2$ss içinde daha az - Uyarı: kalıcı tun bu VPN için etkin değil. Ekran kapalı iken trafik normal Internet bağlantınızı kullanacak. + Ekran kapalı durumunda bağlantıyı duraklatıyor: %2$s sn. içinde %1$s\'den daha az veri + Uyarı: Kalıcı tun bu VPN için etkin değil. Ekran kapalı iken trafik normal İnternet bağlantınızı kullanacak. Parolayı Kaydet - VPN duraklatın - VPN yi çalıştırmaya devam edin + VPN\'i Duraklat + VPN\'i Devam Ettir Kullanıcı isteğiyle VPN duraklatıldı - Ekran kapalıyken VPN duraklat - Aygıt özellikleri kesmek - Sertifika bilgilerini görüntüleyemiyor - Uygulama davranış - VPN davranış - VPN Profillerinin değiştirilmesine izin ver - - Donanım deposu: + VPN duraklatıldı - ekran kapalı + Aygıta özel Ayarlar + Sertifika bilgileri görüntülenemiyor + Uygulama davranışı + VPN davranışı + VPN Profillerinin değiştirilmesine izin ver + Donanım Anahtar Deposu: Uygulama simgesi Android için OpenVPN kullanmaya çalışıyor - "Android 4.3 ile VPN onay başlayan\"overlaying apps\"karşı korunuyor. Bu giriş dokunmaya tepki değil iletişim kutusunda olur. Bindirmeleri kullanan bir uygulama varsa, bu davranışa neden olabilir. Kusurlu bir app temas yazar app bulursanız. Bu sorun tüm VPN uygulamaları Android 4.3 ve daha sonra etkiler. Ayrıca bkz: < bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" > sayı 185 <a> ek ayrıntılar için " - VPN Onayla iletişim Android 4.3 ve üstü - Alternatif olarak Play Store den bağış yapabilirsiniz. - Bağış için teşekkürler%s! - Kayıtlar temizlendi. - Şifreyi göster + "Android 4.3\'ten itibaren, VPN onayları \"kaplayan uygulamalara\" karşı güven altına alındı. Bu da pencerenin dokunma girdisine yanıt vermemesiyle sonuçlanır. Kaplamaları kullanan bir uygulamanız varsa, bu davranışa bu uygulama sebep olmuş olabilir. Saldırgan bir uygulama bulursanız, uygulamanın geliştiricisine ulaşın. Bu sorun Android 4.3 ve sonrasındaki tüm VPN uygulamalarını etkilemektedir. Ayrıca ayrıntılar için bkz. <a href=\"https://github.com/schwabe/ics-openvpn/issues/185\">Issue 185<a>" + VPN Onay Penceresi + Alternatif olarak Play Store\'dan bağış yapabilirsiniz: + %s bağış için teşekkürler! + Günlük temizlendi. + Parolayı göster Anahtarlık erişim hatası: %s Kısa ISO - Zaman damgaları + Zaman Damgaları Hiçbiri Yükleme İndirme @@ -314,35 +312,93 @@ Görünüm seçenekleri Kural dışı durum: %1$s\n\n%2$s %3$s: %1$s\n\n%2$s - Lisanslar - Yerel ağlar için Bypass VPN - Kullanıcı adı / Şifre dosyası - [Buradan içeri aktar: %s] - Kaydı içe aktar: + Android cihazınız root\'lu ise <a href=\"http://xposed.info/\">Xposed çalışma çerçevesini</a> ve <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN Pencere onay modülünü</a> kendi sorumluluğunuzda yükleyebilirsiniz\" + Tam lisanslar + Doğrudan yerel arabirimlere bağlı ağlar VPN üzerinden yönlendirilmez. Bu seçenekteki işaretin kaldırılması, yerel ağlar için amaçlanmış tüm trafiği VPN\'e yönlendirir. + Yerel ağlar için VPN\'i yoksay + Kullanıcı adı/Parola dosyası + [Buradan içeri aktarıldı: %s] + Bazı dosyalar bulunamadı. Lütfen profile aktarılacak dosyaları seçin: + Bu uygulamayı kullanabilmeniz için OpenVPN destekleyen bir VPN sağlayıcısı/VPN ağ geçidine (genellikle işvereniniz tarafından sağlanır) ihtiyacınız var. OpenVPN hakkında daha fazla bilgi ve kendi OpenVPN sunucunuzu nasıl yapılandıracağınızı öğrenmek için http://community.openvpn.net/ adresine bakın. + Alma günlüğü: + Vpn topolojisi \"%3$s\" belirtildi ancak ifconfig %1$s %2$s daha çok bir ağ maskesi içeren bir IP adresi gibi görünüyor. \"subnet\" topolojisi olarak varsayılacak. + MSS geçersiz kılma değeri 0 ile 9000 arasında bir tamsayı olmak zorundadır + Tünel üzerinden çalışan TCP oturumlarına, gönderi paket boyutlarını OpenVPN kapladıktan sonra sınırlamalarını, OpenVPN\'nin eşine gönderdiği dönen UDP paket boyutunun bu bayt sayısını aşmayacağını bildir (öntanımlı 1450). + TCP yükünün MSS değerini geçersiz kıl + TCP yükünün MSS değerini ayarla İstemci davranışı + İzin verilmiş harici uygulamaları temizle Yükleniyor… Izin verilen VPN uygulamaları: %1$s İzin verilmeyen VPN uygulamaları: %1$s %s adlı paket artık yüklü değil, izin listesinden çıkarılıyor Seçilen uygulamar dışındaki tüm uygulamalar için VPN kullanılır - Sadece seçilen uygulamar için VPN kullanılır + Sadece seçilen uygulamalar için VPN kullanılır Uzak sunucu girişi kaldırılsın mı? Sakla Sil - Yenı uzak sunucu ekle + Yeni uzak sunucu ekle + Bağlanmak için bağlantı girişlerini rastgele bir sırada kullan En az bir uzak sunucu tanımlamalı ve etkinleştirmelisiniz. Sunucu Listesi - İzin verilen uygulamalar + İzin Verilen Uygulamalar Gelişmiş Ayarlar Yük seçenekleri TLS Ayarları + Tanımlanmış uzak makine yok + VPN profilini çoğalt + Çoğaltılan profil: %s Günlüğü göster - VPN\'ler için Proxy davranışı - VPN uygulamaları yeniden yükleme + Android için birçok OpenVPN istemcisi mevcut. En çok kullanılanlar Android için OpenVPN (bu istemci), OpenVPN Connect ve OpenVPN Settings\'tir.<p>Bu istemciler iki gruba ayrılabilir. Android için OpenVPN ve OpenVPN Connect, resmi VPNService API (Android 4.0+) kullanır ve root erişimi gerektirmez. Ancak OpenVPN Settings, root gerektirir.<p>Android için OpenVPN açık kaynaklı bir yazılımdır ve Arne Schwabe tarafından geliştirilmiştir. Daha çok gelişmiş kullanıcılar hedef alınmıştır ve birçok seçenek sunar. Ayrıca uygulama içerisinde profilleri içeri aktarma ve profilleri yapılandırma/değiştirme imkanı sunar. İstemci OpenVPN\'in topluluk sürümü baz alınarak geliştirilmiştir ve OpenVPN 2.x kaynak kodu tabanlıdır. Bu istemci topluluğun yarı resmi istemcisi olarak görülebilir. <p>OpenVPN Connect, OpenVPN Technologies, Inc. tarafından geliştirilmiş kapalı kaynak istemcidir. İstemci genel kullanım istemcisi olup, daha genel kullanıcılara hitap ederek OpenVPN profillerini içe aktarmayı sağlar. Bu istemci OpenVPN protokolünün OpenVPN C++ tekrar geliştirilmiş sürümü tabanlıdır (Bu OpenVPN Technologies, Inc.\'in iOS OpenVPN uygulaması sunabilmesi için gerekliydi). Bu istemci OpenVPN teknolojilerinin resmi istemcisidir <p> OpenVPN Settings ise istemcilerin en eskisi olup, açık kaynak OpenVPN için bir arayüzüdür. Android için OpenVPN\'nin aksine root erişimi gerektirir ve VPNService API\'i kullanmaz. Android 4.0+ gereksinimi yoktur + Android için OpenVPN uygulamaları aralarındaki farklar + Multicast yolu yoksayılıyor: %s + Android, VPN\'e sadece CIDR rotalarını destekler. CIDR olmayan rotalar neredeyse hiç kullanılmadığından, Android için OpenVPN, rotalar için CIDR olmayan bir /32 kullanacak ve bir uyarı gösterecektir. + Paylaşım sadece VPN etkinken çalışır. Paylaşılan bağlantı VPN\'i KULLANMAYACAKTIR. + Önceki KitKat sürümü TCP bağlantılarında MSS değerini yanlış ayarladı (#61948). Bu sorunu geçici olarak çözebilmek için mssfix seçeneğini etkinleştirmeyi deneyin. + Hiçbir DNS sunucusu ayarlanmadığında Android mobil/kablosuz bağlantı için belirtilmiş vekil sunucu ayarlarını kullanmaya devam edecek. Android için OpenVPN, günlüğünde bunu size gösterecek.

VPN bir DNS sunucusu ayarladığında, Android vekil sunucuyu kullanmayacak. Bir VPN bağlantısı için vekil sunucu ayarlamak üzere bir API bulunmamaktadır.

 + VPN uygulamaları kaldırılıp tekrar yüklendiklerinde çalışmayabilirler. Ayrıntılar için bkz. #80074 + Yapılandırılan istemci IP ve ağ maskesindeki IP adresleri VPN\'e yönlendirilmemektedir. OpenVPN bu sorunu istemci IP ve ağ maskesine çözümlenen bir rote ekleyerek çözmektedir + Persist-tun desteği için kullanılmak üzere bir tun aygıtı etkin iken başka bir tun aygını açmak cihazdaki VPN hizmetlerinin çökmesine neden olur. VPN\'in tekrar çalışması için yeniden başlatma gereklidir. Android için OpenVPN, tun aygıtını yeniden açmayı önlemeye çalışır, ancak gerçekten gerekli olduğunda çökmeyi önlemek için yeni TUN aygıtı açmadan önce geçerli TUN aygıtını kapatır. Bu VPN olmayan bağlantılar üzerinde paketlerin gönderildiği kısa bir aralığa sebep olabilir. Bu çözüme rağmen VPN hizmetleri hala çökmekte ve aygıtınızın yeniden başlatılmasını gerektirir. + VPN ikincil kullanıcılar için hiç çalışmamaktadır. + "Birçok kullanıcı mobil bağlantı/mobil veri bağlantısının VPN uygulaması kullanırken koptuğunu bildiriyor. Bu davranış bazı mobil operatörü/cihaz kombinasyonunu etkiliyor gibi görünüyor ve şimdiye kadar bu soruna bir çözüm bulunamadı." + VPN\'siz ulaşılabilen hedefe sadece VPN üzerinde ulaşılabilir. IPv6 VPN\'leri hiç çalışmıyor. + CIDR Olmayan Rotalar + VPN\'ler için Vekil Sunucu davranışı + VPN uygulamalarını yeniden yükleme %s ve önceki %s kopyası + Yapılandırılmış IP adresine yönlendir VPN bağlantısı için yanlış MSS değeri İkincil tablet kullanıcıları - Özel bağlantı seçenekleri belirtin. Dikkatli kullanın + Özel bağlantı seçeneklerini belirtin. Dikkatli kullanın Özel Seçenekler + Bağlantı girdisini kaldır + Mobil ağda rastgele bağlantı kesilmeleri + Uzak ağlara ulaşılamıyor + Kalıcı tun kipi + %s ve daha sonrası + Bağlantı SSL23_GET_SERVER_HELLO:sslv3 uyarı el sıkışma hatası ile başarısız oluyor + Daha yeni Android için OpenVPN sürümleri (0.6.29/Mart 2015) izin verilen şifreleyici takımları için (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\") daha güvenli varsayılanı kullanıyor. Ancak, Perfect Forward Secrecy (Diffie-Hellman) desteklemeyen daha az güvenli şifreleyici ve dışa aktarıcı şifreleyici takımlarını yoksaymak bazı sorunlara yol açmaktadır. Bu, genellikle TSL güvenliğini sunucuda veya bazı gömülü işletim sistemlerinde arttırmak için tls-cipher ayarlayarak düşürülen SSL (örn. MikroTik) girişiminin iyi amaçlanması ancak zayıf uygulanmasından dolayı meydana gelir. \nBu sorunu çözmek için sunucuda, kullanışlı bir varsayılan değer yapın. Örneğin: tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". İstemcide bu sorunun geçici çözümü için, Android istemcide tls-cipher DEFAULT özel seçeneğini ekleyin. + Bu profil harici bir uygulama tarafından eklenmiş (%s) ve kullanıcı tarafından düzenlenemez işaretlenmiş. + Sertifika İptal Listesi + OpenVPN Hizmeti yeniden başlatılıyor (Uygulama, çöktü veya bellek altında sonlandırıldı) + İçe aktarılan yapılandırma hata bildirdi, kaydedilemez + Arama + (Son döküm %1$d:%2$dh eski (%3$s)) + Yeni bağlantıda günlüğü temizle + Bağlantı Zaman Aşımı + İzin verilmeyen uygulama eklendi. Tüm uygulamalara izin vermemek için izin verilen uygulama listesine en az bir uygulama eklemek üzere kendimizi (%s) ekliyoruz + Android için OpenVPN SD kart üzerinde eksik dosyaları bulmayı deneyebilir. İzin talebini başlatmak için bu iletiye dokunun. + Protokol + Etkin + Tercih edilen bu cihazın yerli ABI önceliği (%1$s) ile yerli kütüphanelerden bildirilen ABI (%2$s) uyuşmuyor + %d ay kaldı + %d gün kaldı + %d saat kaldı + VPN izni işletim sistemi tarafından (örn. başlatılan diğer VPN programı) reddedildi, VPN durduruluyor + Eş bilgisini it + Sunucuya ek bilgi gönder, örn. SSL sürümü ve Android sürümü + %1$s gerekli + Lütfen %1$s profili için parola girin + Satır içi veri kullan diff --git a/app/src/main/res/values-uk/strings-icsopenvpn.xml b/app/src/main/res/values-uk/strings-icsopenvpn.xml index 35d20e8b7c9a7ea8fba165dfa173e302ee7ed77a..d97ced06c45b4c29bc905e8564e77f2a4ce0e7e3 100755 --- a/app/src/main/res/values-uk/strings-icsopenvpn.xml +++ b/app/src/main/res/values-uk/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,6 @@ Не вдалося отримати СА сертифікат при читанні із сховища ключів Андроїд. Автентифікація не вдалася. Показати вікно журналу при з\'єднанні. Вікно журналу може бути завжди дрступним у панелі сповіщень. Показати вікно журналу - Працює на %1$s (%2$s) %3$s, Android API %4$d Помилка підпису з використанням ключа із сховища Андроїд %1$s: %2$s Попередження VPN з\'єднання повідомляє вам, що цей додаток може перехоплювати весь мережевий трафік, і повідомляється системою попереджень VPNService API. \nСповіщення про VPN з\'єднання (символ \"Ключа\") також формується системою Android для сигналізації про вихідне VPN з\'єднання. У деяких прошивках це сповіщення супроводжується сигналом. \nAndroid використовує ці cповіщення для вашої власної безпеки і їх не можна обійти. (На жаль, на деяких прошивках також сповіщення супроводжується звуком) Повідомлення про підключення та звук сповіщеня @@ -260,7 +259,6 @@ Алгоритм шифрування Пакети автентифікації Введіть метод автентифікації пакетів - Запущено на %1$s (%2$s) %3$s, Android API %4$d, версії %5$s, %6$s побудована по %s відлагоджувальна збірка Офіційна збірка @@ -374,4 +372,15 @@ Визначені параметри користувача при з\'єднанні. Будьте обережні! Власні налаштовування Видалити запис підключення + Випадкове відключення від мережі мобільного зв\'язку + Віддалені мережі недоступні + Зберігати tun режим + %s і подальше + Підключення не вдається з \"SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure\" + Пошук + (Останній Dump %1$d:%2$dh старий (%3$s)) + Очистити журнал при новому підключенні + Час очікування з\'єднання + Протокол + Ввімкнено diff --git a/app/src/main/res/values-v21/colours.xml b/app/src/main/res/values-v21/colours.xml index 1fedf7b9b5b2bf835b7878c8fc19b1f915f7cb6e..024e47eba0295ab67bd4e2eec3855a940935c34e 100644 --- a/app/src/main/res/values-v21/colours.xml +++ b/app/src/main/res/values-v21/colours.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/values-v21/refs.xml b/app/src/main/res/values-v21/refs.xml index 2a09271d4a125f6fd201983c98ce0843464f96f7..f3f436924e167d759e590964596b0c40709d19a0 100644 --- a/app/src/main/res/values-v21/refs.xml +++ b/app/src/main/res/values-v21/refs.xml @@ -1,14 +1,17 @@ @drawable/ic_close_white_24dp + @drawable/ic_play_arrow_white_24dp + @drawable/ic_pause_white_24dp @drawable/ic_share_white_24dp @drawable/ic_check_white_24dp @drawable/ic_filter_list_white_24dp @drawable/ic_delete_white_24dp @drawable/ic_delete_grey600_24dp + diff --git a/app/src/main/res/values-v21/styles.xml b/app/src/main/res/values-v21/styles.xml index 4379dd6d230e321d1698c57c8a609c3f8e97b395..fa27ebe8084495275e154fc560b79cbff2da8c92 100644 --- a/app/src/main/res/values-v21/styles.xml +++ b/app/src/main/res/values-v21/styles.xml @@ -1,17 +1,29 @@ - + - - + diff --git a/app/src/main/res/values-vi/strings-icsopenvpn.xml b/app/src/main/res/values-vi/strings-icsopenvpn.xml index 42f07ee83f0d7b2ff94e789be5865332fa1c0b8d..625ab34fa80593b53c34663efe157c2548734a4d 100755 --- a/app/src/main/res/values-vi/strings-icsopenvpn.xml +++ b/app/src/main/res/values-vi/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -180,7 +180,7 @@ Không có chứng chỉ CA phản hồi khi đọc khóa lưu trữ Android. Chứng thực có thể sẽ thất bại. Hiển thị cửa sổ đăng nhập khi kết nối. Cửa sổ đăng nhập có thể luôn truy cập từ thanh thông báo trạng thái. Hiển thị cửa sổ đăng nhập - Đang chạy trên %1$s (%2$s) %3$s, Android API %4$d + %10$s%9$s đang chạy trên %3$s%1$s(%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Lỗi đăng ký với khóa lưu trữ Android %1$s: %2$s Các kết nối VPN đang cảnh báo bạn rằng ứng dụng này có thể chặn tất cả lưu lượng được đặt bởi hệ thống để chặn tình trạng lạm dụng VPN API. \nThông báo kết nối VPN (Biểu tượng chìa khóa) cũng được đặt bởi hệ thống Android để báo hiệu một kết nối VPN đang hoạt động. Với một số trường hợp thông báo này sẽ phát một âm thanh. \nAndroid giới thiệu những đoạn hội thoại này vì sự an toàn của bạn và chắn chắn rằng chúng không thể bị xâm nhập phá hoại. (Trên một số trường hợp thật không may không bao gồm âm thanh thông báo) Cảnh báo kết nối và thông báo âm thanh @@ -260,7 +260,6 @@ Mã hóa mật mã Gói xác thực Nhập phương thức xác thực gói - Đang chạy trên %1$s (%2$s) %3$s, Android API %4$d, phiên bản %5$s, %6$s được xây dựng bởi %s bản dựng gỡ lỗi bản dựng chính thức @@ -374,4 +373,26 @@ Xác định kết nối tùy chỉnh cụ thể. Dùng cẩn thận Cấu hình tùy chỉnh Gỡ bỏ mục kết nối + Ngẫu nhiên ngắt kết nối từ mạng di động + Mạng từ xa không khả dụng + Chế độ tun cố định + %s và sau + Kết nối thất bại với lỗi cảnh báo SSL23_GET_SERVER_HELLO:sslv3 + Phiên bản OpenVPN cho Android mới hơn (0.6.29/tháng 3 năm 2015) sử dụng nhiều bảo mật mặc định trên những bộ mã hóa được cho phép (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Thật không may, việc bỏ qua những mã hóa kém an toàn và xuất các mã hóa, đặc biệt là các thiếu sót của bộ mã hóa không hỗ trợ Perfect Forward Secrecy (Diffie-Hellman) nên gây ra một vài vấn đề. Điều này là ý định tốt nhưng nó thực hiện tăng cường bảo mật TLS kém hơn bằng cách thiết lập mật mã-tls trên máy chủ hoặc một số hệ điều hành với SSL hạ thấp (ví dụ MikroTik).\n Để khắc phục lỗi này, đặt cài đặt mật mã-tls mặc định trên máy chủ một cách hợp lý như mật mã-tls \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Để làm việc xung quanh vấn đề trên máy trạm, hãy thêm tùy chọn tùy chỉnh mật mã-tls MẶC ĐỊNH trên máy trạm Android. + Hồ sơ này đã được thêm từ ứng dụng bên ngoài %s và đã được đánh dấu là người dùng không thể chỉnh sửa. + Danh sách thu hồi chứng nhận + Đang khởi động lại dịch vụ OpenVPN (Ứng dụng gặp lỗi hoặc bị dừng do tràn bộ nhớ) + Nhập cấu hình mạng bị lỗi, không thể lưu lại + Tìm kiếm + (Kết xuất cuối là %1$d:%2$d cũ (%3$s)) + Xóa nhật ký trên kết nối mới + Thời gian tạm ngưng kết nối + Không có ứng dụng nào được phép thêm. Đang thêm (%s) có tối thiểu một ứng dụng trong danh sách những ứng dụng đã cho phép chứ không cho phép tất cả ứng dụng + OpenVPN cho Android có thể tìm những tập tin bị mất trên thẻ nhớ một cách tự động. Nhấn vào tin nhắn này để bắt đầu yêu cầu quyền. + Giao thức + Bật + Ưu tiên ABI gốc của thiết bị này (%1$s) và ABI được báo cáo bởi thư viện gốc (%2$s) bất đối xứng + %d tháng còn lại + %d ngày còn lại + %d giờ còn lại diff --git a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml index 01fa64a2e72a79fcc174301ae12f49456c37ad19..2a3aac46de96d5f87bc167a0b5d846da5d8bdd54 100755 --- a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml +++ b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -181,7 +181,6 @@ 在 Android 密钥库中未找到任何 CA 证书。可能验证失败。 连接时显示日志窗口。日志窗口可始终从通知栏访问。 显示日志窗口 - 运行 %1$s ( %2$s ) %3$s ,Android API %4$d 与 Android 密钥库 %1$s 签名时出错: %2$s VPN 连接警告会告诉你有程序正要拦截所有的网络流量,这是为了确保 VPN 服务的 API 不被恶意应用滥用。\nVPN 连接通知(通知栏上的钥匙图标)是 Android 系统内建的,如果当前有 VPN 连接,Android 系统就会自动显示这个通知图标。一些系统上还会在 VPN 连接建立的时候发出提示音。Android 这么做的原因是为了保护你不受恶意应用的欺骗。 连接警告和通知声音 @@ -262,7 +261,6 @@ 加密算法(cipher) 数据包验证 数据包验证方式 - 当前运行环境 %1$s (%2$s) %3$s,Android API %4$d,版本 %5$s,%6$s 由 %s 构建 调试版本 正式版本 @@ -359,8 +357,18 @@ 安卓只支持CIDR路由。由于非CIDR路由几乎不用,OpenVPN for Android将使用/32路由并对非CIDR路由发出警告。 在连接VPN时手机热点依然工作,但连接不会通过VPN。 早期的KitKat版本在TCP连接上设置了错误的MSS值 (#61948)。OpenVPN将自动启动mssfix选项来解决这个Bug。 + 在DNS服务没有设置的情况下,安卓会继续使用手机wifi的代理设置。 安卓OpenVPN会在日志文件中留下警告信息。在VPN设置DNS服务时,安卓不是代理;安卓系统里没有为vpn连接设置代理的程序接口。 + 在被卸载或重新安装时,VPN程序会停止工作;详细信息请参看 #80074 非CIDR路由 正在重新安装VPN应用 自定义选项 删除连接条目 + 保持 tun 通道模式 + 证书吊销列表 + 搜索 + 建立新连接时清空日志 + 连接超时 + OpenVPN for Android 可以尝试自动在 SD 卡上寻找缺失的文件。点击此消息开始请求权限许可。 + 协议 + 启用 diff --git a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml index b0056965e5308f40d6b9edd666b30cdb5e8c5e2d..c9dfeee58b7fd507787f823fc1edfc70e8882816 100755 --- a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml +++ b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml @@ -1,7 +1,7 @@ @@ -16,37 +16,39 @@ LZO壓縮 沒有證書 客戶端證書 - 客戶端證書密碼 + 客戶端證書密鑰 PKCS12 檔案 CA證書 - 您必須選擇一個憑證 - 取得原始碼與個案追蹤,可上 http://code.google.com/p/ics-openvpn/ - 本程序使用了以下元件,其作者和授權資訊如下 - 關於 - 設定檔 + 您必須選擇一個證書 + 源代碼和問題跟踪器可在https://github.com/schwabe/ics-openvpn/ + 該方案採用了以下組件; 看到源代碼的許可證的全部細節 + 左右 + 簡介 類型 - PKCS12 密碼 - 選擇… - 你必須選擇一個檔案 - 使用傳輸層防火牆(TLS-Auth) + PKCS12密碼 + 選擇... + 你必須選擇一個文件 + 使用TLS認證 TLS方向 - 以CIDR格式輸入IPv6地址/遮罩(例如 2000:dd::23/64) - 以CIDR格式輸入IPv4地址/遮罩(例如 1.2.3.4/24) + 進入IPv6地址/子網掩碼CIDR格式(例如2000:DD ::六十四分之二十三) + 輸入IPv4地址/子網掩碼CIDR格式(例如:1.2.3.4/24) IPv4地址 - IPv6地址 - 使用自訂的OpenVPN選項,請加倍緊慎。請注意因Android API限制,很多與Tun相關的OpenVPN設定皆無法正常使用。如果你認為我們遺忘了重要的OpenVPN選項,請向作者反映。 - 用戶名稱 + IPv6的地址 + 輸入自定義的OpenVPN選項。請謹慎使用。另外請注意,許多囤地的相關OpenVPN的設置不能被VPNSettings的設計支持。如果您認為一個重要的選擇缺少聯繫作者 + 用戶名 密碼 - 設定VPN - 新增設定檔 - 輸入新的設定檔名稱 - 重複的設定檔名稱 - 設定檔名稱 - 你必須選取一個使用者證書 + 為靜態配置所述TLS驗證密鑰將被用來作為靜態密鑰 + 配置VPN + 添加簡介 + 輸入一個名稱標識新的配置文件 + 請輸入一個唯一的配置文件名稱 + 配置文件名稱 + 您必須選擇一個用戶證書 未有找到錯誤 - 設定中含有錯誤 - 解析IPv4地址時發生錯誤 - 解析自訂路由時發生錯誤 + 在配置錯誤 + 錯誤解析IPv4地址 + 錯誤解析自定義路線 + (留空按需查詢) OpenVPN捷徑 連線到VPN 在快捷方式找不到指定的設定檔 @@ -54,86 +56,116 @@ 在主機名稱前加入6個隨機字符 啟用自訂選項 自訂選項,使用時請小心! - 路由被Android拒絕 - 中斷連線 - 中斷VPN連線 - 清除記錄檔 - 確認取消 - 中斷已連接的VPN/取消正在嘗試的連線? - 移除VPN + 路由拒絕的Andr​​oid + 斷開連接 + 斷開VPN + 清除日誌 + 取消確認 + 斷開連接的VPN /取消連接嘗試? + 刪除VPN + 檢查服務器是否使用TLS的服務器擴展(--remote-CERT-TLS服務器)的證書 預計TLS服務器證書 - 檢查遠程服務器證書的主題DN - 證書的主機名檢查 - 啟用傳輸層防火牆(TLS-Auth) - TLS驗證檔 - 向伺服器請求IP地址, 路由和時間資訊 - 接受設定推送(Pull) + 檢查遠程服務器證書主題DN + 證書主機名檢查 + 指定用於驗證遠程證書的DN(例如C = DE,L =帕德博恩,OU =禽流IP運營商,CN = openvpn.blinkt.de)\ñ\ n指定完整的DN或RDN檢查(openvpn.blinkt.de在這個例子中)或RDN前綴進行驗證。\ N使用RDN前綴“服務器”\ n當匹配“服務器1”和“服務器2”\ñ\ nLeaving文本字段為空將檢查RDN對服務器的主機名。 \ñ\ n有關詳細信息請參見下-verify-X509-名的OpenVPN 2.3.1+手冊頁 + 遠程證書主題 + 啟用TLS密鑰認證 + TLS驗證文件 + 請求,則來自服務器的地址,路線和時機選擇。 + 沒有信息從服務器請求。設置需要規定如下。 + 拉設置 DNS - 忽略伺服器提供的DNS設定 - 使用自訂的DNS伺服器 - 搜索網域 - 要使用的DNS伺服器。 - DNS伺服器 - 當主要DNS伺服器無法使用,就會嘗試備用DNS伺服器 - 後備VPN伺服器 - 忽略伺服器推送的路由 - 忽略從伺服器推送的路由。 - 重定向所有流量到VPN - 使用VPN作為預設閘道 - 以CIDR格式輸入目的地路由,例如\"10.0.0.0/8 2002::/16\",以上兩個路由將導向到VPN。 - 自訂路由 - 記錄的詳細級別 - 只要能夠經過驗證,接受從任何IP地址而來的伺服器訊息 - 容許浮動的伺服器 - 自訂選項 - 編輯VPN設定 - 要移除VPN設定檔 %s 嗎? - 一些自訂的Android4.0 ROM存在/dev/tun的擁有者權限問題,甚至完全沒有Tun模組。CM9用家請嘗試於\"全域設置\"下修正Tun擁有者。 - 無法開啟Tun網絡介面 - "錯誤: " + 覆蓋的DNS設置服務器 + 使用您自己的DNS服務器 + sea​​rchDomain + 要使用的DNS服務器。 + DNS服務器 + 備用DNS服務器使用,如果正常的DNS服務器無法到達。 + 備份DNS服務器 + 忽略推路線 + 忽略路由推服務器。 + 重定向所有通過VPN + 使用默認路由 + 輸入自定義的路線。只有在CIDR格式輸入目的地。 “10.0.0.0/8 2002:: / 16”就直接網絡10.0.0.0/8和2002:: / 16通過VPN。 + 路線不應該被路由通過VPN。使用相同的語法包括路線。 + 自定義路線 + 排除網絡 + 日誌級別 + 允許來自任何IP驗證的數據包 + 允許浮動服務器 + 自定義選項 + 編輯VPN設置 + 刪除VPN配置文件“%s”? + 在一些定制IC圖片在/ dev / TUN的權限可能是錯誤的,或者囤模塊可能會完全丟失。對於CM9圖像嘗試在常規設置的固定所有權選項 + 無法打開囤接口 + “錯誤:” 清除 - 本地IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d + 打開TUN接口: + 本地IPv4:%1$s / %2$d的IPv6:%3$s MTU:%4$d + DNS服務器:%1$s,域名:%2$s + 路線:%1$s %2$s + 路線排除:%1$s %2$s + 安裝VpnService路線:%1$s %2$s + GOT的接口信息%1$s和%2$s,假設第二個地址是遠程的對等地址。使用/ 32掩碼本地IP。通過OpenVPN的給定方式是“%3$s”。 + 不能使%1$s和%2$s如IP路由CIDR子網掩碼感,使用/ 32子網掩碼。 + 修正路線%1$s / %2$s到%3$s / %2$s + 無法訪問Android鑰匙扣證書。這可以通過固件升級或通過恢復的應用程序/應用程序設置的備份引起。請編輯VPN和重新選擇下基本設置證書重新訪問證書的權限。 %1$s %2$s - 分享記錄檔 - 分享 - ICS OpenVPN 記錄檔 - 已將記錄複製到剪貼簿 - Tap模式 - Android內置的VPN API並不支援Tap介面,故此本程序並不支援Tap模式。 + 發送日誌文件 + + ICS OpenVPN的日誌文件 + 複製日誌條目夾板 + 點擊模式 + 點擊模式是不可能的非根VPN API。因此,該應用程序不能提供自來水的支持 + 了嗎?你在開玩笑吧?不,攻牙模式真的不支持和發送更多的郵件,詢問是否將支持也無濟於事。 FAQ 複製記錄檔條目 + 要複製單個日誌條目按住上的日誌條目。若要複製/發送全部日誌請使用發送日誌選項。使用硬件菜單按鈕時,如果按鈕沒有在GUI可見。 以快捷方式啟動 + 您可以將快捷方式啟動 OpenVPN 在您的桌面上。根據您的主畫面程式必須添加一個快捷方式或小部件。 你的Android ROM不支援VPN服務API,抱歉了。 :( 加密 輸入加密方法 + 輸入由OpenVPN的加密密碼算法。留空使用默認密碼。 + 輸入驗證摘要多用於OpenVPN的。留空使用默認的摘要。 驗證/加密 檔案瀏覽器 內嵌檔案 匯入過程中發生錯誤 無法從檔案系統中匯入檔案 <內嵌於設定檔> + 拒絕沒有IP信息打開tun設備 匯入.ovpn檔案 匯入 匯入過程中無法讀取設定檔 讀取設定檔時發生錯誤 新增設定檔 + 找不到在導入配置文件中提到的文件%1$s + 從源頭%1$s導入配置文件 + 你的配置有沒有被映射到用戶界面配置一些配置選項。這些選項被添加為自定義配置選項。將顯示自定義配置如下: 成功讀取設定檔 不要綁定本地地址和端口 沒有本地綁定 匯入設定檔 保安上的考慮 + “由於OpenVPN是安全敏感的有關安全性的幾個音符都是明智的。在​​SD卡的所有數據本質上是不安全的。每一個應用程序可以讀取它(比如這個方案並不需要特別的SD卡的權限)。此應用程序的數據只能讀由應用程序本身。通過使用CACERT /證書/密鑰的文件對話框中的數據導入選項存儲在VPN配置文件的VPN配置文件只能由該應用程序進行訪問。(不要忘了刪除在SD副本卡後)。即使只能由該應用程序中的數據仍然是未加密的,通過生根電話或其他攻擊有可能檢索數據。保存的密碼是明文存儲以及對於PKCS12文件,強烈建議你將它們導入到android的密鑰庫。“ 匯入 + 錯誤顯示證書選擇 + 有一個例外,試圖展示了Android 4.0+證書選擇對話框。這不應該發生,因為這款Android 4.0+的標準功能。也許對於證書存儲你的Andr​​oid ROM支持被打破 IPv4 IPv6 等待狀態訊息… 匯入設定檔 匯入設定檔%d + 破碎的形象 + <p>Official HTC圖像,已知有一種奇怪的路由問題造成交通不流過隧道(也<a href=\"https://github.com/schwabe/ics-openvpn/issues/18\">Issue 18</a>看到bug跟踪系統。)的的Xperia弧S和的Xperia雷</p><p>Older官方SONY圖像已被報導完全缺少VPNService從圖像。 (也<a href=\"https://github.com/schwabe/ics-openvpn/issues/29\">Issue 29</a>看到bug跟踪系統。)</p><p>On自定義生成的TUN模塊可能會丟失照片或為/ dev / TUN的權利可能是錯誤的。一些CM9圖像需要在“設備特定的黑客”enabled.</p><p>Most重要的是“修復所有權”選項:如果您的設備有一個破碎的機器人形象,報告給你的供應商。越多的人誰給供應商報告問題時,他們越有可能解決it.</p> PKCS12檔加密金鑰 私密金鑰密碼 密碼 檔案圖標 傳輸層防火牆(TLS Firewall) 生成的設定檔 + 設置 嘗試修正/dev/tun擁有者權限。已知有些CM9 ROM需要透過這個來才能使得VPN服務API得以運作。本功能需要Root。 修正 /dev/tun 的擁有者 顯示本程序生成的設定檔 @@ -142,10 +174,14 @@ 若切換此選項當網絡狀況變更時將強制重新連線(例如從WiFi變成手機網絡,反之亦然) 網絡異動時重新連線 網絡狀態: %s + 該CA證書通常是從Android密鑰庫返回。指定一個單獨的證書,如果你拿到證書驗證錯誤。 選擇 + 沒有CA證書返回,而從Android的密鑰庫讀取。身份驗證可能會失敗。 連接時顯示記錄檔視窗。記錄檔視窗可以隨時從通知欄中進入。 顯示記錄視窗 - 於 %1$s (%2$s) %3$s 上運行, Android API 版本: %4$d + %10$s %9$s上%3$s %1$s(%2$s),運行Android %6$s(%7$s)API %4$d,ABI %5$s,(%8$s) + 錯誤簽名與Android密鑰庫密鑰%1$s:%2$s + VPN連接警告信息,告訴你,這個程序可以攔截所有流量是由系統施加的防止濫用VPNService的API。\ n此VPN連接的通知(關鍵標誌)也徵收Android系統的信號持續VPN連接。在某些圖像此通知播放聲音。\ nAndroid介紹這些系統對話框為自己的安全,並確保他們無法規避。 (在某些圖片這個不幸的是包括通知聲音) 連線警告和通知時發出音效 繁體中文 IP和DNS @@ -154,9 +190,14 @@ 鮮為人知的OpenVPN設定,一般情況下不需要派上用場。 進階 ICS Openvpn 設定 + 不使用任何DNS服務器。名稱解析可能無法正常工作。考慮設置自定義DNS服務器。另請注意,Android將繼續使用您的手機/ Wi-Fi連接指定的代理服務器設置時沒有DNS服務器設置。 + 無法添加DNS服務器“%1$s”,系統拒絕:%2$s + 無法配置IP地址“%1$s”,系統拒絕:%2$s + <p>Get工作的配置(從供應商/機構檢測您的電腦或下載)</p><p>If它沒有多餘的PEM / pks12文件,你可以自己通過電子郵件發送文件和打開附件的單個文件。如果您有多個文件,把它們放在你的SD card.</p><p>Click上的電子郵件附件/使用的文件夾圖標,在VPN列表導入配置file</p><p>If大約有丟失的文件將丟失的文件在你的SD card.</p><p>Click上保存錯誤標誌將導入的VPN添加到您的VPN list</p><p>Connect的VPN通過點擊VPN</p><p>If的名字有錯誤或警告日誌試著去了解警告/錯誤,並嘗試修復them</p> 快速入門 在連線前嘗試載入Tun模組,需要Root。 載入Tun模組 + 導入PKCS12從配置到Android的密鑰庫 取得代理伺服器資訊時發生錯誤: %s 使用代理伺服器 %1$s %2$d 使用系統代理 @@ -170,7 +211,14 @@ 設定已變更 無法判斷最後一次連線使用的設定檔,因此無法編輯設定檔。 重複的通知 + 如果Android是在系統內存中的一些並不需要的時刻(RAM)的壓力,應用程序和服務,從積極的內存中刪除。這將終止正在進行的VPN連接。為了確保連接/ OpenVPN的生存服務的運行具有更高的優先級。於具有較高優先級運行的應用程序必須顯示通知。關鍵的通知圖標是由系統中的前一個FAQ條目中描述的罰款。它並不能算作應用程序通知具有較高優先級運行的目的。 + 沒有VPN配置文件定義。 + 使用<img src=\"ic_menu_add\"/>圖標添加新的VPN + 使用<img src=\"ic_menu_archive\"/>圖標,導入從您的SD卡現有的(.ovpn或.conf文件)配置文件。 + 此外,請務必檢查出的常見問​​題解答。有一個快速入門指南。 路由/網絡介面 設定 + 路由和接口配置不經由傳統的ifconfig /路由命令,但通過使用VPNService API來完成。這將導致比其他操作系統不同的路由配置。 \ n此VPN隧道的配置包括IP地址和應該被路由通過該接口的網絡。特別是,沒有同行夥伴地址或網關地址是必要的或需要。特殊的路由到達VPN服務器不需要任一(例如,當使用重定向網關加)。導入配置時,應用程序將因此而忽略這些設置。該應用程序可確保與連接到服務器沒有通過VPN隧道路由到的VPNService API。\ n此VPNService API不允許指定網絡不應該通過VPN路由。作為一種變通方法的應用程序會自動檢測網絡,不應該被路由到隧道(如航線XXXX YYYY net_gateway),並計算一組路由排除此路線效仿其他平台的行為。日誌窗口顯示VPNService的在建立一個連接的配置\ nBehind場景:安卓4.4+確實使用策略路由。利用路由/ ifconfig命令將不顯示已安裝的路線。相反,使用IP規則,iptables的-t軋-L + 不要退回到沒有VPN連接時,OpenVPN是重新連接。 OpenVPN 運作記錄 匯入 OpenVPN 配置 電池消耗 @@ -189,4 +237,61 @@ 未連線 正在連接至 VPN %s 正在連接至 VPN %s + 設備的特性黑客 + 無法顯示證書信息 + 應用行為 + VPN行為 + 允許更改VPN配置文件 + 硬件密鑰庫: + 應用程序嘗試使用OpenVPN的為Android的圖標 + “與Android 4.3啟動VPN確認是防範”覆蓋應用程序“,這將導致該對話框沒有反應,觸摸輸入。如果你有一個使用覆蓋一個應用程序可能會導致此行為。如果發現違規應用程序聯繫作者該應用程序的。這個問題影響到在Android 4.3及更高版本的所有VPN應用。另見<a href=\"https://github.com/schwabe/ics-openvpn/issues/185\">Issue 185<a>了解更多詳細信息“ + Vpn確認對話框 + 或者你可以給我的Play商店捐贈: + 感謝捐贈%s! + 日誌清除。 + 顯示密碼 + 鑰匙串訪問錯誤:%s + + ISO + 時間戳 + + 上傳 + 下載 + Vpn狀態 + 查看選項 + 未處理的異常:%1$s \ñ\ n%2$s + %3$s:%1$s \ñ\ n%2$s + 如果你已經植根Android設備可以安裝<a href=\"http://xposed.info/\">Xposed framework</a>和的<a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN對話框確認module</a>需要您自擔風險“ + 證照齊全 + 直接連接到本地接口的網絡將不被路由通過VPN。取消選擇此選項將縮進重定向本地網絡的VPN的所有流量。 + 旁路VPN本地網絡 + 用戶名/密碼文件 + [進口:%s] + 一些文件無法找到。請選擇要導入的文件的配置文件: + 要使用這個程序,你需要一個VPN供應商/ VPN支持OpenVPN的網關(通常由雇主提供)。查看http://community.openvpn.net/關於OpenVPN的更多信息,以及如何設置自己的OpenVPN服務器。 + 導入日誌: + VPN拓撲“%3$s”規定,但使用ifconfig %1$s %2$s看起來更像是一個網絡掩碼的IP地址。假設“子網”的拓撲結構。 + MSS的覆蓋值必須在0到9000的整數 + 宣布運行在他們應當限制其發送的包大小,使得後的OpenVPN已包封它們,將所得的UDP包大小的OpenVPN給對端發送將不超過此字節數的隧道的TCP會話。 (默認為1450) + 重寫 TCP 負載的 MSS 的值 + 設置的 TCP MSS 負載 + 客戶端行為 + 清除允許外部應用程序 + 載入中... + 允許上傳的VPN應用程序:%1$s + 不允許VPN應用程序:%1$s + 包%s不再安裝,從應用程序刪除它允許/禁止列表 + VPN適用於所有的應用程序,但不包括所選 + 的VPN僅用於對選定的應用程序 + 刪除遠程服務器條目? + + + 添加新的遠程 + 添加新的遠程 + 協定 + 啟用 + 該設備的優先考慮的母語ABI優先級(%1$s)和ABI報告本地庫(%2$s)不匹配 + 離開%d個月 + 離開%d天 + %d小時離開 diff --git a/app/src/main/res/values/colours.xml b/app/src/main/res/values/colours.xml index f27167f3a3432be27b8dab8d305cdd22b4bc65b6..d06bc233b8f47ae17730d67d82a3311d1c287e21 100644 --- a/app/src/main/res/values/colours.xml +++ b/app/src/main/res/values/colours.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/values/dimens.xml b/app/src/main/res/values/dimens.xml index 727f5a78ba80e74b2482eadd360aa92b5cb75964..f8fafecd7b27960b8da3cb212506998756849547 100644 --- a/app/src/main/res/values/dimens.xml +++ b/app/src/main/res/values/dimens.xml @@ -1,6 +1,6 @@ diff --git a/app/src/main/res/values/refs.xml b/app/src/main/res/values/refs.xml index 6abfb609f4ce1700f419cf97d449386441ac6179..4d3c257a451fdc421f1922280f882a32f449f8e5 100644 --- a/app/src/main/res/values/refs.xml +++ b/app/src/main/res/values/refs.xml @@ -1,11 +1,13 @@ @android:drawable/ic_menu_close_clear_cancel + @android:drawable/ic_media_play + @android:drawable/ic_media_pause @android:drawable/ic_menu_share @android:drawable/ic_menu_save @android:drawable/ic_menu_view diff --git a/app/src/main/res/values/strings-icsopenvpn.xml b/app/src/main/res/values/strings-icsopenvpn.xml index dec656fce28293cae21cce9690b96397b98978c4..3956604e1e91cb3654809ee3e4de829b94d8de88 100755 --- a/app/src/main/res/values/strings-icsopenvpn.xml +++ b/app/src/main/res/values/strings-icsopenvpn.xml @@ -1,5 +1,5 @@ @@ -18,7 +18,7 @@ PKCS12 File CA Certificate You must select a certificate - Source code and issue tracker available at https://github.com/schwabe/ics-openvpn + Source code and issue tracker available at https://github.com/schwabe/ics-openvpn/ This program uses the following components; see the source code for full details on the licenses About Profiles @@ -136,7 +136,7 @@ Refusing to open tun device without IP information Import Profile from ovpn file Import - Could not read Profile to import + Could not read profile to import Error reading config file add Profile Could not find file %1$s mentioned in the imported config file @@ -157,7 +157,7 @@ imported profile imported profile %d Broken Images - <p>Official HTC images are known to have a strange routing problem causing traffic not to flow through the tunnel (See also <a href="http://code.google.com/p/ics-openvpn/issues/detail?id=18">Issue 18</a> in the bug tracker.)</p><p>Older official SONY images from Xperia Arc S and Xperia Ray have been reported to be missing the VPNService completely from the image. (See also <a href="http://code.google.com/p/ics-openvpn/issues/detail?id=29">Issue 29</a> in the bug tracker.)</p><p>On custom build images the tun module might be missing or the rights of /dev/tun might be wrong. Some CM9 images need the "Fix ownership" option under "Device specific hacks" enabled.</p><p>Most importantly: If your device has a broken Android image, report it to your vendor. The more people who report an issue to the vendor, the more likely they are to fix it.</p> + <p>Official HTC images are known to have a strange routing problem causing traffic not to flow through the tunnel (See also <a href="https://github.com/schwabe/ics-openvpn/issues/18">Issue 18</a> in the bug tracker.)</p><p>Older official SONY images from Xperia Arc S and Xperia Ray have been reported to be missing the VPNService completely from the image. (See also <a href="https://github.com/schwabe/ics-openvpn/issues/29">Issue 29</a> in the bug tracker.)</p><p>On custom build images the tun module might be missing or the rights of /dev/tun might be wrong. Some CM9 images need the "Fix ownership" option under "Device specific hacks" enabled.</p><p>Most importantly: If your device has a broken Android image, report it to your vendor. The more people who report an issue to the vendor, the more likely they are to fix it.</p> PKCS12 File Encryption Key Private Key Password Password @@ -178,7 +178,7 @@ No CA Certificate returned while reading from Android keystore. Authentication will probably fail. Shows the log window on connect. The log window can always be accessed from the notification status. Show log window - Running on %1$s (%2$s) %3$s, Android API %4$d + %10$s %9$s running on %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) Error signing with Android keystore key %1$s: %2$s The VPN connection warning telling you that this app can intercept all traffic is imposed by the system to prevent abuse of the VPNService API.\nThe VPN connection notification (The key symbol) is also imposed by the Android system to signal an ongoing VPN connection. On some images this notification plays a sound.\nAndroid introduced these system dialogs for your own safety and made sure that they cannot be circumvented. (On some images this unfortunately includes a notification sound) Connection warning and notification sound @@ -192,7 +192,7 @@ No DNS servers being used. Name resolution may not work. Consider setting custom DNS Servers. Please also note that Android will keep using your proxy settings specified for your mobile/Wi-Fi connection when no DNS servers are set. Could not add DNS Server \"%1$s\", rejected by the system: %2$s Could not configure IP Address \"%1$s\", rejected by the system: %2$s - <p>Get a working config (tested on your computer or download from your provider/organisation)</p><p>If it is a single file with no extra pem/pks12 files you can email the file yourself and open the attachment. If you have multiple files put them on your sd card.</p><p>Click on the email attachment/Use the folder icon in the vpn list to import the config file</p><p>If there are errors about missing files put the missing files on your sd card.</p><p>Click on the save symbol to add the imported VPN to your VPN list</p><p>Connect the VPN by clicking on the name of the VPN</p><p>If there are error or warnings in the log try to understand the warnings/error and try to fix them</p> + <p>Get a working config (tested on your computer or download from your provider/organisation)</p><p>If it is a single file with no extra pem/pkcs12 files you can email the file yourself and open the attachment. If you have multiple files put them on your sd card.</p><p>Click on the email attachment/Use the folder icon in the vpn list to import the config file</p><p>If there are errors about missing files put the missing files on your sd card.</p><p>Click on the save symbol to add the imported VPN to your VPN list</p><p>Connect the VPN by clicking on the name of the VPN</p><p>If there are error or warnings in the log try to understand the warnings/error and try to fix them</p> Quick Start Try to load the tun.ko kernel module before trying to connect. Needs rooted devices. Load tun module @@ -223,7 +223,7 @@ Import OpenVPN configuration Battery consumption In my personal tests the main reason for high battery consumption of OpenVPN are the keepalive packets. Most OpenVPN servers have a configuration directive like \'keepalive 10 60\' which causes the client and server to exchange keepalive packets every ten seconds. <p> While these packets are small and do not use much traffic, they keep the mobile radio network busy and increase the energy consumption. (See also <a href="http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine">The Radio State Machine | Android Developers</a>) <p> This keepalive setting cannot be changed on the client. Only the system administrator of the OpenVPN can change the setting. <p> Unfortunately using a keepalive larger than 60 seconds with UDP can cause some NAT gateways to drop the connection due to an inactivity timeout. Using TCP with a long keep alive timeout works, but tunneling TCP over TCP performs extremely poorly on connections with high packet loss. (See <a href="http://sites.inka.de/bigred/devel/tcp-tcp.html">Why TCP Over TCP Is A Bad Idea</a>) - The Android Tethering feature (over WiFi, USB or Bluetooth) and the VPNService API (used by this program) do not work together. For more details see the <a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\">issue #34</a> + The Android Tethering feature (over WiFi, USB or Bluetooth) and the VPNService API (used by this program) do not work together. For more details see the <a href=\"https://github.com/schwabe/ics-openvpn/issues/34\">issue #34</a> VPN and Tethering Connection retries Reconnection settings @@ -258,7 +258,6 @@ Encryption cipher Packet authentication Enter packet authentication method - Running on %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s built by %s debug build official build @@ -313,7 +312,7 @@ %3$s: %1$s\n\n%2$s If you have rooted your Android device you can install the <a href=\"http://xposed.info/\">Xposed framework</a> and a the <a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\">VPN Dialog confirm module</a> at your own risk" Full licenses - Networks directly connected to the local interfaces will not be routed over the VPN. Deselecting this option will redirect all traffic indented for local networks to the VPN. + Networks directly connected to the local interfaces will not be routed over the VPN. Deselecting this option will redirect all traffic intented for local networks to the VPN. Bypass VPN for local networks Username/Password file [Imported from: %s] @@ -348,13 +347,13 @@ Duplicate VPN profile Duplicating profile: %s Show log - Multiple OpenVPN clients for Android exist. The most common ones are OpenVPN for Android (this client), OpenVPN Connect and OpenVPN Settings.<p>The clients can be grouped into two groups: OpenVPN for Android and OpenVPN Connect use the official VPNService API (Android 4.0+) and require no root and OpenVPN Settings which uses root.<p>OpenVPN for Android is an open source client and developed by Arne Schwabe. It is targeted at more advanced users and offers many settings and the ability to import profiles from files and to configure/change profiles inside the app. The client is based on the community version of OpenVPN. It is based on the OpenVPN 2.x source code. This client can be seen as the semi officially client of the community. <p>OpenVPN Connect is non open source client that is developed by OpenVPN Technologies, Inc. The client is indented to be general use client and moree targeted at the average user and allows the import of OpenVPN profiles. This client is based on the OpenVPN C++ reimplementation of the OpenVPN protocol (This was required to allow OpenVPN Technologies, Inc to publish an iOS OpenVPN app). This client is the official client of the OpenVPN technologies <p> OpenVPN Settings is the oldest of the clients and also a UI for the open source OpenVPN. In contrast to OpenVPN for Android it requires root and does not use the VPNService API. It does not depend on Android 4.0+ + Multiple OpenVPN clients for Android exist. The most common ones are OpenVPN for Android (this client), OpenVPN Connect and OpenVPN Settings.<p>The clients can be grouped into two groups: OpenVPN for Android and OpenVPN Connect use the official VPNService API (Android 4.0+) and require no root and OpenVPN Settings which uses root.<p>OpenVPN for Android is an open source client and developed by Arne Schwabe. It is targeted at more advanced users and offers many settings and the ability to import profiles from files and to configure/change profiles inside the app. The client is based on the community version of OpenVPN. It is based on the OpenVPN 2.x source code. This client can be seen as the semi officially client of the community. <p>OpenVPN Connect is non open source client that is developed by OpenVPN Technologies, Inc. The client is indented to be general use client and more targeted at the average user and allows the import of OpenVPN profiles. This client is based on the OpenVPN C++ reimplementation of the OpenVPN protocol (This was required to allow OpenVPN Technologies, Inc to publish an iOS OpenVPN app). This client is the official client of the OpenVPN technologies <p> OpenVPN Settings is the oldest of the clients and also a UI for the open source OpenVPN. In contrast to OpenVPN for Android it requires root and does not use the VPNService API. It does not depend on Android 4.0+ Differences between the OpenVPN Android clients Ignoring multicast route: %s Android supports only CIDR routes to the VPN. Since non-CIDR routes are almost never used, OpenVPN for Android will use a /32 for routes that are not CIDR and issue a warning. Tethering works while the VPN is active. The tethered connection will NOT use the VPN. Early KitKat version set the wrong MSS value on TCP connections (#61948). Try to enable the mssfix option to workaround this bug. - Android will keep using your proxy settings specified for the mobile/Wi-Fi connection when no DNS servers are set. OpenVPN for Android will warn you about this in the log.

When a VPN sets a DNS server Android will not a proxy. There is no API to set a proxy for a VPN connection.

 + Android will keep using your proxy settings specified for the mobile/Wi-Fi connection when no DNS servers are set. OpenVPN for Android will warn you about this in the log.

When a VPN sets a DNS server Android will not use a proxy. There is no API to set a proxy for a VPN connection.

 VPN apps may stop working when uninstalled and reinstalled again. For details see #80074 The configured client IP and the IPs in its network mask are not routed to the VPN. OpenVPN works around this bug by explicitly adding a route that corrosponds to the client IP and its netmask Opening a tun device while another tun device is active, which is used for persist-tun support, crashes the VPNServices on the device. A reboot is required to make VPN work again. OpenVPN for Android tries to avoid reopening the tun device and if really needed first closes the current TUN before opening the new TUN device to avoid to crash. This may lead to a short window where packets are sent over the non-VPN connection. Even with this workaround the VPNServices sometimes crashes and requires a reboot of the device. @@ -377,10 +376,33 @@ Persist tun mode %s and later Connections fails with SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure - Newer OpenVPN for Android versions (0.6.29/March 2015) use a more secure default for the allowed cipher suites (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Unfortunately, omitting the less secure cipher suites and export cipher suites, especially the omission of cipher suites that do not support Perfect Forward Secrecy (Diffie-Hellman) causes some problems. This usually caused by an well-intentioned but poorly executed attempts to strengthen TLS security by setting tls-cipher on the server or some embedded OSes with stripped down SSL (e.g. MikroTik).\nTo solve this problem the problem, set the tls-cipher settings on the server to reasonable default like tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". To work around the problem on the client add the custom option tls-cipher DEFAULT on the Android client. + Newer OpenVPN for Android versions (0.6.29/March 2015) use a more secure default for the allowed cipher suites (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Unfortunately, omitting the less secure cipher suites and export cipher suites, especially the omission of cipher suites that do not support Perfect Forward Secrecy (Diffie-Hellman) causes some problems. This usually caused by an well-intentioned but poorly executed attempt to strengthen TLS security by setting tls-cipher on the server or some embedded OSes with stripped down SSL (e.g. MikroTik).\nTo solve this problem the problem, set the tls-cipher settings on the server to reasonable default like tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". To work around the problem on the client add the custom option tls-cipher DEFAULT on the Android client. This profile has been added from an external app (%s) and has been marked as not user editable. Certificate Revocation List Restarting OpenVPN Service (App crashed probably crashed or killed for memory pressure) Importing the config yielded an error, cannot save it - + Search + (Last dump is %1$d:%2$dh old (%3$s)) + Clear log on new connection + Connect Timeout + No allowed app added. Adding ourselves (%s) to have at least one app in the allowed app list to not allow all apps + OpenVPN for Android can try to discover the missing file(s) on the sdcard automatically. Tap this message start the permission request. + Protocol + Enabled + Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch + %d months left + %d days left + %d hours left + VPN permission revoked by OS (e.g. other VPN program started), stopping VPN + Push Peer info + Send extra information to the server, e.g. SSL version and Android version + Need %1$s + Please enter the password for profile %1$s + Use inline data + Export configuration file + tls-auth file is missing + Missing user certificate or user certifcate key file + Missing CA certificate + Certifcate Revoke List (optional) + Reread (%d) log items from log cache file diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 7746795eed48c9b755ecfe8ee3d66e25e5c1aefc..06c80f1291b512521d9753c81183395679428d27 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -30,7 +30,7 @@ Please enter your username password User message - About Bitmask" + About Bitmask Try again: server math error. Incorrect username or password. It should have at least 8 characters. diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml index 94970c8841a3e6cccf0f6436647a672b429fa132..4cdf2c00b247c6abcf5a05f14d45e4ec7cb0a784 100644 --- a/app/src/main/res/values/styles.xml +++ b/app/src/main/res/values/styles.xml @@ -1,24 +1,14 @@ - - - - - + + \ No newline at end of file diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java index a3f7db6aef07e14c026c7d3019c7d7080fc34114..b9b449f0677fa8f510b35cb5210f2316b523fcc1 100644 --- a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java @@ -32,7 +32,6 @@ import java.util.*; import javax.net.ssl.*; -import org.apache.http.client.*; import org.json.*; import org.thoughtcrime.ssl.pinning.util.*; @@ -432,9 +431,6 @@ public class ProviderAPI extends IntentService { is = urlConnection.getInputStream(); String plain_response = new Scanner(is).useDelimiter("\\A").next(); json_response = new JSONObject(plain_response); - } catch (ClientProtocolException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); } catch (IOException e) { json_response = getErrorMessage(urlConnection); e.printStackTrace(); @@ -890,10 +886,6 @@ public class ProviderAPI extends IntentService { responseCode = urlConnection.getResponseCode(); broadcastProgress(progress++); LeapSRPSession.setToken(""); - } catch (ClientProtocolException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; } catch (IndexOutOfBoundsException e) { // TODO Auto-generated catch block e.printStackTrace(); diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java new file mode 100644 index 0000000000000000000000000000000000000000..476d815182ebecedb5bcd4e4b24aaa303f11556f --- /dev/null +++ b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java @@ -0,0 +1,137 @@ +package de.blinkt.openvpn.core; + +//import android.annotation.SuppressLint; +// +//import junit.framework.Assert; +// +//import org.junit.Before; +//import org.junit.Ignore; +//import org.junit.Test; +// +//import java.io.ByteArrayInputStream; +//import java.io.ByteArrayOutputStream; +//import java.io.IOException; +//import java.io.InputStream; +//import java.io.OutputStream; +//import java.io.UnsupportedEncodingException; +//import java.util.Arrays; + +/** + * NOTE [@aguestuser|04.11.17]: + * + * As the tests below: + * + * (1) are testing the logic of library code (the openvpn class `LogFileHandler`) + * -- thus making them low-value tests + * (2) currently diverge from the signatures of the class under test (overriding non-existent methods, etc.) + * -- thus failing to compile and breaking the build + * + * I am taking the liberty of commenting them out, and proposing we delete this file altogether + * upon feedback from the team. + * + **/ + + +//@Ignore +//public class TestLogFileHandler { +// +// byte[] testUnescaped = new byte[]{0x00, 0x55, -27, 0x00, 0x56, 0x10, -128, 0x55, 0x54}; +// byte[] expectedEscaped = new byte[]{0x55, 0x00, 0x00, 0x00, 0x09, 0x00, 0x56, 0x00, -27, 0x00, 0x56, 0x01, 0x10, -128, 0x56, 0x00, 0x54}; +// private TestingLogFileHandler lfh; +// +// +// @Before +// public void setup() { +// lfh = new TestingLogFileHandler(); +// } +// +// @Test +// public void testWriteByteArray() throws IOException { +// +// ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); +// +// lfh.setLogFile(byteArrayOutputStream); +// +// lfh.writeEscapedBytes(testUnescaped); +// +// byte[] result = byteArrayOutputStream.toByteArray(); +// Assert.assertTrue(Arrays.equals(expectedEscaped, result)); +// } +// +// @Test +// public void readByteArray() throws IOException { +// +// ByteArrayInputStream in = new ByteArrayInputStream(expectedEscaped); +// +// lfh.readCacheContents(in); +// +// Assert.assertTrue(Arrays.equals(testUnescaped, lfh.mRestoredByteArray)); +// +// } +// +// @Test +// public void testMarschal() throws UnsupportedEncodingException { +// LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, "foobar"); +// LogItem li2 = marschalAndBack(li); +// testEquals(li, li2); +// Assert.assertEquals(li, li2); +// } +// +// @Test +// public void testMarschalArgs() throws UnsupportedEncodingException { +// LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, 772, "sinnloser Text", 7723, 723.2f, 7.2); +// LogItem li2 = marschalAndBack(li); +// testEquals(li, li2); +// Assert.assertEquals(li, li2); +// } +// +// @Test +// public void testMarschalString() throws UnsupportedEncodingException { +// LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, "Nutzlose Nachricht"); +// LogItem li2 = marschalAndBack(li); +// testEquals(li, li2); +// Assert.assertEquals(li, li2); +// } +// +// +// private void testEquals(LogItem li, LogItem li2) { +// Assert.assertEquals(li.getLogLevel(), li2.getLogLevel()); +// Assert.assertEquals(li.getLogtime(), li2.getLogtime()); +// Assert.assertEquals(li.getVerbosityLevel(), li2.getVerbosityLevel()); +// Assert.assertEquals(li.toString(), li2.toString()); +// +// } +// +// private LogItem marschalAndBack(LogItem li) throws UnsupportedEncodingException { +// byte[] bytes = li.getMarschaledBytes(); +// +// return new LogItem(bytes, bytes.length); +// } +// +// +// @SuppressLint("HandlerLeak") +// static class TestingLogFileHandler extends LogFileHandler { +// +// public byte[] mRestoredByteArray; +// +// public TestingLogFileHandler() { +// super(null); +// } +// +// public void setLogFile(OutputStream out) { +// mLogFile = out; +// } +// +// @Override +// public void readCacheContents(InputStream in) throws IOException { +// super.readCacheContents(in); +// } +// +// @Override +// protected void restoreLogItem(byte[] buf, int len) { +// mRestoredByteArray = Arrays.copyOf(buf, len); +// } +// } +// +// +//} \ No newline at end of file diff --git a/build.gradle b/build.gradle index 5a21265120d6ff5382c570af61c8a9b0f757d410..dc2396d7f7492f052fbc78639f43ebd21422de23 100644 --- a/build.gradle +++ b/build.gradle @@ -4,7 +4,7 @@ buildscript { jcenter() } dependencies { - classpath 'com.android.tools.build:gradle:1.2.3' + classpath 'com.android.tools.build:gradle:2.3.1' } } diff --git a/docker/android-emulator.dockerfile b/docker/android-emulator.dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..0201312bf60c133595ca1e2e2b3d14bd15767a42 --- /dev/null +++ b/docker/android-emulator.dockerfile @@ -0,0 +1,24 @@ +FROM 0xacab.org:4567/leap/bitmask_android/android-sdk:latest + +MAINTAINER LEAP Encryption Access Project +LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="25" + +# ------------------------------------------------------ +# --- System Dependencies + +# ensure GL compatibility + +RUN apt-get update -qq +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y mesa-utils +ENV ANDROID_EMULATOR_USE_SYSTEM_LIBS=1 + +# ------------------------------------------------------ +# --- Install Android Emulator + +# Install Android SDK emulator package +RUN echo y | sdkmanager "emulator" + +# Install System Images for emulators +RUN echo y | sdkmanager "system-images;android-25;google_apis;x86_64" +RUN echo y | sdkmanager "system-images;android-24;google_apis;x86_64" +RUN echo y | sdkmanager "system-images;android-23;google_apis;x86_64" diff --git a/docker/android-ndk.dockerfile b/docker/android-ndk.dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..0a3eabfdab4cf94ab3646e2f146169ccd7180a1f --- /dev/null +++ b/docker/android-ndk.dockerfile @@ -0,0 +1,32 @@ +FROM 0xacab.org:4567/leap/bitmask_android/android-sdk:latest + +MAINTAINER LEAP Encryption Access Project +LABEL Description="Android NDK image based on android-sdk baseimage" Vendor="LEAP" Version="r12b" + +# ------------------------------------------------------ +# --- Install System Dependencies + +RUN apt-get update -qq +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \ + make gcc file lib32stdc++6 lib32z1 # JNI build dependencies w/ 32-bit compatible C libs + +# ------------------------------------------------------ +# --- Install Android NDK (for running C code) + +# NOTE(@aguestuser|4.23.17) +# We woud like to use te current version of Android NDK (r14b) but cannot +# due to pinned dependency on year-old version of `ics-openvpn` +# which has transitive dependency on `openssl` which will not compile with `clang` +# (starting in 13b, android ndk uses `clang` isntead of `gcc`) +# Upon rebasing onto to current HEAD of `ics-openvpn` and resolving conflicts, we +# should update to current version of `ndk`. + +ENV ANDROID_NDK_VERSION "r12b" +ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION} +ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip + +RUN curl -L $ANDROID_NDK_URL -o ndk.zip \ + && unzip ndk.zip -d $ANDROID_HOME \ + && rm -rf ndk.zip + +ENV PATH ${PATH}:${ANDROID_NDK_HOME} diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..4044a7ec333df5c3c7bdffefdd2991bd11af584a --- /dev/null +++ b/docker/android-sdk.dockerfile @@ -0,0 +1,65 @@ +FROM debian:stretch + +MAINTAINER LEAP Encryption Access Project +LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="25.2.5" + +# ------------------------------------------------------ +# --- Install System Dependencies + +RUN apt-get update -qq +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \ + # the basics + curl unzip git locales \ + # java stuff + openjdk-8-jdk maven + +# ------------------------------------------------------ +# --- Set Locales + +# Generate All Locales +RUN cp /usr/share/i18n/SUPPORTED /etc/locale.gen +RUN locale-gen + +# Set Default Locale +RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 +ENV LANG en_US.UTF-8 + +# ------------------------------------------------------ +# --- Install Android SDK Tools + +ENV ANDROID_SDK_VERSION "25.2.5" +ENV ANDROID_HOME /opt/android-sdk-linux +ENV ANDROID_SDK_URL https://dl.google.com/android/repository/tools_r${ANDROID_SDK_VERSION}-linux.zip + +# Install SDK Tools +RUN curl -L $ANDROID_SDK_URL -o sdk-tools.zip \ + && unzip -q sdk-tools.zip -d $ANDROID_HOME \ + && rm -f sdk-tools.zip + +# Update PATH +ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools + +# ------------------------------------------------------ +# --- Install Android SDK Tools Packages + +# Install Platform Tools Package +RUN echo y | sdkmanager "platform-tools" # echo y to accept google licenses + +# Install Android Support Repositories +RUN sdkmanager "extras;android;m2repository" + +# Install Build Tools (Please keep in descending order) +RUN sdkmanager "build-tools;25.0.2" +RUN sdkmanager "build-tools;25.0.0" +RUN sdkmanager "build-tools;24.0.3" +RUN sdkmanager "build-tools;23.0.3" + +# Install Target SDK Packages (Please keep in descending order) +RUN sdkmanager "platforms;android-25" +RUN sdkmanager "platforms;android-24" +RUN sdkmanager "platforms;android-23" + +# ------------------------------------------------------ +# --- Cleanup + +RUN apt clean diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index c8e43f9ea0fee02ad7fb0fb8e18e0f6e2da26daf..732dce4b6a80a8ea9a8f61e2010d85d212166d6e 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ -#Wed Dec 03 00:07:42 CET 2014 +#Sat Apr 08 20:47:40 EDT 2017 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip diff --git a/ics-openvpn b/ics-openvpn index 23314f5ec13d14c220096f6d7d44932b45e4fc3e..7dbaa266ed2aac4ab82672955282a6bfb43008b4 160000 --- a/ics-openvpn +++ b/ics-openvpn @@ -1 +1 @@ -Subproject commit 23314f5ec13d14c220096f6d7d44932b45e4fc3e +Subproject commit 7dbaa266ed2aac4ab82672955282a6bfb43008b4