Add error dialog when secrets are missing.
diff --git a/res/values/strings.xml b/res/values/strings.xml
index b96f3ee..108bd5f 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -1848,6 +1848,7 @@
<string name="vpn_confirm_edit_profile_cancellation">Are you sure you want to discard the changes made to this profile?</string>
<string name="vpn_confirm_reconnect">Unable to connect to the network. Do you want to try again?</string>
<string name="vpn_unknown_server_dialog_msg">Server name cannot be resolved. Do you want to check your server name setting?</string>
+ <string name="vpn_secret_not_set_dialog_msg">One or more secrets are missing in this VPN configuration. Do you want to check your secret setting?</string>
<string name="vpn_auth_error_dialog_msg">The username or password you entered is incorrect. Do you want to try again?</string>
<!-- VPN type selection activity title -->
diff --git a/src/com/android/settings/vpn/VpnSettings.java b/src/com/android/settings/vpn/VpnSettings.java
index 137e420..0dc1719 100644
--- a/src/com/android/settings/vpn/VpnSettings.java
+++ b/src/com/android/settings/vpn/VpnSettings.java
@@ -28,6 +28,7 @@
import android.content.Intent;
import android.content.ServiceConnection;
import android.net.vpn.IVpnService;
+import android.net.vpn.L2tpIpsecProfile;
import android.net.vpn.L2tpIpsecPskProfile;
import android.net.vpn.L2tpProfile;
import android.net.vpn.VpnManager;
@@ -46,6 +47,7 @@
import android.preference.PreferenceManager;
import android.preference.PreferenceScreen;
import android.preference.Preference.OnPreferenceClickListener;
+import android.security.CertTool;
import android.security.Keystore;
import android.text.TextUtils;
import android.util.Log;
@@ -106,6 +108,7 @@
private static final int DIALOG_RECONNECT = 2;
private static final int DIALOG_AUTH_ERROR = 3;
private static final int DIALOG_UNKNOWN_SERVER = 4;
+ private static final int DIALOG_SECRET_NOT_SET = 5;
private static final int NO_ERROR = 0;
@@ -204,6 +207,9 @@
case DIALOG_UNKNOWN_SERVER:
return createUnknownServerDialog();
+ case DIALOG_SECRET_NOT_SET:
+ return createSecretNotSetDialog();
+
default:
return super.onCreateDialog(id);
}
@@ -252,6 +258,19 @@
.create();
}
+ private Dialog createSecretNotSetDialog() {
+ return createCommonDialogBuilder()
+ .setMessage(R.string.vpn_secret_not_set_dialog_msg)
+ .setPositiveButton(R.string.vpn_yes_button,
+ new DialogInterface.OnClickListener() {
+ public void onClick(DialogInterface dialog, int w) {
+ VpnProfile p = mConnectingActor.getProfile();
+ startVpnEditor(p);
+ }
+ })
+ .create();
+ }
+
private AlertDialog.Builder createCommonDialogBuilder() {
return new AlertDialog.Builder(this)
.setTitle(android.R.string.dialog_alert_title)
@@ -639,6 +658,7 @@
mConnectingActor = getActor(p);
mActiveProfile = p;
+ if (!checkSecrets(p)) return;
if (mConnectingActor.isConnectDialogNeeded()) {
showDialog(DIALOG_CONNECT);
} else {
@@ -858,6 +878,65 @@
return NAMESPACE_VPN + "_" + keyName;
}
+ private boolean checkSecrets(VpnProfile p) {
+ Keystore ks = Keystore.getInstance();
+ HashSet<String> secretSet = new HashSet<String>();
+ boolean secretMissing = false;
+
+ if (p instanceof L2tpIpsecProfile) {
+ L2tpIpsecProfile certProfile = (L2tpIpsecProfile) p;
+ CertTool certTool = CertTool.getInstance();
+ Collections.addAll(secretSet, certTool.getAllCaCertificateKeys());
+ String cert = certProfile.getCaCertificate();
+ if (TextUtils.isEmpty(cert) || !secretSet.contains(cert)) {
+ certProfile.setCaCertificate(null);
+ secretMissing = true;
+ }
+
+ secretSet.clear();
+ Collections.addAll(secretSet, certTool.getAllUserCertificateKeys());
+ cert = certProfile.getUserCertificate();
+ if (TextUtils.isEmpty(cert) || !secretSet.contains(cert)) {
+ certProfile.setUserCertificate(null);
+ secretMissing = true;
+ }
+ }
+
+ secretSet.clear();
+ Collections.addAll(secretSet, ks.listKeys(NAMESPACE_VPN));
+
+ if (p instanceof L2tpIpsecPskProfile) {
+ L2tpIpsecPskProfile pskProfile = (L2tpIpsecPskProfile) p;
+ String presharedKey = pskProfile.getPresharedKey();
+ String keyName = KEY_PREFIX_IPSEC_PSK + p.getId();
+ if (TextUtils.isEmpty(presharedKey)
+ || !secretSet.contains(keyName)) {
+ pskProfile.setPresharedKey(null);
+ secretMissing = true;
+ }
+ }
+
+ if (p instanceof L2tpProfile) {
+ L2tpProfile l2tpProfile = (L2tpProfile) p;
+ if (l2tpProfile.isSecretEnabled()) {
+ String secret = l2tpProfile.getSecretString();
+ String keyName = KEY_PREFIX_L2TP_SECRET + p.getId();
+ if (TextUtils.isEmpty(secret)
+ || !secretSet.contains(keyName)) {
+ l2tpProfile.setSecretString(null);
+ secretMissing = true;
+ }
+ }
+ }
+
+ if (secretMissing) {
+ showDialog(DIALOG_SECRET_NOT_SET);
+ return false;
+ } else {
+ return true;
+ }
+ }
+
private void processSecrets(VpnProfile p) {
Keystore ks = Keystore.getInstance();
switch (p.getType()) {