Merge branch 'android-updates'

This fixes the vulnerability in the eap-mschapv2 plugin and an issue
with the filename of log files.  In the released app, the OpenSSL version
is also increased in order to support ML-KEM.

Author: tobiasbrunner

src/frontends/android/app/build.gradle

@@ -9,8 +9,8 @@ android {
         minSdkVersion 21
         targetSdkVersion 36
 
-        versionCode 94
-        versionName "2.6.0"
+        versionCode 95
+        versionName "2.6.1"
 
         externalNativeBuild {
             ndkBuild {

src/frontends/android/app/src/main/java/org/strongswan/android/data/LogContentProvider.java

@@ -20,6 +20,8 @@
 import java.io.FileNotFoundException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 
 import org.strongswan.android.logic.CharonVpnService;
@@ -85,28 +87,33 @@ public Cursor query(Uri uri, String[] projection, String selection,
 	{
 		/* this is called by apps to find out the name and size of the file.
 		 * since we only provide a single file this is simple to implement */
-		if (projection == null || projection.length < 1)
+		if (projection == null)
 		{
-			return null;
+			projection = new String[]{ OpenableColumns.DISPLAY_NAME, OpenableColumns.SIZE };
 		}
 		Long timestamp = mUris.get(uri);
 		if (timestamp == null)
 		{	/* don't check the validity as this information is not really private */
 			return null;
 		}
-		MatrixCursor cursor = new MatrixCursor(projection, 1);
-		if (OpenableColumns.DISPLAY_NAME.equals(cursor.getColumnName(0)))
-		{
-			cursor.newRow().add(CharonVpnService.LOG_FILE);
-		}
-		else if (OpenableColumns.SIZE.equals(cursor.getColumnName(0)))
-		{
-			cursor.newRow().add(mLogFile.length());
-		}
-		else
+		List<String> cols = new ArrayList<>();
+		List<Object> vals = new ArrayList<>();
+		for (String col : projection)
 		{
-			return null;
+			if (OpenableColumns.DISPLAY_NAME.equals(col))
+			{
+				cols.add(OpenableColumns.DISPLAY_NAME);
+				vals.add(CharonVpnService.LOG_FILE);
+			}
+			else if (OpenableColumns.SIZE.equals(col))
+			{
+				cols.add(OpenableColumns.SIZE);
+				vals.add(mLogFile.length());
+			}
 		}
+
+		MatrixCursor cursor = new MatrixCursor(cols.toArray(new String[0]), 1);
+		cursor.addRow(vals.toArray());
 		return cursor;
 	}
 

src/frontends/android/app/src/main/play/release-notes/de-DE/default.txt

@@ -1,11 +1,12 @@
+# 2.6.1 #
+
+- Aktualisiert OpenSSL, um ML-KEM zu unterstützen (muss explizit in Proposal konfiguriert werden)
+- Behebt eine Schwachstelle im eap-mschapv2 Plugin
+- Korrigiert den Dateinamen, wenn das Log exportiert wird
+
 # 2.6.0 #
 
 - Erlaubt die Vorauswahl eines Benutzer-Zertifikats via Alias in verwalteten Profilen
-- Erlaubt die Auswahl von Benutzer-Zertifikaten in verwalteten Profilen, die kein eigenes Zertifikat installieren
+- Erlaubt die Auswahl von Benutzer-Zertifikaten in verwalteten Profilen
 - Fixt das Lesen von Split-Tunneling Settings in verwalteten Profilen
-- Anpassungen für die randlose Anzeige, welche erzwungen wird, wenn Android 16 als Ziel-SDK verwendet wird
-- Ziel-SDK auf Android 16 erhöht
-
-# 2.5.6 #
-
-- Unterstützt benutzerdefinierte HTTP Proxy-Server (Android 10+)
+- Anpassungen für die randlose Anzeige

src/frontends/android/app/src/main/play/release-notes/en-US/default.txt

@@ -1,11 +1,12 @@
+# 2.6.1 #
+
+- Update OpenSSL to support ML-KEM (requires explicit configuration in proposals)
+- Fix vulnerability in eap-mschapv2 plugin
+- Fix filename when exporting the log
+
 # 2.6.0 #
 
 - Allow preselecting a user certificate via alias in managed profiles
-- Allow selecting a user certificate for managed profiles that don't install their own certificate
+- Allow selecting a user certificate for managed profiles
 - Fix reading split-tunneling settings in managed profiles
-- Adapt to edge-to-edge display, which becomes mandatory when targeting Android 16
-- Increase target SDK to Android 16
-
-# 2.5.6 #
-
-- Add support for custom HTTP proxy server (Android 10+)
+- Adapt to edge-to-edge display

src/frontends/android/openssl/Dockerfile

@@ -18,8 +18,8 @@ RUN apt-get update && \
 COPY compile.sh /
 RUN chmod +x /compile.sh
 
-ENV ANDROID_NDK_ROOT /ndk
-ENV OUT_DIR /out
+ENV ANDROID_NDK_ROOT=/ndk
+ENV OUT_DIR=/out
 
 WORKDIR /src