From 359a6b5c06709951e07ce7d1091b9780e35c792b Mon Sep 17 00:00:00 2001
From: Rubin Xu <rubinxu@google.com>
Date: Wed, 11 Apr 2018 11:43:18 +0100
Subject: [PATCH] Do not set separate challenge flag before clearing lock

This step is redundant since clearLock() would set the flag internally anyway.
In fact setting the flag before calling clearLock() is wrong since it will
lead LockSettingsService.setLockCredential() to think that the target profile
does not have a unified challenge, causing it to use an incorrect existing
credential for password change, leading to untrusted credential change.

Bug: 77892111
Test: Create profile; set separate empty work challenge; observe no crash
Change-Id: I4d76b20706a796654f9389f31ae8c46d51d7adac
---
 src/com/android/settings/password/ChooseLockGeneric.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/com/android/settings/password/ChooseLockGeneric.java b/src/com/android/settings/password/ChooseLockGeneric.java
index aa67b85481e..62978b3089b 100644
--- a/src/com/android/settings/password/ChooseLockGeneric.java
+++ b/src/com/android/settings/password/ChooseLockGeneric.java
@@ -654,7 +654,6 @@ public class ChooseLockGeneric extends SettingsActivity {
             }
 
             if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
-                mLockPatternUtils.setSeparateProfileChallengeEnabled(mUserId, true, mUserPassword);
                 mChooseLockSettingsHelper.utils().clearLock(mUserPassword, mUserId);
                 mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled, mUserId);
                 getActivity().setResult(Activity.RESULT_OK);