This does not include certificates, private keys etc. which are still
saved in the KeyStore with the encryption the user requested for them.
Makes connecting to lockdown vpn before user unlock possible.
Bug: 26108660
Change-Id: I56c1672c7a41e761c2791584b99900aff51b59e4
The old way was garbage-heavy. To add to that some changes to the way
PreferenceScreens are redrawn was leading to some artifacts with items
fading in/out every tick.
Bug: 25588385
Change-Id: Idabf7546ab519bf196ad3b8582caa2ec6bf9e084
Currently, if the user clicks "forget" on the configuration
dialog for the profile that is currently being used by the
always-on VPN, we don't disable the lockdown VPN, and we crash
on next boot because ConnectivityService tries to start
LockdownVpnTracker with an invalid configuration.
Fix this by removing the LOCKDOWN_VPN variable in the keystore
(which disables the always-on VPN), and notifying
ConnectivityService.
Bug: 23625458
Change-Id: I3545286c9fc23517306aa94607a4b2cb55cc56c4
KeyStore.saw was renamed to KeyStore.list for clarity. The
implementation of both methods is exactly the same.
Bug: 18088752
Change-Id: I2f171a4b7479683d5af898ebdf1b6f8a741536d1
On a secondary user, the fragments ApnSettings, TetherSettings and VpnSettings
should not be started.
But an app can still send an intent to start these fragments.
Prevent this by checkin the userId in these fragments.
BUG:15313261
BUG:15312781
BUG:15312494
Change-Id: I2a36bb89a8e37e4440aa28372d7a1800b33dae37
These fetch info for the wrong user, which may be either wrong or worse
wholly nonexistent.
Bug: 20747154
Change-Id: Ibd5f2e5d3c5dfd252a032ebdfe204de7166fa3a5
VPN apps are shown alongside configured VPNs now. The requirement that
a password is set is now only enforced when setting up a configured
VPN as this is not necessary for apps.
Some UI redesign.
Bug: 19573824
Bug: 17474682
Bug: 19575658
Change-Id: I02bd977136929647d65b9784fb4cc5df24b45428
Was originally removed in ag/522961, but restoring to keep legacy VPN
behavior the same from within VpnSettings. This dialog is only
accesible from VpnSettings and so should only ever be shown for legacy
VPNs.
Bug: 17164793
Change-Id: I06c4e136e1023b8f84edfd15a15264d2e41d325b
Add new AppOps to Settings and remove references to obsolete
ManageDialog. VPN UX now lives in Quick Settings.
Bug: 12878887
Bug: 16578022
Change-Id: I102a14c05db26ee3aef030cda971e5165f078a91
This adds a spinner to the VPN settings screen which can be used to toggle
between the Settings app in the primary and managed profile so that the user
can edit settings belonging to both profiles.
Bug:16030111
Change-Id: I3b800264c634900412e8eebdbcf43a2b6913c2be
Remove the call sites that don't have the flags specified. This is to
ensure that callers know what flags they're setting.
Bug: 8122243
Change-Id: I59e38efbab6ad60a905ce8678a340da2088b19c9
Adds support for always-on VPN profiles. Users pick an always-on VPN
from list of existing VPN profiles, which must use an IP address for
both VPN server and DNS. Moved "add" operation into action bar.
Bug: 5756357
Change-Id: I4c7ed7f2a3b027be1baf65c08213336a61f3acfe
Generate the racoon and mtpd daemon arguments in system_server,
instead of accepting them from Settings.
Bug: 5756357
Change-Id: Ied048ca465aab03b2ae1c004388f49b82848b3f7
The VPN client will no longer receive the private key material directly
from the caller. Instead it will use the keystore OpenSSL ENGINE to
request that keystore does private key operations on its behalf.
We only pass the keystore key alias to the private key instead of the
private key itself now.
Change-Id: I4ea2abda5ab7dec7d7ef5f451b96fef5bc92d811
1. Support identifier in L2TP/IPSec PSK.
2. Fix profile validation for IPSec Hybrid RSA.
3. Fix crash when the user does not want to initialize keystore.
Change-Id: Id46dbbc84915dfb69f8bab6b540426e7614ab7c6
