Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_apps_Settings / 4c85639733e78c754033c9c6636c6089aa991828^! / .
commit4c85639733e78c754033c9c6636c6089aa991828[log] [tgz]
authorRobin Lee <rgl@google.com>Thu Dec 17 11:58:24 2015 +0000
committerRobin Lee <rgl@google.com>Tue Jan 05 18:48:46 2016 +0000
treea81f9845bdd3905b81b2bfd43f5b8ea82831c40f
parent949499948a1ab4834d43c1e239478ddcd004593a [diff]
[VPN] save public legacy VPN details publicly

This does not include certificates, private keys etc. which are still
saved in the KeyStore with the encryption the user requested for them.

Makes connecting to lockdown vpn before user unlock possible.

Bug: 26108660
Change-Id: I56c1672c7a41e761c2791584b99900aff51b59e4

diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java
index a6189a9..d145ba3 100644
--- a/src/com/android/settings/vpn2/ConfigDialogFragment.java
+++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java

@@ -107,7 +107,7 @@
         if (button == DialogInterface.BUTTON_POSITIVE) {
             // Update KeyStore entry
             KeyStore.getInstance().put(Credentials.VPN + profile.key, profile.encode(),
-                    KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
+                    KeyStore.UID_SELF, /* flags */ 0);
 
             // Flush out old version of profile
             disconnect(profile);

diff --git a/src/com/android/settings/vpn2/LockdownConfigFragment.java b/src/com/android/settings/vpn2/LockdownConfigFragment.java
index 581b55d..d60cebc 100644
--- a/src/com/android/settings/vpn2/LockdownConfigFragment.java
+++ b/src/com/android/settings/vpn2/LockdownConfigFragment.java

@@ -64,9 +64,6 @@
     }
 
     private static String getStringOrNull(KeyStore keyStore, String key) {
-        if (!keyStore.isUnlocked()) {
-            return null;
-        }
         final byte[] value = keyStore.get(key);
         return value == null ? null : new String(value);
     }
@@ -122,7 +119,7 @@
                         return;
                     }
                     keyStore.put(Credentials.LOCKDOWN_VPN, profile.key.getBytes(),
-                            KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
+                            KeyStore.UID_SELF, /* flags */ 0);
                 }
 
                 // kick profiles since we changed them

diff --git a/src/com/android/settings/vpn2/VpnSettings.java b/src/com/android/settings/vpn2/VpnSettings.java
index 00f6a12..40b05c5 100644
--- a/src/com/android/settings/vpn2/VpnSettings.java
+++ b/src/com/android/settings/vpn2/VpnSettings.java

@@ -456,13 +456,6 @@
     protected static List<VpnProfile> loadVpnProfiles(KeyStore keyStore, int... excludeTypes) {
         final ArrayList<VpnProfile> result = Lists.newArrayList();
 
-        // This might happen if the user does not yet have a keystore. Quietly short-circuit because
-        // no keystore means no VPN configs.
-        if (!keyStore.isUnlocked()) {
-            return result;
-        }
-
-        // We are the only user of profiles in KeyStore so no locks are needed.
         for (String key : keyStore.list(Credentials.VPN)) {
             final VpnProfile profile = VpnProfile.decode(key, keyStore.get(Credentials.VPN + key));
             if (profile != null && !ArrayUtils.contains(excludeTypes, profile.type)) {