Merge "Clear VPN after Clear credentials if VPN is being established"
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 4dcca62..877da58 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -5357,6 +5357,8 @@
<!-- Toast message when there is no network connection to start VPN. [CHAR LIMIT=100] -->
<string name="vpn_no_network">There is no network connection. Please try again later.</string>
+ <!-- Toast message when VPN has disconnected automatically due to Clear credentials. [CHAR LIMIT=NONE] -->
+ <string name="vpn_disconnected">Disconnected from VPN</string>
<!-- Toast message when a certificate is missing. [CHAR LIMIT=100] -->
<string name="vpn_missing_cert">A certificate is missing. Please edit the profile.</string>
diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index eed380b..df3d3e9 100644
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -47,6 +47,7 @@
import com.android.internal.widget.LockPatternUtils;
import com.android.org.bouncycastle.asn1.ASN1InputStream;
import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.settings.vpn2.VpnUtils;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
@@ -361,6 +362,7 @@
if (success) {
Toast.makeText(CredentialStorage.this,
R.string.credentials_erased, Toast.LENGTH_SHORT).show();
+ clearLegacyVpnIfEstablished();
} else {
Toast.makeText(CredentialStorage.this,
R.string.credentials_not_erased, Toast.LENGTH_SHORT).show();
@@ -369,6 +371,14 @@
}
}
+ private void clearLegacyVpnIfEstablished() {
+ boolean isDone = VpnUtils.disconnectLegacyVpn(getApplicationContext());
+ if (isDone) {
+ Toast.makeText(CredentialStorage.this, R.string.vpn_disconnected,
+ Toast.LENGTH_SHORT).show();
+ }
+ }
+
/**
* Prompt for key guard configuration confirmation.
*/
diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java
index 788b9a9..af435f0 100644
--- a/src/com/android/settings/vpn2/ConfigDialogFragment.java
+++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java
@@ -176,9 +176,7 @@
try {
LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId());
if (connected != null && profile.key.equals(connected.key)) {
- VpnUtils.clearLockdownVpn(getContext());
- mService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN,
- UserHandle.myUserId());
+ VpnUtils.disconnectLegacyVpn(getContext());
}
} catch (RemoteException e) {
Log.e(TAG, "Failed to disconnect", e);
diff --git a/src/com/android/settings/vpn2/VpnUtils.java b/src/com/android/settings/vpn2/VpnUtils.java
index 6afa79b..0e9a87e 100644
--- a/src/com/android/settings/vpn2/VpnUtils.java
+++ b/src/com/android/settings/vpn2/VpnUtils.java
@@ -17,8 +17,15 @@
import android.content.Context;
import android.net.ConnectivityManager;
+import android.net.IConnectivityManager;
+import android.os.RemoteException;
+import android.os.ServiceManager;
import android.security.Credentials;
import android.security.KeyStore;
+import android.util.Log;
+
+import com.android.internal.net.LegacyVpnInfo;
+import com.android.internal.net.VpnConfig;
/**
* Utility functions for vpn.
@@ -27,6 +34,8 @@
*/
public class VpnUtils {
+ private static final String TAG = "VpnUtils";
+
public static String getLockdownVpn() {
final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN);
return value == null ? null : new String(value);
@@ -48,4 +57,21 @@
public static boolean isVpnLockdown(String key) {
return key.equals(getLockdownVpn());
}
+
+ public static boolean disconnectLegacyVpn(Context context) {
+ try {
+ int userId = context.getUserId();
+ IConnectivityManager connectivityService = IConnectivityManager.Stub
+ .asInterface(ServiceManager.getService(Context.CONNECTIVITY_SERVICE));
+ LegacyVpnInfo currentLegacyVpn = connectivityService.getLegacyVpnInfo(userId);
+ if (currentLegacyVpn != null) {
+ clearLockdownVpn(context);
+ connectivityService.prepareVpn(null, VpnConfig.LEGACY_VPN, userId);
+ return true;
+ }
+ } catch (RemoteException e) {
+ Log.e(TAG, "Legacy VPN could not be disconnected", e);
+ }
+ return false;
+ }
}