From 03159e4c85991fb6e4f1e016cdaf7f8947386c50 Mon Sep 17 00:00:00 2001 From: "insight.lee" Date: Tue, 17 Jan 2017 08:27:01 +0900 Subject: [PATCH] Clear VPN after Clear credentials if VPN is being established 1. There is no way to disconnect VPN after 'Clear credentials' without removing whole Internet connection because VPN profile to disconnect is removed when Clear credentials. 2. This commit checks whether VPN is being established or not when Clear credentials and disconnect VPN if VPN is being established. Lastly, this shows a toast message to inform VPN disconnected. Test: manual - took a photo Signed-off-by : Sungmin Lee Bug: 29093779 Change-Id: Id5ea01c8731b3b0fca2a31d9d84e8c103952b377 --- res/values/strings.xml | 2 ++ .../android/settings/CredentialStorage.java | 10 +++++++ .../settings/vpn2/ConfigDialogFragment.java | 4 +-- src/com/android/settings/vpn2/VpnUtils.java | 26 +++++++++++++++++++ 4 files changed, 39 insertions(+), 3 deletions(-) diff --git a/res/values/strings.xml b/res/values/strings.xml index 4dcca6224ce..877da582145 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -5357,6 +5357,8 @@ There is no network connection. Please try again later. + + Disconnected from VPN A certificate is missing. Please edit the profile. diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java index eed380bae4f..df3d3e9becd 100644 --- a/src/com/android/settings/CredentialStorage.java +++ b/src/com/android/settings/CredentialStorage.java @@ -47,6 +47,7 @@ import android.widget.Toast; import com.android.internal.widget.LockPatternUtils; import com.android.org.bouncycastle.asn1.ASN1InputStream; import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import com.android.settings.vpn2.VpnUtils; import sun.security.util.ObjectIdentifier; import sun.security.x509.AlgorithmId; @@ -361,6 +362,7 @@ public final class CredentialStorage extends Activity { if (success) { Toast.makeText(CredentialStorage.this, R.string.credentials_erased, Toast.LENGTH_SHORT).show(); + clearLegacyVpnIfEstablished(); } else { Toast.makeText(CredentialStorage.this, R.string.credentials_not_erased, Toast.LENGTH_SHORT).show(); @@ -369,6 +371,14 @@ public final class CredentialStorage extends Activity { } } + private void clearLegacyVpnIfEstablished() { + boolean isDone = VpnUtils.disconnectLegacyVpn(getApplicationContext()); + if (isDone) { + Toast.makeText(CredentialStorage.this, R.string.vpn_disconnected, + Toast.LENGTH_SHORT).show(); + } + } + /** * Prompt for key guard configuration confirmation. */ diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java index 788b9a97262..af435f003dc 100644 --- a/src/com/android/settings/vpn2/ConfigDialogFragment.java +++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java @@ -176,9 +176,7 @@ public class ConfigDialogFragment extends DialogFragment implements try { LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId()); if (connected != null && profile.key.equals(connected.key)) { - VpnUtils.clearLockdownVpn(getContext()); - mService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN, - UserHandle.myUserId()); + VpnUtils.disconnectLegacyVpn(getContext()); } } catch (RemoteException e) { Log.e(TAG, "Failed to disconnect", e); diff --git a/src/com/android/settings/vpn2/VpnUtils.java b/src/com/android/settings/vpn2/VpnUtils.java index 6afa79b73bd..0e9a87e9df8 100644 --- a/src/com/android/settings/vpn2/VpnUtils.java +++ b/src/com/android/settings/vpn2/VpnUtils.java @@ -17,8 +17,15 @@ package com.android.settings.vpn2; import android.content.Context; import android.net.ConnectivityManager; +import android.net.IConnectivityManager; +import android.os.RemoteException; +import android.os.ServiceManager; import android.security.Credentials; import android.security.KeyStore; +import android.util.Log; + +import com.android.internal.net.LegacyVpnInfo; +import com.android.internal.net.VpnConfig; /** * Utility functions for vpn. @@ -27,6 +34,8 @@ import android.security.KeyStore; */ public class VpnUtils { + private static final String TAG = "VpnUtils"; + public static String getLockdownVpn() { final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN); return value == null ? null : new String(value); @@ -48,4 +57,21 @@ public class VpnUtils { public static boolean isVpnLockdown(String key) { return key.equals(getLockdownVpn()); } + + public static boolean disconnectLegacyVpn(Context context) { + try { + int userId = context.getUserId(); + IConnectivityManager connectivityService = IConnectivityManager.Stub + .asInterface(ServiceManager.getService(Context.CONNECTIVITY_SERVICE)); + LegacyVpnInfo currentLegacyVpn = connectivityService.getLegacyVpnInfo(userId); + if (currentLegacyVpn != null) { + clearLockdownVpn(context); + connectivityService.prepareVpn(null, VpnConfig.LEGACY_VPN, userId); + return true; + } + } catch (RemoteException e) { + Log.e(TAG, "Legacy VPN could not be disconnected", e); + } + return false; + } }