Allow only valid EAP configs
We allow configuring all possible EAP fields today even though some of the configs make no sense and will not result in a successful connection. Allow only support configs for various EAP methods Change-Id: I2e3e8d4d6203acb2eac8cd645df39e1a9ca579ab
This commit is contained in:
Irfan Sheriff
committed by
Irfan Sheriff
Irfan Sheriff
parent
f3a0201202
commit
ce68912621
@@ -142,7 +142,7 @@
|
|||||||
</LinearLayout>
|
</LinearLayout>
|
||||||
</LinearLayout>
|
</LinearLayout>
|
||||||
|
|
||||||
<LinearLayout
|
<LinearLayout android:id="@+id/password_layout"
|
||||||
style="@style/wifi_item" >
|
style="@style/wifi_item" >
|
||||||
<TextView
|
<TextView
|
||||||
style="@style/wifi_item_label"
|
style="@style/wifi_item_label"
|
||||||
@@ -154,7 +154,7 @@
|
|||||||
android:password="true" />
|
android:password="true" />
|
||||||
</LinearLayout>
|
</LinearLayout>
|
||||||
|
|
||||||
<LinearLayout
|
<LinearLayout android:id="@+id/show_password_layout"
|
||||||
style="@style/wifi_item" >
|
style="@style/wifi_item" >
|
||||||
<!-- Dummy to enable right-justification of checkbox -->
|
<!-- Dummy to enable right-justification of checkbox -->
|
||||||
<TextView
|
<TextView
|
||||||
|
|||||||
@@ -427,7 +427,14 @@
|
|||||||
<item>PWD</item>
|
<item>PWD</item>
|
||||||
</string-array>
|
</string-array>
|
||||||
|
|
||||||
<!-- Phase 2 options -->
|
<!-- Phase 2 options for PEAP -->
|
||||||
|
<string-array name="wifi_peap_phase2_entries">
|
||||||
|
<item>None</item>
|
||||||
|
<item>MSCHAPV2</item>
|
||||||
|
<item>GTC</item>
|
||||||
|
</string-array>
|
||||||
|
|
||||||
|
<!-- Phase 2 options for rest of EAP methods -->
|
||||||
<string-array name="wifi_phase2_entries">
|
<string-array name="wifi_phase2_entries">
|
||||||
<item>None</item>
|
<item>None</item>
|
||||||
<item>PAP</item>
|
<item>PAP</item>
|
||||||
|
|||||||
@@ -31,7 +31,9 @@ import android.net.wifi.WifiConfiguration.AuthAlgorithm;
|
|||||||
import android.net.wifi.WifiConfiguration.IpAssignment;
|
import android.net.wifi.WifiConfiguration.IpAssignment;
|
||||||
import android.net.wifi.WifiConfiguration.KeyMgmt;
|
import android.net.wifi.WifiConfiguration.KeyMgmt;
|
||||||
import android.net.wifi.WifiConfiguration.ProxySettings;
|
import android.net.wifi.WifiConfiguration.ProxySettings;
|
||||||
import android.net.wifi.WifiConfiguration.Status;
|
import android.net.wifi.WifiEnterpriseConfig;
|
||||||
|
import android.net.wifi.WifiEnterpriseConfig.Eap;
|
||||||
|
import android.net.wifi.WifiEnterpriseConfig.Phase2;
|
||||||
import android.net.wifi.WifiInfo;
|
import android.net.wifi.WifiInfo;
|
||||||
import android.os.Handler;
|
import android.os.Handler;
|
||||||
import android.security.Credentials;
|
import android.security.Credentials;
|
||||||
@@ -76,11 +78,19 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
private TextView mPasswordView;
|
private TextView mPasswordView;
|
||||||
|
|
||||||
private String unspecifiedCert = "unspecified";
|
private String unspecifiedCert = "unspecified";
|
||||||
|
private static final int unspecifiedCertIndex = 0;
|
||||||
|
|
||||||
|
/* Phase2 methods supported by PEAP are limited */
|
||||||
|
private final ArrayAdapter<String> PHASE2_PEAP_ADAPTER;
|
||||||
|
/* Full list of phase2 methods */
|
||||||
|
private final ArrayAdapter<String> PHASE2_FULL_ADAPTER;
|
||||||
|
|
||||||
private Spinner mSecuritySpinner;
|
private Spinner mSecuritySpinner;
|
||||||
private Spinner mEapMethodSpinner;
|
private Spinner mEapMethodSpinner;
|
||||||
private Spinner mEapCaCertSpinner;
|
private Spinner mEapCaCertSpinner;
|
||||||
private Spinner mPhase2Spinner;
|
private Spinner mPhase2Spinner;
|
||||||
|
// Associated with mPhase2Spinner, one of PHASE2_FULL_ADAPTER or PHASE2_PEAP_ADAPTER
|
||||||
|
private ArrayAdapter<String> mPhase2Adapter;
|
||||||
private Spinner mEapUserCertSpinner;
|
private Spinner mEapUserCertSpinner;
|
||||||
private TextView mEapIdentityView;
|
private TextView mEapIdentityView;
|
||||||
private TextView mEapAnonymousView;
|
private TextView mEapAnonymousView;
|
||||||
@@ -93,12 +103,17 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
public static final int PROXY_NONE = 0;
|
public static final int PROXY_NONE = 0;
|
||||||
public static final int PROXY_STATIC = 1;
|
public static final int PROXY_STATIC = 1;
|
||||||
|
|
||||||
/* These values from from "wifi_eap_method" resource array */
|
/* These values come from "wifi_eap_method" resource array */
|
||||||
public static final int WIFI_EAP_METHOD_PEAP = 0;
|
public static final int WIFI_EAP_METHOD_PEAP = 0;
|
||||||
public static final int WIFI_EAP_METHOD_TLS = 1;
|
public static final int WIFI_EAP_METHOD_TLS = 1;
|
||||||
public static final int WIFI_EAP_METHOD_TTLS = 2;
|
public static final int WIFI_EAP_METHOD_TTLS = 2;
|
||||||
public static final int WIFI_EAP_METHOD_PWD = 3;
|
public static final int WIFI_EAP_METHOD_PWD = 3;
|
||||||
|
|
||||||
|
/* These values come from "wifi_peap_phase2_entries" resource array */
|
||||||
|
public static final int WIFI_PEAP_PHASE2_NONE = 0;
|
||||||
|
public static final int WIFI_PEAP_PHASE2_MSCHAPV2 = 1;
|
||||||
|
public static final int WIFI_PEAP_PHASE2_GTC = 2;
|
||||||
|
|
||||||
private static final String TAG = "WifiConfigController";
|
private static final String TAG = "WifiConfigController";
|
||||||
|
|
||||||
private Spinner mIpSettingsSpinner;
|
private Spinner mIpSettingsSpinner;
|
||||||
@@ -137,6 +152,16 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
final Context context = mConfigUi.getContext();
|
final Context context = mConfigUi.getContext();
|
||||||
final Resources resources = context.getResources();
|
final Resources resources = context.getResources();
|
||||||
|
|
||||||
|
PHASE2_PEAP_ADAPTER = new ArrayAdapter<String>(
|
||||||
|
context, android.R.layout.simple_spinner_item,
|
||||||
|
context.getResources().getStringArray(R.array.wifi_peap_phase2_entries));
|
||||||
|
PHASE2_PEAP_ADAPTER.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item);
|
||||||
|
|
||||||
|
PHASE2_FULL_ADAPTER = new ArrayAdapter<String>(
|
||||||
|
context, android.R.layout.simple_spinner_item,
|
||||||
|
context.getResources().getStringArray(R.array.wifi_phase2_entries));
|
||||||
|
PHASE2_FULL_ADAPTER.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item);
|
||||||
|
|
||||||
unspecifiedCert = context.getString(R.string.wifi_unspecified);
|
unspecifiedCert = context.getString(R.string.wifi_unspecified);
|
||||||
mIpSettingsSpinner = (Spinner) mView.findViewById(R.id.ip_settings);
|
mIpSettingsSpinner = (Spinner) mView.findViewById(R.id.ip_settings);
|
||||||
mIpSettingsSpinner.setOnItemSelectedListener(this);
|
mIpSettingsSpinner.setOnItemSelectedListener(this);
|
||||||
@@ -339,20 +364,56 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
case AccessPoint.SECURITY_EAP:
|
case AccessPoint.SECURITY_EAP:
|
||||||
config.allowedKeyManagement.set(KeyMgmt.WPA_EAP);
|
config.allowedKeyManagement.set(KeyMgmt.WPA_EAP);
|
||||||
config.allowedKeyManagement.set(KeyMgmt.IEEE8021X);
|
config.allowedKeyManagement.set(KeyMgmt.IEEE8021X);
|
||||||
config.enterpriseConfig.setEapMethod(mEapMethodSpinner.getSelectedItemPosition());
|
config.enterpriseConfig = new WifiEnterpriseConfig();
|
||||||
config.enterpriseConfig.setPhase2Method(mPhase2Spinner.getSelectedItemPosition());
|
int eapMethod = mEapMethodSpinner.getSelectedItemPosition();
|
||||||
|
int phase2Method = mPhase2Spinner.getSelectedItemPosition();
|
||||||
|
config.enterpriseConfig.setEapMethod(eapMethod);
|
||||||
|
switch (eapMethod) {
|
||||||
|
case Eap.PEAP:
|
||||||
|
// PEAP supports limited phase2 values
|
||||||
|
// Map the index from the PHASE2_PEAP_ADAPTER to the one used
|
||||||
|
// by the API which has the full list of PEAP methods.
|
||||||
|
switch(phase2Method) {
|
||||||
|
case WIFI_PEAP_PHASE2_NONE:
|
||||||
|
config.enterpriseConfig.setPhase2Method(Phase2.NONE);
|
||||||
|
break;
|
||||||
|
case WIFI_PEAP_PHASE2_MSCHAPV2:
|
||||||
|
config.enterpriseConfig.setPhase2Method(Phase2.MSCHAPV2);
|
||||||
|
break;
|
||||||
|
case WIFI_PEAP_PHASE2_GTC:
|
||||||
|
config.enterpriseConfig.setPhase2Method(Phase2.GTC);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
Log.e(TAG, "Unknown phase2 method" + phase2Method);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
// The default index from PHASE2_FULL_ADAPTER maps to the API
|
||||||
|
config.enterpriseConfig.setPhase2Method(phase2Method);
|
||||||
|
break;
|
||||||
|
}
|
||||||
String caCert = (String) mEapCaCertSpinner.getSelectedItem();
|
String caCert = (String) mEapCaCertSpinner.getSelectedItem();
|
||||||
if (caCert.equals(unspecifiedCert)) caCert = "";
|
if (caCert.equals(unspecifiedCert)) caCert = "";
|
||||||
|
config.enterpriseConfig.setCaCertificate(caCert);
|
||||||
String clientCert = (String) mEapUserCertSpinner.getSelectedItem();
|
String clientCert = (String) mEapUserCertSpinner.getSelectedItem();
|
||||||
if (clientCert.equals(unspecifiedCert)) clientCert = "";
|
if (clientCert.equals(unspecifiedCert)) clientCert = "";
|
||||||
config.enterpriseConfig.setCaCertificate(caCert);
|
|
||||||
config.enterpriseConfig.setClientCertificate(clientCert);
|
config.enterpriseConfig.setClientCertificate(clientCert);
|
||||||
config.enterpriseConfig.setIdentity(mEapIdentityView.getText().toString());
|
config.enterpriseConfig.setIdentity(mEapIdentityView.getText().toString());
|
||||||
config.enterpriseConfig.setAnonymousIdentity(
|
config.enterpriseConfig.setAnonymousIdentity(
|
||||||
mEapAnonymousView.getText().toString());
|
mEapAnonymousView.getText().toString());
|
||||||
config.enterpriseConfig.setPassword(mPasswordView.getText().toString());
|
|
||||||
break;
|
|
||||||
|
|
||||||
|
if (mPasswordView.isShown()) {
|
||||||
|
// For security reasons, a previous password is not displayed to user.
|
||||||
|
// Update only if it has been changed.
|
||||||
|
if (mPasswordView.length() > 0) {
|
||||||
|
config.enterpriseConfig.setPassword(mPasswordView.getText().toString());
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// clear password
|
||||||
|
config.enterpriseConfig.setPassword(mPasswordView.getText().toString());
|
||||||
|
}
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
@@ -519,32 +580,137 @@ public class WifiConfigController implements TextWatcher,
|
|||||||
loadCertificates(mEapCaCertSpinner, Credentials.CA_CERTIFICATE);
|
loadCertificates(mEapCaCertSpinner, Credentials.CA_CERTIFICATE);
|
||||||
loadCertificates(mEapUserCertSpinner, Credentials.USER_PRIVATE_KEY);
|
loadCertificates(mEapUserCertSpinner, Credentials.USER_PRIVATE_KEY);
|
||||||
|
|
||||||
|
// Modifying an existing network
|
||||||
if (mAccessPoint != null && mAccessPoint.networkId != INVALID_NETWORK_ID) {
|
if (mAccessPoint != null && mAccessPoint.networkId != INVALID_NETWORK_ID) {
|
||||||
WifiConfiguration config = mAccessPoint.getConfig();
|
WifiConfiguration config = mAccessPoint.getConfig();
|
||||||
mEapMethodSpinner.setSelection(config.enterpriseConfig.getEapMethod());
|
int eapMethod = config.enterpriseConfig.getEapMethod();
|
||||||
mPhase2Spinner.setSelection(config.enterpriseConfig.getPhase2Method());
|
int phase2Method = config.enterpriseConfig.getPhase2Method();
|
||||||
|
mEapMethodSpinner.setSelection(eapMethod);
|
||||||
|
showEapFieldsByMethod(eapMethod);
|
||||||
|
switch (eapMethod) {
|
||||||
|
case Eap.PEAP:
|
||||||
|
switch (phase2Method) {
|
||||||
|
case Phase2.NONE:
|
||||||
|
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_NONE);
|
||||||
|
break;
|
||||||
|
case Phase2.MSCHAPV2:
|
||||||
|
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_MSCHAPV2);
|
||||||
|
break;
|
||||||
|
case Phase2.GTC:
|
||||||
|
mPhase2Spinner.setSelection(WIFI_PEAP_PHASE2_GTC);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
Log.e(TAG, "Invalid phase 2 method " + phase2Method);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
mPhase2Spinner.setSelection(phase2Method);
|
||||||
|
break;
|
||||||
|
}
|
||||||
setSelection(mEapCaCertSpinner, config.enterpriseConfig.getCaCertificate());
|
setSelection(mEapCaCertSpinner, config.enterpriseConfig.getCaCertificate());
|
||||||
setSelection(mEapUserCertSpinner, config.enterpriseConfig.getClientCertificate());
|
setSelection(mEapUserCertSpinner, config.enterpriseConfig.getClientCertificate());
|
||||||
mEapIdentityView.setText(config.enterpriseConfig.getIdentity());
|
mEapIdentityView.setText(config.enterpriseConfig.getIdentity());
|
||||||
mEapAnonymousView.setText(config.enterpriseConfig.getAnonymousIdentity());
|
mEapAnonymousView.setText(config.enterpriseConfig.getAnonymousIdentity());
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
showEapFieldsByMethod(mEapMethodSpinner.getSelectedItemPosition());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* EAP-PWD valid fields include
|
||||||
|
* identity
|
||||||
|
* password
|
||||||
|
* EAP-PEAP valid fields include
|
||||||
|
* phase2: MSCHAPV2, GTC
|
||||||
|
* ca_cert
|
||||||
|
* identity
|
||||||
|
* anonymous_identity
|
||||||
|
* password
|
||||||
|
* EAP-TLS valid fields include
|
||||||
|
* user_cert
|
||||||
|
* ca_cert
|
||||||
|
* identity
|
||||||
|
* EAP-TTLS valid fields include
|
||||||
|
* phase2: PAP, MSCHAP, MSCHAPV2, GTC
|
||||||
|
* ca_cert
|
||||||
|
* identity
|
||||||
|
* anonymous_identity
|
||||||
|
* password
|
||||||
|
*/
|
||||||
|
private void showEapFieldsByMethod(int eapMethod) {
|
||||||
|
// Common defaults
|
||||||
mView.findViewById(R.id.l_method).setVisibility(View.VISIBLE);
|
mView.findViewById(R.id.l_method).setVisibility(View.VISIBLE);
|
||||||
mView.findViewById(R.id.l_identity).setVisibility(View.VISIBLE);
|
mView.findViewById(R.id.l_identity).setVisibility(View.VISIBLE);
|
||||||
|
|
||||||
if (mEapMethodSpinner.getSelectedItemPosition() == WIFI_EAP_METHOD_PWD){
|
// Defaults for most of the EAP methods and over-riden by
|
||||||
mView.findViewById(R.id.l_phase2).setVisibility(View.GONE);
|
// by certain EAP methods
|
||||||
mView.findViewById(R.id.l_ca_cert).setVisibility(View.GONE);
|
|
||||||
mView.findViewById(R.id.l_user_cert).setVisibility(View.GONE);
|
|
||||||
mView.findViewById(R.id.l_anonymous).setVisibility(View.GONE);
|
|
||||||
} else {
|
|
||||||
mView.findViewById(R.id.l_phase2).setVisibility(View.VISIBLE);
|
|
||||||
mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE);
|
mView.findViewById(R.id.l_ca_cert).setVisibility(View.VISIBLE);
|
||||||
|
mView.findViewById(R.id.password_layout).setVisibility(View.VISIBLE);
|
||||||
|
mView.findViewById(R.id.show_password_layout).setVisibility(View.VISIBLE);
|
||||||
|
|
||||||
|
Context context = mConfigUi.getContext();
|
||||||
|
switch (eapMethod) {
|
||||||
|
case WIFI_EAP_METHOD_PWD:
|
||||||
|
setPhase2Invisible();
|
||||||
|
setCaCertInvisible();
|
||||||
|
setAnonymousIdentInvisible();
|
||||||
|
setUserCertInvisible();
|
||||||
|
break;
|
||||||
|
case WIFI_EAP_METHOD_TLS:
|
||||||
mView.findViewById(R.id.l_user_cert).setVisibility(View.VISIBLE);
|
mView.findViewById(R.id.l_user_cert).setVisibility(View.VISIBLE);
|
||||||
mView.findViewById(R.id.l_anonymous).setVisibility(View.VISIBLE);
|
setPhase2Invisible();
|
||||||
|
setAnonymousIdentInvisible();
|
||||||
|
setPasswordInvisible();
|
||||||
|
break;
|
||||||
|
case WIFI_EAP_METHOD_PEAP:
|
||||||
|
// Reset adapter if needed
|
||||||
|
if (mPhase2Adapter != PHASE2_PEAP_ADAPTER) {
|
||||||
|
mPhase2Adapter = PHASE2_PEAP_ADAPTER;
|
||||||
|
mPhase2Spinner.setAdapter(mPhase2Adapter);
|
||||||
}
|
}
|
||||||
|
mView.findViewById(R.id.l_phase2).setVisibility(View.VISIBLE);
|
||||||
|
mView.findViewById(R.id.l_anonymous).setVisibility(View.VISIBLE);
|
||||||
|
setUserCertInvisible();
|
||||||
|
break;
|
||||||
|
case WIFI_EAP_METHOD_TTLS:
|
||||||
|
// Reset adapter if needed
|
||||||
|
if (mPhase2Adapter != PHASE2_FULL_ADAPTER) {
|
||||||
|
mPhase2Adapter = PHASE2_FULL_ADAPTER;
|
||||||
|
mPhase2Spinner.setAdapter(mPhase2Adapter);
|
||||||
|
}
|
||||||
|
mView.findViewById(R.id.l_phase2).setVisibility(View.VISIBLE);
|
||||||
|
mView.findViewById(R.id.l_anonymous).setVisibility(View.VISIBLE);
|
||||||
|
setUserCertInvisible();
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setPhase2Invisible() {
|
||||||
|
mView.findViewById(R.id.l_phase2).setVisibility(View.GONE);
|
||||||
|
mPhase2Spinner.setSelection(Phase2.NONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setCaCertInvisible() {
|
||||||
|
mView.findViewById(R.id.l_ca_cert).setVisibility(View.GONE);
|
||||||
|
mEapCaCertSpinner.setSelection(unspecifiedCertIndex);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setUserCertInvisible() {
|
||||||
|
mView.findViewById(R.id.l_user_cert).setVisibility(View.GONE);
|
||||||
|
mEapUserCertSpinner.setSelection(unspecifiedCertIndex);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setAnonymousIdentInvisible() {
|
||||||
|
mView.findViewById(R.id.l_anonymous).setVisibility(View.GONE);
|
||||||
|
mEapAnonymousView.setText("");
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setPasswordInvisible() {
|
||||||
|
mPasswordView.setText("");
|
||||||
|
mView.findViewById(R.id.password_layout).setVisibility(View.GONE);
|
||||||
|
mView.findViewById(R.id.show_password_layout).setVisibility(View.GONE);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void showIpConfigFields() {
|
private void showIpConfigFields() {
|
||||||
|
|||||||
Reference in New Issue
Block a user