Merge "If the proider model is enabled, the User cannot create insecure VPNs" into sc-dev am: 770ad5cbd7
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14185086 Change-Id: Ib29147f7171f108b21f93b4e15e72e841b557e3f
This commit is contained in:
Jeremy Goldman
Automerger Merge Worker
@@ -26,6 +26,7 @@ import android.os.Bundle;
|
|||||||
import android.os.SystemProperties;
|
import android.os.SystemProperties;
|
||||||
import android.text.Editable;
|
import android.text.Editable;
|
||||||
import android.text.TextWatcher;
|
import android.text.TextWatcher;
|
||||||
|
import android.util.Log;
|
||||||
import android.view.View;
|
import android.view.View;
|
||||||
import android.view.WindowManager;
|
import android.view.WindowManager;
|
||||||
import android.widget.AdapterView;
|
import android.widget.AdapterView;
|
||||||
@@ -40,6 +41,7 @@ import androidx.appcompat.app.AlertDialog;
|
|||||||
import com.android.internal.net.VpnProfile;
|
import com.android.internal.net.VpnProfile;
|
||||||
import com.android.net.module.util.ProxyUtils;
|
import com.android.net.module.util.ProxyUtils;
|
||||||
import com.android.settings.R;
|
import com.android.settings.R;
|
||||||
|
import com.android.settings.Utils;
|
||||||
import com.android.settings.utils.AndroidKeystoreAliasLoader;
|
import com.android.settings.utils.AndroidKeystoreAliasLoader;
|
||||||
|
|
||||||
import java.net.InetAddress;
|
import java.net.InetAddress;
|
||||||
@@ -64,6 +66,8 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
|
|
||||||
private boolean mEditing;
|
private boolean mEditing;
|
||||||
private boolean mExists;
|
private boolean mExists;
|
||||||
|
private List<String> mTotalTypes;
|
||||||
|
private List<String> mAllowedTypes;
|
||||||
|
|
||||||
private View mView;
|
private View mView;
|
||||||
|
|
||||||
@@ -134,7 +138,13 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
// Second, copy values from the profile.
|
// Second, copy values from the profile.
|
||||||
mName.setText(mProfile.name);
|
mName.setText(mProfile.name);
|
||||||
setTypesByFeature(mType);
|
setTypesByFeature(mType);
|
||||||
mType.setSelection(mProfile.type);
|
// Not all types will be available to the user. Find the index corresponding to the
|
||||||
|
// string of the profile's type.
|
||||||
|
if (mAllowedTypes != null && mTotalTypes != null) {
|
||||||
|
mType.setSelection(mAllowedTypes.indexOf(mTotalTypes.get(mProfile.type)));
|
||||||
|
} else {
|
||||||
|
Log.w(TAG, "Allowed or Total vpn types not initialized when setting initial selection");
|
||||||
|
}
|
||||||
mServer.setText(mProfile.server);
|
mServer.setText(mProfile.server);
|
||||||
if (mProfile.saveLogin) {
|
if (mProfile.saveLogin) {
|
||||||
mUsername.setText(mProfile.username);
|
mUsername.setText(mProfile.username);
|
||||||
@@ -276,7 +286,10 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
@Override
|
@Override
|
||||||
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
|
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
|
||||||
if (parent == mType) {
|
if (parent == mType) {
|
||||||
changeType(position);
|
// Because the spinner may not display all available types,
|
||||||
|
// convert the selected position into the actual vpn profile type integer.
|
||||||
|
final int profileType = convertAllowedIndexToProfileType(position);
|
||||||
|
changeType(profileType);
|
||||||
} else if (parent == mProxySettings) {
|
} else if (parent == mProxySettings) {
|
||||||
updateProxyFieldsVisibility(position);
|
updateProxyFieldsVisibility(position);
|
||||||
}
|
}
|
||||||
@@ -371,7 +384,7 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
// Configure networking option visibility
|
// Configure networking option visibility
|
||||||
// TODO(b/149070123): Add ability for platform VPNs to support DNS & routes
|
// TODO(b/149070123): Add ability for platform VPNs to support DNS & routes
|
||||||
final int visibility =
|
final int visibility =
|
||||||
isLegacyType(mType.getSelectedItemPosition()) ? View.VISIBLE : View.GONE;
|
isLegacyType(getSelectedVpnType()) ? View.VISIBLE : View.GONE;
|
||||||
mView.findViewById(R.id.network_options).setVisibility(visibility);
|
mView.findViewById(R.id.network_options).setVisibility(visibility);
|
||||||
} else {
|
} else {
|
||||||
mView.findViewById(R.id.options).setVisibility(View.GONE);
|
mView.findViewById(R.id.options).setVisibility(View.GONE);
|
||||||
@@ -431,7 +444,7 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
final int type = mType.getSelectedItemPosition();
|
final int type = getSelectedVpnType();
|
||||||
if (!editing && requiresUsernamePassword(type)) {
|
if (!editing && requiresUsernamePassword(type)) {
|
||||||
return mUsername.getText().length() != 0 && mPassword.getText().length() != 0;
|
return mUsername.getText().length() != 0 && mPassword.getText().length() != 0;
|
||||||
}
|
}
|
||||||
@@ -503,6 +516,8 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
|
|
||||||
private void setTypesByFeature(Spinner typeSpinner) {
|
private void setTypesByFeature(Spinner typeSpinner) {
|
||||||
String[] types = getContext().getResources().getStringArray(R.array.vpn_types);
|
String[] types = getContext().getResources().getStringArray(R.array.vpn_types);
|
||||||
|
mTotalTypes = new ArrayList<>(Arrays.asList(types));
|
||||||
|
mAllowedTypes = new ArrayList<>(Arrays.asList(types));
|
||||||
if (!getContext().getPackageManager().hasSystemFeature(
|
if (!getContext().getPackageManager().hasSystemFeature(
|
||||||
PackageManager.FEATURE_IPSEC_TUNNELS)) {
|
PackageManager.FEATURE_IPSEC_TUNNELS)) {
|
||||||
final List<String> typesList = new ArrayList<>(Arrays.asList(types));
|
final List<String> typesList = new ArrayList<>(Arrays.asList(types));
|
||||||
@@ -513,6 +528,26 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
typesList.remove(VpnProfile.TYPE_IKEV2_IPSEC_USER_PASS);
|
typesList.remove(VpnProfile.TYPE_IKEV2_IPSEC_USER_PASS);
|
||||||
|
|
||||||
types = typesList.toArray(new String[0]);
|
types = typesList.toArray(new String[0]);
|
||||||
|
} else if (Utils.isProviderModelEnabled(getContext())) {
|
||||||
|
// If the provider mode is enabled and the vpn is new or is not already a legacy type,
|
||||||
|
// don't allow the user to set the type to a legacy option.
|
||||||
|
|
||||||
|
// Set the mProfile.type to TYPE_IKEV2_IPSEC_USER_PASS if the VPN not exist
|
||||||
|
if (!mExists) {
|
||||||
|
mProfile.type = VpnProfile.TYPE_IKEV2_IPSEC_USER_PASS;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove all types which are legacy types from the typesList
|
||||||
|
if (!VpnProfile.isLegacyType(mProfile.type)) {
|
||||||
|
for (int i = mAllowedTypes.size() - 1; i >= 0; i--) {
|
||||||
|
// This must be removed from back to front in order to ensure index consistency
|
||||||
|
if (VpnProfile.isLegacyType(i)) {
|
||||||
|
mAllowedTypes.remove(i);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
types = mAllowedTypes.toArray(new String[0]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
final ArrayAdapter<String> adapter = new ArrayAdapter<String>(
|
final ArrayAdapter<String> adapter = new ArrayAdapter<String>(
|
||||||
getContext(), android.R.layout.simple_spinner_item, types);
|
getContext(), android.R.layout.simple_spinner_item, types);
|
||||||
@@ -577,7 +612,7 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
// First, save common fields.
|
// First, save common fields.
|
||||||
VpnProfile profile = new VpnProfile(mProfile.key);
|
VpnProfile profile = new VpnProfile(mProfile.key);
|
||||||
profile.name = mName.getText().toString();
|
profile.name = mName.getText().toString();
|
||||||
profile.type = mType.getSelectedItemPosition();
|
profile.type = getSelectedVpnType();
|
||||||
profile.server = mServer.getText().toString().trim();
|
profile.server = mServer.getText().toString().trim();
|
||||||
profile.username = mUsername.getText().toString();
|
profile.username = mUsername.getText().toString();
|
||||||
profile.password = mPassword.getText().toString();
|
profile.password = mPassword.getText().toString();
|
||||||
@@ -652,4 +687,19 @@ class ConfigDialog extends AlertDialog implements TextWatcher,
|
|||||||
return ProxyUtils.validate(host, port, "") == ProxyUtils.PROXY_VALID;
|
return ProxyUtils.validate(host, port, "") == ProxyUtils.PROXY_VALID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private int getSelectedVpnType() {
|
||||||
|
return convertAllowedIndexToProfileType(mType.getSelectedItemPosition());
|
||||||
|
}
|
||||||
|
|
||||||
|
private int convertAllowedIndexToProfileType(int allowedSelectedPosition) {
|
||||||
|
if (mAllowedTypes != null && mTotalTypes != null) {
|
||||||
|
final String typeString = mAllowedTypes.get(allowedSelectedPosition);
|
||||||
|
final int profileType = mTotalTypes.indexOf(typeString);
|
||||||
|
return profileType;
|
||||||
|
} else {
|
||||||
|
Log.w(TAG, "Allowed or Total vpn types not initialized when converting protileType");
|
||||||
|
return allowedSelectedPosition;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user