If permission review is enabled toggling WiFi on or off
results in a user prompt to collect a consent. This applies
only to legacy apps, i.e. ones that don't support runtime
permissions as they target SDK 22.
bug:28715749
Change-Id: I10d1231ea0c47eec5993dbe367cc0c245cba9385
This functionality is replaced by ConnectivityManager.startTethering()
and ConnectivityManager.stopTethering().
Bug: 30147602
Test: Can toggle tethering on/off via all of settings, quick settings,
and quick quick settings.
Change-Id: I4d190185c473237982b988f898e76d4997dc401c
Its broken and isn't worth maintaining, instead port the few things
using it over to SettingsPreferenceActivity with wrapping blank
Activities like the rest of Settings.
Change-Id: Ic82f0dcb63ed9b4078f7da6a79c0c52f0130e8d1
Fixes: 28779941
am: ace9f52725
* commit 'ace9f527253a5464308f8dd3aa97f841d5d2d996':
Display connect button in the wifi connection menu
Change-Id: Ia72d92c7e50cfb316772609e561b34d0b8c62333
The background thread is not stopping listening fast enough and is
resulting in first a receiver leak message followed by a crash when
trying to finally unregister the receiver.
Fix this by adding a registerReceiver to SummaryLoader that will
automatically unregister the receiver on the main thread to ensure
it happens in time.
Change-Id: I0104e929d5505eb53993f6765e4c90120df35cf6
Fixes: 28211606
...when there is an active hotspot and user restriction for disallowing
tether config is in effect. This is to avoid getting security exceptions
from WifiManager when engaging with HotspotCondition or Wifi enable switch.
Bug:27936528
Change-Id: Ib3324e853277c177966b55668758d349ffe6ecf5
There are still some remaining animation issues on the wifi screen.
To avoid regressions from M, just disable animations on the entire
wifi screen.
Change-Id: Iabf8ace731638ae7af483c6f3887ca351b17ac60
Fixes: 26271353
-Remove fragments of the defunct/removed ip-address ping test
-Update a dangling resource reference
Bug: 27771038
Change-Id: Ib26eb6427eb6fbe6ef2d1f235277af3d2e8093f1
Disable animations for all SettingsPreferenceFragments, unless they
explicitly ask for them before creating their preference screens.
Turn it on for all fragments using the cached removal currently.
Bug: 27713314
Change-Id: I1bc14e7aeb3ee5b8ddb4f3547f472305cd312edf
Show policy transparency dialog if user tries to modify a
wifi configuration locked by device owner.
Bug: 27375948
Change-Id: I504082282f57bc5de9f097e962d195ecd2cc9da4
When you quickly try to reconnect after forgeting the AP, the connection
is in DISCONNECTED state and we may still display the connect button
Change-Id: I755a259fdf68fab470d7f69aa461f5bcedddfd5b
Signed-off-by: Damien Vagner <damienx.vagner@intel.com>
Signed-off-by: Zhiquan Liu <zhiquan.liu@intel.com>
Removing all prefs causes ugly animations, so avoid it at all cost
and cache all the prefs (while still added) as long as possible.
Bug: 26271353
Change-Id: I33b84d751938b460f4b66c0158057407dd45d974
The WPA supplicant ca_cert and ca_path directives should not
both be non-null, since our EAP settings logic only allows one
or the other to be used.
Modify logic in getConfig() to explicitly set ca_path or ca_cert
to null if it is not used. This explicit null value is necessary
to override a previously non-null value saved in an existing
configuration.
Also, always set the domain_suffix_match directive, which
will lead to this directive to be reset when the Domain
field is hidden.
BUG: 27194668
TEST: 1) Install custom ca certificate onto device as "testcert"
TEST: 2) Configure an EAP-TLS network with CA certificate
"testcert", Domain "testdomain",
User certificate "Do not provide", identity empty, and save.
TEST: 3) Read network variables in data/misc/wifi/wpa_supplicant.conf
and ensure that ca_cert is "testcert", ca_path is not
present, and domain_suffix_match is "testdomain".
TEST: 4) Modify that same EAP-TLS network configured in step 2 with
CA certificate "Use system certificates", Domain "testdomain",
User certificate "Do not provide", identity empty, and save.
TEST: 5) Read network variables in data/misc/wifi/wpa_supplicant.eonf
and ensure that ca_cert is "keystore://CACERT_testcert",
ca_path is not present, and domain_suffix_match is
"testdomain".
TEST: 6) Modify that same EAP-TLS network configured in step 2 to be
an EAP-PWD network. Leave Identity and Password blank, and
save.
TEST: 7) Read network variables in data/misc/wifi/wpa_supplicant.eonf
and ensure that ca_cert, ca_path, and domain_suffix_match are
not present.
Change-Id: I547f3e359bc8e9b77e51e10e60356b857230636f
Add an option to the "CA certificate" field of the EAP network
configuration menu, "Use system certificates". Choosing this option
will cause the trusted, pre-installed, system CA certificates
to be used to validate EAP servers during the authentication process.
This only applies to EAP-TLS, EAP-TTLS, and EAP-PEAP network
configurations, where the CA certificate option is available.
If the user selects "Use system certificates" and leaves the
"Domain" field empty, display a warning and prevent the
EAP network configuration from being saved. Such a configuration
would be insecure--the user should constrain the domain that
the system certificates can be used to validate.
BUG: 26879191
TEST: 1) Set up AP connected to test RADIUS server.
TEST: 2) Generate a self-signed cert (Cert 1)
TEST: 3) Use Cert 1 to sign another cert (Cert 2) with common name
"sub1.sub2.domain.com"
TEST: 4) Setup RADIUS server, and configure it to present Cert 2 to EAP peer.
TEST: 5) Build angler image with Cert 1 installed in
/system/etc/security/cacerts/
TEST: 6) Set up an AP connected to the RADIUS server to broadcast
a WPA-Enterprise network.
TEST: 7) On Angler, connect to this WPA-Enterprise network with settings:
Network name: (AP SSID)
Security: 802.1x EAP
EAP method: TLS
CA certificate: Use system certificates
Domain: domain.com
User certificate: (test certificate from RADIUS setup)
Identity: (identity used for RADIUS setup)
TEST: 8) Verify that we connect successfully to the AP.
TEST: 9) Verify that connection still succeeds if Domain is set to
"sub2.domain.com" and "sub1.sub2.domain.com".
TEST: 10) Verify that connection fails if Domain is set to
"sub0.sub1.domain.com" and "otherdomain.com".
TEST: 11) Verify that network configuration cannot be saved, and an
warning message "Must specify a domain" is displayed if Domain
is left blank in the configuration in step 7
TEST: 12) Verify that the "Do not validate" option still appears in the
CA certificate dropdown menu.
Change-Id: I346d4d301305719033b84ec4599bf3d57d9d4ee5
Previously, we did not properly load the "Do not validate"
and "Do not provide" options for the CA certificate and
User certificate EAP network configuration fields respectively
when the user previously selected these options and saved the
configuration.
Fix this by properly checking the saved CA certificate and user
certificate aliases in the saved enterprise config.
BUG: 26686071
Change-Id: If180c611f7210718cfb11c0578545b6f027827b5
TEST: Saved EAP network with the abovementioned options.
TEST: Long-pressed saved network on Wifi menu and selected "Modify Network"
TEST: "Do not validate" and "Do not provide" options are re-loaded.
Add a "domain" field that allows the user to specify a domain
suffix match for an EAP network configuration. This field
will only be available when the user specifies a CA certificate for
an EAP-PEAP, EAP-TLS, or EAP-TTLS network. Under the hood, the
value entered into this field will be passed to WPA supplicant
as the |domain_suffix_match| configuration variable.
BUG: 25180141
Change-Id: Ib69b9519f475e90e40441ddff61c80be43cf624b
TEST: On angler, domain field appears for the EAP-PEAP, EAP-TLS
TEST: and EAP-TTLS networks.
Display an explicit warning in the WiFi configuration menu if
the user selects the option to not validate the EAP server (i.e.
does not provide a CA certificate) in an EAP configuration.
BUG: 26686071
Change-Id: I73620b60defdcf40865f8c67d5de24b5dad636f8
TEST: Warning appears when the abovementioned option is selected.
Add the "Do not validate" and "Do not provide" menu
options for not providing a CA certificate and User certificate
respectively for EAP configurations.
Choosing these options are essentially equivalent to leaving
these fields alone as "(unspecified)" (when that option existed),
but now we require the user to make a conscious choice not to
provide these certificates.
BUG: 26686071
Change-Id: I4b9c07528d6d2ba3eb0787e7cfff69d05dd25679
TEST: Both the added options appear in the relevant menus.
TEST: Choosing both these added options in an EAP-TLS configuration
TEST: allows the configuration to be saved.
Disallow configuring EAP-TLS without a user certificate,
since this is probably an invalid configuration.
Also:
- change the wording of the default option for
EAP CA and user certificates from "(unspecified)" to
"Please select", to make it obvious that a choice
needs to be made to proceed.
- Fix style issues found in WifiConfigController.java by checkstyle.py.
BUG: 26686071
Change-Id: I7ccfdf40db97328e3297a03cc43033ff2428980f
TEST: Save option is grayed out when configuring EAP-TLS network
TEST: while leaving "User Certificate" left at "Please select".
When the admin has set disallow_config_wifi, menu items are not added.
we need to check if the menu items can be added after this fragment is
resumed. And for remove account menuitem, check whether any admin has
disabled management of a specific account type.
Change-Id: I58f5a59fe0614c9bc7068b15f43f89527939359d
Display an explicit warning in the WiFi configuration menu if
the user selects the option to not validate the EAP server (i.e.
does not provide a CA certificate) in an EAP configuration.
BUG: 26686071
Change-Id: I73620b60defdcf40865f8c67d5de24b5dad636f8
TEST: Warning appears when the abovementioned option is selected.
Add the "Do not validate" and "Do not provide" menu
options for not providing a CA certificate and User certificate
respectively for EAP configurations.
Choosing these options are essentially equivalent to leaving
these fields alone as "(unspecified)" (when that option existed),
but now we require the user to make a conscious choice not to
provide these certificates.
BUG: 26686071
Change-Id: I4b9c07528d6d2ba3eb0787e7cfff69d05dd25679
TEST: Both the added options appear in the relevant menus.
TEST: Choosing both these added options in an EAP-TLS configuration
TEST: allows the configuration to be saved.
Disallow configuring EAP-TLS without a user certificate,
since this is probably an invalid configuration.
Also:
- change the wording of the default option for
EAP CA and user certificates from "(unspecified)" to
"Please select", to make it obvious that a choice
needs to be made to proceed.
- Fix style issues found in WifiConfigController.java by checkstyle.py.
BUG: 26686071
Change-Id: I7ccfdf40db97328e3297a03cc43033ff2428980f
TEST: Save option is grayed out when configuring EAP-TLS network
TEST: while leaving "User Certificate" left at "Please select".
SSID with multiple CA certs can only be added programmtically. However it
can still be edited in the UI by long-pressing the item when currently
connected to the network. This change makes sure the UI shows up with
meaningful indications that the SSID is configured with multiple CA certs.
Bug: 22547958
Change-Id: I5d42313efb141db521dd09ff3fbc520915b6fb79
