Commit a74cc94b authored by Daniel Schreiber's avatar Daniel Schreiber

detect unwritable eduroam config and help users to fix this

users are sent to android settings so they can remove an existing eduroam config.

Minor changes:
* connection test skipped on pie devices as this does not work without location permission.
* enable connection test without encryption on pie. Connection test must use http instead of https so that any captive portal which intercepts traffic will be detected.
parent 04a6e848
Pipeline #22099 passed with stages
in 4 minutes and 30 seconds
apply plugin: 'com.android.application'
android {
compileSdkVersion 26
compileSdkVersion 28
//buildToolsVersion '26.0.2'
defaultConfig {
applicationId "de.tu_chemnitz.wlan"
minSdkVersion 18
targetSdkVersion 26
versionCode 9
versionName "1.3.0"
targetSdkVersion 28
versionCode 10
versionName "1.3.1"
testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
}
buildTypes {
......@@ -24,10 +24,10 @@ dependencies {
androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', {
exclude group: 'com.android.support', module: 'support-annotations'
})
compile 'com.android.support:appcompat-v7:26.1.0'
compile 'com.android.support:design:26.1.0'
compile 'com.android.support:appcompat-v7:28.0.0'
compile 'com.android.support:design:28.0.0'
compile 'com.android.support.constraint:constraint-layout:1.0.2'
compile 'com.android.volley:volley:1.1.0'
compile 'com.android.support:support-v4:26.1.0'
compile 'com.android.support:support-v4:28.0.0'
testCompile 'junit:junit:4.12'
}
......@@ -14,7 +14,8 @@
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/AppTheme">
android:theme="@style/AppTheme"
android:networkSecurityConfig="@xml/network_security_config">
<activity
android:name=".LoginActivity"
android:configChanges="orientation|screenSize" />
......
......@@ -564,6 +564,19 @@ class Helper {
throw new IllegalArgumentException("Phase2 must be one of PAP, MSCHAP, MSCHAPV2, or GTC");
}
static boolean is_status_valid(List<MainActivity.TickLine> ticks_status, Context context) {
boolean valid = true;
for (String tag : Helper.status_tags) {
MainActivity.TickLine tick = Helper.getByTag(ticks_status, tag);
valid &= (tick != null && tick.ticked);
}
MainActivity.TickLine tick = Helper.getByTag(ticks_status, context.getString(R.string.tick_tag_wifi_writable));
if (tick != null) {
valid &= tick.ticked;
}
return valid;
}
static List<MainActivity.TickLine> getNetworkStatus(Context context, String ssid) {
List<MainActivity.TickLine> list = new ArrayList<>();
......@@ -685,6 +698,14 @@ class Helper {
ticked = false;
}
list.add(3, new MainActivity.TickLine(ticked, message, "", false));
// try to update network config without config change to check if config is managed by app
if (wifi.updateNetwork(currentConfig) != -1) {
tick = new MainActivity.TickLine(true, context.getString(R.string.tickline_message_wifi_writable), context.getString(R.string.tickline_subtext_wifi_writable), false);
} else {
tick = new MainActivity.TickLine(false, context.getString(R.string.tickline_message_wifi_writable), context.getString(R.string.tickline_subtext_wifi_notwritable), false);
}
tick._tag = context.getString(R.string.tick_tag_wifi_writable);
list.add(tick);
}
}
} else {
......
......@@ -207,11 +207,7 @@ public class MainActivity extends AppCompatActivity {
ll.removeAllViews();
ll.setPadding(0,0,0,0);
boolean valid = true;
for (String tag : Helper.status_tags) {
TickLine tick = Helper.getByTag(ticks_status, tag);
valid &= (tick != null && tick.ticked);
}
boolean valid = Helper.is_status_valid(ticks_status, this.getApplicationContext());
boolean configured = true;
for (TickLine tick : ticks_status) {
......@@ -283,11 +279,7 @@ public class MainActivity extends AppCompatActivity {
}
private void setupEduroam() {
boolean valid = true;
for (String tag : Helper.status_tags) {
TickLine tick = Helper.getByTag(ticks_status, tag);
valid &= (tick != null && tick.ticked);
}
boolean valid = Helper.is_status_valid(ticks_status, this.getApplicationContext());
if (!valid) {
TickLine tick = Helper.getByTag(ticks_status, Helper.status_tags[0]);
......@@ -362,6 +354,22 @@ public class MainActivity extends AppCompatActivity {
});
alert.show();
}
tick = Helper.getByTag(ticks_status, this.getString(R.string.tick_tag_wifi_writable));
if (tick != null && !tick.ticked) {
AlertDialog alert = new AlertDialog.Builder(this).create();
alert.setTitle(R.string.dlg_wifi_fix_title);
alert.setMessage(this.getString(R.string.dlg_wifi_fix_message));
alert.setCancelable(false);
alert.setButton(AlertDialog.BUTTON_NEUTRAL, "OK", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
startActivity(new Intent(Settings.ACTION_WIFI_SETTINGS));
}
});
alert.show();
return;
}
} else {
// everything is set up -> start configuration!
canLeaveInstall = false;
......@@ -541,6 +549,10 @@ public class MainActivity extends AppCompatActivity {
}
private void postInstallCheck() {
// starting from Android 9 (PIE) you need location permission to check the SSID. We don't require the permission so we cant test.
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
return;
}
MainActivity.this.runOnUiThread(new Runnable() {
@Override
public void run() {
......@@ -640,7 +652,6 @@ public class MainActivity extends AppCompatActivity {
alert.show();
} else {
// currently unused
alert.setMessage("Konnte eduroam nicht finden.\nProbieren Sie es später erneut.");
}
} else {
......
......@@ -5,9 +5,17 @@
<string translatable="false" name="edurom_error_old_configuration">Veraltete Anonyme Identität: %1$s</string>
<string translatable="false" name="edurom_radius_server">radius2030.tu-chemnitz.de</string>
<string translatable="false" name="edurom_identity_pattern">%1$s-%2$s@tu-chemnitz.de</string>
<string translatable="false" name="tick_tag_wifi_writable">wifiConfigWritable</string>
<string name="tickline_category_app_version">App Version</string>
<string name="tickline_message_server_subject_match_ok">OK</string>
<string name="tickline_message_wifi_writable">Zugriff auf WLAN Konfiguration</string>
<string name="tickline_subtext_wifi_writable">App darf eduraom konfigurieren</string>
<string name="tickline_subtext_wifi_notwritable">App darf eduraom nicht konfigurieren. Bitte löschen Sie "eduroam" in den WLAN-Einstellungen von Android.</string>
<string name="dlg_wifi_fix_title">Vorhandene Eduroam Konfiguration löschen</string>
<string name="dlg_wifi_fix_message">Sie werden jetzt zu den Android Einstellungen für WLAN weitergeleitet. Löschen Sie dort bitte die Konfiguration für das Netzwerk "eduroam".</string>
<string name="dlg_conntest_pie">Ab Android 9 kann der Verbindungstest leider nicht durchgeführt werden.</string>
<plurals name="connect_to_internet_message">
<item quantity="one">Bitte stelle eine Internetverbindung mit einem WLAN oder über mobile Daten her.\nIn der TU Chemnitz kannst du das WLAN Netz %1$s verwenden.</item>
......
<?xml version="1.0" encoding="utf-8"?>
<!--
this setting is required on Android Pie to allow internet connection test. This test needs to
connect to IdM using HTTP without ssl so any captive portal can intercept and the connection
test fails. This is exactly what we need.
-->
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
</network-security-config>
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment