diff --git a/res/values/strings.xml b/res/values/strings.xml
index b506a7c0a00..38813b799f3 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -1861,6 +1861,7 @@ found in the list of installed applications.
Are you sure you want to discard the changes made to this profile?
Unable to connect to the network. Do you want to try again?
Server name cannot be resolved. Do you want to check your server name setting?
+ One or more secrets are missing in this VPN configuration. Do you want to check your secret setting?
The username or password you entered is incorrect. Do you want to try again?
diff --git a/src/com/android/settings/vpn/VpnSettings.java b/src/com/android/settings/vpn/VpnSettings.java
index 137e42049ca..0dc171971e0 100644
--- a/src/com/android/settings/vpn/VpnSettings.java
+++ b/src/com/android/settings/vpn/VpnSettings.java
@@ -28,6 +28,7 @@ import android.content.DialogInterface;
import android.content.Intent;
import android.content.ServiceConnection;
import android.net.vpn.IVpnService;
+import android.net.vpn.L2tpIpsecProfile;
import android.net.vpn.L2tpIpsecPskProfile;
import android.net.vpn.L2tpProfile;
import android.net.vpn.VpnManager;
@@ -46,6 +47,7 @@ import android.preference.PreferenceCategory;
import android.preference.PreferenceManager;
import android.preference.PreferenceScreen;
import android.preference.Preference.OnPreferenceClickListener;
+import android.security.CertTool;
import android.security.Keystore;
import android.text.TextUtils;
import android.util.Log;
@@ -106,6 +108,7 @@ public class VpnSettings extends PreferenceActivity implements
private static final int DIALOG_RECONNECT = 2;
private static final int DIALOG_AUTH_ERROR = 3;
private static final int DIALOG_UNKNOWN_SERVER = 4;
+ private static final int DIALOG_SECRET_NOT_SET = 5;
private static final int NO_ERROR = 0;
@@ -204,6 +207,9 @@ public class VpnSettings extends PreferenceActivity implements
case DIALOG_UNKNOWN_SERVER:
return createUnknownServerDialog();
+ case DIALOG_SECRET_NOT_SET:
+ return createSecretNotSetDialog();
+
default:
return super.onCreateDialog(id);
}
@@ -252,6 +258,19 @@ public class VpnSettings extends PreferenceActivity implements
.create();
}
+ private Dialog createSecretNotSetDialog() {
+ return createCommonDialogBuilder()
+ .setMessage(R.string.vpn_secret_not_set_dialog_msg)
+ .setPositiveButton(R.string.vpn_yes_button,
+ new DialogInterface.OnClickListener() {
+ public void onClick(DialogInterface dialog, int w) {
+ VpnProfile p = mConnectingActor.getProfile();
+ startVpnEditor(p);
+ }
+ })
+ .create();
+ }
+
private AlertDialog.Builder createCommonDialogBuilder() {
return new AlertDialog.Builder(this)
.setTitle(android.R.string.dialog_alert_title)
@@ -639,6 +658,7 @@ public class VpnSettings extends PreferenceActivity implements
mConnectingActor = getActor(p);
mActiveProfile = p;
+ if (!checkSecrets(p)) return;
if (mConnectingActor.isConnectDialogNeeded()) {
showDialog(DIALOG_CONNECT);
} else {
@@ -858,6 +878,65 @@ public class VpnSettings extends PreferenceActivity implements
return NAMESPACE_VPN + "_" + keyName;
}
+ private boolean checkSecrets(VpnProfile p) {
+ Keystore ks = Keystore.getInstance();
+ HashSet secretSet = new HashSet();
+ boolean secretMissing = false;
+
+ if (p instanceof L2tpIpsecProfile) {
+ L2tpIpsecProfile certProfile = (L2tpIpsecProfile) p;
+ CertTool certTool = CertTool.getInstance();
+ Collections.addAll(secretSet, certTool.getAllCaCertificateKeys());
+ String cert = certProfile.getCaCertificate();
+ if (TextUtils.isEmpty(cert) || !secretSet.contains(cert)) {
+ certProfile.setCaCertificate(null);
+ secretMissing = true;
+ }
+
+ secretSet.clear();
+ Collections.addAll(secretSet, certTool.getAllUserCertificateKeys());
+ cert = certProfile.getUserCertificate();
+ if (TextUtils.isEmpty(cert) || !secretSet.contains(cert)) {
+ certProfile.setUserCertificate(null);
+ secretMissing = true;
+ }
+ }
+
+ secretSet.clear();
+ Collections.addAll(secretSet, ks.listKeys(NAMESPACE_VPN));
+
+ if (p instanceof L2tpIpsecPskProfile) {
+ L2tpIpsecPskProfile pskProfile = (L2tpIpsecPskProfile) p;
+ String presharedKey = pskProfile.getPresharedKey();
+ String keyName = KEY_PREFIX_IPSEC_PSK + p.getId();
+ if (TextUtils.isEmpty(presharedKey)
+ || !secretSet.contains(keyName)) {
+ pskProfile.setPresharedKey(null);
+ secretMissing = true;
+ }
+ }
+
+ if (p instanceof L2tpProfile) {
+ L2tpProfile l2tpProfile = (L2tpProfile) p;
+ if (l2tpProfile.isSecretEnabled()) {
+ String secret = l2tpProfile.getSecretString();
+ String keyName = KEY_PREFIX_L2TP_SECRET + p.getId();
+ if (TextUtils.isEmpty(secret)
+ || !secretSet.contains(keyName)) {
+ l2tpProfile.setSecretString(null);
+ secretMissing = true;
+ }
+ }
+ }
+
+ if (secretMissing) {
+ showDialog(DIALOG_SECRET_NOT_SET);
+ return false;
+ } else {
+ return true;
+ }
+ }
+
private void processSecrets(VpnProfile p) {
Keystore ks = Keystore.getInstance();
switch (p.getType()) {