[Wi-Fi] Remove 'Do not validate' option in CA certificate spinner
"Do not validate" is not secure and must not be used in any production
network. R Suggestions API already does not allow connections with
no Root CA certificate.
Bug: 162466484
Test: make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigControllerTest
make RunSettingsRoboTests ROBOTEST_FILTER=WifiConfigController2Test
Manually add or edit an EAP method Wi-Fi network and observe CA
certificate spinner options.
Change-Id: Ica5ecf8805c51d7cdce7b16e02e0dd79d5f64754
Merged-In: Icf97199967faa2e359b0120a8c989bd1df2c6cea
This commit is contained in:
Arc Wang
@@ -196,18 +196,6 @@
|
|||||||
android:entries="@array/eap_ocsp_type" />
|
android:entries="@array/eap_ocsp_type" />
|
||||||
</LinearLayout>
|
</LinearLayout>
|
||||||
|
|
||||||
<LinearLayout android:id="@+id/no_ca_cert_warning"
|
|
||||||
android:layout_width="match_parent"
|
|
||||||
android:layout_height="wrap_content"
|
|
||||||
android:visibility="gone"
|
|
||||||
style="@style/wifi_item" >
|
|
||||||
<TextView
|
|
||||||
android:layout_width="wrap_content"
|
|
||||||
android:layout_height="wrap_content"
|
|
||||||
style="@style/wifi_item_warning"
|
|
||||||
android:text="@string/wifi_do_not_validate_eap_server_warning" />
|
|
||||||
</LinearLayout>
|
|
||||||
|
|
||||||
<LinearLayout android:id="@+id/l_domain"
|
<LinearLayout android:id="@+id/l_domain"
|
||||||
android:layout_width="match_parent"
|
android:layout_width="match_parent"
|
||||||
android:layout_height="wrap_content"
|
android:layout_height="wrap_content"
|
||||||
|
|||||||
@@ -2141,8 +2141,6 @@
|
|||||||
<string name="wifi_do_not_provide_eap_user_cert">Do not provide</string>
|
<string name="wifi_do_not_provide_eap_user_cert">Do not provide</string>
|
||||||
<!-- Menu option for not validating the EAP server -->
|
<!-- Menu option for not validating the EAP server -->
|
||||||
<string name="wifi_do_not_validate_eap_server">Do not validate</string>
|
<string name="wifi_do_not_validate_eap_server">Do not validate</string>
|
||||||
<!-- Warning message displayed if user choses not to validate the EAP server -->
|
|
||||||
<string name="wifi_do_not_validate_eap_server_warning">No certificate specified. Your connection will not be private.</string>
|
|
||||||
<!-- Warning message displayed if network name (ssid) is too long -->
|
<!-- Warning message displayed if network name (ssid) is too long -->
|
||||||
<string name="wifi_ssid_too_long">Network name is too long.</string>
|
<string name="wifi_ssid_too_long">Network name is too long.</string>
|
||||||
<!-- Warning message displayed if user does not specify a domain for the CA certificate.
|
<!-- Warning message displayed if user does not specify a domain for the CA certificate.
|
||||||
|
|||||||
@@ -159,7 +159,6 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
private String mMultipleCertSetString;
|
private String mMultipleCertSetString;
|
||||||
private String mUseSystemCertsString;
|
private String mUseSystemCertsString;
|
||||||
private String mDoNotProvideEapUserCertString;
|
private String mDoNotProvideEapUserCertString;
|
||||||
private String mDoNotValidateEapServerString;
|
|
||||||
|
|
||||||
private ScrollView mDialogContainer;
|
private ScrollView mDialogContainer;
|
||||||
private Spinner mSecuritySpinner;
|
private Spinner mSecuritySpinner;
|
||||||
@@ -264,8 +263,6 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
mUseSystemCertsString = mContext.getString(R.string.wifi_use_system_certs);
|
mUseSystemCertsString = mContext.getString(R.string.wifi_use_system_certs);
|
||||||
mDoNotProvideEapUserCertString =
|
mDoNotProvideEapUserCertString =
|
||||||
mContext.getString(R.string.wifi_do_not_provide_eap_user_cert);
|
mContext.getString(R.string.wifi_do_not_provide_eap_user_cert);
|
||||||
mDoNotValidateEapServerString =
|
|
||||||
mContext.getString(R.string.wifi_do_not_validate_eap_server);
|
|
||||||
|
|
||||||
mSsidScanButton = (ImageButton) mView.findViewById(R.id.ssid_scanner_button);
|
mSsidScanButton = (ImageButton) mView.findViewById(R.id.ssid_scanner_button);
|
||||||
mDialogContainer = mView.findViewById(R.id.dialog_scrollview);
|
mDialogContainer = mView.findViewById(R.id.dialog_scrollview);
|
||||||
@@ -554,8 +551,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
// Disallow submit if the user has not selected a CA certificate for an EAP network
|
// Disallow submit if the user has not selected a CA certificate for an EAP network
|
||||||
// configuration.
|
// configuration.
|
||||||
enabled = false;
|
enabled = false;
|
||||||
} else if (!caCertSelection.equals(mDoNotValidateEapServerString)
|
} else if (mEapDomainView != null
|
||||||
&& mEapDomainView != null
|
|
||||||
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
||||||
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
||||||
// Disallow submit if the user chooses to use a certificate for EAP server
|
// Disallow submit if the user chooses to use a certificate for EAP server
|
||||||
@@ -576,7 +572,6 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
void showWarningMessagesIfAppropriate() {
|
void showWarningMessagesIfAppropriate() {
|
||||||
mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.GONE);
|
|
||||||
mView.findViewById(R.id.no_user_cert_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.no_user_cert_warning).setVisibility(View.GONE);
|
||||||
mView.findViewById(R.id.no_domain_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.no_domain_warning).setVisibility(View.GONE);
|
||||||
mView.findViewById(R.id.ssid_too_long_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.ssid_too_long_warning).setVisibility(View.GONE);
|
||||||
@@ -589,13 +584,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}
|
}
|
||||||
if (mEapCaCertSpinner != null
|
if (mEapCaCertSpinner != null
|
||||||
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
||||||
String caCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
if (mEapDomainView != null
|
||||||
if (caCertSelection.equals(mDoNotValidateEapServerString)) {
|
|
||||||
// Display warning if user chooses not to validate the EAP server with a
|
|
||||||
// user-supplied CA certificate in an EAP network configuration.
|
|
||||||
mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE);
|
|
||||||
} else if (!caCertSelection.equals(mUnspecifiedCertString)
|
|
||||||
&& mEapDomainView != null
|
|
||||||
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
||||||
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
||||||
// Display warning if user chooses to use a certificate without restricting the
|
// Display warning if user chooses to use a certificate without restricting the
|
||||||
@@ -733,8 +722,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
config.enterpriseConfig.setCaCertificateAliases(null);
|
config.enterpriseConfig.setCaCertificateAliases(null);
|
||||||
config.enterpriseConfig.setCaPath(null);
|
config.enterpriseConfig.setCaPath(null);
|
||||||
config.enterpriseConfig.setDomainSuffixMatch(mEapDomainView.getText().toString());
|
config.enterpriseConfig.setDomainSuffixMatch(mEapDomainView.getText().toString());
|
||||||
if (caCert.equals(mUnspecifiedCertString)
|
if (caCert.equals(mUnspecifiedCertString)) {
|
||||||
|| caCert.equals(mDoNotValidateEapServerString)) {
|
|
||||||
// ca_cert already set to null, so do nothing.
|
// ca_cert already set to null, so do nothing.
|
||||||
} else if (caCert.equals(mUseSystemCertsString)) {
|
} else if (caCert.equals(mUseSystemCertsString)) {
|
||||||
config.enterpriseConfig.setCaPath(SYSTEM_CA_STORE_PATH);
|
config.enterpriseConfig.setCaPath(SYSTEM_CA_STORE_PATH);
|
||||||
@@ -768,8 +756,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Only set OCSP option if there is a valid CA certificate.
|
// Only set OCSP option if there is a valid CA certificate.
|
||||||
if (caCert.equals(mUnspecifiedCertString)
|
if (caCert.equals(mUnspecifiedCertString)) {
|
||||||
|| caCert.equals(mDoNotValidateEapServerString)) {
|
|
||||||
config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE);
|
config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE);
|
||||||
} else {
|
} else {
|
||||||
config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition());
|
config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition());
|
||||||
@@ -1049,15 +1036,15 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapCaCertSpinner,
|
mEapCaCertSpinner,
|
||||||
Credentials.CA_CERTIFICATE,
|
Credentials.CA_CERTIFICATE,
|
||||||
mDoNotValidateEapServerString,
|
null /* noCertificateString */,
|
||||||
false,
|
false /* showMultipleCerts */,
|
||||||
true);
|
true /* showUsePreinstalledCertOption */);
|
||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapUserCertSpinner,
|
mEapUserCertSpinner,
|
||||||
Credentials.USER_PRIVATE_KEY,
|
Credentials.USER_PRIVATE_KEY,
|
||||||
mDoNotProvideEapUserCertString,
|
mDoNotProvideEapUserCertString,
|
||||||
false,
|
false /* showMultipleCerts */,
|
||||||
false);
|
false /* showUsePreinstalledCertOption */);
|
||||||
// To avoid the user connects to a non-secure network unexpectedly,
|
// To avoid the user connects to a non-secure network unexpectedly,
|
||||||
// request using system trusted certificates by default
|
// request using system trusted certificates by default
|
||||||
// unless the user explicitly chooses "Do not validate" or other
|
// unless the user explicitly chooses "Do not validate" or other
|
||||||
@@ -1122,7 +1109,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
} else {
|
} else {
|
||||||
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
||||||
if (caCerts == null) {
|
if (caCerts == null) {
|
||||||
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
|
setSelection(mEapCaCertSpinner, mUnspecifiedCertString);
|
||||||
} else if (caCerts.length == 1) {
|
} else if (caCerts.length == 1) {
|
||||||
setSelection(mEapCaCertSpinner, caCerts[0]);
|
setSelection(mEapCaCertSpinner, caCerts[0]);
|
||||||
} else {
|
} else {
|
||||||
@@ -1130,9 +1117,9 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapCaCertSpinner,
|
mEapCaCertSpinner,
|
||||||
Credentials.CA_CERTIFICATE,
|
Credentials.CA_CERTIFICATE,
|
||||||
mDoNotValidateEapServerString,
|
null /* noCertificateString */,
|
||||||
true,
|
true /* showMultipleCerts */,
|
||||||
true);
|
true /* showUsePreinstalledCertOption */);
|
||||||
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1259,8 +1246,7 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
|
|
||||||
if (mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
if (mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
||||||
String eapCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
String eapCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
||||||
if (eapCertSelection.equals(mDoNotValidateEapServerString)
|
if (eapCertSelection.equals(mUnspecifiedCertString)) {
|
||||||
|| eapCertSelection.equals(mUnspecifiedCertString)) {
|
|
||||||
// Domain suffix matching is not relevant if the user hasn't chosen a CA
|
// Domain suffix matching is not relevant if the user hasn't chosen a CA
|
||||||
// certificate yet, or chooses not to validate the EAP server.
|
// certificate yet, or chooses not to validate the EAP server.
|
||||||
setDomainInvisible();
|
setDomainInvisible();
|
||||||
@@ -1482,7 +1468,8 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
}).collect(Collectors.toList()));
|
}).collect(Collectors.toList()));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B) {
|
if (!TextUtils.isEmpty(noCertificateString)
|
||||||
|
&& mAccessPointSecurity != AccessPoint.SECURITY_EAP_SUITE_B) {
|
||||||
certs.add(noCertificateString);
|
certs.add(noCertificateString);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -156,7 +156,6 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
private String mMultipleCertSetString;
|
private String mMultipleCertSetString;
|
||||||
private String mUseSystemCertsString;
|
private String mUseSystemCertsString;
|
||||||
private String mDoNotProvideEapUserCertString;
|
private String mDoNotProvideEapUserCertString;
|
||||||
private String mDoNotValidateEapServerString;
|
|
||||||
|
|
||||||
private ScrollView mDialogContainer;
|
private ScrollView mDialogContainer;
|
||||||
private Spinner mSecuritySpinner;
|
private Spinner mSecuritySpinner;
|
||||||
@@ -253,8 +252,6 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
mUseSystemCertsString = mContext.getString(R.string.wifi_use_system_certs);
|
mUseSystemCertsString = mContext.getString(R.string.wifi_use_system_certs);
|
||||||
mDoNotProvideEapUserCertString =
|
mDoNotProvideEapUserCertString =
|
||||||
mContext.getString(R.string.wifi_do_not_provide_eap_user_cert);
|
mContext.getString(R.string.wifi_do_not_provide_eap_user_cert);
|
||||||
mDoNotValidateEapServerString =
|
|
||||||
mContext.getString(R.string.wifi_do_not_validate_eap_server);
|
|
||||||
|
|
||||||
mSsidScanButton = (ImageButton) mView.findViewById(R.id.ssid_scanner_button);
|
mSsidScanButton = (ImageButton) mView.findViewById(R.id.ssid_scanner_button);
|
||||||
mDialogContainer = mView.findViewById(R.id.dialog_scrollview);
|
mDialogContainer = mView.findViewById(R.id.dialog_scrollview);
|
||||||
@@ -533,8 +530,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
// Disallow submit if the user has not selected a CA certificate for an EAP network
|
// Disallow submit if the user has not selected a CA certificate for an EAP network
|
||||||
// configuration.
|
// configuration.
|
||||||
enabled = false;
|
enabled = false;
|
||||||
} else if (!caCertSelection.equals(mDoNotValidateEapServerString)
|
} else if (mEapDomainView != null
|
||||||
&& mEapDomainView != null
|
|
||||||
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
||||||
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
||||||
// Disallow submit if the user chooses to use a certificate for EAP server
|
// Disallow submit if the user chooses to use a certificate for EAP server
|
||||||
@@ -555,7 +551,6 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
void showWarningMessagesIfAppropriate() {
|
void showWarningMessagesIfAppropriate() {
|
||||||
mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.GONE);
|
|
||||||
mView.findViewById(R.id.no_user_cert_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.no_user_cert_warning).setVisibility(View.GONE);
|
||||||
mView.findViewById(R.id.no_domain_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.no_domain_warning).setVisibility(View.GONE);
|
||||||
mView.findViewById(R.id.ssid_too_long_warning).setVisibility(View.GONE);
|
mView.findViewById(R.id.ssid_too_long_warning).setVisibility(View.GONE);
|
||||||
@@ -568,13 +563,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
}
|
}
|
||||||
if (mEapCaCertSpinner != null
|
if (mEapCaCertSpinner != null
|
||||||
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
&& mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
||||||
String caCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
if (mEapDomainView != null
|
||||||
if (caCertSelection.equals(mDoNotValidateEapServerString)) {
|
|
||||||
// Display warning if user chooses not to validate the EAP server with a
|
|
||||||
// user-supplied CA certificate in an EAP network configuration.
|
|
||||||
mView.findViewById(R.id.no_ca_cert_warning).setVisibility(View.VISIBLE);
|
|
||||||
} else if (!caCertSelection.equals(mUnspecifiedCertString)
|
|
||||||
&& mEapDomainView != null
|
|
||||||
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
&& mView.findViewById(R.id.l_domain).getVisibility() != View.GONE
|
||||||
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
&& TextUtils.isEmpty(mEapDomainView.getText().toString())) {
|
||||||
// Display warning if user chooses to use a certificate without restricting the
|
// Display warning if user chooses to use a certificate without restricting the
|
||||||
@@ -715,8 +704,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
config.enterpriseConfig.setCaCertificateAliases(null);
|
config.enterpriseConfig.setCaCertificateAliases(null);
|
||||||
config.enterpriseConfig.setCaPath(null);
|
config.enterpriseConfig.setCaPath(null);
|
||||||
config.enterpriseConfig.setDomainSuffixMatch(mEapDomainView.getText().toString());
|
config.enterpriseConfig.setDomainSuffixMatch(mEapDomainView.getText().toString());
|
||||||
if (caCert.equals(mUnspecifiedCertString)
|
if (caCert.equals(mUnspecifiedCertString)) {
|
||||||
|| caCert.equals(mDoNotValidateEapServerString)) {
|
|
||||||
// ca_cert already set to null, so do nothing.
|
// ca_cert already set to null, so do nothing.
|
||||||
} else if (caCert.equals(mUseSystemCertsString)) {
|
} else if (caCert.equals(mUseSystemCertsString)) {
|
||||||
config.enterpriseConfig.setCaPath(SYSTEM_CA_STORE_PATH);
|
config.enterpriseConfig.setCaPath(SYSTEM_CA_STORE_PATH);
|
||||||
@@ -749,8 +737,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Only set OCSP option if there is a valid CA certificate.
|
// Only set OCSP option if there is a valid CA certificate.
|
||||||
if (caCert.equals(mUnspecifiedCertString)
|
if (caCert.equals(mUnspecifiedCertString)) {
|
||||||
|| caCert.equals(mDoNotValidateEapServerString)) {
|
|
||||||
config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE);
|
config.enterpriseConfig.setOcsp(WifiEnterpriseConfig.OCSP_NONE);
|
||||||
} else {
|
} else {
|
||||||
config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition());
|
config.enterpriseConfig.setOcsp(mEapOcspSpinner.getSelectedItemPosition());
|
||||||
@@ -1031,15 +1018,15 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapCaCertSpinner,
|
mEapCaCertSpinner,
|
||||||
Credentials.CA_CERTIFICATE,
|
Credentials.CA_CERTIFICATE,
|
||||||
mDoNotValidateEapServerString,
|
null /* noCertificateString */,
|
||||||
false,
|
false /* showMultipleCerts */,
|
||||||
true);
|
true /* showUsePreinstalledCertOption */);
|
||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapUserCertSpinner,
|
mEapUserCertSpinner,
|
||||||
Credentials.USER_PRIVATE_KEY,
|
Credentials.USER_PRIVATE_KEY,
|
||||||
mDoNotProvideEapUserCertString,
|
mDoNotProvideEapUserCertString,
|
||||||
false,
|
false /* showMultipleCerts */,
|
||||||
false);
|
false /* showUsePreinstalledCertOption */);
|
||||||
// To avoid the user connects to a non-secure network unexpectedly,
|
// To avoid the user connects to a non-secure network unexpectedly,
|
||||||
// request using system trusted certificates by default
|
// request using system trusted certificates by default
|
||||||
// unless the user explicitly chooses "Do not validate" or other
|
// unless the user explicitly chooses "Do not validate" or other
|
||||||
@@ -1105,7 +1092,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
} else {
|
} else {
|
||||||
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
String[] caCerts = enterpriseConfig.getCaCertificateAliases();
|
||||||
if (caCerts == null) {
|
if (caCerts == null) {
|
||||||
setSelection(mEapCaCertSpinner, mDoNotValidateEapServerString);
|
setSelection(mEapCaCertSpinner, mUnspecifiedCertString);
|
||||||
} else if (caCerts.length == 1) {
|
} else if (caCerts.length == 1) {
|
||||||
setSelection(mEapCaCertSpinner, caCerts[0]);
|
setSelection(mEapCaCertSpinner, caCerts[0]);
|
||||||
} else {
|
} else {
|
||||||
@@ -1113,9 +1100,9 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
loadCertificates(
|
loadCertificates(
|
||||||
mEapCaCertSpinner,
|
mEapCaCertSpinner,
|
||||||
Credentials.CA_CERTIFICATE,
|
Credentials.CA_CERTIFICATE,
|
||||||
mDoNotValidateEapServerString,
|
null /* noCertificateString */,
|
||||||
true,
|
true /* showMultipleCerts */,
|
||||||
true);
|
true /* showUsePreinstalledCertOption */);
|
||||||
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
setSelection(mEapCaCertSpinner, mMultipleCertSetString);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1242,8 +1229,7 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
|
|
||||||
if (mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
if (mView.findViewById(R.id.l_ca_cert).getVisibility() != View.GONE) {
|
||||||
String eapCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
String eapCertSelection = (String) mEapCaCertSpinner.getSelectedItem();
|
||||||
if (eapCertSelection.equals(mDoNotValidateEapServerString)
|
if (eapCertSelection.equals(mUnspecifiedCertString)) {
|
||||||
|| eapCertSelection.equals(mUnspecifiedCertString)) {
|
|
||||||
// Domain suffix matching is not relevant if the user hasn't chosen a CA
|
// Domain suffix matching is not relevant if the user hasn't chosen a CA
|
||||||
// certificate yet, or chooses not to validate the EAP server.
|
// certificate yet, or chooses not to validate the EAP server.
|
||||||
setDomainInvisible();
|
setDomainInvisible();
|
||||||
@@ -1465,7 +1451,8 @@ public class WifiConfigController2 implements TextWatcher,
|
|||||||
}).collect(Collectors.toList()));
|
}).collect(Collectors.toList()));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mWifiEntrySecurity != WifiEntry.SECURITY_EAP_SUITE_B) {
|
if (!TextUtils.isEmpty(noCertificateString)
|
||||||
|
&& mWifiEntrySecurity != WifiEntry.SECURITY_EAP_SUITE_B) {
|
||||||
certs.add(noCertificateString);
|
certs.add(noCertificateString);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user