From 4c85639733e78c754033c9c6636c6089aa991828 Mon Sep 17 00:00:00 2001
From: Robin Lee <rgl@google.com>
Date: Thu, 17 Dec 2015 11:58:24 +0000
Subject: [PATCH] [VPN] save public legacy VPN details publicly

This does not include certificates, private keys etc. which are still
saved in the KeyStore with the encryption the user requested for them.

Makes connecting to lockdown vpn before user unlock possible.

Bug: 26108660
Change-Id: I56c1672c7a41e761c2791584b99900aff51b59e4
---
 src/com/android/settings/vpn2/ConfigDialogFragment.java   | 2 +-
 src/com/android/settings/vpn2/LockdownConfigFragment.java | 5 +----
 src/com/android/settings/vpn2/VpnSettings.java            | 7 -------
 3 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java
index a6189a9f56d..d145ba30e4c 100644
--- a/src/com/android/settings/vpn2/ConfigDialogFragment.java
+++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java
@@ -107,7 +107,7 @@ public class ConfigDialogFragment extends DialogFragment implements
         if (button == DialogInterface.BUTTON_POSITIVE) {
             // Update KeyStore entry
             KeyStore.getInstance().put(Credentials.VPN + profile.key, profile.encode(),
-                    KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
+                    KeyStore.UID_SELF, /* flags */ 0);
 
             // Flush out old version of profile
             disconnect(profile);
diff --git a/src/com/android/settings/vpn2/LockdownConfigFragment.java b/src/com/android/settings/vpn2/LockdownConfigFragment.java
index 581b55dbf35..d60cebcc848 100644
--- a/src/com/android/settings/vpn2/LockdownConfigFragment.java
+++ b/src/com/android/settings/vpn2/LockdownConfigFragment.java
@@ -64,9 +64,6 @@ public class LockdownConfigFragment extends DialogFragment {
     }
 
     private static String getStringOrNull(KeyStore keyStore, String key) {
-        if (!keyStore.isUnlocked()) {
-            return null;
-        }
         final byte[] value = keyStore.get(key);
         return value == null ? null : new String(value);
     }
@@ -122,7 +119,7 @@ public class LockdownConfigFragment extends DialogFragment {
                         return;
                     }
                     keyStore.put(Credentials.LOCKDOWN_VPN, profile.key.getBytes(),
-                            KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
+                            KeyStore.UID_SELF, /* flags */ 0);
                 }
 
                 // kick profiles since we changed them
diff --git a/src/com/android/settings/vpn2/VpnSettings.java b/src/com/android/settings/vpn2/VpnSettings.java
index 00f6a1255c1..40b05c593fa 100644
--- a/src/com/android/settings/vpn2/VpnSettings.java
+++ b/src/com/android/settings/vpn2/VpnSettings.java
@@ -456,13 +456,6 @@ public class VpnSettings extends SettingsPreferenceFragment implements
     protected static List<VpnProfile> loadVpnProfiles(KeyStore keyStore, int... excludeTypes) {
         final ArrayList<VpnProfile> result = Lists.newArrayList();
 
-        // This might happen if the user does not yet have a keystore. Quietly short-circuit because
-        // no keystore means no VPN configs.
-        if (!keyStore.isUnlocked()) {
-            return result;
-        }
-
-        // We are the only user of profiles in KeyStore so no locks are needed.
         for (String key : keyStore.list(Credentials.VPN)) {
             final VpnProfile profile = VpnProfile.decode(key, keyStore.get(Credentials.VPN + key));
             if (profile != null && !ArrayUtils.contains(excludeTypes, profile.type)) {