This updates kotlin, gson, AGP, and WorkManager to the latest versions.
It also updates the README to include the correct ndk version for our AGP, as specified here: developer.android.com/build/releases/gradle-plugin#compatibility
I ran the Gradle Upgrade Assistant to get us on the latest version of gradle, but two of our dependencies didn't support it.
- https://pub.dev/documentation/package_info/latest/
- https://github.com/AmolGangadhare/flutter_barcode_scanner
`pacakge_info` is officially deprecated and replaced by `package_info_plus`, which is what I've swapped to here.
A bigger change was switching to https://github.com/juliansteenbakker/mobile_scanner. It does seem to work a bit better than the other one, and does not throw an error now when cancelling the QR code collection, as it did before. I've tested on android in the simulator, and iOS with an actual device.
To test adding a cert:
1. Create a CA on your computer with `nebula-cert ca -name test-mobile`. This will create a `ca.crt` and `ca.key`
2. Tap the + button in the mobile app to add a site
3. Tap the "Certificate" row
4. Copy the public key to a file on your computer like `test.pub`
5. Create a signed cert with `nebula-cert sign -name test-mobile -ip 192.168.0.20/24 -in-pub test.pub`
6. Create a QR code for it: `nebula-cert print -out-qr "qr.png" -path ./test-mobile.crt`
7. In Android studio, in the "Running devices" tab, open the simulator's extended controls:
<img width="509" alt="Android Studio 2024-09-23 13 08 08" src="https://github.com/user-attachments/assets/c1f8288e-374c-457c-942a-4109240102ab">
8. Choose the Camera option, and add the qr code image to the wall of the virtual scene
<img width="679" alt="image" src="https://github.com/user-attachments/assets/bafaa9af-72e4-4444-9704-9876c53c883c">
9. Back in the app, when you choose QR Code and "Scan a QR code`, the virtual scene should open. Hold shift, then move your mouse to look around. Turn around 180 degrees, and walk forward into the other room (can go through the walls) using the `w` key. When you get the QR code into the white border, the scanner should close and apply the certificate settings. If you use a nonsense QR code, or a QR code with a non-matching key, or a CA QR code, you should get an error message when it scans.
The process for scanning a CA qr code is similar.
1. Run `nebula-cert print -out-qr "qr-ca.png" -path ./ca.crt`
2. Replace the QR in the extended controls
3. Tap CA when adding a site
4. The rest of the process is the same as above.
iOS is similar, except you'll need to use a real device, as the simulator does not include a virtual scene like Android does.
This updates flutter to 3.24.1, the latest stable version, and also updates our flutter dependencies to latest.
It targets the latest android sdk, 34, which is required if we want to publish a new version to the Google Play store.
I also needed to make a few adjustments to handle deprecations. The biggest change is that I needed to wrap the main widget in MaterialApp to avoid problems with AdaptiveSwitch in iOS.
When a user restores to a new phone, their TPM will no longer be able to
decrypt the encrypted credentials.
We have code already in place to delete "invalid" sites, which cleans
these up by removing them.
However, when trying to save a new site, Android continues to try to use
the old keys which are no longer decryptable. So, when saving new
encrypted files, simply reset the crypto keys if we are unable to
encrypt.
Previously VPN permissions were requested when the UI was loaded. If the
user denied the permissions it would have to be force stopped and
reopened to get another permission request grant.
Additionally, when requesting VPN permissions Android will kill any
other running VPN service. This avoids that behavior unless a site is
explicitly started.
Also disables the app from showing up in the "Always On" settings.
`logWrap` is a configuration that allows for users to decide if when
viewing logs the lines should extend off screen allowing for scroll
behavior or if they should wrap at screen edge.
We also considered allowing users to toggle this setting at the Site
level but decided that since users would likely want this setting to
apply to all sites, we hoisted the configuration.
Advances #3
Ian VanSchooten
John Maguire
Nate Brown
Nate Brown
micha3lbrown
Michael Brown