diff --git a/res/values/strings.xml b/res/values/strings.xml
index 940c84e751b..1cf34532bca 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -5379,6 +5379,8 @@
There is no network connection. Please try again later.
+
+ Disconnected from VPN
A certificate is missing. Please edit the profile.
diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index f228f3e9c4f..20de9a22f6a 100644
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -47,6 +47,7 @@ import android.widget.Toast;
import com.android.internal.widget.LockPatternUtils;
import com.android.org.bouncycastle.asn1.ASN1InputStream;
import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.settings.vpn2.VpnUtils;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
@@ -361,6 +362,7 @@ public final class CredentialStorage extends Activity {
if (success) {
Toast.makeText(CredentialStorage.this,
R.string.credentials_erased, Toast.LENGTH_SHORT).show();
+ clearLegacyVpnIfEstablished();
} else {
Toast.makeText(CredentialStorage.this,
R.string.credentials_not_erased, Toast.LENGTH_SHORT).show();
@@ -369,6 +371,14 @@ public final class CredentialStorage extends Activity {
}
}
+ private void clearLegacyVpnIfEstablished() {
+ boolean isDone = VpnUtils.disconnectLegacyVpn(getApplicationContext());
+ if (isDone) {
+ Toast.makeText(CredentialStorage.this, R.string.vpn_disconnected,
+ Toast.LENGTH_SHORT).show();
+ }
+ }
+
/**
* Prompt for key guard configuration confirmation.
*/
diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java
index cf748e40044..5aa10b94d1f 100644
--- a/src/com/android/settings/vpn2/ConfigDialogFragment.java
+++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java
@@ -249,8 +249,7 @@ public class ConfigDialogFragment extends InstrumentedDialogFragment implements
if (!isConnected(profile)) {
return true;
}
- VpnUtils.clearLockdownVpn(mContext);
- return mService.prepareVpn(null, VpnConfig.LEGACY_VPN, UserHandle.myUserId());
+ return VpnUtils.disconnectLegacyVpn(getContext());
} catch (RemoteException e) {
Log.e(TAG, "Failed to disconnect", e);
return false;
diff --git a/src/com/android/settings/vpn2/VpnUtils.java b/src/com/android/settings/vpn2/VpnUtils.java
index c9f971d7d4e..a36cce82e01 100644
--- a/src/com/android/settings/vpn2/VpnUtils.java
+++ b/src/com/android/settings/vpn2/VpnUtils.java
@@ -23,7 +23,9 @@ import android.os.ServiceManager;
import android.provider.Settings;
import android.security.Credentials;
import android.security.KeyStore;
+import android.util.Log;
+import com.android.internal.net.LegacyVpnInfo;
import com.android.internal.net.VpnConfig;
/**
@@ -32,6 +34,9 @@ import com.android.internal.net.VpnConfig;
* Keystore methods should only be called in system user
*/
public class VpnUtils {
+
+ private static final String TAG = "VpnUtils";
+
public static String getLockdownVpn() {
final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN);
return value == null ? null : new String(value);
@@ -86,4 +91,20 @@ public class VpnUtils {
public static boolean isAlwaysOnVpnSet(ConnectivityManagerWrapper cm, final int userId) {
return cm.getAlwaysOnVpnPackageForUser(userId) != null;
}
+
+ public static boolean disconnectLegacyVpn(Context context) {
+ try {
+ int userId = context.getUserId();
+ IConnectivityManager connectivityService = getIConnectivityManager();
+ LegacyVpnInfo currentLegacyVpn = connectivityService.getLegacyVpnInfo(userId);
+ if (currentLegacyVpn != null) {
+ clearLockdownVpn(context);
+ connectivityService.prepareVpn(null, VpnConfig.LEGACY_VPN, userId);
+ return true;
+ }
+ } catch (RemoteException e) {
+ Log.e(TAG, "Legacy VPN could not be disconnected", e);
+ }
+ return false;
+ }
}